WorldWideScience

Sample records for security classification design

  1. Security classification of information

    Energy Technology Data Exchange (ETDEWEB)

    Quist, A.S.

    1993-04-01

    This document is the second of a planned four-volume work that comprehensively discusses the security classification of information. The main focus of Volume 2 is on the principles for classification of information. Included herein are descriptions of the two major types of information that governments classify for national security reasons (subjective and objective information), guidance to use when determining whether information under consideration for classification is controlled by the government (a necessary requirement for classification to be effective), information disclosure risks and benefits (the benefits and costs of classification), standards to use when balancing information disclosure risks and benefits, guidance for assigning classification levels (Top Secret, Secret, or Confidential) to classified information, guidance for determining how long information should be classified (classification duration), classification of associations of information, classification of compilations of information, and principles for declassifying and downgrading information. Rules or principles of certain areas of our legal system (e.g., trade secret law) are sometimes mentioned to .provide added support to some of those classification principles.

  2. Special nuclear material information, security classification guidance. Instruction

    International Nuclear Information System (INIS)

    Flickinger, A.

    1982-01-01

    The Instruction reissues DoD Instruction 5210.67, July 5, 1979, and provides security classification guidance for information concerning significant quantities of special nuclear material, other than that contained in nuclear weapons and that used in the production of energy in the reactor plant of nuclear-powered ships. Security classification guidance for these data in the latter two applications is contained in Joint DoE/DoD Nuclear Weapons Classification Guide and Joint DoE/DoD Classification Guide for the Naval Nuclear Propulsion Program

  3. Information Systems Security Management: A Review and a Classification of the ISO Standards

    Science.gov (United States)

    Tsohou, Aggeliki; Kokolakis, Spyros; Lambrinoudakis, Costas; Gritzalis, Stefanos

    The need for common understanding and agreement of functional and non-functional requirements is well known and understood by information system designers. This is necessary for both: designing the "correct" system and achieving interoperability with other systems. Security is maybe the best example of this need. If the understanding of the security requirements is not the same for all involved parties and the security mechanisms that will be implemented do not comply with some globally accepted rules and practices, then the system that will be designed will not necessarily achieve the desired security level and it will be very difficult to securely interoperate with other systems. It is therefore clear that the role and contribution of international standards to the design and implementation of security mechanisms is dominant. In this paper we provide a state of the art review on information security management standards published by the International Organization for Standardization and the International Electrotechnical Commission. Such an analysis is meaningful to security practitioners for an efficient management of information security. Moreover, the classification of the standards in the clauses of ISO/IEC 27001:2005 that results from our analysis is expected to provide assistance in dealing with the plethora of security standards.

  4. Design and implementation based on the classification protection vulnerability scanning system

    International Nuclear Information System (INIS)

    Wang Chao; Lu Zhigang; Liu Baoxu

    2010-01-01

    With the application and spread of the classification protection, Network Security Vulnerability Scanning should consider the efficiency and the function expansion. It proposes a kind of a system vulnerability from classification protection, and elaborates the design and implementation of a vulnerability scanning system based on vulnerability classification plug-in technology and oriented classification protection. According to the experiment, the application of classification protection has good adaptability and salability with the system, and it also approves the efficiency of scanning. (authors)

  5. Multilevel classification of security concerns in cloud computing

    Directory of Open Access Journals (Sweden)

    Syed Asad Hussain

    2017-01-01

    Full Text Available Threats jeopardize some basic security requirements in a cloud. These threats generally constitute privacy breach, data leakage and unauthorized data access at different cloud layers. This paper presents a novel multilevel classification model of different security attacks across different cloud services at each layer. It also identifies attack types and risk levels associated with different cloud services at these layers. The risks are ranked as low, medium and high. The intensity of these risk levels depends upon the position of cloud layers. The attacks get more severe for lower layers where infrastructure and platform are involved. The intensity of these risk levels is also associated with security requirements of data encryption, multi-tenancy, data privacy, authentication and authorization for different cloud services. The multilevel classification model leads to the provision of dynamic security contract for each cloud layer that dynamically decides about security requirements for cloud consumer and provider.

  6. CLASSIFICATION OF THREATS OF ECONOMIC SECURITY OF TAJIKISTAN

    Directory of Open Access Journals (Sweden)

    Blinichkina N. Yu.

    2016-06-01

    Full Text Available Ensuring of the state economic security suggests the fight against threats to such security. At the same time it is extremely important, firstly, to understand the essence of a threat to economic security and, secondly, to identify the common characteristics of threats allowing to systematize them and to determine the necessary measures to neutralize them on this basis. The traditional approach offers a classification of economic security threats depending on areas of their origin but it is impossible to determine the gravity of the threat to the economy and ways of neutralizing it.In this context we propose allocation of the economic threats to five groups depends on a number of characteristics that determine the level of their negative impact to the economy. Such classification of threats to economic security of Tajikistan helped to determine neutralization of which of them requires outside support, what requires priority within the framework of the strategy of economic security and national economic policy, and what does not require serious government efforts and may be neutralized automatically during neutralization of the other threats.

  7. Organizational information assets classification model and security architecture methodology

    Directory of Open Access Journals (Sweden)

    Mostafa Tamtaji

    2015-12-01

    Full Text Available Today's, Organizations are exposed with huge and diversity of information and information assets that are produced in different systems shuch as KMS, financial and accounting systems, official and industrial automation sysytems and so on and protection of these information is necessary. Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and released.several benefits of this model cuses that organization has a great trend to implementing Cloud computing. Maintaining and management of information security is the main challenges in developing and accepting of this model. In this paper, at first, according to "design science research methodology" and compatible with "design process at information systems research", a complete categorization of organizational assets, including 355 different types of information assets in 7 groups and 3 level, is presented to managers be able to plan corresponding security controls according to importance of each groups. Then, for directing of organization to architect it’s information security in cloud computing environment, appropriate methodology is presented. Presented cloud computing security architecture , resulted proposed methodology, and presented classification model according to Delphi method and expers comments discussed and verified.

  8. Interagency Security Classification Appeals Panel (ISCAP) Decisions

    Data.gov (United States)

    National Archives and Records Administration — This online collection includes documents decided upon by the Interagency Security Classification Appeals Panel (ISCAP) starting in Fiscal Year 2012. The documents...

  9. A Novel Computer Virus Propagation Model under Security Classification

    Directory of Open Access Journals (Sweden)

    Qingyi Zhu

    2017-01-01

    Full Text Available In reality, some computers have specific security classification. For the sake of safety and cost, the security level of computers will be upgraded with increasing of threats in networks. Here we assume that there exists a threshold value which determines when countermeasures should be taken to level up the security of a fraction of computers with low security level. And in some specific realistic environments the propagation network can be regarded as fully interconnected. Inspired by these facts, this paper presents a novel computer virus dynamics model considering the impact brought by security classification in full interconnection network. By using the theory of dynamic stability, the existence of equilibria and stability conditions is analysed and proved. And the above optimal threshold value is given analytically. Then, some numerical experiments are made to justify the model. Besides, some discussions and antivirus measures are given.

  10. Securing classification and regulatory approval for deepwater projects: management challenges in a global environment

    Energy Technology Data Exchange (ETDEWEB)

    Feijo, Luiz P.; Burton, Gareth C. [American Bureau of Shipping (ABS), Rio de Janeiro, RJ (Brazil)

    2008-07-01

    As the offshore industry continues to develop and move into increasingly deeper waters, technological boundaries are being pushed to new limits. Along with these advances, the design, fabrication and installation of deepwater oil and gas projects has become an increasingly global endeavor. After providing an overview of the history and role of Classification Societies, this paper reviews the challenges of securing classification and regulatory approval in a global environment. Operational, procedural and technological changes which one Classification Society; the American Bureau of Shipping, known as ABS, has implemented to address these challenges are presented. The result of the changes has been a more customized service aiming at faster and more streamlined classification approval process. (author)

  11. A Classification Method of Technical Security Controls for Digital I and C Systems in NPPs

    International Nuclear Information System (INIS)

    Song, J. G.; Lee, J. W.; Park, G. Y.; Kwon, K. C.; Lee, D. Y.; Lee, C. K.

    2012-01-01

    The instrumentation and control (I and C) systems in nuclear power plants (NPPs) are a key facility to monitor plant state, control plant devices, and prevent accidents. Recent I and C systems have been composed of digital systems in order to enhance the effectiveness of operation and maintenance of NPPs. An assessment method for the analysis of security controls is needed to respond to potential cyber attacks against digital I and C systems. RG 5.71 'Cyber Security Programs for Nuclear Facilities' published by U.S.NRC in 2010 presents a comprehensive set of security controls for NPPs. Although this document provides the requirements of security controls, a guidance describing which security controls should be applied to specific digital assets and how to implement them is still needed for the I and C system design and development. In this paper, a classification method of the technical security controls listed in RG 5.71 is proposed to provide a guide useful for the application of the controls during the design and implementation phases of I and C systems

  12. A Classification Method of Technical Security Controls for Digital I and C Systems in NPPs

    Energy Technology Data Exchange (ETDEWEB)

    Song, J. G.; Lee, J. W.; Park, G. Y.; Kwon, K. C.; Lee, D. Y.; Lee, C. K. [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

    2012-05-15

    The instrumentation and control (I and C) systems in nuclear power plants (NPPs) are a key facility to monitor plant state, control plant devices, and prevent accidents. Recent I and C systems have been composed of digital systems in order to enhance the effectiveness of operation and maintenance of NPPs. An assessment method for the analysis of security controls is needed to respond to potential cyber attacks against digital I and C systems. RG 5.71 'Cyber Security Programs for Nuclear Facilities' published by U.S.NRC in 2010 presents a comprehensive set of security controls for NPPs. Although this document provides the requirements of security controls, a guidance describing which security controls should be applied to specific digital assets and how to implement them is still needed for the I and C system design and development. In this paper, a classification method of the technical security controls listed in RG 5.71 is proposed to provide a guide useful for the application of the controls during the design and implementation phases of I and C systems

  13. 41 CFR 105-62.101 - Security classification categories.

    Science.gov (United States)

    2010-07-01

    ... three categories: Namely, Top Secret, Secret, or Confidential, depending on its degree of significance... provided by statute. The three classification categories are defined as follows: (a) Top Secret. Top Secret... with the utmost restraint. (b) Secret. Secret refers to that national security information or material...

  14. Budget Elements of Economic Security: Specifics of Classification

    Directory of Open Access Journals (Sweden)

    О. S.

    2017-02-01

    Full Text Available Theoretical aspects of economic security in conjunction with budget components such as “budget interests” and “budget necessities” are analyzed. Key positions of the categories “budget interests” and “budget necessities” in the theory of economic security in the budgetary area are substantiated given their priority role in setting up its implementation strategy. The category “budget interests” is defined as the system of budget necessities of the interest holders, implemented through budget activities of entities and aimed at seeking benefits through the budget, in order to guarantee functioning and development of the society, the state, legal entities and physical persons. “Budget necessities” are defined as the need in budget funds to achieve and sustain, at a certain level, life activities of individuals, social groups, society, state and legal entities. Classification of budget interests by various criteria is made in the context of their impact on the economic security of the state. It is demonstrated that the four-tier classification of the budget interests by interest holder is essential to guaranteeing economic security in the budgetary area: budget interests of the state: the interests held by central and local power offices; budget interests of legal entities: the interests of profit and non-profit (public, budgetary, party and other organizations; budget interests of individuals: basic necessities of individuals, met by budget transfers, which stand out of the array of public necessities by their individual character.

  15. Design and Implementation of Wiki Services in a Multilevel Secure Environment

    National Research Council Canada - National Science Library

    Ong, Kar L

    2007-01-01

    The Monterey Security Architecture (MYSEA) provides a distributed multilevel secure networking environment where authenticated users can securely access data and services at different security classification levels...

  16. 48 CFR 53.303-DD-254 - Department of Defense DD Form 254, Contract Security Classification Specification.

    Science.gov (United States)

    2010-10-01

    ... 48 Federal Acquisition Regulations System 2 2010-10-01 2010-10-01 false Department of Defense DD Form 254, Contract Security Classification Specification. 53.303-DD-254 Section 53.303-DD-254 Federal... Illustrations of Forms 53.303-DD-254 Department of Defense DD Form 254, Contract Security Classification...

  17. Applying Topographic Classification, Based on the Hydrological Process, to Design Habitat Linkages for Climate Change

    Directory of Open Access Journals (Sweden)

    Yongwon Mo

    2017-11-01

    Full Text Available The use of biodiversity surrogates has been discussed in the context of designing habitat linkages to support the migration of species affected by climate change. Topography has been proposed as a useful surrogate in the coarse-filter approach, as the hydrological process caused by topography such as erosion and accumulation is the basis of ecological processes. However, some studies that have designed topographic linkages as habitat linkages, so far have focused much on the shape of the topography (morphometric topographic classification with little emphasis on the hydrological processes (generic topographic classification to find such topographic linkages. We aimed to understand whether generic classification was valid for designing these linkages. First, we evaluated whether topographic classification is more appropriate for describing actual (coniferous and deciduous and potential (mammals and amphibians habitat distributions. Second, we analyzed the difference in the linkages between the morphometric and generic topographic classifications. The results showed that the generic classification represented the actual distribution of the trees, but neither the morphometric nor the generic classification could represent the potential animal distributions adequately. Our study demonstrated that the topographic classes, according to the generic classification, were arranged successively according to the flow of water, nutrients, and sediment; therefore, it would be advantageous to secure linkages with a width of 1 km or more. In addition, the edge effect would be smaller than with the morphometric classification. Accordingly, we suggest that topographic characteristics, based on the hydrological process, are required to design topographic linkages for climate change.

  18. Experiencing Security in Interaction Design

    DEFF Research Database (Denmark)

    Mathiasen, Niels Raabjerg; Bødker, Susanne

    2011-01-01

    Security is experienced differently in different contexts. This paper argues that in everyday situations, users base their security decisions on a mix of prior experiences. When approaching security and interaction design from an experience approach, tools that help bring out such relevant...... experiences for design are needed. This paper reports on how Prompted exploration workshops and Acting out security were developed to target such experiences when iteratively designing a mobile digital signature solution in a participatory design process. We discuss how these tools helped the design process...... and illustrate how the tangibility of such tools matters. We further demonstrate how the approach grants access to non-trivial insights into people's security experience. We point out how the specific context is essential for exploring the space between experience and expectations, and we illustrate how people...

  19. AP1000 Design for Security

    International Nuclear Information System (INIS)

    Long, L.B.; Cummins, W.E.; Winters, J.W.

    2006-01-01

    Nuclear power plants are protected from potential security threats through a combination of robust structures around the primary system and other vital equipment, security systems and equipment, and defensive strategy. The overall objective for nuclear power plant security is to protect public health and safety by ensuring that attacks or sabotage do not challenge the ability to safely shutdown the plant or protect from radiological releases. In addition, plants have systems, features and operational strategies to cope with external conditions, such as loss of offsite power, which could be created as part of an attack. Westinghouse considered potential security threats during design of the AP1000 PWR. The differences in plant configuration, safety system design, and safe shutdown equipment between existing plants and AP1000 affect potential vulnerabilities. This paper provides an evaluation of AP1000 with respect to vulnerabilities to security threats. The AP1000 design differs from the design of operating PWRs in the US in the configuration and the functional requirements for safety systems. These differences are intentional departures from conventional PWR designs which simplify plant design and enhance overall safety. The differences between the AP1000 PWR and conventional PWRs can impact vulnerabilities to security threats. The NRC addressed security concerns as part of their reviews for AP1000 Design Certification, and did not identify any security issues of concern. However, much of the detailed security design information for the AP1000 was deferred to the combined Construction and Operating License (COL) phase as many of the security issues are site-specific. Therefore, NRC review of security issues related to the AP1000 is not necessarily complete. Further, since the AP1000 plant design differs from existing PWRs, it is not obvious that the analyses and assessments prepared for existing plants also apply to the AP1000. We conclude that, overall, the AP1000

  20. Notification: Follow-up Review of EPA’s Classification of National Security Information

    Science.gov (United States)

    Project #OPE-FY15-0057, July 20, 2015. The EPA OIG plans to begin preliminary research on the OARM actions taken to improve policies and procedures related to the classification of national security information.

  1. Development of a security-by-design handbook

    International Nuclear Information System (INIS)

    Olson, David L.; Snell, Mark Kamerer; Iida, Toru; Ochiai, Kazuya; Tanuma, Koji

    2010-01-01

    There is an increasing awareness that efficient and effective nuclear facility design is best achieved when requirements from the 3S disciplines Safety, Safeguards, and Security - are balanced and intrinsic to the facility design. This can be achieved when policy, processes, methods, and technologies are understood and applied in these areas during all phases of the design process. For the purposes of this paper, Security-by-design will be defined as the system level incorporation of the physical protection system (PPS) into a new or retrofitted nuclear power plant (NPP) or nuclear facility (NF) resulting in intrinsic security. Security-by-design can also be viewed as a framework to achieve robust and durable security systems. This paper reports on work performed to date to create a Security-by-Design Handbook, under a bilateral agreement between the United States and Japan, specifically, a review of physical protection principles and best practices, and a decommissioning to better understand where these principles and practices can be applied. This paper describes physical protection principles and best practices to achieve security-by- design that were gathered from International, Japanese, and U.S. sources. Principles are included for achieving security early in the design process where security requirements are typically less costly and easier to incorporate. The paper then describes a generic design process that covers the entire facility lifecycle from scoping and planning of the project to decommissioning and decontamination. Early design process phases, such as conceptual design, offer opportunities to add security features intrinsic to the facility design itself. Later phases, including design engineering and construction, are important for properly integrating security features into a coherent design and for planning for and assuring the proper performance of the security system during the operation and decommissioning of the facility. The paper also

  2. Design evaluaion: pneumatic transport and classification

    International Nuclear Information System (INIS)

    McNair, J.M.

    1979-10-01

    This report describes the evaluation of selected design features of the cold engineering scale pneumatic transport and classification subsystems used in the development of the head-end equipment for HTGR fuel reprocessing. The report identifies areas that require further design effort and evaluation of alternatives prior to the design of the HTGR reference recycle facility (HRRF). Seven areas in the transport subsystem and three in the classification subsystem were selected for evaluation. Seventeen specific recommendations are presented for further design effort

  3. Green Secure Processors: Towards Power-Efficient Secure Processor Design

    Science.gov (United States)

    Chhabra, Siddhartha; Solihin, Yan

    With the increasing wealth of digital information stored on computer systems today, security issues have become increasingly important. In addition to attacks targeting the software stack of a system, hardware attacks have become equally likely. Researchers have proposed Secure Processor Architectures which utilize hardware mechanisms for memory encryption and integrity verification to protect the confidentiality and integrity of data and computation, even from sophisticated hardware attacks. While there have been many works addressing performance and other system level issues in secure processor design, power issues have largely been ignored. In this paper, we first analyze the sources of power (energy) increase in different secure processor architectures. We then present a power analysis of various secure processor architectures in terms of their increase in power consumption over a base system with no protection and then provide recommendations for designs that offer the best balance between performance and power without compromising security. We extend our study to the embedded domain as well. We also outline the design of a novel hybrid cryptographic engine that can be used to minimize the power consumption for a secure processor. We believe that if secure processors are to be adopted in future systems (general purpose or embedded), it is critically important that power issues are considered in addition to performance and other system level issues. To the best of our knowledge, this is the first work to examine the power implications of providing hardware mechanisms for security.

  4. Designing a Secure Point-of-Sale System

    DEFF Research Database (Denmark)

    Sharp, Robin; Pedersen, Allan; Hedegaard, Anders

    2006-01-01

    This paper describes some experiences with using the ''Common Criteria for Information Security Evaluation'' as the basis for a design methodology when designing secure systems. As an example, the design process for a Point-of-Sale (POS) system is described.......This paper describes some experiences with using the ''Common Criteria for Information Security Evaluation'' as the basis for a design methodology when designing secure systems. As an example, the design process for a Point-of-Sale (POS) system is described....

  5. Security-by-design handbook.

    Energy Technology Data Exchange (ETDEWEB)

    Snell, Mark Kamerer; Jaeger, Calvin Dell; Scharmer, Carol; Jordan, Sabina Erteza; Tanuma, Koji [Japan Atomic Energy Agency, Tokai-mura, Ibaraki, Japan; Ochiai, Kazuya [Japan Atomic Energy Agency, Tokai-mura, Ibaraki, Japan; Iida, Toru [Japan Atomic Energy Agency, Tokai-mura, Ibaraki, Japan

    2013-01-01

    This document is a draft SecuritybyDesign (SeBD) handbook produced to support the Work Plan of the Nuclear Security Summit to share best practices for nuclear security in new facility design. The Work Plan calls on States to %E2%80%9Cencourage nuclear operators and architect/engineering firms to take into account and incorporate, where appropriate, effective measures of physical protection and security culture into the planning, construction, and operation of civilian nuclear facilities and provide technical assistance, upon request, to other States in doing so.%E2%80%9D The materials for this document were generated primarily as part of a bilateral project to produce a SeBD handbook as a collaboration between the Japan Atomic Energy Agency (JAEA) Nuclear Nonproliferation Science and Technology Center and Sandia National Laboratories (SNL), which represented the US Department Energy (DOE) National Nuclear Security Administration (NNSA) under a Project Action Sheet PASPP04. Input was also derived based on tours of the Savannah River Site (SRS) and Japan Nuclear Fuel Limited (JNFL) Rokkasho Mixed Oxide Fuel fabrication facilities and associated project lessonslearned. For the purposes of the handbook, SeBD will be described as the systemlevel incorporation of the physical protection system (PPS) into a new nuclear power plant or nuclear facility resulting in a PPS design that minimizes the risk of malicious acts leading to nuclear material theft; nuclear material sabotage; and facility sabotage as much as possible through features inherent in (or intrinsic to) the design of the facility. A fourelement strategy is presented to achieve a robust, durable, and responsive security system.

  6. CC-based Design of Secure Application Systems

    DEFF Research Database (Denmark)

    Sharp, Robin

    2009-01-01

    This paper describes some experiences with using the Common Criteria for Information Security Evaluation as the basis for a design methodology for secure application systems. The examples considered include a Point-of-Sale (POS) system, a wind turbine park monitoring and control system and a secu...... an effective and secure design, starting with the formulation of a Protection Profile and ending with a concrete design, within the project timeframe.......This paper describes some experiences with using the Common Criteria for Information Security Evaluation as the basis for a design methodology for secure application systems. The examples considered include a Point-of-Sale (POS) system, a wind turbine park monitoring and control system and a secure...

  7. EPICS: Channel Access security design

    International Nuclear Information System (INIS)

    Kraimer, M.; Hill, J.

    1994-05-01

    This document presents the design for implementing the requirements specified in: EPICS -- Channel Access Security -- functional requirements, Ned. D. Arnold, 03/09/92. Use of the access security system is described along with a summary of the functional requirements. The programmer's interface is given. Security protocol is described and finally aids for reading the access security code are provided

  8. Security patterns in practice designing secure architectures using software patterns

    CERN Document Server

    Fernandez-Buglioni, Eduardo

    2013-01-01

    Learn to combine security theory and code to produce secure systems Security is clearly a crucial issue to consider during the design and implementation of any distributed software architecture. Security patterns are increasingly being used by developers who take security into serious consideration from the creation of their work. Written by the authority on security patterns, this unique book examines the structure and purpose of security patterns, illustrating their use with the help of detailed implementation advice, numerous code samples, and descriptions in UML. Provides

  9. Design-Efficiency in Security

    DEFF Research Database (Denmark)

    Yuksel, Ender; Nielson, Hanne Riis; Nielson, Flemming

    In this document, we present our applied results on balancing security and performance using a running example, which is based on sensor networks. These results are forming a basis for a new approach to balance security and performance, and therefore provide design-­efficiency of key updates. We...

  10. Threat modeling designing for security

    CERN Document Server

    Shostack, Adam

    2014-01-01

    Adam Shostack is responsible for security development lifecycle threat modeling at Microsoft and is one of a handful of threat modeling experts in the world. Now, he is sharing his considerable expertise into this unique book. With pages of specific actionable advice, he details how to build better security into the design of systems, software, or services from the outset. You'll explore various threat modeling approaches, find out how to test your designs against threats, and learn effective ways to address threats that have been validated at Microsoft and other top companies. Systems secur

  11. Integrated security systems design a complete reference for building enterprise-wide digital security systems

    CERN Document Server

    Norman, Thomas L

    2014-01-01

    Integrated Security Systems Design, 2nd Edition, is recognized as the industry-leading book on the subject of security systems design. It explains how to design a fully integrated security system that ties together numerous subsystems into one complete, highly coordinated, and highly functional system. With a flexible and scalable enterprise-level system, security decision makers can make better informed decisions when incidents occur and improve their operational efficiencies in ways never before possible. The revised edition covers why designing an integrated security system is essential a

  12. Web security a whitehat perspective

    CERN Document Server

    Wu, Hanqing

    2015-01-01

    MY VIEW OF THE SECURITY WORLDView of the IT Security WorldBrief History of Web SecurityBrief History of Chinese HackersDevelopment Process of Hacking TechniquesRise of Web SecurityBlack Hat, White HatBack to Nature: The Essence of Secret SecuritySuperstition: There Is No Silver BulletSecurity Is an Ongoing ProcessSecurity ElementsHow to Implement Safety AssessmentAsset ClassificationThreat AnalysisRisk AnalysisDesign of Security ProgramsArt of War of White HatPrinciples of Secure by DefaultBlacklist, WhitelistPrinciple of Least PrivilegePrinciple of Defense in DepthPrinciples of Data and Code

  13. A Security Level Classification Method for Power Systems under N-1 Contingency

    Directory of Open Access Journals (Sweden)

    Zhigang Lu

    2017-12-01

    Full Text Available Security assessment is crucial for the reliable and secure operation of power systems. This paper proposes a security level classification (SLC method to analyze the security level of power systems both qualitatively and quantitatively. In this SLC method, security levels are graded according to a comprehensive safety index (CSI, which is defined by integrating the system margin index (SMI and load entropy. The SMI depends on the operating load and the total supply capacity (TSC under N-1 contingency, and the load entropy reflects the heterogeneity of load distribution calculated from entropy theory. In order to calculate the TSC under N-1 contingency considering both of the computational accuracy and speed, the TSC is converted into an extended conic quadratic programming (ECQP model. In addition, the load boundary vector (LBV model is established to obtain the capacity limit of each load bus, and thus detect potential risks of power systems. Finally, two modified practical power systems and the IEEE 118-bus test system are studied to validate the feasibility of the proposed SLC method.

  14. 6 CFR 7.26 - Derivative classification.

    Science.gov (United States)

    2010-01-01

    ... 6 Domestic Security 1 2010-01-01 2010-01-01 false Derivative classification. 7.26 Section 7.26 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CLASSIFIED NATIONAL SECURITY INFORMATION Classified Information § 7.26 Derivative classification. (a) Derivative classification is defined...

  15. 12 CFR 568.2 - Designation of security officer.

    Science.gov (United States)

    2010-01-01

    ... 12 Banks and Banking 5 2010-01-01 2010-01-01 false Designation of security officer. 568.2 Section 568.2 Banks and Banking OFFICE OF THRIFT SUPERVISION, DEPARTMENT OF THE TREASURY SECURITY PROCEDURES § 568.2 Designation of security officer. Within 30 days after the effective date of insurance of...

  16. Extracting classification rules from an informatic security incidents repository by genetic programming

    Directory of Open Access Journals (Sweden)

    Carlos Javier Carvajal Montealegre

    2015-04-01

    Full Text Available This paper describes the data mining process to obtain classification rules over an information security incident data collection, explaining in detail the use of genetic programming as a mean to model the incidents behavior and representing such rules as decision trees. The described mining process includes several tasks, such as the GP (Genetic Programming approach evaluation, the individual's representation and the algorithm parameters tuning to upgrade the performance. The paper concludes with the result analysis and the description of the rules obtained, suggesting measures to avoid the occurrence of new informatics attacks. This paper is a part of the thesis work degree: Information Security Incident Analytics by Data Mining for Behavioral Modeling and Pattern Recognition (Carvajal, 2012.

  17. 5 CFR 1312.7 - Derivative classification.

    Science.gov (United States)

    2010-01-01

    ..., DOWNGRADING, DECLASSIFICATION AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION Classification and Declassification of National Security Information § 1312.7 Derivative classification. A derivative classification... 5 Administrative Personnel 3 2010-01-01 2010-01-01 false Derivative classification. 1312.7 Section...

  18. Advanced topics in security computer system design

    International Nuclear Information System (INIS)

    Stachniak, D.E.; Lamb, W.R.

    1989-01-01

    The capability, performance, and speed of contemporary computer processors, plus the associated performance capability of the operating systems accommodating the processors, have enormously expanded the scope of possibilities for designers of nuclear power plant security computer systems. This paper addresses the choices that could be made by a designer of security computer systems working with contemporary computers and describes the improvement in functionality of contemporary security computer systems based on an optimally chosen design. Primary initial considerations concern the selection of (a) the computer hardware and (b) the operating system. Considerations for hardware selection concern processor and memory word length, memory capacity, and numerous processor features

  19. Secure wireless embedded systems via component-based design

    DEFF Research Database (Denmark)

    Hjorth, T.; Torbensen, R.

    2010-01-01

    This paper introduces the method secure-by-design as a way of constructing wireless embedded systems using component-based modeling frameworks. This facilitates design of secure applications through verified, reusable software. Following this method we propose a security framework with a secure c......, with full support for confidentiality, authentication, and integrity using keypairs. The approach has been demonstrated in a multi-platform home automation prototype that can remotely unlock a door using a PDA over the Internet....

  20. Security Modeling on the Supply Chain Networks

    Directory of Open Access Journals (Sweden)

    Marn-Ling Shing

    2007-10-01

    Full Text Available In order to keep the price down, a purchaser sends out the request for quotation to a group of suppliers in a supply chain network. The purchaser will then choose a supplier with the best combination of price and quality. A potential supplier will try to collect the related information about other suppliers so he/she can offer the best bid to the purchaser. Therefore, confidentiality becomes an important consideration for the design of a supply chain network. Chen et al. have proposed the application of the Bell-LaPadula model in the design of a secured supply chain network. In the Bell-LaPadula model, a subject can be in one of different security clearances and an object can be in one of various security classifications. All the possible combinations of (Security Clearance, Classification pair in the Bell-LaPadula model can be thought as different states in the Markov Chain model. This paper extends the work done by Chen et al., provides more details on the Markov Chain model and illustrates how to use it to monitor the security state transition in the supply chain network.

  1. 17 CFR 200.506 - Derivative classification.

    Science.gov (United States)

    2010-04-01

    ... 17 Commodity and Securities Exchanges 2 2010-04-01 2010-04-01 false Derivative classification. 200.506 Section 200.506 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION ORGANIZATION; CONDUCT AND ETHICS; AND INFORMATION AND REQUESTS Classification and Declassification of National Security...

  2. Internet of Things Security: Layered classification of attacks and possible Countermeasures

    Directory of Open Access Journals (Sweden)

    Otmane El Mouaatamid

    2016-12-01

    Full Text Available Nowadays, the internet of things (IoT presents a strong focus of research with various initiatives working on the application, and usage of Internet standards in the IoT. But the big challenge of the internet of things is security. In this paper a layered classification and a goal based comparison of attacks in the IoT are presented so that a better understanding of IoT attacks can be achieved and subsequently more efficient and effective techniques and procedures to combat these attacks may be developed

  3. Implementation Support of Security Design Patterns Using Test Templates

    Directory of Open Access Journals (Sweden)

    Masatoshi Yoshizawa

    2016-06-01

    Full Text Available Security patterns are intended to support software developers as the patterns encapsulate security expert knowledge. However, these patterns may be inappropriately applied because most developers are not security experts, leading to threats and vulnerabilities. Here we propose a support method for security design patterns in the implementation phase of software development. Our method creates a test template from a security design pattern, consisting of an “aspect test template” to observe the internal processing and a “test case template”. Providing design information creates a test from the test template with a tool. Because our test template is reusable, it can easily perform a test to validate a security design pattern. In an experiment involving four students majoring in information sciences, we confirm that our method can realize an effective test, verify pattern applications, and support pattern implementation.

  4. Privacy Information Security Classification for Internet of Things Based on Internet Data

    OpenAIRE

    Lu, Xiaofeng; Qu, Zhaowei; Li, Qi; Hui, Pan

    2015-01-01

    A lot of privacy protection technologies have been proposed, but most of them are independent and aim at protecting some specific privacy. There is hardly enough deep study into the attributes of privacy. To minimize the damage and influence of the privacy disclosure, the important and sensitive privacy should be a priori preserved if all privacy pieces cannot be preserved. This paper focuses on studying the attributes of the privacy and proposes privacy information security classification (P...

  5. Task team approach to safeguards and security designs

    International Nuclear Information System (INIS)

    Zack, N.R.; Wilkey, D.D.

    1991-01-01

    In 1987, a U.S. department of Energy (DOE) supported task team was organized at the request of the DOE Idaho Field Office (DOE-ID) to provide support for safeguards and security (S and S) designs of the Special Isotope Separation (SIS) facility. Prior to deferral of the project, the SIS facility was to be constructed at the Idaho National Engineering Laboratory (INEL) to produce weapons grade plutonium from DOE owned fuel grade plutonium. The task team was assembled to provide the resources necessary to assure that S and S considerations were included as an integral part of the design of the facility, and that SIS designs would take advantage of available technology in the areas of physical security, measurements, accountability, and material and personnel tracking. The task team included personnel from DOE/Office of Safeguards and Security (DOE-OSS), DOE-ID, DOE contractors, and the national laboratories providing a wide range of expertise and experience. This paper reports that the team reviewed proposed designs and provided recommendations for safeguards and security features in each stage of the design process. The value of this approach to safeguards and security designs will be discussed with respect to benefits, lessons learned, and recommendations for future applications

  6. Aspect-oriented security hardening of UML design models

    CERN Document Server

    Mouheb, Djedjiga; Pourzandi, Makan; Wang, Lingyu; Nouh, Mariam; Ziarati, Raha; Alhadidi, Dima; Talhi, Chamseddine; Lima, Vitor

    2015-01-01

    This book comprehensively presents a novel approach to the systematic security hardening of software design models expressed in the standard UML language. It combines model-driven engineering and the aspect-oriented paradigm to integrate security practices into the early phases of the software development process. To this end, a UML profile has been developed for the specification of security hardening aspects on UML diagrams. In addition, a weaving framework, with the underlying theoretical foundations, has been designed for the systematic injection of security aspects into UML models. The

  7. Integrating Safeguards and Security with Safety into Design

    International Nuclear Information System (INIS)

    Bean, Robert S.; Hockert, John W.; Hebditch, David J.

    2009-01-01

    There is a need to minimize security risks, proliferation hazards, and safety risks in the design of new nuclear facilities in a global environment of nuclear power expansion, while improving the synergy of major design features and raising operational efficiency. In 2008, the U.S. Department of Energy (DOE), National Nuclear Security Administration (NNSA) launched the Next Generation Safeguards Initiative (NGSI) covering many safeguards areas. One of these, launched by NNSA with support of the DOE Office of Nuclear Energy, was a multi-laboratory project, led by the Idaho National Laboratory (INL), to develop safeguards by design. The proposed Safeguards-by-Design (SBD) process has been developed as a structured approach to ensure the timely, efficient, and cost effective integration of international safeguards and other nonproliferation barriers with national material control and accountability, physical security, and safety objectives into the overall design process for the nuclear facility lifecycle. A graded, iterative process was developed to integrate these areas throughout the project phases. It identified activities, deliverables, interfaces, and hold points covering both domestic regulatory requirements and international safeguards using the DOE regulatory environment as exemplar to provide a framework and guidance for project management and integration of safety with security during design. Further work, reported in this paper, created a generalized SBD process which could also be employed within the licensed nuclear industry and internationally for design of new facilities. Several tools for integrating safeguards, safety, and security into design are discussed here. SBD appears complementary to the EFCOG TROSSI process for security and safety integration created in 2006, which focuses on standardized upgrades to enable existing DOE facilities to meet a more severe design basis threat. A collaborative approach is suggested.

  8. 5 CFR 1312.3 - Classification requirements.

    Science.gov (United States)

    2010-01-01

    ..., DOWNGRADING, DECLASSIFICATION AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION Classification and Declassification of National Security Information § 1312.3 Classification requirements. United States citizens must...; (5) Scientific, technological, or economic matters relating to the national security; (6) United...

  9. 10 CFR 1045.17 - Classification levels.

    Science.gov (United States)

    2010-01-01

    ...) Top Secret. The Director of Classification shall classify RD information Top Secret if it is vital to... exceptionally grave damage to the national security. Examples of RD information that warrant Top Secret... comprehensive to warrant designation as Top Secret. Examples of RD information that warrant Secret...

  10. Fundamentals of IP and SoC security design, verification, and debug

    CERN Document Server

    Ray, Sandip; Sur-Kolay, Susmita

    2017-01-01

    This book is about security in embedded systems and it provides an authoritative reference to all aspects of security in system-on-chip (SoC) designs. The authors discuss issues ranging from security requirements in SoC designs, definition of architectures and design choices to enforce and validate security policies, and trade-offs and conflicts involving security, functionality, and debug requirements. Coverage also includes case studies from the “trenches” of current industrial practice in design, implementation, and validation of security-critical embedded systems. Provides an authoritative reference and summary of the current state-of-the-art in security for embedded systems, hardware IPs and SoC designs; Takes a "cross-cutting" view of security that interacts with different design and validation components such as architecture, implementation, verification, and debug, each enforcing unique trade-offs; Includes high-level overview, detailed analysis on implementation, and relevant case studies on desi...

  11. Department of energy defense programs perspectives on safeguards, security, and classification

    International Nuclear Information System (INIS)

    Eyck, E.Q.T.

    1989-01-01

    This paper discusses why national and international safeguards and the protection of sensitive information are important to the United States and to other nations. It demonstrates that while the opposite consequence appears logical these functions will probably become even more important if the major powers agree on further arms reductions. Some of the steps taken by the U.S. Department of Energy to improve the effectiveness of its safeguards, security, and classification programs are reviewed. The valuable contributions in these areas since 1968 and 1976, respectively by the Technical Support Organization and the International Safeguards Project Offoce at Brookhaven are noted

  12. Design for Security Workshop

    Science.gov (United States)

    2014-09-30

    plane sees such message, it takes action to re-direct data Design for Security - S. LEEF, July, 201425 Router image source: Cisco web site Carrier of...Confidential Material T3S Status • Engaging/ recruiting additional members & partners  In discussion with other semiconductor companies; network & other

  13. Systems Engineering Approach for Conceptual Design of Frigate

    Science.gov (United States)

    2015-09-01

    NUMBER OF PAGES 109 16. PRICE CODE 17. SECURITY CLASSIFICATION OF REPORT Unclassified 18. SECURITY CLASSIFICATION OF THIS PAGE Unclassified 19...a higher price . 47 VI. CONCLUSION AND RECOMMENDATIONS At times during designing naval ships, ship designers lose sight of the overall big...launch of 50 surface- skimming , anti- ship cruise missiles. The incoming missiles (RedFire) can be detected by a ship’s surveillance radar at a

  14. Security-aware design for cyber-physical systems a platform-based approach

    CERN Document Server

    Lin, Chung-Wei

    2017-01-01

    Addressing the rising security issues during the design stages of cyber-physical systems, this book develops a systematic approach to address security at early design stages together with all other design constraints. Cyber-attacks become more threatening as systems are becoming more connected with the surrounding environment, infrastructures, and other systems. Security mechanisms can be designed to protect against attacks and meet security requirements, but there are many challenges of applying security mechanisms to cyber-physical systems including open environments, limited resources, strict timing requirements, and large number of devices. Designed for researchers and professionals, this book is valuable for individuals working in network systems, security mechanisms, and system design. It is also suitable for advanced-level students of computer science. .

  15. 6 CFR 7.22 - Classification pending review.

    Science.gov (United States)

    2010-01-01

    ... 6 Domestic Security 1 2010-01-01 2010-01-01 false Classification pending review. 7.22 Section 7.22 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CLASSIFIED NATIONAL SECURITY INFORMATION Classified Information § 7.22 Classification pending review. (a) Whenever persons who do not have...

  16. 44 CFR 8.2 - Original classification authority.

    Science.gov (United States)

    2010-10-01

    ... information originally as TOP SECRET, as designated by the President in the Federal Register, Vol 47, No. 91...)(2), E.O. 12356, the following positions have been delegated ORIGINAL TOP SECRET CLASSIFICATION... Preparedness Directorate (3) Director, Office of Security (c) The positions delegated original Top Secret...

  17. Security-by-design approach of the KALIMER 600 SFR plant

    International Nuclear Information System (INIS)

    So, Dong Sup; Lee, Yong Bum

    2012-01-01

    Security measures as well as safety and safeguards measures should be incorporated and addressed early in the design process to enhance the cost effectiveness of a PPS (Physical Protection System). Safety, security, operations, and safeguards design teams and regulators need to be flexible and perform 'trade studies' on the available options. In this paper, SBD (Security by Design) measures in the design phase of the KALIMER 600 SFR (Sodium Cooled Reactor) plant are identified and discussed qualitatively

  18. Classification of male lower torso for underwear design

    Science.gov (United States)

    Cheng, Z.; Kuzmichev, V. E.

    2017-10-01

    By means of scanning technology we have got new information about the morphology of male bodies and have redistricted the classification of men’s underwear by adopting one to consumer demands. To build the new classification in accordance with male body characteristic factors of lower torso, we make the method of underwear designing which allow to get the accurate and convenience for consumers products.

  19. Intrinsic information Security: Embedding security issues in the design process of telematics systems

    NARCIS (Netherlands)

    Tettero, Olaf; Tettero, O.

    This book presents a systematic approach to embed information security issues in the design process of telematics systems. The approach supports both designers and user organisations. We elaborate on the activities that designers should perform to design telematics systems in which information

  20. Regulatory use the classification security systems of I and C in VVER type reactors

    International Nuclear Information System (INIS)

    Ilizastegui Perez, F.

    1998-01-01

    Presently work the author proposes a classification to the system I and C to the VVER 440 type reactor in categories the regulatory control with a view to establishing the degree to the attention that the regulator should pay to these systems, leaving the importance that have the same ones for the security the installation, during the execution the works that are carried out with this equipment in the stages construction, setting in service and exploitation

  1. 18 CFR 3a.51 - Designation of security officers.

    Science.gov (United States)

    2010-04-01

    ... Top Secret Control Officer and Security Officer for classified material for the Federal Power Commission. The Director, OAO, will designate alternate Top Secret Control Officers and alternated Security... the duties for which the Top Secret Control Officer and Security Officer is responsible. As used...

  2. Security By Design

    OpenAIRE

    Tanner, M. James

    2009-01-01

    Securing a computer from unwanted intrusion requires astute planning and effort to effectively minimize the security invasions computers are plagued with today. While all of the efforts to secure a computer are needed, it seems that the underlying issue of what is being secured has been overlooked. The operating system is at the core of the security issue. Many applications and devices have been put into place to add layers of protection to an already weak operating system. Security did not u...

  3. EXAMINATION OF SECURITY EVENTS AS DBEs FOR MGDS IMPORTANT TO SAFETY SSCs

    International Nuclear Information System (INIS)

    J.M. Hartsell

    1998-01-01

    A portion of the safeguards and security system for the Mined Geologic Disposal System (MGDS) has been identified as QA-1 based on the classification of structures, systems, and components (SSCs) performed in accordance with QAP-2-3, ''Classification of Permanent Items'' (Reference 5.2). The classification analysis, ''Classification of the Preliminary MGDS Repository Design'' (Reference 5.9), identifies the ''Safeguards Material Control and Accountability'' system as a QA-1 SSC based on the identification of unauthorized intrusion, sabotage, theft, and diversion as potential Design Basis Events (DBEs). The purpose of this analysis is to provide justification to eliminate these events as DBEs for the MGDS based on a review of the Codes of Federal Regulation (CFRs) for geologic repositories (10 CFR 60), commercial reactor facilities (10 CFR 50), independent spent fuel storage installations (ISFSIs) and monitored retrievable storage (MRS) installations (10 CFR 72), and other relevant guidance documents in an effort to clarify that security events should not be considered in the QA design process of important to safety SSCs for the MGDS. The MGDS is a first of a kind geologic repository and no licensing precedent has been established for this type of facility

  4. Software Design Level Security Vulnerabilities

    OpenAIRE

    S. Rehman; K. Mustafa

    2011-01-01

    Several thousand software design vulnerabilities have been reported through established databases. But they need to be structured and classified to be optimally usable in the pursuit of minimal and effective mitigation mechanism. In order we developed a criterion set for a communicative description of the same to serve the purpose as a taxonomic description of security vulnerabilities, arising in the design phase of Software development lifecycle. This description is a part of an effort to id...

  5. Design Methodologies for Secure Embedded Systems

    CERN Document Server

    Biedermann, Alexander

    2011-01-01

    Embedded systems have been almost invisibly pervading our daily lives for several decades. They facilitate smooth operations in avionics, automotive electronics, or telecommunication. New problems arise by the increasing employment, interconnection, and communication of embedded systems in heterogeneous environments: How secure are these embedded systems against attacks or breakdowns? Therefore, how can embedded systems be designed to be more secure? And how can embedded systems autonomically react to threats? Facing these questions, Sorin A. Huss is significantly involved in the exploration o

  6. 46 CFR 503.55 - Derivative classification.

    Science.gov (United States)

    2010-10-01

    ... Security Program § 503.55 Derivative classification. (a) In accordance with Part 2 of Executive Order 12958 and directives of the Information Security Oversight Office, the incorporation, paraphrasing... 46 Shipping 9 2010-10-01 2010-10-01 false Derivative classification. 503.55 Section 503.55...

  7. 32 CFR 2001.15 - Classification guides.

    Science.gov (United States)

    2010-07-01

    ... 32 National Defense 6 2010-07-01 2010-07-01 false Classification guides. 2001.15 Section 2001.15..., NATIONAL ARCHIVES AND RECORDS ADMINISTRATION CLASSIFIED NATIONAL SECURITY INFORMATION Classification § 2001.15 Classification guides. (a) Preparation of classification guides. Originators of classification...

  8. 32 CFR 2700.22 - Classification guides.

    Science.gov (United States)

    2010-07-01

    ... SECURITY INFORMATION REGULATIONS Derivative Classification § 2700.22 Classification guides. OMSN shall... direct derivative classification, shall identify the information to be protected in specific and uniform...

  9. Using QA classification to guide design and manage risk

    International Nuclear Information System (INIS)

    Lathrop, J.; DeKlever, R.; Petrie, E.H.

    1993-01-01

    Raytheon Services Nevada has developed a classification process based on probabilistic risk assessment, using accident/impact scenarios for each system classified. Initial classification analyses were performed for the 20 systems of Package IA of the Exploratory Studies Facility (ESF). The analyses demonstrated a solid, defensible methodological basis for classification which minimizes the use of direct engineering judgment. They provide guidance for ESF design and risk management through the identification of: The critical characteristics of each system that need to be controlled; and the parts of the information base that most need to be further developed through performance assessment or other efforts

  10. Secure Block Ciphers - Cryptanalysis and Design

    DEFF Research Database (Denmark)

    Tiessen, Tyge

    be applied to the AES can be transferred to this block cipher, albeit with a higher attack complexity. The second publication introduces a new block cipher family which is targeted for new applications in fully homomorphic encryption and multi-party computation. We demonstrate the soundness of the design...... is encrypted using so-called symmetric ciphers. The security of our digital infrastructure thus rests at its very base on their security. The central topic of this thesis is the security of block ciphers – the most prominent form of symmetric ciphers. This thesis is separated in two parts. The first part...... is an introduction to block ciphers and their cryptanalysis, the second part contains publications written and published during the PhD studies. The first publication evaluates the security of a modification of the AES in which the choice of S-box is unknown to the attacker. We find that some of the attacks that can...

  11. Microwave and millimeter-wave remote sensing for security applications

    CERN Document Server

    Nanzer, Jeffrey

    2012-01-01

    Microwave and millimeter-wave remote sensing techniques are fast becoming a necessity in many aspects of security as detection and classification of objects or intruders becomes more difficult. This groundbreaking resource offers you expert guidance in this burgeoning area. It provides you with a thorough treatment of the principles of microwave and millimeter-wave remote sensing for security applications, as well as practical coverage of the design of radiometer, radar, and imaging systems. You learn how to design active and passive sensors for intruder detection, concealed object detection,

  12. 12 CFR 403.4 - Derivative classification.

    Science.gov (United States)

    2010-01-01

    ... SAFEGUARDING OF NATIONAL SECURITY INFORMATION § 403.4 Derivative classification. (a) Use of derivative classification. (1) Unlike original classification which is an initial determination, derivative classification... 12 Banks and Banking 4 2010-01-01 2010-01-01 false Derivative classification. 403.4 Section 403.4...

  13. 6 CFR 17.520 - Job classification and structure.

    Science.gov (United States)

    2010-01-01

    ... 6 Domestic Security 1 2010-01-01 2010-01-01 false Job classification and structure. 17.520 Section 17.520 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY NONDISCRIMINATION... classification and structure. A recipient shall not: (a) Classify a job as being for males or for females; (b...

  14. 45 CFR 601.5 - Derivative classification.

    Science.gov (United States)

    2010-10-01

    ... CLASSIFICATION AND DECLASSIFICATION OF NATIONAL SECURITY INFORMATION § 601.5 Derivative classification. Distinct... 45 Public Welfare 3 2010-10-01 2010-10-01 false Derivative classification. 601.5 Section 601.5... classification guide, need not possess original classification authority. (a) If a person who applies derivative...

  15. Re-designing the PhEDEx security model

    CERN Document Server

    Wildish, Anthony

    2013-01-01

    PhEDEx. the data-placement tool used by the CMS experiment at the LHC, was conceived in a more trusting time. The security model was designed to provide a safe working environment for site agents and operators, but provided little more protection than that. CMS data was not sufficiently protected against accidental loss caused by operator error or software bugs or from loss of data caused by deliberate manipulation of the database. Operations staff were given high levels of access to the database, beyond what should have been needed to accomplish their tasks. This exposed them to the risk of suspicion should an incident occur. Multiple implementations of the security model led to difficulties maintaining code, which can lead to degredation of security over time.In order to meet the simultaneous goals of protecting CMS data, protecting the operators from undue exposure to risk, increasing monitoring capabilities and improving maintainability of the security model, the PhEDEx security model was redesigned and r...

  16. 32 CFR 2400.15 - Classification guides.

    Science.gov (United States)

    2010-07-01

    ... REGULATIONS TO IMPLEMENT E.O. 12356; OFFICE OF SCIENCE AND TECHNOLOGY POLICY INFORMATION SECURITY PROGRAM Derivative Classification § 2400.15 Classification guides. (a) OSTP shall issue and maintain classification guides to facilitate the proper and uniform derivative classification of information. These guides shall...

  17. REAL-TIME INTELLIGENT MULTILAYER ATTACK CLASSIFICATION SYSTEM

    Directory of Open Access Journals (Sweden)

    T. Subbhulakshmi

    2014-01-01

    Full Text Available Intrusion Detection Systems (IDS takes the lion’s share of the current security infrastructure. Detection of intrusions is vital for initiating the defensive procedures. Intrusion detection was done by statistical and distance based methods. A threshold value is used in these methods to indicate the level of normalcy. When the network traffic crosses the level of normalcy then above which it is flagged as anomalous. When there are occurrences of new intrusion events which are increasingly a key part of system security, the statistical techniques cannot detect them. To overcome this issue, learning techniques are used which helps in identifying new intrusion activities in a computer system. The objective of the proposed system designed in this paper is to classify the intrusions using an Intelligent Multi Layered Attack Classification System (IMLACS which helps in detecting and classifying the intrusions with improved classification accuracy. The intelligent multi layered approach contains three intelligent layers. The first layer involves Binary Support Vector Machine classification for detecting the normal and attack. The second layer involves neural network classification to classify the attacks into classes of attacks. The third layer involves fuzzy inference system to classify the attacks into various subclasses. The proposed IMLACS can be able to detect an intrusion behavior of the networks since the system contains a three intelligent layer classification and better set of rules. Feature selection is also used to improve the time of detection. The experimental results show that the IMLACS achieves the Classification Rate of 97.31%.

  18. Hardware security and trust design and deployment of integrated circuits in a threatened environment

    CERN Document Server

    Chaves, Ricardo; Natale, Giorgio; Regazzoni, Francesco

    2017-01-01

    This book provides a comprehensive introduction to hardware security, from specification to implementation. Applications discussed include embedded systems ranging from small RFID tags to satellites orbiting the earth. The authors describe a design and synthesis flow, which will transform a given circuit into a secure design incorporating counter-measures against fault attacks. In order to address the conflict between testability and security, the authors describe innovative design-for-testability (DFT) computer-aided design (CAD) tools that support security challenges, engineered for compliance with existing, commercial tools. Secure protocols are discussed, which protect access to necessary test infrastructures and enable the design of secure access controllers. Covers all aspects of hardware security including design, manufacturing, testing, reliability, validation and utilization; Describes new methods and algorithms for the identification/detection of hardware trojans; Defines new architectures capable o...

  19. Designing, Implementing, and Evaluating Secure Web Browsers

    Science.gov (United States)

    Grier, Christopher L.

    2009-01-01

    Web browsers are plagued with vulnerabilities, providing hackers with easy access to computer systems using browser-based attacks. Efforts that retrofit existing browsers have had limited success since modern browsers are not designed to withstand attack. To enable more secure web browsing, we design and implement new web browsers from the ground…

  20. 22 CFR 9.8 - Classification challenges.

    Science.gov (United States)

    2010-04-01

    ... 22 Foreign Relations 1 2010-04-01 2010-04-01 false Classification challenges. 9.8 Section 9.8 Foreign Relations DEPARTMENT OF STATE GENERAL SECURITY INFORMATION REGULATIONS § 9.8 Classification... classification status is improper are expected and encouraged to challenge the classification status of the...

  1. Designing Secure Systems on Reconfigurable Hardware

    OpenAIRE

    Huffmire, Ted; Brotherton, Brett; Callegari, Nick; Valamehr, Jonathan; White, Jeff; Kastner, Ryan; Sherwood, Ted

    2008-01-01

    The extremely high cost of custom ASIC fabrication makes FPGAs an attractive alternative for deployment of custom hardware. Embedded systems based on reconfigurable hardware integrate many functions onto a single device. Since embedded designers often have no choice but to use soft IP cores obtained from third parties, the cores operate at different trust levels, resulting in mixed trust designs. The goal of this project is to evaluate recently proposed security primitives for reconfigurab...

  2. Cold Vacuum Dryer (CVD) Facility Security System Design Description. System 54

    International Nuclear Information System (INIS)

    WHITEHURST, R.

    2000-01-01

    This system design description (SDD) addresses the Cold Vacuum Drying (CVD) Facility security system. The system's primary purpose is to provide reasonable assurance that breaches of security boundaries are detected and assessment information is provided to protective force personnel. In addition, the system is utilized by Operations to support reduced personnel radiation goals and to provide reasonable assurance that only authorized personnel are allowed to enter designated security areas

  3. 5 CFR 2500.3 - Original classification.

    Science.gov (United States)

    2010-01-01

    ... 5 Administrative Personnel 3 2010-01-01 2010-01-01 false Original classification. 2500.3 Section... SECURITY REGULATION § 2500.3 Original classification. No one in the Office of Administration has been granted authority for original classification of information. ...

  4. Efficient Fingercode Classification

    Science.gov (United States)

    Sun, Hong-Wei; Law, Kwok-Yan; Gollmann, Dieter; Chung, Siu-Leung; Li, Jian-Bin; Sun, Jia-Guang

    In this paper, we present an efficient fingerprint classification algorithm which is an essential component in many critical security application systems e. g. systems in the e-government and e-finance domains. Fingerprint identification is one of the most important security requirements in homeland security systems such as personnel screening and anti-money laundering. The problem of fingerprint identification involves searching (matching) the fingerprint of a person against each of the fingerprints of all registered persons. To enhance performance and reliability, a common approach is to reduce the search space by firstly classifying the fingerprints and then performing the search in the respective class. Jain et al. proposed a fingerprint classification algorithm based on a two-stage classifier, which uses a K-nearest neighbor classifier in its first stage. The fingerprint classification algorithm is based on the fingercode representation which is an encoding of fingerprints that has been demonstrated to be an effective fingerprint biometric scheme because of its ability to capture both local and global details in a fingerprint image. We enhance this approach by improving the efficiency of the K-nearest neighbor classifier for fingercode-based fingerprint classification. Our research firstly investigates the various fast search algorithms in vector quantization (VQ) and the potential application in fingerprint classification, and then proposes two efficient algorithms based on the pyramid-based search algorithms in VQ. Experimental results on DB1 of FVC 2004 demonstrate that our algorithms can outperform the full search algorithm and the original pyramid-based search algorithms in terms of computational efficiency without sacrificing accuracy.

  5. Convertible security design and contract innovation

    NARCIS (Netherlands)

    Lewis, C.M.; Verwijmeren, P.

    2011-01-01

    This paper studies convertible security design for a sample of 814 issuers over the years 2000 through 2007. Using a nested logit model, we examine how firms choose fixed income claims and the method of payment. We find that fixed income claims are chosen to reduce corporate income taxes, minimize

  6. Security Implications of Physical Design Attributes in the Emergency Department.

    Science.gov (United States)

    Pati, Debajyoti; Pati, Sipra; Harvey, Thomas E

    2016-07-01

    Security, a subset of safety, is equally important in the efficient delivery of patient care. The emergency department (ED) is susceptible to violence creating concerns for the safety and security of patients, staff, and visitors and for the safe and efficient delivery of care. Although there is an implicit and growing recognition of the role of the physical environment, interventions typically have been at the microlevel. The objective of this study was to identify physical design attributes that potentially influence safety and efficiency of ED operations. An exploratory, qualitative research design was adopted to examine the efficiency and safety correlates of ED physical design attributes. The study comprised a multimeasure approach involving multidisciplinary gaming, semistructured interviews, and touring interviews of frontline staff in four EDs at three hospital systems across three states. Five macro physical design attributes (issues that need to be addressed at the design stage and expensive to rectify once built) emerged from the data as factors substantially associated with security issues. They are design issues pertaining to (a) the entry zone, (b) traffic management, (c) patient room clustering, (d) centralization versus decentralization, and (e) provisions for special populations. Data from this study suggest that ED security concerns are generally associated with three sources: (a) gang-related violence, (b) dissatisfied patients, and (c) behavioral health patients. Study data show that physical design has an important role in addressing the above-mentioned concerns. Implications for ED design are outlined in the article. © The Author(s) 2016.

  7. The Buyers’ Perspective on Security Design: Hedge Funds and Convertible Bond Call Provisions

    NARCIS (Netherlands)

    B.D. Grundy (Bruce); P. Verwijmeren (Patrick)

    2016-01-01

    textabstractWe provide evidence that security design reflects the interplay of capital supplier and security issuer preferences. While call provisions have historically been the default option in convertible security design, only a minority of post-2005 issues are callable. Because hedge funds

  8. 22 CFR 9.6 - Derivative classification.

    Science.gov (United States)

    2010-04-01

    ... 22 Foreign Relations 1 2010-04-01 2010-04-01 false Derivative classification. 9.6 Section 9.6 Foreign Relations DEPARTMENT OF STATE GENERAL SECURITY INFORMATION REGULATIONS § 9.6 Derivative classification. (a) Definition. Derivative classification is the incorporating, paraphrasing, restating or...

  9. 22 CFR 9.4 - Original classification.

    Science.gov (United States)

    2010-04-01

    ... 22 Foreign Relations 1 2010-04-01 2010-04-01 false Original classification. 9.4 Section 9.4 Foreign Relations DEPARTMENT OF STATE GENERAL SECURITY INFORMATION REGULATIONS § 9.4 Original classification. (a) Definition. Original classification is the initial determination that certain information...

  10. Evaluating and comparing imaging techniques: a review and classification of study designs

    International Nuclear Information System (INIS)

    Freedman, L.S.

    1987-01-01

    The design of studies to evaluate and compare imaging techniques are reviewed. Thirteen principles for the design of studies of diagnostic accuracy are given. Because of the 'independence principle' these studies are not able directly to evaluate the contribution of a technique to clinical management. For the latter, the 'clinical value' study design is recommended. A classification of study designs is proposed in parallel with the standard classification of clinical trials. Studies of diagnostic accuracy are analogous to Phase II, whereas studies evaluating the contribution to clinical management correspond to the Phase III category. Currently the majority of published studies employ the Phase II design. More emphasis on Phase III studies is required. (author)

  11. Market Design and Supply Security in Imperfect Power Markets

    DEFF Research Database (Denmark)

    Schwenen, Sebastian

    2014-01-01

    Supply security in imperfect power markets is modelled under different market designs. In a uniform price auction for electricity with two firms, strategic behaviour may leave firms offering too few capacities and unable to supply all realized demand. Market design that relies oncapacity markets...... increases available generation capacities for sufficiently high capacity prices and consequently decreases energy prices. However, equilibrium capacity prices are non-competitive. Capacity markets can increase security of supply, but cannot mitigate market power, which is exercised in the capacity market...

  12. Sandia's experience in designing and implementing integrated high security physical protection systems

    International Nuclear Information System (INIS)

    Caskey, D.L.

    1986-01-01

    As DOE's lead laboratory for physical security, Sandia National Laboratories has had a major physical security program for over ten years. Activities have ranged from component development and evaluation, to full scale system design and implementation. This paper presents some of the lessons learned in designing and implementing state-of-the-art high security physical protection systems for a number of government facilities. A generic system design is discussed for illustration purposes. Sandia efforts to transfer technology to industry are described

  13. Security Design Flaws That Affect Usability in Online Banking

    Science.gov (United States)

    Gurlen, Stephanie

    2013-01-01

    As the popularity of online banking Websites has increased, the security of these sites has become increasingly critical as attacks against these sites are on the rise. However, the design decisions made during construction of the sites could make usability more difficult, where the user has difficulty making good security decisions. This study…

  14. Is overall similarity classification less effortful than single-dimension classification?

    Science.gov (United States)

    Wills, Andy J; Milton, Fraser; Longmore, Christopher A; Hester, Sarah; Robinson, Jo

    2013-01-01

    It is sometimes argued that the implementation of an overall similarity classification is less effortful than the implementation of a single-dimension classification. In the current article, we argue that the evidence securely in support of this view is limited, and report additional evidence in support of the opposite proposition--overall similarity classification is more effortful than single-dimension classification. Using a match-to-standards procedure, Experiments 1A, 1B and 2 demonstrate that concurrent load reduces the prevalence of overall similarity classification, and that this effect is robust to changes in the concurrent load task employed, the level of time pressure experienced, and the short-term memory requirements of the classification task. Experiment 3 demonstrates that participants who produced overall similarity classifications from the outset have larger working memory capacities than those who produced single-dimension classifications initially, and Experiment 4 demonstrates that instructions to respond meticulously increase the prevalence of overall similarity classification.

  15. 6 CFR 7.30 - Classification challenges.

    Science.gov (United States)

    2010-01-01

    ... 6 Domestic Security 1 2010-01-01 2010-01-01 false Classification challenges. 7.30 Section 7.30... INFORMATION Classified Information § 7.30 Classification challenges. (a) Authorized holders of information... classified are encouraged and expected to challenge the classification status of that information pursuant to...

  16. Nuclear security

    International Nuclear Information System (INIS)

    1991-07-01

    This paper reports that despite an Executive Order limiting the authority to make original classification decisions to government officials, DOE has delegated this authority to a number of contractor employees. Although the number of original classification decisions made by these contractors is small, this neither negates nor diminishes the significance of the improper delegation of authority. If misclassification were to occur, particularly at the Top Secret level, U.S. national security interests could potentially be seriously affected and threatened. DOE's argument that the delegation of such authority is a long-standing policy and done on a selective basis does not legitimize the practice and does not relieve DOE of its responsibility to meet the requirements of the Executive Order. DOE needs to independently assess all original classification determinations made by contractors; otherwise, it cannot be sure that U.S. national security interests have been or are being adequately protected

  17. Design and Development of Layered Security: Future Enhancements and Directions in Transmission

    Science.gov (United States)

    Shahzad, Aamir; Lee, Malrey; Kim, Suntae; Kim, Kangmin; Choi, Jae-Young; Cho, Younghwa; Lee, Keun-Kwang

    2016-01-01

    Today, security is a prominent issue when any type of communication is being undertaken. Like traditional networks, supervisory control and data acquisition (SCADA) systems suffer from a number of vulnerabilities. Numerous end-to-end security mechanisms have been proposed for the resolution of SCADA-system security issues, but due to insecure real-time protocol use and the reliance upon open protocols during Internet-based communication, these SCADA systems can still be compromised by security challenges. This study reviews the security challenges and issues that are commonly raised during SCADA/protocol transmissions and proposes a secure distributed-network protocol version 3 (DNP3) design, and the implementation of the security solution using a cryptography mechanism. Due to the insecurities found within SCADA protocols, the new development consists of a DNP3 protocol that has been designed as a part of the SCADA system, and the cryptographically derived security is deployed within the application layer as a part of the DNP3 stack. PMID:26751443

  18. Design and Development of Layered Security: Future Enhancements and Directions in Transmission

    Directory of Open Access Journals (Sweden)

    Aamir Shahzad

    2016-01-01

    Full Text Available Today, security is a prominent issue when any type of communication is being undertaken. Like traditional networks, supervisory control and data acquisition (SCADA systems suffer from a number of vulnerabilities. Numerous end-to-end security mechanisms have been proposed for the resolution of SCADA-system security issues, but due to insecure real-time protocol use and the reliance upon open protocols during Internet-based communication, these SCADA systems can still be compromised by security challenges. This study reviews the security challenges and issues that are commonly raised during SCADA/protocol transmissions and proposes a secure distributed-network protocol version 3 (DNP3 design, and the implementation of the security solution using a cryptography mechanism. Due to the insecurities found within SCADA protocols, the new development consists of a DNP3 protocol that has been designed as a part of the SCADA system, and the cryptographically derived security is deployed within the application layer as a part of the DNP3 stack.

  19. 14 CFR 1203.501 - Applying derivative classification markings.

    Science.gov (United States)

    2010-01-01

    ... INFORMATION SECURITY PROGRAM Derivative Classification § 1203.501 Applying derivative classification markings. Persons who apply derivative classification markings shall: (a) Observe and respect original... 14 Aeronautics and Space 5 2010-01-01 2010-01-01 false Applying derivative classification markings...

  20. Design of a Super-Pixel-Based Quantum Secure Authentication Demonstrator

    NARCIS (Netherlands)

    Toebes, Chris; Tentrup, Tristan B.H.; Pinkse, Pepijn W.H.

    2017-01-01

    Quantum Secure Authentication (QSA) is a method recently developed to authenticate a multiple-scattering key [1]. Previous implementations only showed proof-of-principle setups. We present a design of a compact and robust demonstration device for Quantum Secure Authentication. The challenge and

  1. Classification of Security Operation Centers

    CSIR Research Space (South Africa)

    Jacobs, P

    2013-08-01

    Full Text Available Security Operation Centers (SOCs) are a necessary service for organisations that want to address compliance and threat management. While there are frameworks in existence that addresses the technology aspects of these services, a holistic framework...

  2. The Design and Realization of Household Intelligent Security System

    Directory of Open Access Journals (Sweden)

    Huang Sheng-Bo

    2016-01-01

    Full Text Available It is known that Smart home has brought great convenience to the lives of humans. However, we have attached quantities of interest in its security as the development of technology goes on. According to the security requirements at the moment, we introduce the scheme of smart home security system based on ZigBee, and design system hardware and software process. By applying a STC89C52 microcontroller, our system is able to accurately detect and give alarms automatically to house fire, harmful gases and thefts.

  3. 32 CFR 2400.14 - Use of derivative classification.

    Science.gov (United States)

    2010-07-01

    ... SECURITY PROGRAM Derivative Classification § 2400.14 Use of derivative classification. (a) Derivative... 32 National Defense 6 2010-07-01 2010-07-01 false Use of derivative classification. 2400.14... person who applies derivative classification markings believes that the paraphrasing, restating, or...

  4. Secure Supply Chains : Design Restrictions & Organizational Boundaries

    NARCIS (Netherlands)

    Ludema, M.W.

    2009-01-01

    An important issue in the design of secure supply chains is the understanding of the relation between supply chains and the organizational responsibility of specific parts of these supply chains. Organizational boundaries change over time by means of vertical and/or horizontal (des)-integration and

  5. Information Systems at Enterprise. Design of Secure Network of Enterprise

    Science.gov (United States)

    Saigushev, N. Y.; Mikhailova, U. V.; Vedeneeva, O. A.; Tsaran, A. A.

    2018-05-01

    No enterprise and company can do without designing its own corporate network in today's information society. It accelerates and facilitates the work of employees at any level, but contains a big threat to confidential information of the company. In addition to the data theft attackers, there are plenty of information threats posed by modern malware effects. In this regard, the computational security of corporate networks is an important component of modern information technologies of computer security for any enterprise. This article says about the design of the protected corporate network of the enterprise that provides the computers on the network access to the Internet, as well interoperability with the branch. The access speed to the Internet at a high level is provided through the use of high-speed access channels and load balancing between devices. The security of the designed network is performed through the use of VLAN technology as well as access lists and AAA server.

  6. Design of a hybrid model for cardiac arrhythmia classification based on Daubechies wavelet transform.

    Science.gov (United States)

    Rajagopal, Rekha; Ranganathan, Vidhyapriya

    2018-06-05

    Automation in cardiac arrhythmia classification helps medical professionals make accurate decisions about the patient's health. The aim of this work was to design a hybrid classification model to classify cardiac arrhythmias. The design phase of the classification model comprises the following stages: preprocessing of the cardiac signal by eliminating detail coefficients that contain noise, feature extraction through Daubechies wavelet transform, and arrhythmia classification using a collaborative decision from the K nearest neighbor classifier (KNN) and a support vector machine (SVM). The proposed model is able to classify 5 arrhythmia classes as per the ANSI/AAMI EC57: 1998 classification standard. Level 1 of the proposed model involves classification using the KNN and the classifier is trained with examples from all classes. Level 2 involves classification using an SVM and is trained specifically to classify overlapped classes. The final classification of a test heartbeat pertaining to a particular class is done using the proposed KNN/SVM hybrid model. The experimental results demonstrated that the average sensitivity of the proposed model was 92.56%, the average specificity 99.35%, the average positive predictive value 98.13%, the average F-score 94.5%, and the average accuracy 99.78%. The results obtained using the proposed model were compared with the results of discriminant, tree, and KNN classifiers. The proposed model is able to achieve a high classification accuracy.

  7. 22 CFR 9.5 - Original classification authority.

    Science.gov (United States)

    2010-04-01

    ... 22 Foreign Relations 1 2010-04-01 2010-04-01 false Original classification authority. 9.5 Section 9.5 Foreign Relations DEPARTMENT OF STATE GENERAL SECURITY INFORMATION REGULATIONS § 9.5 Original classification authority. (a) Authority for original classification of information as Top Secret may be exercised...

  8. Select Generic Dry-Storage Pilot Plant Design for Safeguards and Security by Design (SSBD) per Used Fuel Campaign

    Energy Technology Data Exchange (ETDEWEB)

    Demuth, Scott Francis [Los Alamos National Lab. (LANL), Los Alamos, NM (United States); Sprinkle, James K. [Los Alamos National Lab. (LANL), Los Alamos, NM (United States)

    2015-05-26

    As preparation to the year-end deliverable (Provide SSBD Best Practices for Generic Dry-Storage Pilot Scale Plant) for the Work Package (FT-15LA040501–Safeguards and Security by Design for Extended Dry Storage), the initial step was to select a generic dry-storage pilot plant design for SSBD. To be consistent with other DOE-NE Fuel Cycle Research and Development (FCR&D) activities, the Used Fuel Campaign was engaged for the selection of a design for this deliverable. For the work Package FT-15LA040501–“Safeguards and Security by Design for Extended Dry Storage”, SSBD will be initiated for the Generic Dry-Storage Pilot Scale Plant described by the layout of Reference 2. SSBD will consider aspects of the design that are impacted by domestic material control and accounting (MC&A), domestic security, and international safeguards.

  9. 32 CFR 2400.16 - Derivative classification markings.

    Science.gov (United States)

    2010-07-01

    ... SECURITY PROGRAM Derivative Classification § 2400.16 Derivative classification markings. (a) Documents... 32 National Defense 6 2010-07-01 2010-07-01 false Derivative classification markings. 2400.16..., as described in § 2400.12 of this part, the information may not be used as a basis for derivative...

  10. An Overview of DRAM-Based Security Primitives

    Directory of Open Access Journals (Sweden)

    Nikolaos Athanasios Anagnostopoulos

    2018-03-01

    Full Text Available Recent developments have increased the demand for adequate security solutions, based on primitives that cannot be easily manipulated or altered, such as hardware-based primitives. Security primitives based on Dynamic Random Access Memory (DRAM can provide cost-efficient and practical security solutions, especially for resource-constrained devices, such as hardware used in the Internet of Things (IoT, as DRAMs are an intrinsic part of most contemporary computer systems. In this work, we present a comprehensive overview of the literature regarding DRAM-based security primitives and an extended classification of it, based on a number of different criteria. In particular, first, we demonstrate the way in which DRAMs work and present the characteristics being exploited for the implementation of security primitives. Then, we introduce the primitives that can be implemented using DRAM, namely Physical Unclonable Functions (PUFs and True Random Number Generators (TRNGs, and present the applications of each of the two types of DRAM-based security primitives. We additionally proceed to assess the security such primitives can provide, by discussing potential attacks and defences, as well as the proposed security metrics. Subsequently, we also compare these primitives to other hardware-based security primitives, noting their advantages and shortcomings, and proceed to demonstrate their potential for commercial adoption. Finally, we analyse our classification methodology, by reviewing the criteria employed in our classification and examining their significance.

  11. 28 CFR 17.26 - Derivative classification.

    Science.gov (United States)

    2010-07-01

    ... 28 Judicial Administration 1 2010-07-01 2010-07-01 false Derivative classification. 17.26 Section 17.26 Judicial Administration DEPARTMENT OF JUSTICE CLASSIFIED NATIONAL SECURITY INFORMATION AND ACCESS TO CLASSIFIED INFORMATION Classified Information § 17.26 Derivative classification. (a) Persons...

  12. Design concept of CSRAS (Cyber Security Risk Analysis and Assessment System) for digital I and C systems

    International Nuclear Information System (INIS)

    Song, J. G.; Lee, J. W.; Lee, D. Y.; Lee, C. K.

    2012-01-01

    The instrumentation and control (I and C) systems in nuclear power plants (NPPs) have been digitalized recently. Hence, cyber security becomes an important feature to be incorporated into the I and C systems. The Regulatory Guide 5.71 published by U.C NRC in 2010 presents a comprehensive set of security controls for the cyber security of I and C systems in NPPs. However, the application of security controls specified in the RG 5.71 in a specific I and C system still requires many analysis efforts based on the understanding of the security controls, since the guideline does not provide the details to system designers or developers regarding what, where, and how to apply the security controls. To apply security controls to I and C systems, cyber security requirements should be identified based on the cyber security policy and program, then the design and implementation of security controls should be performed along with the I and C system development life cycle. It can be assumed that cyber security requirements are identified during the system design(SD) phase and the design and implementation of security controls is performed during the component design(CD) phase. When identifying security requirements and performing the design and implementation of security controls, cyber security risk assessments should be processed with the understanding of the characteristics of target systems. In this study, the Cyber Security Risk Analysis and Assessment System (CSRAS) has been developed as a tool for analyzing security requirements and technical security controls considering based on a general cyber security risk assessment procedure with the consideration of the characteristics of I and C systems and the development phases

  13. Design concept of CSRAS (Cyber Security Risk Analysis and Assessment System) for digital I and C systems

    Energy Technology Data Exchange (ETDEWEB)

    Song, J. G.; Lee, J. W.; Lee, D. Y.; Lee, C. K. [KAERI, Daejeon (Korea, Republic of)

    2012-10-15

    The instrumentation and control (I and C) systems in nuclear power plants (NPPs) have been digitalized recently. Hence, cyber security becomes an important feature to be incorporated into the I and C systems. The Regulatory Guide 5.71 published by U.C NRC in 2010 presents a comprehensive set of security controls for the cyber security of I and C systems in NPPs. However, the application of security controls specified in the RG 5.71 in a specific I and C system still requires many analysis efforts based on the understanding of the security controls, since the guideline does not provide the details to system designers or developers regarding what, where, and how to apply the security controls. To apply security controls to I and C systems, cyber security requirements should be identified based on the cyber security policy and program, then the design and implementation of security controls should be performed along with the I and C system development life cycle. It can be assumed that cyber security requirements are identified during the system design(SD) phase and the design and implementation of security controls is performed during the component design(CD) phase. When identifying security requirements and performing the design and implementation of security controls, cyber security risk assessments should be processed with the understanding of the characteristics of target systems. In this study, the Cyber Security Risk Analysis and Assessment System (CSRAS) has been developed as a tool for analyzing security requirements and technical security controls considering based on a general cyber security risk assessment procedure with the consideration of the characteristics of I and C systems and the development phases.

  14. The Buyers’ Perspective on Security Design: Hedge Funds and Convertible Bond Call Provisions

    OpenAIRE

    Grundy, Bruce; Verwijmeren, Patrick

    2016-01-01

    textabstractWe provide evidence that security design reflects the interplay of capital supplier and security issuer preferences. While call provisions have historically been the default option in convertible security design, only a minority of post-2005 issues are callable. Because hedge funds dominate the market for new convertibles today and because convertible arbitrage is less risky without callability, the recent diminution in the frequency of call provisions in new convertible bond issu...

  15. The buyers’ perspective on security design: Hedge funds and convertible bond call provisions

    OpenAIRE

    Grundy, Bruce D.; Verwijmeren, Patrick

    2018-01-01

    We provide evidence that security design reflects the interplay of capital supplier and security issuer preferences. While call provisions have historically been the default option in convertible security design, only a minority of post-2005 issues are callable. Because hedge funds dominate the market for new convertibles today and because convertible arbitrage is less risky without callability, the recent diminution in the frequency of call provisions in new convertible bond issues illustrat...

  16. 32 CFR 2001.22 - Derivative classification.

    Science.gov (United States)

    2010-07-01

    ... 32 National Defense 6 2010-07-01 2010-07-01 false Derivative classification. 2001.22 Section 2001.22 National Defense Other Regulations Relating to National Defense INFORMATION SECURITY OVERSIGHT OFFICE, NATIONAL ARCHIVES AND RECORDS ADMINISTRATION CLASSIFIED NATIONAL SECURITY INFORMATION...

  17. Designing a Physical Security System for Risk Reduction in a Hypothetical Nuclear Facility

    International Nuclear Information System (INIS)

    Saleh, A.A.; Abd Elaziz, M.

    2017-01-01

    Physical security in a nuclear facility means detection, prevention and response to threat, the ft, sabotage, unauthorized access and illegal transfer involving radioactive and nuclear material. This paper proposes a physical security system designing concepts to reduce the risk associated with variant threats to a nuclear facility. This paper presents a study of the unauthorized removal and sabotage in a hypothetical nuclear facility considering deter, delay and response layers. More over, the study involves performing any required upgrading to the security system by investigating the nuclear facility layout and considering all physical security layers design to enhance the weakness for risk reduction

  18. Design and Analysis of Winglets for Military Aircraft

    Science.gov (United States)

    1976-02-03

    Company to determine the aerodynamic characteristics and performance benefits from winglets on the KC-135 aircraft. Unclassified SECURITY CLASSIFICATION...1 II ANALYSIS OF WINGLETS ...... ............................................ 3 A Aerodynamic ...were estimated and compared to the conventional design. The aerodynamic shape of the winglet was designed for the KC-135 and this design was then used

  19. Analysis of effect of safety classification on DCS design in nuclear power plants

    International Nuclear Information System (INIS)

    Gou Guokai; Li Guomin; Wang Qunfeng

    2011-01-01

    By analyzing the safety classification for the systems and functions of nuclear power plants based on the general design requirements for nuclear power plants, especially the requirement of availability and reliability of I and C systems, the characteristics of modem DCS technology and I and C products currently applied in nuclear power field are interpreted. According to the requirements on the safety operation of nuclear power plants and the regulations for safety audit, the effect of different safety classifications on DCS design in nuclear power plants is analyzed, by considering the actual design process of different DCS solutions in the nuclear power plants under construction. (authors)

  20. Use of Ecohydraulic-Based Mesohabitat Classification and Fish Species Traits for Stream Restoration Design

    Directory of Open Access Journals (Sweden)

    John S. Schwartz

    2016-11-01

    Full Text Available Stream restoration practice typically relies on a geomorphological design approach in which the integration of ecological criteria is limited and generally qualitative, although the most commonly stated project objective is to restore biological integrity by enhancing habitat and water quality. Restoration has achieved mixed results in terms of ecological successes and it is evident that improved methodologies for assessment and design are needed. A design approach is suggested for mesohabitat restoration based on a review and integration of fundamental processes associated with: (1 lotic ecological concepts; (2 applied geomorphic processes for mesohabitat self-maintenance; (3 multidimensional hydraulics and habitat suitability modeling; (4 species functional traits correlated with fish mesohabitat use; and (5 multi-stage ecohydraulics-based mesohabitat classification. Classification of mesohabitat units demonstrated in this article were based on fish preferences specifically linked to functional trait strategies (i.e., feeding resting, evasion, spawning, and flow refugia, recognizing that habitat preferences shift by season and flow stage. A multi-stage classification scheme developed under this premise provides the basic “building blocks” for ecological design criteria for stream restoration. The scheme was developed for Midwest US prairie streams, but the conceptual framework for mesohabitat classification and functional traits analysis can be applied to other ecoregions.

  1. 14 CFR 1203.500 - Use of derivative classification.

    Science.gov (United States)

    2010-01-01

    ... 14 Aeronautics and Space 5 2010-01-01 2010-01-01 false Use of derivative classification. 1203.500 Section 1203.500 Aeronautics and Space NATIONAL AERONAUTICS AND SPACE ADMINISTRATION INFORMATION SECURITY PROGRAM Derivative Classification § 1203.500 Use of derivative classification. The application of...

  2. 46 CFR 164.018-3 - Classification.

    Science.gov (United States)

    2010-10-01

    ... 46 Shipping 6 2010-10-01 2010-10-01 false Classification. 164.018-3 Section 164.018-3 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) EQUIPMENT, CONSTRUCTION, AND MATERIALS... Classification. The following types of retroreflective material are approved under this specification: (a) Type I...

  3. 5 CFR 2500.5 - Derivative classification.

    Science.gov (United States)

    2010-01-01

    ... 5 Administrative Personnel 3 2010-01-01 2010-01-01 false Derivative classification. 2500.5 Section 2500.5 Administrative Personnel OFFICE OF ADMINISTRATION, EXECUTIVE OFFICE OF THE PRESIDENT INFORMATION SECURITY REGULATION § 2500.5 Derivative classification. The Office of Administration serves only as the...

  4. Integration of holography into the design of bank notes and security documents

    Science.gov (United States)

    Dunn, Paul

    2000-10-01

    The use of holograms and other diffractive optically variable devices have been used successfully in the fight against counterfeiting of security documents for several years. More recently they have become globally accepted as a key security feature on banknotes as reflected in their prime use on the Euronotes to be issues in 2002. The success of the design and origination of these images depends upon their strong visual appeal, their overt and covert content and the ability to offer unique features that provides an extremely difficult barrier for the would be counterfeiter to overcome. The basic design principles both for banknote and general security print application are discussed in this review document. TO be effective as a security device the image must be fit for the purpose. This means that the image must contain the level of overt and covert features that are easy to recognize, containing high level security features and form part of an educational program aimed at the product user and specifically trained security personnel. More specifically it must meet a clearly defined performance criteria.

  5. 12 CFR 403.3 - Classification principles and authority.

    Science.gov (United States)

    2010-01-01

    ... 12 Banks and Banking 4 2010-01-01 2010-01-01 false Classification principles and authority. 403.3 Section 403.3 Banks and Banking EXPORT-IMPORT BANK OF THE UNITED STATES CLASSIFICATION, DECLASSIFICATION, AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION § 403.3 Classification principles and authority. (a...

  6. Safeguards and Security by Design (SSBD) for Small Modular Reactors (SMRs) through a Common Global Approach

    Energy Technology Data Exchange (ETDEWEB)

    Badwan, Faris M. [Los Alamos National Lab. (LANL), Los Alamos, NM (United States); Demuth, Scott Francis [Los Alamos National Lab. (LANL), Los Alamos, NM (United States); Miller, Michael Conrad [Los Alamos National Lab. (LANL), Los Alamos, NM (United States); Pshakin, Gennady [Obninsk Institute of Physics and Power Engineering (Russian Federation)

    2015-02-23

    Small Modular Reactors (SMR) with power levels significantly less than the currently standard 1000 to 1600-MWe reactors have been proposed as a potential game changer for future nuclear power. SMRs may offer a simpler, more standardized, and safer modular design by using factory built and easily transportable components. Additionally, SMRs may be more easily built and operated in isolated locations, and may require smaller initial capital investment and shorter construction times. Because many SMRs designs are still conceptual and consequently not yet fixed, designers have a unique opportunity to incorporate updated design basis threats, emergency preparedness requirements, and then fully integrate safety, physical security, and safeguards/material control and accounting (MC&A) designs. Integrating safety, physical security, and safeguards is often referred to as integrating the 3Ss, and early consideration of safeguards and security in the design is often referred to as safeguards and security by design (SSBD). This paper describes U.S./Russian collaborative efforts toward developing an internationally accepted common approach for implementing SSBD/3Ss for SMRs based upon domestic requirements, and international guidance and requirements. These collaborative efforts originated with the Nuclear Energy and Nuclear Security working group established under the U.S.-Russia Bilateral Presidential Commission during the 2009 Presidential Summit. Initial efforts have focused on review of U.S. and Russian domestic requirements for Security and MC&A, IAEA guidance for security and MC&A, and IAEA requirements for international safeguards. Additionally, example SMR design features that can enhance proliferation resistance and physical security have been collected from past work and reported here. The development of a U.S./Russian common approach for SSBD/3Ss should aid the designer of SMRs located anywhere in the world. More specifically, the application of this approach may

  7. Safeguards and Security by Design (SSBD) for Small Modular Reactors (SMRs) through a Common Global Approach

    International Nuclear Information System (INIS)

    Badwan, Faris M.; Demuth, Scott Francis; Miller, Michael Conrad; Pshakin, Gennady

    2015-01-01

    Small Modular Reactors (SMR) with power levels significantly less than the currently standard 1000 to 1600-MWe reactors have been proposed as a potential game changer for future nuclear power. SMRs may offer a simpler, more standardized, and safer modular design by using factory built and easily transportable components. Additionally, SMRs may be more easily built and operated in isolated locations, and may require smaller initial capital investment and shorter construction times. Because many SMRs designs are still conceptual and consequently not yet fixed, designers have a unique opportunity to incorporate updated design basis threats, emergency preparedness requirements, and then fully integrate safety, physical security, and safeguards/material control and accounting (MC&A) designs. Integrating safety, physical security, and safeguards is often referred to as integrating the 3Ss, and early consideration of safeguards and security in the design is often referred to as safeguards and security by design (SSBD). This paper describes U.S./Russian collaborative efforts toward developing an internationally accepted common approach for implementing SSBD/3Ss for SMRs based upon domestic requirements, and international guidance and requirements. These collaborative efforts originated with the Nuclear Energy and Nuclear Security working group established under the U.S.-Russia Bilateral Presidential Commission during the 2009 Presidential Summit. Initial efforts have focused on review of U.S. and Russian domestic requirements for Security and MC&A, IAEA guidance for security and MC&A, and IAEA requirements for international safeguards. Additionally, example SMR design features that can enhance proliferation resistance and physical security have been collected from past work and reported here. The development of a U.S./Russian common approach for SSBD/3Ss should aid the designer of SMRs located anywhere in the world. More specifically, the application of this approach may

  8. Maritime Cyber Security University Research

    Science.gov (United States)

    2016-05-01

    i Classification | CG-926 RDC | author | audience | month year Maritime Cyber Security University Research Phase I - Final Report...Distribution Statement A: Approved for public release; distribution is unlimited. May 2016 Report No. CG-D-06-16 Maritime Cyber Security...Director United States Coast Guard Research & Development Center 1 Chelsea Street New London, CT 06320 Maritime Cyber Security University

  9. Security credentials management system (SCMS) design and analysis for the connected vehicle system : draft.

    Science.gov (United States)

    2013-12-27

    This report presents an analysis by Booz Allen Hamilton (Booz Allen) of the technical design for the Security Credentials Management System (SCMS) intended to support communications security for the connected vehicle system. The SCMS technical design...

  10. 46 CFR 162.039-2 - Classification.

    Science.gov (United States)

    2010-10-01

    ... 46 Shipping 6 2010-10-01 2010-10-01 false Classification. 162.039-2 Section 162.039-2 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) EQUIPMENT, CONSTRUCTION, AND MATERIALS... Classification. (a) Every semiportable fire extinguisher shall be classified as to type and size as specified in...

  11. 17 CFR 200.505 - Original classification.

    Science.gov (United States)

    2010-04-01

    ... 17 Commodity and Securities Exchanges 2 2010-04-01 2010-04-01 false Original classification. 200... Information and Material § 200.505 Original classification. (a) No Commission Member or employee has the authority to classify any information on an original basis. (b) If a Commission employee originates...

  12. Design of High-Security USB Flash Drives Based on Chaos Authentication

    Directory of Open Access Journals (Sweden)

    Teh-Lu Liao

    2018-05-01

    Full Text Available This paper aims to propose a novel design of high-security USB flash drives with the chaos authentication. A chaos authentication approach with the non-linear encryption and decryption function design is newly proposed and realized based on the controller design of chaos synchronization. To complete the design of high-security USB flash drives, first, we introduce six parameters into the original Henon map to adjust and obtain richer chaotic state responses. Then a discrete sliding mode scheme is proposed to solve the synchronization problem of discrete hyperchaotic Henon maps. The proposed sliding mode controller can ensure the synchronization of the master-slave Henon maps. The selection of the switching surface and the existence of the sliding motion are also addressed. Finally, the obtained results are applied to design a new high-security USB flash drive with chaos authentication. We built discrete hyperchaotic Henon maps in the smartphone (master and microcontroller (slave, respectively. The Bluetooth module is used to communicate between the master and the slave to achieve chaos synchronization such that the same random and dynamical chaos signal can be simultaneously obtained at both the USB flash drive and smartphone, and pass the chaos authentication. When users need to access data in the flash drive, they can easily enable the encryption APP in the smartphone (master for chaos authentication. After completing the chaos synchronization and authentication, the ARM-based microcontroller allows the computer to access the data in the high-security USB flash drive.

  13. System Health Monitoring Using a Novel Method: Security Unified Process

    Directory of Open Access Journals (Sweden)

    Alireza Shameli-Sendi

    2012-01-01

    and change management, and project management. The dynamic dimension, or phases, contains inception, analysis and design, construction, and monitoring. Risk assessment is a major part of the ISMS process. In SUP, we present a risk assessment model, which uses a fuzzy expert system to assess risks in organization. Since, the classification of assets is an important aspect of risk management and ensures that effective protection occurs, a Security Cube is proposed to identify organization assets as an asset classification model. The proposed model leads us to have an offline system health monitoring tool that is really a critical need in any organization.

  14. Design and implementation of modular home security system with short messaging system

    Directory of Open Access Journals (Sweden)

    Budijono Santoso

    2014-03-01

    Full Text Available Today we are living in 21st century where crime become increasing and everyone wants to secure they asset at their home. In that situation user must have system with advance technology so person do not worry when getting away from his home. It is therefore the purpose of this design to provide home security device, which send fast information to user GSM (Global System for Mobile mobile device using SMS (Short Messaging System and also activate - deactivate system by SMS. The Modular design of this Home Security System make expandable their capability by add more sensors on that system. Hardware of this system has been designed using microcontroller AT Mega 328, PIR (Passive Infra Red motion sensor as the primary sensor for motion detection, camera for capturing images, GSM module for sending and receiving SMS and buzzer for alarm. For software this system using Arduino IDE for Arduino and Putty for testing connection programming in GSM module. This Home Security System can monitor home area that surrounding by PIR sensor and sending SMS, save images capture by camera, and make people panic by turn on the buzzer when trespassing surrounding area that detected by PIR sensor. The Modular Home Security System has been tested and succeed detect human movement.

  15. 46 CFR 162.028-2 - Classification.

    Science.gov (United States)

    2010-10-01

    ... 46 Shipping 6 2010-10-01 2010-10-01 false Classification. 162.028-2 Section 162.028-2 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) EQUIPMENT, CONSTRUCTION, AND MATERIALS... Classification. (a) Every portable fire extinguisher shall be classified as to type and size as specified in § 76...

  16. Conceptual Design Approach to Implementing Hardware-based Security Controls in Data Communication Systems

    International Nuclear Information System (INIS)

    Ibrahim, Ahmad Salah; Jung, Jaecheon

    2016-01-01

    In the Korean Advanced Power Reactor (APR1400), safety control systems network is electrically isolated and physically separated from non-safety systems data network. Unidirectional gateways, include data diode fiber-optic cabling and computer-based servers, transmit the plant safety critical parameters to the main control room (MCR) for control and monitoring processes. The data transmission is only one-way from safety to non-safety. Reverse communication is blocked so that safety systems network is protected from potential cyberattacks or intrusions from non-safety side. Most of commercials off-the-shelf (COTS) security devices are software-based solutions that require operating systems and processors to perform its functions. Field Programmable Gate Arrays (FPGAs) offer digital hardware solutions to implement security controls such as data packet filtering and deep data packet inspection. This paper presents a conceptual design to implement hardware-based network security controls for maintaining the availability of gateway servers. A conceptual design of hardware-based network security controls was discussed in this paper. The proposed design is aiming at utilizing the hardware-based capabilities of FPGAs together with filtering and DPI functions of COTS software-based firewalls and intrusion detection and prevention systems (IDPS). The proposed design implemented a network security perimeter between the DCN-I zone and gateway servers zone. Security control functions are to protect the gateway servers from potential DoS attacks that could affect the data availability and integrity

  17. Conceptual Design Approach to Implementing Hardware-based Security Controls in Data Communication Systems

    Energy Technology Data Exchange (ETDEWEB)

    Ibrahim, Ahmad Salah; Jung, Jaecheon [KEPCO International Nuclear Graduate School, Ulsan (Korea, Republic of)

    2016-10-15

    In the Korean Advanced Power Reactor (APR1400), safety control systems network is electrically isolated and physically separated from non-safety systems data network. Unidirectional gateways, include data diode fiber-optic cabling and computer-based servers, transmit the plant safety critical parameters to the main control room (MCR) for control and monitoring processes. The data transmission is only one-way from safety to non-safety. Reverse communication is blocked so that safety systems network is protected from potential cyberattacks or intrusions from non-safety side. Most of commercials off-the-shelf (COTS) security devices are software-based solutions that require operating systems and processors to perform its functions. Field Programmable Gate Arrays (FPGAs) offer digital hardware solutions to implement security controls such as data packet filtering and deep data packet inspection. This paper presents a conceptual design to implement hardware-based network security controls for maintaining the availability of gateway servers. A conceptual design of hardware-based network security controls was discussed in this paper. The proposed design is aiming at utilizing the hardware-based capabilities of FPGAs together with filtering and DPI functions of COTS software-based firewalls and intrusion detection and prevention systems (IDPS). The proposed design implemented a network security perimeter between the DCN-I zone and gateway servers zone. Security control functions are to protect the gateway servers from potential DoS attacks that could affect the data availability and integrity.

  18. Forensic nursing in secure environments.

    Science.gov (United States)

    Shelton, Deborah

    2009-01-01

    There are few well-designed studies of corrections or prison nursing roles. This study seeks to describe the corrections or prison role of forensic nurses in the United States who provide care in secure environments. National data detailing the scope of practice in secure environments are limited. This pencil and paper survey describes the roles of 180 forensic nurses from 14 states who work in secure environments. Descriptive statistics are utilized. A repeated measures ANOVA with post hoc analyses was implemented. These nurses were older than average in age, but had 10 years or less experience in forensic nursing practice. Two significant roles emerged to "promote and implement principles that underpin effective quality and practice" and to "assess, develop, implement, and improve programs of care for individuals." Significant roles varied based upon the security classification of the unit or institution in which the nurses were employed. Access to information about these nurses and their nursing practice was difficult in these closed systems. Minimal data are available nationally, indicating a need for collection of additional data over time to examine changes in role. It is through such developments that forensic nursing provided in secure environments will define its specialization and attract the attention it deserves.

  19. Design optimization for security-and safety-critical distributed real-time applications

    DEFF Research Database (Denmark)

    Jiang, Wei; Pop, Paul; Jiang, Ke

    2016-01-01

    requirements on confidentiality of messages, task replication is used to enhance system reliability, and dynamic voltage and frequency scaling is used for energy efficiency of tasks. It is challenging to address these factors simultaneously, e.g., better security protections need more computing resources......In this paper, we are interested in the design of real-time applications with security, safety, timing, and energy requirements. The applications are scheduled with cyclic scheduling, and are mapped on distributed heterogeneous architectures. Cryptographic services are deployed to satisfy security...... and consume more energy, while lower voltages and frequencies may impair schedulability and security, and also lead to reliability degradation. We introduce a vulnerability based method to quantify the security performance of communications on distributed systems. We then focus on determining the appropriate...

  20. Design and Analysis of Secure Routing Protocol for Wireless Sensor Networks

    Science.gov (United States)

    Wang, Jiong; Zhang, Hua

    2017-09-01

    In recent years, with the development of science and technology and the progress of the times, China's wireless network technology has become increasingly prosperous and it plays an important role in social production and life. In this context, in order to further to enhance the stability of wireless network data transmission and security enhancements, the staff need to focus on routing security and carry out related work. Based on this, this paper analyzes the design of wireless sensor based on secure routing protocol.

  1. Inherent secure communications using lattice based waveform design

    Energy Technology Data Exchange (ETDEWEB)

    Pugh, Matthew Owen [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

    2013-12-01

    The wireless communications channel is innately insecure due to the broadcast nature of the electromagnetic medium. Many techniques have been developed and implemented in order to combat insecurities and ensure the privacy of transmitted messages. Traditional methods include encrypting the data via cryptographic methods, hiding the data in the noise floor as in wideband communications, or nulling the signal in the spatial direction of the adversary using array processing techniques. This work analyzes the design of signaling constellations, i.e. modulation formats, to combat eavesdroppers from correctly decoding transmitted messages. It has been shown that in certain channel models the ability of an adversary to decode the transmitted messages can be degraded by a clever signaling constellation based on lattice theory. This work attempts to optimize certain lattice parameters in order to maximize the security of the data transmission. These techniques are of interest because they are orthogonal to, and can be used in conjunction with, traditional security techniques to create a more secure communication channel.

  2. Design of the XML Security System for Electronic Commerce Application

    Institute of Scientific and Technical Information of China (English)

    2003-01-01

    The invocation of World Wide Web (www) first triggered mass adoption of the Internet for public access to digital information exchanges across the globe. To get a big market on the Web, a special security infrastructure would need to be put into place transforming the wild-and-woolly Internet into a network with end-to-end protections. XML (extensible Markup Language) is widely accepted as powerful data representation standard for electronic documents, so a security mechanism for XML documents must be provided in the first place to secure electronic commerce over Internet. In this paper the authors design and implement a secure framework that provides XML signature function, XML Element-wise Encryption function, smart card based crypto API library and Public Key Infrastructure (PKI) security functions to achieve confidentiality, integrity, message authentication, and/or signer authentication services for XML documents and existing non-XML documents that are exchanged by Internet for E-commerce application.

  3. A systematic approach for analysis and design of secure health information systems.

    Science.gov (United States)

    Blobel, B; Roger-France, F

    2001-06-01

    A toolset using object-oriented techniques including the nowadays popular unified modelling language (UML) approach has been developed to facilitate the different users' views for security analysis and design of health care information systems. Paradigm and concepts used are based on the component architecture of information systems and on a general layered security model. The toolset was developed in 1996/1997 within the ISHTAR project funded by the European Commission as well as through international standardisation activities. Analysing and systematising real health care scenarios, only six and nine use case types could be found in the health and the security-related view, respectively. By combining these use case types, the analysis and design of any thinkable system architecture can be simplified significantly. Based on generic schemes, the environment needed for both communication and application security can be established by appropriate sets of security services and mechanisms. Because of the importance and the basic character of electronic health care record (EHCR) systems, the understanding of the approach is facilitated by (incomplete) examples for this application.

  4. Design and implementation of a high performance network security processor

    Science.gov (United States)

    Wang, Haixin; Bai, Guoqiang; Chen, Hongyi

    2010-03-01

    The last few years have seen many significant progresses in the field of application-specific processors. One example is network security processors (NSPs) that perform various cryptographic operations specified by network security protocols and help to offload the computation intensive burdens from network processors (NPs). This article presents a high performance NSP system architecture implementation intended for both internet protocol security (IPSec) and secure socket layer (SSL) protocol acceleration, which are widely employed in virtual private network (VPN) and e-commerce applications. The efficient dual one-way pipelined data transfer skeleton and optimised integration scheme of the heterogenous parallel crypto engine arrays lead to a Gbps rate NSP, which is programmable with domain specific descriptor-based instructions. The descriptor-based control flow fragments large data packets and distributes them to the crypto engine arrays, which fully utilises the parallel computation resources and improves the overall system data throughput. A prototyping platform for this NSP design is implemented with a Xilinx XC3S5000 based FPGA chip set. Results show that the design gives a peak throughput for the IPSec ESP tunnel mode of 2.85 Gbps with over 2100 full SSL handshakes per second at a clock rate of 95 MHz.

  5. Three tenets for secure cyber-physical system design and assessment

    Science.gov (United States)

    Hughes, Jeff; Cybenko, George

    2014-06-01

    This paper presents a threat-driven quantitative mathematical framework for secure cyber-physical system design and assessment. Called The Three Tenets, this originally empirical approach has been used by the US Air Force Research Laboratory (AFRL) for secure system research and development. The Tenets were first documented in 2005 as a teachable methodology. The Tenets are motivated by a system threat model that itself consists of three elements which must exist for successful attacks to occur: - system susceptibility; - threat accessibility and; - threat capability. The Three Tenets arise naturally by countering each threat element individually. Specifically, the tenets are: Tenet 1: Focus on What's Critical - systems should include only essential functions (to reduce susceptibility); Tenet 2: Move Key Assets Out-of-Band - make mission essential elements and security controls difficult for attackers to reach logically and physically (to reduce accessibility); Tenet 3: Detect, React, Adapt - confound the attacker by implementing sensing system elements with dynamic response technologies (to counteract the attackers' capabilities). As a design methodology, the Tenets mitigate reverse engineering and subsequent attacks on complex systems. Quantified by a Bayesian analysis and further justified by analytic properties of attack graph models, the Tenets suggest concrete cyber security metrics for system assessment.

  6. Autonomy-based security design: the allocation of cash flow and control rights

    NARCIS (Netherlands)

    Boot, A.W.A.; Song, F.; Thakor, A.V.

    2005-01-01

    We derive debt, equity, convertible debt and asset-backed debt securities as optimal security designs in an environment in which the owner-manager has an endogenous control preference - a desire for autonomy - arising from the anticipation of future disagreement with investors over a

  7. Secure and Fair Cluster Head Selection Protocol for Enhancing Security in Mobile Ad Hoc Networks

    Directory of Open Access Journals (Sweden)

    B. Paramasivan

    2014-01-01

    Full Text Available Mobile ad hoc networks (MANETs are wireless networks consisting of number of autonomous mobile devices temporarily interconnected into a network by wireless media. MANETs become one of the most prevalent areas of research in the recent years. Resource limitations, energy efficiency, scalability, and security are the great challenging issues in MANETs. Due to its deployment nature, MANETs are more vulnerable to malicious attack. The secure routing protocols perform very basic security related functions which are not sufficient to protect the network. In this paper, a secure and fair cluster head selection protocol (SFCP is proposed which integrates security factors into the clustering approach for achieving attacker identification and classification. Byzantine agreement based cooperative technique is used for attacker identification and classification to make the network more attack resistant. SFCP used to solve this issue by making the nodes that are totally surrounded by malicious neighbors adjust dynamically their belief and disbelief thresholds. The proposed protocol selects the secure and energy efficient cluster head which acts as a local detector without imposing overhead to the clustering performance. SFCP is simulated in network simulator 2 and compared with two protocols including AODV and CBRP.

  8. Secure and fair cluster head selection protocol for enhancing security in mobile ad hoc networks.

    Science.gov (United States)

    Paramasivan, B; Kaliappan, M

    2014-01-01

    Mobile ad hoc networks (MANETs) are wireless networks consisting of number of autonomous mobile devices temporarily interconnected into a network by wireless media. MANETs become one of the most prevalent areas of research in the recent years. Resource limitations, energy efficiency, scalability, and security are the great challenging issues in MANETs. Due to its deployment nature, MANETs are more vulnerable to malicious attack. The secure routing protocols perform very basic security related functions which are not sufficient to protect the network. In this paper, a secure and fair cluster head selection protocol (SFCP) is proposed which integrates security factors into the clustering approach for achieving attacker identification and classification. Byzantine agreement based cooperative technique is used for attacker identification and classification to make the network more attack resistant. SFCP used to solve this issue by making the nodes that are totally surrounded by malicious neighbors adjust dynamically their belief and disbelief thresholds. The proposed protocol selects the secure and energy efficient cluster head which acts as a local detector without imposing overhead to the clustering performance. SFCP is simulated in network simulator 2 and compared with two protocols including AODV and CBRP.

  9. Hacking Facebook Privacy and Security

    Science.gov (United States)

    2012-08-28

    REPORT Hacking Facebook Privacy and Security 14. ABSTRACT 16. SECURITY CLASSIFICATION OF: When people talk about hacking and social networks , they’re...12211 Research Triangle Park, NC 27709-2211 15. SUBJECT TERMS Facebook , Privacy, Security, Social Network Dr. Jeff Duffany (Advisor), Omar Galban...transmit personal information that many people that they dare not do it personally. FACEBOOK PLATFORM Facebook is a popular social networking

  10. Human engineering considerations in designing a computerized controlled access security system

    International Nuclear Information System (INIS)

    Moore, J.W.; Banks, W.W.

    1988-01-01

    This paper describes a human engineering effort in the design of a major security system upgrade at Lawrence Livermore National Laboratory. This upgrade was to be accomplished by replacing obsolete and difficult-to-man (i.e., multiple operator task actions required) security equipment and systems with a new, automated, computer-based access control system. The initial task was to assist the electronic and mechanical engineering staff in designing a computerized security access system too functionally and ergonomically accommodate 100% of the Laboratory user population. The new computerized access system was intended to control entry into sensitive exclusion areas by requiring personnel to use an entry booth-based system and/or a remote access control panel system. The primary user interface with the system was through a control panel containing a magnetic card reader, function buttons, LCD display, and push-button keypad

  11. [Principles and methodology for ecological rehabilitation and security pattern design in key project construction].

    Science.gov (United States)

    Chen, Li-Ding; Lu, Yi-He; Tian, Hui-Ying; Shi, Qian

    2007-03-01

    Global ecological security becomes increasingly important with the intensive human activities. The function of ecological security is influenced by human activities, and in return, the efficiency of human activities will also be affected by the patterns of regional ecological security. Since the 1990s, China has initiated the construction of key projects "Yangtze Three Gorges Dam", "Qinghai-Tibet Railway", "West-to-East Gas Pipeline", "West-to-East Electricity Transmission" and "South-to-North Water Transfer" , etc. The interaction between these projects and regional ecological security has particularly attracted the attention of Chinese government. It is not only important for the regional environmental protection, but also of significance for the smoothly implementation of various projects aimed to develop an ecological rehabilitation system and to design a regional ecological security pattern. This paper made a systematic analysis on the types and characteristics of key project construction and their effects on the environment, and on the basis of this, brought forward the basic principles and methodology for ecological rehabilitation and security pattern design in this construction. It was considered that the following issues should be addressed in the implementation of a key project: 1) analysis and evaluation of current regional ecological environment, 2) evaluation of anthropogenic disturbances and their ecological risk, 3) regional ecological rehabilitation and security pattern design, 4) scenario analysis of environmental benefits of regional ecological security pattern, 5) re-optimization of regional ecological system framework, and 6) establishment of regional ecosystem management plan.

  12. 49 CFR 8.9 - Information Security Review Committee.

    Science.gov (United States)

    2010-10-01

    ... 49 Transportation 1 2010-10-01 2010-10-01 false Information Security Review Committee. 8.9 Section.../DECLASSIFICATION/ACCESS Classification/Declassification of Information § 8.9 Information Security Review Committee. (a) There is hereby established a Department of Transportation Information Security Review Committee...

  13. A CNN Based Approach for Garments Texture Design Classification

    Directory of Open Access Journals (Sweden)

    S.M. Sofiqul Islam

    2017-05-01

    Full Text Available Identifying garments texture design automatically for recommending the fashion trends is important nowadays because of the rapid growth of online shopping. By learning the properties of images efficiently, a machine can give better accuracy of classification. Several Hand-Engineered feature coding exists for identifying garments design classes. Recently, Deep Convolutional Neural Networks (CNNs have shown better performances for different object recognition. Deep CNN uses multiple levels of representation and abstraction that helps a machine to understand the types of data more accurately. In this paper, a CNN model for identifying garments design classes has been proposed. Experimental results on two different datasets show better results than existing two well-known CNN models (AlexNet and VGGNet and some state-of-the-art Hand-Engineered feature extraction methods.

  14. Market design and supply security in imperfect power markets

    International Nuclear Information System (INIS)

    Schwenen, Sebastian

    2014-01-01

    Supply security in imperfect power markets is modelled under different market designs. In a uniform price auction for electricity with two firms, strategic behaviour may leave firms offering too few capacities and unable to supply all realized demand. Market design that relies on capacity markets increases available generation capacities for sufficiently high capacity prices and consequently decreases energy prices. However, equilibrium capacity prices are non-competitive. Capacity markets can increase security of supply, but cannot mitigate market power, which is exercised in the capacity market instead of the energy market. - Highlights: • I model two power generating firms who compete to serve stochastic demand in a multiunit uniform price auction. • In equilibrium, blackout probabilities can arise through capacity withholding. • Capacity mechanisms decrease capacity withholding and the expected energy price. • With dominant firms, capacity mechanisms are only effective if capacity prices are non-competitive and include a mark-up for leaving the energy-only market optimum

  15. Design Impedance Mismatch Physical Unclonable Functions for IoT Security

    Directory of Open Access Journals (Sweden)

    Xiaomin Zheng

    2017-01-01

    Full Text Available We propose a new design, Physical Unclonable Function (PUF scheme, for the Internet of Things (IoT, which has been suffering from multiple-level security threats. As more and more objects interconnect on IoT networks, the identity of each thing is very important. To authenticate each object, we design an impedance mismatch PUF, which exploits random physical factors of the transmission line to generate a security unique private key. The characteristic impedance of the transmission line and signal transmission theory of the printed circuit board (PCB are also analyzed in detail. To improve the reliability, current feedback amplifier (CFA method is applied on the PUF. Finally, the proposed scheme is implemented and tested. The measure results show that impedance mismatch PUF provides better unpredictability and randomness.

  16. Security for Virtual Private Networks

    OpenAIRE

    Magdalena Nicoleta Iacob

    2015-01-01

    Network security must be a permanent concern for every company, given the fact that threats are evolving today more rapidly than in the past. This paper contains a general classification of cryptographic algorithms used in today networks and presents an implementation of virtual private networks using one of the most secure methods - digital certificates authentication.

  17. A lightweight security scheme for wireless body area networks: design, energy evaluation and proposed microprocessor design.

    Science.gov (United States)

    Selimis, Georgios; Huang, Li; Massé, Fabien; Tsekoura, Ioanna; Ashouei, Maryam; Catthoor, Francky; Huisken, Jos; Stuyt, Jan; Dolmans, Guido; Penders, Julien; De Groot, Harmke

    2011-10-01

    In order for wireless body area networks to meet widespread adoption, a number of security implications must be explored to promote and maintain fundamental medical ethical principles and social expectations. As a result, integration of security functionality to sensor nodes is required. Integrating security functionality to a wireless sensor node increases the size of the stored software program in program memory, the required time that the sensor's microprocessor needs to process the data and the wireless network traffic which is exchanged among sensors. This security overhead has dominant impact on the energy dissipation which is strongly related to the lifetime of the sensor, a critical aspect in wireless sensor network (WSN) technology. Strict definition of the security functionality, complete hardware model (microprocessor and radio), WBAN topology and the structure of the medium access control (MAC) frame are required for an accurate estimation of the energy that security introduces into the WBAN. In this work, we define a lightweight security scheme for WBAN, we estimate the additional energy consumption that the security scheme introduces to WBAN based on commercial available off-the-shelf hardware components (microprocessor and radio), the network topology and the MAC frame. Furthermore, we propose a new microcontroller design in order to reduce the energy consumption of the system. Experimental results and comparisons with other works are given.

  18. Secure system design and trustable computing

    CERN Document Server

    Potkonjak, Miodrag

    2016-01-01

    This book provides the foundations for understanding hardware security and trust, which have become major concerns for national security over the past decade.  Coverage includes issues related to security and trust in a variety of electronic devices and systems related to the security of hardware, firmware and software, spanning system applications, online transactions, and networking services.  This serves as an invaluable reference to the state-of-the-art research that is of critical significance to the security of, and trust in, modern society’s microelectronic-supported infrastructures.

  19. Security of Nuclear Information. Implementing Guide

    International Nuclear Information System (INIS)

    2015-01-01

    This publication provides guidance on implementing the principle of confidentiality and on the broader aspects of information security (i.e. integrity and availability). It assists States in bridging the gap between existing government and industry standards on information security, the particular concepts and considerations that apply to nuclear security and the special provisions and conditions that exist when dealing with nuclear material and other radioactive material. Specifically it seeks to assist states in the identification, classification, and assignment of appropriate security controls to information that could adversely impact nuclear security if compromised

  20. A classification plan of design class for systems of an advanced research reactor

    International Nuclear Information System (INIS)

    Yoon, Doo Byung; Ryu, Jeong Soo

    2005-01-01

    Advanced Research Reactor(ARR) is being designed by KAERI since 2002. The final goal of the project is to develop a new and unique research reactor model which is superior in safety and economical aspects. The conceptual design for systems, structures, and components of the ARR will be completed by 2005. The basic design for the systems, structures, and components of the ARR will be performed from 2006. Based on the technical experiences on the design and operation of the HANARO, the ARR will be designed. It is necessary to classify the safety class, quality class, and seismic category for the systems, structures, and components. The objective of this work is to propose a classification plan of design class for systems, structures, and components of the ARR. To achieve this purpose, the revision status of the regulations that used as criteria for determining the design class of the systems, structures, and components of the HANARO were investigated. In addition, the present revision status of the codes and the standards that utilized for the design of the HANARO were investigated. Based on these investigations, the codes and the standards for the design of the systems, structures, and components of the ARR were proposed. The feasibility of the proposed classification plan will be verified by performing the conceptual and basic design of the systems, structures, and components of the ARR

  1. Security: a Killer App for SDN?

    Science.gov (United States)

    2014-10-01

    Software Defined Networking ( SDN ) has been developed...the possible opportunities that result. 15. SUBJECT TERMS Software Defined Network , SDN , Network Routing, Security 16. SECURITY CLASSIFICATION OF...highwayman.com Highwayman Associates Ltd. Ross Anderson Ross.Anderson@cl.cam.ac.uk University of Cambridge ABSTRACT Software Defined Networking ( SDN ) has

  2. Force 2025 and Beyond Strategic Force Design Analytic Model

    Science.gov (United States)

    2017-01-12

    focused thinking , functional hierarchy, task capability matching 16. SECURITY CLASSIFICATION OF: 17. LIMITATION OF ABSTRACT U 18. NUMBER OF...describe and evaluate current organizational designs in terms of Force Employment and Force Design using the model to offer recommendations and analysis...developed to illuminate the current organizational design structure to better understand how the network of BCTs and enablers function in today’s steady

  3. Classification in context

    DEFF Research Database (Denmark)

    Mai, Jens Erik

    2004-01-01

    This paper surveys classification research literature, discusses various classification theories, and shows that the focus has traditionally been on establishing a scientific foundation for classification research. This paper argues that a shift has taken place, and suggests that contemporary...... classification research focus on contextual information as the guide for the design and construction of classification schemes....

  4. A CAREM reactor's design evaluation from the nuclear security point of view

    International Nuclear Information System (INIS)

    Kay, J.M.; Felizia, E.R.; Navarro, N.R.; Caruso, G.J.

    1990-01-01

    The main objective of this work is to define the adequate rules for CAREM reactor security systems design and processes which aim to assure verification of the CALIN regulations 'Radiological Criteria' in relation to accidents concerning CAREM reactor design. (Author) [es

  5. Radon-technical design methods based on radon classification of the soil

    International Nuclear Information System (INIS)

    Kettunen, A.V.

    1993-01-01

    Radon-technical classification of the foundation soil divides the foundation soil into four classes: negligible, normal, high and very high. Separate radon-technical designing methods and radon-technical solutions have been developed for each class. On regions of negligible class, no specific radon-technical designing methods are needed. On regions of normal radon class, there is no need for actual radon-technical designing based on calculations, whereas existing radon-technical solutions can be used. On regions of high and very high radon class, a separate radon-technical designing should be performed in each case, where radon-technical solutions are designed so that expected value for indoor radon content is lower than the maximum allowable radon content. (orig.). (3 refs., 2 figs., 2 tabs.)

  6. Ultra-Low-Power Design and Hardware Security Using Emerging Technologies for Internet of Things

    Directory of Open Access Journals (Sweden)

    Jiann-Shiun Yuan

    2017-09-01

    Full Text Available In this review article for Internet of Things (IoT applications, important low-power design techniques for digital and mixed-signal analog–digital converter (ADC circuits are presented. Emerging low voltage logic devices and non-volatile memories (NVMs beyond CMOS are illustrated. In addition, energy-constrained hardware security issues are reviewed. Specifically, light-weight encryption-based correlational power analysis, successive approximation register (SAR ADC security using tunnel field effect transistors (FETs, logic obfuscation using silicon nanowire FETs, and all-spin logic devices are highlighted. Furthermore, a novel ultra-low power design using bio-inspired neuromorphic computing and spiking neural network security are discussed.

  7. Design of security scheme of the radiotherapy planning administration system based on the hospital information system

    International Nuclear Information System (INIS)

    Zhuang Yongzhi; Zhao Jinzao

    2010-01-01

    Objective: To design a security scheme of radiotherapy planning administration system. Methods: Power Builder 9i language was used to program the system through the model of client-server machine. Oracle 9i was used as the database server. Results In this system, user registration management, user login management, application-level functions of control, database access control, and audit trail were designed to provide system security. Conclusions: As a prototype for the security analysis and protection of this scheme provides security of the system, application system, important data and message, which ensures the system work normally. (authors)

  8. Ensuring the Security of the Educational Environment: Cases of US, Russia and Europe

    Directory of Open Access Journals (Sweden)

    Vitaly V. Kabernik

    2015-01-01

    Full Text Available The article deals with security, including informational, educational environment. The article considers experience of the United States and Europe, including specific examples. Given a classification of the major threats and they are allocated on the basis of foreign and domestic experience. The article also determines the range of problems actually facing educational institutions and regularly described in special reports on the subject. Provides an overview of a set of measures designed to regulate access to inappropriate content, with special attention given to the phenomenon of social networks that put new challenges in ensuring security of the educational environment.

  9. 78 FR 69139 - Physical Security-Design Certification and Operating Reactors

    Science.gov (United States)

    2013-11-18

    ... Operating Reactors AGENCY: Nuclear Regulatory Commission. ACTION: Standard review plan--draft section..., ``Physical Security--Design Certification and Operating Reactors.'' The public comment period was originally....regulations.gov and search for Docket ID NRC-2013-0225. Address questions about NRC dockets to Carol Gallagher...

  10. Secure image encryption algorithm design using a novel chaos based S-Box

    International Nuclear Information System (INIS)

    Çavuşoğlu, Ünal; Kaçar, Sezgin; Pehlivan, Ihsan; Zengin, Ahmet

    2017-01-01

    Highlights: • A new chaotic system is developed for creating S-Box and image encryption algorithm. • Chaos based random number generator is designed with the help of the new chaotic system. NIST tests are run on generated random numbers to verify randomness. • A new S-Box design algorithm is developed to create the chaos based S-Box to be utilized in encryption algorithm and performance tests are made. • The new developed S-Box based image encryption algorithm is introduced and image encryption application is carried out. • To show the quality and strong of the encryption process, security analysis are performed and compared with the AES and chaos algorithms. - Abstract: In this study, an encryption algorithm that uses chaos based S-BOX is developed for secure and speed image encryption. First of all, a new chaotic system is developed for creating S-Box and image encryption algorithm. Chaos based random number generator is designed with the help of the new chaotic system. Then, NIST tests are run on generated random numbers to verify randomness. A new S-Box design algorithm is developed to create the chaos based S-Box to be utilized in encryption algorithm and performance tests are made. As the next step, the new developed S-Box based image encryption algorithm is introduced in detail. Finally, image encryption application is carried out. To show the quality and strong of the encryption process, security analysis are performed. Proposed algorithm is compared with the AES and chaos algorithms. According to tests results, the proposed image encryption algorithm is secure and speed for image encryption application.

  11. Implantable electronics: emerging design issues and an ultra light-weight security solution.

    Science.gov (United States)

    Narasimhan, Seetharam; Wang, Xinmu; Bhunia, Swarup

    2010-01-01

    Implantable systems that monitor biological signals require increasingly complex digital signal processing (DSP) electronics for real-time in-situ analysis and compression of the recorded signals. While it is well-known that such signal processing hardware needs to be implemented under tight area and power constraints, new design requirements emerge with their increasing complexity. Use of nanoscale technology shows tremendous benefits in implementing these advanced circuits due to dramatic improvement in integration density and power dissipation per operation. However, it also brings in new challenges such as reliability and large idle power (due to higher leakage current). Besides, programmability of the device as well as security of the recorded information are rapidly becoming major design considerations of such systems. In this paper, we analyze the emerging issues associated with the design of the DSP unit in an implantable system. Next, we propose a novel ultra light-weight solution to address the information security issue. Unlike the conventional information security approaches like data encryption, which come at large area and power overhead and hence are not amenable for resource-constrained implantable systems, we propose a multilevel key-based scrambling algorithm, which exploits the nature of the biological signal to effectively obfuscate it. Analysis of the proposed algorithm in the context of neural signal processing and its hardware implementation shows that we can achieve high level of security with ∼ 13X lower power and ∼ 5X lower area overhead than conventional cryptographic solutions.

  12. Processing multilevel secure test and evaluation information

    Science.gov (United States)

    Hurlburt, George; Hildreth, Bradley; Acevedo, Teresa

    1994-07-01

    The Test and Evaluation Community Network (TECNET) is building a Multilevel Secure (MLS) system. This system features simultaneous access to classified and unclassified information and easy access through widely available communications channels. It provides the necessary separation of classification levels, assured through the use of trusted system design techniques, security assessments and evaluations. This system enables cleared T&E users to view and manipulate classified and unclassified information resources either using a single terminal interface or multiple windows in a graphical user interface. TECNET is in direct partnership with the National Security Agency (NSA) to develop and field the MLS TECNET capability in the near term. The centerpiece of this partnership is a state-of-the-art Concurrent Systems Security Engineering (CSSE) process. In developing the MLS TECNET capability, TECNET and NSA are providing members, with various expertise and diverse backgrounds, to participate in the CSSE process. The CSSE process is founded on the concepts of both Systems Engineering and Concurrent Engineering. Systems Engineering is an interdisciplinary approach to evolve and verify an integrated and life cycle balanced set of system product and process solutions that satisfy customer needs (ASD/ENS-MIL STD 499B 1992). Concurrent Engineering is design and development using the simultaneous, applied talents of a diverse group of people with the appropriate skills. Harnessing diverse talents to support CSSE requires active participation by team members in an environment that both respects and encourages diversity.

  13. Multi-Level Security Cannot Realise NEC Objectives

    NARCIS (Netherlands)

    Schotanus, H.A.; Hartog, T.; Verkoelen, C.A.A.

    2012-01-01

    Multi-Level Security (MLS) is often viewed as the holy grail of information security, especially in those environments where information of different classifications is being processed. In this paper we argue that MLS cannot facilitate the right balance between need-to-protect and duty-to-share as

  14. AUTOMATING THE DATA SECURITY PROCESS

    OpenAIRE

    Florin Ogigau-Neamtiu

    2017-01-01

    Contemporary organizations face big data security challenges in the cyber environment due to modern threats and actual business working model which relies heavily on collaboration, data sharing, tool integration, increased mobility, etc. The nowadays data classification and data obfuscation selection processes (encryption, masking or tokenization) suffer because of the human implication in the process. Organizations need to shirk data security domain by classifying information based on its...

  15. Gender classification under extended operating conditions

    Science.gov (United States)

    Rude, Howard N.; Rizki, Mateen

    2014-06-01

    Gender classification is a critical component of a robust image security system. Many techniques exist to perform gender classification using facial features. In contrast, this paper explores gender classification using body features extracted from clothed subjects. Several of the most effective types of features for gender classification identified in literature were implemented and applied to the newly developed Seasonal Weather And Gender (SWAG) dataset. SWAG contains video clips of approximately 2000 samples of human subjects captured over a period of several months. The subjects are wearing casual business attire and outer garments appropriate for the specific weather conditions observed in the Midwest. The results from a series of experiments are presented that compare the classification accuracy of systems that incorporate various types and combinations of features applied to multiple looks at subjects at different image resolutions to determine a baseline performance for gender classification.

  16. Engineering Trade-off Considerations Regarding Design-for-Security, Design-for-Verification, and Design-for-Test

    Science.gov (United States)

    Berg, Melanie; Label, Kenneth

    2018-01-01

    The United States government has identified that application specific integrated circuit (ASIC) and field programmable gate array (FPGA) hardware are at risk from a variety of adversary attacks. This finding affects system security and trust. Consequently, processes are being developed for system mitigation and countermeasure application. The scope of this tutorial pertains to potential vulnerabilities and countermeasures within the ASIC/FPGA design cycle. The presentation demonstrates how design practices can affect the risk for the adversary to: change circuitry, steal intellectual property, and listen to data operations. An important portion of the design cycle is assuring the design is working as specified or as expected. This is accomplished by exhaustive testing of the target design. Alternatively, it has been shown that well established schemes for test coverage enhancement (design-for-verification (DFV) and design-for-test (DFT)) can create conduits for adversary accessibility. As a result, it is essential to perform a trade between robust test coverage versus reliable design implementation. The goal of this tutorial is to explain the evolution of design practices; review adversary accessibility points due to DFV and DFT circuitry insertion (back door circuitry); and to describe common engineering trade-off considerations for test versus adversary threats.

  17. Multimedia security watermarking, steganography, and forensics

    CERN Document Server

    Shih, Frank Y

    2012-01-01

    Multimedia Security: Watermarking, Steganography, and Forensics outlines essential principles, technical information, and expert insights on multimedia security technology used to prove that content is authentic and has not been altered. Illustrating the need for improved content security as the Internet and digital multimedia applications rapidly evolve, this book presents a wealth of everyday protection application examples in fields including multimedia mining and classification, digital watermarking, steganography, and digital forensics. Giving readers an in-depth overview of different asp

  18. CLASSIFICATION AND COMPLEX STATE VALUE OF SHOPPING CENTERS: PROJECT-ORIENTED APPROACH

    Directory of Open Access Journals (Sweden)

    Юрій Павлович РАК

    2016-02-01

    Full Text Available Was done the analysis of projects objects of trade and entertainment centers from the perspective of improving the life safety and is proposed the definition of "Trade and entertainment center", "Trade and entertainment center" and "Complex value of trade and entertainment center." A classification of shopping centers on the classification criteria and the criteria are characterized by increased security status and attractiveness of their operation. The classification of trade and entertainment centers on the criteria of classification features were made. It characterizes the security situation and will increase the attractiveness of their operation. In the nearest future the most secure and modern TEC will be those buildings who will have unique qualities such as safety systems, excellent customer service, and thus by a high level of trust (the client to the mall. The important role will play those TEC, who have clearly formed value oriented project management, including communication values using innovative methods and models. Trade and entertainment centers as an organization are included in the complex process of interaction management. They being both as an enterprise that serves the public and satisfying a great range of his interests and architectural site, which is leased and increases the business attractiveness of the district of TEC location. This duality of the essence of TEC center makes difficult to assess the effectiveness of its security.

  19. Emotion models for textual emotion classification

    Science.gov (United States)

    Bruna, O.; Avetisyan, H.; Holub, J.

    2016-11-01

    This paper deals with textual emotion classification which gained attention in recent years. Emotion classification is used in user experience, product evaluation, national security, and tutoring applications. It attempts to detect the emotional content in the input text and based on different approaches establish what kind of emotional content is present, if any. Textual emotion classification is the most difficult to handle, since it relies mainly on linguistic resources and it introduces many challenges to assignment of text to emotion represented by a proper model. A crucial part of each emotion detector is emotion model. Focus of this paper is to introduce emotion models used for classification. Categorical and dimensional models of emotion are explained and some more advanced approaches are mentioned.

  20. Integration of the security systems in the architectural design of nuclear and important buildings in Egypt

    International Nuclear Information System (INIS)

    Algohary, S.

    2007-01-01

    The new and emerging threats to buildings and infrastructure which are faced by todays engineering design and facility management community in Egypt demand new approaches and solutions that are innovative and increasingly based on risk management principles. In the wake of the damage of Taba hotel in south Sinai (2004) and Sharm El-Sheik hotels in Egypt (July, 2005), there was a growing awareness of public vulnerability to terrorist attacks. This awareness leads to increase the expectations form and responsibilities of the architects, engineers and construction professionals This study reviews and assesses different types of threats to nuclear and important buildings. It identifies also the architectural design, vulnerability and risk management that can enhance security. It also introduces a new approach for integration of architectural design and security in nuclear and important buildings in Egypt. The results shows that escalating threats and risks to important buildings and infrastructures change the role of planners, architects, engineers and builders by increasing the focus on the importance of applying viable security principles to the building designs. Architects in Egypt can assume an important role in improving the life-safety features of important buildings by increasing and integrating new security principles and approaches to improve the security and performance of the buildings against man made disasters

  1. QKD-Based Secured Burst Integrity Design for Optical Burst Switched Networks

    Science.gov (United States)

    Balamurugan, A. M.; Sivasubramanian, A.; Parvathavarthini, B.

    2016-03-01

    The field of optical transmission has undergone numerous advancements and is still being researched mainly due to the fact that optical data transmission can be done at enormous speeds. It is quite evident that people prefer optical communication when it comes to large amount of data involving its transmission. The concept of switching in networks has matured enormously with several researches, architecture to implement and methods starting with Optical circuit switching to Optical Burst Switching. Optical burst switching is regarded as viable solution for switching bursts over networks but has several security vulnerabilities. However, this work exploited the security issues associated with Optical Burst Switching with respect to integrity of burst. This proposed Quantum Key based Secure Hash Algorithm (QKBSHA-512) with enhanced compression function design provides better avalanche effect over the conventional integrity algorithms.

  2. Safeguards and security by design (SSBD) for the domestic threat. Theft and sabotage

    International Nuclear Information System (INIS)

    DeMuth, Scott; Mullen, Mark; Pan, Paul

    2011-01-01

    In recent years, the Safeguards by Design (SBD) concept has received significant interest with respect to international (IAEA) safeguards objectives. However, less attention has been focused on the equally important topic of domestic (or national) Safeguards and Security by Design (SSBD), which addresses domestic requirements for material control and accounting (MC and A) and for physical protection, such as those of the Nuclear Regulatory Commission (NRC) in the United States. While international safeguards are concerned with detecting State diversion of nuclear material from peaceful uses to nuclear explosives purposes, domestic material control and accounting (MC and A) and physical protection are focused on non-State theft and sabotage. The International Atomic Energy Agency (IAEA) has described the Safeguards by Design (SBD) concept as an approach in which 'international safeguards are fully integrated into the design process of a new nuclear facility from the initial planning through design, construction, operation, and decommissioning.' This same concept is equally applicable to SSBD for domestic requirements. The United States Department of Energy (DOE) has initiated a project through its Office of Nuclear Energy (NE), and more specifically its Materials Protection, Accounting, and Control Technologies (MPACT) program, to develop a domestic SSBD discipline and methodology in parallel with similar efforts for international safeguards sponsored by the DOE Next Generation Safeguards Initiative (NGSI) and the IAEA. This paper identifies the key domestic safeguards and security requirements (i.e., MC and A and physical protection) and explains how and why Safeguards and Security by Design (SSBD) is important and beneficial for the design of future US nuclear energy systems. (author)

  3. Safeguards and security by design (SSBD) for the domestic threat - theft and sabotage

    International Nuclear Information System (INIS)

    Demuth, Scott F.; Mullen, Mark

    2011-01-01

    Safeguards by Design (SBD) is receiving significant interest with respect to international safeguards objectives. However, less attention has been focused on the equally important topic of domestic Safeguards and Security by Design (SSBD), which addresses requirements such as those of the Nuclear Regulatory Commission (NRC) in the United States. While international safeguards are concerned with detecting State diversion of nuclear material from peaceful to nuclear explosives purposes, domestic Material Protection, Control and Accounting measures (MPC and A) are focused on non-State theft and sabotage. The International Atomic Energy Agency (IAEA) has described the Safeguards by Design (SBD) concept as an approach in which 'international safeguards are fully integrated into the design process of a new nuclear facility from the initial planning through design, construction, operation, and decommissioning.' This same concept is equally applicable to SSBD for domestic requirements. The United States Department of Energy (DOE) has initiated a project through its Office of Nuclear Energy (NE) and more specifically its Fuel Cycle Research and Development (FCRD) program, to develop a domestic SSBD discipline and methodology in parallel with similar efforts sponsored by the DOE Next Generation Safeguards Initiative (NGSI) and the IAEA for international safeguards. This activity includes the participation of industry (through DOE-sponsored contracts) and DOE National Laboratories. This paper will identify the key domestic safeguards and security requirements (i.e. MC and A and physical protection) and explain how and why Safeguards and Security by Design (SSBD) is important and beneficial for the design of future US nuclear energy systems.

  4. Selection of security system design via games of imperfect information and multi-objective genetic algorithm

    International Nuclear Information System (INIS)

    Lins, Isis Didier; Rêgo, Leandro Chaves; Moura, Márcio das Chagas

    2013-01-01

    This work analyzes the strategic interaction between a defender and an intelligent attacker by means of a game and reliability framework involving a multi-objective approach and imperfect information so as to support decision-makers in choosing efficiently designed security systems. A multi-objective genetic algorithm is used to determine the optimal security system's configurations representing the tradeoff between the probability of a successful defense and the acquisition and operational costs. Games with imperfect information are considered, in which the attacker has limited knowledge about the actual security system. The types of security alternatives are readily observable, but the number of redundancies actually implemented in each security subsystem is not known. The proposed methodology is applied to an illustrative example considering power transmission lines in the Northeast of Brazil, which are often targets for attackers who aims at selling the aluminum conductors. The empirical results show that the framework succeeds in handling this sort of strategic interaction. -- Highlights: ► Security components must have feasible costs and must be reliable. ► The optimal design of security systems considers a multi-objective approach. ► Games of imperfect information enable the choice of non-dominated configurations. ► MOGA, reliability and games support the entire defender's decision process. ► The selection of effective security systems may discourage attacker's actions

  5. Verified by Visa and MasterCard SecureCode: Or, How Not to Design Authentication

    Science.gov (United States)

    Murdoch, Steven J.; Anderson, Ross

    Banks worldwide are starting to authenticate online card transactions using the '3-D Secure' protocol, which is branded as Verified by Visa and MasterCard SecureCode. This has been partly driven by the sharp increase in online fraud that followed the deployment of EMV smart cards for cardholder-present payments in Europe and elsewhere. 3-D Secure has so far escaped academic scrutiny; yet it might be a textbook example of how not to design an authentication protocol. It ignores good design principles and has significant vulnerabilities, some of which are already being exploited. Also, it provides a fascinating lesson in security economics. While other single sign-on schemes such as OpenID, InfoCard and Liberty came up with decent technology they got the economics wrong, and their schemes have not been adopted. 3-D Secure has lousy technology, but got the economics right (at least for banks and merchants); it now boasts hundreds of millions of accounts. We suggest a path towards more robust authentication that is technologically sound and where the economics would work for banks, merchants and customers - given a gentle regulatory nudge.

  6. Re-designing the PhEDEx Security Model

    Science.gov (United States)

    C-H, Huang; Wildish, T.; X, Zhang

    2014-06-01

    PhEDEx, the data-placement tool used by the CMS experiment at the LHC, was conceived in a more trusting time. The security model provided a safe environment for site agents and operators, but offerred little more protection than that. Data was not sufficiently protected against loss caused by operator error or software bugs or by deliberate manipulation of the database. Operators were given high levels of access to the database, beyond what was actually needed to accomplish their tasks. This exposed them to the risk of suspicion should an incident occur. Multiple implementations of the security model led to difficulties maintaining code, which can lead to degredation of security over time. In order to meet the simultaneous goals of protecting CMS data, protecting the operators from undue exposure to risk, increasing monitoring capabilities and improving maintainability of the security model, the PhEDEx security model was redesigned and re-implemented. Security was moved from the application layer into the database itself, fine-grained access roles were established, and tools and procedures created to control the evolution of the security model over time. In this paper we describe this work, we describe the deployment of the new security model, and we show how these enhancements improve security on several fronts simultaneously.

  7. Re-designing the PhEDEx security model

    International Nuclear Information System (INIS)

    Huang C-H; Wildish, T; Zhang X

    2014-01-01

    PhEDEx, the data-placement tool used by the CMS experiment at the LHC, was conceived in a more trusting time. The security model provided a safe environment for site agents and operators, but offerred little more protection than that. Data was not sufficiently protected against loss caused by operator error or software bugs or by deliberate manipulation of the database. Operators were given high levels of access to the database, beyond what was actually needed to accomplish their tasks. This exposed them to the risk of suspicion should an incident occur. Multiple implementations of the security model led to difficulties maintaining code, which can lead to degredation of security over time. In order to meet the simultaneous goals of protecting CMS data, protecting the operators from undue exposure to risk, increasing monitoring capabilities and improving maintainability of the security model, the PhEDEx security model was redesigned and re-implemented. Security was moved from the application layer into the database itself, fine-grained access roles were established, and tools and procedures created to control the evolution of the security model over time. In this paper we describe this work, we describe the deployment of the new security model, and we show how these enhancements improve security on several fronts simultaneously.

  8. Classification of refrigerants; Classification des fluides frigorigenes

    Energy Technology Data Exchange (ETDEWEB)

    NONE

    2001-07-01

    This document was made from the US standard ANSI/ASHRAE 34 published in 2001 and entitled 'designation and safety classification of refrigerants'. This classification allows to clearly organize in an international way the overall refrigerants used in the world thanks to a codification of the refrigerants in correspondence with their chemical composition. This note explains this codification: prefix, suffixes (hydrocarbons and derived fluids, azeotropic and non-azeotropic mixtures, various organic compounds, non-organic compounds), safety classification (toxicity, flammability, case of mixtures). (J.S.)

  9. Advanced Geophysical Classification with the Marine Towed Array

    Science.gov (United States)

    Steinhurst, D.; Harbaugh, G.; Keiswetter, D.; Bell, T. W.; Massey, G.; Wright, D.

    2017-12-01

    The Marine Towed Array, or MTA, is an underwater dual-mode sensor array that has been successfully deployed at multiple marine venues in support of Strategic Environmental Research and Development Program (SERDP) and Environmental Security Technology Certification Program (ESTCP) demonstrations beginning in 2004. It provided both marine electromagnetic and marine magnetic sensors for detection and mapping of underwater UXO. The EMI sensor array was based on older technology, which in several ESTCP demonstrations has not been able to support advanced geophysical classification (AGC). Under ESTCP funding, the U.S. Naval Research Laboratory is in the process of upgrading the MTA with modern, advanced electromagnetic (EMI) electronics and replacing the sensor array with a modern, multistatic array design. A half-scale version of the proposed array has been built and tested on land. Six tri-axial receiver cubes were placed inside two- and three- transmit coil configurations in equivalent positions to design locations for the MTA wing. The responses of a variety of munitions items and test spheres were measured over a range of target-to-array geometries and in both static and simulated dynamic data collection modes. The multi-transmit coil configuration was shown to provide enhanced single-pass classification performance over the original single coil design, particularly as a function of target location relative to the centerline. The ability to go beyond anomaly detection and additionally classify detected anomalies from survey data would dramatically improve the state of the art for underwater UXO remediation by reducing costs and improving the efficiency of these efforts. The results of our efforts to return the MTA to service and validating the new EMI array's design for UXO detection and classification in the underwater environment will be the focus of this presentation.

  10. Design impacts of safeguards and security requirements for a US MOX fuel fabrication facility

    International Nuclear Information System (INIS)

    Erkkila, B.H.; Rinard, P.M.; Thomas, K.E.; Zack, N.R.; Jaeger, C.D.

    1998-01-01

    The disposition of plutonium that is no longer required for the nation's defense is being structured to mitigate risks associated with the material's availability. In the 1997 Record of Decision, the US Government endorsed a dual-track approach that could employ domestic commercial reactors to effect the disposition of a portion of the plutonium in the form of mixed oxide (MOX) reactor fuels. To support this decision, the Office of Materials Disposition requested preparation of a document that would review US requirements for safeguards and security and describe their impact on the design of a MOX fuel fabrication facility. The intended users are potential bidders for the construction and operation of the facility. The document emphasizes the relevant DOE Orders but also considers the Nuclear Regulatory Commission (NRC) requirements. Where they are significantly different, the authors have highlighted this difference and provided guidance on the impact to the facility design. Finally, the impacts of International Atomic Energy Agency (IAEA) safeguards on facility design are discussed. Security and materials control and accountability issues that influence facility design are emphasized in each area of discussion. This paper will discuss the prepared report and the issues associated with facility design for implementing practical, modern safeguards and security systems into a new MOX fuel fabrication facility

  11. Secure, Mobile, Wireless Network Technology Designed, Developed, and Demonstrated

    Science.gov (United States)

    Ivancic, William D.; Paulsen, Phillip E.

    2004-01-01

    The inability to seamlessly disseminate data securely over a high-integrity, wireless broadband network has been identified as a primary technical barrier to providing an order-of-magnitude increase in aviation capacity and safety. Secure, autonomous communications to and from aircraft will enable advanced, automated, data-intensive air traffic management concepts, increase National Air Space (NAS) capacity, and potentially reduce the overall cost of air travel operations. For the first time ever, secure, mobile, network technology was designed, developed, and demonstrated with state-ofthe- art protocols and applications by a diverse, cooperative Government-industry team led by the NASA Glenn Research Center. This revolutionary technology solution will make fundamentally new airplane system capabilities possible by enabling secure, seamless network connections from platforms in motion (e.g., cars, ships, aircraft, and satellites) to existing terrestrial systems without the need for manual reconfiguration. Called Mobile Router, the new technology autonomously connects and configures networks as they traverse from one operating theater to another. The Mobile Router demonstration aboard the Neah Bay, a U.S. Coast Guard vessel stationed in Cleveland, Ohio, accomplished secure, seamless interoperability of mobile network systems across multiple domains without manual system reconfiguration. The Neah Bay was chosen because of its low cost and communications mission similarity to low-Earth-orbiting satellite platforms. This technology was successfully advanced from technology readiness level (TRL) 2 (concept and/or application formation) to TRL 6 (system model or prototype demonstration in a relevant environment). The secure, seamless interoperability offered by the Mobile Router and encryption device will enable several new, vehicle-specific and systemwide technologies to perform such things as remote, autonomous aircraft performance monitoring and early detection and

  12. A Multilevel Secure Workflow Management System

    National Research Council Canada - National Science Library

    Kang, Myong H; Froscher, Judith N; Sheth, Amit P; Kochut, Krys J; Miller, John A

    1999-01-01

    The Department of Defense (DoD) needs multilevel secure (MLS) workflow management systems to enable globally distributed users and applications to cooperate across classification levels to achieve mission critical goals...

  13. Design of secure digital communication systems using chaotic modulation, cryptography and chaotic synchronization

    International Nuclear Information System (INIS)

    Chien, T.-I.; Liao, T.-L.

    2005-01-01

    This paper presents a secure digital communication system based on chaotic modulation, cryptography, and chaotic synchronization techniques. The proposed system consists of a Chaotic Modulator (CM), a Chaotic Secure Transmitter (CST), a Chaotic Secure Receiver (CSR) and a Chaotic Demodulator (CDM). The CM module incorporates a chaotic system and a novel Chaotic Differential Peaks Keying (CDPK) modulation scheme to generate analog patterns corresponding to the input digital bits. The CST and CSR modules are designed such that a single scalar signal is transmitted in the public channel. Furthermore, by giving certain structural conditions of a particular class of chaotic system, the CST and the nonlinear observer-based CSR with an appropriate observer gain are constructed to synchronize with each other. These two slave systems are driven simultaneously by the transmitted signal and are designed to synchronize and generate appropriate cryptography keys for encryption and decryption purposes. In the CDM module, a nonlinear observer is designed to estimate the chaotic modulating system in the CM. A demodulation mechanism is then applied to decode the transmitted input digital bits. The effectiveness of the proposed scheme is demonstrated through the numerical simulation of an illustrative communication system. Synchronization between the chaotic circuits of the transmitter and receiver modules is guaranteed through the Lyapunov stability theorem. Finally, the security features of the proposed system in the event of attack by an intruder in either the time domain or the frequency domain are discussed

  14. Ionic Liquids in Polymer Design: From Energy to Health

    Science.gov (United States)

    2016-10-19

    of Papers published in non peer- reviewed journals: Final Report: Ionic Liquids in Polymer Design: From Energy to Health Report Title ACS Symposium...SECURITY CLASSIFICATION OF: ACS Symposium: Ionic Liquids in Polymer Design: From Energy to Health at Fall 2015 ACS Meeting in Boston, MA The...combination of ionic liquids and polymers has emerged as an active field of exploration in polymer science, where new materials have be realized for

  15. Real Time MODBUS Transmissions and Cryptography Security Designs and Enhancements of Protocol Sensitive Information

    Directory of Open Access Journals (Sweden)

    Aamir Shahzad

    2015-07-01

    Full Text Available Information technology (IT security has become a major concern due to the growing demand for information and massive development of client/server applications for various types of applications running on modern IT infrastructure. How has security been taken into account and which paradigms are necessary to minimize security issues while increasing efficiency, reducing the influence on transmissions, ensuring protocol independency and achieving substantial performance? We have found cryptography to be an absolute security mechanism for client/server architectures, and in this study, a new security design was developed with the MODBUS protocol, which is considered to offer phenomenal performance for future development and enhancement of real IT infrastructure. This study is also considered to be a complete development because security is tested in almost all ways of MODBUS communication. The computed measurements are evaluated to validate the overall development, and the results indicate a substantial improvement in security that is differentiated from conventional methods.

  16. Network systems security analysis

    Science.gov (United States)

    Yilmaz, Ä.°smail

    2015-05-01

    Network Systems Security Analysis has utmost importance in today's world. Many companies, like banks which give priority to data management, test their own data security systems with "Penetration Tests" by time to time. In this context, companies must also test their own network/server systems and take precautions, as the data security draws attention. Based on this idea, the study cyber-attacks are researched throughoutly and Penetration Test technics are examined. With these information on, classification is made for the cyber-attacks and later network systems' security is tested systematically. After the testing period, all data is reported and filed for future reference. Consequently, it is found out that human beings are the weakest circle of the chain and simple mistakes may unintentionally cause huge problems. Thus, it is clear that some precautions must be taken to avoid such threats like updating the security software.

  17. The Curious National Security Pendulum: Openness and/or Censorship.

    Science.gov (United States)

    Marwick, Christine M.

    1979-01-01

    Lawsuits illustrate the increasing concern over national security in regulating the security classification system, and government attitudes toward information have shifted from secrecy to openness to censorship. The Central Intelligence Agency's suppression of unclassified printed information is a case in point. (SW)

  18. Maritime Cyber Security University Research: Phase 1

    Science.gov (United States)

    2016-05-01

    i Classification | CG-926 RDC | author | audience | month year Maritime Cyber Security University Research Phase I - Final Report...Appendices Distribution Statement A: Approved for public release; distribution is unlimited. May 2016 Report No. CG-D-07-16 Maritime ...Macesker Executive Director United States Coast Guard Research & Development Center 1 Chelsea Street New London, CT 06320 Maritime Cyber Security

  19. 15 CFR 4a.2 - Deputy Assistant Secretary for Security.

    Science.gov (United States)

    2010-01-01

    ... 15 Commerce and Foreign Trade 1 2010-01-01 2010-01-01 false Deputy Assistant Secretary for Security. 4a.2 Section 4a.2 Commerce and Foreign Trade Office of the Secretary of Commerce CLASSIFICATION... Security. The Deputy Assistant Secretary for Security (DAS) is responsible for implementing E.O. 12958 and...

  20. Integrating Programming Language and Operating System Information Security Mechanisms

    Science.gov (United States)

    2016-08-31

    suggestions for reducing the burden, to the Department of Defense, Executive Service Directorate (0704-0188). Respondents should be aware that...improve the precision of security enforcement, and to provide greater assurance of information security. This grant focuses on two key projects: language...based control of authority; and formal guarantees for the correctness of audit information. 15. SUBJECT TERMS 16. SECURITY CLASSIFICATION OF: 17

  1. Data security and risk assessment in cloud computing

    Directory of Open Access Journals (Sweden)

    Li Jing

    2018-01-01

    Full Text Available Cloud computing has attracted more and more attention as it reduces the cost of IT infrastructure of organizations. In our country, business Cloud services, such as Alibaba Cloud, Huawei Cloud, QingCloud, UCloud and so on are gaining more and more uses, especially small or median organizations. In the cloud service scenario, the program and data are migrating into cloud, resulting the lack of trust between customers and cloud service providers. However, the recent study on Cloud computing is mainly focused on the service side, while the data security and trust have not been sufficiently studied yet. This paper investigates into the data security issues from data life cycle which includes five steps when an organization uses Cloud computing. A data management framework is given out, including not only the data classification but also the risk management framework. Concretely, the data is divided into two varieties, business and personal information. And then, four classification levels (high, medium, low, normal according to the different extent of the potential adverse effect is introduced. With the help of classification, the administrators can identify the application or data to implement corresponding security controls. At last, the administrators conduct the risk assessment to alleviate the risk of data security. The trust between customers and cloud service providers will be strengthen through this way.

  2. Security challenges in designing I and C systems for nuclear power plant

    International Nuclear Information System (INIS)

    Behera, Rajendra Prasad; Jayanthi, T.; Madhusoodanan, K.; Satya Murty, S.A.V.

    2016-01-01

    Geographically distributed instrumentation and control (I and C) systems in any nuclear power plant (NPP) facilitate the operator with remote access to real-time data and issue supervisory command to remote control devices deployed in the field. The increased connectivity to plant communication network has exposed I and C systems to security vulnerabilities both in terms of physical and logical access. For example, denial-of service and fault induction attack can disrupt the operation of I and C systems by delaying or blocking the flow of data through plant communication network. The design process of I and C system is quite challenging since an engineer has to consider both safety and security features implemented in hardware and software components of the system. This paper analyzes attack taxonomy based on available data and presents Security Tree Analysis (STA) technique towards building safe and secures I and C systems for Nuclear Power Plant. (author)

  3. Safeguards and security design guidelines for conceptual monitored retrievable storage (MRS) facilities

    International Nuclear Information System (INIS)

    Byers, K.R.; Clark, R.G.; Harms, N.L.; Roberts, F.P.

    1984-07-01

    Existing safeguards/security regulations and licensing requirements that may be applicable to an MRS facility are not currently well-defined. Protection requirements consistent with the NRC-graded safeguards approach are identified, as a baseline safeguards system with a comparison of the impacts on safeguards and security of salient features of the different storage concepts. In addition, MRS facility design features and operational considerations are proposed that would enhance facility protection and provide additional assurance that protection systems and procedures would be effectively implemented. 3 figures

  4. The German electricity market. Does the present market design provide security of supply?

    International Nuclear Information System (INIS)

    Janssen, Matthias; Peichert, Patrick; Perner, Jens; Riechmann, Christoph; Niedrig, Thomas

    2014-01-01

    A heated discussion is being waged in Germany and large parts of Europe over the introduction of what are referred to as capacity mechanisms, whose purpose is to provide security of supply in the electricity sector. In this context two consulting firms have undertaken a both qualitative and quantitative study of the fitness of the present market design, which is based on the ''Energy-Only Market'' (EOM), to provide security of supply in the German electricity market. The authors come to the conclusion that, if suitably framed, the EOM can continue to provide a secure electricity supply in accordance with consumer preferences and at the lowest possible cost.

  5. 76 FR 46907 - Ammonium Nitrate Security Program

    Science.gov (United States)

    2011-08-03

    ... Maritime Transportation Security Act NAICS North American Industrial Classification System NPRM Notice of.... Commenters noted, for example, that equipment used for transporting bulk ammonium nitrate, such as hoppers...

  6. 8 CFR 245.11 - Adjustment of aliens in S nonimmigrant classification.

    Science.gov (United States)

    2010-01-01

    ... 8 Aliens and Nationality 1 2010-01-01 2010-01-01 false Adjustment of aliens in S nonimmigrant classification. 245.11 Section 245.11 Aliens and Nationality DEPARTMENT OF HOMELAND SECURITY IMMIGRATION... aliens in S nonimmigrant classification. (a) Eligibility. An application on Form I-854, requesting that...

  7. 8 CFR 245.23 - Adjustment of aliens in T nonimmigrant classification.

    Science.gov (United States)

    2010-01-01

    ... 8 Aliens and Nationality 1 2010-01-01 2010-01-01 false Adjustment of aliens in T nonimmigrant classification. 245.23 Section 245.23 Aliens and Nationality DEPARTMENT OF HOMELAND SECURITY IMMIGRATION... aliens in T nonimmigrant classification. (a) Eligibility of principal T-1 applicants. Except as described...

  8. Application of Framework for Integrating Safety, Security and Safeguards (3Ss) into the Design Of Used Nuclear Fuel Storage Facility

    Energy Technology Data Exchange (ETDEWEB)

    Badwan, Faris M. [Los Alamos National Lab. (LANL), Los Alamos, NM (United States); Demuth, Scott F [Los Alamos National Lab. (LANL), Los Alamos, NM (United States)

    2015-01-06

    Department of Energy’s Office of Nuclear Energy, Fuel Cycle Research and Development develops options to the current commercial fuel cycle management strategy to enable the safe, secure, economic, and sustainable expansion of nuclear energy while minimizing proliferation risks by conducting research and development focused on used nuclear fuel recycling and waste management to meet U.S. needs. Used nuclear fuel is currently stored onsite in either wet pools or in dry storage systems, with disposal envisioned in interim storage facility and, ultimately, in a deep-mined geologic repository. The safe management and disposition of used nuclear fuel and/or nuclear waste is a fundamental aspect of any nuclear fuel cycle. Integrating safety, security, and safeguards (3Ss) fully in the early stages of the design process for a new nuclear facility has the potential to effectively minimize safety, proliferation, and security risks. The 3Ss integration framework could become the new national and international norm and the standard process for designing future nuclear facilities. The purpose of this report is to develop a framework for integrating the safety, security and safeguards concept into the design of Used Nuclear Fuel Storage Facility (UNFSF). The primary focus is on integration of safeguards and security into the UNFSF based on the existing Nuclear Regulatory Commission (NRC) approach to addressing the safety/security interface (10 CFR 73.58 and Regulatory Guide 5.73) for nuclear power plants. The methodology used for adaptation of the NRC safety/security interface will be used as the basis for development of the safeguards /security interface and later will be used as the basis for development of safety and safeguards interface. Then this will complete the integration cycle of safety, security, and safeguards. The overall methodology for integration of 3Ss will be proposed, but only the integration of safeguards and security will be applied to the design of the

  9. Design and realization of a network security model

    OpenAIRE

    WANG, Jiahai; HAN, Fangxi; Tang, Zheng; TAMURA, Hiroki; Ishii, Masahiro

    2002-01-01

    The security of information is a key problem in the development of network technology. The basic requirements of security of information clearly include confidentiality, integrity, authentication and non-repudiation. This paper proposes a network security model that is composed of security system, security connection and communication, and key management. The model carries out encrypting, decrypting, signature and ensures confidentiality, integrity, authentication and non-repudiation. Finally...

  10. Attack Classification Schema for Smart City WSNs.

    Science.gov (United States)

    Garcia-Font, Victor; Garrigues, Carles; Rifà-Pous, Helena

    2017-04-05

    Urban areas around the world are populating their streets with wireless sensor networks (WSNs) in order to feed incipient smart city IT systems with metropolitan data. In the future smart cities, WSN technology will have a massive presence in the streets, and the operation of municipal services will be based to a great extent on data gathered with this technology. However, from an information security point of view, WSNs can have failures and can be the target of many different types of attacks. Therefore, this raises concerns about the reliability of this technology in a smart city context. Traditionally, security measures in WSNs have been proposed to protect specific protocols in an environment with total control of a single network. This approach is not valid for smart cities, as multiple external providers deploy a plethora of WSNs with different security requirements. Hence, a new security perspective needs to be adopted to protect WSNs in smart cities. Considering security issues related to the deployment of WSNs as a main data source in smart cities, in this article, we propose an intrusion detection framework and an attack classification schema to assist smart city administrators to delimit the most plausible attacks and to point out the components and providers affected by incidents. We demonstrate the use of the classification schema providing a proof of concept based on a simulated selective forwarding attack affecting a parking and a sound WSN.

  11. Attack Classification Schema for Smart City WSNs

    Directory of Open Access Journals (Sweden)

    Victor Garcia-Font

    2017-04-01

    Full Text Available Urban areas around the world are populating their streets with wireless sensor networks (WSNs in order to feed incipient smart city IT systems with metropolitan data. In the future smart cities, WSN technology will have a massive presence in the streets, and the operation of municipal services will be based to a great extent on data gathered with this technology. However, from an information security point of view, WSNs can have failures and can be the target of many different types of attacks. Therefore, this raises concerns about the reliability of this technology in a smart city context. Traditionally, security measures in WSNs have been proposed to protect specific protocols in an environment with total control of a single network. This approach is not valid for smart cities, as multiple external providers deploy a plethora of WSNs with different security requirements. Hence, a new security perspective needs to be adopted to protect WSNs in smart cities. Considering security issues related to the deployment of WSNs as a main data source in smart cities, in this article, we propose an intrusion detection framework and an attack classification schema to assist smart city administrators to delimit the most plausible attacks and to point out the components and providers affected by incidents. We demonstrate the use of the classification schema providing a proof of concept based on a simulated selective forwarding attack affecting a parking and a sound WSN.

  12. A cyber security risk assessment for the design of I and C system in nuclear power plants

    International Nuclear Information System (INIS)

    Song, Jae Gu; Lee, Jung Woon; Lee, Cheal Kwon; Kwon, Kee Choon; Lee, Dong Young

    2012-01-01

    The applications of computers and communication system and network technologies in nuclear power plants have expanded recently. This application of digital technologies to the instrumentation and control systems of nuclear power plants brings with it the cyber security concerns similar to other critical infrastructures. Cyber security risk assessments for digital instrumentation and control systems have become more crucial in the development of new systems and in the operation of existing systems. Although the instrumentation and control systems of nuclear power plants are similar to industrial control systems, the former have specifications that differ from the latter in terms of architecture and function, in order to satisfy nuclear safety requirements, which need different methods for the application of cyber security risk assessment. In this paper, the characteristics of nuclear power plant instrumentation and control systems are described, and the considerations needed when conducting cyber security risk assessments in accordance with the life cycle process of instrumentation and control systems are discussed. For cyber security risk assessments of instrumentation and control systems, the activities and considerations necessary for assessments during the system design phase or component design and equipment supply phase are presented in the following 6 steps: 1) System Identification and Cyber Security Modeling, 2) Asset and Impact Analysis, 3) Threat Analysis, 4) Vulnerability Analysis, 5) Security Control Design, and 6) Penetration test. The results from an application of the method to a digital reactor protection system are described.

  13. A cyber security risk assessment for the design of I and C system in nuclear power plants

    Energy Technology Data Exchange (ETDEWEB)

    Song, Jae Gu; Lee, Jung Woon; Lee, Cheal Kwon; Kwon, Kee Choon; Lee, Dong Young [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

    2012-12-15

    The applications of computers and communication system and network technologies in nuclear power plants have expanded recently. This application of digital technologies to the instrumentation and control systems of nuclear power plants brings with it the cyber security concerns similar to other critical infrastructures. Cyber security risk assessments for digital instrumentation and control systems have become more crucial in the development of new systems and in the operation of existing systems. Although the instrumentation and control systems of nuclear power plants are similar to industrial control systems, the former have specifications that differ from the latter in terms of architecture and function, in order to satisfy nuclear safety requirements, which need different methods for the application of cyber security risk assessment. In this paper, the characteristics of nuclear power plant instrumentation and control systems are described, and the considerations needed when conducting cyber security risk assessments in accordance with the life cycle process of instrumentation and control systems are discussed. For cyber security risk assessments of instrumentation and control systems, the activities and considerations necessary for assessments during the system design phase or component design and equipment supply phase are presented in the following 6 steps: 1) System Identification and Cyber Security Modeling, 2) Asset and Impact Analysis, 3) Threat Analysis, 4) Vulnerability Analysis, 5) Security Control Design, and 6) Penetration test. The results from an application of the method to a digital reactor protection system are described.

  14. AUTOMATING THE DATA SECURITY PROCESS

    Directory of Open Access Journals (Sweden)

    Florin Ogigau-Neamtiu

    2017-11-01

    Full Text Available Contemporary organizations face big data security challenges in the cyber environment due to modern threats and actual business working model which relies heavily on collaboration, data sharing, tool integration, increased mobility, etc. The nowadays data classification and data obfuscation selection processes (encryption, masking or tokenization suffer because of the human implication in the process. Organizations need to shirk data security domain by classifying information based on its importance, conduct risk assessment plans and use the most cost effective data obfuscation technique. The paper proposes a new model for data protection by using automated machine decision making procedures to classify data and to select the appropriate data obfuscation technique. The proposed system uses natural language processing capabilities to analyze input data and to select the best course of action. The system has capabilities to learn from previous experiences thus improving itself and reducing the risk of wrong data classification.

  15. A Critical assesment of IS Security Research Between 1990-2004

    DEFF Research Database (Denmark)

    Willison, Robert Andrew; Siponen, Mikko

    This paper reviews the IS security literature for the period 1990-2004. More specifically three security journals and the top twenty IS journals were examined. In total 1280 papers were analysed in terms of theories, research methods and research topics. Our research found that 1043 of the papers...... with fourteen of these topics totaling 71.05% of the articles. This papers offers implications for future research directions on IS security, scholars to publish IS security research, tenure practice, and IS security classification schemas....

  16. Android apps security

    CERN Document Server

    Gunasekera, Sheran

    2012-01-01

    Android Apps Security provides guiding principles for how to best design and develop Android apps with security in mind. It explores concepts that can be used to secure apps and how developers can use and incorporate these security features into their apps. This book will provide developers with the information they need to design useful, high-performing, and secure apps that expose end-users to as little risk as possible.  Overview of Android OS versions, features, architecture and security.  Detailed examination of areas where attacks on applications can take place and what controls should b

  17. Security of Color Image Data Designed by Public-Key Cryptosystem Associated with 2D-DWT

    Science.gov (United States)

    Mishra, D. C.; Sharma, R. K.; Kumar, Manish; Kumar, Kuldeep

    2014-08-01

    In present times the security of image data is a major issue. So, we have proposed a novel technique for security of color image data by public-key cryptosystem or asymmetric cryptosystem. In this technique, we have developed security of color image data using RSA (Rivest-Shamir-Adleman) cryptosystem with two-dimensional discrete wavelet transform (2D-DWT). Earlier proposed schemes for security of color images designed on the basis of keys, but this approach provides security of color images with the help of keys and correct arrangement of RSA parameters. If the attacker knows about exact keys, but has no information of exact arrangement of RSA parameters, then the original information cannot be recovered from the encrypted data. Computer simulation based on standard example is critically examining the behavior of the proposed technique. Security analysis and a detailed comparison between earlier developed schemes for security of color images and proposed technique are also mentioned for the robustness of the cryptosystem.

  18. How well do the rosgen classification and associated "natural channel design" methods integrate and quantify fluvial processes and channel response?

    Science.gov (United States)

    Simon, A.; Doyle, M.; Kondolf, M.; Shields, F.D.; Rhoads, B.; Grant, G.; Fitzpatrick, F.; Juracek, K.; McPhillips, M.; MacBroom, J.

    2005-01-01

    Over the past 10 years the Rosgen classification system and its associated methods of "natural channel design" have become synonymous (to many without prior knowledge of the field) with the term "stream restoration" and the science of fluvial geomorphology. Since the mid 1990s, this classification approach has become widely, and perhaps dominantly adopted by governmental agencies, particularly those funding restoration projects. For example, in a request for proposals for the restoration of Trout Creek in Montana, the Natural Resources Conservation Service required "experience in the use and application of a stream classification system and its implementation." Similarly, classification systems have been used in evaluation guides for riparian areas and U.S. Forest Service management plans. Most notably, many highly trained geomorphologists and hydraulic engineers are often held suspect, or even thought incorrect, if their approach does not include reference to or application of a classification system. This, combined with the para-professional training provided by some involved in "natural channel design" empower individuals and groups with limited backgrounds in stream and watershed sciences to engineer wholesale re-patterning of stream reaches using 50-year old technology that was never intended for engineering design. At Level I, the Rosgen classification system consists of eight or nine major stream types, based on hydraulic-geometry relations and four other measures of channel shape to distinguish the dimensions of alluvial stream channels as a function of the bankfull stage. Six classes of the particle size of the boundary sediments are used to further sub-divide each of the major stream types, resulting in 48 or 54 stream types. Aside from the difficulty in identifying bankfull stage, particularly in incising channels, and the issue of sampling from two distinct populations (beds and banks) to classify the boundary sediments, the classification provides a

  19. Designing and constructing/installing technical security countermeasures (TSCM) into supersensitive facilities

    International Nuclear Information System (INIS)

    Davis, D.L.

    1988-01-01

    The design and construction of supersensitive facilities and the installation of systems secure from technical surveillance and sabotage penetration involve ''TSCM'' in the broad sense of technical ''security'' countermeasures. When the technical threat was at a lower level of intensity and sophistication, it was common practice to defer TSCM to the future facility occupant. However, the New Moscow Embassy experience has proven this course of action subject to peril. Although primary concern with the embassy was audio surveillance, elsewhere there are other threats of equal or greater concern, e.g., technical implants may be used to monitor readiness status or interfere with the operation of C3I and weapons systems. Present and future technical penetration threats stretch the imagination. The Soviets have committed substantial hard scientific resources to a broad range of technical intelligence, even including applications or parapsychology. Countering these threats involves continuous TSCM precautions from initial planning to completion. Designs and construction/installation techniques must facilitate technical inspections and preclude the broadest range of known and suspected technical penetration efforts

  20. Designing and constructing/installing technical security countermeasures (TSCM) into supersensitive facilities

    Energy Technology Data Exchange (ETDEWEB)

    Davis, D.L.

    1988-01-01

    The design and construction of supersensitive facilities and the installation of systems secure from technical surveillance and sabotage penetration involve ''TSCM'' in the broad sense of technical ''security'' countermeasures. When the technical threat was at a lower level of intensity and sophistication, it was common practice to defer TSCM to the future facility occupant. However, the New Moscow Embassy experience has proven this course of action subject to peril. Although primary concern with the embassy was audio surveillance, elsewhere there are other threats of equal or greater concern, e.g., technical implants may be used to monitor readiness status or interfere with the operation of C3I and weapons systems. Present and future technical penetration threats stretch the imagination. The Soviets have committed substantial hard scientific resources to a broad range of technical intelligence, even including applications or parapsychology. Countering these threats involves continuous TSCM precautions from initial planning to completion. Designs and construction/installation techniques must facilitate technical inspections and preclude the broadest range of known and suspected technical penetration efforts.

  1. Sea ice classification using dual polarization SAR data

    International Nuclear Information System (INIS)

    Huiying, Liu; Huadong, Guo; Lu, Zhang

    2014-01-01

    Sea ice is an indicator of climate change and also a threat to the navigation security of ships. Polarimetric SAR images are useful in the sea ice detection and classification. In this paper, backscattering coefficients and texture features derived from dual polarization SAR images are used for sea ice classification. Firstly, the HH image is recalculated based on the angular dependences of sea ice types. Then the effective gray level co-occurrence matrix (GLCM) texture features are selected for the support vector machine (SVM) classification. In the end, because sea ice concentration can provide a better separation of pancake ice from old ice, it is used to improve the SVM result. This method provides a good classification result, compared with the sea ice chart from CIS

  2. 75 FR 33169 - Dental Devices: Classification of Dental Amalgam, Reclassification of Dental Mercury, Designation...

    Science.gov (United States)

    2010-06-11

    .... FDA-2008-N-0163] (formerly Docket No. 2001N-0067) RIN 0910-AG21 Dental Devices: Classification of Dental Amalgam, Reclassification of Dental Mercury, Designation of Special Controls for Dental Amalgam... the Federal Register of August 4, 2009 (74 FR 38686) which classified dental amalgam as a class II...

  3. Automatic modulation classification principles, algorithms and applications

    CERN Document Server

    Zhu, Zhechen

    2014-01-01

    Automatic Modulation Classification (AMC) has been a key technology in many military, security, and civilian telecommunication applications for decades. In military and security applications, modulation often serves as another level of encryption; in modern civilian applications, multiple modulation types can be employed by a signal transmitter to control the data rate and link reliability. This book offers comprehensive documentation of AMC models, algorithms and implementations for successful modulation recognition. It provides an invaluable theoretical and numerical comparison of AMC algo

  4. Secure steganography designed for mobile platforms

    Science.gov (United States)

    Agaian, Sos S.; Cherukuri, Ravindranath; Sifuentes, Ronnie R.

    2006-05-01

    Adaptive steganography, an intelligent approach to message hiding, integrated with matrix encoding and pn-sequences serves as a promising resolution to recent security assurance concerns. Incorporating the above data hiding concepts with established cryptographic protocols in wireless communication would greatly increase the security and privacy of transmitting sensitive information. We present an algorithm which will address the following problems: 1) low embedding capacity in mobile devices due to fixed image dimensions and memory constraints, 2) compatibility between mobile and land based desktop computers, and 3) detection of stego images by widely available steganalysis software [1-3]. Consistent with the smaller available memory, processor capabilities, and limited resolution associated with mobile devices, we propose a more magnified approach to steganography by focusing adaptive efforts at the pixel level. This deeper method, in comparison to the block processing techniques commonly found in existing adaptive methods, allows an increase in capacity while still offering a desired level of security. Based on computer simulations using high resolution, natural imagery and mobile device captured images, comparisons show that the proposed method securely allows an increased amount of embedding capacity but still avoids detection by varying steganalysis techniques.

  5. A Design Methodology for Computer Security Testing

    OpenAIRE

    Ramilli, Marco

    2013-01-01

    The field of "computer security" is often considered something in between Art and Science. This is partly due to the lack of widely agreed and standardized methodologies to evaluate the degree of the security of a system. This dissertation intends to contribute to this area by investigating the most common security testing strategies applied nowadays and by proposing an enhanced methodology that may be effectively applied to different threat scenarios with the same degree of effectiveness. ...

  6. While working around security

    DEFF Research Database (Denmark)

    Mathiasen, Niels Raabjerg; Bødker, Susanne; Petersen, Marianne Graves

    This paper describes our work at two levels. First of all the paper discusses how users of IT deal with issues of IT security in their everyday life. Secondly, we discuss how the kind of understanding of IT security that comes out of careful analyses of use confronts the ways in which usable...... IT security is established in the literature. Recent literature has called for better conceptual models as a starting point for improving IT security. In contrast to such models we propose to dress up designers by helping them better understand the work that goes into everyday security. The result...... is a methodological toolbox that helps address and design for usable and useful IT security. We deploy examples of analyses and design, carried out by ourselves and by others to fine-tune our design perspective; in particular we use examples from three current research projects....

  7. A Java-based tool for the design of classification microarrays

    Directory of Open Access Journals (Sweden)

    Broschat Shira L

    2008-08-01

    Full Text Available Abstract Background Classification microarrays are used for purposes such as identifying strains of bacteria and determining genetic relationships to understand the epidemiology of an infectious disease. For these cases, mixed microarrays, which are composed of DNA from more than one organism, are more effective than conventional microarrays composed of DNA from a single organism. Selection of probes is a key factor in designing successful mixed microarrays because redundant sequences are inefficient and limited representation of diversity can restrict application of the microarray. We have developed a Java-based software tool, called PLASMID, for use in selecting the minimum set of probe sequences needed to classify different groups of plasmids or bacteria. Results The software program was successfully applied to several different sets of data. The utility of PLASMID was illustrated using existing mixed-plasmid microarray data as well as data from a virtual mixed-genome microarray constructed from different strains of Streptococcus. Moreover, use of data from expression microarray experiments demonstrated the generality of PLASMID. Conclusion In this paper we describe a new software tool for selecting a set of probes for a classification microarray. While the tool was developed for the design of mixed microarrays–and mixed-plasmid microarrays in particular–it can also be used to design expression arrays. The user can choose from several clustering methods (including hierarchical, non-hierarchical, and a model-based genetic algorithm, several probe ranking methods, and several different display methods. A novel approach is used for probe redundancy reduction, and probe selection is accomplished via stepwise discriminant analysis. Data can be entered in different formats (including Excel and comma-delimited text, and dendrogram, heat map, and scatter plot images can be saved in several different formats (including jpeg and tiff. Weights

  8. A Java-based tool for the design of classification microarrays.

    Science.gov (United States)

    Meng, Da; Broschat, Shira L; Call, Douglas R

    2008-08-04

    Classification microarrays are used for purposes such as identifying strains of bacteria and determining genetic relationships to understand the epidemiology of an infectious disease. For these cases, mixed microarrays, which are composed of DNA from more than one organism, are more effective than conventional microarrays composed of DNA from a single organism. Selection of probes is a key factor in designing successful mixed microarrays because redundant sequences are inefficient and limited representation of diversity can restrict application of the microarray. We have developed a Java-based software tool, called PLASMID, for use in selecting the minimum set of probe sequences needed to classify different groups of plasmids or bacteria. The software program was successfully applied to several different sets of data. The utility of PLASMID was illustrated using existing mixed-plasmid microarray data as well as data from a virtual mixed-genome microarray constructed from different strains of Streptococcus. Moreover, use of data from expression microarray experiments demonstrated the generality of PLASMID. In this paper we describe a new software tool for selecting a set of probes for a classification microarray. While the tool was developed for the design of mixed microarrays-and mixed-plasmid microarrays in particular-it can also be used to design expression arrays. The user can choose from several clustering methods (including hierarchical, non-hierarchical, and a model-based genetic algorithm), several probe ranking methods, and several different display methods. A novel approach is used for probe redundancy reduction, and probe selection is accomplished via stepwise discriminant analysis. Data can be entered in different formats (including Excel and comma-delimited text), and dendrogram, heat map, and scatter plot images can be saved in several different formats (including jpeg and tiff). Weights generated using stepwise discriminant analysis can be stored for

  9. The House of Security: Stakeholder Perceptions of Security Assessment and Importance

    OpenAIRE

    Ang, Wee Horng; Deng, Vicki; Lee, Yang; Madnick, Stuart; Mistree, Dinsha; Siegel, Michael; Strong, Diane

    2007-01-01

    In this paper we introduce a methodology for analyzing differences regarding security perceptions within and between stakeholders, and the elements which affect these perceptions. We have designed the €܈ouse of Security€ݬ a security assessment model that provides the basic framework for considering eight different constructs of security: Vulnerability, Accessibility, Confidentiality, Technology Resources for Security, Financial Resources for Security, Business Strategy for Security, Secur...

  10. Muddling Through: An Analysis of Security Force Assistance in Iraq

    Science.gov (United States)

    2017-05-25

    OSC-I mostly fell back into their comfort zone of managing 60 foreign military sales programs as the nominal advisement programs quickly fell apart...implications of these observations are critical to future SFA efforts, as the US government seeks to continue a long-term strategy of advising and...Iraqi Army, Mosul, ISIS, Advise and Assist, Security Assistance, Security Cooperation, MNSTC-I, OIF 16. SECURITY CLASSIFICATION OF: 17. LIMITATION

  11. Hardware IP security and trust

    CERN Document Server

    Bhunia, Swarup; Tehranipoor, Mark

    2017-01-01

    This book provides an overview of current Intellectual Property (IP) based System-on-Chip (SoC) design methodology and highlights how security of IP can be compromised at various stages in the overall SoC design-fabrication-deployment cycle. Readers will gain a comprehensive understanding of the security vulnerabilities of different types of IPs. This book would enable readers to overcome these vulnerabilities through an efficient combination of proactive countermeasures and design-for-security solutions, as well as a wide variety of IP security and trust assessment and validation techniques. This book serves as a single-source of reference for system designers and practitioners for designing secure, reliable and trustworthy SoCs.

  12. Operating System Security

    CERN Document Server

    Jaeger, Trent

    2008-01-01

    Operating systems provide the fundamental mechanisms for securing computer processing. Since the 1960s, operating systems designers have explored how to build "secure" operating systems - operating systems whose mechanisms protect the system against a motivated adversary. Recently, the importance of ensuring such security has become a mainstream issue for all operating systems. In this book, we examine past research that outlines the requirements for a secure operating system and research that implements example systems that aim for such requirements. For system designs that aimed to

  13. 32 CFR 2400.34 - Classification.

    Science.gov (United States)

    2010-07-01

    ... 32 National Defense 6 2010-07-01 2010-07-01 false Classification. 2400.34 Section 2400.34 National... Government Information § 2400.34 Classification. (a) Foreign government information classified by a foreign government or international organization of governments shall retain its original classification designation...

  14. Security intelligence a practitioner's guide to solving enterprise security challenges

    CERN Document Server

    Li, Qing

    2015-01-01

    Identify, deploy, and secure your enterprise Security Intelligence, A Practitioner's Guide to Solving Enterprise Security Challenges is a handbook for security in modern times, against modern adversaries. As leaders in the design and creation of security products that are deployed globally across a range of industries and market sectors, authors Qing Li and Gregory Clark deliver unparalleled insight into the development of comprehensive and focused enterprise security solutions. They walk you through the process of translating your security goals into specific security technology domains, fo

  15. Approach to design neural cryptography: a generalized architecture and a heuristic rule.

    Science.gov (United States)

    Mu, Nankun; Liao, Xiaofeng; Huang, Tingwen

    2013-06-01

    Neural cryptography, a type of public key exchange protocol, is widely considered as an effective method for sharing a common secret key between two neural networks on public channels. How to design neural cryptography remains a great challenge. In this paper, in order to provide an approach to solve this challenge, a generalized network architecture and a significant heuristic rule are designed. The proposed generic framework is named as tree state classification machine (TSCM), which extends and unifies the existing structures, i.e., tree parity machine (TPM) and tree committee machine (TCM). Furthermore, we carefully study and find that the heuristic rule can improve the security of TSCM-based neural cryptography. Therefore, TSCM and the heuristic rule can guide us to designing a great deal of effective neural cryptography candidates, in which it is possible to achieve the more secure instances. Significantly, in the light of TSCM and the heuristic rule, we further expound that our designed neural cryptography outperforms TPM (the most secure model at present) on security. Finally, a series of numerical simulation experiments are provided to verify validity and applicability of our results.

  16. Extension classification method for low-carbon product cases

    Directory of Open Access Journals (Sweden)

    Yanwei Zhao

    2016-05-01

    Full Text Available In product low-carbon design, intelligent decision systems integrated with certain classification algorithms recommend the existing design cases to designers. However, these systems mostly dependent on prior experience, and product designers not only expect to get a satisfactory case from an intelligent system but also hope to achieve assistance in modifying unsatisfactory cases. In this article, we proposed a new categorization method composed of static and dynamic classification based on extension theory. This classification method can be integrated into case-based reasoning system to get accurate classification results and to inform designers of detailed information about unsatisfactory cases. First, we establish the static classification model for cases by dependent function in a hierarchical structure. Then for dynamic classification, we make transformation for cases based on case model, attributes, attribute values, and dependent function, thus cases can take qualitative changes. Finally, the applicability of proposed method is demonstrated through a case study of screw air compressor cases.

  17. Environmental Monitoring, Water Quality - MO 2009 Water Quality Standards - Table G Lake Classifications and Use Designations (SHP)

    Data.gov (United States)

    NSGIC State | GIS Inventory — This data set contains Missouri Water Quality Standards (WQS) lake classifications and use designations described in the Missouri Code of State Regulations (CSR), 10...

  18. Security basics for computer architects

    CERN Document Server

    Lee, Ruby B

    2013-01-01

    Design for security is an essential aspect of the design of future computers. However, security is not well understood by the computer architecture community. Many important security aspects have evolved over the last several decades in the cryptography, operating systems, and networking communities. This book attempts to introduce the computer architecture student, researcher, or practitioner to the basic concepts of security and threat-based design. Past work in different security communities can inform our thinking and provide a rich set of technologies for building architectural support fo

  19. Impact of sensor-scene interaction on the design of an IR security surveillance system

    International Nuclear Information System (INIS)

    Claassen, J.P.; Phipps, G.S.

    1982-01-01

    Recent encouraging developments in infrared staring arrays with CCD readouts and in real time image processors working on and off the focal plane have suggested that technologies suitable for infrared security surveillance may be available in a two-to-five year time frame. In anticipation of these emerging technologies, an investigation has been undertaken to establish the design potential of a passive IR perimeter security system incorporating both detection and verification capabilities. To establish the design potential, it is necessary to characterize the interactions between the scene ad the sensor. To this end, theoretical and experimental findings were employed to document (1) the emission properties of scenes to include an intruder, (2) the propagation and emission characteristics of the intervening atmosphere, and (3) the reception properties of the imaging sensor. The impact of these findings are summarized in the light of the application constraints. Optimal wavelengths, intruder and background emission characteristics, weather limitations, and basic sensor design considerations are treated. Although many system design features have been identified to this date, continued efforts are required to complete a detailed system design to include the identifying processing requirements. A program to accomplish these objectives is presented

  20. Design of Xen Hybrid Multiple Police Model

    Science.gov (United States)

    Sun, Lei; Lin, Renhao; Zhu, Xianwei

    2017-10-01

    Virtualization Technology has attracted more and more attention. As a popular open-source virtualization tools, XEN is used more and more frequently. Xsm, XEN security model, has also been widespread concern. The safety status classification has not been established in the XSM, and it uses the virtual machine as a managed object to make Dom0 a unique administrative domain that does not meet the minimum privilege. According to these questions, we design a Hybrid multiple police model named SV_HMPMD that organically integrates multiple single security policy models include DTE,RBAC,BLP. It can fullfill the requirement of confidentiality and integrity for security model and use different particle size to different domain. In order to improve BLP’s practicability, the model introduce multi-level security labels. In order to divide the privilege in detail, we combine DTE with RBAC. In order to oversize privilege, we limit the privilege of domain0.

  1. Speaker identification for the improvement of the security communication between law enforcement units

    Science.gov (United States)

    Tovarek, Jaromir; Partila, Pavol

    2017-05-01

    This article discusses the speaker identification for the improvement of the security communication between law enforcement units. The main task of this research was to develop the text-independent speaker identification system which can be used for real-time recognition. This system is designed for identification in the open set. It means that the unknown speaker can be anyone. Communication itself is secured, but we have to check the authorization of the communication parties. We have to decide if the unknown speaker is the authorized for the given action. The calls are recorded by IP telephony server and then these recordings are evaluate using classification If the system evaluates that the speaker is not authorized, it sends a warning message to the administrator. This message can detect, for example a stolen phone or other unusual situation. The administrator then performs the appropriate actions. Our novel proposal system uses multilayer neural network for classification and it consists of three layers (input layer, hidden layer, and output layer). A number of neurons in input layer corresponds with the length of speech features. Output layer then represents classified speakers. Artificial Neural Network classifies speech signal frame by frame, but the final decision is done over the complete record. This rule substantially increases accuracy of the classification. Input data for the neural network are a thirteen Mel-frequency cepstral coefficients, which describe the behavior of the vocal tract. These parameters are the most used for speaker recognition. Parameters for training, testing and validation were extracted from recordings of authorized users. Recording conditions for training data correspond with the real traffic of the system (sampling frequency, bit rate). The main benefit of the research is the system developed for text-independent speaker identification which is applied to secure communication between law enforcement units.

  2. Progress in safeguards by design (SBD) by the United States National Nuclear Security Administration (NNSA)

    International Nuclear Information System (INIS)

    Long, J.D.

    2013-01-01

    The IAEA has described the Safeguards by Design (SBD) concept as an approach in which international safeguards are fully integrated into the design process of a new nuclear facility from the initial planning through design, construction, operation, and decommissioning. Often, international safeguards features are added following completion of the facility design. Earlier consideration of safeguards features has the potential to reduce the need for costly re-designs or retrofits of the facility and can result in a more efficient and effective safeguards design. The U.S. Department of Energy's National Nuclear Security Administration (NNSA) initiated a project in 2008 through its Next Generation Safeguards Initiative (NGSI) to establish a global norm for the use of SBD. The NGSI SBD program is evolving in parallel with a similar effort at the IAEA, while taking into account the IAEA's SBD achievements and future plans. The NGSI program includes DOE laboratory studies, international workshops, engagement with industry and the IAEA, and setting an example through its planned use in new nuclear facilities in the United States. Consistent with this effort, the NGSI program has sponsored 'Lessons Learned' studies and the preparation of facility-specific SBD Guidance documents. The NGSI program also takes into account successes that the NNSA has had with implementing safeguards early into facility designs within the U.S. The purpose of this paper is the presentation of the most recent developments in SBD under NGSI within the U.S. as well as the presentation of 'Lessons Learned' integrating safeguards into new nuclear facility designs of the U.S. Nuclear Security Enterprise (NSE), namely the Uranium Processing Facility (UPF) project at the Y-12 National Security Complex in Oak Ridge, Tennessee and to discuss its relevance to international safeguards. The paper is followed by the slides of the presentation. (author)

  3. 14 CFR 1203.701 - Classification.

    Science.gov (United States)

    2010-01-01

    ... 14 Aeronautics and Space 5 2010-01-01 2010-01-01 false Classification. 1203.701 Section 1203.701... Government Information § 1203.701 Classification. (a) Foreign government information that is classified by a foreign entity shall either retain its original classification designation or be marked with a United...

  4. Microwave and Millimeter-Wave Remote Sensing for Security Applications. By Jeffrey A. Nanzer, Artech House, 2012; 372 pages. Price £109.00, ISBN 978-1-60807-172-2

    Directory of Open Access Journals (Sweden)

    Shu-Kun Lin

    2013-01-01

    Full Text Available Microwave and millimeter-wave remote sensing techniques are fast becoming a necessity in many aspects of security as detection and classification of objects or intruders becomes more difficult. This groundbreaking resource offers you expert guidance in this burgeoning area. It provides you with a thorough treatment of the principles of microwave and millimeter-wave remote sensing for security applications, as well as practical coverage of the design of radiometer, radar, and imaging systems. You learn how to design active and passive sensors for intruder detection, concealed object detection, and human activity classification. This detailed book presents the fundamental concepts practitioners need to understand, including electromagnetic wave propagation in free space and in media, antenna theory, and the principles of receiver design. You find in-depth discussions on the interactions of electromagnetic waves with human tissues, the atmosphere and various building and clothing materials. This timely volume explores recently developed detection techniques, such as micro-Doppler radar signatures and correlation radiometry. The book is supported with over 200 illustrations and 1,135 equations.

  5. CONSIDERING ANTI-PIRACY SHIP SECURITY: CITADEL DESIGN AND USE

    Directory of Open Access Journals (Sweden)

    L. Carral

    2015-09-01

    Full Text Available As piracy continues to pose a threat to the shipping industry, a number of measures for protecting ships, cargo and crew will need to be implemented. Along with other steps, such as deploying military rescue teams, securing the crew within a ship’s citadel has proved to be a highly effective form of self-protection against hostage-taking by pirates. From a design standpoint, aspects that should be considered include the location and dimensions of the citadel, the maximum time crew can stay within it and the specific requirements for various elements of the ship or citadel equipment. Exploiting data on pirate attacks recently occurring in High Risk Areas, this article analyses the design and use of the citadel as a self-protection measure against piracy. As a conclusion, various requirements for these structures are recommended.

  6. Adaptive fuzzy observer based synchronization design and secure communications of chaotic systems

    International Nuclear Information System (INIS)

    Hyun, Chang-Ho; Kim, Jae-Hun; Kim, Euntai; Park, Mignon

    2006-01-01

    This paper proposes a synchronization design scheme based on an alternative indirect adaptive fuzzy observer and its application to secure communication of chaotic systems. It is assumed that their states are unmeasurable and their parameters are unknown. Chaotic systems and the structure of the fuzzy observer are represented by the Takagi-Sugeno fuzzy model. Using Lyapunov stability theory, an adaptive law is derived to estimate the unknown parameters and the stability of the proposed system is guaranteed. Through this process, the asymptotic synchronization of chaotic systems is achieved. The proposed observer is applied to secure communications of chaotic systems and some numerical simulation results show the validity of theoretical derivations and the performance of the proposed observer

  7. Design of the national health security preparedness index.

    Science.gov (United States)

    Uzun Jacobson, Evin; Inglesby, Tom; Khan, Ali S; Rajotte, James C; Burhans, Robert L; Slemp, Catherine C; Links, Jonathan M

    2014-01-01

    The importance of health security in the United States has been highlighted by recent emergencies such as the H1N1 influenza pandemic, Superstorm Sandy, and the Boston Marathon bombing. The nation's health security remains a high priority today, with federal, state, territorial, tribal, and local governments, as well as nongovernment organizations and the private sector, engaging in activities that prevent, protect, mitigate, respond to, and recover from health threats. The Association of State and Territorial Health Officials (ASTHO), through a cooperative agreement with the Centers for Disease Control and Prevention (CDC) Office of Public Health Preparedness and Response (OPHPR), led an effort to create an annual measure of health security preparedness at the national level. The collaborative released the National Health Security Preparedness Index (NHSPI(™)) in December 2013 and provided composite results for the 50 states and for the nation as a whole. The Index results represent current levels of health security preparedness in a consistent format and provide actionable information to drive decision making for continuous improvement of the nation's health security. The overall 2013 National Index result was 7.2 on the reported base-10 scale, with areas of greater strength in the domains of health surveillance, incident and information management, and countermeasure management. The strength of the Index relies on the interdependencies of the many elements in health security preparedness, making the sum greater than its parts. Moving forward, additional health security-related disciplines and measures will be included alongside continued validation efforts.

  8. Risk-informed approach for safety, safeguards, and security (3S) by design

    International Nuclear Information System (INIS)

    Suzuki, Mitsutoshi; Burr, Tom; Howell, John

    2011-01-01

    Over several decades the nuclear energy society worldwide has developed safety assessment methodology based on probabilistic risk analysis for incorporating its benefit into design and accident prevention for nuclear reactors. Although safeguards and security communities have different histories and technical aspects compared to safety, risk assessment as a supplement to their current requirements could be developed to promote synergism between Safety, Safeguards, and Security (3S) and to install effective countermeasures in the design of complex nuclear fuel cycle facilities. Since the 3S initiative was raised by G8 countries at Hokkaido Toyako-Summit in 2008, one approach to developing synergism in a 3S By Design (3SBD) process has been the application of risk-oriented assessment methodology. In the existing regulations of safeguards and security, a risk notion has already been considered for inherent threat and hazard recognition. To integrate existing metrics into a risk-oriented approach, several mathematical methods have already been surveyed, with attention to the scarcity of intentional acts in the case of safeguards and the sparseness of actual event data. A two-dimensional probability distribution composed of measurement error and incidence probabilities has been proposed to formalize inherent difficulties in the International Atomic Energy Agency (IAEA) safeguards criteria. In particular, the incidence probability that is difficult to estimate has been explained using a Markov model and game theory. In this work, a feasibility study of 3SBD is performed for an aqueous reprocessing process, and synergetic countermeasures are presented for preliminary demonstration of 3SBD. Although differences and conflicts between individual 'S' communities exist, the integrated approach would be valuable for optimization and balance between the 3S design features as well as for effective and efficient implementation under existing regulation frameworks. In addition

  9. ORACLE DATABASE SECURITY

    OpenAIRE

    Cristina-Maria Titrade

    2011-01-01

    This paper presents some security issues, namely security database system level, data level security, user-level security, user management, resource management and password management. Security is a constant concern in the design and database development. Usually, there are no concerns about the existence of security, but rather how large it should be. A typically DBMS has several levels of security, in addition to those offered by the operating system or network. Typically, a DBMS has user a...

  10. Threats or threads: from usable security to secure experience

    DEFF Research Database (Denmark)

    Bødker, Susanne; Mathiasen, Niels Raabjerg

    2008-01-01

    While the domain of security dependent technologies brings new challenges to HCI research it seems that the results and breakthroughs of HCI have not been used in design of security dependent technologies. With exceptions, work in the research field of usable security may be criticized for focusing...... mainly on adjusting user behavior to behave securely. With our background in newer HCI perspectives we address secure interaction from the perspective of security technology as experience. We analyze a number of collected user stories to understand what happens when everyday users encounter security...... dependent technologies. We apply McCarthy & Wright's [12] experience framework to the security domain and our collected stories. We point out that there are significant differences between being secure and having a secure experience, and conclude that classical usable security, focus on people's immediate...

  11. 14 CFR 298.3 - Classification.

    Science.gov (United States)

    2010-01-01

    ... 14 Aeronautics and Space 4 2010-01-01 2010-01-01 false Classification. 298.3 Section 298.3... REGULATIONS EXEMPTIONS FOR AIR TAXI AND COMMUTER AIR CARRIER OPERATIONS General § 298.3 Classification. (a) There is hereby established a classification of air carriers, designated as “air taxi operators,” which...

  12. Еcological security of environment in Zhytomyr region

    Directory of Open Access Journals (Sweden)

    I.М. Kovalevska

    2016-03-01

    Full Text Available The article is aiming at the study of environmental hazards in Zhytomir region. Its main objective is to identify the set of adverse factors affecting the state of danger and compose a necessary starting material for the prediction of possible negative consequences, their nature and extent. The matter of special importance for the study of the phenomenon of security is the security classification. First of all, the forms (system of security in relation to the forces and processes of natural, social and technical character should be distinguished. They can be defined as systems of geo-bio-physical, social and technical security. The classification of security can be determined in many ways, for example, in relation to the object of security; in relation to the subject of security; according to the problem indication; according to the functional indication. Security is a distinctive characteristic and prerequisite of life, progressive development and viability of real-world objects. The methodology of its evaluation is based on the states of the essence of natural and anthropogenic environmental pollution, the standard requirements for the quality of environmental objects and standards of acceptable contamination. The assessment of ecological security of the environment is the quantitative measure of parameters of environmental pollution dangers, threats and risks of natural character as well as the state of anthropogenic security. This assessment is carried out according to the methods and ways to measure environmental parameters. For this purpose it is important to know the factors of danger and the system of indicators that characterizes all natural and environmental phenomena and processes of geo-ecological dangers, natural environmental conditions, ecological condition. The system of natural and industrial environmental indicators consists of the indicators which characterize all phenomena and processes of geo-ecological dangers of natural

  13. Design and update of a classification system: the UCSD map of science.

    Directory of Open Access Journals (Sweden)

    Katy Börner

    Full Text Available Global maps of science can be used as a reference system to chart career trajectories, the location of emerging research frontiers, or the expertise profiles of institutes or nations. This paper details data preparation, analysis, and layout performed when designing and subsequently updating the UCSD map of science and classification system. The original classification and map use 7.2 million papers and their references from Elsevier's Scopus (about 15,000 source titles, 2001-2005 and Thomson Reuters' Web of Science (WoS Science, Social Science, Arts & Humanities Citation Indexes (about 9,000 source titles, 2001-2004-about 16,000 unique source titles. The updated map and classification adds six years (2005-2010 of WoS data and three years (2006-2008 from Scopus to the existing category structure-increasing the number of source titles to about 25,000. To our knowledge, this is the first time that a widely used map of science was updated. A comparison of the original 5-year and the new 10-year maps and classification system show (i an increase in the total number of journals that can be mapped by 9,409 journals (social sciences had a 80% increase, humanities a 119% increase, medical (32% and natural science (74%, (ii a simplification of the map by assigning all but five highly interdisciplinary journals to exactly one discipline, (iii a more even distribution of journals over the 554 subdisciplines and 13 disciplines when calculating the coefficient of variation, and (iv a better reflection of journal clusters when compared with paper-level citation data. When evaluating the map with a listing of desirable features for maps of science, the updated map is shown to have higher mapping accuracy, easier understandability as fewer journals are multiply classified, and higher usability for the generation of data overlays, among others.

  14. Secure software development training course

    Directory of Open Access Journals (Sweden)

    Victor S. Gorbatov

    2017-06-01

    Full Text Available Information security is one of the most important criteria for the quality of developed software. To obtain a sufficient level of application security companies implement security process into software development life cycle. At this stage software companies encounter with deficit employees who able to solve problems of software design, implementation and application security. This article provides a description of the secure software development training course. Training course of application security is designed for co-education students of different IT-specializations.

  15. Library Classification 2020

    Science.gov (United States)

    Harris, Christopher

    2013-01-01

    In this article the author explores how a new library classification system might be designed using some aspects of the Dewey Decimal Classification (DDC) and ideas from other systems to create something that works for school libraries in the year 2020. By examining what works well with the Dewey Decimal System, what features should be carried…

  16. Adapting Rational Unified Process (RUP) approach in designing a secure e-Tendering model

    Science.gov (United States)

    Mohd, Haslina; Robie, Muhammad Afdhal Muhammad; Baharom, Fauziah; Darus, Norida Muhd; Saip, Mohamed Ali; Yasin, Azman

    2016-08-01

    e-Tendering is an electronic processing of the tender document via internet and allow tenderer to publish, communicate, access, receive and submit all tender related information and documentation via internet. This study aims to design the e-Tendering system using Rational Unified Process approach. RUP provides a disciplined approach on how to assign tasks and responsibilities within the software development process. RUP has four phases that can assist researchers to adjust the requirements of various projects with different scope, problem and the size of projects. RUP is characterized as a use case driven, architecture centered, iterative and incremental process model. However the scope of this study only focusing on Inception and Elaboration phases as step to develop the model and perform only three of nine workflows (business modeling, requirements, analysis and design). RUP has a strong focus on documents and the activities in the inception and elaboration phases mainly concern the creation of diagrams and writing of textual descriptions. The UML notation and the software program, Star UML are used to support the design of e-Tendering. The e-Tendering design based on the RUP approach can contribute to e-Tendering developers and researchers in e-Tendering domain. In addition, this study also shows that the RUP is one of the best system development methodology that can be used as one of the research methodology in Software Engineering domain related to secured design of any observed application. This methodology has been tested in various studies in certain domains, such as in Simulation-based Decision Support, Security Requirement Engineering, Business Modeling and Secure System Requirement, and so forth. As a conclusion, these studies showed that the RUP one of a good research methodology that can be adapted in any Software Engineering (SE) research domain that required a few artifacts to be generated such as use case modeling, misuse case modeling, activity

  17. Watermarking security

    CERN Document Server

    Bas, Patrick; Cayre, François; Doërr, Gwenaël; Mathon, Benjamin

    2016-01-01

    This book explains how to measure the security of a watermarking scheme, how to design secure schemes but also how to attack popular watermarking schemes. This book gathers the most recent achievements in the field of watermarking security by considering both parts of this cat and mouse game. This book is useful to industrial practitioners who would like to increase the security of their watermarking applications and for academics to quickly master this fascinating domain.

  18. Security for service oriented architectures

    CERN Document Server

    Williams, Walter

    2014-01-01

    Although integrating security into the design of applications has proven to deliver resilient products, there are few books available that provide guidance on how to incorporate security into the design of an application. Filling this need, Security for Service Oriented Architectures examines both application and security architectures and illustrates the relationship between the two. Supplying authoritative guidance on how to design distributed and resilient applications, the book provides an overview of the various standards that service oriented and distributed applications leverage, includ

  19. Information Systems Security Audit

    OpenAIRE

    Gheorghe Popescu; Veronica Adriana Popescu; Cristina Raluca Popescu

    2007-01-01

    The article covers:Defining an information system; benefits obtained by introducing new information technologies; IT management;Defining prerequisites, analysis, design, implementation of IS; Information security management system; aspects regarding IS security policy; Conceptual model of a security system; Auditing information security systems and network infrastructure security.

  20. Design tools for complex dynamic security systems.

    Energy Technology Data Exchange (ETDEWEB)

    Byrne, Raymond Harry; Rigdon, James Brian; Rohrer, Brandon Robinson; Laguna, Glenn A.; Robinett, Rush D. III (.; ); Groom, Kenneth Neal; Wilson, David Gerald; Bickerstaff, Robert J.; Harrington, John J.

    2007-01-01

    The development of tools for complex dynamic security systems is not a straight forward engineering task but, rather, a scientific task where discovery of new scientific principles and math is necessary. For years, scientists have observed complex behavior but have had difficulty understanding it. Prominent examples include: insect colony organization, the stock market, molecular interactions, fractals, and emergent behavior. Engineering such systems will be an even greater challenge. This report explores four tools for engineered complex dynamic security systems: Partially Observable Markov Decision Process, Percolation Theory, Graph Theory, and Exergy/Entropy Theory. Additionally, enabling hardware technology for next generation security systems are described: a 100 node wireless sensor network, unmanned ground vehicle and unmanned aerial vehicle.

  1. Designing a Secure Storage Repository for Sharing Scientific Datasets using Public Clouds

    Energy Technology Data Exchange (ETDEWEB)

    Kumbhare, Alok [Univ. of Southern California, Los Angeles, CA (United States); Simmhan, Yogesth [Univ. of Southern California, Los Angeles, CA (United States); Prasanna, Viktor [Univ. of Southern California, Los Angeles, CA (United States)

    2011-11-14

    As Cloud platforms gain increasing traction among scientific and business communities for outsourcing storage, computing and content delivery, there is also growing concern about the associated loss of control over private data hosted in the Cloud. In this paper, we present an architecture for a secure data repository service designed on top of a public Cloud infrastructure to support multi-disciplinary scientific communities dealing with personal and human subject data, motivated by the smart power grid domain. Our repository model allows users to securely store and share their data in the Cloud without revealing the plain text to unauthorized users, the Cloud storage provider or the repository itself. The system masks file names, user permissions and access patterns while providing auditing capabilities with provable data updates.

  2. Designing and implementing the logical security framework for e-commerce based on service oriented architecture

    OpenAIRE

    Luhach, Ashish Kr.; Dwivedi, Sanjay K; Jha, C K

    2014-01-01

    Rapid evolution of information technology has contributed to the evolution of more sophisticated E- commerce system with the better transaction time and protection. The currently used E-commerce models lack in quality properties such as logical security because of their poor designing and to face the highly equipped and trained intruders. This editorial proposed a security framework for small and medium sized E-commerce, based on service oriented architecture and gives an analysis of the emin...

  3. Computer Network Security- The Challenges of Securing a Computer Network

    Science.gov (United States)

    Scotti, Vincent, Jr.

    2011-01-01

    This article is intended to give the reader an overall perspective on what it takes to design, implement, enforce and secure a computer network in the federal and corporate world to insure the confidentiality, integrity and availability of information. While we will be giving you an overview of network design and security, this article will concentrate on the technology and human factors of securing a network and the challenges faced by those doing so. It will cover the large number of policies and the limits of technology and physical efforts to enforce such policies.

  4. Classification of unconscious like/dislike decisions: First results towards a novel application for BCI technology.

    Science.gov (United States)

    Wriessnegger, S C; Hackhofer, D; Muller-Putz, G R

    2015-01-01

    More and more applications for BCI technology emerge that are not restricted to communication or control, like gaming, rehabilitation, Neuro-IS research, neuro-economics or security. In this context a so called passive BCI, a system that derives its outputs from arbitrary brain activity for enriching a human-machine interaction with implicit information on the actual user state will be used. Concretely EEG-based BCI technology enables the use of signals related to attention, intentions and mental state, without relying on indirect measures based on overt behavior or other physiological signals which is an important point e.g. in Neuromarketing research. The scope of this pilot EEG-study was to detect like/dislike decisions on car stimuli just by means of ERP analysis. Concretely to define user preferences concerning different car designs by implementing an offline BCI based on shrinkage LDA classification. Although classification failed in the majority of participants the elicited early (sub) conscious ERP components reflect user preferences for cars. In a broader sense this study should pave the way towards a "product design BCI" suitable for neuromarketing research.

  5. Security Clearances and the Protection of National Security Information: Law and Procedures

    National Research Council Canada - National Science Library

    Cohen, Sheldon

    2000-01-01

    ... designed to protect National Security information. The report provides an authoritative compendium for lawyers, security officers and for managers of corporations who must deal with the legal and procedural aspects of security clearances...

  6. 76 FR 28795 - Privacy Act of 1974; Department of Homeland Security United States Coast Guard-024 Auxiliary...

    Science.gov (United States)

    2011-05-18

    ... 1974; Department of Homeland Security United States Coast Guard-024 Auxiliary Database System of... Security/United States Coast Guard-024 Auxiliary Database (AUXDATA) System of Records.'' This system of...: United States Coast Guard Auxiliary Database (AUXDATA). Security classification: Unclassified. System...

  7. When Should We Care About Sustainability? Applying Human Security as the Decisive Criterion

    Directory of Open Access Journals (Sweden)

    Alexander K. Lautensach

    2012-05-01

    Full Text Available It seems intuitively clear that not all human endeavours warrant equal concern over the extent of their sustainability. This raises the question about what criteria might best serve for their prioritisation. We refute, on empirical and theoretical grounds, the counterclaim that sustainability should be of no concern regardless of the circumstances. Human security can serve as a source of criteria that are both widely shared and can be assessed in a reasonably objective manner. Using established classifications, we explore how four forms of sustainability (environmental, economic, social, and cultural relate to the four pillars of human security (environmental, economic, sociopolitical, and health-related. Our findings, based on probable correlations, suggest that the criteria of human security allow for a reliable discrimination between relatively trivial incidences of unsustainable behavior and those that warrant widely shared serious concern. They also confirm that certain sources of human insecurity, such as poverty or violent conflict, tend to perpetuate unsustainable behavior, a useful consideration for the design of development initiatives. Considering that human security enjoys wide and increasing political support among the international community, it is to be hoped that by publicizing the close correlation between human security and sustainability greater attention will be paid to the latter and to its careful definition.

  8. Incentive Regulation and Utility Benchmarking for Electricity Network Security

    OpenAIRE

    Zhang, Y.; Nepal, R.

    2014-01-01

    The incentive regulation of costs related to physical and cyber security in electricity networks is an important but relatively unexplored and ambiguous issue. These costs can be part of cost efficiency benchmarking or, alternatively, dealt with separately. This paper discusses the issues and proposes options for incorporating network security costs within incentive regulation in a benchmarking framework. The relevant concerns and limitations associated with the accounting and classification ...

  9. Design and Implementation of a Secure Wireless Mote-Based Medical Sensor Network

    Science.gov (United States)

    Malasri, Kriangsiri; Wang, Lan

    2009-01-01

    A medical sensor network can wirelessly monitor vital signs of humans, making it useful for long-term health care without sacrificing patient comfort and mobility. For such a network to be viable, its design must protect data privacy and authenticity given that medical data are highly sensitive. We identify the unique security challenges of such a sensor network and propose a set of resource-efficient mechanisms to address these challenges. Our solution includes (1) a novel two-tier scheme for verifying the authenticity of patient data, (2) a secure key agreement protocol to set up shared keys between sensor nodes and base stations, and (3) symmetric encryption/decryption for protecting data confidentiality and integrity. We have implemented the proposed mechanisms on a wireless mote platform, and our results confirm their feasibility. PMID:22454585

  10. Designing Fuzzy Rule Based Expert System for Cyber Security

    OpenAIRE

    Goztepe, Kerim

    2016-01-01

    The state of cyber security has begun to attract more attention and interest outside the community of computer security experts. Cyber security is not a single problem, but rather a group of highly different problems involving different sets of threats. Fuzzy Rule based system for cyber security is a system consists of a rule depository and a mechanism for accessing and running the rules. The depository is usually constructed with a collection of related rule sets. The aim of this study is to...

  11. Classifications, applications, and design challenges of drones: A review

    Science.gov (United States)

    Hassanalian, M.; Abdelkefi, A.

    2017-05-01

    Nowadays, there is a growing need for flying drones with diverse capabilities for both civilian and military applications. There is also a significant interest in the development of novel drones which can autonomously fly in different environments and locations and can perform various missions. In the past decade, the broad spectrum of applications of these drones has received most attention which led to the invention of various types of drones with different sizes and weights. In this review paper, we identify a novel classification of flying drones that ranges from unmanned air vehicles to smart dusts at both ends of this spectrum, with their new defined applications. Design and fabrication challenges of micro drones, existing methods for increasing their endurance, and various navigation and control approaches are discussed in details. Limitations of the existing drones, proposed solutions for the next generation of drones, and recommendations are also presented and discussed.

  12. Teaching habitat and animal classification to fourth graders using an engineering-design model

    Science.gov (United States)

    Marulcu, Ismail

    2014-05-01

    Background: The motivation for this work is built upon the premise that there is a need for research-based materials for design-based science instruction. In this paper, a small portion of our work investigating the impact of a LEGOTM engineering unit on fourth grade students' preconceptions and understanding of animals is presented. Purpose: The driving questions for our work are: (1) What is the impact of an engineering-design-based curricular module on students' understanding of habitat and animal classification? (2) What are students' misconceptions regarding animal classification and habitat? Sample: The study was conducted in an inner-city K-8 school in the northeastern region of the United States. There were two fourth grade classrooms in the school. The first classroom included seven girls and nine boys, whereas the other classroom included eight girls and eight boys. All fourth grade students participated in the study. Design and methods: In answering the research questions mixed-method approaches are used. Data collection methods included pre- and post-tests, pre- and post-interviews, student journals, and classroom observations. Identical pre- and post-tests were administered to measure students' understanding of animals. They included four multiple-choice and six open-ended questions. Identical pre- and post-interviews were administered to explore students' in-depth understanding of animals. Results: Our results show that students significantly increased their performance after instruction on both the multiple-choice questions (t = -3.586, p = .001) and the open-ended questions (t = -5.04, p = .000). They performed better on the post interviews as well. Also, it is found that design-based instruction helped students comprehend core concepts of a life science subject, animals. Conclusions: Based on these results, the main argument of the study is that engineering design is a useful framework for teaching not only physical science-related subjects, but

  13. Mobile communication security

    NARCIS (Netherlands)

    Broek, F.M.J. van den

    2016-01-01

    Security of the mobile network Fabian van den Broek We looked at the security of the wireless connection between mobile phone and cell towers and suggested possible improvements. The security was analysed on a design level, by looking at the protocols and encryption techniques, but also on an

  14. Vlsi implementation of flexible architecture for decision tree classification in data mining

    Science.gov (United States)

    Sharma, K. Venkatesh; Shewandagn, Behailu; Bhukya, Shankar Nayak

    2017-07-01

    The Data mining algorithms have become vital to researchers in science, engineering, medicine, business, search and security domains. In recent years, there has been a terrific raise in the size of the data being collected and analyzed. Classification is the main difficulty faced in data mining. In a number of the solutions developed for this problem, most accepted one is Decision Tree Classification (DTC) that gives high precision while handling very large amount of data. This paper presents VLSI implementation of flexible architecture for Decision Tree classification in data mining using c4.5 algorithm.

  15. Design and Implementation of a Secure Modbus Protocol

    Science.gov (United States)

    Fovino, Igor Nai; Carcano, Andrea; Masera, Marcelo; Trombetta, Alberto

    The interconnectivity of modern and legacy supervisory control and data acquisition (SCADA) systems with corporate networks and the Internet has significantly increased the threats to critical infrastructure assets. Meanwhile, traditional IT security solutions such as firewalls, intrusion detection systems and antivirus software are relatively ineffective against attacks that specifically target vulnerabilities in SCADA protocols. This paper describes a secure version of the Modbus SCADA protocol that incorporates integrity, authentication, non-repudiation and anti-replay mechanisms. Experimental results using a power plant testbed indicate that the augmented protocol provides good security functionality without significant overhead.

  16. Information Security Maturity Model

    OpenAIRE

    Information Security Maturity Model

    2011-01-01

    To ensure security, it is important to build-in security in both the planning and the design phases andadapt a security architecture which makes sure that regular and security related tasks, are deployedcorrectly. Security requirements must be linked to the business goals. We identified four domains thataffect security at an organization namely, organization governance, organizational culture, thearchitecture of the systems, and service management. In order to identify and explore the strengt...

  17. Design, implementation and security of a typical educational laboratory computer network

    Directory of Open Access Journals (Sweden)

    Martin Pokorný

    2013-01-01

    Full Text Available Computer network used for laboratory training and for different types of network and security experiments represents a special environment where hazardous activities take place, which may not affect any production system or network. It is common that students need to have administrator privileges in this case which makes the overall security and maintenance of such a network a difficult task. We present our solution which has proved its usability for more than three years. First of all, four user requirements on the laboratory network are defined (access to educational network devices, to laboratory services, to the Internet, and administrator privileges of the end hosts, and four essential security rules are stipulated (enforceable end host security, controlled network access, level of network access according to the user privilege level, and rules for hazardous experiments, which protect the rest of the laboratory infrastructure as well as the outer university network and the Internet. The main part of the paper is dedicated to a design and implementation of these usability and security rules. We present a physical diagram of a typical laboratory network based on multiple circuits connecting end hosts to different networks, and a layout of rack devices. After that, a topological diagram of the network is described which is based on different VLANs and port-based access control using the IEEE 802.1x/EAP-TLS/RADIUS authentication to achieve defined level of network access. In the second part of the paper, the latest innovation of our network is presented that covers a transition to the system virtualization at the end host devices – inspiration came from a similar solution deployed at the Department of Telecommunications at Brno University of Technology. This improvement enables a greater flexibility in the end hosts maintenance and a simultaneous network access to the educational devices as well as to the Internet. In the end, a vision of a

  18. 14 CFR 1203.412 - Classification guides.

    Science.gov (United States)

    2010-01-01

    ... of the classification designations (i.e., Top Secret, Secret or Confidential) apply to the identified... writing by an official with original Top Secret classification authority; the identity of the official...

  19. An Unequal Secure Encryption Scheme for H.264/AVC Video Compression Standard

    Science.gov (United States)

    Fan, Yibo; Wang, Jidong; Ikenaga, Takeshi; Tsunoo, Yukiyasu; Goto, Satoshi

    H.264/AVC is the newest video coding standard. There are many new features in it which can be easily used for video encryption. In this paper, we propose a new scheme to do video encryption for H.264/AVC video compression standard. We define Unequal Secure Encryption (USE) as an approach that applies different encryption schemes (with different security strength) to different parts of compressed video data. This USE scheme includes two parts: video data classification and unequal secure video data encryption. Firstly, we classify the video data into two partitions: Important data partition and unimportant data partition. Important data partition has small size with high secure protection, while unimportant data partition has large size with low secure protection. Secondly, we use AES as a block cipher to encrypt the important data partition and use LEX as a stream cipher to encrypt the unimportant data partition. AES is the most widely used symmetric cryptography which can ensure high security. LEX is a new stream cipher which is based on AES and its computational cost is much lower than AES. In this way, our scheme can achieve both high security and low computational cost. Besides the USE scheme, we propose a low cost design of hybrid AES/LEX encryption module. Our experimental results show that the computational cost of the USE scheme is low (about 25% of naive encryption at Level 0 with VEA used). The hardware cost for hybrid AES/LEX module is 4678 Gates and the AES encryption throughput is about 50Mbps.

  20. 18 CFR 3a.11 - Classification of official information.

    Science.gov (United States)

    2010-04-01

    ... classified Top Secret, Secret or Confidential, depending upon the degree of its significance to national... classification categories are defined as follows: (1) Top Secret. Top Secret refers to national security information or material which requires the highest degree of protection. The test for assigning Top Secret...

  1. 17 CFR 240.3a12-8 - Exemption for designated foreign government securities for purposes of futures trading.

    Science.gov (United States)

    2010-04-01

    ... 17 Commodity and Securities Exchanges 3 2010-04-01 2010-04-01 false Exemption for designated foreign government securities for purposes of futures trading. 240.3a12-8 Section 240.3a12-8 Commodity and... trading. (a) When used in this Rule, the following terms shall have the meaning indicated: (1) The term...

  2. Effects of sample survey design on the accuracy of classification tree models in species distribution models

    Science.gov (United States)

    Thomas C. Edwards; D. Richard Cutler; Niklaus E. Zimmermann; Linda Geiser; Gretchen G. Moisen

    2006-01-01

    We evaluated the effects of probabilistic (hereafter DESIGN) and non-probabilistic (PURPOSIVE) sample surveys on resultant classification tree models for predicting the presence of four lichen species in the Pacific Northwest, USA. Models derived from both survey forms were assessed using an independent data set (EVALUATION). Measures of accuracy as gauged by...

  3. Information Security Awareness On-Line Materials Design with Knowledge Maps

    Science.gov (United States)

    Shaw, Ruey-Shiang; Keh, Huan-Chao; Huang, Nan-Ching; Huang, Tien-Chuan

    2011-01-01

    Information Security Awareness, though known as a primary and important issue in the domain of Information Security, CSI computer crime and security survey showed poor security awareness training in public and private sectors. In many studies, the authors have found that the usage of knowledge maps helps the process of learning and conception…

  4. While Working Around Security

    DEFF Research Database (Denmark)

    Mathiasen, Niels Raabjerg

    Users of technology encounter various IT security mechanisms in their everyday lives. If these mechanisms fail to support everyday activities, they either get in the way, or the users find a way to work around them. Even though users manage to carry out everyday activities by using substandard...... IT security mechanisms or via workarounds, it will influence their experience of security. If researchers and designers only focus on IT security artifacts and fail to take the user experience into account, incorrect processes or workarounds will occur. Accordingly, to get users to follow the correct process...... may seem to be a criterion of success, even though it may yield a less appropriate experience of security. This dissertation deals with an improved understanding of IT security sensitive IT artifacts and presents three design methods, and a framework for addressing the complexities and contingencies...

  5. Teaching Case: IS Security Requirements Identification from Conceptual Models in Systems Analysis and Design: The Fun & Fitness, Inc. Case

    Science.gov (United States)

    Spears, Janine L.; Parrish, James L., Jr.

    2013-01-01

    This teaching case introduces students to a relatively simple approach to identifying and documenting security requirements within conceptual models that are commonly taught in systems analysis and design courses. An introduction to information security is provided, followed by a classroom example of a fictitious company, "Fun &…

  6. Design and develop a video conferencing framework for real-time telemedicine applications using secure group-based communication architecture.

    Science.gov (United States)

    Mat Kiah, M L; Al-Bakri, S H; Zaidan, A A; Zaidan, B B; Hussain, Muzammil

    2014-10-01

    One of the applications of modern technology in telemedicine is video conferencing. An alternative to traveling to attend a conference or meeting, video conferencing is becoming increasingly popular among hospitals. By using this technology, doctors can help patients who are unable to physically visit hospitals. Video conferencing particularly benefits patients from rural areas, where good doctors are not always available. Telemedicine has proven to be a blessing to patients who have no access to the best treatment. A telemedicine system consists of customized hardware and software at two locations, namely, at the patient's and the doctor's end. In such cases, the video streams of the conferencing parties may contain highly sensitive information. Thus, real-time data security is one of the most important requirements when designing video conferencing systems. This study proposes a secure framework for video conferencing systems and a complete management solution for secure video conferencing groups. Java Media Framework Application Programming Interface classes are used to design and test the proposed secure framework. Real-time Transport Protocol over User Datagram Protocol is used to transmit the encrypted audio and video streams, and RSA and AES algorithms are used to provide the required security services. Results show that the encryption algorithm insignificantly increases the video conferencing computation time.

  7. Indirection and computer security.

    Energy Technology Data Exchange (ETDEWEB)

    Berg, Michael J.

    2011-09-01

    The discipline of computer science is built on indirection. David Wheeler famously said, 'All problems in computer science can be solved by another layer of indirection. But that usually will create another problem'. We propose that every computer security vulnerability is yet another problem created by the indirections in system designs and that focusing on the indirections involved is a better way to design, evaluate, and compare security solutions. We are not proposing that indirection be avoided when solving problems, but that understanding the relationships between indirections and vulnerabilities is key to securing computer systems. Using this perspective, we analyze common vulnerabilities that plague our computer systems, consider the effectiveness of currently available security solutions, and propose several new security solutions.

  8. Convolutional neural network-based classification system design with compressed wireless sensor network images.

    Science.gov (United States)

    Ahn, Jungmo; Park, JaeYeon; Park, Donghwan; Paek, Jeongyeup; Ko, JeongGil

    2018-01-01

    With the introduction of various advanced deep learning algorithms, initiatives for image classification systems have transitioned over from traditional machine learning algorithms (e.g., SVM) to Convolutional Neural Networks (CNNs) using deep learning software tools. A prerequisite in applying CNN to real world applications is a system that collects meaningful and useful data. For such purposes, Wireless Image Sensor Networks (WISNs), that are capable of monitoring natural environment phenomena using tiny and low-power cameras on resource-limited embedded devices, can be considered as an effective means of data collection. However, with limited battery resources, sending high-resolution raw images to the backend server is a burdensome task that has direct impact on network lifetime. To address this problem, we propose an energy-efficient pre- and post- processing mechanism using image resizing and color quantization that can significantly reduce the amount of data transferred while maintaining the classification accuracy in the CNN at the backend server. We show that, if well designed, an image in its highly compressed form can be well-classified with a CNN model trained in advance using adequately compressed data. Our evaluation using a real image dataset shows that an embedded device can reduce the amount of transmitted data by ∼71% while maintaining a classification accuracy of ∼98%. Under the same conditions, this process naturally reduces energy consumption by ∼71% compared to a WISN that sends the original uncompressed images.

  9. Problems of Ensuring Complex Business Security in the Conditions of Modern Globalization

    OpenAIRE

    Anatoliy Petrovich Sterkhov

    2015-01-01

    From the viewpoint of ensuring complex business security, the relevance of the present work is associated with the rationale of multilevel hierarchical approach to the classification of security threats in the age of globalization. The specificity of the threats specific to one or another level of the economy, helps to better understand and consequently to build an effective system of ensuring complex business security. For each of the nine hierarchical levels of the economy the author identi...

  10. Risk-informed, performance-based safety-security interface

    International Nuclear Information System (INIS)

    Mrowca, B.; Eltawila, F.

    2012-01-01

    Safety-security interface is a term that is used as part of the commercial nuclear power security framework to promote coordination of the many potentially adverse interactions between plant security and plant safety. Its object is to prevent the compromise of either. It is also used to describe the concept of building security into a plant's design similar to the long standing practices used for safety therefore reducing the complexity of the operational security while maintaining or enhancing overall security. With this in mind, the concept of safety-security interface, when fully implemented, can influence a plant's design, operation and maintenance. It brings the approach use for plant security to one that is similar to that used for safety. Also, as with safety, the application of risk-informed techniques to fully implement and integrate safety and security is important. Just as designers and operators have applied these techniques to enhance and focus safety, these same techniques can be applied to security to not only enhance and focus the security but also to aid in the implementation of effective techniques to address the safety-security interfaces. Implementing this safety-security concept early within the design process can prevent or reduce security vulnerabilities through low cost solutions that often become difficult and expensive to retrofit later in the design and/or post construction period. These security considerations address many of the same issues as safety in ensuring that the response of equipment and plant personnel are adequate. That is, both safety and security are focused on reaching safe shutdown and preventing radiological release. However, the initiation of challenges and the progression of actions in response these challenges and even the definitions of safe shutdown can be considerably different. This paper explores the techniques and limitations that are employed to fully implement a risk-informed, safety-security interface

  11. Secure Business Process Engineering: a socio-technical approach

    OpenAIRE

    Salnitri, Mattia

    2016-01-01

    Dealing with security is a central activity for todays organizations. Security breaches impact on the activities executed in organizations, preventing them to execute their business processes and, therefore, causing millions of dollars of losses. Security by design principles underline the importance of considering security as early as during the design of organizations to avoid expensive fixes during later phases of their lifecycle. However, the design of secure business processes cannot tak...

  12. Professional Cocoa Application Security

    CERN Document Server

    Lee, Graham J

    2010-01-01

    The first comprehensive security resource for Mac and iPhone developers. The Mac platform is legendary for security, but consequently, Apple developers have little appropriate security information available to help them assure that their applications are equally secure. This Wrox guide provides the first comprehensive go-to resource for Apple developers on the available frameworks and features that support secure application development.: While Macs are noted for security, developers still need to design applications for the Mac and the iPhone with security in mind; this guide offers the first

  13. Conceptual design of technical security systems for Russian nuclear facilities physical protection

    International Nuclear Information System (INIS)

    Izmailov, A.V.

    1995-01-01

    Conceptual design of technical security systems (TSS) used in the early stages of physical protection systems (PPS) design for Russia nuclear facilities is discussed. The importance of work carried out in the early stages was noted since the main design solutions are being made within this period (i.e. selection of a structure of TSS and its components). The methods of analysis and synthesis of TSS developed by ''Eleron'' (MINATOM of Russia) which take into account the specific conditions of Russian nuclear facilities and a scope of equipment available are described in the review. TSS effectiveness assessment is based on a probability theory and a simulation. The design procedure provides for a purposeful choice of TSS competitive options including a ''cost-benefit'' criterion and taking into account a prechosen list of design basis threats to be used for a particular facility. The attention is paid to a practical aspect of the methods application as well as to the bilateral Russian-American scientific and technical co-operation in the PPS design field

  14. Air Traffic Security: Aircraft Classification Using ADS-B Message’s Phase-Pattern

    Directory of Open Access Journals (Sweden)

    Mauro Leonardi

    2017-10-01

    Full Text Available Automatic Dependent Surveillance-Broadcast (ADS-B is a surveillance system used in Air Traffic Control. With this system, the aircraft transmits their own information (identity, position, velocity, etc. to any equipped listener for surveillance scope. The ADS-B is based on a very simple protocol and does not provide any kind of authentication and encryption, making it vulnerable to many types of cyber-attacks. In the paper, the use of the airplane/transmitter carrier phase is proposed as a feature to perform a classification of the aircraft and, therefore, distinguish legitimate messages from fake ones. The feature extraction process is described and a classification method is selected. Finally, a complete intruder detection algorithm is proposed and evaluated with real data.

  15. Use of risk assessment methods for security design and analysis of nuclear and radioactive facilities

    International Nuclear Information System (INIS)

    Vasconcelos, Vanderley de; Andrade, Marcos C.; Jordao, Elizabete

    2011-01-01

    The objective of this work is to evaluate the applicability of risk assessment methods for analyzing the physical protection of nuclear and radioactive facilities. One of the important processes for physical protection in nuclear and radioactive facilities is the identifying of areas containing nuclear materials, structures, systems or components to be protected from sabotage, which could directly or indirectly lead to unacceptable radiological consequences. A survey of the international guidelines and recommendations about vital area identification, design basis threat (DBT), and the security of nuclear and radioactive facilities was carried out. The traditional methods used for quantitative risk assessment, like FMEA (Failure Mode and Effect Analysis), Event and Decision Trees, Fault and Success Trees, Vulnerability Assessment, Monte Carlo Simulation, Probabilistic Safety Assessment, Scenario Analysis, and Game Theory, among others, are highlighted. The applicability of such techniques to security issues, their pros and cons, the general resources needed to implement them, as data or support software, are analyzed. Finally, an approach to security design and analysis, beginning with a qualitative and preliminary examination to determine the range of possible scenarios, outcomes, and the systems to be included in the analyses, and proceeding to a progressively use of more quantitative techniques is presented. (author)

  16. Integrating Safety, Operations, Security, and Safeguards (ISOSS) into the design of small modular reactors : a handbook.

    Energy Technology Data Exchange (ETDEWEB)

    Middleton, Bobby D. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Mendez, Carmen Margarita [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

    2013-10-01

    The existing regulatory environment for nuclear reactors impacts both the facility design and the cost of operations once the facility is built. Delaying the consideration of regulatory requirements until late in the facility design - or worse, until after construction has begun - can result in costly retrofitting as well as increased operational costs to fulfill safety, security, safeguards, and emergency readiness requirements. Considering the scale and scope, as well as the latest design trends in the next generation of nuclear facilities, there is an opportunity to evaluate the regulatory requirements and optimize the design process for Small Modular Reactors (SMRs), as compared to current Light Water Reactors (LWRs). To this end, Sandia has embarked on an initiative to evaluate the interactions of regulations and operations as an approach to optimizing the design of SMR facilities, supporting operational efficiencies, as well as regulatory requirements. The early stages of this initiative consider two focus areas. The first focus area, reported by LaChance, et al. (2007), identifies the regulatory requirements established for the current fleet of LWR facilities regarding Safety, Security, Operations, Safeguards, and Emergency Planning, and evaluates the technical bases for these requirements. The second focus area, developed in this report, documents the foundations for an innovative approach that supports a design framework for SMR facilities that incorporates the regulatory environment, as well as the continued operation of the facility, into the early design stages, eliminating the need for costly retrofitting and additional operating personnel to fulfill regulatory requirements. The work considers a technique known as Integrated Safety, Operations, Security and Safeguards (ISOSS) (Darby, et al., 2007). In coordination with the best practices of industrial operations, the goal of this effort is to develop a design framework that outlines how ISOSS

  17. Ship Detection and Classification on Optical Remote Sensing Images Using Deep Learning

    Directory of Open Access Journals (Sweden)

    Liu Ying

    2017-01-01

    Full Text Available Ship detection and classification is critical for national maritime security and national defense. Although some SAR (Synthetic Aperture Radar image-based ship detection approaches have been proposed and used, they are not able to satisfy the requirement of real-world applications as the number of SAR sensors is limited, the resolution is low, and the revisit cycle is long. As massive optical remote sensing images of high resolution are available, ship detection and classification on theses images is becoming a promising technique, and has attracted great attention on applications including maritime security and traffic control. Some digital image processing methods have been proposed to detect ships in optical remote sensing images, but most of them face difficulty in terms of accuracy, performance and complexity. Recently, an autoencoder-based deep neural network with extreme learning machine was proposed, but it cannot meet the requirement of real-world applications as it only works with simple and small-scaled data sets. Therefore, in this paper, we propose a novel ship detection and classification approach which utilizes deep convolutional neural network (CNN as the ship classifier. The performance of our proposed ship detection and classification approach was evaluated on a set of images downloaded from Google Earth at the resolution 0.5m. 99% detection accuracy and 95% classification accuracy were achieved. In model training, 75× speedup is achieved on 1 Nvidia Titanx GPU.

  18. Security Technologies for Open Networking Environments (STONE)

    Energy Technology Data Exchange (ETDEWEB)

    Muftic, Sead

    2005-03-31

    Under this project SETECS performed research, created the design, and the initial prototype of three groups of security technologies: (a) middleware security platform, (b) Web services security, and (c) group security system. The results of the project indicate that the three types of security technologies can be used either individually or in combination, which enables effective and rapid deployment of a number of secure applications in open networking environments. The middleware security platform represents a set of object-oriented security components providing various functions to handle basic cryptography, X.509 certificates, S/MIME and PKCS No.7 encapsulation formats, secure communication protocols, and smart cards. The platform has been designed in the form of security engines, including a Registration Engine, Certification Engine, an Authorization Engine, and a Secure Group Applications Engine. By creating a middleware security platform consisting of multiple independent components the following advantages have been achieved - Object-oriented, Modularity, Simplified Development, and testing, Portability, and Simplified extensions. The middleware security platform has been fully designed and a preliminary Java-based prototype has been created for the Microsoft Windows operating system. The Web services security system, designed in the project, consists of technologies and applications that provide authentication (i.e., single sign), authorization, and federation of identities in an open networking environment. The system is based on OASIS SAML and XACML standards for secure Web services. Its topology comprises three major components: Domain Security Server (DSS) is the main building block of the system Secure Application Server (SAS) Secure Client In addition to the SAML and XACML engines, the authorization system consists of two sets of components An Authorization Administration System An Authorization Enforcement System Federation of identities in multi

  19. A Development Framework for Software Security in Nuclear Safety Systems: Integrating Secure Development and System Security Activities

    Energy Technology Data Exchange (ETDEWEB)

    Park, Jaekwan; Suh, Yongsuk [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

    2014-02-15

    The protection of nuclear safety software is essential in that a failure can result in significant economic loss and physical damage to the public. However, software security has often been ignored in nuclear safety software development. To enforce security considerations, nuclear regulator commission recently issued and revised the security regulations for nuclear computer-based systems. It is a great challenge for nuclear developers to comply with the security requirements. However, there is still no clear software development process regarding security activities. This paper proposes an integrated development process suitable for the secure development requirements and system security requirements described by various regulatory bodies. It provides a three-stage framework with eight security activities as the software development process. Detailed descriptions are useful for software developers and licensees to understand the regulatory requirements and to establish a detailed activity plan for software design and engineering.

  20. Engineering Principles for Information Technology Security (A Baseline for Achieving Security)

    National Research Council Canada - National Science Library

    Stoneburner, Gary

    2001-01-01

    The purpose of the Engineering Principles for Information Technology (IT) Security (HP-ITS) is to present a list of system-level security principles to he considered in the design, development, and operation of an information system...

  1. A Regulation-Based Security Evaluation Method for Data Link in Wireless Sensor Network

    Directory of Open Access Journals (Sweden)

    Claudio S. Malavenda

    2014-01-01

    Full Text Available This article presents a novel approach to the analysis of wireless sensor networks (WSN security, based on the regulations intended for wireless communication devices. Starting from the analysis and classification of attacks, countermeasures, and available protocols, we present the current state on secure communication stacks for embedded systems. The regulation analysis is based on civil EN 50150 and MIL STD-188-220, both applicable to WSN communications. Afterwards, starting from a list of known WSN attacks, we use a correspondence table to match WSN attacks with countermeasures required by regulations. This approach allows us to produce a precise security evaluation and classification methodology for WSN protocols. The results show that current protocols do not present a complete coverage of security issues. While this conclusion is already known for many WSN protocols, to the best of our knowledge this is the first time a complete methodology is proposed to base this assertion. Moreover, by using the proposed methodology, we are able to precisely identify the exposed threats for each WSN protocol under analysis.

  2. Designing, Capturing and Validating History-Sensitive Security Policies for Distributed Systems

    DEFF Research Database (Denmark)

    Hernandez, Alejandro Mario; Nielson, Flemming; Nielson, Hanne Riis

    2011-01-01

    has the capability of combining both history-sensitive and future-sensitive policies, providing even more flexibility and power. Moreover, we propose a global Logic for reasoning about the systems designed with this language. We show how the Logic can be used to validate the combination of security...... this approach with history-based components, as is traditional in reference-monitor-based approaches to mandatory access control. Our developments are performed in an Aspect-oriented coordination language, aiming to describe the Bell-LaPadula policy as elegantly as possible. Furthermore, the resulting language...

  3. Classification guide: Paralympic Games London 2012

    OpenAIRE

    2013-01-01

    The London 2012 Paralympic Games Classification Guide is designed to provide National Paralympic Committees (NPCs) and International Paralympic Sport Federations (IPSFs) with information about the classification policies and procedures that will apply to the London 2012 Paralympic Games.

  4. Design And Implementation Of Bank Locker Security System Based On Fingerprint Sensing Circuit And RFID Reader

    Directory of Open Access Journals (Sweden)

    Khaing Mar Htwe

    2015-07-01

    Full Text Available Abstract The main goal of this system is to design a locker security system using RFID and Fingerprint. In this system only authenticated person can open the door. A security system is implemented containing door locking system using passive type of RFID which can activate authenticate and validate the user and unlock the door in real time for secure access. The advantage of using passive RFID is that it functions without a battery and passive tags are lighter and are less expensive than the active tags. This system consists of fingerprint reader microcontroller RFID reader and PC. The RFID reader reads the id number from passive. The fingerprint sensor will check incoming image with enrolled data and it will send confirming signal for C program. If both RFID check and fingerprint image confirmation are matched the microcontroller will drive door motor according to sensors at door edges. This system is more secure than other systems because two codes protection method used.

  5. MAC layer security issues in wireless mesh networks

    Science.gov (United States)

    Reddy, K. Ganesh; Thilagam, P. Santhi

    2016-03-01

    Wireless Mesh Networks (WMNs) have emerged as a promising technology for a broad range of applications due to their self-organizing, self-configuring and self-healing capability, in addition to their low cost and easy maintenance. Securing WMNs is more challenging and complex issue due to their inherent characteristics such as shared wireless medium, multi-hop and inter-network communication, highly dynamic network topology and decentralized architecture. These vulnerable features expose the WMNs to several types of attacks in MAC layer. The existing MAC layer standards and implementations are inadequate to secure these features and fail to provide comprehensive security solutions to protect both backbone and client mesh. Hence, there is a need for developing efficient, scalable and integrated security solutions for WMNs. In this paper, we classify the MAC layer attacks and analyze the existing countermeasures. Based on attacks classification and countermeasures analysis, we derive the research directions to enhance the MAC layer security for WMNs.

  6. Windows Server 2012 vulnerabilities and security

    Directory of Open Access Journals (Sweden)

    Gabriel R. López

    2015-09-01

    Full Text Available This investigation analyses the history of the vulnerabilities of the base system Windows Server 2012 highlighting the most critic vulnerabilities given every 4 months since its creation until the current date of the research. It was organized by the type of vulnerabilities based on the classification of the NIST. Next, given the official vulnerabilities of the system, the authors show how a critical vulnerability is treated by Microsoft in order to countermeasure the security flaw. Then, the authors present the recommended security approaches for Windows Server 2012, which focus on the baseline software given by Microsoft, update, patch and change management, hardening practices and the application of Active Directory Rights Management Services (AD RMS. AD RMS is considered as an important feature since it is able to protect the system even though it is compromised using access lists at a document level. Finally, the investigation of the state of the art related to the security of Windows Server 2012 shows an analysis of solutions given by third parties vendors, which offer security products to secure the base system objective of this study. The recommended solution given by the authors present the security vendor Symantec with its successful features and also characteristics that the authors considered that may have to be improved in future versions of the security solution.

  7. A neural network-based optimal spatial filter design method for motor imagery classification.

    Directory of Open Access Journals (Sweden)

    Ayhan Yuksel

    Full Text Available In this study, a novel spatial filter design method is introduced. Spatial filtering is an important processing step for feature extraction in motor imagery-based brain-computer interfaces. This paper introduces a new motor imagery signal classification method combined with spatial filter optimization. We simultaneously train the spatial filter and the classifier using a neural network approach. The proposed spatial filter network (SFN is composed of two layers: a spatial filtering layer and a classifier layer. These two layers are linked to each other with non-linear mapping functions. The proposed method addresses two shortcomings of the common spatial patterns (CSP algorithm. First, CSP aims to maximize the between-classes variance while ignoring the minimization of within-classes variances. Consequently, the features obtained using the CSP method may have large within-classes variances. Second, the maximizing optimization function of CSP increases the classification accuracy indirectly because an independent classifier is used after the CSP method. With SFN, we aimed to maximize the between-classes variance while minimizing within-classes variances and simultaneously optimizing the spatial filter and the classifier. To classify motor imagery EEG signals, we modified the well-known feed-forward structure and derived forward and backward equations that correspond to the proposed structure. We tested our algorithm on simple toy data. Then, we compared the SFN with conventional CSP and its multi-class version, called one-versus-rest CSP, on two data sets from BCI competition III. The evaluation results demonstrate that SFN is a good alternative for classifying motor imagery EEG signals with increased classification accuracy.

  8. Improvement of the Radiological system of emergency classification in Cuba

    International Nuclear Information System (INIS)

    Jerez Vegueria, Pablo F.; Yamil Lopez Forteza; Diaz Guerra, Pedro I.

    2003-01-01

    In 1998 the National Center of Nuclear Security (CNSN), on the base of the experience in the one handling of emergencies and the preparation aspects, planning and answer, it perfects and it modernizes, with the approval of the national bigger State of the Civil Defense, the approaches of the Scale of Radiological Events approved from 1992. Given the operational experience of the System of Answer to Emergency of the Ministry Of Science Technology And Environment in the year 2001 the CNSN develops, it perfects and it puts in vigor a more complete System of Classification of Emergency of unique use for all the entities that use sources of radiations ionizations and that it also includes those answer forces that are imbricate in the Plan of Measures Against Catastrophe for cases of Radiological Accidents. The setting in vigor of this Unique System of Classification of Emergencies at national level has allowed to secure the coordination, planning and answer in an effective, quick and effective way. Presently work is exposed the philosophy on which this System of Classification was elaborated, the approaches used to classify the events as much in radioactive facilities as in the practice of the transport of radioactive materials and the activation of the forces of answers in cases of radiological emergencies

  9. The Importance of Classification to Business Model Research

    OpenAIRE

    Susan Lambert

    2015-01-01

    Purpose: To bring to the fore the scientific significance of classification and its role in business model theory building. To propose a method by which existing classifications of business models can be analyzed and new ones developed. Design/Methodology/Approach: A review of the scholarly literature relevant to classifications of business models is presented along with a brief overview of classification theory applicable to business model research. Existing business model classification...

  10. Using Trust for Secure Collaboration in Uncertain Environments

    DEFF Research Database (Denmark)

    Cahill, Vinny; Gray, Elizabeth; Seigneur, Jean-Marc

    2003-01-01

    The SECURE project investigates the design of security mechanisms for pervasive computing based on trust. It addresses how entities in unfamiliar pervasive computing environments can overcome initial suspicion to provide secure collaboration.......The SECURE project investigates the design of security mechanisms for pervasive computing based on trust. It addresses how entities in unfamiliar pervasive computing environments can overcome initial suspicion to provide secure collaboration....

  11. Computer Aided Design for Soil Classification Relational Database ...

    African Journals Online (AJOL)

    unique firstlady

    engineering, several developers were asked what rules they applied to identify ... classification is actually a part of all good science. As Michalski ... by a large number of soil scientists. .... and use. The calculus relational database processing is.

  12. Why SCADA security is NOT like Computer Centre Security

    CERN Multimedia

    CERN. Geneva

    2014-01-01

    Today, the industralized world lives in symbiosis with control systems (aka SCADA systems): it depends on power distribution, oil production, public transport, automatic production lines. While the convenience is at hand, still too many control systems are designed without any security in mind, lack basic security protections, and are not even robust enough to withstand basic attacks. The Stuxnet worm attacking Siemens PLCs in 2010 was another close call. Attackers currently enjoy hacking control systems, and aim to switch lights off. This presentation shall recap the current situation and discuss the differences (or not) between computer center cyber-security and control system cyber-security.

  13. A Novel QKD-based Secure Edge Router Architecture Design for Burst Confidentiality in Optical Burst Switched Networks

    Science.gov (United States)

    Balamurugan, A. M.; Sivasubramanian, A.

    2014-06-01

    The Optical Burst Switching (OBS) is an emergent result to the technology issue that could achieve a viable network in future. They have the ability to meet the bandwidth requisite of those applications that call for intensive bandwidth. The field of optical transmission has undergone numerous advancements and is still being researched mainly due to the fact that optical data transmission can be done at enormous speeds. The concept of OBS is still far from perfection facing issues in case of security threat. The transfer of optical switching paradigm to optical burst switching faces serious downfall in the fields of burst aggregation, routing, authentication, dispute resolution and quality of service (QoS). This paper proposes a framework based on QKD based secure edge router architecture design to provide burst confidentiality. The QKD protocol offers high level of confidentiality as it is indestructible. The design architecture was implemented in FPGA using diverse models and the results were taken. The results show that the proposed model is suitable for real time secure routing applications of the Optical burst switched networks.

  14. Computationally Efficient Neural Network Intrusion Security Awareness

    Energy Technology Data Exchange (ETDEWEB)

    Todd Vollmer; Milos Manic

    2009-08-01

    An enhanced version of an algorithm to provide anomaly based intrusion detection alerts for cyber security state awareness is detailed. A unique aspect is the training of an error back-propagation neural network with intrusion detection rule features to provide a recognition basis. Network packet details are subsequently provided to the trained network to produce a classification. This leverages rule knowledge sets to produce classifications for anomaly based systems. Several test cases executed on ICMP protocol revealed a 60% identification rate of true positives. This rate matched the previous work, but 70% less memory was used and the run time was reduced to less than 1 second from 37 seconds.

  15. Panacea : Automating attack classification for anomaly-based network intrusion detection systems

    NARCIS (Netherlands)

    Bolzoni, D.; Etalle, S.; Hartel, P.H.; Kirda, E.; Jha, S.; Balzarotti, D.

    2009-01-01

    Anomaly-based intrusion detection systems are usually criticized because they lack a classification of attacks, thus security teams have to manually inspect any raised alert to classify it. We present a new approach, Panacea, to automatically and systematically classify attacks detected by an

  16. Panacea : Automating attack classification for anomaly-based network intrusion detection systems

    NARCIS (Netherlands)

    Bolzoni, D.; Etalle, S.; Hartel, P.H.

    2009-01-01

    Anomaly-based intrusion detection systems are usually criticized because they lack a classification of attack, thus security teams have to manually inspect any raised alert to classify it. We present a new approach, Panacea, to automatically and systematically classify attacks detected by an

  17. Process Security in Chemical Engineering Education

    Science.gov (United States)

    Piluso, Cristina; Uygun, Korkut; Huang, Yinlun; Lou, Helen H.

    2005-01-01

    The threats of terrorism have greatly alerted the chemical process industries to assure plant security at all levels: infrastructure-improvement-focused physical security, information-protection-focused cyber security, and design-and-operation-improvement-focused process security. While developing effective plant security methods and technologies…

  18. Safeguards and security by design support for the next generation nuclear plant project - Progress in safeguards by design (SBD) by the United States National Nuclear Security Administration (NNSA)

    International Nuclear Information System (INIS)

    Bjornard, T.; Casey Durst, P.

    2013-01-01

    The Next Generation Nuclear Plant (NGNP) project was authorized by the United States Energy Policy Act of 2005 with the principal objective of designing, licensing, and building a Generation IV nuclear plant capable of producing both high-temperature process heat and electricity. The two candidate NGNP reactor concepts are pebble- and prismatic-fueled high-temperature gas reactors that will be licensed by the U.S. Nuclear Regulatory Commission (NRC). The conceptual design phase of the project was completed in December 2010. This paper summarizes support provided to the NGNP project to facilitate consideration of international safeguards during the design phase, or safeguards by design (SBD). Additional support was provided for domestic safeguards (material control and accounting) and physical protection, or safeguards and security by design (2SBD). The main focus of this paper is on SBD and international safeguards. Included is an overview of the international safeguards guidance contained in guidance reports for SBD. These reports contain guidance and suggestions intended to be useful to the industry design teams, but they do not contain ready-made solutions. Early and frequent interaction of design stakeholders with the International Atomic Energy Agency and the NRC are essential to a successful endeavor. The paper is followed by the slides of the presentation. (author)

  19. Automated Classification of Consumer Health Information Needs in Patient Portal Messages.

    Science.gov (United States)

    Cronin, Robert M; Fabbri, Daniel; Denny, Joshua C; Jackson, Gretchen Purcell

    2015-01-01

    Patients have diverse health information needs, and secure messaging through patient portals is an emerging means by which such needs are expressed and met. As patient portal adoption increases, growing volumes of secure messages may burden healthcare providers. Automated classification could expedite portal message triage and answering. We created four automated classifiers based on word content and natural language processing techniques to identify health information needs in 1000 patient-generated portal messages. Logistic regression and random forest classifiers detected single information needs well, with area under the curves of 0.804-0.914. A logistic regression classifier accurately found the set of needs within a message, with a Jaccard index of 0.859 (95% Confidence Interval: (0.847, 0.871)). Automated classification of consumer health information needs expressed in patient portal messages is feasible and may allow direct linking to relevant resources or creation of institutional resources for commonly expressed needs.

  20. A Portable Computer Security Workshop

    Science.gov (United States)

    Wagner, Paul J.; Phillips, Andrew T.

    2006-01-01

    We have developed a computer security workshop designed to instruct post-secondary instructors who want to start a course or laboratory exercise sequence in computer security. This workshop has also been used to provide computer security education to IT professionals and students. It is effective in communicating basic computer security principles…

  1. Classification hierarchies for product data modelling

    NARCIS (Netherlands)

    Pels, H.J.

    2006-01-01

    Abstraction is an essential element in data modelling that appears mainly in one of the following forms: generalisation, classification or aggregation. In the design of complex products classification hierarchies can be found product families that are viewed as classes of product types, while

  2. Secure integrated circuits and systems

    CERN Document Server

    Verbauwhede, Ingrid MR

    2010-01-01

    On any advanced integrated circuit or 'system-on-chip' there is a need for security. In many applications the actual implementation has become the weakest link in security rather than the algorithms or protocols. The purpose of the book is to give the integrated circuits and systems designer an insight into the basics of security and cryptography from the implementation point of view. As a designer of integrated circuits and systems it is important to know both the state-of-the-art attacks as well as the countermeasures. Optimizing for security is different from optimizations for speed, area,

  3. A risk-based approach to designing effective security force training exercises

    International Nuclear Information System (INIS)

    Bott, T.F.; Eisenhawer, S.W.

    2002-01-01

    The effectiveness of a security force in protecting a nuclear facility is often evaluated using training exercises that pit a group of simulated attackers against a security team. In the situation studied here, a security force was regularly tested by a regulatory body with the responsibility for security oversight. It was observed that the regulators were continually imposing more challenging security scenarios by assigning increasingly sophisticated facility knowledge to the attackers. Not surprisingly, the security forces' assessed effectiveness decreased until eventually they were unable to successfully resist the attacks. Security managers maintained that the knowledge attributed to the attackers was becoming increasingly unrealistic and feared they would be forced to concentrate resources on unrealistic scenarios at the expense of more credible threats.

  4. Design and Evaluation of Smart Glasses for Food Intake and Physical Activity Classification.

    Science.gov (United States)

    Chung, Jungman; Oh, Wonjoon; Baek, Dongyoub; Ryu, Sunwoong; Lee, Won Gu; Bang, Hyunwoo

    2018-02-14

    This study presents a series of protocols of designing and manufacturing a glasses-type wearable device that detects the patterns of temporalis muscle activities during food intake and other physical activities. We fabricated a 3D-printed frame of the glasses and a load cell-integrated printed circuit board (PCB) module inserted in both hinges of the frame. The module was used to acquire the force signals, and transmit them wirelessly. These procedures provide the system with higher mobility, which can be evaluated in practical wearing conditions such as walking and waggling. A performance of the classification is also evaluated by distinguishing the patterns of food intake from those physical activities. A series of algorithms were used to preprocess the signals, generate feature vectors, and recognize the patterns of several featured activities (chewing and winking), and other physical activities (sedentary rest, talking, and walking). The results showed that the average F1 score of the classification among the featured activities was 91.4%. We believe this approach can be potentially useful for automatic and objective monitoring of ingestive behaviors with higher accuracy as practical means to treat ingestive problems.

  5. Method for secure electronic voting system: face recognition based approach

    Science.gov (United States)

    Alim, M. Affan; Baig, Misbah M.; Mehboob, Shahzain; Naseem, Imran

    2017-06-01

    In this paper, we propose a framework for low cost secure electronic voting system based on face recognition. Essentially Local Binary Pattern (LBP) is used for face feature characterization in texture format followed by chi-square distribution is used for image classification. Two parallel systems are developed based on smart phone and web applications for face learning and verification modules. The proposed system has two tire security levels by using person ID followed by face verification. Essentially class specific threshold is associated for controlling the security level of face verification. Our system is evaluated three standard databases and one real home based database and achieve the satisfactory recognition accuracies. Consequently our propose system provides secure, hassle free voting system and less intrusive compare with other biometrics.

  6. Nuclear security standard: Argentina approach

    International Nuclear Information System (INIS)

    Bonet Duran, Stella M.; Rodriguez, Carlos E.; Menossi, Sergio A.; Serdeiro, Nelida H.

    2007-01-01

    Argentina has a comprehensive regulatory system designed to assure the security and safety of radioactive sources, which has been in place for more than fifty years. In 1989 the Radiation Protection and Nuclear Safety branch of the National Atomic Energy Commission created the 'Council of Physical Protection of Nuclear Materials and Installations' (CAPFMIN). This Council published in 1992 a Physical Protection Standard based on a deep and careful analysis of INFCIRC 225/Rev.2 including topics like 'sabotage scenario'. Since then, the world's scenario has changed, and some concepts like 'design basis threat', 'detection, delay and response', 'performance approach and prescriptive approach', have been applied to the design of physical protection systems in facilities other than nuclear installations. In Argentina, radioactive sources are widely used in medical and industrial applications with more than 1,600 facilities controlled by the Nuclear Regulatory Authority (in spanish ARN). During 2005, measures like 'access control', 'timely detection of intruder', 'background checks', and 'security plan', were required by ARN for implementation in facilities with radioactive sources. To 'close the cycle' the next step is to produce a regulatory standard based on the operational experience acquired during 2005. ARN has developed a set of criteria for including them in a new standard on security of radioactive materials. Besides, a specific Regulatory Guide is being prepared to help licensees of facilities in design a security system and to fulfill the 'Design of Security System Questionnaire'. The present paper describes the proposed Standard on Security of Radioactive Sources and the draft of the Nuclear Security Regulatory Guidance, based on our regulatory experience and the latest international recommendations. (author)

  7. Classification of research reactors and discussion of thinking of safety regulation based on the classification

    International Nuclear Information System (INIS)

    Song Chenxiu; Zhu Lixin

    2013-01-01

    Research reactors have different characteristics in the fields of reactor type, use, power level, design principle, operation model and safety performance, etc, and also have significant discrepancy in the aspect of nuclear safety regulation. This paper introduces classification of research reactors and discusses thinking of safety regulation based on the classification of research reactors. (authors)

  8. The secure reactors

    International Nuclear Information System (INIS)

    Hannerz, K.

    1987-01-01

    The principle of Process Inherent Ultimate Safety (PIUS) is a new approach to Light Water Reactor (LWR) safety that could represent a solution to the present problems of public distrust, regulatory maze and plant design complexity plaguing the nuclear industry in many countries. A unique thermohydraulic design of the primary system ensures core integrity, and thereby gurarantees freedom from significant releases of radioactive matter, in all credible emergencies. This is accomplished entirely without reliance on potentially failure prone engineered safety systems and with immunity to operator mistskes. The potential for human fallibility to cause accidents is thereby drastically reduced in an easily understood way. Plant design can be greatly simplified because redundant, diverse safety systems are no longer needed. The paper briefly describes the PIUS design principle and the two SECURE reactor designs based on it, i.e. SECURE-H for district heating and process steam and SECURE-P (usually known simply as PIUS) for electric power generation. Demonstration of simulated system over-all thermohydraulic function and transient response in a large electrically heated test loop is described and results from some component development work is given. (author)

  9. Hadoop-Based Healthcare Information System Design and Wireless Security Communication Implementation

    Directory of Open Access Journals (Sweden)

    Hongsong Chen

    2015-01-01

    Full Text Available Human health information from healthcare system can provide important diagnosis data and reference to doctors. However, continuous monitoring and security storage of human health data are challenging personal privacy and big data storage. To build secure and efficient healthcare application, Hadoop-based healthcare security communication system is proposed. In wireless biosensor network, authentication and key transfer should be lightweight. An ECC (Elliptic Curve Cryptography based lightweight digital signature and key transmission method are proposed to provide wireless secure communication in healthcare information system. Sunspot wireless sensor nodes are used to build healthcare secure communication network; wireless nodes and base station are assigned different tasks to achieve secure communication goal in healthcare information system. Mysql database is used to store Sunspot security entity table and measure entity table. Hadoop is used to backup and audit the Sunspot security entity table. Sqoop tool is used to import/export data between Mysql database and HDFS (Hadoop distributed file system. Ganglia is used to monitor and measure the performance of Hadoop cluster. Simulation results show that the Hadoop-based healthcare architecture and wireless security communication method are highly effective to build a wireless healthcare information system.

  10. Designing a machinery control system (MCS) security testbed

    OpenAIRE

    Desso, Nathan H.

    2014-01-01

    Approved for public release; distribution is unlimited Industrial control systems (ICS) face daily cyber security threats, can have a significant impact to the security of our nation, and present a difficult challenge to defend. Critical infrastructures, including military systems like the machinery control systems (MCS) found onboard modern U.S. warships, are affected because of their use of commercial automation solutions. The increase of automated control systems within the U.S. Navy sa...

  11. Construction of a knowledge classification scheme for sharing and usage of knowledge

    International Nuclear Information System (INIS)

    Yoo, Jae Bok; Oh, Jeong Hoon; Lee, Ji Ho; Ko, Young Chul

    2003-12-01

    To efficiently share knowledge among our members on the basis of knowledge management system, first of all, we need to systematically design the knowledge classification scheme that we can classify these knowledge well. The objective of this project is to construct the most suitable knowledge classification scheme that all of us can share them in Korea Atomic Energy Research Institute(KAERI). To construct the knowledge classification scheme all over the our organization, we established a few principles to design it and examined related many classification schemes. And we carried out 3 steps to complete the best desirable KAERI's knowledge classification scheme, that is, 1) the step to design a draft of the knowledge classification scheme, 2) the step to revise a draft of the knowledge classification scheme, 3) the step to verify the revised scheme and to decide its scheme. The scheme completed as a results of this project is consisted of total 218 items, that is, sections of 8 items, classes of 43 items and sub-classes of 167 items. We expect that the knowledge classification scheme designed as the results of this project can be played an important role as the frame to share knowledge among our members when we introduce knowledge management system in our organization. In addition, we expect that methods to design its scheme as well as this scheme itself can be applied when design a knowledge classification scheme at the other R and D institutes and enterprises

  12. Radiation Detection and Classification of Heavy Oxide Inorganic Scintillator Crystals for Detection of Fast Neutrons

    Science.gov (United States)

    2016-06-01

    response, diffuse source, collimated source 15. NUMBER OF PAGES 101 16. PRICE CODE 17. SECURITY CLASSIFICATION OF REPORT Unclassified 18...protecting the homeland, building security globally, and projecting power and winning decisively [1]. Nuclear material detection is embedded in two...detection. According to Glasstone and Dolan [4] as well as numerous other experts, there are fundamentally three isotopes that could practically be used

  13. Framework for Integrating Safety, Operations, Security, and Safeguards in the Design and Operation of Nuclear Facilities

    Energy Technology Data Exchange (ETDEWEB)

    Darby, John L. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Horak, Karl Emanuel [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); LaChance, Jeffrey L. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Tolk, Keith Michael [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Whitehead, Donnie Wayne [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

    2007-10-01

    The US is currently on the brink of a nuclear renaissance that will result in near-term construction of new nuclear power plants. In addition, the Department of Energy’s (DOE) ambitious new Global Nuclear Energy Partnership (GNEP) program includes facilities for reprocessing spent nuclear fuel and reactors for transmuting safeguards material. The use of nuclear power and material has inherent safety, security, and safeguards (SSS) concerns that can impact the operation of the facilities. Recent concern over terrorist attacks and nuclear proliferation led to an increased emphasis on security and safeguard issues as well as the more traditional safety emphasis. To meet both domestic and international requirements, nuclear facilities include specific SSS measures that are identified and evaluated through the use of detailed analysis techniques. In the past, these individual assessments have not been integrated, which led to inefficient and costly design and operational requirements. This report provides a framework for a new paradigm where safety, operations, security, and safeguards (SOSS) are integrated into the design and operation of a new facility to decrease cost and increase effectiveness. Although the focus of this framework is on new nuclear facilities, most of the concepts could be applied to any new, high-risk facility.

  14. Modern Quantum Technologies of Information Security

    OpenAIRE

    Korchenko, Oleksandr; Vasiliu, Yevhen; Gnatyuk, Sergiy

    2010-01-01

    In this paper, the systematisation and classification of modern quantum technologies of information security against cyber-terrorist attack are carried out. The characteristic of the basic directions of quantum cryptography from the viewpoint of the quantum technologies used is given. A qualitative analysis of the advantages and disadvantages of concrete quantum protocols is made. The current status of the problem of practical quantum cryptography use in telecommunication networks is consider...

  15. Security planning an applied approach

    CERN Document Server

    Lincke, Susan

    2015-01-01

    This book guides readers through building an IT security plan. Offering a template, it helps readers to prioritize risks, conform to regulation, plan their defense and secure proprietary/confidential information. The process is documented in the supplemental online security workbook. Security Planning is designed for the busy IT practitioner, who does not have time to become a security expert, but needs a security plan now. It also serves to educate the reader of a broader set of concepts related to the security environment through the Introductory Concepts and Advanced sections. The book serv

  16. Lecture 3: Web Application Security

    CERN Multimedia

    CERN. Geneva

    2013-01-01

    Computer security has been an increasing concern for IT professionals for a number of years, yet despite all the efforts, computer systems and networks remain highly vulnerable to attacks of different kinds. Design flaws and security bugs in the underlying software are among the main reasons for this. This lecture focuses on security aspects of Web application development. Various vulnerabilities typical to web applications (such as Cross-site scripting, SQL injection, cross-site request forgery etc.) are introduced and discussed. Sebastian Lopienski is CERN’s deputy Computer Security Officer. He works on security strategy and policies; offers internal consultancy and audit services; develops and maintains security tools for vulnerability assessment and intrusion detection; provides training and awareness raising; and does incident investigation and response. During his work at CERN since 2001, Sebastian has had various assignments, including designing and developing software to manage and support servic...

  17. Information technology - Security techniques - Information security management systems - Requirements

    CERN Document Server

    International Organization for Standardization. Geneva

    2005-01-01

    ISO/IEC 27001:2005 covers all types of organizations (e.g. commercial enterprises, government agencies, not-for profit organizations). ISO/IEC 27001:2005 specifies the requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented Information Security Management System within the context of the organization's overall business risks. It specifies requirements for the implementation of security controls customized to the needs of individual organizations or parts thereof. ISO/IEC 27001:2005 is designed to ensure the selection of adequate and proportionate security controls that protect information assets and give confidence to interested parties. ISO/IEC 27001:2005 is intended to be suitable for several different types of use, including the following: use within organizations to formulate security requirements and objectives; use within organizations as a way to ensure that security risks are cost effectively managed; use within organizations to ensure comp...

  18. Physical security of cut-and-cover underground facilities

    International Nuclear Information System (INIS)

    Morse, W.D.

    1998-01-01

    To aid designers, generic physical security objectives and design concepts for cut-and-cover underground facilities are presented. Specific aspects addressing overburdens, entryways, security doors, facility services, emergency egress, security response force, and human elements are discussed

  19. Computer security engineering management

    International Nuclear Information System (INIS)

    McDonald, G.W.

    1988-01-01

    For best results, computer security should be engineered into a system during its development rather than being appended later on. This paper addresses the implementation of computer security in eight stages through the life cycle of the system; starting with the definition of security policies and ending with continuing support for the security aspects of the system throughout its operational life cycle. Security policy is addressed relative to successive decomposition of security objectives (through policy, standard, and control stages) into system security requirements. This is followed by a discussion of computer security organization and responsibilities. Next the paper directs itself to analysis and management of security-related risks, followed by discussion of design and development of the system itself. Discussion of security test and evaluation preparations, and approval to operate (certification and accreditation), is followed by discussion of computer security training for users is followed by coverage of life cycle support for the security of the system

  20. MODEL-BASED SECURITY ENGINEERING OF SOA SYSTEM USING SECURITY INTENT DSL

    OpenAIRE

    Muhammad Qaiser Saleem; Jafreezal Jaafar; Mohd Fadzil Hassan

    2011-01-01

    Currently most of the enterprises are using SOA and web services technologies to build their web information system. They are using MDA principles for design and development of WIS and using UML as a modelling language for business process modelling. Along with the increased connectivity in SOA environment, security risks rise exponentially. Security is not defined during the early phases of development and left onto developer. Properly configuring security requirements in SOA applications is...

  1. New Course Design: Classification Schemes and Information Architecture.

    Science.gov (United States)

    Weinberg, Bella Hass

    2002-01-01

    Describes a course developed at St. John's University (New York) in the Division of Library and Information Science that relates traditional classification schemes to information architecture and Web sites. Highlights include functional aspects of information architecture, that is, the way content is structured; assignments; student reactions; and…

  2. Packet Classification by Multilevel Cutting of the Classification Space: An Algorithmic-Architectural Solution for IP Packet Classification in Next Generation Networks

    Directory of Open Access Journals (Sweden)

    Motasem Aldiab

    2008-01-01

    Full Text Available Traditionally, the Internet provides only a “best-effort” service, treating all packets going to the same destination equally. However, providing differentiated services for different users based on their quality requirements is increasingly becoming a demanding issue. For this, routers need to have the capability to distinguish and isolate traffic belonging to different flows. This ability to determine the flow each packet belongs to is called packet classification. Technology vendors are reluctant to support algorithmic solutions for classification due to their nondeterministic performance. Although content addressable memories (CAMs are favoured by technology vendors due to their deterministic high-lookup rates, they suffer from the problems of high-power consumption and high-silicon cost. This paper provides a new algorithmic-architectural solution for packet classification that mixes CAMs with algorithms based on multilevel cutting of the classification space into smaller spaces. The provided solution utilizes the geometrical distribution of rules in the classification space. It provides the deterministic performance of CAMs, support for dynamic updates, and added flexibility for system designers.

  3. Automated Classification of Consumer Health Information Needs in Patient Portal Messages

    Science.gov (United States)

    Cronin, Robert M.; Fabbri, Daniel; Denny, Joshua C.; Jackson, Gretchen Purcell

    2015-01-01

    Patients have diverse health information needs, and secure messaging through patient portals is an emerging means by which such needs are expressed and met. As patient portal adoption increases, growing volumes of secure messages may burden healthcare providers. Automated classification could expedite portal message triage and answering. We created four automated classifiers based on word content and natural language processing techniques to identify health information needs in 1000 patient-generated portal messages. Logistic regression and random forest classifiers detected single information needs well, with area under the curves of 0.804–0.914. A logistic regression classifier accurately found the set of needs within a message, with a Jaccard index of 0.859 (95% Confidence Interval: (0.847, 0.871)). Automated classification of consumer health information needs expressed in patient portal messages is feasible and may allow direct linking to relevant resources or creation of institutional resources for commonly expressed needs. PMID:26958285

  4. A Classification Model and an Open E-Learning System Based on Intuitionistic Fuzzy Sets for Instructional Design Concepts

    Science.gov (United States)

    Güyer, Tolga; Aydogdu, Seyhmus

    2016-01-01

    This study suggests a classification model and an e-learning system based on this model for all instructional theories, approaches, models, strategies, methods, and technics being used in the process of instructional design that constitutes a direct or indirect resource for educational technology based on the theory of intuitionistic fuzzy sets…

  5. From secure dependency to attachment: Mary Ainsworth's integration of Blatz's security theory into Bowlby's attachment theory.

    Science.gov (United States)

    van Rosmalen, Lenny; van der Horst, Frank C P; van der Veer, René

    2016-02-01

    John Bowlby is generally regarded as the founder of attachment theory, with the help of Mary Ainsworth. Through her Uganda and Baltimore studies Ainsworth provided empirical evidence for attachment theory, and she contributed the notion of the secure base and exploratory behavior, the Strange Situation Procedure and its classification system, and the notion of maternal sensitivity. On closer scrutiny, many of these contributions appear to be heavily influenced by William Blatz and his security theory. Even though Blatz's influence on Ainsworth has been generally acknowledged, this article, partly based on understudied correspondence from several personal archives, is the first to show which specific parts of attachment theory can be traced back directly to Blatz and his security theory. When Ainsworth started working with Bowlby in the 1950s, around the time he turned to evolutionary theory for an explanation of his findings, she integrated much of Blatzian security theory into Bowlby's theory in the making and used her theoretical and practical experience to enrich attachment theory. Even though Blatz is hardly mentioned nowadays, several of his ideas live on in attachment theory. (c) 2016 APA, all rights reserved).

  6. Physical protection educational program - information security aspects

    International Nuclear Information System (INIS)

    Tolstoy, A.

    2002-01-01

    Full text: Conceptual approaches for designing an expert training program on object physical protection taking into account information security aspects are examined. A special educational course does not only address the immediate needs for an educational support but also ensures that new professionals include new concepts and knowledge in their practice and encourages current practitioners towards such practice. Features of the modern physical protection systems (PPS) and classification of information circulating at them are pointed out. The requirements to the PPS information protection subsystem are discussed. During the PPS expert training on information security (IS) aspects they should receive certain knowledge, on the basis of which they could competently define and carry out the PPS IS policy for a certain object. Thus, it is important to consider minimally necessary volume of knowledge taught to the PPS experts for independent and competent implementation of the above listed tasks. For the graduate PPS IS expert training it is also necessary to examine the normative and legal acts devoted to IS as a whole and the PPS IS in particular. It is caused by necessity of conformity of methods and information protection tools implemented on a certain object to the federal and departmental IS requirements. The departmental normative IS requirements define an orientation of the PPS expert training. By curriculum development it is necessary to precisely determine for whom the PPS experts are taught. The curriculum should reflect common features of the PPS functioning of the certain object type, i.e. it should be adapted to a certain customer of the experts. The specified features were taken into account by development of an educational course 'Information security of the nuclear facility physical protection systems', taught at the Moscow Engineering Physics Institute (State University) according to the Russian-American educational program 'Master in Physical

  7. The Performance of LBP and NSVC Combination Applied to Face Classification

    Directory of Open Access Journals (Sweden)

    Mohammed Ngadi

    2016-01-01

    Full Text Available The growing demand in the field of security led to the development of interesting approaches in face classification. These works are interested since their beginning in extracting the invariant features of the face to build a single model easily identifiable by classification algorithms. Our goal in this article is to develop more efficient practical methods for face detection. We present a new fast and accurate approach based on local binary patterns (LBP for the extraction of the features that is combined with the new classifier Neighboring Support Vector Classifier (NSVC for classification. The experimental results on different natural images show that the proposed method can get very good results at a very short detection time. The best precision obtained by LBP-NSVC exceeds 99%.

  8. Classification guide: Sochi 2014 Paralympic Winter Games

    OpenAIRE

    2014-01-01

    The Sochi 2014 Paralympic Winter Games classification guide is designed to provide National Paralympic Committees (NPCs) and International Federations (IFs) with information about the classification policies and procedures that will apply to the Sochi 2014 Paralympic Winter Games.

  9. Digital watermarking for secure and adaptive teleconferencing

    Science.gov (United States)

    Vorbrueggen, Jan C.; Thorwirth, Niels

    2002-04-01

    The EC-sponsored project ANDROID aims to develop a management system for secure active networks. Active network means allowing the network's customers to execute code (Java-based so-called proxylets) on parts of the network infrastructure. Secure means that the network operator nonetheless retains full control over the network and its resources, and that proxylets use ANDROID-developed facilities to provide secure applications. Management is based on policies and allows autonomous, distributed decisions and actions to be taken. Proxylets interface with the system via policies; among actions they can take is controlling execution of other proxylets or redirection of network traffic. Secure teleconferencing is used as the application to demonstrate the approach's advantages. A way to control a teleconference's data streams is to use digital watermarking of the video, audio and/or shared-whiteboard streams, providing an imperceptible and inseparable side channel that delivers information from originating or intermediate stations to downstream stations. Depending on the information carried by the watermark, these stations can take many different actions. Examples are forwarding decisions based on security classifications (possibly time-varying) at security boundaries, set-up and tear-down of virtual private networks, intelligent and adaptive transcoding, recorder or playback control (e.g., speaking off the record), copyright protection, and sender authentication.

  10. Campus network security model study

    Science.gov (United States)

    Zhang, Yong-ku; Song, Li-ren

    2011-12-01

    Campus network security is growing importance, Design a very effective defense hacker attacks, viruses, data theft, and internal defense system, is the focus of the study in this paper. This paper compared the firewall; IDS based on the integrated, then design of a campus network security model, and detail the specific implementation principle.

  11. Computer Aided Design for Soil Classification Relational Database ...

    African Journals Online (AJOL)

    The paper focuses on the problems associated with classification, storage and retrieval of information on soil data, such as the incompatibility of soil data semantics; inadequate documentation, and lack of indexing; hence it is pretty difficult to efficiently access large database. Consequently, information on soil is very difficult ...

  12. Secure Retrieval of FFTF Testing, Design, and Operating Information

    International Nuclear Information System (INIS)

    Butner, R. Scott; Wootan, David W.; Omberg, Ronald P.; Makenas, Bruce J.; Nielsen, Deborah

    2009-01-01

    One of the goals of the Advanced Fuel Cycle Initiative (AFCI) is to preserve the knowledge that has been gained in the United States on Liquid Metal Reactors (LMR). In addition, preserving LMR information and knowledge is part of a larger international collaborative activity conducted under the auspices of the International Atomic Energy Agency (IAEA). A similar program is being conducted for EBR-II at the Idaho Nuclear Laboratory (INL) and international programs are also in progress. Knowledge preservation at the FFTF is focused on the areas of design, construction, startup, and operation of the reactor. As the primary function of the FFTF was testing, the focus is also on preserving information obtained from irradiation testing of fuels and materials. This information will be invaluable when, at a later date, international decisions are made to pursue new LMRs. In the interim, this information may be of potential use for international exchanges with other LMR programs around the world. At least as important in the United States, which is emphasizing large-scale computer simulation and modeling, this information provides the basis for creating benchmarks for validating and testing these large scale computer programs. Although the preservation activity with respect to FFTF information as discussed below is still underway, the team of authors above is currently retrieving and providing experimental and design information to the LMR modeling and simulation efforts for use in validating their computer models. On the Hanford Site, the FFTF reactor plant is one of the facilities intended for decontamination and decommissioning consistent with the cleanup mission on this site. The reactor facility has been deactivated and is being maintained in a cold and dark minimal surveillance and maintenance mode until final decommissioning is pursued. In order to ensure protection of information at risk, the program to date has focused on sequestering and secure retrieval

  13. Security of Dependable Systems

    DEFF Research Database (Denmark)

    Ahmed, Naveed; Jensen, Christian D.

    2011-01-01

    Security and dependability are crucial for designing trustworthy systems. The approach “security as an add-on” is not satisfactory, yet the integration of security in the development process is still an open problem. Especially, a common framework for specifying dependability and security is very...... much needed. There are many pressing challenges however; here, we address some of them. Firstly, security for dependable systems is a broad concept and traditional view of security, e.g., in terms of confidentiality, integrity and availability, does not suffice. Secondly, a clear definition of security...... in the dependability context is not agreed upon. Thirdly, security attacks cannot be modeled as a stochastic process, because the adversary’s strategy is often carefully planned. In this chapter, we explore these challenges and provide some directions toward their solutions....

  14. A Research Agenda for Security Engineering

    Directory of Open Access Journals (Sweden)

    Rich Goyette

    2013-08-01

    Full Text Available Despite nearly 30 years of research and application, the practice of information system security engineering has not yet begun to exhibit the traits of a rigorous scientific discipline. As cyberadversaries have become more mature, sophisticated, and disciplined in their tradecraft, the science of security engineering has not kept pace. The evidence of the erosion of our digital security – upon which society is increasingly dependent – appears in the news almost daily. In this article, we outline a research agenda designed to begin addressing this deficit and to move information system security engineering toward a mature engineering discipline. Our experience suggests that there are two key areas in which this movement should begin. First, a threat model that is actionable from the perspectives of risk management and security engineering should be developed. Second, a practical and relevant security-measurement framework should be developed to adequately inform security-engineering and risk-management processes. Advances in these areas will particularly benefit business/government risk assessors as well as security engineers performing security design work, leading to more accurate, meaningful, and quantitative risk analyses and more consistent and coherent security design decisions. Threat modelling and security measurement are challenging activities to get right – especially when they need to be applied in a general context. However, these are decisive starting points because they constitute the foundation of a scientific security-engineering practice. Addressing these challenges will require stronger and more coherent integration between the sub-disciplines of risk assessment and security engineering, including new tools to facilitate that integration. More generally, changes will be required in the way security engineering is both taught and practiced to take into account the holistic approach necessary from a mature, scientific

  15. 5 CFR 9901.231 - Conversion of positions and employees to NSPS classification system.

    Science.gov (United States)

    2010-01-01

    ... HUMAN RESOURCES MANAGEMENT AND LABOR RELATIONS SYSTEMS (DEPARTMENT OF DEFENSE-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF DEFENSE NATIONAL SECURITY PERSONNEL SYSTEM (NSPS) Classification Transitional... employee's career group, pay schedule, and band upon conversion. (d) Grade retention prior to conversion...

  16. Near infrared spectroscopy is suitable for the classification of hazelnuts according to Protected Designation of Origin.

    Science.gov (United States)

    Moscetti, Roberto; Radicetti, Emanuele; Monarca, Danilo; Cecchini, Massimo; Massantini, Riccardo

    2015-10-01

    This study investigates the possibility of using near infrared spectroscopy for the authentication of the 'Nocciola Romana' hazelnut (Corylus avellana L. cvs Tonda Gentile Romana and Nocchione) as a Protected Designation of Origin (PDO) hazelnut from central Italy. Algorithms for the selection of the optimal pretreatments were tested in combination with the following discriminant routines: k-nearest neighbour, soft independent modelling of class analogy, partial least squares discriminant analysis and support vector machine discriminant analysis. The best results were obtained using a support vector machine discriminant analysis routine. Thus, classification performance rates with specificities, sensitivities and accuracies as high as 96.0%, 95.0% and 95.5%, respectively, were achieved. Various pretreatments, such as standard normal variate, mean centring and a Savitzky-Golay filter with seven smoothing points, were used. The optimal wavelengths for classification were mainly correlated with lipids, although some contribution from minor constituents, such as proteins and carbohydrates, was also observed. Near infrared spectroscopy could classify hazelnut according to the PDO 'Nocciola Romana' designation. Thus, the experimentation lays the foundations for a rapid, online, authentication system for hazelnut. However, model robustness should be improved taking into account agro-pedo-climatic growing conditions. © 2014 Society of Chemical Industry.

  17. The Effects of Individual Disengagement on Insurgency Campaigns

    Science.gov (United States)

    2010-12-01

    PRICE CODE 17. SECURITY CLASSIFICATION OF REPORT Unclassified 18. SECURITY CLASSIFICATION OF THIS PAGE Unclassified 19. SECURITY CLASSIFICATION...and A. Kieser, 1981, “Development of Organizations over Time,” In Handbook of Organizational Design, edited by P. C. Nystrom and W. H. Starbuck , New...Hills: Sage Publications, 1981. William H. Starbuck , Arent Greve, and Bo Hedberg, Responding to Crises, Stockholm: Arbetslivscentrum, 1979. 36 D

  18. Bayes, not Naïve: Security Bounds on Website Fingerprinting Defenses

    Directory of Open Access Journals (Sweden)

    Cherubin Giovanni

    2017-10-01

    Full Text Available Website Fingerprinting (WF attacks raise major concerns about users’ privacy. They employ Machine Learning (ML techniques to allow a local passive adversary to uncover the Web browsing behavior of a user, even if she browses through an encrypted tunnel (e.g. Tor, VPN. Numerous defenses have been proposed in the past; however, it is typically difficult to have formal guarantees on their security, which is most often evaluated empirically against state-of-the-art attacks. In this paper, we present a practical method to derive security bounds for any WF defense, where the bounds depend on a chosen feature set. This result derives from reducing WF attacks to an ML classification task, where we can determine the smallest achievable error (the Bayes error. Such error can be estimated in practice, and is a lower bound for a WF adversary, for any classification algorithm he may use. Our work has two main consequences: i it allows determining the security of WF defenses, in a black-box manner, with respect to the state-of-the-art feature set and ii it favors shifting the focus of future WF research to identifying optimal feature sets. The generality of this approach further suggests that the method could be used to define security bounds for other ML-based attacks.

  19. Using Common Sense to Effectively Integrate Security Technologies within a School's Security Strategy

    Energy Technology Data Exchange (ETDEWEB)

    Gree, M.W.

    1998-11-03

    Security technologies are not the answer to all school security problems. However, they can be an excellent tool for school administrators and security personnel when incorporated into a total security strategy involving personnel, procedures, and facility layout. Unfortunately, very few of the tougher security problems in schools have solutions that are affordable, effective, and acceptable. Like any other type of facility, a school's security staff must understand the strengths and limitations of the security measures they are cdesign for new schools incorporate good security practices, which will rarely increase new building costs if included in the initial planning.

  20. Lecture 2: Software Security

    CERN Multimedia

    CERN. Geneva

    2013-01-01

    Computer security has been an increasing concern for IT professionals for a number of years, yet despite all the efforts, computer systems and networks remain highly vulnerable to attacks of different kinds. Design flaws and security bugs in the underlying software are among the main reasons for this. This lecture addresses the following question: how to create secure software? The lecture starts with a definition of computer security and an explanation of why it is so difficult to achieve. It then introduces the main security principles (like least-privilege, or defense-in-depth) and discusses security in different phases of the software development cycle. The emphasis is put on the implementation part: most common pitfalls and security bugs are listed, followed by advice on best practice for security development, testing and deployment. Sebastian Lopienski is CERN’s deputy Computer Security Officer. He works on security strategy and policies; offers internal consultancy and audit services; develops and ...

  1. Report: EPA Improved Its National Security Information Program, but Some Improvements Still Needed

    Science.gov (United States)

    Report #16-P-0196, June 2, 2016. The EPA will continue to improve its national security information program by completing information classification guides that can be used uniformly and consistently throughout the agency.

  2. DIRAC Security

    CERN Document Server

    Casajús Ramo, A

    2006-01-01

    DIRAC is the LHCb Workload and Data Management System. Based on a service-oriented architecture, it enables generic distributed computing with lightweight Agents and Clients for job execution and data transfers. DIRAC implements a client-server architecture exposing server methods through XML Remote Procedure Call (XML-RPC) protocol. DIRAC is mostly coded in python. DIRAC security infrastructure has been designed to be a completely generic XML-RPC transport over a SSL tunnel. This new security layer is able to handle standard X509 certificates as well as grid-proxies to authenticate both sides of the connection. Serve and client authentication relies over OpenSSL and py-Open SSL, but to be able to handle grid proxies some modifications have been added to those libraries. DIRAC security infrastructure handles authorization and authorization as well as provides extended capabilities like secure connection tunneling and file transfer. Using this new security infrastructure all LHCb users can safely make use o...

  3. Provision of a draft version for standard classification structure for information of radiation technologies through analyzing their information and derivation of its applicable requirements to the information system

    International Nuclear Information System (INIS)

    Jang, Sol Ah; Kim, Joo Yeon; Yoo, Ji Yup; Shin, Woo Ho; Park, Tai Jin; Song, Myung Jae

    2015-01-01

    Radiation technology is the one for developing new products or processes by applying radiation or for creating new functions in industry, research and medical fields, and its application is increasing consistently. For securing an advanced technology competitiveness, it is required to create a new added value by information consumer through providing an efficient system for supporting information, which is the infrastructure for research and development, contributed to its collection, analysis and use with a rapidity and structure in addition to some direct research and development. Provision of the management structure for information resources is especially crucial for efficient operating the system for supporting information in radiation technology, and then a standard classification structure of information must be first developed as the system for supporting information will be constructed. The standard classification structure has been analyzed by reviewing the definition of information resources in radiation technology, and those classification structures in similar systems operated by institute in radiation and other scientific fields. And, a draft version of the standard classification structure has been then provided as 7 large, 25 medium and 71 small classifications, respectively. The standard classification structure in radiation technology will be developed in 2015 through reviewing this draft version and experts' opinion. Finally, developed classification structure will be applied to the system for supporting information by considering the plan for constructing this system and database, and requirements for designing the system. Furthermore, this structure will be designed in the system for searching information by working to the individual need of information consumers

  4. Provision of a draft version for standard classification structure for information of radiation technologies through analyzing their information and derivation of its applicable requirements to the information system

    Energy Technology Data Exchange (ETDEWEB)

    Jang, Sol Ah; Kim, Joo Yeon; Yoo, Ji Yup; Shin, Woo Ho; Park, Tai Jin; Song, Myung Jae [Korean Association for Radiation Application, Seoul (Korea, Republic of)

    2015-02-15

    Radiation technology is the one for developing new products or processes by applying radiation or for creating new functions in industry, research and medical fields, and its application is increasing consistently. For securing an advanced technology competitiveness, it is required to create a new added value by information consumer through providing an efficient system for supporting information, which is the infrastructure for research and development, contributed to its collection, analysis and use with a rapidity and structure in addition to some direct research and development. Provision of the management structure for information resources is especially crucial for efficient operating the system for supporting information in radiation technology, and then a standard classification structure of information must be first developed as the system for supporting information will be constructed. The standard classification structure has been analyzed by reviewing the definition of information resources in radiation technology, and those classification structures in similar systems operated by institute in radiation and other scientific fields. And, a draft version of the standard classification structure has been then provided as 7 large, 25 medium and 71 small classifications, respectively. The standard classification structure in radiation technology will be developed in 2015 through reviewing this draft version and experts' opinion. Finally, developed classification structure will be applied to the system for supporting information by considering the plan for constructing this system and database, and requirements for designing the system. Furthermore, this structure will be designed in the system for searching information by working to the individual need of information consumers.

  5. [New International Classification of Chronic Pancreatitis (M-ANNHEIM multifactor classification system, 2007): principles, merits, and demerits].

    Science.gov (United States)

    Tsimmerman, Ia S

    2008-01-01

    The new International Classification of Chronic Pancreatitis (designated as M-ANNHEIM) proposed by a group of German specialists in late 2007 is reviewed. All its sections are subjected to analysis (risk group categories, clinical stages and phases, variants of clinical course, diagnostic criteria for "established" and "suspected" pancreatitis, instrumental methods and functional tests used in the diagnosis, evaluation of the severity of the disease using a scoring system, stages of elimination of pain syndrome). The new classification is compared with the earlier classification proposed by the author. Its merits and demerits are discussed.

  6. International Nuclear Security Education Network (INSEN): Promoting nuclear security education

    International Nuclear Information System (INIS)

    Muhamad Samudi Yasir

    2013-01-01

    Full-text: The need for human resource development programmes in nuclear security was underlined at several International Atomic Energy Agency (IAEA) General Conferences and Board of Governors Meetings. Successive IAEA Nuclear Security Plans, the most recent of which was agreed by the Board of Governors in September 2009, give high priority to assisting States in establishing educational programmes in nuclear security in order to ensure the sustainability of nuclear security improvements. The current Nuclear Security Plan 1 covering 2010-2013 emphasizes on the importance of considering existing capacities at international, regional and national levels while designing nuclear security academic programmes. In the course of implementing the Plan, the IAEA developed a guide entitled Educational Programme in Nuclear Security (IAEA Nuclear Security Series No. 12) that consists of a model of a MAster of Science (M.Sc.) and a Certificate Programme in Nuclear Security. This guide was aims at assisting universities or other educational institutes to developed academic programmes in nuclear security. Independently, some universities already offered academic programmes covering some areas of nuclear security, while other universities have asked the IAEA to support the implementation of these programmes. In order to better address current and future request for assistance in this area, the IAEA establish a collaboration network-International Nuclear Security Education Network (INSEN), among universities who are providing nuclear security education or who are interested in starting an academic programme/ course(s) in nuclear security. Universiti Kebangsaan Malaysia (UKM) is a first local university became a member of INSEN since the beginning of the establishment. (author)

  7. Selection, Classification and requirements give design he/she gives the important systems for the security in a center he/she gives production he/she gives radiopharmaceuticals and marked compounds

    International Nuclear Information System (INIS)

    Perez Pijuan, S.; Ayra Pardo, F.E.; Ilizastegui Perez, F.

    1998-01-01

    In the work the security functions are identified that should complete the system, subsystems and components to guarantee the security the workers and human populations. Was selected the system that intervene in the security the installation and they are classified in categories by deterministic methods consider their holding in the detection and mitigation the radiological events postulates and the maintenance in normal operation conditions

  8. Malware distributed collection and pre-classification system using honeypot technology

    Science.gov (United States)

    Grégio, André R. A.; Oliveira, Isabela L.; Santos, Rafael D. C.; Cansian, Adriano M.; de Geus, Paulo L.

    2009-04-01

    Malware has become a major threat in the last years due to the ease of spread through the Internet. Malware detection has become difficult with the use of compression, polymorphic methods and techniques to detect and disable security software. Those and other obfuscation techniques pose a problem for detection and classification schemes that analyze malware behavior. In this paper we propose a distributed architecture to improve malware collection using different honeypot technologies to increase the variety of malware collected. We also present a daemon tool developed to grab malware distributed through spam and a pre-classification technique that uses antivirus technology to separate malware in generic classes.

  9. Security Information System Digital Simulation

    OpenAIRE

    Tao Kuang; Shanhong Zhu

    2015-01-01

    The study built a simulation model for the study of food security information system relay protection. MATLAB-based simulation technology can support the analysis and design of food security information systems. As an example, the food security information system fault simulation, zero-sequence current protection simulation and transformer differential protection simulation are presented in this study. The case studies show that the simulation of food security information system relay protect...

  10. Coping with Security in Programming

    OpenAIRE

    Frank Schindler

    2006-01-01

    This article deals with importance of security issues in computer programming.Secure software can only be designed with security as a primary goal. To achieve that wewould have to redesign our computer systems with security in our mind including entirecomputer environment, e.g. hardware, programming languages and, of course, operatingsystems. In software development process the quality of resulting computer code should bethe most important aspect during the whole program development process. ...

  11. Information fusion for cyber-security analytics

    CERN Document Server

    Karabatis, George; Aleroud, Ahmed

    2017-01-01

    This book highlights several gaps that have not been addressed in existing cyber security research. It first discusses the recent attack prediction techniques that utilize one or more aspects of information to create attack prediction models. The second part is dedicated to new trends on information fusion and their applicability to cyber security; in particular, graph data analytics for cyber security, unwanted traffic detection and control based on trust management software defined networks, security in wireless sensor networks & their applications, and emerging trends in security system design using the concept of social behavioral biometric. The book guides the design of new commercialized tools that can be introduced to improve the accuracy of existing attack prediction models. Furthermore, the book advances the use of Knowledge-based Intrusion Detection Systems (IDS) to complement existing IDS technologies. It is aimed towards cyber security researchers. .

  12. Integrating medical, assistive, and universally designed products and technologies: assistive technology device classification (ATDC).

    Science.gov (United States)

    Bauer, Stephen; Elsaesser, Linda-Jeanne

    2012-09-01

    ISO26000:2010 International Guidance Standard on Organizational Social Responsibility requires that effective organizational performance recognize social responsibility, including the rights of persons with disabilities (PWD), engage stakeholders and contribute to sustainable development. Millennium Development Goals 2010 notes that the most vulnerable people require special attention, while the World Report on Disability 2011 identifies improved data collection and removal of barriers to rehabilitation as the means to empower PWD. The Assistive Technology Device Classification (ATDC), Assistive Technology Service Method (ATSM) and Matching Person and Technology models provide an evidence-based, standardized, internationally comparable framework to improve data collection and rehabilitation interventions. The ATDC and ATSM encompass and support universal design (UD) principles, and use the language and concepts of the International Classification of Functioning, Disability and Health (ICF). Use ATDC and ICF concepts to differentiate medical, assistive and UD products and technology; relate technology "types" to markets and costs; and support provision of UD products and technologies as sustainable and socially responsible behavior. Supply-side and demand-side incentives are suggested to foster private sector development and commercialization of UD products and technologies. Health and health-related professionals should be knowledgeable of UD principles and interventions.

  13. Security research roadmap

    Energy Technology Data Exchange (ETDEWEB)

    Rouhiainen, V. (ed.)

    2007-02-15

    VTT has a broad range of security research ongoing in many areas of technology. The main areas have been concentrating on public safety and security, but VTT is also participating in several research projects related to defence technology. To identify and define expertise and research goals in more detail, the Security research roadmap was developed. The roadmap identified three particularly significant areas related to security. The assurance of a critical infrastructure emphasises the protection of energy networks, information networks, water supply, traffic and transport, and obviously also the citizens. For assuring the activities of entrepreneurship, significant areas include the security of production and services, the security of sites and assets, and information security for embedded systems. The most important security products and technologies needed are, for example, management of total security, detection, identification, localisation and communication, protection of information networks and systems, as well as physical protection. In the EU's Security programme, which aims at ensuring the security of society and its vital functions, it is stated that. Technology alone can not assure security, but security can not be assured without the support of technology. VTT is conducting security research in all its areas of expertise and clusters. The area has a significant research potential. The development of products and systems designed for the improvement of security has just started. There is still room for innovation. This report presents knowledge and development needs in more detail, as well as future development potential seen in the area of security. (orig.)

  14. Design and Evaluation of a Secure Virtual Power Plant.

    Energy Technology Data Exchange (ETDEWEB)

    Johnson, Jay Tillay [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

    2017-09-01

    For three years, Sandia National Laboratories, Georgia Institute of Technology, and University of Illinois at Urbana-Champaign investigated a smart grid vision in which renewable-centric Virtual Power Plants (VPPs) provided ancillary services with interoperable distributed energy resources (DER). This team researched, designed, built, and evaluated real-time VPP designs incorporating DER forecasting, stochastic optimization, controls, and cyber security to construct a system capable of delivering reliable ancillary services, which have been traditionally provided by large power plants or other dedicated equipment. VPPs have become possible through an evolving landscape of state and national interconnection standards, which now require DER to include grid-support functionality and communications capabilities. This makes it possible for third party aggregators to provide a range of critical grid services such as voltage regulation, frequency regulation, and contingency reserves to grid operators. This paradigm (a) enables renewable energy, demand response, and energy storage to participate in grid operations and provide grid services, (b) improves grid reliability by providing additional operating reserves for utilities, independent system operators (ISOs), and regional transmission organization (RTOs), and (c) removes renewable energy high-penetration barriers by providing services with photovoltaics and wind resources that traditionally were the jobs of thermal generators. Therefore, it is believed VPP deployment will have far-reaching positive consequences for grid operations and may provide a robust pathway to high penetrations of renewables on US power systems. In this report, we design VPPs to provide a range of grid-support services and demonstrate one VPP which simultaneously provides bulk-system energy and ancillary reserves.

  15. Impacts of Sample Design for Validation Data on the Accuracy of Feedforward Neural Network Classification

    Directory of Open Access Journals (Sweden)

    Giles M. Foody

    2017-08-01

    Full Text Available Validation data are often used to evaluate the performance of a trained neural network and used in the selection of a network deemed optimal for the task at-hand. Optimality is commonly assessed with a measure, such as overall classification accuracy. The latter is often calculated directly from a confusion matrix showing the counts of cases in the validation set with particular labelling properties. The sample design used to form the validation set can, however, influence the estimated magnitude of the accuracy. Commonly, the validation set is formed with a stratified sample to give balanced classes, but also via random sampling, which reflects class abundance. It is suggested that if the ultimate aim is to accurately classify a dataset in which the classes do vary in abundance, a validation set formed via random, rather than stratified, sampling is preferred. This is illustrated with the classification of simulated and remotely-sensed datasets. With both datasets, statistically significant differences in the accuracy with which the data could be classified arose from the use of validation sets formed via random and stratified sampling (z = 2.7 and 1.9 for the simulated and real datasets respectively, for both p < 0.05%. The accuracy of the classifications that used a stratified sample in validation were smaller, a result of cases of an abundant class being commissioned into a rarer class. Simple means to address the issue are suggested.

  16. Renewal through Participation in Global Food Security Governance: Implementing the International Food Security and Nutrition Civil Society Mechanism to the Committee on World Food Security

    NARCIS (Netherlands)

    Duncan, J.A.B.; Barling, D.

    2012-01-01

    The food commodity price rises from 2006 to 2008 engendered a period
    of political renewal and reform in the governance of global food security. The
    Committee on World Food Security (CFS) was designated as the main international forum dealing with food security and nutrition in 2009 as part

  17. Design of Secure ECG-Based Biometric Authentication in Body Area Sensor Networks.

    Science.gov (United States)

    Peter, Steffen; Reddy, Bhanu Pratap; Momtaz, Farshad; Givargis, Tony

    2016-04-22

    Body area sensor networks (BANs) utilize wireless communicating sensor nodes attached to a human body for convenience, safety, and health applications. Physiological characteristics of the body, such as the heart rate or Electrocardiogram (ECG) signals, are promising means to simplify the setup process and to improve security of BANs. This paper describes the design and implementation steps required to realize an ECG-based authentication protocol to identify sensor nodes attached to the same human body. Therefore, the first part of the paper addresses the design of a body-area sensor system, including the hardware setup, analogue and digital signal processing, and required ECG feature detection techniques. A model-based design flow is applied, and strengths and limitations of each design step are discussed. Real-world measured data originating from the implemented sensor system are then used to set up and parametrize a novel physiological authentication protocol for BANs. The authentication protocol utilizes statistical properties of expected and detected deviations to limit the number of false positive and false negative authentication attempts. The result of the described holistic design effort is the first practical implementation of biometric authentication in BANs that reflects timing and data uncertainties in the physical and cyber parts of the system.

  18. Design of Secure ECG-Based Biometric Authentication in Body Area Sensor Networks

    Science.gov (United States)

    Peter, Steffen; Pratap Reddy, Bhanu; Momtaz, Farshad; Givargis, Tony

    2016-01-01

    Body area sensor networks (BANs) utilize wireless communicating sensor nodes attached to a human body for convenience, safety, and health applications. Physiological characteristics of the body, such as the heart rate or Electrocardiogram (ECG) signals, are promising means to simplify the setup process and to improve security of BANs. This paper describes the design and implementation steps required to realize an ECG-based authentication protocol to identify sensor nodes attached to the same human body. Therefore, the first part of the paper addresses the design of a body-area sensor system, including the hardware setup, analogue and digital signal processing, and required ECG feature detection techniques. A model-based design flow is applied, and strengths and limitations of each design step are discussed. Real-world measured data originating from the implemented sensor system are then used to set up and parametrize a novel physiological authentication protocol for BANs. The authentication protocol utilizes statistical properties of expected and detected deviations to limit the number of false positive and false negative authentication attempts. The result of the described holistic design effort is the first practical implementation of biometric authentication in BANs that reflects timing and data uncertainties in the physical and cyber parts of the system. PMID:27110785

  19. Design of Secure ECG-Based Biometric Authentication in Body Area Sensor Networks

    Directory of Open Access Journals (Sweden)

    Steffen Peter

    2016-04-01

    Full Text Available Body area sensor networks (BANs utilize wireless communicating sensor nodes attached to a human body for convenience, safety, and health applications. Physiological characteristics of the body, such as the heart rate or Electrocardiogram (ECG signals, are promising means to simplify the setup process and to improve security of BANs. This paper describes the design and implementation steps required to realize an ECG-based authentication protocol to identify sensor nodes attached to the same human body. Therefore, the first part of the paper addresses the design of a body-area sensor system, including the hardware setup, analogue and digital signal processing, and required ECG feature detection techniques. A model-based design flow is applied, and strengths and limitations of each design step are discussed. Real-world measured data originating from the implemented sensor system are then used to set up and parametrize a novel physiological authentication protocol for BANs. The authentication protocol utilizes statistical properties of expected and detected deviations to limit the number of false positive and false negative authentication attempts. The result of the described holistic design effort is the first practical implementation of biometric authentication in BANs that reflects timing and data uncertainties in the physical and cyber parts of the system.

  20. The Design and Implementation of a Low Cost and High Security Smart Home System Based on Wi-Fi and SSL Technologies

    Science.gov (United States)

    Xu, Chong-Yao; Zheng, Xin; Xiong, Xiao-Ming

    2017-02-01

    With the development of Internet of Things (IoT) and the popularity of intelligent mobile terminals, smart home system has come into people’s vision. However, due to the high cost, complex installation and inconvenience, as well as network security issues, smart home system has not been popularized. In this paper, combined with Wi-Fi technology, Android system, cloud server and SSL security protocol, a new set of smart home system is designed, with low cost, easy operation, high security and stability. The system consists of Wi-Fi smart node (WSN), Android client and cloud server. In order to reduce system cost and complexity of the installation, each Wi-Fi transceiver, appliance control logic and data conversion in the WSN is setup by a single chip. In addition, all the data of the WSN can be uploaded to the server through the home router, without having to transit through the gateway. All the appliance status information and environmental information are preserved in the cloud server. Furthermore, to ensure the security of information, the Secure Sockets Layer (SSL) protocol is used in the WSN communication with the server. What’s more, to improve the comfort and simplify the operation, Android client is designed with room pattern to control home appliances more realistic, and more convenient.

  1. Security issues in a parking facility.

    Science.gov (United States)

    Gutman, Abraham; Lew, I Paul

    2009-01-01

    Active security supported by passive security measures which are part of the physical design of a parking facility are essential to preventing crimes from happening wherever and whenever possible, the authors maintain. In the article, they focus on design elements which can be most effective in discouraging potential perpetrators.

  2. Design of large scale applications of secure multiparty computation : secure linear programming

    NARCIS (Netherlands)

    Hoogh, de S.J.A.

    2012-01-01

    Secure multiparty computation is a basic concept of growing interest in modern cryptography. It allows a set of mutually distrusting parties to perform a computation on their private information in such a way that as little as possible is revealed about each private input. The early results of

  3. DESIGN MODELING OF A UNIVERSITY’S COMPREHENSIVE-INTEGRATED SECURITY SYSTEM

    Directory of Open Access Journals (Sweden)

    Marina V. Dulyasova

    2017-03-01

    Full Text Available Introduction: the safety of higher education institutions is considered to be of great importance nowadays. Security challenges need to be addressed through a comprehensive and integrative approach. This approach provides neutralisation of various threats systemically, risk prevention, minimisation of the tangible and moral harm. The project concept of “safe university” is proposed and substantiated for the above-mentioned purposes. Materials and Methods: the authors used a special literature survey on the issue, which is divided into three main groups of publications, where the complex security of educational institutions is considered in the context of the general theory of security, in the educational-methodical plan and within the framework of sociological, psychological and pedagogical approaches. The legislative and regulatory sources also indicated, legislative and regulatory legal acts reviews, “Safe City” concept, National standard “Information security technologies: complex and integrated ones. Standard requirements to architecture and technologies of intellectual systems of monitoring for safety of the companies and the territories” (State standard specification P 56875-2016, documents of higher education institutions, media reports. The analysis and generalisation of information was coupled with project modeling of the new comprehensive system of higher education institution security. Results: the authors introduce the concept, architecture and model of the comprehensive integrated higher education institution security, monitoring based on measures and indicators pertaining to implementation of standard requirements and level of satisfaction with safety, evaluation of the taken measures in terms of efficiency. Discussion and Conclusions: the main contours of the model for comprehensive integrated security system in a higher education institution and algorithm of interaction between the subjects are determined. These

  4. Music classification with MPEG-7

    Science.gov (United States)

    Crysandt, Holger; Wellhausen, Jens

    2003-01-01

    Driven by increasing amount of music available electronically the need and possibility of automatic classification systems for music becomes more and more important. Currently most search engines for music are based on textual descriptions like artist or/and title. This paper presents a system for automatic music description, classification and visualization for a set of songs. The system is designed to extract significant features of a piece of music in order to find songs of similar genre or a similar sound characteristics. The description is done with the help of MPEG-7 only. The classification and visualization is done with the self organizing map algorithm.

  5. Reliability of Oronasal Fistula Classification.

    Science.gov (United States)

    Sitzman, Thomas J; Allori, Alexander C; Matic, Damir B; Beals, Stephen P; Fisher, David M; Samson, Thomas D; Marcus, Jeffrey R; Tse, Raymond W

    2018-01-01

    Objective Oronasal fistula is an important complication of cleft palate repair that is frequently used to evaluate surgical quality, yet reliability of fistula classification has never been examined. The objective of this study was to determine the reliability of oronasal fistula classification both within individual surgeons and between multiple surgeons. Design Using intraoral photographs of children with repaired cleft palate, surgeons rated the location of palatal fistulae using the Pittsburgh Fistula Classification System. Intrarater and interrater reliability scores were calculated for each region of the palate. Participants Eight cleft surgeons rated photographs obtained from 29 children. Results Within individual surgeons reliability for each region of the Pittsburgh classification ranged from moderate to almost perfect (κ = .60-.96). By contrast, reliability between surgeons was lower, ranging from fair to substantial (κ = .23-.70). Between-surgeon reliability was lowest for the junction of the soft and hard palates (κ = .23). Within-surgeon and between-surgeon reliability were almost perfect for the more general classification of fistula in the secondary palate (κ = .95 and κ = .83, respectively). Conclusions This is the first reliability study of fistula classification. We show that the Pittsburgh Fistula Classification System is reliable when used by an individual surgeon, but less reliable when used among multiple surgeons. Comparisons of fistula occurrence among surgeons may be subject to less bias if they use the more general classification of "presence or absence of fistula of the secondary palate" rather than the Pittsburgh Fistula Classification System.

  6. On enabling secure applications through off-line biometric identification

    Energy Technology Data Exchange (ETDEWEB)

    Davida, G.I. [Univ. of Wisconsin, Milwaukee, WI (United States); Frankel, Y. [CertCo LLC, New York, NY (United States); Matt, B.J. [Sandia National Labs., Albuquerque, NM (United States)

    1998-04-01

    In developing secure applications and systems, the designers often must incorporate secure user identification in the design specification. In this paper, the authors study secure off line authenticated user identification schemes based on a biometric system that can measure a user`s biometric accurately (up to some Hamming distance). The schemes presented here enhance identification and authorization in secure applications by binding a biometric template with authorization information on a token such as a magnetic strip. Also developed here are schemes specifically designed to minimize the compromise of a user`s private biometrics data, encapsulated in the authorization information, without requiring secure hardware tokens. In this paper the authors furthermore study the feasibility of biometrics performing as an enabling technology for secure system and application design. The authors investigate a new technology which allows a user`s biometrics to facilitate cryptographic mechanisms.

  7. On enabling secure applications through off-line biometric identification

    International Nuclear Information System (INIS)

    Davida, G.I.; Frankel, Y.; Matt, B.J.

    1998-04-01

    In developing secure applications and systems, the designers often must incorporate secure user identification in the design specification. In this paper, the authors study secure off line authenticated user identification schemes based on a biometric system that can measure a user's biometric accurately (up to some Hamming distance). The schemes presented here enhance identification and authorization in secure applications by binding a biometric template with authorization information on a token such as a magnetic strip. Also developed here are schemes specifically designed to minimize the compromise of a user's private biometrics data, encapsulated in the authorization information, without requiring secure hardware tokens. In this paper the authors furthermore study the feasibility of biometrics performing as an enabling technology for secure system and application design. The authors investigate a new technology which allows a user's biometrics to facilitate cryptographic mechanisms

  8. Security systems engineering overview

    Science.gov (United States)

    Steele, Basil J.

    1997-01-01

    Crime prevention is on the minds of most people today. The concern for public safety and the theft of valuable assets are being discussed at all levels of government and throughout the public sector. There is a growing demand for security systems that can adequately safeguard people and valuable assets against the sophistication of those criminals or adversaries who pose a threat. The crime in this country has been estimated at 70 billion dollars in direct costs and up to 300 billion dollars in indirect costs. Health insurance fraud alone is estimated to cost American businesses 100 billion dollars. Theft, warranty fraud, and counterfeiting of computer hardware totaled 3 billion dollars in 1994. A threat analysis is a prerequisite to any security system design to assess the vulnerabilities with respect to the anticipated threat. Having established a comprehensive definition of the threat, crime prevention, detection, and threat assessment technologies can be used to address these criminal activities. This talk will outline the process used to design a security system regardless of the level of security. This methodology has been applied to many applications including: government high security facilities; residential and commercial intrusion detection and assessment; anti-counterfeiting/fraud detection technologies; industrial espionage detection and prevention; security barrier technology.

  9. Computer-aided support for Secure Tropos

    NARCIS (Netherlands)

    Massacci, F.; Mylopoulos, J.; Zannone, N.

    2007-01-01

    In earlier work, we have introduced Secure Tropos, a requirements engineering methodology that extends the Tropos methodology and is intended for the design and analysis of security requirements. This paper briefly recaps the concepts proposed for capturing security aspects, and presents an

  10. Designing Intelligent Secure Android Application for Effective Chemical Inventory

    Science.gov (United States)

    Shukran, Mohd Afizi Mohd; Naim Abdullah, Muhammad; Nazri Ismail, Mohd; Maskat, Kamaruzaman; Isa, Mohd Rizal Mohd; Shahfee Ishak, Muhammad; Adib Khairuddin, Muhamad

    2017-08-01

    Mobile services support various situations in everyday life and with the increasing sophistication of phone functions, the daily life is much more easier and better especially in term of managing tools and apparatus. Since chemical inventory management system has been experiencing a new revolution from antiquated to an automated inventory management system, some additional features should be added in current chemical inventory system. Parallel with the modern technologies, chemical inventory application using smart phone has been developed. Several studies about current related chemical inventory management using smart phone application has been done in this paper in order to obtain an overview on recent studies in smartphone application for chemical inventory system which are needed in schools, universities or other education institutions. This paper also discuss about designing the proposed secure mobile chemical inventory system. The study of this paper can provide forceful review analysis support for the chemical inventory management system related research.

  11. CERN Technical Training: new courses on computer security

    CERN Multimedia

    HR Department

    2009-01-01

    Two new trainings are available at CERN concerning computer security. • How to create secure software? The "Developing secure software" course (3.5 hours) is designed for software programmers, both for regular software and Web applications. It covers main aspects of security in different phases of the software development lifecycle. The last, optional hour discusses security issues of Web application developers. This course, although not hands-on, is interactive and full of real-life examples. The first session of this course will take place, in English, on 21 April in the CERN Technical Training Centre. More sessions will be scheduled in 2009. • How to safely navigate and send mails? The "Secure e-mail and Web browsing" course is an entry-level 1.5-hour course designed to show how to detect and avoid typical security pitfalls encountered when e-mailing and browsing the Web. It is designed for non-technical users of Internet Explorer and Outlook. The first sessions ...

  12. CERN Technical Training: new courses on computer security

    CERN Multimedia

    HR Department

    2009-01-01

    Two new trainings are available at CERN concerning computer security. • How to create secure software? The "Developing secure software" course (3.5 hours) is designed for software programmers, both for regular software and Web applications. It covers main aspects of security in different phases of the software development lifecycle. The last, optional hour discusses security issues of Web application developers. This course, although not hands-on, is interactive and full of real-life examples. The first session of this course will take place, in English, on 21 April in the CERN Technical Training Centre. More sessions will be scheduled in 2009. • How to safely navigate and send mails? The "Secure e-mail and Web browsing" course is an entry-level 1.5-hour course designed to show how to detect and avoid typical security pitfalls encountered when e-mailing and browsing the Web. It is designed for non-technical users of Internet Explorer and Outlook. The first sessions o...

  13. Secured Hash Based Burst Header Authentication Design for Optical Burst Switched Networks

    Science.gov (United States)

    Balamurugan, A. M.; Sivasubramanian, A.; Parvathavarthini, B.

    2017-12-01

    The optical burst switching (OBS) is a promising technology that could meet the fast growing network demand. They are featured with the ability to meet the bandwidth requirement of applications that demand intensive bandwidth. OBS proves to be a satisfactory technology to tackle the huge bandwidth constraints, but suffers from security vulnerabilities. The objective of this proposed work is to design a faster and efficient burst header authentication algorithm for core nodes. There are two important key features in this work, viz., header encryption and authentication. Since the burst header is an important in optical burst switched network, it has to be encrypted; otherwise it is be prone to attack. The proposed MD5&RC4-4S based burst header authentication algorithm runs 20.75 ns faster than the conventional algorithms. The modification suggested in the proposed RC4-4S algorithm gives a better security and solves the correlation problems between the publicly known outputs during key generation phase. The modified MD5 recommended in this work provides 7.81 % better avalanche effect than the conventional algorithm. The device utilization result also shows the suitability of the proposed algorithm for header authentication in real time applications.

  14. An Overview of Physical Layer Security in Wireless Communication Systems With CSIT Uncertainty

    KAUST Repository

    Hyadi, Amal; Rezki, Zouheir; Alouini, Mohamed-Slim

    2016-01-01

    The concept of physical layer security builds on the pivotal idea of turning the channel's imperfections, such as noise and fading, into a source of security. This is established through appropriately designed coding techniques and signal processing strategies. In this vein, it has been shown that fading channels can enhance the transmission of confidential information and that a secure communication can be achieved even when the channel to the eavesdropper is better than the main channel. However, to fully benefit from what fading has to offer, the knowledge of the channel state information at the transmitter (CSIT) is of primordial importance. In practical wireless communication systems, CSIT is usually obtained, prior to data transmission, through CSI feedback sent by the receivers. The channel links over which this feedback information is sent can be either noisy, rate-limited, or delayed, leading to CSIT uncertainty. In this paper, we present a comprehensive review of recent and ongoing research works on physical layer security with CSIT uncertainty. We focus on both information theoretic and signal processing approaches to the topic when the uncertainty concerns the channel to the wiretapper or the channel to the legitimate receiver. Moreover, we present a classification of the research works based on the considered channel uncertainty. Mainly, we distinguish between the cases when the uncertainty comes from an estimation error of the CSIT, from a CSI feedback link with limited capacity, or from an outdated CSI.

  15. An Overview of Physical Layer Security in Wireless Communication Systems With CSIT Uncertainty

    KAUST Repository

    Hyadi, Amal

    2016-09-21

    The concept of physical layer security builds on the pivotal idea of turning the channel\\'s imperfections, such as noise and fading, into a source of security. This is established through appropriately designed coding techniques and signal processing strategies. In this vein, it has been shown that fading channels can enhance the transmission of confidential information and that a secure communication can be achieved even when the channel to the eavesdropper is better than the main channel. However, to fully benefit from what fading has to offer, the knowledge of the channel state information at the transmitter (CSIT) is of primordial importance. In practical wireless communication systems, CSIT is usually obtained, prior to data transmission, through CSI feedback sent by the receivers. The channel links over which this feedback information is sent can be either noisy, rate-limited, or delayed, leading to CSIT uncertainty. In this paper, we present a comprehensive review of recent and ongoing research works on physical layer security with CSIT uncertainty. We focus on both information theoretic and signal processing approaches to the topic when the uncertainty concerns the channel to the wiretapper or the channel to the legitimate receiver. Moreover, we present a classification of the research works based on the considered channel uncertainty. Mainly, we distinguish between the cases when the uncertainty comes from an estimation error of the CSIT, from a CSI feedback link with limited capacity, or from an outdated CSI.

  16. Security in Computer Applications

    CERN Multimedia

    CERN. Geneva

    2004-01-01

    Computer security has been an increasing concern for IT professionals for a number of years, yet despite all the efforts, computer systems and networks remain highly vulnerable to attacks of different kinds. Design flaws and security bugs in the underlying software are among the main reasons for this. This lecture addresses the following question: how to create secure software? The lecture starts with a definition of computer security and an explanation of why it is so difficult to achieve. It then introduces the main security principles (like least-privilege, or defense-in-depth) and discusses security in different phases of the software development cycle. The emphasis is put on the implementation part: most common pitfalls and security bugs are listed, followed by advice on best practice for security development. The last part of the lecture covers some miscellaneous issues like the use of cryptography, rules for networking applications, and social engineering threats. This lecture was first given on Thursd...

  17. Design Considerations for a Cognitive Radio Trust and Security Framework

    DEFF Research Database (Denmark)

    Mihovska, Albena D.; Prasad, Ramjee; Tragos, Elias Z.

    2012-01-01

    towards pushing further the attainable spectral efficiency gains. Taking a step back, our work looks into the critical challenges with respect to reliability, robustness and security, which hinder operators from investing in this new technology. We propose a new conceptual framework for trust and security...

  18. Design and Implementation of GSM Based Automated Home Security System

    Directory of Open Access Journals (Sweden)

    Love Aggarwal

    2014-05-01

    Full Text Available The Automated Home Security System aims at building a security system for common households using GSM modem, sensors and microcontroller. Since many years, impeccable security system has been the prime need of every man who owns a house. The increasing crime rate has further pressed the need for it. Our system is an initiative in this direction. The system provides security function by monitoring the surroundings at home for intruders, fire, gas leakages etc. using sensors and issue alerts to the owners and local authorities by using GSM via SMS. It provides the automation function as it can control (On/Off the various home appliances while the owners are away via SMS. Thus the Automated Home Security System is self-sufficient and can be relied upon undoubtedly. Also, it is capable of establishing two way communication with its owner so that he/she can keep a watch on his/her home via sensor information or live video streaming. A camera can be installed for continuous monitoring of the system and its surroundings. The system consists of two main parts: hardware and software. Hardware consists of Microcontroller, Sensors, Buzzer and GSM modem while software is implemented by tools using Embedded ‘C’.

  19. Secure Learning and Learning for Security: Research in the Intersection

    OpenAIRE

    Rubinstein, Benjamin

    2010-01-01

    Statistical Machine Learning is used in many real-world systems, such as web search, network and power management, online advertising, finance and health services, in which adversaries are incentivized to attack the learner, motivating the urgent need for a better understanding of the security vulnerabilities of adaptive systems. Conversely, research in Computer Security stands to reap great benefits by leveraging learning for building adaptive defenses and even designing intelligent attacks ...

  20. AVIATION SECURITY AS AN OBJECT OF MATHEMATICAL MODELING

    Directory of Open Access Journals (Sweden)

    N. Elisov Lev

    2017-01-01

    Full Text Available The paper presents a mathematical formulation of the problem formalization of the subject area related to aviation security in civil aviation. The formalization task is determined by the modern issue of providing aviation security. Aviationsecurity in modern systems is based upon organizational standard of security control. This standard doesn’t require calcu- lating the security level. It allows solving the aviation security task without estimating the solution and evaluating the per- formance of security facilities. The issue of acceptable aviation security level stays unsolved, because its control lies in inspections that determine whether the object security facilities meet the requirements or not. The pending problem is also in whether the requirements are calculable and the evaluation is subjective.Lately, there has been determined quite a certain tendency to consider aviation security issues from the perspective of its level optimal control with the following identification, calculation and evaluation problems solving and decision mak- ing. The obtained results analysis in this direction shows that it’s strongly recommended to move to object formalization problem, which provides a mathematical modeling for aviation security control optimization.In this case, the authors assume to find the answer in the process of object formalization. Therefore aviation secu- rity is presented as some security environment condition, which defines the parameters associated with the object protec-tion system quality that depends on the use of protective equipment in conditions of counteraction to factors of external andinternal threats. It is shown that the proposed model belongs to a class of boundary value problems described by differential equations in partial derivatives. The classification of boundary value problems is presented.

  1. Microsoft Windows Server 2003: Security Enhancements and New Features

    National Research Council Canada - National Science Library

    Montehermoso, Ronald

    2004-01-01

    .... Windows NT and Windows 2000 were known to have numerous security vulnerabilities; hence Microsoft focused on improving security by making Windows Server 2003 secure by design, secure by default, secure in deployment...

  2. Design of Secure and Lightweight Authentication Protocol for Wearable Devices Environment.

    Science.gov (United States)

    Das, Ashok Kumar; Wazid, Mohammad; Kumar, Neeraj; Khan, Muhammad Khurram; Choo, Kim-Kwang Raymond; Park, YoungHo

    2017-09-18

    Wearable devices are used in various applications to collect information including step information, sleeping cycles, workout statistics, and health related information. Due to the nature and richness of the data collected by such devices, it is important to ensure the security of the collected data. This paper presents a new lightweight authentication scheme suitable for wearable device deployment. The scheme allows a user to mutually authenticate his/her wearable device(s) and the mobile terminal (e.g., Android and iOS device) and establish a session key among these devices (worn and carried by the same user) for secure communication between the wearable device and the mobile terminal. The security of the proposed scheme is then demonstrated through the broadly-accepted Real-Or-Random model, as well as using the popular formal security verification tool, known as the Automated Validation of Internet Security Protocols and Applications (AVISPA). Finally, we present a comparative summary of the proposed scheme in terms of the overheads such as computation and communication costs, security and functionality features of the proposed scheme and related schemes, and also the evaluation findings from the NS2 simulation.

  3. Introduction to Hardware Security and Trust

    CERN Document Server

    Wang, Cliff

    2012-01-01

    The emergence of a globalized, horizontal semiconductor business model raises a set of concerns involving the security and trust of the information systems on which modern society is increasingly reliant for mission-critical functionality. Hardware-oriented security and trust issues span a broad range including threats related to the malicious insertion of Trojan circuits designed, e.g.,to act as a ‘kill switch’ to disable a chip, to integrated circuit (IC) piracy,and to attacks designed to extract encryption keys and IP from a chip. This book provides the foundations for understanding hardware security and trust, which have become major concerns for national security over the past decade.  Coverage includes security and trust issues in all types of electronic devices and systems such as ASICs, COTS, FPGAs, microprocessors/DSPs, and embedded systems.  This serves as an invaluable reference to the state-of-the-art research that is of critical significance to the security of,and trust in, modern society�...

  4. Usable Security and E-Banking: ease of use vis-a-vis security

    Directory of Open Access Journals (Sweden)

    Morten Hertzum

    2004-05-01

    Full Text Available Electronic banking must be secure and easy to use. An evaluation of six Danish web-based electronic banking systems indicates that the systems have serious weaknesses with respect to ease of use. Our analysis of the weaknesses suggests that security requirements are among their causes and that the weaknesses may in turn cause decreased security. We view the conflict between ease of use and security in the context of usable security, a concept that is intended to match security principles and demands against user knowledge and motivation. Automation, instruction, and understanding can be identified as different approaches to usable security. Instruction is the main approach of the systems evaluated; automation relieves the user from involvement in security, as far as possible; and understanding goes beyond step-by-step instructions, to enable users to act competently and safely in situations that transcend preconceived instructions. We discuss the pros and cons of automation and understanding as alternative approaches to the design of web-based e-banking systems.

  5. Information security cost management

    CERN Document Server

    Bazavan, Ioana V

    2006-01-01

    While information security is an ever-present challenge for all types of organizations today, most focus on providing security without addressing the necessities of staff, time, or budget in a practical manner.Information Security Cost Management offers a pragmatic approach to implementing information security, taking budgetary and real-world constraints into consideration. By providing frameworks, step-by-step processes, and project management breakdowns, this book demonstrates how to design the best security strategy with the resources you have available. Organized into five sections, the book-Focuses on setting the right road map so that you can be most effective in your information security implementationsDiscusses cost-effective staffing, the single biggest expense to the security organizationPresents practical ways to build and manage the documentation that details strategy, provides resources for operating annual audits, and illustrates how to advertise accomplishments to senior management effectivelyI...

  6. New guidelines for dam safety classification

    International Nuclear Information System (INIS)

    Dascal, O.

    1999-01-01

    Elements are outlined of recommended new guidelines for safety classification of dams. Arguments are provided for the view that dam classification systems should require more than one system as follows: (a) classification for selection of design criteria, operation procedures and emergency measures plans, based on potential consequences of a dam failure - the hazard classification of water retaining structures; (b) classification for establishment of surveillance activities and for safety evaluation of dams, based on the probability and consequences of failure - the risk classification of water retaining structures; and (c) classification for establishment of water management plans, for safety evaluation of the entire project, for preparation of emergency measures plans, for definition of the frequency and extent of maintenance operations, and for evaluation of changes and modifications required - the hazard classification of the project. The hazard classification of the dam considers, as consequence, mainly the loss of lives or persons in jeopardy and the property damages to third parties. Difficulties in determining the risk classification of the dam lie in the fact that no tool exists to evaluate the probability of the dam's failure. To overcome this, the probability of failure can be substituted for by a set of dam characteristics that express the failure potential of the dam and its foundation. The hazard classification of the entire project is based on the probable consequences of dam failure influencing: loss of life, persons in jeopardy, property and environmental damage. The classification scheme is illustrated for dam threatening events such as earthquakes and floods. 17 refs., 5 tabs

  7. CLASSIFICATION OF THE MGR WASTE HANDLING BUILDING VENTILATION SYSTEM

    International Nuclear Information System (INIS)

    J.A. Ziegler

    2000-01-01

    The purpose of this analysis is to document the Quality Assurance (QA) classification of the Monitored Geologic Repository (MGR) waste handling building ventilation system structures, systems and components (SSCs) performed by the MGR Preclosure Safety and Systems Engineering Section. This analysis also provides the basis for revision of YMP/90-55Q, Q-List (YMP 2000). The Q-List identifies those MGR SSCs subject to the requirements of DOE/RW-0333P, ''Quality Assurance Requirements and Description'' (QARD) (DOE 2000). This QA classification incorporates the current MGR design and the results of the ''Design Basis Event Frequency and Dose Calculation for Site Recommendation'' (CRWMS M andO 2000a) and ''Bounding Individual Category 1 Design Basis Event Dose Calculation to Support Quality Assurance Classification'' (Gwyn 2000)

  8. A different paradigm for security planning

    International Nuclear Information System (INIS)

    Hagengruber, R.

    2002-01-01

    Full text: Security costs at nuclear facilities have been relatively high for many years. Since the 1970s, these expenditures in the United States have grown much faster than inflation. After the tragedy of September 11, the rate of increase appears to be exponential. Within the National Nuclear Security Administration, the cost of security now is about 10 % of the entire budget. Research and Development (R and D) has played a role in modern security, but the rate of advancement of security technology has not been sufficient to moderate the increasing costs and performance demands. Part of this problem is associated with both an inadequate investment level and the lack of a visionary roadmap for security technology. The other element of the problem is the lack of a strategic framework or architecture that would allow security technology to be effectively placed in an overall context of functionality. A new concept for an architecture for security will be presented. Within this architecture, a different approach to design, use of technology, and evaluation of effectiveness will be offered. Promising areas of technology and design will be illustrated by specific examples and suggestions for advanced R and D will be made. (author)

  9. Macro Security Methodology for Conducting Facility Security and Sustainability Assessments

    International Nuclear Information System (INIS)

    Herdes, Greg A.; Freier, Keith D.; Wright, Kyle A.

    2007-01-01

    Pacific Northwest National Laboratory (PNNL) has developed a macro security strategy that not only addresses traditional physical protection systems, but also focuses on sustainability as part of the security assessment and management process. This approach is designed to meet the needs of virtually any industry or environment requiring critical asset protection. PNNL has successfully demonstrated the utility of this macro security strategy through its support to the NNSA Office of Global Threat Reduction implementing security upgrades at international facilities possessing high activity radioactive sources that could be used in the assembly of a radiological dispersal device, commonly referred to as a 'dirty bomb'. Traditional vulnerability assessments provide a snap shot in time of the effectiveness of a physical protection system without significant consideration to the sustainability of the component elements that make up the system. This paper describes the approach and tools used to integrate technology, plans and procedures, training, and sustainability into a simple, quick, and easy-to-use security assessment and management tool.

  10. Exploiting the User: Adapting Personas for Use in Security Visualization Design

    Energy Technology Data Exchange (ETDEWEB)

    Stoll, Jennifer C.; McColgin, David W.; Gregory, Michelle L.; Crow, Vernon L.; Edwards, Keith

    2007-10-29

    It has long been noted that visual representations of complex information can facilitate rapid understanding of data {citation], even with respect to ComSec applications {citation]. Recognizing that visualizations can increase usability in ComSec applications, [Zurko, Sasse] have argued that there is a need to create more usable security visualizations. (VisSec) However, usability of applications generally fall into the domain of Human Computer Interaction (HCI), which generally relies on heavy-weight user-centered design (UCD) processes. For example, the UCD process can involve many prototype iterations, or an ethnographic field study that can take months to complete. The problem is that VisSec projects generally do not have the resources to perform ethnographic field studies, or to employ complex UCD methods. They often are running on tight deadlines and budgets that can not afford standard UCD methods. In order to help resolve the conflict of needing more usable designs in ComSec, but not having the resources to employ complex UCD methods, in this paper we offer a stripped-down lighter weight version of a UCD process which can help with capturing user requirements. The approach we use is personas which a user requirements capturing method arising out of the Participatory Design philosophy [Grudin02].

  11. Rock suitability classification RSC 2012

    Energy Technology Data Exchange (ETDEWEB)

    McEwen, T. (ed.) [McEwen Consulting, Leicester (United Kingdom); Kapyaho, A. [Geological Survey of Finland, Espoo (Finland); Hella, P. [Saanio and Riekkola, Helsinki (Finland); Aro, S.; Kosunen, P.; Mattila, J.; Pere, T.

    2012-12-15

    This report presents Posiva's Rock Suitability Classification (RSC) system, developed for locating suitable rock volumes for repository design and construction. The RSC system comprises both the revised rock suitability criteria and the procedure for the suitability classification during the construction of the repository. The aim of the classification is to avoid such features of the host rock that may be detrimental to the favourable conditions within the repository, either initially or in the long term. This report also discusses the implications of applying the RSC system for the fulfilment of the regulatory requirements concerning the host rock as a natural barrier and the site's overall suitability for hosting a final repository of spent nuclear fuel.

  12. Rock suitability classification RSC 2012

    International Nuclear Information System (INIS)

    McEwen, T.; Kapyaho, A.; Hella, P.; Aro, S.; Kosunen, P.; Mattila, J.; Pere, T.

    2012-12-01

    This report presents Posiva's Rock Suitability Classification (RSC) system, developed for locating suitable rock volumes for repository design and construction. The RSC system comprises both the revised rock suitability criteria and the procedure for the suitability classification during the construction of the repository. The aim of the classification is to avoid such features of the host rock that may be detrimental to the favourable conditions within the repository, either initially or in the long term. This report also discusses the implications of applying the RSC system for the fulfilment of the regulatory requirements concerning the host rock as a natural barrier and the site's overall suitability for hosting a final repository of spent nuclear fuel

  13. An Outline of Data Aggregation Security in Heterogeneous Wireless Sensor Networks.

    Science.gov (United States)

    Boubiche, Sabrina; Boubiche, Djallel Eddine; Bilami, Azzedine; Toral-Cruz, Homero

    2016-04-12

    Data aggregation processes aim to reduce the amount of exchanged data in wireless sensor networks and consequently minimize the packet overhead and optimize energy efficiency. Securing the data aggregation process is a real challenge since the aggregation nodes must access the relayed data to apply the aggregation functions. The data aggregation security problem has been widely addressed in classical homogeneous wireless sensor networks, however, most of the proposed security protocols cannot guarantee a high level of security since the sensor node resources are limited. Heterogeneous wireless sensor networks have recently emerged as a new wireless sensor network category which expands the sensor nodes' resources and capabilities. These new kinds of WSNs have opened new research opportunities where security represents a most attractive area. Indeed, robust and high security level algorithms can be used to secure the data aggregation at the heterogeneous aggregation nodes which is impossible in classical homogeneous WSNs. Contrary to the homogeneous sensor networks, the data aggregation security problem is still not sufficiently covered and the proposed data aggregation security protocols are numberless. To address this recent research area, this paper describes the data aggregation security problem in heterogeneous wireless sensor networks and surveys a few proposed security protocols. A classification and evaluation of the existing protocols is also introduced based on the adopted data aggregation security approach.

  14. An Outline of Data Aggregation Security in Heterogeneous Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Sabrina Boubiche

    2016-04-01

    Full Text Available Data aggregation processes aim to reduce the amount of exchanged data in wireless sensor networks and consequently minimize the packet overhead and optimize energy efficiency. Securing the data aggregation process is a real challenge since the aggregation nodes must access the relayed data to apply the aggregation functions. The data aggregation security problem has been widely addressed in classical homogeneous wireless sensor networks, however, most of the proposed security protocols cannot guarantee a high level of security since the sensor node resources are limited. Heterogeneous wireless sensor networks have recently emerged as a new wireless sensor network category which expands the sensor nodes’ resources and capabilities. These new kinds of WSNs have opened new research opportunities where security represents a most attractive area. Indeed, robust and high security level algorithms can be used to secure the data aggregation at the heterogeneous aggregation nodes which is impossible in classical homogeneous WSNs. Contrary to the homogeneous sensor networks, the data aggregation security problem is still not sufficiently covered and the proposed data aggregation security protocols are numberless. To address this recent research area, this paper describes the data aggregation security problem in heterogeneous wireless sensor networks and surveys a few proposed security protocols. A classification and evaluation of the existing protocols is also introduced based on the adopted data aggregation security approach.

  15. An Outline of Data Aggregation Security in Heterogeneous Wireless Sensor Networks

    Science.gov (United States)

    Boubiche, Sabrina; Boubiche, Djallel Eddine; Bilami, Azzedine; Toral-Cruz, Homero

    2016-01-01

    Data aggregation processes aim to reduce the amount of exchanged data in wireless sensor networks and consequently minimize the packet overhead and optimize energy efficiency. Securing the data aggregation process is a real challenge since the aggregation nodes must access the relayed data to apply the aggregation functions. The data aggregation security problem has been widely addressed in classical homogeneous wireless sensor networks, however, most of the proposed security protocols cannot guarantee a high level of security since the sensor node resources are limited. Heterogeneous wireless sensor networks have recently emerged as a new wireless sensor network category which expands the sensor nodes’ resources and capabilities. These new kinds of WSNs have opened new research opportunities where security represents a most attractive area. Indeed, robust and high security level algorithms can be used to secure the data aggregation at the heterogeneous aggregation nodes which is impossible in classical homogeneous WSNs. Contrary to the homogeneous sensor networks, the data aggregation security problem is still not sufficiently covered and the proposed data aggregation security protocols are numberless. To address this recent research area, this paper describes the data aggregation security problem in heterogeneous wireless sensor networks and surveys a few proposed security protocols. A classification and evaluation of the existing protocols is also introduced based on the adopted data aggregation security approach. PMID:27077866

  16. Implementing an Information Security Program

    Energy Technology Data Exchange (ETDEWEB)

    Glantz, Clifford S.; Lenaeus, Joseph D.; Landine, Guy P.; O' Neil, Lori Ross; Leitch, Rosalyn; Johnson, Christopher; Lewis, John G.; Rodger, Robert M.

    2017-11-01

    The threats to information security have dramatically increased with the proliferation of information systems and the internet. Chemical, biological, radiological, nuclear, and explosives (CBRNe) facilities need to address these threats in order to protect themselves from the loss of intellectual property, theft of valuable or hazardous materials, and sabotage. Project 19 of the European Union CBRN Risk Mitigation Centres of Excellence Initiative is designed to help CBRN security managers, information technology/cybersecurity managers, and other decision-makers deal with these threats through the application of cost-effective information security programs. Project 19 has developed three guidance documents that are publically available to cover information security best practices, planning for an information security management system, and implementing security controls for information security.

  17. Assessment And Testing of Industrial Devices Robustness Against Cyber Security Attacks

    CERN Document Server

    Tilaro, F

    2011-01-01

    CERN (European Organization for Nuclear Research),like any organization, needs to achieve the conflicting objectives of connecting its operational network to Internet while at the same time keeping its industrial control systems secure from external and internal cyber attacks. With this in mind, the ISA-99[0F1] international cyber security standard has been adopted at CERN as a reference model to define a set of guidelines and security robustness criteria applicable to any network device. Devices robustness represents a key link in the defense-in-depth concept as some attacks will inevitably penetrate security boundaries and thus require further protection measures. When assessing the cyber security robustness of devices we have singled out control system-relevant attack patterns derived from the well-known CAPEC[1F2] classification. Once a vulnerability is identified, it needs to be documented, prioritized and reproduced at will in a dedicated test environment for debugging purposes. CERN - in collaboration ...

  18. SecurityCom: A Multi-Player Game for Researching and Teaching Information Security Teams

    Directory of Open Access Journals (Sweden)

    Douglas P. Twitchell

    2007-12-01

    Full Text Available A major portion of government and business organizations’ attempts to counteract information security threats is teams of security personnel.  These teams often consist of personnel of diverse backgrounds in specific specialties such as network administration, application development, and business administration, resulting in possible conflicts between security, functionality, and availability.  This paper discusses the use of games to teach and research information security teams and outlines research to design and build a simple, team-oriented, configurable, information security game. It will be used to study how information security teams work together to defend against attacks using a multi-player game, and to study the use of games in training security teams.  Studying how information security teams work, especially considering the topic of shared-situational awareness, could lead to better ways of forming, managing, and training teams.  Studying the effectiveness of the game as a training tool could lead to better training for security teams. 

  19. Information Security Assessment of SMEs as Coursework -- Learning Information Security Management by Doing

    Science.gov (United States)

    Ilvonen, Ilona

    2013-01-01

    Information security management is an area with a lot of theoretical models. The models are designed to guide practitioners in prioritizing management resources in companies. Information security management education should address the gap between the academic ideals and practice. This paper introduces a teaching method that has been in use as…

  20. Design of parallel dual-energy X-ray beam and its performance for security radiography

    International Nuclear Information System (INIS)

    Kim, Kwang Hyun; Myoung, Sung Min; Chung, Yong Hyun

    2011-01-01

    A new concept of dual-energy X-ray beam generation and acquisition of dual-energy security radiography is proposed. Erbium (Er) and rhodium (Rh) with a copper filter were positioned in front of X-ray tube to generate low- and high-energy X-ray spectra. Low- and high-energy X-rays were guided to separately enter into two parallel detectors. Monte Carlo code of MCNPX was used to derive an optimum thickness of each filter for improved dual X-ray image quality. It was desired to provide separation ability between organic and inorganic matters for the condition of 140 kVp/0.8 mA as used in the security application. Acquired dual-energy X-ray beams were evaluated by the dual-energy Z-map yielding enhanced performance compared with a commercial dual-energy detector. A collimator for the parallel dual-energy X-ray beam was designed to minimize X-ray beam interference between low- and high-energy parallel beams for 500 mm source-to-detector distance.

  1. Intra-site Secure Transport Vehicle test and evaluation

    International Nuclear Information System (INIS)

    Scott, S.

    1995-01-01

    In the past many DOE and DoD facilities involved in handling nuclear material realized a need to enhance the safely and security for movement of sensitive materials within their facility, or ''intra-site''. There have been prior efforts to improve on-site transportation; however, there remains a requirement for enhanced on-site transportation at a number of facilities. The requirements for on-site transportation are driven by security, safety, and operational concerns. The Intra-site Secure Transport Vehicle (ISTV) was designed to address these concerns specifically for DOE site applications with a standardized vehicle design. This paper briefly reviews the ISTV design features providing significant enhancement of onsite transportation safety and security, and also describes the test and evaluation activities either complete of underway to validate the vehicle design and operation

  2. FS-OpenSecurity: A Taxonomic Modeling of Security Threats in SDN for Future Sustainable Computing

    Directory of Open Access Journals (Sweden)

    Yunsick Sung

    2016-09-01

    Full Text Available Software Defined Networking (SDN has brought many changes in terms of the interaction processes between systems and humans. It has become the key enabler of software defined architecture, which allows enterprises to build a highly agile Information Technology (IT infrastructure. For Future Sustainability Computing (FSC, SDN needs to deliver on many information technology commitments—more automation, simplified design, increased agility, policy-based management, and network management bond to more liberal IT workflow systems. To address the sustainability problems, SDN needs to provide greater collaboration and tighter integration with networks, servers, and security teams that will have an impact on how enterprises design, plan, deploy and manage networks. In this paper, we propose FS-OpenSecurity, which is a new and pragmatic security architecture model. It consists of two novel methodologies, Software Defined Orchestrator (SDO and SQUEAK, which offer a robust and secure architecture. The secure architecture is required for protection from diverse threats. Usually, security administrators need to handle each threat individually. However, handling threats automatically by adapting to the threat landscape is a critical demand. Therefore, the architecture must handle defensive processes automatically that are collaboratively based on intelligent external and internal information.

  3. Design and Implementation of Corporate Actions on a Decentralized Securities Depository

    OpenAIRE

    Hedin, Jonas

    2017-01-01

    Trading securities is a process that requires multiple trusted intermediaries to ensure that the trade is done correctly. The securities industry is therefore very slow and expensive; the central securities depository (CSD) being one of the main contributors to the disruption. In an effort to fix this, financial institutions has recently started looking into the blockchain technology; the innovation behind the cryptocurrency Bitcoin. Bitcoin is a digital currency that can be traded peer-to-pe...

  4. Computer security simulation

    International Nuclear Information System (INIS)

    Schelonka, E.P.

    1979-01-01

    Development and application of a series of simulation codes used for computer security analysis and design are described. Boolean relationships for arrays of barriers within functional modules are used to generate composite effectiveness indices. The general case of multiple layers of protection with any specified barrier survival criteria is given. Generalized reduction algorithms provide numerical security indices in selected subcategories and for the system as a whole. 9 figures, 11 tables

  5. Mixed coherent states in coupled chaotic systems: Design of secure wireless communication

    Science.gov (United States)

    Vigneshwaran, M.; Dana, S. K.; Padmanaban, E.

    2016-12-01

    A general coupling design is proposed to realize a mixed coherent (MC) state: coexistence of complete synchronization, antisynchronization, and amplitude death in different pairs of similar state variables of the coupled chaotic system. The stability of coupled system is ensured by the Lyapunov function and a scaling of each variable is also separately taken care of. When heterogeneity as a parameter mismatch is introduced in the coupled system, the coupling function facilitates to retain its coherence and displays the global stability with renewed scaling factor. Robust synchronization features facilitated by a MC state enable to design a dual modulation scheme: binary phase shift key (BPSK) and parameter mismatch shift key (PMSK), for secure data transmission. Two classes of decoders (coherent and noncoherent) are discussed, the noncoherent decoder shows better performance over the coherent decoder, mostly a noncoherent demodulator is preferred in biological implant applications. Both the modulation schemes are demonstrated numerically by using the Lorenz oscillator and the BPSK scheme is demonstrated experimentally using radio signals.

  6. Impact of Passive Safety on FHR Instrumentation Systems Design and Classification

    International Nuclear Information System (INIS)

    Holcomb, David Eugene

    2015-01-01

    Fluoride salt-cooled high-temperature reactors (FHRs) will rely more extensively on passive safety than earlier reactor classes. 10CFR50 Appendix A, General Design Criteria for Nuclear Power Plants, establishes minimum design requirements to provide reasonable assurance of adequate safety. 10CFR50.69, Risk-Informed Categorization and Treatment of Structures, Systems and Components for Nuclear Power Reactors, provides guidance on how the safety significance of systems, structures, and components (SSCs) should be reflected in their regulatory treatment. The Nuclear Energy Institute (NEI) has provided 10 CFR 50.69 SSC Categorization Guideline (NEI-00-04) that factors in probabilistic risk assessment (PRA) model insights, as well as deterministic insights, through an integrated decision-making panel. Employing the PRA to inform deterministic requirements enables an appropriately balanced, technically sound categorization to be established. No FHR currently has an adequate PRA or set of design basis accidents to enable establishing the safety classification of its SSCs. While all SSCs used to comply with the general design criteria (GDCs) will be safety related, the intent is to limit the instrumentation risk significance through effective design and reliance on inherent passive safety characteristics. For example, FHRs have no safety-significant temperature threshold phenomena, thus enabling the primary and reserve reactivity control systems required by GDC 26 to be passively, thermally triggered at temperatures well below those for which core or primary coolant boundary damage would occur. Moreover, the passive thermal triggering of the primary and reserve shutdown systems may relegate the control rod drive motors to the control system, substantially decreasing the amount of safety-significant wiring needed. Similarly, FHR decay heat removal systems are intended to be running continuously to minimize the amount of safety-significant instrumentation needed to initiate

  7. Designing a Secure E-commerce with Credential Purpose-based Access Control

    OpenAIRE

    Norjihan Abdul Ghani; Harihodin Selamat; Zailani Mohamed Sidek

    2014-01-01

    The rapid growth of e-commerce has created a great opportunities for both businesses and end users. The essential e-commerce process is required for the successful operation and management of e-commerce activities. One of the processes is access control and security. E-commerce must establish a secure access between the parties in an e-commerce transaction by authenticating users, authorizing access, and enforcing security features. The e-commerce application must authorize access to only tho...

  8. Designing Interventions that Last: A Classification of Environmental Behaviors in Relation to the Activities, Costs, and Effort Involved for Adoption and Maintenance

    Science.gov (United States)

    Moore, Harriet E.; Boldero, Jennifer

    2017-01-01

    Policy makers draw on behavioral research to design interventions that promote the voluntary adoption of environmental behavior in societies. Many environmental behaviors will only be effective if they are maintained over the long-term. In the context of climate change and concerns about future water security, behaviors that involve reducing energy consumption and improving water quality must be continued indefinitely to mitigate global warming and preserve scarce resources. Previous reviews of environmental behavior have focused exclusively on factors related to adoption. This review investigates the factors that influence both adoption and maintenance, and presents a classification of environmental behaviors in terms of the activities, costs, and effort required for both adoption and maintenance. Three categories of behavior are suggested. One-off behaviors involve performing an activity once, such as purchasing an energy efficient washing machine, or signing a petition. Continuous behaviors involve the performance of the same set of behaviors for adoption and for maintenance, such as curbside recycling. Dynamic behaviors involve the performance of different behaviors for adoption and maintenance, such as revegetation. Behaviors can also be classified into four categories related to cost and effort: those that involve little cost and effort for adoption and maintenance, those that involve moderate cost and effort for adoption and maintenance, those that involve a high cost or effort for adoption and less for maintenance, and those that involve less cost or effort for adoption and a higher amount for maintenance. In order to design interventions that last, policy makers should consider the factors that influence the maintenance as well as the adoption of environmental behaviors. PMID:29163265

  9. Evaluation of Security Solutions for Android Systems

    OpenAIRE

    Shabtai, Asaf; Mimran, Dudu; Elovici, Yuval

    2015-01-01

    With the increasing usage of smartphones a plethora of security solutions are being designed and developed. Many of the security solutions fail to cope with advanced attacks and are not aways properly designed for smartphone platforms. Therefore, there is a need for a methodology to evaluate their effectiveness. Since the Android operating system has the highest market share today, we decided to focus on it in this study in which we review some of the state-of-the-art security solutions for A...

  10. Possible classification of the methods of operational research applicable in the field of defense

    Directory of Open Access Journals (Sweden)

    Mučibabić Spasoje

    2006-01-01

    Full Text Available The overall dynamic development of operational research in various fields of human activities urges the need for a clearer and mathematically more explicit classification of its methods. This need is also very urgent in the field of defense, particularly because of the complications of modern conflicts, as well as of new security requirements. One of the possible classifications of methods based on the theory of games as a mathematical model for solving conflict situations is presented in this paper. The connections between methods and their mathematical description are underlined.

  11. 48 CFR 1339.107-70 - Information security.

    Science.gov (United States)

    2010-10-01

    ... 48 Federal Acquisition Regulations System 5 2010-10-01 2010-10-01 false Information security. 1339... CATEGORIES OF CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY General 1339.107-70 Information security. (a... coordinate with the designated Contracting Officer Representative (COR) to complete the Information Security...

  12. Design and development of a prototype platform for gait analysis

    Science.gov (United States)

    Diffenbaugh, T. E.; Marti, M. A.; Jagani, J.; Garcia, V.; Iliff, G. J.; Phoenix, A.; Woolard, A. G.; Malladi, V. V. N. S.; Bales, D. B.; Tarazaga, P. A.

    2017-04-01

    The field of event classification and localization in building environments using accelerometers has grown significantly due to its implications for energy, security, and emergency protocols. Virginia Tech's Goodwin Hall (VT-GH) provides a robust testbed for such work, but a reduced scale testbed could provide significant benefits by allowing algorithm development to occur in a simplified environment. Environments such as VT-GH have high human traffic that contributes external noise disrupting test signals. This paper presents a design solution through the development of an isolated platform for data collection, portable demonstrations, and the development of localization and classification algorithms. The platform's success was quantified by the resulting transmissibility of external excitation sources, demonstrating the capabilities of the platform to isolate external disturbances while preserving gait information. This platform demonstrates the collection of high-quality gait information in otherwise noisy environments for data collection or demonstration purposes.

  13. Service Level Classification : How IKEA secures availability of the most important articles

    OpenAIRE

    Edlund Molin, Joanna; Åsell, Elinore

    2011-01-01

    Purpose - The purpose of this master thesis is to investigate the possibilities to extend or change the base of IKEA’s SL classification and give recommendations concerning potential improvements.  Method - This thesis has an inductive research strategy since data has been collected to build theory rather than the other way around (Bryman and Bell, 2007). The data has been collected by qualitative research, mainly through interviews with employees at the different IKEA organisations. Empirics...

  14. Securing Power during the Transition

    Energy Technology Data Exchange (ETDEWEB)

    NONE

    2012-07-01

    Electricity security has been a priority of energy policy for decades due to the dependence of modern society on ongoing supply of electricity. Only a few years ago there was confidence that liberalised electricity markets in IEA member countries could deliver sufficient and timely generation investments needed to ensure security of supply. However, policies to decarbonise electricity systems have served to magnify investment risk and uncertainty. At the same time as renewable support schemes have proven effective in facilitating deployment of wind and solar photovoltaics, they also introduce new challenges to design a stable regulatory framework and well-functioning markets. Securing Power during the Transition, a report in the Electricity Security Action Plan series, assesses the threats and identifies options for competitive electricity markets embarking on the transition towards generating electricity from low-carbon sources . The analysis covers the impact of the global economic and financial situation, energy policy context and the implications for electricity market design. Its objective is to identify opportunities to improve regulatory and market designs to create a framework for timely and adequate investment, with a particular focus on conventional power plants.

  15. Energy supply security in Europe: principles and measures

    International Nuclear Information System (INIS)

    Keppler, J.H.

    2007-01-01

    After having recalled a dozen of reasons for some worries about energy supply security in Europe during the past months (oil price increase, intentional interruption of gas and oil deliveries by Russia respectively to Ukraine and Belarus, creation of a new CO 2 trading scheme, tensions on the European electricity markets, and so on), the author distinguishes and discusses those which are actually a threat to energy supply and those which are not. Then, he proposes a classification of these threats in relationship with the reasons for delivery interruption, production capacity limitation, or price increase. These reasons can be political situations and decisions, technical problems, commercial reasons. Then, the author examines what European policy makers can do to manage these risks and ensure energy supply security. This needs economic as well as political responses, coherence between domestic energy policies and energy supply security, and an efficient foreign policy based on a multilateral approach

  16. Simple Fully Automated Group Classification on Brain fMRI

    International Nuclear Information System (INIS)

    Honorio, J.; Goldstein, R.; Samaras, D.; Tomasi, D.; Goldstein, R.Z.

    2010-01-01

    We propose a simple, well grounded classification technique which is suited for group classification on brain fMRI data sets that have high dimensionality, small number of subjects, high noise level, high subject variability, imperfect registration and capture subtle cognitive effects. We propose threshold-split region as a new feature selection method and majority voteas the classification technique. Our method does not require a predefined set of regions of interest. We use average acros ssessions, only one feature perexperimental condition, feature independence assumption, and simple classifiers. The seeming counter-intuitive approach of using a simple design is supported by signal processing and statistical theory. Experimental results in two block design data sets that capture brain function under distinct monetary rewards for cocaine addicted and control subjects, show that our method exhibits increased generalization accuracy compared to commonly used feature selection and classification techniques.

  17. Simple Fully Automated Group Classification on Brain fMRI

    Energy Technology Data Exchange (ETDEWEB)

    Honorio, J.; Goldstein, R.; Honorio, J.; Samaras, D.; Tomasi, D.; Goldstein, R.Z.

    2010-04-14

    We propose a simple, well grounded classification technique which is suited for group classification on brain fMRI data sets that have high dimensionality, small number of subjects, high noise level, high subject variability, imperfect registration and capture subtle cognitive effects. We propose threshold-split region as a new feature selection method and majority voteas the classification technique. Our method does not require a predefined set of regions of interest. We use average acros ssessions, only one feature perexperimental condition, feature independence assumption, and simple classifiers. The seeming counter-intuitive approach of using a simple design is supported by signal processing and statistical theory. Experimental results in two block design data sets that capture brain function under distinct monetary rewards for cocaine addicted and control subjects, show that our method exhibits increased generalization accuracy compared to commonly used feature selection and classification techniques.

  18. Design and Research of a New secure Authentication Protocol in GSM networks

    Directory of Open Access Journals (Sweden)

    Qi Ai-qin

    2016-01-01

    Full Text Available As the first line of defense in the security application system, Authentication is an important security service. Its typical scheme is challenge/response mechanism and this scheme which is simple-structured and easy to realize has been used worldwide. But these protocols have many following problems In the GSM networks such as the leakage of user indentity privacy, no security protection between home registers and foreign registers and the vicious intruders’ information stealing and so on. This paper presents an authentication protocol in GSM networks based on maths operation and modular square root technique . The analysis of the security and performance has also been done. The results show that it is more robust and secure compared to the previous agreements.

  19. Design and Security Analysis of a Fragment of Internet of Things Telecommunication System

    Directory of Open Access Journals (Sweden)

    V. A. Alexandrov

    2016-01-01

    Full Text Available This paper comprises the development and implementation of systems using the concept of Internet of Things. In terms of active development of industries, use the concept of the Internet of Things, the information security problem is urgent. To create a protected module of information-telecommunication system which implements the Internet of Things concept, it is important to take into account all its aspects. To determine relevant threats, it is necessary to use the detailed risk analysis according to existing GOST standards when choosing protection measures, one must rely on identified relevant threats. Actual threats and necessary protective actions are determined in this paper for implementation of Smart House computer appliance module, in order to develop a protected part of Smart House, which is necessary for realization of room access control. We solved the following tasks in the work, namely, a description of the system Smart Home, a description of steps and evaluation system security Smart Home; implementation of hardware assembly and writing a code for the selected fragment of the system; safety evaluation of the selected fragment Smart House and identification of actual threats; make recommendations to counter current threats; software implementation of one of the most urgent threats and software implementation of protective measures for a selected threat. A feature of the work is an integrated approach to the design with the use of the intruder models, analysis of the system’s assets and evaluation of their security.

  20. Hybrid Electricity Markets with Long-Term Risk-Sharing Arrangements: Adapting Market Design to Security of Supply and decarbonization Objectives

    International Nuclear Information System (INIS)

    ROQUES, Fabien; FINON, Dominique

    2017-01-01

    The re-emergence of policy interventionism in electricity markets raises questions as to how market design can best be adapted to meeting the investment challenge associated with security of supply (SoS) and decarbonization objectives. This paper takes an institutionalist approach in terms of modularity of the market design, and reviews the standard historical approach towards competitive markets, in order to analyse the roles and interactions of the initial and additional market 'modules'. We argue that a number of additional modules is required to achieve long-term policy objectives, such as decarbonization and security of supply (SoS). But, in turn, they destabilise the initial modules of the market design, in particular by the entries of renewables. We review the international experience with hybrid market design and draw a number of policy recommendations at to best practices, as well as suggesting ways in which the initial market modules can be improved to prevent inconsistencies with the new modules. The move towards a hybrid market regime, which relies on a combination of planning, long-term risk sharing arrangements and improved markets entrenched in a function of short-term coordination, appears to be unavoidable where decarbonization policies are adopted. (authors)

  1. Re-thinking Grid Security Architecture

    NARCIS (Netherlands)

    Demchenko, Y.; de Laat, C.; Koeroo, O.; Groep, D.; van Engelen, R.; Govindaraju, M.; Cafaro, M.

    2008-01-01

    The security models used in Grid systems today strongly bear the marks of their diverse origin. Historically retrofitted to the distributed systems they are designed to protect and control, the security model is usually limited in scope and applicability, and its implementation tailored towards a

  2. A lightweight security scheme for wireless body area networks: design, energy evaluation and proposed microprocessor design

    NARCIS (Netherlands)

    Selimis, G.; Huang, L.; Massé, F.; Tsekoura, I.; Ashouei, M.; Catthoor, F.; Huisken, J.; Stuyt, J.; Dolmans, G.; Penders, J.; Groot, H. de

    2011-01-01

    In order for wireless body area networks to meet widespread adoption, a number of security implications must be explored to promote and maintain fundamental medical ethical principles and social expectations. As a result, integration of security functionality to sensor nodes is required. Integrating

  3. Designing indicators of long-term energy supply security

    International Nuclear Information System (INIS)

    Jansen, J.C.; Van Arkel, W.G.; Boots, M.G.

    2004-01-01

    To our knowledge, so far amazingly little research work has been undertaken to construct meaningful indicators of long-run energy supply security for a particular nation or region. Currently, in addressing energy supply security, policy makers tend to emphasise short-term supply disruptions. In contrast, this pre-study accords with the broader Sustainability Outlook in considering the long-term perspective. This report starts with taking stock, in a concise way, of the official EU energy outlook and issues related to the opportunities to administer changes in the energy mix at the level of major energy use categories. Then a brief survey of relevant literature is made on long-term strategies to ensure survival of systems - be it biological, social, etc. - in an environment largely characterised by high uncertainty and a lot of unchartered territory. We found the work of Andrew Stirling very inspiring in this context. Based on his work and considering the limitations of the present research activity, we retained the Shannon index as the best 'simple' indicator of diversity. In the core of the report, the Shannon index is elaborated into four indicators of long-term energy supply security. Stepwise, additional aspects of long-term energy supply security are introduced. These aspects are: Diversification of energy sources in energy supply; Diversification of imports with respect to imported energy sources; Long-term political stability in regions of origin; The resource base in regions of origin, including the home region/country itself. After small adjustments to allow for data availability, these indicators were applied to the reference year 2030 of four long-term scenarios with data of base year 1995 and projections for underlying variables provided by the Netherlands Environmental Assessment Agency (MNP). Preliminary interpretation of the results suggests the usefulness of the indicators presented in this report. A second activity undertaken in this report was

  4. Android Security Framework: Enabling Generic and Extensible Access Control on Android

    OpenAIRE

    Backes, Michael; Bugiel, Sven; Gerling, Sebastian; von Styp-Rekowsky, Philipp

    2014-01-01

    We introduce the Android Security Framework (ASF), a generic, extensible security framework for Android that enables the development and integration of a wide spectrum of security models in form of code-based security modules. The design of ASF reflects lessons learned from the literature on established security frameworks (such as Linux Security Modules or the BSD MAC Framework) and intertwines them with the particular requirements and challenges from the design of Android's software stack. ...

  5. Inter Genre Similarity Modelling For Automatic Music Genre Classification

    OpenAIRE

    Bagci, Ulas; Erzin, Engin

    2009-01-01

    Music genre classification is an essential tool for music information retrieval systems and it has been finding critical applications in various media platforms. Two important problems of the automatic music genre classification are feature extraction and classifier design. This paper investigates inter-genre similarity modelling (IGS) to improve the performance of automatic music genre classification. Inter-genre similarity information is extracted over the mis-classified feature population....

  6. Security systems engineering overview

    International Nuclear Information System (INIS)

    Steele, B.J.

    1996-01-01

    Crime prevention is on the minds of most people today. The concern for public safety and the theft of valuable assets are being discussed at all levels of government and throughout the public sector. There is a growing demand for security systems that can adequately safeguard people and valuable assets against the sophistication of those criminals or adversaries who pose a threat. The crime in this country has been estimated at $70 billion in direct costs and up to $300 billion in indirect costs. Health insurance fraud alone is estimated to cost American businesses $100 billion. Theft, warranty fraud, and counterfeiting of computer hardware totaled $3 billion in 1994. A threat analysis is a prerequisite to any security system design to assess the vulnerabilities with respect to the anticipated threat. Having established a comprehensive definition of the threat, crime prevention, detection, and threat assessment technologies can be used to address these criminal activities. This talk will outline the process used to design a security system regardless of the level of security. This methodology has been applied to many applications including: government high security facilities; residential and commercial intrusion detection and assessment; anti-counterfeiting/fraud detection technologies (counterfeit currency, cellular phone billing, credit card fraud, health care fraud, passport, green cards, and questionable documents); industrial espionage detection and prevention (intellectual property, computer chips, etc.); and security barrier technology (creation of delay such as gates, vaults, etc.)

  7. Review article: A systematic review of emergency department incident classification frameworks.

    Science.gov (United States)

    Murray, Matthew; McCarthy, Sally

    2017-10-11

    As in any part of the hospital system, safety incidents can occur in the ED. These incidents arguably have a distinct character, as the ED involves unscheduled flows of urgent patients who require disparate services. To aid understanding of safety issues and support risk management of the ED, a comparison of published ED specific incident classification frameworks was performed. A review of emergency medicine, health management and general medical publications, using Ovid SP to interrogate Medline (1976-2016) was undertaken to identify any type of taxonomy or classification-like framework for ED related incidents. These frameworks were then analysed and compared. The review identified 17 publications containing an incident classification framework. Comparison of factors and themes making up the classification constituent elements revealed some commonality, but no overall consistency, nor evolution towards an ideal framework. Inconsistency arises from differences in the evidential basis and design methodology of classifications, with design itself being an inherently subjective process. It was not possible to identify an 'ideal' incident classification framework for ED risk management, and there is significant variation in the selection of categories used by frameworks. The variation in classification could risk an unbalanced emphasis in findings through application of a particular framework. Design of an ED specific, ideal incident classification framework should be informed by a much wider range of theories of how organisations and systems work, in addition to clinical and human factors. © 2017 Australasian College for Emergency Medicine and Australasian Society for Emergency Medicine.

  8. Robust site security using smart seismic array technology and multi-sensor data fusion

    Science.gov (United States)

    Hellickson, Dean; Richards, Paul; Reynolds, Zane; Keener, Joshua

    2010-04-01

    Traditional site security systems are susceptible to high individual sensor nuisance alarm rates that reduce the overall system effectiveness. Visual assessment of intrusions can be intensive and manually difficult as cameras are slewed by the system to non intrusion areas or as operators respond to nuisance alarms. Very little system intrusion performance data are available other than discrete sensor alarm indications that provide no real value. This paper discusses the system architecture, integration and display of a multi-sensor data fused system for wide area surveillance, local site intrusion detection and intrusion classification. The incorporation of a novel seismic array of smart sensors using FK Beamforming processing that greatly enhances the overall system detection and classification performance of the system is discussed. Recent test data demonstrates the performance of the seismic array within several different installations and its ability to classify and track moving targets at significant standoff distances with exceptional immunity to background clutter and noise. Multi-sensor data fusion is applied across a suite of complimentary sensors eliminating almost all nuisance alarms while integrating within a geographical information system to feed a visual-fusion display of the area being secured. Real-time sensor detection and intrusion classification data is presented within a visual-fusion display providing greatly enhanced situational awareness, system performance information and real-time assessment of intrusions and situations of interest with limited security operator involvement. This approach scales from a small local perimeter to very large geographical area and can be used across multiple sites controlled at a single command and control station.

  9. Computer Security: Introduction to information and computer security (1/4)

    CERN Multimedia

    CERN. Geneva

    2012-01-01

    Sebastian Lopienski is CERN's Deputy Computer Security Officer. He works on security strategy and policies; offers internal consultancy and audit services; develops and maintains security tools for vulnerability assessment and intrusion detection; provides training and awareness raising; and does incident investigation and response. During his work at CERN since 2001, Sebastian has had various assignments, including designing and developing software to manage and support services hosted in the CERN Computer Centre; providing Central CVS Service for software projects at CERN; and development of applications for accelerator controls in Java. He graduated from the University of Warsaw (MSc in Computer Science) in 2002, and earned an MBA degree at the Enterprise Administration Institute in Aix-en-Provence and Haute Ecole de Gestion in Geneva in 2010. His professional interests include software and network security, distributed systems, and Web and mobile technologies. With the prevalence of modern information te...

  10. Using Biometric Characteristics to Increase ITS Security

    Directory of Open Access Journals (Sweden)

    Miroslav Bača

    2007-11-01

    Full Text Available Terrorist attacks in New York City and Washington, Districtof Columbia on the morning of September 11, 2001 havechanged our lives. The secwity problem became very importantregarding all spheres of human activities. Tracking persons(employees, customers etc. in ITS (Intelligent Transport Systemis a huge problem. Biometrics offers a very good solutionfor this problem and is today maybe one of the most promisingtechniques for person's secure verification and authentication;biometric system also features some advantages when comparedto other security systems. When using a biometric systemone has to be careful because the functionality of a biometricapplication can be dramatically aggravated if inappropriatebiometric features are selected. Classification of biometric featureson contact and contactless, or distinction between"strong" and "soft" biometric features gives a framework for usingbiometric features, but it does not ensure that biometric featŁtres are implemented at a satisfactory level. The usage ofmultimodal or unimodal biometric system can significantly increasethe system security but it also opens plenty of questionslike privacy etc. This paper describes the implementation ofbiometric features which can be used in ITS, and delineates anew model of usage.

  11. Quantum Security of Cryptographic Primitives

    OpenAIRE

    Gagliardoni, Tommaso

    2017-01-01

    We call quantum security the area of IT security dealing with scenarios where one or more parties have access to quantum hardware. This encompasses both the fields of post-quantum cryptography (that is, traditional cryptography engineered to be resistant against quantum adversaries), and quantum cryptography (that is, security protocols designed to be natively run on a quantum infrastructure, such as quantum key distribution). Moreover, there exist also hybrid models, where traditional crypto...

  12. Act of 4 August 1955 concerning State Security in the Nuclear Field

    International Nuclear Information System (INIS)

    1955-01-01

    This Act governing State security in the nuclear field lays down that the King may determine the security measures to be complied with concerning nuclear research, materials, methods of production used by establishments and legal or physical persons having in their possession information, documents or material obtained either directly from the Government or with its consent. The Act was supplemented by Royal Order of 14 March 1956 which amplified its provisions by laying down specific requirements regarding the classification of information and material, the security measures to be applied thereto, and to establishments involved in related research work. It also provides for the security clearance to be applied to persons who shall be authorised to obtain such information and classified material. A Royal Order of 18 October 1974 amends this Order in respect of the authorities responsible for its implementation. (NEA) [fr

  13. AES Cardless Automatic Teller Machine (ATM) Biometric Security System Design Using FPGA Implementation

    Science.gov (United States)

    Ahmad, Nabihah; Rifen, A. Aminurdin M.; Helmy Abd Wahab, Mohd

    2016-11-01

    Automated Teller Machine (ATM) is an electronic banking outlet that allows bank customers to complete a banking transactions without the aid of any bank official or teller. Several problems are associated with the use of ATM card such card cloning, card damaging, card expiring, cast skimming, cost of issuance and maintenance and accessing customer account by third parties. The aim of this project is to give a freedom to the user by changing the card to biometric security system to access the bank account using Advanced Encryption Standard (AES) algorithm. The project is implemented using Field Programmable Gate Array (FPGA) DE2-115 board with Cyclone IV device, fingerprint scanner, and Multi-Touch Liquid Crystal Display (LCD) Second Edition (MTL2) using Very High Speed Integrated Circuit Hardware (VHSIC) Description Language (VHDL). This project used 128-bits AES for recommend the device with the throughput around 19.016Gbps and utilized around 520 slices. This design offers a secure banking transaction with a low rea and high performance and very suited for restricted space environments for small amounts of RAM or ROM where either encryption or decryption is performed.

  14. A Framework for Adaptive Information Security Systems : A Holistic Investigation

    OpenAIRE

    Mwakalinga, Jeffy

    2011-01-01

    This research proposes a framework for adaptive information security systems that considers both the technical and social aspects of information systems security. Initial development of information systems security focused on computer technology and communication protocols. Researchers and designers did not consider culture, traditions, ethics, and other social issues of the people using the systems when designing and developing information security systems. They also seemed to ignore environ...

  15. Classifying Classifications

    DEFF Research Database (Denmark)

    Debus, Michael S.

    2017-01-01

    This paper critically analyzes seventeen game classifications. The classifications were chosen on the basis of diversity, ranging from pre-digital classification (e.g. Murray 1952), over game studies classifications (e.g. Elverdam & Aarseth 2007) to classifications of drinking games (e.g. LaBrie et...... al. 2013). The analysis aims at three goals: The classifications’ internal consistency, the abstraction of classification criteria and the identification of differences in classification across fields and/or time. Especially the abstraction of classification criteria can be used in future endeavors...... into the topic of game classifications....

  16. Information Security Management as a Bridge in Cloud Systems from Private to Public Organizations

    Directory of Open Access Journals (Sweden)

    Myeonggil Choi

    2015-08-01

    Full Text Available Cloud computing has made it possible for private companies to make rapid changes in their computing environments. However, in the public sector, security issues hinder institutions from adopting cloud computing. To solve these security challenges, in this paper, we propose a methodology for information security management, which quantitatively classifies the importance of information in cloud systems in the public sector. In this study, we adopt a Delphi approach to establish the classification criteria of the proposed methodology in an objective and systematic manner. Further, through a case study of a public corporation, we try to validate the usefulness of the proposed methodology. The results of this study will help public institutions to consider introducing cloud computing and to manage cloud systems effectively and securely.

  17. EMG finger movement classification based on ANFIS

    Science.gov (United States)

    Caesarendra, W.; Tjahjowidodo, T.; Nico, Y.; Wahyudati, S.; Nurhasanah, L.

    2018-04-01

    An increase number of people suffering from stroke has impact to the rapid development of finger hand exoskeleton to enable an automatic physical therapy. Prior to the development of finger exoskeleton, a research topic yet important i.e. machine learning of finger gestures classification is conducted. This paper presents a study on EMG signal classification of 5 finger gestures as a preliminary study toward the finger exoskeleton design and development in Indonesia. The EMG signals of 5 finger gestures were acquired using Myo EMG sensor. The EMG signal features were extracted and reduced using PCA. The ANFIS based learning is used to classify reduced features of 5 finger gestures. The result shows that the classification of finger gestures is less than the classification of 7 hand gestures.

  18. Cross-layer design for intrusion detection and data security in wireless ad hoc sensor networks

    Science.gov (United States)

    Hortos, William S.

    2007-09-01

    A wireless ad hoc sensor network is a configuration for area surveillance that affords rapid, flexible deployment in arbitrary threat environments. There is no infrastructure support and sensor nodes communicate with each other only when they are in transmission range. The nodes are severely resource-constrained, with limited processing, memory and power capacities and must operate cooperatively to fulfill a common mission in typically unattended modes. In a wireless sensor network (WSN), each sensor at a node can observe locally some underlying physical phenomenon and sends a quantized version of the observation to sink (destination) nodes via wireless links. Since the wireless medium can be easily eavesdropped, links can be compromised by intrusion attacks from nodes that may mount denial-of-service attacks or insert spurious information into routing packets, leading to routing loops, long timeouts, impersonation, and node exhaustion. A cross-layer design based on protocol-layer interactions is proposed for detection and identification of various intrusion attacks on WSN operation. A feature set is formed from selected cross-layer parameters of the WSN protocol to detect and identify security threats due to intrusion attacks. A separate protocol is not constructed from the cross-layer design; instead, security attributes and quantified trust levels at and among nodes established during data exchanges complement customary WSN metrics of energy usage, reliability, route availability, and end-to-end quality-of-service (QoS) provisioning. Statistical pattern recognition algorithms are applied that use observed feature-set patterns observed during network operations, viewed as security audit logs. These algorithms provide the "best" network global performance in the presence of various intrusion attacks. A set of mobile (software) agents distributed at the nodes implement the algorithms, by moving among the layers involved in the network response at each active node

  19. Secure Communications over Wireless Networks Even 1-bit Feedback Helps Achieving Security

    KAUST Repository

    Rezki, Zouheir

    2016-01-06

    Recently, there have been a surge toward developing sophisticated security mechanisms based on a cross layer design. While an extensive progress has been realized toward establishing physical layer security as an important design paradigm to enhance security of existing wireless networks, only a little effort has been made toward designing practical coding schemes that achieve or approach the secrecy capacity. Most of existing results are tied to some simplifying assumptions that do not seem always reasonable (passive eavesdropper, perfect channel state information (CSI), etc.). Furthermore, it is still not very clear how to exploit physical layer security paradigms, together with existing cryptosystems, in order to add a supplementary level of protection for information transmission or to achieve key agreement. In this talk, we address the first part of the above problematic, i.e., the effect of channel uncertainty on network security. Particularly, we show that even a coarse estimate of the main channel (channel between the transmitter and the legitimate receiver) can help providing a positive secrecy rate. Specifically, we assume two types of channel uncertainty at the transmitter. The first one is a rate-limited feedback in a block fading channel where the feedback information can be proactive (at the beginning of the coherence block) or of ARQ-type. The second type of uncertainty takes the form of a noisy estimate of the main channel at the transmitter in a fast fading channel. In both cases, we provide upper and lower bounds on the secrecy capacity. We argue how our achievable schemes and upper bounding techniques extend to multi-user setting (broadcasting a single confidential message or multiple confidential messages to multiple legitimate receivers) and to multiple antenna channels.

  20. Secure Communications over Wireless Networks Even 1-bit Feedback Helps Achieving Security

    KAUST Repository

    Rezki, Zouheir

    2016-01-01

    Recently, there have been a surge toward developing sophisticated security mechanisms based on a cross layer design. While an extensive progress has been realized toward establishing physical layer security as an important design paradigm to enhance security of existing wireless networks, only a little effort has been made toward designing practical coding schemes that achieve or approach the secrecy capacity. Most of existing results are tied to some simplifying assumptions that do not seem always reasonable (passive eavesdropper, perfect channel state information (CSI), etc.). Furthermore, it is still not very clear how to exploit physical layer security paradigms, together with existing cryptosystems, in order to add a supplementary level of protection for information transmission or to achieve key agreement. In this talk, we address the first part of the above problematic, i.e., the effect of channel uncertainty on network security. Particularly, we show that even a coarse estimate of the main channel (channel between the transmitter and the legitimate receiver) can help providing a positive secrecy rate. Specifically, we assume two types of channel uncertainty at the transmitter. The first one is a rate-limited feedback in a block fading channel where the feedback information can be proactive (at the beginning of the coherence block) or of ARQ-type. The second type of uncertainty takes the form of a noisy estimate of the main channel at the transmitter in a fast fading channel. In both cases, we provide upper and lower bounds on the secrecy capacity. We argue how our achievable schemes and upper bounding techniques extend to multi-user setting (broadcasting a single confidential message or multiple confidential messages to multiple legitimate receivers) and to multiple antenna channels.

  1. Mapping of the Universe of Knowledge in Different Classification Schemes

    Directory of Open Access Journals (Sweden)

    M. P. Satija

    2017-06-01

    Full Text Available Given the variety of approaches to mapping the universe of knowledge that have been presented and discussed in the literature, the purpose of this paper is to systematize their main principles and their applications in the major general modern library classification schemes. We conducted an analysis of the literature on classification and the main classification systems, namely Dewey/Universal Decimal Classification, Cutter’s Expansive Classification, Subject Classification of J.D. Brown, Colon Classification, Library of Congress Classification, Bibliographic Classification, Rider’s International Classification, Bibliothecal Bibliographic Klassification (BBK, and Broad System of Ordering (BSO. We conclude that the arrangement of the main classes can be done following four principles that are not mutually exclusive: ideological principle, social purpose principle, scientific order, and division by discipline. The paper provides examples and analysis of each system. We also conclude that as knowledge is ever-changing, classifications also change and present a different structure of knowledge depending upon the society and time of their design.

  2. Parental Representations and Attachment Security in Young Israeli Mothers' Bird's Nest Drawings

    Science.gov (United States)

    Goldner, Limor; Golan, Yifat

    2016-01-01

    The Bird's Nest Drawing (BND; Kaiser, 1996) is an art-based technique developed to assess attachment security. In an attempt to expand the BND's validity, the authors explored the possible associations between parental representations and the BND's dimensions and attachment classifications in a sample of 80 young Israeli mothers. Positive…

  3. The Informatics Security Cost of Distributed Applications

    Directory of Open Access Journals (Sweden)

    Ion IVAN

    2010-01-01

    Full Text Available The objective, necessity, means and estimated efficiency of information security cost modeling are presented. The security requirements of distributed informatics applications are determined. Aspects regarding design, development and implementation are established. Influence factors for informatics security are presented and their correlation is analyzed. The costs associated to security processes are studied. Optimal criteria for informatics security are established. The security cost of the informatics application for validating organizational identifiers is determined using theoretical assumptions made for cost models. The conclusions highlight the validity of research results and offer perspectives for future research.

  4. The influence of spine surgeons' experience on the classification and intraobserver reliability of the novel AOSpine thoracolumbar spine injury classification system : an international study

    NARCIS (Netherlands)

    Sadiqi, Said; Oner, F. Cumhur; Dvorak, Marcel F.; Aarabi, Bizhan; Schroeder, Gregory D.; Vaccaro, Alexander R.

    2015-01-01

    Study Design. International validation study. Objective. To investigate the influence of the spine surgeons' level of experience on the intraobserver reliability of the novel AOSpine Thoracolumbar Spine Injury Classification system, and the appropriate classification according to this system.

  5. CADASTRAL CLASSIFICATION OF THE LAND PLOTS IN UKRAINE

    Directory of Open Access Journals (Sweden)

    KIRICHEK Yu. O.

    2016-04-01

    Full Text Available Summary. Work concerns development of national system of classification of the land plots. The developed classification will allow to solve correctly a number of the corresponding cadastral, land management, estimated and other tasks. The analysis of classifications of lands, improvements and real estate in general is made. The created offers concerning creation of a new classification of the land plots in Ukraine. Today the Ukrainian real estate market has no single system that separates the system property groups, classes and types. This significantly complicates the work and can not fully be aware of the specific situation of real estate market. This task is designed to solve classification properties, it is used to transition from a diversity of individual properties to a limited number of classes of evaluation objects. The classification is different functional purpose (use facilities assessment, which determines the difference in value.

  6. Design and implementation of a secure workflow system based on PKI/PMI

    Science.gov (United States)

    Yan, Kai; Jiang, Chao-hui

    2013-03-01

    As the traditional workflow system in privilege management has the following weaknesses: low privilege management efficiency, overburdened for administrator, lack of trust authority etc. A secure workflow model based on PKI/PMI is proposed after studying security requirements of the workflow systems in-depth. This model can achieve static and dynamic authorization after verifying user's ID through PKC and validating user's privilege information by using AC in workflow system. Practice shows that this system can meet the security requirements of WfMS. Moreover, it can not only improve system security, but also ensures integrity, confidentiality, availability and non-repudiation of the data in the system.

  7. The Hand Eczema Trial (HET): Design of a randomised clinical trial of the effect of classification and individual counselling versus no intervention among health-care workers with hand eczema

    DEFF Research Database (Denmark)

    Ibler, Kristina Sophie; Agner, Tove; Hansen, Jane L.

    2010-01-01

    . The experimental group undergoes patch and prick testing; classification of the hand eczema; demonstration of hand washing and appliance of emollients; individual counselling, and a skin-care programme. The control group receives no intervention. All participants are reassessed after six months. The primary...... strategies are needed to reduce occupational hand eczema. METHODS/DESIGN: We describe the design of a randomised clinical trial to investigate the effects of classification of hand eczema plus individual counselling versus no intervention. The trial includes health-care workers with hand eczema identified...

  8. Multivariate decision tree designing for the classification of multi-jet topologies in e sup + e sup - collisions

    CERN Document Server

    Mjahed, M

    2002-01-01

    The binary decision tree method is used to separate between several multi-jet topologies in e sup + e sup - collisions. Instead of the univariate process usually taken, a new design procedure for constructing multivariate decision trees is proposed. The segmentation is obtained by considering some features functions, where linear and non-linear discriminant functions and a minimal distance method are used. The classification focuses on ALEPH simulated events, with multi-jet topologies. Compared to a standard univariate tree, the multivariate decision trees offer significantly better performance.

  9. CERN Technical Training: new courses on computer security

    CERN Multimedia

    HR Department

    2009-01-01

    Two new trainings are available at CERN concerning computer security. • How to create secure software? The "Developing secure software" course (3.5 hours) is designed for software programmers, both for regular software and Web applications. It covers main aspects of security in different phases of the software development lifecycle. The last, optional hour discusses security issues of Web application developers. This course, although not hands-on, is interactive and full of real-life examples. The first session of this course will take place, in English, on 21 April in the CERN Technical Training Center. More sessions will be scheduled in 2009. • How to safely navigate and send mails? The "Secure e-mail and Web browsing" course is an entry-level 1.5-hour training aimed to show how to detect and avoid typical security pitfalls encountered when e-mailing and browsing the Web. It is designed for non-technical users of Internet Explorer and Outlook. The first sessions o...

  10. Railway infrastructure security

    CERN Document Server

    Sforza, Antonio; Vittorini, Valeria; Pragliola, Concetta

    2015-01-01

    This comprehensive monograph addresses crucial issues in the protection of railway systems, with the objective of enhancing the understanding of railway infrastructure security. Based on analyses by academics, technology providers, and railway operators, it explains how to assess terrorist and criminal threats, design countermeasures, and implement effective security strategies. In so doing, it draws upon a range of experiences from different countries in Europe and beyond. The book is the first to be devoted entirely to this subject. It will serve as a timely reminder of the attractiveness of the railway infrastructure system as a target for criminals and terrorists and, more importantly, as a valuable resource for stakeholders and professionals in the railway security field aiming to develop effective security based on a mix of methodological, technological, and organizational tools. Besides researchers and decision makers in the field, the book will appeal to students interested in critical infrastructur...

  11. Concept for Energy Security Matrix

    International Nuclear Information System (INIS)

    Kisel, Einari; Hamburg, Arvi; Härm, Mihkel; Leppiman, Ando; Ots, Märt

    2016-01-01

    The following paper presents a discussion of short- and long-term energy security assessment methods and indicators. The aim of the current paper is to describe diversity of approaches to energy security, to structure energy security indicators used by different institutions and papers, and to discuss several indicators that also play important role in the design of energy policy of a state. Based on this analysis the paper presents a novel Energy Security Matrix that structures relevant energy security indicators from the aspects of Technical Resilience and Vulnerability, Economic Dependence and Political Affectability for electricity, heat and transport fuel sectors. Earlier publications by different authors have presented energy security assessment methodologies that use publicly available indicators from different databases. Current paper challenges viability of some of these indicators and introduces new indicators that would deliver stronger energy security policy assessments. Energy Security Matrix and its indicators are based on experiences that the authors have gathered as high-level energy policymakers in Estonia, where all different aspects of energy security can be observed. - Highlights: •Energy security should be analysed in technical, economic and political terms; •Energy Security Matrix provides a framework for energy security analyses; •Applicability of Matrix is limited due to the lack of statistical data and sensitivity of output.

  12. Switching Systems: Controllability and Control Design

    Science.gov (United States)

    2009-04-25

    both continuous and discrete dynamics, are abundant in essentially all areas of engineering and scientific endeavor. Hybrid systems can switch between...TERMS EOARD, Navigation, Comunications & Guidance, Complex Systems 16. SECURITY CLASSIFICATION OF: 19a. NAME OF RESPONSIBLE PERSON JAMES LAWTON Ph

  13. Design of Cyberwar Laboratory Exercises to Implement Common Security Attacks against IEEE 802.11 Wireless Networks

    Directory of Open Access Journals (Sweden)

    Mina Malekzadeh

    2010-01-01

    Full Text Available In wireless network communications, radio waves travel through free space; hence, the information reaches any receiving point with appropriate radio receivers. This aspect makes the wireless networks vulnerable to various types of attacks. A true understanding of these attacks provides better ability to defend the network against the attacks, thus eliminating potential threats from the wireless systems. This work presents a series of cyberwar laboratory exercises that are designed for IEEE 802.11 wireless networks security courses. The exercises expose different aspects of violations in security such as confidentiality, privacy, availability, and integrity. The types of attacks include traffic analysis, rogue access point, MAC filtering, replay, man-in-the-middle, and denial of service attacks. For each exercise, the materials are presented as open-source tools along with descriptions of the respective methods, procedures, and penetration techniques.

  14. The German electricity market. Does the present market design provide security of supply?; Strommarkt in Deutschland. Gewaehrleistet das derzeitige Marktdesign Versorgungssicherheit?

    Energy Technology Data Exchange (ETDEWEB)

    Janssen, Matthias; Peichert, Patrick; Perner, Jens; Riechmann, Christoph [Frontier Economics, Koeln (Germany); Niedrig, Thomas [Formaet Services GmbH, Rheinbach (Germany)

    2014-09-15

    A heated discussion is being waged in Germany and large parts of Europe over the introduction of what are referred to as capacity mechanisms, whose purpose is to provide security of supply in the electricity sector. In this context two consulting firms have undertaken a both qualitative and quantitative study of the fitness of the present market design, which is based on the ''Energy-Only Market'' (EOM), to provide security of supply in the German electricity market. The authors come to the conclusion that, if suitably framed, the EOM can continue to provide a secure electricity supply in accordance with consumer preferences and at the lowest possible cost.

  15. Two-Stage Classification Approach for Human Detection in Camera Video in Bulk Ports

    Directory of Open Access Journals (Sweden)

    Mi Chao

    2015-09-01

    Full Text Available With the development of automation in ports, the video surveillance systems with automated human detection begun to be applied in open-air handling operation areas for safety and security. The accuracy of traditional human detection based on the video camera is not high enough to meet the requirements of operation surveillance. One of the key reasons is that Histograms of Oriented Gradients (HOG features of the human body will show great different between front & back standing (F&B and side standing (Side human body. Therefore, the final training for classifier will only gain a few useful specific features which have contribution to classification and are insufficient to support effective classification, while using the HOG features directly extracted by the samples from different human postures. This paper proposes a two-stage classification method to improve the accuracy of human detection. In the first stage, during preprocessing classification, images is mainly divided into possible F&B human body and not F&B human body, and then they were put into the second-stage classification among side human and non-human recognition. The experimental results in Tianjin port show that the two-stage classifier can improve the classification accuracy of human detection obviously.

  16. Control System Applicable Use Assessment of the Secure Computing Corporation - Secure Firewall (Sidewinder)

    Energy Technology Data Exchange (ETDEWEB)

    Hadley, Mark D.; Clements, Samuel L.

    2009-01-01

    Battelle’s National Security & Defense objective is, “applying unmatched expertise and unique facilities to deliver homeland security solutions. From detection and protection against weapons of mass destruction to emergency preparedness/response and protection of critical infrastructure, we are working with industry and government to integrate policy, operational, technological, and logistical parameters that will secure a safe future”. In an ongoing effort to meet this mission, engagements with industry that are intended to improve operational and technical attributes of commercial solutions that are related to national security initiatives are necessary. This necessity will ensure that capabilities for protecting critical infrastructure assets are considered by commercial entities in their development, design, and deployment lifecycles thus addressing the alignment of identified deficiencies and improvements needed to support national cyber security initiatives. The Secure Firewall (Sidewinder) appliance by Secure Computing was assessed for applicable use in critical infrastructure control system environments, such as electric power, nuclear and other facilities containing critical systems that require augmented protection from cyber threat. The testing was performed in the Pacific Northwest National Laboratory’s (PNNL) Electric Infrastructure Operations Center (EIOC). The Secure Firewall was tested in a network configuration that emulates a typical control center network and then evaluated. A number of observations and recommendations are included in this report relating to features currently included in the Secure Firewall that support critical infrastructure security needs.

  17. Investigating how everyday people experience security

    DEFF Research Database (Denmark)

    Mathiasen, Niels Raabjerg

    In this paper I propose a method for analyzing everyday people's experiences with IT-security. I furthermore report how I applied the method. The proposal is motivated by work of other researchers and their efforts to get beyond secure behavior, and to get an insight in secure or insecure...... experiences that everyday users of technology encounter. The background for introducing this method is a project under the heading of IT Security for Citizens, which bridges between research competencies in HCI and security. In this project we develop methods and concepts to analyze digital signature systems...... and security sensible systems in a broad sense, from the point of view of contemporary CHI. The project includes literature studies of usable security, as well as empirical investigations and design work. This paper reports on my method to target user experiences of and with security technology....

  18. CLASSIFICATION OF THE MGR MUCK HANDLING SYSTEM

    International Nuclear Information System (INIS)

    R. Garrett

    1999-01-01

    The purpose of this analysis is to document the Quality Assurance (QA) classification of the Monitored Geologic Repository (MGR) muck handling system structures, systems and components (SSCs) performed by the MGR Safety Assurance Department. This analysis also provides the basis for revision of YMP/90-55Q, Q-List (YMP 1998). The Q-List identifies those MGR SSCs subject to the requirements of DOE/RW-0333P, ''Quality Assurance Requirements and Description (QARD) (DOE 1998). This QA classification incorporates the current MGR design and the results of the ''Preliminary Preclosure Design Basis Event Calculations for the Monitored Geologic Repository (CRWMS M and O 1998a)

  19. Access Point Security Service for wireless ad-hoc communication

    NARCIS (Netherlands)

    Scholten, Johan; Nijdam, M.

    2006-01-01

    This paper describes the design and implementation of a security solution for ad-hoc peer-to-peer communication. The security solution is based on a scenario where two wireless devices require secure communication, but share no security relationship a priori. The necessary requirements for the

  20. Nuclear power plant systems, structures and components and their safety classification

    International Nuclear Information System (INIS)

    2000-01-01

    The assurance of a nuclear power plant's safety is based on the reliable functioning of the plant as well as on its appropriate maintenance and operation. To ensure the reliability of operation, special attention shall be paid to the design, manufacturing, commissioning and operation of the plant and its components. To control these functions the nuclear power plant is divided into structural and functional entities, i.e. systems. A systems safety class is determined by its safety significance. Safety class specifies the procedures to be employed in plant design, construction, monitoring and operation. The classification document contains all documentation related to the classification of the nuclear power plant. The principles of safety classification and the procedures pertaining to the classification document are presented in this guide. In the Appendix of the guide, examples of systems most typical of each safety class are given to clarify the safety classification principles

  1. Developing a secured social networking site using information security awareness techniques

    Directory of Open Access Journals (Sweden)

    Julius O. Okesola

    2014-11-01

    Full Text Available Background: Ever since social network sites (SNS became a global phenomenon in almost every industry, security has become a major concern to many SNS stakeholders. Several security techniques have been invented towards addressing SNS security, but information security awareness (ISA remains a critical point. Whilst very few users have used social circles and applications because of a lack of users’ awareness, the majority have found it difficult to determine the basis of categorising friends in a meaningful way for privacy and security policies settings. This has confirmed that technical control is just part of the security solutions and not necessarily a total solution. Changing human behaviour on SNSs is essential; hence the need for a privately enhanced ISA SNS. Objective: This article presented sOcialistOnline – a newly developed SNS, duly secured and platform independent with various ISA techniques fully implemented. Method: Following a detailed literature review of the related works, the SNS was developed on the basis of Object Oriented Programming (OOP approach, using PhP as the coding language with the MySQL database engine at the back end. Result: This study addressed the SNS requirements of privacy, security and services, and attributed them as the basis of architectural design for sOcialistOnline. SNS users are more aware of potential risk and the possible consequences of unsecured behaviours. Conclusion: ISA is focussed on the users who are often the greatest security risk on SNSs, regardless of technical securities implemented. Therefore SNSs are required to incorporate effective ISA into their platform and ensure users are motivated to embrace it.

  2. Weakly supervised classification in high energy physics

    Energy Technology Data Exchange (ETDEWEB)

    Dery, Lucio Mwinmaarong [Physics Department, Stanford University,Stanford, CA, 94305 (United States); Nachman, Benjamin [Physics Division, Lawrence Berkeley National Laboratory,1 Cyclotron Rd, Berkeley, CA, 94720 (United States); Rubbo, Francesco; Schwartzman, Ariel [SLAC National Accelerator Laboratory, Stanford University,2575 Sand Hill Rd, Menlo Park, CA, 94025 (United States)

    2017-05-29

    As machine learning algorithms become increasingly sophisticated to exploit subtle features of the data, they often become more dependent on simulations. This paper presents a new approach called weakly supervised classification in which class proportions are the only input into the machine learning algorithm. Using one of the most challenging binary classification tasks in high energy physics — quark versus gluon tagging — we show that weakly supervised classification can match the performance of fully supervised algorithms. Furthermore, by design, the new algorithm is insensitive to any mis-modeling of discriminating features in the data by the simulation. Weakly supervised classification is a general procedure that can be applied to a wide variety of learning problems to boost performance and robustness when detailed simulations are not reliable or not available.

  3. Weakly supervised classification in high energy physics

    International Nuclear Information System (INIS)

    Dery, Lucio Mwinmaarong; Nachman, Benjamin; Rubbo, Francesco; Schwartzman, Ariel

    2017-01-01

    As machine learning algorithms become increasingly sophisticated to exploit subtle features of the data, they often become more dependent on simulations. This paper presents a new approach called weakly supervised classification in which class proportions are the only input into the machine learning algorithm. Using one of the most challenging binary classification tasks in high energy physics — quark versus gluon tagging — we show that weakly supervised classification can match the performance of fully supervised algorithms. Furthermore, by design, the new algorithm is insensitive to any mis-modeling of discriminating features in the data by the simulation. Weakly supervised classification is a general procedure that can be applied to a wide variety of learning problems to boost performance and robustness when detailed simulations are not reliable or not available.

  4. An aspect-oriented methodology for designing secure applications

    NARCIS (Netherlands)

    Georg, Geri; Ray, Indrakshi; Anastasakis, Kyriakos; Bordbar, Behzad; Toahchoodee, Manachai; Houmb, S.H.

    We propose a methodology, based on aspect-oriented modeling (AOM), for incorporating security mechanisms in an application. The functionality of the application is described using the primary model and the attacks are specified using aspects. The attack aspect is composed with the primary model to

  5. Practical Methods for Information Security Risk Management

    Directory of Open Access Journals (Sweden)

    Cristian AMANCEI

    2011-01-01

    Full Text Available The purpose of this paper is to present some directions to perform the risk man-agement for information security. The article follows to practical methods through question-naire that asses the internal control, and through evaluation based on existing controls as part of vulnerability assessment. The methods presented contains all the key elements that concurs in risk management, through the elements proposed for evaluation questionnaire, list of threats, resource classification and evaluation, correlation between risks and controls and residual risk computation.

  6. CLASSIFICATION OF THE MGR WASTE EMPLACEMENT/RETRIEVAL SYSTEM

    International Nuclear Information System (INIS)

    J.A. Ziegler

    2000-01-01

    The purpose of this analysis is to document the Quality Assurance (QA) classification of the Monitored Geologic Repository (MGR) waste emplacement/retrieved system structures, systems and components (SSCs) performed by the MGR Preclosure Safety and Systems Engineering Section. This analysis also provides the basis for revision of YMP/90-55Q, Q-List (YMP 2000). The Q-List identifies those MGR SSCs subject to the requirements of DOE/RW-0333P, Quality Assurance Requirements and Description (QARD) (DOE 2000). This QA classification incorporates the current MGR design and the results of the ''Design Basis Event Frequency and Dose Calculation for Site Recommendation'' (CRWMS M andO 2000a). The content and technical approach of this analysis is in accordance with the development plan ''QA Classification of MGR Structures, Systems, and Components'' (CRWMS M andO 1999b)

  7. Vehicular ad hoc network security and privacy

    CERN Document Server

    Lin, X

    2015-01-01

    Unlike any other book in this area, this book provides innovative solutions to security issues, making this book a must read for anyone working with or studying security measures. Vehicular Ad Hoc Network Security and Privacy mainly focuses on security and privacy issues related to vehicular communication systems. It begins with a comprehensive introduction to vehicular ad hoc network and its unique security threats and privacy concerns and then illustrates how to address those challenges in highly dynamic and large size wireless network environments from multiple perspectives. This book is richly illustrated with detailed designs and results for approaching security and privacy threats.

  8. Social Security Funds Clamor for Reform

    Institute of Scientific and Technical Information of China (English)

    郑秉文

    2008-01-01

    This paper analyzed the institutional deficiencies inherent in China’s social security system based on a dissection of various social security fund violations. It holds that the unscientific design in social security system is the root cause for social security fund violations, which is reflected in low level of social security unification, irrational investment system and legislative loopholes etc. Currently, China’s social security funds are facing risks in management and in system; The key of risk control lies in the reforming of the overall framework of social security system through the following aspects: 1) readjust the unified account system structure to raise the level of unification; 2) reform funds investment system to boost ROI; 3) speeding up legislative to regulate the administrative costs and the behaviors of its entities.

  9. Paddy farmer households’ participation and food security level in special effort program in Seputih Raman sub-district of Central Lampung Regency

    Science.gov (United States)

    Rangga, K. K.; Syarief, Y. A.

    2018-03-01

    The objectives of this study are to study the participation of paddy farmers in the Special Effort program to increase paddy production, to study the level of household food security of paddy farmers, and to analyze the correlation between farmer participation and food security level of paddy farmers. The location was chosen purposively in Seputih Raman sub-district. The data were collected from December 2016 to February 2017. The population of this study was paddy farmers who participating in Special Effort program. The hypothesis was tested by using Spearman’s Rank correlation test. Farmer household’s food security was measured objectively based on the share of household’s food expenditure and subjectively based on the opinion, views, and attitudes or farmers’ opinions on food availability, food distribution, and household food consumption. This research showed that farmers’ participation in Special Effort program in Seputih Raman Sub Ditrict, Central Lampung Regency belonged to medium classification, household food security either objectively or subjectively was in food resistant condition of medium classification, and there was significant correlation between farmers’ participation and food security level of paddy farmer household.

  10. Secure Communication using Identity Based Encryption

    NARCIS (Netherlands)

    Roschke, Sebastian; Ibraimi, L.; Cheng, Feng; Meinel, Christoph

    2010-01-01

    Secured communication has been widely deployed to guarantee confidentiality and integrity of connections over untrusted networks, e.g., the Internet. Although secure connections are designed to prevent attacks on the connection, they hide attacks inside the channel from being analyzed by Intrusion

  11. The Design and Analysis of a Secure Personal Healthcare System Based on Certificates

    Directory of Open Access Journals (Sweden)

    Jungho Kang

    2016-11-01

    Full Text Available Due to the development of information technology (IT, it has been applied to various fields such as the smart home, medicine, healthcare, and the smart car. For these fields, IT has been providing continuous prevention and management, including health conditions beyond the mere prevention of disease, improving the quality of life. e-Healthcare is a health management and medical service to provide prevention, diagnosis, treatment, and the follow-up management of diseases at any time and place in connection with information communication technology, without requiring patients to visit hospitals. However, e-Healthcare has been exposed to eavesdropping, manipulation, and the forgery of information that is personal, biological, medical, etc., and is a security threat from malicious attackers. This study suggests a security service model to exchange personal health records (PHRs for e-Healthcare environments. To be specific, this study suggests a scheme in which communicators are able to securely authorize and establish security channels by constituting the infrastructure each organization relies on. In addition, the possibility of establishing a security service model is indicated by suggesting an e-Healthcare system for a secure e-Healthcare environment as a secure personal health record system. This is anticipated to provide securer communication in e-Healthcare environments in the future through the scheme suggested in this study.

  12. Annual training manual for security training: Protective force

    Energy Technology Data Exchange (ETDEWEB)

    1990-10-01

    Westinghouse is committed to high quality training relevant to the need of the Protective Forces at the Waste Isolation Pilot Plant (WIPP). The training programs at WIPP are designed to qualify Security personnel to perform WIPP security missions in a professional and responsible manner. The program consists of basic as well as sustainment training, as further described in this plan. This plan documents the WIPP Security training program for security personnel for calendar year 1990. The programs detailed in this plan are designed to adequately train persons to ensure the uninterrupted continuity of Department of Energy (DOE)/Westinghouse operations. The Security Training Program consists of four basic elements. These elements are (1) basic level training; (2) on-the-job training; (3) refresher training; and (4) in-service training.

  13. Leakage Resilient Secure Two-Party Computation

    DEFF Research Database (Denmark)

    Damgård, Ivan Bjerre; Hazay, Carmit; Patra, Arpita

    2012-01-01

    we initiate the study of {\\em secure two-party computation in the presence of leakage}, where on top of corrupting one of the parties the adversary obtains leakage from the content of the secret memory of the honest party. Our study involves the following contributions: \\BE \\item {\\em Security...... and returns its result. Almost independently of secure computation, the area of {\\em leakage resilient cryptography} has recently been evolving intensively, studying the question of designing cryptographic primitives that remain secure even when some information about the secret key is leaked. In this paper...

  14. Proposal of a new classification scheme for periocular injuries

    Directory of Open Access Journals (Sweden)

    Devi Prasad Mohapatra

    2017-01-01

    Full Text Available Background: Eyelids are important structures and play a role in protecting the globe from trauma, brightness, in maintaining the integrity of tear films and moving the tears towards the lacrimal drainage system and contribute to aesthetic appearance of the face. Ophthalmic trauma is an important cause of morbidity among individuals and has also been responsible for additional cost of healthcare. Periocular trauma involving eyelids and adjacent structures has been found to have increased recently probably due to increased pace of life and increased dependence on machinery. A comprehensive classification of periocular trauma would help in stratifying these injuries as well as study outcomes. Material and Methods: This study was carried out at our institute from June 2015 to Dec 2015. We searched multiple English language databases for existing classification systems for periocular trauma. We designed a system of classification of periocular soft tissue injuries based on clinico-anatomical presentations. This classification was applied prospectively to patients presenting with periocular soft tissue injuries to our department. Results: A comprehensive classification scheme was designed consisting of five types of periocular injuries. A total of 38 eyelid injuries in 34 patients were evaluated in this study. According to the System for Peri-Ocular Trauma (SPOT classification, Type V injuries were most common. SPOT Type II injuries were more common isolated injuries among all zones. Discussion: Classification systems are necessary in order to provide a framework in which to scientifically study the etiology, pathogenesis, and treatment of diseases in an orderly fashion. The SPOT classification has taken into account the periocular soft tissue injuries i.e., upper eyelid, lower eyelid, medial and lateral canthus injuries., based on observed clinico-anatomical patterns of eyelid injuries. Conclusion: The SPOT classification seems to be a reliable

  15. Efficient Secure Multiparty Subset Computation

    Directory of Open Access Journals (Sweden)

    Sufang Zhou

    2017-01-01

    Full Text Available Secure subset problem is important in secure multiparty computation, which is a vital field in cryptography. Most of the existing protocols for this problem can only keep the elements of one set private, while leaking the elements of the other set. In other words, they cannot solve the secure subset problem perfectly. While a few studies have addressed actual secure subsets, these protocols were mainly based on the oblivious polynomial evaluations with inefficient computation. In this study, we first design an efficient secure subset protocol for sets whose elements are drawn from a known set based on a new encoding method and homomorphic encryption scheme. If the elements of the sets are taken from a large domain, the existing protocol is inefficient. Using the Bloom filter and homomorphic encryption scheme, we further present an efficient protocol with linear computational complexity in the cardinality of the large set, and this is considered to be practical for inputs consisting of a large number of data. However, the second protocol that we design may yield a false positive. This probability can be rapidly decreased by reexecuting the protocol with different hash functions. Furthermore, we present the experimental performance analyses of these protocols.

  16. Used fuel extended storage security and safeguards by design roadmap

    Energy Technology Data Exchange (ETDEWEB)

    Durbin, Samuel G. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Lindgren, Eric Richard [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Jones, Robert [Savannah River Site (SRS), Aiken, SC (United States). Savannah River National Lab. (SRNL); Ketusky, Edward [Savannah River Site (SRS), Aiken, SC (United States). Savannah River National Lab. (SRNL); England, Jeffrey [Savannah River Site (SRS), Aiken, SC (United States). Savannah River National Lab. (SRNL); Scherer, Carolynn [Los Alamos National Lab. (LANL), Los Alamos, NM (United States); Sprinkle, James [Los Alamos National Lab. (LANL), Los Alamos, NM (United States); Miller, Michael. [Los Alamos National Lab. (LANL), Los Alamos, NM (United States); Rauch, Eric [Los Alamos National Lab. (LANL), Los Alamos, NM (United States); Scaglione, John [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Dunn, T. [Lawrence Livermore National Lab. (LLNL), Livermore, CA (United States)

    2016-05-01

    In the United States, spent nuclear fuel (SNF) is safely and securely stored in spent fuel pools and dry storage casks. The available capacity in spent fuel pools across the nuclear fleet has nearly reached a steady state value. The excess SNF continues to be loaded in dry storage casks. Fuel is expected to remain in dry storage for periods beyond the initial dry cask certification period of 20 years. Recent licensing renewals have approved an additional 40 years. This report identifies the current requirements and evaluation techniques associated with the safeguards and security of SNF dry cask storage. A set of knowledge gaps is identified in the current approaches. Finally, this roadmap identifies known knowledge gaps and provides a research path to deliver the tools and models needed to close the gaps and allow the optimization of the security and safeguards approaches for an interim spent fuel facility over the lifetime of the storage site.

  17. Ecological Design of Fernery based on Bioregion Classification System in Ecopark Cibinong Science Center Botanic Gardens, Indonesia

    Science.gov (United States)

    Nafar, S.; Gunawan, A.

    2017-10-01

    Indonesia as mega biodiversity country has a wide variety of ferns. However, the natural habitats of ferns are currently degrading, particularly in lowlands due to the increasing level of urban-sprawl and industrial zones development. Therefore, Ecology Park (Ecopark) Cibinong Science Center-Botanic Gardens as an ex-situ conservation area is expected to be the best location to conserve the lowland ferns. The purpose of this study is to design a fernery through an ecological landscape design process. The main concept is The Journey of Fern, this concept aiming on providing users experiences in fernery by associating conservational, educational, and recreational aspects. Ecological landscape design as general is applied by the principal of reduce, reuse, and recycle (3R). Bioregion classification system is applied by grouping the plants based on the characteristics of light, water, soil, air, and temperature. The design concept is inspired by the morphology of fern and its growth patterns which is transformed into organic and geometric forms. The result of this study is a design of fernery which consist of welcome area, recreation area, service area, and conservation education area as the main area that providing 66 species of ferns.

  18. The secure heating reactor

    International Nuclear Information System (INIS)

    Pind, C.

    1987-01-01

    The SECURE heating reactor was designed by ASEA-ATOM as a realistic alternative for district heating in urban areas and for supplying heat to process industries. SECURE has unique safety characteristics, that are based on fundamental laws of physics. The safety does not depend on active components or operator intervention for shutdown and cooling of the reactor. The inherent safety characteristics of the plant cannot be affected by operator errors. Due to its very low environment impact, it can be sited close to heat consumers. The SECURE heating reactor has been shown to be competitive in comparison with other alternatives for heating Helsinki and Seoul. The SECURE heating reactor forms a basis for the power-producing SECURE-P reactor known as PIUS (Process Inherent Ultimate Safety), which is based on the same inherent safety principles. The thermohydraulic function and transient response have been demonstrated in a large electrically heated loop at the ASEA-ATOM laboratories

  19. Company's Data Security - Case Study

    Science.gov (United States)

    Stera, Piotr

    This paper describes a computer network and data security problems in an existing company. Two main issues were pointed out: data loss protection and uncontrolled data copying. Security system was designed and implemented. The system consists of many dedicated programs. This system protect from data loss and detected unauthorized file copying from company's server by a dishonest employee.

  20. 3 CFR 13526 - Executive Order 13526 of December 29, 2009. Classified National Security Information

    Science.gov (United States)

    2010-01-01

    ..., or protection services relating to the national security; or (h) the development, production, or use... small portion of an otherwise unclassified document or prepare a product to allow for dissemination at... information. Sec. 1.8. Classification Challenges. (a) Authorized holders of information who, in good faith...