WorldWideScience

Sample records for security control

  1. Security and arms control

    International Nuclear Information System (INIS)

    Kolodziej, E.A.; Morgan, P.M.

    1989-01-01

    This book attempts to clarify and define selected current issues and problems related to security and arms control from an international perspective. The chapters are organized under the following headings. Conflict and the international system, Nuclear deterrence, Conventional warfare, Subconventional conflict, Arms control and crisis management

  2. SDN controllers security issues

    OpenAIRE

    Imran, Ayesha

    2017-01-01

    Software-Defined Networking (SDN) is essentially varying the way we design and manage networks, which makes a communication network programmable. In SDN, a logically centralized controller has straight control over the packet-handling functions of the network switches, using a standard, open API (Application Programming Interface) such as OpenFlow. OpenFlow is a broadly used protocol for software-defined networks (SDNs) that presents a new model in which the control plane is inattentive from ...

  3. International security and arms control

    International Nuclear Information System (INIS)

    Ekeus, R.

    2000-01-01

    The end of the cold war also ended the focus on the bilateral approach to arms control and disarmament. Key concepts of security needed to be revisited, along with their implications for the disarmament and arms control agenda. Though there is currently a unipolar global security environment, there remain important tasks on the multilateral arms control agenda. The major task is that of reducing and eliminating weapons of mass destruction, especially nuclear weapons. The author contends that maintaining reliance on the nuclear-weapons option makes little sense in a time when the major Powers are strengthening their partnerships in economics, trade, peacemaking and building. (author)

  4. Almaraz ovation control system security

    Energy Technology Data Exchange (ETDEWEB)

    Madronal Rodriguez, E.; Anderson, E.; Jimenez Diaz, J.; Carrasco Mateos, J. A.

    2013-07-01

    Improving the security of a plant's Distributed Control System (DCS) is an important consideration for plant safety and profitability, as well as the necessity to comply with the regulation. The U.S. Nuclear Regulatory Commission has produced Regulatory Guide (RG) 5.71, and the Nuclear Energy Institute (NEI) has produced NEI 08-09 to assist plants in meeting 10 CFR 73.54, Protection of digital computer and communication systems and networks. These requirements, which address the establishment, implementation and maintenance of a cyber security program, present challenges to ensure that safety, security and emergency preparedness functions of nuclear facilities are not negatively impacted by the vulnerability scanning and testing process.

  5. Almaraz ovation control system security

    International Nuclear Information System (INIS)

    Madronal Rodriguez, E.; Anderson, E.; Jimenez Diaz, J.; Carrasco Mateos, J. A.

    2013-01-01

    Improving the security of a plant's Distributed Control System (DCS) is an important consideration for plant safety and profitability, as well as the necessity to comply with the regulation. The U.S. Nuclear Regulatory Commission has produced Regulatory Guide (RG) 5.71, and the Nuclear Energy Institute (NEI) has produced NEI 08-09 to assist plants in meeting 10 CFR 73.54, Protection of digital computer and communication systems and networks. These requirements, which address the establishment, implementation and maintenance of a cyber security program, present challenges to ensure that safety, security and emergency preparedness functions of nuclear facilities are not negatively impacted by the vulnerability scanning and testing process.

  6. Control system security in nuclear power plant

    International Nuclear Information System (INIS)

    Li Jianghai; Huang Xiaojin

    2012-01-01

    The digitalization and networking of control systems in nuclear power plants has brought significant improvements in system control, operation and maintenance. However, the highly digitalized control system also introduces additional security vulnerabilities. Moreover, the replacement of conventional proprietary systems with common protocols, software and devices makes these vulnerabilities easy to be exploited. Through the interaction between control systems and the physical world, security issues in control systems impose high risks on health, safety and environment. These security issues may even cause damages of critical infrastructures and threaten national security. The importance of control system security by reviewing several control system security incidents that happened in nuclear power plants was showed in recent years. Several key difficulties in addressing these security issues were described. Finally, existing researches on control system security and propose several promising research directions were reviewed. (authors)

  7. HITACHI security concept for industrial control systems

    International Nuclear Information System (INIS)

    Endoh, H.; Yamada, T.; Okubo, S.; Nakano, T.

    2012-01-01

    Security is a necessary factor for the safe and efficient operation of today's control systems. To ensure safe operation of control systems throughout their lifetime, security measures must be carefully planned in the development phase and then maintained continuously during the operation phase and other following phases. To ensure operation within the system's safe states, Hitachi proposes security concept processes (1) to derive security measures rationally and (2) to maintain the security model over the system life cycle. Hitachi also proposes security development programs which support the integration of standards-compliant systems and development of robust control equipment. (author)

  8. Secure network for beamline control

    International Nuclear Information System (INIS)

    Ohata, T.; Fukui, T.; Ishii, M.; Furukawa, Y.; Nakatani, T.; Matsushita, T.; Takeuchi, M.; Tanaka, R.; Ishikawa, T.

    2001-01-01

    In SPring-8, beamline control system is constructed with a highly available distributed network system. The socket based communication protocol is used for the beamline control mainly. Beamline users can control the equipment by sending simple control commands to a server process, which is running on a beamline-managing computer (Ohata et al., SPring-8 beamline control system, ICALEPCS'99, Trieste, Italy, 1999). At the beginning the network was based on the shared topology at all beamlines. Consequently, it has a risk for misapplication of the user's program to access different machines on the network system cross over beamlines. It is serious problem for the SPring-8 beamline control system, because all beamlines controlled with unified software interfaces. We introduced the switching technology and the firewalls to support network access control. Also the virtual networking (VLAN: IEEE 802.1Q) and the gigabit Ethernet technology (IEEE 802.3ab) are introduced. Thus the network security and the reliability are guaranteed at the higher level in SPring-8 beamline

  9. Selecting Optimal Subset of Security Controls

    OpenAIRE

    Yevseyeva, I.; Basto-Fernandes, V.; Michael, Emmerich, T. M.; Moorsel, van, A.

    2015-01-01

    Open Access journal Choosing an optimal investment in information security is an issue most companies face these days. Which security controls to buy to protect the IT system of a company in the best way? Selecting a subset of security controls among many available ones can be seen as a resource allocation problem that should take into account conflicting objectives and constraints of the problem. In particular, the security of the system should be improved without hindering productivity, ...

  10. Security controls in a Cullinet database environment

    International Nuclear Information System (INIS)

    Thompson, R.E.

    1988-01-01

    Security controls using Cullinet's Integrated Data Management System (IDMS) are examined. IDMS software integrity problems, with emphasis on security package interfaces, are disclosed. Solutions applied at Sandia Laboratories Engineering Information Management computing facilty are presented. An overall IDMS computer security philosophy is reviewed

  11. Two-stage Security Controls Selection

    NARCIS (Netherlands)

    Yevseyeva, I.; Basto, Fernandes V.; Moorsel, van A.; Janicke, H.; Michael, Emmerich T. M.

    2016-01-01

    To protect a system from potential cyber security breaches and attacks, one needs to select efficient security controls, taking into account technical and institutional goals and constraints, such as available budget, enterprise activity, internal and external environment. Here we model the security

  12. Audit Teknologiinformasiatas Physical Security Control Dan Logical Security Control Serta Penentuan Kondisi Security Risk Studi Kasus: PT Talc Indonesia

    OpenAIRE

    Inggrid; Arfianti, Rizka I; Utami, Viany

    2009-01-01

    Abstract The fast growth of technology has an impact to the accounting field. This relates to the term of information technology (17) auditing. One of the risI6 of using information technology in business which can be fatal enough i fignored is security risk Security risk can be reduced by security controls which include physical security control and logical security contra Information technology auditing is the process of collecting and evaluating evidence to determine whether or not a co...

  13. Multiparty-controlled quantum secure direct communication

    International Nuclear Information System (INIS)

    Xiu, X.-M.; Dong, L.; Gao, Y.-J.; Chi, F.

    2007-01-01

    A theoretical scheme of a multiparty-controlled quantum secure direct communication is proposed. The supervisor prepares a communication network with Einstein-Podolsky-Rosen pairs and auxiliary particles. After passing a security test of the communication network, a supervisor tells the users the network is secure and they can communicate. If the controllers allow the communicators to communicate, the controllers should perform measurements and inform the communicators of the outcomes. The communicators then begin to communicate after they perform a security test of the quantum channel and verify that it is secure. The recipient can decrypt the secret message in a classical message from the sender depending on the protocol. Any two users in the network can communicate through the above processes under the control of the supervisor and the controllers

  14. Improving industrial process control systems security

    CERN Document Server

    Epting, U; CERN. Geneva. TS Department

    2004-01-01

    System providers are today creating process control systems based on remote connectivity using internet technology, effectively exposing these systems to the same threats as corporate computers. It is becoming increasingly difficult and costly to patch/maintain the technical infrastructure monitoring and control systems to remove these vulnerabilities. A strategy including risk assessment, security policy issues, service level agreements between the IT department and the controls engineering groups must be defined. In addition an increased awareness of IT security in the controls system engineering domain is needed. As consequence of these new factors the control system architectures have to take into account security requirements, that often have an impact on both operational aspects as well as on the project and maintenance cost. Manufacturers of industrial control system equipment do however also propose progressively security related solutions that can be used for our active projects. The paper discusses ...

  15. Fourth Dutch Process Security Control Event

    NARCIS (Netherlands)

    Luiijf, H.A.M.; Zielstra, A.

    2010-01-01

    On December 1st, 2009, the fourth Dutch Process Control Security Event took place in Baarn, The Netherlands. The security event with the title ‘Manage IT!’ was organised by the Dutch National Infrastructure against Cybercrime (NICC). Mid of November, a group of over thirty people participated in the

  16. Arms Control and European Security

    Science.gov (United States)

    2012-08-01

    appraisals; • The nature of land warfare; • Matters affecting the Army’s future; • The concepts, philosophy, and theory of strategy; and • Other issues of...sophisticated Marxist theories of conflict, the balance or “correlation” of forces: political and psy- chological force fields generated in peacetime or...wider political 18 and economic considerations, within hygienic, legally enforceable, Kantian “Euro Atlantic Security Struc- tures,” the Holy Grail

  17. Survivability Using Controlled Security Services

    Science.gov (United States)

    2005-06-01

    signature scheme secure against adaptive chosen-message attacks. SIAM J. Computing, 17(2):281–308, 1988. [29] ISO TC86 Committee. ISO 8583 : Financial...fsIKXZO ISO bbDU?M&D*P$JSIKD F$LKD[*J>RKX$J\\OINTP$`p]Wf�OP_f�INX$TL’Q�FZOeLNINTJMnTP_[*D*b[^J QhG��J:RObb?OuINX$TL’Q�FZOeLNIf�U?X$D

  18. Lecture 13: Control System Cyber Security

    CERN Multimedia

    CERN. Geneva

    2013-01-01

    Today, the industralized world lives in symbiosis with control systems: it depends on power distribution, oil production, public transport, automatic production lines. While the convenience is at hand, still too many control systems are designed without any security in mind, lack basic security protections, and are not even robust enough to withstand basic attacks. The Stuxnet worm attacking Siemens PLCs in 2010 was another close call. Attackers currently enjoy hacking control systems, and aim to switch lights off. This presentation shall recap the current situation and outline why the presenter is still waiting for a change in paradigm. Stefan Lüders, PhD, graduated from the Swiss Federal Institute of Technology in Zurich and joined CERN in 2002. Being initially developer of a common safety system used in all four experiments at the Large Hadron Collider, he gathered expertise in cyber-security issues of control systems. Consequently in 2004, he took over responsibilities in securing CERN's accelerator and...

  19. Control Systems Cyber Security Standards Support Activities

    Energy Technology Data Exchange (ETDEWEB)

    Robert Evans

    2009-01-01

    The Department of Homeland Security’s Control Systems Security Program (CSSP) is working with industry to secure critical infrastructure sectors from cyber intrusions that could compromise control systems. This document describes CSSP’s current activities with industry organizations in developing cyber security standards for control systems. In addition, it summarizes the standards work being conducted by organizations within the sector and provides a brief listing of sector meetings and conferences that might be of interest for each sector. Control systems cyber security standards are part of a rapidly changing environment. The participation of CSSP in the development effort for these standards has provided consistency in the technical content of the standards while ensuring that information developed by CSSP is included.

  20. Secure and Efficient Routable Control Systems

    Energy Technology Data Exchange (ETDEWEB)

    Edgar, Thomas W.; Hadley, Mark D.; Manz, David O.; Winn, Jennifer D.

    2010-05-01

    This document provides the methods to secure routable control system communication in the electric sector. The approach of this document yields a long-term vision for a future of secure communication, while also providing near term steps and a roadmap. The requirements for the future secure control system environment were spelled out to provide a final target. Additionally a survey and evaluation of current protocols was used to determine if any existing technology could achieve this goal. In the end a four-step path was described that brought about increasing requirement completion and culminates in the realization of the long term vision.

  1. Handbook of SCADA/control systems security

    CERN Document Server

    Radvanovsky, Robert

    2013-01-01

    The availability and security of many services we rely upon-including water treatment, electricity, healthcare, transportation, and financial transactions-are routinely put at risk by cyber threats. The Handbook of SCADA/Control Systems Security is a fundamental outline of security concepts, methodologies, and relevant information pertaining to the supervisory control and data acquisition (SCADA) systems and technology that quietly operate in the background of critical utility and industrial facilities worldwide. Divided into five sections, the book examines topics comprising functions within

  2. Third Dutch Process Security Control Event

    NARCIS (Netherlands)

    Luiijf, H.A.M.

    2009-01-01

    On June 4th, 2009, the third Dutch Process Control Security Event took place in Amsterdam. The event, organised by the Dutch National Infrastructure against Cybercrime (NICC), attracted both Dutch process control experts and members of the European SCADA and Control Systems Information Exchange

  3. Physical security workshop summary: entry control

    International Nuclear Information System (INIS)

    Eaton, M.J.

    1982-01-01

    Entry control hardware has been used extensively in the past to assist security forces in separating the authorized from the unauthorized at the plant perimeter. As more attention is being focused on the insider threat, these entry control elements are being used to extend the security inspectors' presence into the plant by compartmentalizing access and monitoring vital components. This paper summarizes the experiences expressed by the participants at the March 16 to 19, 1982 INMM Physical Protection Workshop in utilizing access control and contraband detection hardware for plant wide entry control applications

  4. Selecting RMF Controls for National Security Systems

    Energy Technology Data Exchange (ETDEWEB)

    Witzke, Edward L. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

    2015-08-01

    In 2014, the United States Department of Defense started tra nsitioning the way it performs risk management and accreditation of informatio n systems to a process entitled Risk Management Framework for DoD Information Technology or RMF for DoD IT. There are many more security and privacy contro ls (and control enhancements) from which to select in RMF, than there w ere in the previous Information Assurance process. This report is an attempt t o clarify the way security controls and enhancements are selected. After a brief overview and comparison of RMF for DoD I T with the previously used process, this report looks at the determination of systems as National Security Systems (NSS). Once deemed to be an NSS, this report addr esses the categorization of the information system with respect to impact level s of the various security objectives and the selection of an initial baseline o f controls. Next, the report describes tailoring the controls through the use of overl ays and scoping considerations. Finally, the report discusses organizatio n-defined values for tuning the security controls to the needs of the information system.

  5. Access control, security, and trust a logical approach

    CERN Document Server

    Chin, Shiu-Kai

    2010-01-01

    Access Control, Security, Trust, and Logic Deconstructing Access Control Decisions A Logical Approach to Access Control PRELIMINARIES A Language for Access ControlSets and Relations Syntax SemanticsReasoning about Access Control Logical RulesFormal Proofs and Theorems Soundness of Logical RulesBasic Concepts Reference Monitors Access Control Mechanisms: Tickets and Lists Authentication Security PoliciesConfidentiality, Integrity, and Availability Discretionary Security Policies Mandatory Security Policies Military Security Policies Commercial PoliciesDISTRIBUTED ACCESS CONTROL Digital Authenti

  6. An electronically controlled automatic security access gate

    Directory of Open Access Journals (Sweden)

    Jonathan A. ENOKELA

    2014-11-01

    Full Text Available The security challenges being encountered in many places require electronic means of controlling access to communities, recreational centres, offices, and homes. The electronically controlled automated security access gate being proposed in this work helps to prevent an unwanted access to controlled environments. This is achieved mainly through the use of a Radio Frequency (RF transmitter-receiver pair. In the design a microcontroller is programmed to decode a given sequence of keys that is entered on a keypad and commands a transmitter module to send out this code as signal at a given radio frequency. Upon reception of this RF signal by the receiver module, another microcontroller activates a driver circuitry to operate the gate automatically. The codes for the microcontrollers were written in C language and were debugged and compiled using the KEIL Micro vision 4 integrated development environment. The resultant Hex files were programmed into the memories of the microcontrollers with the aid of a universal programmer. Software simulation was carried out using the Proteus Virtual System Modeling (VSM version 7.7. A scaled-down prototype of the system was built and tested. The electronically controlled automated security access gate can be useful in providing security for homes, organizations, and automobile terminals. The four-character password required to operate the gate gives the system an increased level of security. Due to its standalone nature of operation the system is cheaper to maintain in comparison with a manually operated type.

  7. Primer Control System Cyber Security Framework and Technical Metrics

    Energy Technology Data Exchange (ETDEWEB)

    Wayne F. Boyer; Miles A. McQueen

    2008-05-01

    The Department of Homeland Security National Cyber Security Division supported development of a control system cyber security framework and a set of technical metrics to aid owner-operators in tracking control systems security. The framework defines seven relevant cyber security dimensions and provides the foundation for thinking about control system security. Based on the developed security framework, a set of ten technical metrics are recommended that allow control systems owner-operators to track improvements or degradations in their individual control systems security posture.

  8. Comparison of Routable Control System Security Approaches

    Energy Technology Data Exchange (ETDEWEB)

    Edgar, Thomas W.; Hadley, Mark D.; Carroll, Thomas E.; Manz, David O.; Winn, Jennifer D.

    2011-06-01

    This document is an supplement to the 'Secure and Efficient Routable Control Systems.' It addressed security in routable control system communication. The control system environment that monitors and manages the power grid historically has utilized serial communication mechanisms. Leased-line serial communication environments operating at 1200 to 9600 baud rates are common. However, recent trends show that communication media such as fiber, optical carrier 3 (OC-3) speeds, mesh-based high-speed wireless, and the Internet are becoming the media of choice. In addition, a dichotomy has developed between the electrical transmission and distribution environments, with more modern communication infrastructures deployed by transmission utilities. The preceding diagram represents a typical control system. The Communication Links cloud supports all of the communication mechanisms a utility might deploy between the control center and devices in the field. Current methodologies used for security implementations are primarily led by single vendors or standards bodies. However, these entities tend to focus on individual protocols. The result is an environment that contains a mixture of security solutions that may only address some communication protocols at an increasing operational burden for the utility. A single approach is needed that meets operational requirements, is simple to operate, and provides the necessary level of security for all control system communication. The solution should be application independent (e.g., Distributed Network Protocol/Internet Protocol [DNP/IP], International Electrotechnical Commission [IEC] C37.118, Object Linking and Embedding for Process Control [OPC], etc.) and focus on the transport layer. In an ideal setting, a well-designed suite of standards for control system communication will be used for vendor implementation and compliance testing. An expected outcome of this effort is an international standard.

  9. Port Security: Container Cargo Control

    Directory of Open Access Journals (Sweden)

    Vladivoj Vlaković

    2006-05-01

    Full Text Available illicittrafficking of threat materials, especially explosives, chemicalsubstances and radioactive or nuclear material. The transportof the threat materials by using sea routes is an advantageto te"orists especially because of the possible use of ship containers.The container is the basis of world trade. It is assumed thatthe world total movement in containers is about 200 millionTEUs ("20-foot equivalent units" per year. The list of materialstransported by containers which should be subject to inspectionwith the aim of reducing the acts of te"orism includes explosives,narcotics, chemical weapons, hazardous chemicalsand radioactive materials.Of special interest is nuclear te"orism. The risk of nuclearte"orism carried out by sub-national groups should be considerednot only in the construction and/or use of nuclear device,but also in possible radioactive contamination of large urbanareas.The system of ship containers control is an essential componentof «smart border» concept. Modem personnel, parcel,vehicle and cargo inspection systems are non-invasive imagingtechniques based on the use of nuclear analytical techniques.The inspection systems use penetrating radiations: hard x-rays(300 keV or more or gamma-rays from radioactive sources(137Cs and 60Co with energies from 600 to 1300 keV that producea high resolution radiograph of the load. Unfortunately,this information is "non-specific" in that it gives no informationon the nature of objects that do not match_ the travel documentsand are not recognized by a visual analysis of the radiographicpicture. Moreover, there are regions of the containerwherex and gamma-ray systems are "blind" due to the high averageatomic number of the objects i"adiated that appear asblack spots in the radiographic image.The systems being developed are based on the use of fast, 14Me V, neutrons with detection of associated a-particle from nuclearreactionbywhichneutrons are produced (d+t>a+n.Jnsuch a way the possibility to

  10. First Dutch Process Control Security Event

    NARCIS (Netherlands)

    Luiijf, H.A.M.

    2008-01-01

    On May 21st , 2008, the Dutch National Infrastructure against Cyber Crime (NICC) organised their first Process Control Security Event. Mrs. Annemarie Zielstra, the NICC programme manager, opened the event. She welcomed the over 100 representatives of key industry sectors. “Earlier studies in the

  11. Selection of the Best Security Controls for Rapid Development of Enterprise-Level Cyber Security

    Science.gov (United States)

    2017-03-01

    investment (ROI) assessment. This ROI assessment entailed consideration of both the likely/expected security benefits of each candidate security control...the top 10–20 cyber security controls, where ranking was based upon a return on investment (ROI) assessment. This ROI assessment entailed...11  II.  CYBER SECURITY: UNDERLYING PRINCIPLES, FUNDAMENTALS AND BEST PRACTICES .................................................13  A

  12. RFID Based Security Access Control System with GSM Technology

    OpenAIRE

    Peter Adole; Joseph M. Môm; Gabriel A. Igwue

    2016-01-01

    The security challenges being encountered in many places today require electronic means of controlling access to secured premises in addition to the available security personnel. Various technologies were used in different forms to solve these challenges. The Radio Frequency Identification (RFID) Based Access Control Security system with GSM technology presented in this work helps to prevent unauthorized access to controlled environments (secured premises). This is achieved mainly...

  13. Process Control/SCADA system vendor security awareness and security posture.

    NARCIS (Netherlands)

    Luiijf, H.A.M.; Lüders, S.

    2009-01-01

    A starting point for the adequate security of process control/SCADA systems is the security awareness and security posture by the manufacturers, vendors, system integrators, and service organisations. The results of a short set of questions indicate that major security improvements are required in

  14. Trainer module for security control center operations

    International Nuclear Information System (INIS)

    Bernard, E.A.

    1982-01-01

    An operator trainer module has been developed to be used with the security control center equipment to be installed as part of a safeguards physical protection system. The module is designed to provide improved training and testing capabilities for control center operators through the use of simulations for perimeter equipment operations. Operators, through the trainer module, can be challenged with a variety of realistic situations which require responsive action identical to that needed in an actual system. This permits a consistent evaluation and confirmation of operator capabilities prior to assignment as an operator and allows for periodic retesting to verify that adequate performance levels are maintained

  15. Europe, arms control and American security

    International Nuclear Information System (INIS)

    Burns, W.F.

    1992-01-01

    What has come to be called the Revolution of 1989 has swept away longstanding political and economic arrangements in Eastern Europe. Perhaps more important, it has also called into question the fundamental underpinnings of European security created during the nonpeace that followed World War II. In June 1990, the Warsaw Treaty Organization abandoned the notion that NATO was the ideological enemy. At the same time, NATO ministers agreed at Tunberry, Scotland, to consider defining the Atlantic Alliance as more of a partner of the Soviet Union than as an enemy. The Washington summit of May 1990 between president Mikhail Gorbachev and president George Bush further highlighted the recent changes in the Soviet Union and its former satellites. Issues going to the heart of the viability of the Soviet Union and the communist system of political and economic organization competed with German reunification as central themes. Arms control issues, particularly as they pertain in European military stability, became contingent and dependent on the development of a broader political and economic framework for a new Europe. Whether this framework is viable remains an open question as Gorbachev's role is challenged more and more within the Soviet Union. This paper deals with European arms control issues from the point of view of the United States and its own security interests. The United States involved its security inextricably with that of Western Europe as a conscious decision in the turmoil following World War II

  16. Arms control, nonproliferation, and US national security

    International Nuclear Information System (INIS)

    Pilat, J.F.

    1985-01-01

    The continuation of the arms race and the failure of arms control and disarmament negotiations lend support to the belief that US and Soviet power, prestige, and security depend upon nuclear weapons. Therefore, the argument goes, the non-nuclear-weapon states (particularly those that are not allied with nuclear-weapon states and do not share their nuclear shield) may conclude that they would be well served by possession of these weapons. In this sense, the failure of nuclear arms reductions could create incentives for further proliferation

  17. An investigation of secure remote instrument control

    International Nuclear Information System (INIS)

    Schissel, D.P.; Abla, G.; Fredian, T.; Greenwald, M.; Penaflor, B.G.; Stillerman, J.; Walker, M.L.; Ciarlette, D.J.

    2010-01-01

    This paper examines the computer science issues associated with secure remote instrumentation control for magnetic fusion experiments. Computer science research into enhancing the ability to scientifically participate in a fusion experiment remotely has been growing in size in an attempt to better address the needs of fusion scientists worldwide. The natural progression of this research is to examine how to move from remote scientific participation to remote hardware control. The vision is to define a gatekeeper software system that will be the only channel of interaction for incoming requests to the secured area of the experimental site. The role of the gatekeeper is to validate the identification and access privilege of the requestor and to insure the general validity of the proposed request. The vision for the gatekeeper is that it be a modular system that is simple in design and defined in a way that makes its implementation and operation transparent and obvious. The architecture of the module interface is flexible enough that it can easily allow the future addition of new modules. At the same time, it should be transparent to end-users and allow a high volume of activity so as to not provide a work bottleneck. The results of the gatekeeper design and initial implementation are presented as well as a discussion on the implication of this research on the operation of fusion experimental machines such as ITER.

  18. An investigation of secure remote instrument control

    Energy Technology Data Exchange (ETDEWEB)

    Schissel, D.P., E-mail: schissel@fusion.gat.co [General Atomics, P.O. Box 85608, San Diego, CA 92186-5608 (United States); Abla, G. [General Atomics, P.O. Box 85608, San Diego, CA 92186-5608 (United States); Fredian, T.; Greenwald, M. [Massachusetts Institute of Technology, Cambridge, MA (United States); Penaflor, B.G. [General Atomics, P.O. Box 85608, San Diego, CA 92186-5608 (United States); Stillerman, J. [Massachusetts Institute of Technology, Cambridge, MA (United States); Walker, M.L. [General Atomics, P.O. Box 85608, San Diego, CA 92186-5608 (United States); Ciarlette, D.J. [US ITER Project Office, Oak Ridge National Laboratory, Oak Ridge, TN (United States)

    2010-07-15

    This paper examines the computer science issues associated with secure remote instrumentation control for magnetic fusion experiments. Computer science research into enhancing the ability to scientifically participate in a fusion experiment remotely has been growing in size in an attempt to better address the needs of fusion scientists worldwide. The natural progression of this research is to examine how to move from remote scientific participation to remote hardware control. The vision is to define a gatekeeper software system that will be the only channel of interaction for incoming requests to the secured area of the experimental site. The role of the gatekeeper is to validate the identification and access privilege of the requestor and to insure the general validity of the proposed request. The vision for the gatekeeper is that it be a modular system that is simple in design and defined in a way that makes its implementation and operation transparent and obvious. The architecture of the module interface is flexible enough that it can easily allow the future addition of new modules. At the same time, it should be transparent to end-users and allow a high volume of activity so as to not provide a work bottleneck. The results of the gatekeeper design and initial implementation are presented as well as a discussion on the implication of this research on the operation of fusion experimental machines such as ITER.

  19. Parliamentary control of security information agency in terms of security culture: State and problems

    Directory of Open Access Journals (Sweden)

    Radivojević Nenad

    2013-01-01

    Full Text Available Even though security services have the same function as before, today they have different tasks and significantly more work than before. Modern security problems of the late 20th and early 21st century require states to reorganize their security services, adapting them to the new changes. The reorganization involves, among other things, giving wider powers of the security services, in order to effectively counter the growing and sophisticated security threats, which may also lead to violations of human rights and freedoms. It is therefore necessary to define the right competence, organization, authority and control of these services. In democratic countries, there are several institutions with different levels of control of security services. Parliament is certainly one of the most important institutions in that control, both in the world and in our country. Powers, finance, the use of special measures and the nature and scope of work of the Security Information Agency are certainly object of the control of the National Assembly. What seems to be the problem is achieving a balance between the need for control of security services and security services to have effective methods for combating modern security problems. This paper presents the legal framework related to the National Assembly control of the Security Intelligence Agency, as well as the practical problems associated with this type of control. We analyzed the role of security culture as one of the factors of that control. In this regard, it provides guidance for the practical work of the members of parliament who control the Security Intelligence Agency, noting in particular the importance of and the need for continuous improvement of security culture representatives.

  20. Air Traffic Control: Weak Computer Security Practices Jeopardize Flight Safety

    Science.gov (United States)

    1998-05-01

    Given the paramount importance of computer security of Air Traffic Control (ATC) systems, Congress asked the General Accounting Office to determine (1) whether the Fedcral Aviation Administration (FAA) is effectively managing physical security at ATC...

  1. Security of legacy process control systems : Moving towards secure process control systems

    NARCIS (Netherlands)

    Oosterink, M.

    2012-01-01

    This white paper describes solutions which organisations may use to improve the security of their legacy process control systems. When we refer to a legacy system, we generally refer to old methodologies, technologies, computer systems or applications which are still in use, despite the fact that

  2. Nevada National Security Site Radiological Control Manual

    International Nuclear Information System (INIS)

    2012-01-01

    This document supersedes DOE/NV/25946--801, 'Nevada Test Site Radiological Control Manual,' Revision 1 issued in February 2010. Brief Description of Revision: A complete revision to reflect a recent change in name for the NTS; changes in name for some tenant organizations; and to update references to current DOE policies, orders, and guidance documents. Article 237.2 was deleted. Appendix 3B was updated. Article 411.2 was modified. Article 422 was re-written to reflect the wording of DOE O 458.1. Article 431.6.d was modified. The glossary was updated. This manual contains the radiological control requirements to be used for all radiological activities conducted by programs under the purview of the U.S. Department of Energy (DOE) and the U.S. Department of Energy, National Nuclear Security Administration Nevada Site Office (NNSA/NSO). Compliance with these requirements will ensure compliance with Title 10 Code of Federal Regulations (CFR) Part 835, 'Occupational Radiation Protection.' Programs covered by this manual are located at the Nevada National Security Site (NNSS); Nellis Air Force Base and North Las Vegas, Nevada; Santa Barbara and Livermore, California; and Andrews Air Force Base, Maryland. In addition, fieldwork by NNSA/NSO at other locations is covered by this manual. Current activities at NNSS include operating low-level radioactive and mixed waste disposal facilities for United States defense-generated waste, assembly and execution of subcritical experiments, assembly/disassembly of special experiments, the storage and use of special nuclear materials, performing criticality experiments, emergency responder training, surface cleanup and site characterization of contaminated land areas, environmental activity by the University system, and nonnuclear test operations, such as controlled spills of hazardous materials at the Hazardous Materials Spill Center. Currently, the major potential for occupational radiation exposure is associated with the burial of

  3. Nevada National Security Site Radiological Control Manual

    Energy Technology Data Exchange (ETDEWEB)

    Radiological Control Managers’ Council

    2012-03-26

    This document supersedes DOE/NV/25946--801, 'Nevada Test Site Radiological Control Manual,' Revision 1 issued in February 2010. Brief Description of Revision: A complete revision to reflect a recent change in name for the NTS; changes in name for some tenant organizations; and to update references to current DOE policies, orders, and guidance documents. Article 237.2 was deleted. Appendix 3B was updated. Article 411.2 was modified. Article 422 was re-written to reflect the wording of DOE O 458.1. Article 431.6.d was modified. The glossary was updated. This manual contains the radiological control requirements to be used for all radiological activities conducted by programs under the purview of the U.S. Department of Energy (DOE) and the U.S. Department of Energy, National Nuclear Security Administration Nevada Site Office (NNSA/NSO). Compliance with these requirements will ensure compliance with Title 10 Code of Federal Regulations (CFR) Part 835, 'Occupational Radiation Protection.' Programs covered by this manual are located at the Nevada National Security Site (NNSS); Nellis Air Force Base and North Las Vegas, Nevada; Santa Barbara and Livermore, California; and Andrews Air Force Base, Maryland. In addition, fieldwork by NNSA/NSO at other locations is covered by this manual. Current activities at NNSS include operating low-level radioactive and mixed waste disposal facilities for United States defense-generated waste, assembly and execution of subcritical experiments, assembly/disassembly of special experiments, the storage and use of special nuclear materials, performing criticality experiments, emergency responder training, surface cleanup and site characterization of contaminated land areas, environmental activity by the University system, and nonnuclear test operations, such as controlled spills of hazardous materials at the Hazardous Materials Spill Center. Currently, the major potential for occupational radiation exposure is associated with the burial of

  4. An Investigation of Secure Remote Instrument Control

    Energy Technology Data Exchange (ETDEWEB)

    Schissel, D.; Abla, G.; Penaflor, B. [General Atomics, San Diego (United States); Ciarlette, D. [Oak Ridge National Laboratory, Oak Ridge (United States)

    2009-07-01

    This paper examines the computer science issues associated with secure remote instrumentation control for magnetic fusion experiments. Computer science research into enhancing the ability to scientifically participate in a fusion experiment remotely has been growing in size in an attempt to better address the needs of fusion scientists worldwide. The natural progression of this research is to examine how to move from remote scientific participation to remote hardware control. The vision is to define a gatekeeper software system that will be the only channel of interaction for incoming requests to the experimental site. The role of the gatekeeper is to validate the identification and access privilege of the requester and to insure the validity of the proposed request. The vision for the gatekeeper is that it be a modular system that is simple in design and defined in a way that makes its implementation and operation transparent and obvious. The architecture of the module interface is flexible enough that it can easily allow the future addition of new modules. At the same time, it should be transparent to end-users and allow a high volume of activity so as to not provide a work bottleneck. Appropriate security requires the ability to verify identity (authentication), verify access control (authorization), and validate the appropriateness of requests. The validation process can include provenance and semantic methodologies. The results of the gatekeeper design and initial prototype testing will be presented as well as a discussion on the implication of this research on the operation of fusion experimental machines such as ITER. (authors)

  5. Computer Security: your car, my control

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    We have discussed the Internet of Things (IoT) and its security implications already in past issues of the CERN Bulletin, for example in “Today’s paranoia, tomorrow’s reality” (see here). Unfortunately, tomorrow has come. At this years's Black Hat conference researchers presented their findings on how easily your car can be hacked and controlled remotely. Sigh.   While these researchers have just shown that they can wirelessly hijack a Jeep Cherokee, others have performed similar studies with SmartCars, Fords, a Tesla, a Corvette, BMWs, Chryslers and Mercedes! With the increasing computerisation of cars, the engine management system, air conditioning, anti-lock braking system, electronic stability programme, etc. are linked to the infotainment, navigation and communication systems, opening the door for these vehicles to be hacked remotely. The now prevalent Bluetooth connection with smartphones is one entry vector to attack your car remotely...

  6. Help for the Developers of Control System Cyber Security Standards

    Energy Technology Data Exchange (ETDEWEB)

    Robert P. Evans

    2008-05-01

    A Catalog of Control Systems Security: Recommendations for Standards Developers (Catalog), aimed at assisting organizations to facilitate the development and implementation of control system cyber security standards, has been developed. This catalog contains requirements that can help protect control systems from cyber attacks and can be applied to the Critical Infrastructures and Key Resources of the United States and other nations. The requirements contained in the catalog are a compilation of practices or various industry bodies used to increase the security of control systems from both physical and cyber attacks. They should be viewed as a collection of recommendations to be considered and judiciously employed, as appropriate, when reviewing and developing cyber security standards for control systems. The recommendations in the Catalog are intended to be broad enough to provide any industry using control systems the flexibility needed to develop sound cyber security standards specific to their individual security requirements.

  7. Security in Wireless Sensor Networks for Open Controller

    OpenAIRE

    Engvall, Christoffer

    2013-01-01

    In this thesis we develop, evaluate and implement a security solution for Open Controllers wireless sensor network platform. A scenario is used to describe an exemplar application showing how our system is supposed to function. The security of the platform is analyzed using a well-established threat modeling process and attack trees which result in the identification of a number of risks, which could be security weaknesses. These attack trees visualize the security weaknesses in an easy to ac...

  8. Security Controls for NPP I and C Systems

    International Nuclear Information System (INIS)

    Kim, Y. M.; Jeong, C. H.; Kim, T. H.

    2014-01-01

    In Korea, regulatory body have required cyber security plan for nuclear I and C system. Also, all I and C systems and equipment must be classified according to cyber security level and technical, operational and managerial security controls must be provided based on each level. It is necessary to determine the best set of security controls for NPP I and C system. In our research, selection, implementation and verification process of security controls which can be used for I and C systems has developed. For establishing the cyber security of the nuclear I and C system, special cyber security system which consider the difference between general IT system and nuclear I and C system is needed. This research, we developed security improvement methodology for NPP I and C system through establishing security control, applying and verifying activity. Also, the cyber security activities which are needed during development are defined. It is expected that the methodology which has been developed by this research can be used for establish, implement, evaluate the security controls for protecting nuclear I and C system from cyber-attacks

  9. Security Controls for NPP I and C Systems

    Energy Technology Data Exchange (ETDEWEB)

    Kim, Y. M.; Jeong, C. H. [Korea Institute of Nuclear Safety, Daejeon (Korea, Republic of); Kim, T. H. [Formal Works Inc., Seoul (Korea, Republic of)

    2014-05-15

    In Korea, regulatory body have required cyber security plan for nuclear I and C system. Also, all I and C systems and equipment must be classified according to cyber security level and technical, operational and managerial security controls must be provided based on each level. It is necessary to determine the best set of security controls for NPP I and C system. In our research, selection, implementation and verification process of security controls which can be used for I and C systems has developed. For establishing the cyber security of the nuclear I and C system, special cyber security system which consider the difference between general IT system and nuclear I and C system is needed. This research, we developed security improvement methodology for NPP I and C system through establishing security control, applying and verifying activity. Also, the cyber security activities which are needed during development are defined. It is expected that the methodology which has been developed by this research can be used for establish, implement, evaluate the security controls for protecting nuclear I and C system from cyber-attacks.

  10. Mitigations for Security Vulnerabilities Found in Control System Networks

    Energy Technology Data Exchange (ETDEWEB)

    Trent D. Nelson

    2006-05-01

    Industry is aware of the need for Control System (CS) security, but in on-site assessments, Idaho National Laboratory (INL) has observed that security procedures and devices are not consistently and effectively implemented. The Department of Homeland Security (DHS), National Cyber Security Division (NCSD), established the Control Systems Security Center (CSSC) at INL to help industry and government improve the security of the CSs used in the nation's critical infrastructures. One of the main CSSC objectives is to identify control system vulnerabilities and develop effective mitigations for them. This paper discusses common problems and vulnerabilities seen in on-site CS assessments and suggests mitigation strategies to provide asset owners with the information they need to better protect their systems from common security flows.

  11. Command and Control for Homeland Security

    National Research Council Canada - National Science Library

    Greene, Marjorie

    2007-01-01

    ... Analysis of the Toronto SARS Outbreak, Vertical Integration, Vertical Integration in a Military Command Hierarchy, Information flows for a domestic incident, C2 for Homeland Security will benefit...

  12. Process Control Systems in the Chemical Industry: Safety vs. Security

    Energy Technology Data Exchange (ETDEWEB)

    Jeffrey Hahn; Thomas Anderson

    2005-04-01

    Traditionally, the primary focus of the chemical industry has been safety and productivity. However, recent threats to our nation’s critical infrastructure have prompted a tightening of security measures across many different industry sectors. Reducing vulnerabilities of control systems against physical and cyber attack is necessary to ensure the safety, security and effective functioning of these systems. The U.S. Department of Homeland Security has developed a strategy to secure these vulnerabilities. Crucial to this strategy is the Control Systems Security and Test Center (CSSTC) established to test and analyze control systems equipment. In addition, the CSSTC promotes a proactive, collaborative approach to increase industry's awareness of standards, products and processes that can enhance the security of control systems. This paper outlines measures that can be taken to enhance the cybersecurity of process control systems in the chemical sector.

  13. Research and realization of info-net security controlling system

    Science.gov (United States)

    Xu, Tao; Zhang, Wei; Li, Xuhong; Wang, Xia; Pan, Wenwen

    2017-03-01

    The thesis introduces some relative concepts about Network Cybernetics, and we design and realize a new info-net security controlling system based on Network Cybernetics. The system can control the endpoints, safely save files, encrypt communication, supervise actions of users and show security conditions, in order to realize full-scale security management. At last, we simulate the functions of the system. The results show, the system can ensure the controllability of users and devices, and supervise them real-time. The system can maximize the security of the network and users.

  14. Graphs for information security control in software defined networks

    Science.gov (United States)

    Grusho, Alexander A.; Abaev, Pavel O.; Shorgin, Sergey Ya.; Timonina, Elena E.

    2017-07-01

    Information security control in software defined networks (SDN) is connected with execution of the security policy rules regulating information accesses and protection against distribution of the malicious code and harmful influences. The paper offers a representation of a security policy in the form of hierarchical structure which in case of distribution of resources for the solution of tasks defines graphs of admissible interactions in a networks. These graphs define commutation tables of switches via the SDN controller.

  15. Control System Applicable Use Assessment of the Secure Computing Corporation - Secure Firewall (Sidewinder)

    Energy Technology Data Exchange (ETDEWEB)

    Hadley, Mark D.; Clements, Samuel L.

    2009-01-01

    Battelle’s National Security & Defense objective is, “applying unmatched expertise and unique facilities to deliver homeland security solutions. From detection and protection against weapons of mass destruction to emergency preparedness/response and protection of critical infrastructure, we are working with industry and government to integrate policy, operational, technological, and logistical parameters that will secure a safe future”. In an ongoing effort to meet this mission, engagements with industry that are intended to improve operational and technical attributes of commercial solutions that are related to national security initiatives are necessary. This necessity will ensure that capabilities for protecting critical infrastructure assets are considered by commercial entities in their development, design, and deployment lifecycles thus addressing the alignment of identified deficiencies and improvements needed to support national cyber security initiatives. The Secure Firewall (Sidewinder) appliance by Secure Computing was assessed for applicable use in critical infrastructure control system environments, such as electric power, nuclear and other facilities containing critical systems that require augmented protection from cyber threat. The testing was performed in the Pacific Northwest National Laboratory’s (PNNL) Electric Infrastructure Operations Center (EIOC). The Secure Firewall was tested in a network configuration that emulates a typical control center network and then evaluated. A number of observations and recommendations are included in this report relating to features currently included in the Secure Firewall that support critical infrastructure security needs.

  16. Command and Control during Security Incidents/Emergencies

    Energy Technology Data Exchange (ETDEWEB)

    Knipper, W. [NSTec

    2013-10-16

    This presentation builds on our response to events that pose, or have the potential to pose, a serious security or law enforcement risk and must be responded to and controlled in a clear a decisive fashion. We will examine some common concepts in the command and control of security-centric events.

  17. Effectiveness Of Security Controls On Electronic Health Records

    Directory of Open Access Journals (Sweden)

    Everleen Wanyonyi

    2017-12-01

    Full Text Available Electronic Health Record EHR systems enhance efficiency and effectiveness in handling patients information in healthcare. This study focused on the EHR security by initially establishing the nature of threats affecting the system and reviewing the implemented security safeguards. The study was done at a referral hospital level 6 government facility in Kenya. Purposive sampling was used to select a sample of 196 out of 385 staff and a questionnaire designed for qualitative data collection. Data was analyzed using SPSS software. Correlations and binary logistic regression were obtained. Binary Logistic Regression BLR was used to establish the effect of the safeguards predictors on EHR security. It was established that physical security contributes more to the security of an information system than administrative controls and technical controls in that order. BLR helped in predicting effective safeguards to control EHR security threats in limited resourced public health facilities.

  18. Ideal Based Cyber Security Technical Metrics for Control Systems

    Energy Technology Data Exchange (ETDEWEB)

    W. F. Boyer; M. A. McQueen

    2007-10-01

    Much of the world's critical infrastructure is at risk from attack through electronic networks connected to control systems. Security metrics are important because they provide the basis for management decisions that affect the protection of the infrastructure. A cyber security technical metric is the security relevant output from an explicit mathematical model that makes use of objective measurements of a technical object. A specific set of technical security metrics are proposed for use by the operators of control systems. Our proposed metrics are based on seven security ideals associated with seven corresponding abstract dimensions of security. We have defined at least one metric for each of the seven ideals. Each metric is a measure of how nearly the associated ideal has been achieved. These seven ideals provide a useful structure for further metrics development. A case study shows how the proposed metrics can be applied to an operational control system.

  19. Command and Control for Homeland Security

    National Research Council Canada - National Science Library

    Greene, Marjorie

    2007-01-01

    ... Security June 2006, NIMS Revision Version 2 March 2007, NWDC Domestic Disaster Relief Operations Planning, 15 May 2006, AFRL-Supported Studies on Large- Scale Coordination, A Sociotechnical Systems...

  20. Control Mechanism and Security Region for Intentional Islanding Transition

    DEFF Research Database (Denmark)

    Chen, Yu; Xu, Zhao; Østergaard, Jacob

    2009-01-01

    in the grid. The concept of Islanding Security Region (ISR) has been proposed as an organic composition of the developed control mechanism. The purpose of this control mechanism is to maintain the frequency stability and eventually the security of power supply to the customers, by utilizing resources from...... generation and demand sides. The control mechanism can be extended to consider the distributed generations like wind power and other innovative technologies such as the Demand as Frequency controlled Reserve (DFR) technique in the future....

  1. Carboy Security Testing and Training Programs for Industrial Control Systems

    International Nuclear Information System (INIS)

    Noyes, Daniel

    2012-01-01

    Service providers rely on industrial control systems (ICS) to manage the flow of water at dams, open breakers on power grids, control ventilation and cooling in nuclear power plants, and more. In today's interconnected environment, this can present a serious cyber security challenge. To combat this growing challenge, government, private industry, and academia are working together to reduce cyber risks. The Idaho National Laboratory (INL) is a key contributor to the Department of Energy National SCADA Test Bed (NSTB) and the Department of Homeland Security (DHS) Control Systems Security Program (CSSP), both of which focus on improving the overall security posture of ICS in the national critical infrastructure. In support of the NSTB, INL hosts a dedicated SCADA testing facility which consists of multiple control systems supplied by leading national and international manufacturers. Within the test bed, INL researchers systematically examine control system components and work to identify vulnerabilities. In support of the CSSP, INL develops and conducts training courses which are designed to increase awareness and defensive capabilities for IT/Control System professionals. These training vary from web-based cyber security training for control systems engineers to more advanced hands-on training that culminates with a Red Team/Blue Team exercise that is conducted within an actual control systems environment. INL also provides staffing and operational support to the DHS Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) Security Operations Center which responds to and analyzes control systems cyber incidents across the 18 US critical infrastructure sectors

  2. Cyber Security Testing and Training Programs for Industrial Control Systems

    International Nuclear Information System (INIS)

    Noyes, Daniel

    2012-01-01

    Service providers rely on industrial control systems (ICS) to manage the flow of water at dams, open breakers on power grids, control ventilation and cooling in nuclear power plants, and more. In today's interconnected environment, this can present a serious cyber security challenge. To combat this growing challenge, government, private industry, and academia are working together to reduce cyber risks. The Idaho National Laboratory (INL) is a key contributor to the Department of Energy National SCADA Test Bed (NSTB) and the Department of Homeland Security (DHS) Control Systems Security Program (CSSP), both of which focus on improving the overall security posture of ICS in the national critical infrastructure. In support of the NSTB, INL hosts a dedicated SCADA testing facility which consists of multiple control systems supplied by leading national and international manufacturers. Within the test bed, INL researchers systematically examine control system components and work to identify vulnerabilities. In support of the CSSP, INL develops and conducts training courses which are designed to increase awareness and defensive capabilities for IT/Control System professionals. These trainings vary from web-based cyber security trainings for control systems engineers to more advanced hands-on training that culminates with a Red Team/ Blue Team exercise that is conducted within an actual control systems environment. INL also provides staffing and operational support to the DHS Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) Security Operations Center which responds to and analyzes control systems cyber incidents across the 18 US critical infrastructure sectors.

  3. Cyber Security Testing and Training Programs for Industrial Control Systems

    Energy Technology Data Exchange (ETDEWEB)

    Daniel Noyes

    2012-03-01

    Service providers rely on industrial control systems (ICS) to manage the flow of water at dams, open breakers on power grids, control ventilation and cooling in nuclear power plants, and more. In today's interconnected environment, this can present a serious cyber security challenge. To combat this growing challenge, government, private industry, and academia are working together to reduce cyber risks. The Idaho National Laboratory (INL) is a key contributor to the Department of Energy National SCADA Test Bed (NSTB) and the Department of Homeland Security (DHS) Control Systems Security Program (CSSP), both of which focus on improving the overall security posture of ICS in the national critical infrastructure. In support of the NSTB, INL hosts a dedicated SCADA testing facility which consists of multiple control systems supplied by leading national and international manufacturers. Within the test bed, INL researchers systematically examine control system components and work to identify vulnerabilities. In support of the CSSP, INL develops and conducts training courses which are designed to increase awareness and defensive capabilities for IT/Control System professionals. These trainings vary from web-based cyber security trainings for control systems engineers to more advanced hands-on training that culminates with a Red Team/ Blue Team exercise that is conducted within an actual control systems environment. INL also provides staffing and operational support to the DHS Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) Security Operations Center which responds to and analyzes control systems cyber incidents across the 18 US critical infrastructure sectors.

  4. UGV: security analysis of subsystem control network

    Science.gov (United States)

    Abbott-McCune, Sam; Kobezak, Philip; Tront, Joseph; Marchany, Randy; Wicks, Al

    2013-05-01

    Unmanned Ground vehicles (UGVs) are becoming prolific in the heterogeneous superset of robotic platforms. The sensors which provide odometry, localization, perception, and vehicle diagnostics are fused to give the robotic platform a sense of the environment it is traversing. The automotive industry CAN bus has dominated the industry due to the fault tolerance and the message structure allowing high priority messages to reach the desired node in a real time environment. UGVs are being researched and produced at an accelerated rate to preform arduous, repetitive, and dangerous missions that are associated with a military action in a protracted conflict. The technology and applications of the research will inevitably be turned into dual-use platforms to aid civil agencies in the performance of their various operations. Our motivation is security of the holistic system; however as subsystems are outsourced in the design, the overall security of the system may be diminished. We will focus on the CAN bus topology and the vulnerabilities introduced in UGVs and recognizable security vulnerabilities that are inherent in the communications architecture. We will show how data can be extracted from an add-on CAN bus that can be customized to monitor subsystems. The information can be altered or spoofed to force the vehicle to exhibit unwanted actions or render the UGV unusable for the designed mission. The military relies heavily on technology to maintain information dominance, and the security of the information introduced onto the network by UGVs must be safeguarded from vulnerabilities that can be exploited.

  5. Process Control System Cyber Security Standards - An Overview

    Energy Technology Data Exchange (ETDEWEB)

    Robert P. Evans

    2006-05-01

    The use of cyber security standards can greatly assist in the protection of process control systems by providing guidelines and requirements for the implementation of computer-controlled systems. These standards are most effective when the engineers and operators, using the standards, understand what each standard addresses. This paper provides an overview of several standards that deal with the cyber security of process measurements and control systems.

  6. Designing a machinery control system (MCS) security testbed

    OpenAIRE

    Desso, Nathan H.

    2014-01-01

    Approved for public release; distribution is unlimited Industrial control systems (ICS) face daily cyber security threats, can have a significant impact to the security of our nation, and present a difficult challenge to defend. Critical infrastructures, including military systems like the machinery control systems (MCS) found onboard modern U.S. warships, are affected because of their use of commercial automation solutions. The increase of automated control systems within the U.S. Navy sa...

  7. Governing Insecurity: Democratic Control of Military and Security ...

    African Journals Online (AJOL)

    P H Stoker

    democratic control of military and security institutions is strategic to democratisation for two main reasons: firstly because these institutions have a peculiar intimate relationship to political power and secondly because their security functions, including the management of insecurities that may be generated by democratisation ...

  8. Computer security of NPP instrumentation and control systems: categorization

    International Nuclear Information System (INIS)

    Klevtsov, A.L.; Simonov, A.A.; Trubchaninov, S.A.

    2016-01-01

    The paper is devoted to studying categorization of NPP instrumentation and control (I&C) systems from the point of view of computer security and to consideration of the computer security levels and zones used by the International Atomic Energy Agency (IAEA). The paper also describes the computer security degrees and zones regulated by the International Electrotechnical Commission (IEC) standard. The computer security categorization of the systems used by the U.S. Nuclear Regulatory Commission (NRC) is presented. The experts analyzed the main differences in I&C systems computer security categorization accepted by the IAEA, IEC and U.S. NRC. The approaches to categorization that should be advisably used in Ukraine during the development of regulation on NPP I&C systems computer security are proposed in the paper

  9. Measurable Control System Security through Ideal Driven Technical Metrics

    Energy Technology Data Exchange (ETDEWEB)

    Miles McQueen; Wayne Boyer; Sean McBride; Marie Farrar; Zachary Tudor

    2008-01-01

    The Department of Homeland Security National Cyber Security Division supported development of a small set of security ideals as a framework to establish measurable control systems security. Based on these ideals, a draft set of proposed technical metrics was developed to allow control systems owner-operators to track improvements or degradations in their individual control systems security posture. The technical metrics development effort included review and evaluation of over thirty metrics-related documents. On the bases of complexity, ambiguity, or misleading and distorting effects the metrics identified during the reviews were determined to be weaker than necessary to aid defense against the myriad threats posed by cyber-terrorism to human safety, as well as to economic prosperity. Using the results of our metrics review and the set of security ideals as a starting point for metrics development, we identified thirteen potential technical metrics - with at least one metric supporting each ideal. Two case study applications of the ideals and thirteen metrics to control systems were then performed to establish potential difficulties in applying both the ideals and the metrics. The case studies resulted in no changes to the ideals, and only a few deletions and refinements to the thirteen potential metrics. This led to a final proposed set of ten core technical metrics. To further validate the security ideals, the modifications made to the original thirteen potential metrics, and the final proposed set of ten core metrics, seven separate control systems security assessments performed over the past three years were reviewed for findings and recommended mitigations. These findings and mitigations were then mapped to the security ideals and metrics to assess gaps in their coverage. The mappings indicated that there are no gaps in the security ideals and that the ten core technical metrics provide significant coverage of standard security issues with 87% coverage. Based

  10. Insights on the Security and Dependability of Industrial Control Systems

    NARCIS (Netherlands)

    Kargl, Frank; van der Heijden, R.; van der Heijden, Rens W.; König, Hartmut; Valdes, Alfonso; Dacier, Marc C.

    2014-01-01

    The authors discuss the findings of a recent research seminar on the security and dependability of industrial control systems and provide an overview of major challenges in the field and areas where current research should focus.

  11. Need an Information Security in Access Control System?

    Directory of Open Access Journals (Sweden)

    V. R. Petrov

    2011-12-01

    Full Text Available The purpose of this paper is the general problems of information security in access control system. The field of using is the in project of reconstruction Physical protection system.

  12. How to implement security controls for an information security program at CBRN facilities

    International Nuclear Information System (INIS)

    Lenaeus, Joseph D.; O'Neil, Lori Ross; Leitch, Rosalyn M.; Glantz, Clifford S.; Landine, Guy P.; Bryant, Janet L.; Lewis, John; Mathers, Gemma; Rodger, Robert; Johnson, Christopher

    2015-01-01

    This document was prepared by PNNL within the framework of Project 19 of the European Union Chemical Biological Radiological and Nuclear Risk Mitigation Centres of Excellence Initiative entitled, ''Development of procedures and guidelines to create and improve secure information management systems and data exchange mechanisms for CBRN materials under regulatory control.'' It provides management and workers at CBRN facilities, parent organization managers responsible for those facilities, and regulatory agencies (governmental and nongovernmental) with guidance on the best practices for protecting information security. The security mitigation approaches presented in this document were chosen because they present generally accepted guidance in an easy-to-understand manner, making it easier for facility personnel to grasp key concepts and envision how security controls could be implemented by the facility. This guidance is presented from a risk management perspective.

  13. How to implement security controls for an information security program at CBRN facilities

    Energy Technology Data Exchange (ETDEWEB)

    Lenaeus, Joseph D. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); O' Neil, Lori Ross [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Leitch, Rosalyn M. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Glantz, Clifford S. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Landine, Guy P. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Bryant, Janet L. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Lewis, John [National Nuclear Lab., Workington (United Kingdom); Mathers, Gemma [National Nuclear Lab., Workington (United Kingdom); Rodger, Robert [National Nuclear Lab., Workington (United Kingdom); Johnson, Christopher [National Nuclear Lab., Workington (United Kingdom)

    2015-12-01

    This document was prepared by PNNL within the framework of Project 19 of the European Union Chemical Biological Radiological and Nuclear Risk Mitigation Centres of Excellence Initiative entitled, ''Development of procedures and guidelines to create and improve secure information management systems and data exchange mechanisms for CBRN materials under regulatory control.'' It provides management and workers at CBRN facilities, parent organization managers responsible for those facilities, and regulatory agencies (governmental and nongovernmental) with guidance on the best practices for protecting information security. The security mitigation approaches presented in this document were chosen because they present generally accepted guidance in an easy-to-understand manner, making it easier for facility personnel to grasp key concepts and envision how security controls could be implemented by the facility. This guidance is presented from a risk management perspective.

  14. Recommendations on Future Operational Environments Command Control and Cyber Security

    OpenAIRE

    Goztepe, Kerim

    2015-01-01

    It is a well-known fact that today a nation's telecommunication networks, critical infrastructure, and information systems are vulnerable to growing number of attacks in cyberspace. Cyber space contains very different problems involving various sets of threats, targets and costs. Cyber security is not only problem of banking, communication or transportation. It also threatens core systems of army as command control. Some significant recommendations on command control (C2) and cyber security h...

  15. Process Control Security in the Cybercrime Information Exchange NICC

    OpenAIRE

    Luiijf, H.A.M.

    2009-01-01

    Detecting, investigating and prosecuting cybercrime? Extremely important, but not really the solution for the problem. Prevention is better! The sectors that have joined the Cybercrime Information Exchange have accepted the challenge of ensuring the effectiveness of the (information) security of process control systems (PCS), including SCADA. This publication makes it clear why it is vital that organizations establish and maintain control over the security of the information and communication...

  16. A Calculus for Control Flow Analysis of Security Protocols

    DEFF Research Database (Denmark)

    Buchholtz, Mikael; Nielson, Hanne Riis; Nielson, Flemming

    2004-01-01

    The design of a process calculus for anaysing security protocols is governed by three factors: how to express the security protocol in a precise and faithful manner, how to accommodate the variety of attack scenarios, and how to utilise the strengths (and limit the weaknesses) of the underlying...... analysis methodology. We pursue an analysis methodology based on control flow analysis in flow logic style and we have previously shown its ability to analyse a variety of security protocols. This paper develops a calculus, LysaNS that allows for much greater control and clarity in the description...

  17. Computer Security: Protect your plant: a "serious game" about control system cyber-security

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    Control system cyber-security is attracting increasing attention: from cybercriminals, from the media and from security researchers.   After the legendary “Stuxnet” attacks of 2010 against an Iranian uranium enrichment plant, the infiltration of Saudi Aramco in 2012, and most recently the hacking of German blast furnaces, we should be prepared. Just imagine what would happen if hackers turned off the lights in Geneva and the Pays-de-Gex for a month? (“Hacking control systems, switching lights off!"). Or if attackers infiltrated CERN’s accelerator or experiment control systems and stopped us from pursuing our core business: delivering beams and recording particle collisions (“Hacking control systems, switching... accelerators off?"). Now you can test your ability to protect an industrial plant against cyber-threats! The Computer Security Team, in collaboration with Kaspersky Lab, is organising a so-...

  18. Security of the data transmission in the industrial control system

    Directory of Open Access Journals (Sweden)

    Marcin Bednarek

    2015-12-01

    Full Text Available The theme of this paper is to present the data transmission security system between the stations of the industrial control system. The possible options for secure communications between process stations, as well as between process and operator station are described. Transmission security mechanism is based on algorithms for symmetric and asymmetric encryption. The authentication process uses a software token algorithm and a one-way hash function. The algorithm for establishing a secured connection between the stations, including the authentication process and encryption of data transmission is given. The process of securing the transmission consists of 4 sub-processes: (I authentication; (II asymmetric, public keys transmission; (III symmetric key transmission; (IV data transmission. The presented process of securing the transmission was realized in the industrial controller and emulator. For this purpose, programming languages in accordance with EN 61131 were used. The functions were implemented as user function blocks. This allows us to include a mixed code in the structure of the block (both: ST and FBD. Available function categories: support of the asymmetric encryption; asymmetric encryption utility functions; support of the symmetric encryption; symmetric encryption utility functions; support of the hash value calculations; utility functions of conversion.[b]Keywords[/b]: transmission security, encryption, authentication, industrial control system

  19. Improving Control System Security through the Evaluation of Current Trends in Computer Security Research

    Energy Technology Data Exchange (ETDEWEB)

    Rolston

    2005-03-01

    At present, control system security efforts are primarily technical and reactive in nature. What has been overlooked is the need for proactive efforts, focused on the IT security research community from which new threats might emerge. Evaluating cutting edge IT security research and how it is evolving can provide defenders with valuable information regarding what new threats and tools they can anticipate in the future. Only known attack methodologies can be blocked, and there is a gap between what is known to the general security community and what is being done by cutting edge researchers --both those trying to protect systems and those trying to compromise them. The best security researchers communicate with others in their field; they know what cutting edge research is being done; what software can be penetrated via this research; and what new attack techniques and methodologies are being circulated in the black hat community. Standardization of control system applications, operating systems, and networking protocols is occurring at a rapid rate, following a path similar to the standardization of modern IT networks. Many attack methodologies used on IT systems can be ported over to the control system environment with little difficulty. It is extremely important to take advantage of the lag time between new research, its use on traditional IT networks, and the time it takes to port the research over for use on a control system network. Analyzing nascent trends in IT security and determining their applicability to control system networks provides significant information regarding defense mechanisms needed to secure critical infrastructure more effectively. This work provides the critical infrastructure community with a better understanding of how new attacks might be launched, what layers of defense will be needed to deter them, how the attacks could be detected, and how their impact could be limited.

  20. Controlled and secure direct communication using GHZ state and teleportation

    International Nuclear Information System (INIS)

    Gao, T.

    2004-01-01

    A theoretical scheme for controlled and secure direct communication is proposed. The communication is based on GHZ state and controlled quantum teleportation. After insuring the security of the quantum channel (a set of qubits in the GHZ state), alice encodes the secret message directly on a sequence of particle states in the GHZ state and transmits them to Bob, supervised by Charlie using controlled quantum teleportation. Bob can read out the encoded messages directly by the measurement on his qubits. In this scheme, the controlled quantum teleportation transmits alice's message without revealing any information to a potential eavesdropper. Because there is not a transmission of the qubit carrying the secret messages between Alice and Bob in the public channel, it is completely secure for controlled and direct secret communication if a perfect quantum channel is used. The feature of this scheme is that the communication between two sides depends on the agreement of a third side. (orig.)

  1. Carboy Security Testing and Training Programs for Industrial Control Systems

    Energy Technology Data Exchange (ETDEWEB)

    Noyes, Daniel [Idaho National Laboratory, Idaho (United States)

    2012-03-15

    Service providers rely on industrial control systems (ICS) to manage the flow of water at dams, open breakers on power grids, control ventilation and cooling in nuclear power plants, and more. In today's interconnected environment, this can present a serious cyber security challenge. To combat this growing challenge, government, private industry, and academia are working together to reduce cyber risks. The Idaho National Laboratory (INL) is a key contributor to the Department of Energy National SCADA Test Bed (NSTB) and the Department of Homeland Security (DHS) Control Systems Security Program (CSSP), both of which focus on improving the overall security posture of ICS in the national critical infrastructure. In support of the NSTB, INL hosts a dedicated SCADA testing facility which consists of multiple control systems supplied by leading national and international manufacturers. Within the test bed, INL researchers systematically examine control system components and work to identify vulnerabilities. In support of the CSSP, INL develops and conducts training courses which are designed to increase awareness and defensive capabilities for IT/Control System professionals. These training vary from web-based cyber security training for control systems engineers to more advanced hands-on training that culminates with a Red Team/Blue Team exercise that is conducted within an actual control systems environment. INL also provides staffing and operational support to the DHS Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) Security Operations Center which responds to and analyzes control systems cyber incidents across the 18 US critical infrastructure sectors.

  2. IT Security Support for Spaceport Command and Control System

    Science.gov (United States)

    McLain, Jeffrey

    2013-01-01

    During the fall 2013 semester, I worked at the Kennedy Space Center as an IT Security Intern in support of the Spaceport Command and Control System under the guidance of the IT Security Lead Engineer. Some of my responsibilities included assisting with security plan documentation collection, system hardware and software inventory, and malicious code and malware scanning. Throughout the semester, I had the opportunity to work on a wide range of security related projects. However, there are three projects in particular that stand out. The first project I completed was updating a large interactive spreadsheet that details the SANS Institutes Top 20 Critical Security Controls. My task was to add in all of the new commercial of the shelf (COTS) software listed on the SANS website that can be used to meet their Top 20 controls. In total, there are 153 unique security tools listed by SANS that meet one or more of their 20 controls. My second project was the creation of a database that will allow my mentor to keep track of the work done by the contractors that report to him in a more efficient manner by recording events as they occur throughout the quarter. Lastly, I expanded upon a security assessment of the Linux machines being used on center that I began last semester. To do this, I used a vulnerability and configuration tool that scans hosts remotely through the network and presents the user with an abundance of information detailing each machines configuration. The experience I gained from working on each of these projects has been invaluable, and I look forward to returning in the spring semester to continue working with the IT Security team.

  3. Climate: an issue of security or of strategic control?

    International Nuclear Information System (INIS)

    Mascre, D.

    2010-01-01

    For the United States, climate has become a national security issue. In September 2009 the CIA created a Centre for Climate Change to monitor space and the biosphere, and to verify the levels of pollution of every country worldwide. This initiative is more than just a new mission; it marks a change of policy which acknowledges the new security-related troika of climate, economy and strategic control. (author)

  4. Distributed Secure Coordinated Control for Multiagent Systems Under Strategic Attacks.

    Science.gov (United States)

    Feng, Zhi; Wen, Guanghui; Hu, Guoqiang

    2017-05-01

    This paper studies a distributed secure consensus tracking control problem for multiagent systems subject to strategic cyber attacks modeled by a random Markov process. A hybrid stochastic secure control framework is established for designing a distributed secure control law such that mean-square exponential consensus tracking is achieved. A connectivity restoration mechanism is considered and the properties on attack frequency and attack length rate are investigated, respectively. Based on the solutions of an algebraic Riccati equation and an algebraic Riccati inequality, a procedure to select the control gains is provided and stability analysis is studied by using Lyapunov's method.. The effect of strategic attacks on discrete-time systems is also investigated. Finally, numerical examples are provided to illustrate the effectiveness of theoretical analysis.

  5. The process matters: cyber security in industrial control systems

    NARCIS (Netherlands)

    Hadziosmanovic, D.

    2014-01-01

    An industrial control system (ICS) is a computer system that controls industrial processes such as power plants, water and gas distribution, food production, etc. Since cyber-attacks on an ICS may have devastating consequences on human lives and safety in general, the security of ICS is important.

  6. Agricultural pest control programmes, food security and safety | Eze ...

    African Journals Online (AJOL)

    Agricultural pest management control strategies are primarily concerned with food security and safety. Popular pest control methods include application of synthetic pesticides, biopesticides (plant extracts), non-chemical pest management and integrated pest management (IPM). The resistance of some of the pests to the ...

  7. Education Organization Baseline Control Protection and Trusted Level Security

    Directory of Open Access Journals (Sweden)

    Wasim A. Al-Hamdani

    2007-12-01

    Full Text Available Many education organizations have adopted for security the enterprise best practices for implementation on their campuses, while others focus on ISO Standard (or/and the National Institution of Standards and Technology.All these adoptions are dependent on IT personal and their experiences or knowledge of the standard. On top of this is the size of the education organizations. The larger the population in an education organization, the more the problem of information and security become very clear. Thus, they have been obliged to comply with information security issues and adopt the national or international standard. The case is quite different when the population size of the education organization is smaller. In such education organizations, they use social security numbers as student ID, and issue administrative rights to faculty and lab managers – or they are not aware of the Family Educational Rights and Privacy Act (FERPA – and release some personal information.The problem of education organization security is widely open and depends on the IT staff and their information security knowledge in addition to the education culture (education, scholarships and services has very special characteristics other than an enterprise or comparative organizationThis paper is part of a research to develop an “Education Organization Baseline Control Protection and Trusted Level Security.” The research has three parts: Adopting (standards, Testing and Modifying (if needed.

  8. IT Security Support for the Spaceport Command Control System Development

    Science.gov (United States)

    Varise, Brian

    2014-01-01

    My job title is IT Security support for the Spaceport Command & Control System Development. As a cyber-security analyst it is my job to ensure NASA's information stays safe from cyber threats, such as, viruses, malware and denial-of-service attacks by establishing and enforcing system access controls. Security is very important in the world of technology and it is used everywhere from personal computers to giant networks ran by Government agencies worldwide. Without constant monitoring analysis, businesses, public organizations and government agencies are vulnerable to potential harmful infiltration of their computer information system. It is my responsibility to ensure authorized access by examining improper access, reporting violations, revoke access, monitor information request by new programming and recommend improvements. My department oversees the Launch Control System and networks. An audit will be conducted for the LCS based on compliance with the Federal Information Security Management Act (FISMA) and The National Institute of Standards and Technology (NIST). I recently finished analyzing the SANS top 20 critical controls to give cost effective recommendations on various software and hardware products for compliance. Upon my completion of this internship, I will have successfully completed my duties as well as gain knowledge that will be helpful to my career in the future as a Cyber Security Analyst.

  9. IT Security Aspects of Industrial Control Systems

    Directory of Open Access Journals (Sweden)

    Peter Holecko

    2006-01-01

    Full Text Available This paper discusses a set of general network system architectures for industrial process control systems as well as vulnerabilities related to these systems and the IT threats these systems are exposed to from the point of view of Common Criteria methodology and ITU-T recommendation X.805.

  10. Cyber Security of Industrial Control Systems

    NARCIS (Netherlands)

    Luiijf, H.A.M.; Paske, B.J. te

    2015-01-01

    Our society and its citizens depend on the undisturbed functioning of (critical) infrastructures and their services. Crucial processes in most critical infrastructures, and in many other organisations, rely on the correct and undisturbed functioning of Industrial Control Systems (ICS). A failure of

  11. Cyber secure systems approach for NPP digital control systems

    Energy Technology Data Exchange (ETDEWEB)

    McCreary, T. J.; Hsu, A. [HF Controls Corporation, 16650 Westgrove Drive, Addison, TX 75001 (United States)

    2006-07-01

    Whether fossil or nuclear power, the chief operations goal is to generate electricity. The heart of most plant operations is the I and C system. With the march towards open architecture, the I and C system is more vulnerable than ever to system security attacks (denial of service, virus attacks and others), thus jeopardizing plant operations. Plant staff must spend large amounts of time and money setting up and monitoring a variety of security strategies to counter the threats and actual attacks to the system. This time and money is a drain on the financial performance of a plant and distracts valuable operations resources from their real goals: product. The pendulum towards complete open architecture may have swung too far. Not all aspects of proprietary hardware and software are necessarily 'bad'. As the aging U.S. fleet of nuclear power plants starts to engage in replacing legacy control systems, and given the on-going (and legitimate) concern about the security of present digital control systems, decisions about how best to approach cyber security are vital to the specification and selection of control system vendors for these upgrades. The authors maintain that utilizing certain resources available in today's digital technology, plant control systems can be configured from the onset to be inherently safe, so that plant staff can concentrate on the operational issues of the plant. The authors postulate the concept of the plant I and C being bounded in a 'Cyber Security Zone' and present a design approach that can alleviate the concern and cost at the plant level of dealing with system security strategies. Present approaches through various IT cyber strategies, commercial software, and even postulated standards from various industry/trade organizations are almost entirely reactive and simply add to cost and complexity. This Cyber Security Zone design demonstrates protection from the four classes of cyber security attacks: 1)Threat from

  12. Cyber secure systems approach for NPP digital control systems

    International Nuclear Information System (INIS)

    McCreary, T. J.; Hsu, A.

    2006-01-01

    Whether fossil or nuclear power, the chief operations goal is to generate electricity. The heart of most plant operations is the I and C system. With the march towards open architecture, the I and C system is more vulnerable than ever to system security attacks (denial of service, virus attacks and others), thus jeopardizing plant operations. Plant staff must spend large amounts of time and money setting up and monitoring a variety of security strategies to counter the threats and actual attacks to the system. This time and money is a drain on the financial performance of a plant and distracts valuable operations resources from their real goals: product. The pendulum towards complete open architecture may have swung too far. Not all aspects of proprietary hardware and software are necessarily 'bad'. As the aging U.S. fleet of nuclear power plants starts to engage in replacing legacy control systems, and given the on-going (and legitimate) concern about the security of present digital control systems, decisions about how best to approach cyber security are vital to the specification and selection of control system vendors for these upgrades. The authors maintain that utilizing certain resources available in today's digital technology, plant control systems can be configured from the onset to be inherently safe, so that plant staff can concentrate on the operational issues of the plant. The authors postulate the concept of the plant I and C being bounded in a 'Cyber Security Zone' and present a design approach that can alleviate the concern and cost at the plant level of dealing with system security strategies. Present approaches through various IT cyber strategies, commercial software, and even postulated standards from various industry/trade organizations are almost entirely reactive and simply add to cost and complexity. This Cyber Security Zone design demonstrates protection from the four classes of cyber security attacks: 1)Threat from an intruder attempting to

  13. Accountancy, physical control and security: a question of balance

    International Nuclear Information System (INIS)

    Bishop, D.M.; Wilson, D.W.; Shaver, J.W.

    1976-01-01

    The historical development of current domestic safeguards regulations is summarized, from the perspective of an operating licensee nuclear fuel facility, in terms of timing, basis and need. Principal aspects of material accounting and physical security as independent approaches to safeguards control are described and analyzed in terms of overlap and effectiveness. Concerns with the licensee safeguards regulatory process are discussed, and development needs are identified. Recommendations are made which contribute to the evolution and improvement of safeguards based on a ''top-down'' systems approach to regulation using proven accounting, physical control and security principles to attain defined objectives

  14. Process Control System Cyber Security Standards - An Overview

    Energy Technology Data Exchange (ETDEWEB)

    Robert P. Evans; V Stanley Scown; Rolf Carlson; Shabbir Shamsuddin; George Shaw; Jeff Dagle; Paul W Oman; Jeannine Schmidt

    2005-10-01

    The use of cyber security standards can greatly assist in the protection of critical infrastructure by providing guidelines and requisite imperatives in the implementation of computer-controlled systems. These standards are most effective when the engineers and operators using the standards understand what each of the standards addresses and does not address. This paper provides a review and comparison of ten documents dealing with control system cyber security. It is not meant to be a complete treatment of all applicable standards; rather, this is an exemplary analysis showing the benefits of comparing and contrasting differing documents.

  15. SPCC- Software Elements for Security Partition Communication Controller

    Science.gov (United States)

    Herpel, H. J.; Willig, G.; Montano, G.; Tverdyshev, S.; Eckstein, K.; Schoen, M.

    2016-08-01

    Future satellite missions like Earth Observation, Telecommunication or any other kind are likely to be exposed to various threats aiming at exploiting vulnerabilities of the involved systems and communications. Moreover, the growing complexity of systems coupled with more ambitious types of operational scenarios imply increased security vulnerabilities in the future. In the paper we will describe an architecture and software elements to ensure high level of security on-board a spacecraft. First the threats to the Security Partition Communication Controller (SPCC) will be addressed including the identification of specific vulnerabilities to the SPCC. Furthermore, appropriate security objectives and security requirements are identified to be counter the identified threats. The security evaluation of the SPCC will be done in accordance to the Common Criteria (CC). The Software Elements for SPCC has been implemented on flight representative hardware which consists of two major elements: the I/O board and the SPCC board. The SPCC board provides the interfaces with ground while the I/O board interfaces with typical spacecraft equipment busses. Both boards are physically interconnected by a high speed spacewire (SpW) link.

  16. Secure Control Systems for the Energy Sector

    Energy Technology Data Exchange (ETDEWEB)

    Smith, Rhett [Schweitzer Engineering Lab., Inc., Alpharetta, GA (United States); Stewart, John [Tennessee Valley Authority, Knoxville, TN (United States); Chavez, Adrian [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

    2014-10-22

    The Padlock Project is an alliance between Tennessee Valley Authority (TVA), Sandia National Laboratories (SNL), and Schweitzer Engineering Laboratories Inc. (SEL). SEL is the prime contractor on the Padlock project. Rhett Smith (SEL) is the project director and Adrian Chaves (SNL) and John Stewart (TVA) are principle investigators. SEL is the world’s leader in microprocessor-based electronic equipment for protecting electric power systems. The Tennessee Valley Authority, a corporation owned by the U.S. government, provides electricity for 9 million people in parts of seven southeastern states at prices below the national average. TVA, which receives no taxpayer money and makes no profits, also provides flood control, navigation and land management for the Tennessee River system and assists utilities, and state and local governments with economic development.

  17. Communication, control and security challenges for the smart grid

    CERN Document Server

    Muyeen, SM

    2017-01-01

    The Smart Grid is a modern electricity grid allowing for distributed, renewable intermittent generation, partly owned by consumers. This requires advanced control and communication technologies in order to provide high quality power supply and secure generation, transmission and distribution. This book outlines these emerging technologies.

  18. State Control over Private Military and Security Companies in Armed ...

    African Journals Online (AJOL)

    NWUuser

    State Control over Private Military and Security Companies in Armed Conflict by H Tonkin ... (US) in the Iraqi theatre by 2007 exceeded the number of US troops, and in 2010 .... due diligence to promote PMSC compliance therewith. ... relying on existing accountability frameworks of international law, new domestic and.

  19. Securing a control system: experiences from ISO 27001 implementation

    International Nuclear Information System (INIS)

    Vuppala, V.; Vincent, J.; Kusler, J.; Davidson, K.

    2012-01-01

    Recent incidents of breaches, in control systems in specific and information systems in general, have emphasized the importance of security and operational continuity in achieving the quality objectives of an organization, and the safety of its personnel and infrastructure. However, security and disaster recovery are either completely ignored or given a low priority during the design and development of an accelerator control system, the underlying technologies, and the overlaid applications. This leads to an operational facility that is easy to breach, and difficult to recover. Retrofitting security into a control system becomes much more difficult during operations. In this paper we describe our experiences with implementing ISO/IEC 27001 Standard for information security at the Electronics Department of the National Superconducting Cyclotron Laboratory (NSCL) located on the campus of Michigan State University. We describe our risk assessment methodology, the identified risks, the selected controls, their implementation, and our documentation structure. We also report the current status of the project. We conclude with the challenges faced and the lessons learnt. (authors)

  20. Secure Data Transfer Guidance for Industrial Control and SCADA Systems

    Energy Technology Data Exchange (ETDEWEB)

    Mahan, Robert E.; Fluckiger, Jerry D.; Clements, Samuel L.; Tews, Cody W.; Burnette, John R.; Goranson, Craig A.; Kirkham, Harold

    2011-09-01

    This document was developed to provide guidance for the implementation of secure data transfer in a complex computational infrastructure representative of the electric power and oil and natural gas enterprises and the control systems they implement. For the past 20 years the cyber security community has focused on preventative measures intended to keep systems secure by providing a hard outer shell that is difficult to penetrate. Over time, the hard exterior, soft interior focus changed to focus on defense-in-depth adding multiple layers of protection, introducing intrusion detection systems, more effective incident response and cleanup, and many other security measures. Despite much larger expenditures and more layers of defense, successful attacks have only increased in number and severity. Consequently, it is time to re-focus the conventional approach to cyber security. While it is still important to implement measures to keep intruders out, a new protection paradigm is warranted that is aimed at discovering attempted or real compromises as early as possible. Put simply, organizations should take as fact that they have been, are now, or will be compromised. These compromises may be intended to steal information for financial gain as in the theft of intellectual property or credentials that lead to the theft of financial resources, or to lie silent until instructed to cause physical or electronic damage and/or denial of services. This change in outlook has been recently confirmed by the National Security Agency [19]. The discovery of attempted and actual compromises requires an increased focus on monitoring events by manual and/or automated log monitoring, detecting unauthorized changes to a system's hardware and/or software, detecting intrusions, and/or discovering the exfiltration of sensitive information and/or attempts to send inappropriate commands to ICS/SCADA (Industrial Control System/Supervisory Control And Data Acquisition) systems.

  1. Microcontroller Based Home Security and Load Controlling Using Gsm Technology

    OpenAIRE

    Mustafijur Rahman; A.H.M Zadidul Karim; Sultanur Nyeem; Faisal Khan; Golam Matin

    2015-01-01

    "Home automation" referred to as 'Intelligent home' or 'automated home', indicates the automation of daily tasks with electrical devices used in homes. This could be the control of lights or more complex chores such as remote viewing of the house interiors for surveillance purposes. The emerging concept of smart homes offers a comfortable, convenient and safe and secure environment for occupants. These include automatic load controlling, fire detection, temperature sensing, and motion detecti...

  2. Cyber Security Scenarios and Control for Small and Medium Enterprises

    Directory of Open Access Journals (Sweden)

    Nilaykumar Kiran SANGANI

    2012-01-01

    Full Text Available As the world advances towards the computing era, security threats keeps on increasing in the form of malware, viruses, internet attack, theft of IS assets / technology and a lot more. This is a major concern for any form of business. Loss in company’s status / liability / reputation is a huge downfall for a running business. We have witnessed the attacks getting carried out; large firm’s data getting breached / government bodies’ sites getting phished / attacked. These huge entities have technology expertise to safeguard their company’s interest against such attacks through investing huge amounts of capital in manpower and secure tools. But what about SMEs? SMEs enrich a huge part of the country’s economy. Big organizations have their own security measures policy which ideally is not applied when it comes to a SME. The aim of this paper is to come out with an Information Security Assurance Cyber Control for SMEs (ISACC against common cyber security threats implemented at a cost effective measure.

  3. Cyber security for remote monitoring and control of small reactors

    Energy Technology Data Exchange (ETDEWEB)

    Trask, D., E-mail: dave.trask@cnl.ca [Atomic Energy of Canada Limited, Chalk River, ON (Canada); Jung, C. [Canadian Nuclear Safety Commission, Ottawa, ON (Canada); MacDonald, M., E-mail: marienna.macdonald@cnl.ca [Atomic Energy of Canada Limited, Chalk River, ON (Canada)

    2014-07-01

    There is growing international interest and activity in the development of small nuclear reactor technology with a number of vendors interested in building small reactors in Canada to serve remote locations. A common theme of small reactor designs proposed for remote Canadian locations is the concept of a centrally located main control centre operating several remotely located reactors via satellite communications. This theme was echoed at a recent IAEA conference where a recommendation was made to study I&C for remotely controlled small modular reactors, including satellite links and cyber security. This paper summarizes the results of an AECL-CNSC research project to analyze satellite communication technologies used for remote monitoring and control functions in order to provide cyber security regulatory considerations. The scope of this research included a basic survey of existing satellite communications technology and its use in industrial control applications, a brief history of satellite vulnerabilities and a broad review of over 50 standards, guidelines, and regulations from recognized institutions covering safety, cyber security, and industrial communication networks including wireless communications in general. This paper concludes that satellite communications should not be arbitrarily excluded by standards or regulation from use for the remote control and monitoring of small nuclear reactors. Instead, reliance should be placed on processes that are independent of any particular technology, such as reducing risks by applying control measures and demonstrating required reliability through good design practices and testing. Ultimately, it is compliance to well-developed standards that yields the evidence to conclude whether a particular application that uses satellite communications is safe and secure. (author)

  4. Cyber security for remote monitoring and control of small reactors

    International Nuclear Information System (INIS)

    Trask, D.; Jung, C.; MacDonald, M.

    2014-01-01

    There is growing international interest and activity in the development of small nuclear reactor technology with a number of vendors interested in building small reactors in Canada to serve remote locations. A common theme of small reactor designs proposed for remote Canadian locations is the concept of a centrally located main control centre operating several remotely located reactors via satellite communications. This theme was echoed at a recent IAEA conference where a recommendation was made to study I&C for remotely controlled small modular reactors, including satellite links and cyber security. This paper summarizes the results of an AECL-CNSC research project to analyze satellite communication technologies used for remote monitoring and control functions in order to provide cyber security regulatory considerations. The scope of this research included a basic survey of existing satellite communications technology and its use in industrial control applications, a brief history of satellite vulnerabilities and a broad review of over 50 standards, guidelines, and regulations from recognized institutions covering safety, cyber security, and industrial communication networks including wireless communications in general. This paper concludes that satellite communications should not be arbitrarily excluded by standards or regulation from use for the remote control and monitoring of small nuclear reactors. Instead, reliance should be placed on processes that are independent of any particular technology, such as reducing risks by applying control measures and demonstrating required reliability through good design practices and testing. Ultimately, it is compliance to well-developed standards that yields the evidence to conclude whether a particular application that uses satellite communications is safe and secure. (author)

  5. INDUSTRIAL CONTROL SYSTEM CYBER SECURITY: QUESTIONS AND ANSWERS RELEVANT TO NUCLEAR FACILITIES, SAFEGUARDS AND SECURITY

    Energy Technology Data Exchange (ETDEWEB)

    Robert S. Anderson; Mark Schanfein; Trond Bjornard; Paul Moskowitz

    2011-07-01

    Typical questions surrounding industrial control system (ICS) cyber security always lead back to: What could a cyber attack do to my system(s) and; how much should I worry about it? These two leading questions represent only a fraction of questions asked when discussing cyber security as it applies to any program, company, business, or organization. The intent of this paper is to open a dialog of important pertinent questions and answers that managers of nuclear facilities engaged in nuclear facility security and safeguards should examine, i.e., what questions should be asked; and how do the answers affect an organization's ability to effectively safeguard and secure nuclear material. When a cyber intrusion is reported, what does that mean? Can an intrusion be detected or go un-noticed? Are nuclear security or safeguards systems potentially vulnerable? What about the digital systems employed in process monitoring, and international safeguards? Organizations expend considerable efforts to ensure that their facilities can maintain continuity of operations against physical threats. However, cyber threats particularly on ICSs may not be well known or understood, and often do not receive adequate attention. With the disclosure of the Stuxnet virus that has recently attacked nuclear infrastructure, many organizations have recognized the need for an urgent interest in cyber attacks and defenses against them. Several questions arise including discussions about the insider threat, adequate cyber protections, program readiness, encryption, and many more. These questions, among others, are discussed so as to raise the awareness and shed light on ways to protect nuclear facilities and materials against such attacks.

  6. Industrial Control System Cyber Security: Questions And Answers Relevant To Nuclear Facilities, Safeguards And Security

    International Nuclear Information System (INIS)

    Anderson, Robert S.; Schanfein, Mark; Bjornard, Trond; Moskowitz, Paul

    2011-01-01

    Typical questions surrounding industrial control system (ICS) cyber security always lead back to: What could a cyber attack do to my system(s) and; how much should I worry about it? These two leading questions represent only a fraction of questions asked when discussing cyber security as it applies to any program, company, business, or organization. The intent of this paper is to open a dialog of important pertinent questions and answers that managers of nuclear facilities engaged in nuclear facility security and safeguards should examine, i.e., what questions should be asked; and how do the answers affect an organization's ability to effectively safeguard and secure nuclear material. When a cyber intrusion is reported, what does that mean? Can an intrusion be detected or go un-noticed? Are nuclear security or safeguards systems potentially vulnerable? What about the digital systems employed in process monitoring, and international safeguards? Organizations expend considerable efforts to ensure that their facilities can maintain continuity of operations against physical threats. However, cyber threats particularly on ICSs may not be well known or understood, and often do not receive adequate attention. With the disclosure of the Stuxnet virus that has recently attacked nuclear infrastructure, many organizations have recognized the need for an urgent interest in cyber attacks and defenses against them. Several questions arise including discussions about the insider threat, adequate cyber protections, program readiness, encryption, and many more. These questions, among others, are discussed so as to raise the awareness and shed light on ways to protect nuclear facilities and materials against such attacks.

  7. Secure Dynamic access control scheme of PHR in cloud computing.

    Science.gov (United States)

    Chen, Tzer-Shyong; Liu, Chia-Hui; Chen, Tzer-Long; Chen, Chin-Sheng; Bau, Jian-Guo; Lin, Tzu-Ching

    2012-12-01

    With the development of information technology and medical technology, medical information has been developed from traditional paper records into electronic medical records, which have now been widely applied. The new-style medical information exchange system "personal health records (PHR)" is gradually developed. PHR is a kind of health records maintained and recorded by individuals. An ideal personal health record could integrate personal medical information from different sources and provide complete and correct personal health and medical summary through the Internet or portable media under the requirements of security and privacy. A lot of personal health records are being utilized. The patient-centered PHR information exchange system allows the public autonomously maintain and manage personal health records. Such management is convenient for storing, accessing, and sharing personal medical records. With the emergence of Cloud computing, PHR service has been transferred to storing data into Cloud servers that the resources could be flexibly utilized and the operation cost can be reduced. Nevertheless, patients would face privacy problem when storing PHR data into Cloud. Besides, it requires a secure protection scheme to encrypt the medical records of each patient for storing PHR into Cloud server. In the encryption process, it would be a challenge to achieve accurately accessing to medical records and corresponding to flexibility and efficiency. A new PHR access control scheme under Cloud computing environments is proposed in this study. With Lagrange interpolation polynomial to establish a secure and effective PHR information access scheme, it allows to accurately access to PHR with security and is suitable for enormous multi-users. Moreover, this scheme also dynamically supports multi-users in Cloud computing environments with personal privacy and offers legal authorities to access to PHR. From security and effectiveness analyses, the proposed PHR access

  8. Security Challenges in Smart-Grid Metering and Control Systems

    Directory of Open Access Journals (Sweden)

    Xinxin Fan

    2013-07-01

    Full Text Available The smart grid is a next-generation power system that is increasingly attracting the attention of government, industry, and academia. It is an upgraded electricity network that depends on two-way digital communications between supplier and consumer that in turn give support to intelligent metering and monitoring systems. Considering that energy utilities play an increasingly important role in our daily life, smart-grid technology introduces new security challenges that must be addressed. Deploying a smart grid without adequate security might result in serious consequences such as grid instability, utility fraud, and loss of user information and energy-consumption data. Due to the heterogeneous communication architecture of smart grids, it is quite a challenge to design sophisticated and robust security mechanisms that can be easily deployed to protect communications among different layers of the smart grid-infrastructure. In this article, we focus on the communication-security aspect of a smart-grid metering and control system from the perspective of cryptographic techniques, and we discuss different mechanisms to enhance cybersecurity of the emerging smart grid. We aim to provide a comprehensive vulnerability analysis as well as novel insights on the cybersecurity of a smart grid.

  9. Control Systems Cyber Security:Defense in Depth Strategies

    Energy Technology Data Exchange (ETDEWEB)

    David Kuipers; Mark Fabro

    2006-05-01

    Information infrastructures across many public and private domains share several common attributes regarding IT deployments and data communications. This is particularly true in the control systems domain. A majority of the systems use robust architectures to enhance business and reduce costs by increasing the integration of external, business, and control system networks. However, multi-network integration strategies often lead to vulnerabilities that greatly reduce the security of an organization, and can expose mission-critical control systems to cyber threats. This document provides guidance and direction for developing ‘defense-in-depth’ strategies for organizations that use control system networks while maintaining a multi-tier information architecture that requires: Maintenance of various field devices, telemetry collection, and/or industrial-level process systems Access to facilities via remote data link or modem Public facing services for customer or corporate operations A robust business environment that requires connections among the control system domain, the external Internet, and other peer organizations.

  10. Synchronized control of spiral CT scan for security inspection device

    International Nuclear Information System (INIS)

    Wang Jue; Jiang Zenghui; Wang Fuquan

    2008-01-01

    In security inspection system of spiral CT, the synchronization between removing and rotating, and the scan synchronization between rotating and sampling influence quality of image reconstruction, so it is difficulty and important that how to realize synchronized scan. According to the controlling demand of multi-slice Spiral CT, the method to realize synchronized scan is given. a synchronized control system is designed, in which we use a industrial PC as the control computer, use magnetic grids as position detectors, use alternating current servo motor and roller motor as drivers respectively drive moving axis and rotating axis. This method can solve the problem of synchronized scan, and has a feasibility and value of use. (authors)

  11. Information security of industrial control systems: possible attack vectors and protection methods

    Directory of Open Access Journals (Sweden)

    Ignatiy A. Grachkov

    2018-03-01

    obtaining unauthorized access to industrial control systems using the Shodan search engine is described and recommendations how to ensure information security of the industrial control system are given.

  12. 78 FR 43963 - Twenty-Third Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

    Science.gov (United States)

    2013-07-22

    ... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S. Department of Transportation (DOT). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security... meeting of the RTCA Special Committee 224, Airport Security Access Control Systems. DATES: The meeting...

  13. Information Security and Wireless: Alternate Approaches for Controlling Access to Critical Information

    National Research Council Canada - National Science Library

    Nandram, Winsome

    2004-01-01

    .... Typically, network managers implement countermeasures to augment security. The goal of this thesis is to research approaches that compliment existing security measures with fine grain access control measures. The Extensible Markup Language (XML) is adopted to accommodate such granular access control as it provides the mechanisms for scaling security down to the document content level.

  14. Computer Security of NPP Instrumentation and Control Systems: Cyber Threats

    International Nuclear Information System (INIS)

    Klevtsov, A.L.; Trubchaninov, S.A.

    2015-01-01

    The paper is devoted to cyber threats, as one of the aspects in computer security of instrumentation and control systems for nuclear power plants (NPP). The basic concepts, terms and definitions are shortly addressed. The paper presents a detailed analysis of potential cyber threats during the design and operation of NPP instrumentation and control systems. Eleven major types of threats are considered, including: the malicious software and hardware Trojans (in particular, in commercial-off-the-shelf software and hardware), computer attacks through data networks and intrusion of malicious software from an external storage media and portable devices. Particular attention is paid to the potential use of lower safety class software as a way of harmful effects (including the intrusion of malicious fragments of code) on higher safety class software. The examples of actual incidents at various nuclear facilities caused by intentional cyber attacks or unintentional computer errors during the operation of software of systems important to NPP safety.

  15. Synergy between Security and Safeguards in Uranium Concentrate Export Control

    International Nuclear Information System (INIS)

    Soumana, T.

    2010-01-01

    This paper is a proposal to the government of Niger and all national institutions involved in the ISSAS and INSSERV Missions held in Niger to optimally coordinate they activities in nuclear field. It is essential to notice that Niger has significant nuclear activities, mainly in uranium prospecting, mining, milling, and export. In Niger, there are also many radioactive sources in non nuclear use. The safeguards agreement of Niger, infcirc/664, is in force since 16 February 2005 and its relating additional protocol since 2 May 2007. For the safeguards implementation in Niger, Government has requested to the IAEA an ISSAS Mission which was completed in February 2008. A main recommendation of this mission is to consider an overall plan for security measures and in this regards, an INSSERV Mission was completed in December 2008. Nuclear safeguards conclusions focus on correctness and completeness of declarations provided by operators. Nuclear security activities (prevention, detection and response) are useful contributions to confirm safeguards conclusions specially, a good detection strategy at national level can help to confirm the absence of undeclared activities in a country like Niger. Many governmental institutions are involved in nuclear activities and there are lacks of communication between them. Creating a synergy between safeguards and security can federate the mechanisms of control at national level and have impact in many aspects specially in (i) awareness of decision makers (ii) optimal use of the equipments (iii) organizing training activities and human resource management and (iv) designing national strategic plans. The institution which hosted the two IAEA consultative missions (Directorate of Peaceful Use of Nuclear Techniques-DUPTN for the ISSAS Mission and Civil Defence for INSSERV Mission) in consultation with other national institutions had to create a framework for this synergy. This framework must be submitted to the IAEA for observation and

  16. Civil control over the security institutions in South Africa ...

    African Journals Online (AJOL)

    security policy. The main aim of this article is therefore to assist critical new thinking regarding security.6. Then, to draw policy implications for the governance of security and intelligence ...... network of institutions and relationships that involve vertical and horizontal accountability . Important is Karl s observation that ...

  17. The research on information security technology for the industrial control system of special equipment

    International Nuclear Information System (INIS)

    Chen Ligang; Liu Hongye; Zhang Wei; Sun Jianying; Lan Peng; Dai Sidan

    2014-01-01

    With the rapid development of information technology in enterprise application, industrial control network and management network is becoming more and more closely linked. Development and application of special equipment control system from the traditional industrial control system, not considered when designing communication security problem mainly, therefore, the industrial control system opened at the same time, isolation control system and the outside was weakened, the safety problems of industrial control system had become more and more serious. The practical application combined with the special equipment control system, analysis and elaboration in view of security problems for the control network, also, provide appropriate security solutions for professional characteristics of industrial control network, design on process control system specially, provide security partition protection scheme, in order to improve security ability of industrial control system information. (authors)

  18. A Case Study on Cyber-security Program for the Programmable Logic Controller of Modern NPPs

    International Nuclear Information System (INIS)

    Song, S. H.; Lee, M. S.; Kim, T. H.; Park, C. H.; Park, S. P.; Kim, H. S.

    2014-01-01

    As instrumentation and control (I and C) systems for modern Nuclear Power Plants (NPPs) have been digitalized to cope with their growing complexity, the cyber-security has become an important issue. To protect the I and C systems adequately from cyber threats, such as Stuxnet that attacked Iran's nuclear facilities, regulations of many countries require a cyber-security program covering all the life cycle phases of the system development, from the concept to the retirement. This paper presents a case study of cyber-security program that has been performed during the development of the programmable logic controller (PLC) for modern NPPs of Korea. In the case study, a cyber-security plan, including technical, management, and operational controls, was established through a security risk assessment. Cyber-security activities, such as development of security functions and periodic inspections, were conducted according to the plan: the security functions were applied to the PLC as the technical controls, and periodic inspections and audits were held to check the security of the development environment, as the management and operational controls. A final penetration test was conducted to inspect all the security problems that had been issued during the development. The case study has shown that the systematic cyber-security program detected and removed the vulnerabilities of the target system, which could not be found otherwise, enhancing the cyber-security of the system

  19. A Case Study on Cyber-security Program for the Programmable Logic Controller of Modern NPPs

    Energy Technology Data Exchange (ETDEWEB)

    Song, S. H. [Korea University, Seoul (Korea, Republic of); Lee, M. S.; Kim, T. H. [Formal Work Inc., Seoul (Korea, Republic of); Park, C. H. [LINE Corp., Tokyo (Japan); Park, S. P. [Ahnlab Inc., Seoul (Korea, Republic of); Kim, H. S. [Sejong University, Seoul (Korea, Republic of)

    2014-08-15

    As instrumentation and control (I and C) systems for modern Nuclear Power Plants (NPPs) have been digitalized to cope with their growing complexity, the cyber-security has become an important issue. To protect the I and C systems adequately from cyber threats, such as Stuxnet that attacked Iran's nuclear facilities, regulations of many countries require a cyber-security program covering all the life cycle phases of the system development, from the concept to the retirement. This paper presents a case study of cyber-security program that has been performed during the development of the programmable logic controller (PLC) for modern NPPs of Korea. In the case study, a cyber-security plan, including technical, management, and operational controls, was established through a security risk assessment. Cyber-security activities, such as development of security functions and periodic inspections, were conducted according to the plan: the security functions were applied to the PLC as the technical controls, and periodic inspections and audits were held to check the security of the development environment, as the management and operational controls. A final penetration test was conducted to inspect all the security problems that had been issued during the development. The case study has shown that the systematic cyber-security program detected and removed the vulnerabilities of the target system, which could not be found otherwise, enhancing the cyber-security of the system.

  20. Systematic elicitation of cyber-security controls for NPP I and C system

    Energy Technology Data Exchange (ETDEWEB)

    Lee, M. S.; Kim, T. H. [Formal Works Inc., Seoul (Korea, Republic of); Park, S. P. [AhnLab Inc., Seongnam (Korea, Republic of); Kim, Y. M. [Korea Institute of Nuclear Safety, Daejeon (Korea, Republic of)

    2015-05-15

    Cyber-security implementation starts with a development of a cyber security plan considering characteristics of I and C system. In this paper, we describe a method that develops a cyber security plan for NPP I and C system. Especially, we propose a method for systematic elicitation of technical security controls that should be applied to I and C system. We expect that this study can provide a basis to develop a cyber-security plan for I and C system. Also, the study can contribute enhancing security to NPP I and C system. The rest of the paper is organized as follows: Section 2 introduces activities to develop a cyber-security plan and presents the result of each activity of the security plan. Section 3 concludes the paper. We proposed a method for systematic elicitation of security controls and described the method through examples. Development companies that want to implement cyber-security in I and C system can develop a cyber-security plan and apply the cyber-security program to their system according to our method. We expect that this study can provide a basis to develop a cyber-security plan for I and C system. Also, the study can contribute enhancing security to NPP I and C system.

  1. Systematic elicitation of cyber-security controls for NPP I and C system

    International Nuclear Information System (INIS)

    Lee, M. S.; Kim, T. H.; Park, S. P.; Kim, Y. M.

    2015-01-01

    Cyber-security implementation starts with a development of a cyber security plan considering characteristics of I and C system. In this paper, we describe a method that develops a cyber security plan for NPP I and C system. Especially, we propose a method for systematic elicitation of technical security controls that should be applied to I and C system. We expect that this study can provide a basis to develop a cyber-security plan for I and C system. Also, the study can contribute enhancing security to NPP I and C system. The rest of the paper is organized as follows: Section 2 introduces activities to develop a cyber-security plan and presents the result of each activity of the security plan. Section 3 concludes the paper. We proposed a method for systematic elicitation of security controls and described the method through examples. Development companies that want to implement cyber-security in I and C system can develop a cyber-security plan and apply the cyber-security program to their system according to our method. We expect that this study can provide a basis to develop a cyber-security plan for I and C system. Also, the study can contribute enhancing security to NPP I and C system

  2. 36 CFR 1256.70 - What controls access to national security-classified information?

    Science.gov (United States)

    2010-07-01

    ... national security-classified information? 1256.70 Section 1256.70 Parks, Forests, and Public Property... HISTORICAL MATERIALS Access to Materials Containing National Security-Classified Information § 1256.70 What controls access to national security-classified information? (a) The declassification of and public access...

  3. Control Systems Security Center Comparison Study of Industrial Control System Standards against the Control Systems Protection Framework Cyber-Security Requirements

    Energy Technology Data Exchange (ETDEWEB)

    Robert P. Evans

    2005-09-01

    Cyber security standards, guidelines, and best practices for control systems are critical requirements that have been delineated and formally recognized by industry and government entities. Cyber security standards provide a common language within the industrial control system community, both national and international, to facilitate understanding of security awareness issues but, ultimately, they are intended to strengthen cyber security for control systems. This study and the preliminary findings outlined in this report are an initial attempt by the Control Systems Security Center (CSSC) Standard Awareness Team to better understand how existing and emerging industry standards, guidelines, and best practices address cyber security for industrial control systems. The Standard Awareness Team comprised subject matter experts in control systems and cyber security technologies and standards from several Department of Energy (DOE) National Laboratories, including Argonne National Laboratory, Idaho National Laboratory, Pacific Northwest National Laboratory, and Sandia National Laboratories. This study was conducted in two parts: a standard identification effort and a comparison analysis effort. During the standard identification effort, the Standard Awareness Team conducted a comprehensive open-source survey of existing control systems security standards, regulations, and guidelines in several of the critical infrastructure (CI) sectors, including the telecommunication, water, chemical, energy (electric power, petroleum and oil, natural gas), and transportation--rail sectors and sub-sectors. During the comparison analysis effort, the team compared the requirements contained in selected, identified, industry standards with the cyber security requirements in ''Cyber Security Protection Framework'', Version 0.9 (hereafter referred to as the ''Framework''). For each of the seven sector/sub-sectors listed above, one standard was

  4. An Information Security Control Assessment Methodology for Organizations

    Science.gov (United States)

    Otero, Angel R.

    2014-01-01

    In an era where use and dependence of information systems is significantly high, the threat of incidents related to information security that could jeopardize the information held by organizations is more and more serious. Alarming facts within the literature point to inadequacies in information security practices, particularly the evaluation of…

  5. A survey of approaches combining safety and security for industrial control systems

    International Nuclear Information System (INIS)

    Kriaa, Siwar; Pietre-Cambacedes, Ludovic; Bouissou, Marc; Halgand, Yoran

    2015-01-01

    The migration towards digital control systems creates new security threats that can endanger the safety of industrial infrastructures. Addressing the convergence of safety and security concerns in this context, we provide a comprehensive survey of existing approaches to industrial facility design and risk assessment that consider both safety and security. We also provide a comparative analysis of the different approaches identified in the literature. - Highlights: • We raise awareness of safety and security convergence in numerical control systems. • We highlight safety and security interdependencies for modern industrial systems. • We give a survey of approaches combining safety and security engineering. • We discuss the potential of the approaches to model safety and security interactions

  6. A comprehensive Network Security Risk Model for process control networks.

    Science.gov (United States)

    Henry, Matthew H; Haimes, Yacov Y

    2009-02-01

    The risk of cyber attacks on process control networks (PCN) is receiving significant attention due to the potentially catastrophic extent to which PCN failures can damage the infrastructures and commodity flows that they support. Risk management addresses the coupled problems of (1) reducing the likelihood that cyber attacks would succeed in disrupting PCN operation and (2) reducing the severity of consequences in the event of PCN failure or manipulation. The Network Security Risk Model (NSRM) developed in this article provides a means of evaluating the efficacy of candidate risk management policies by modeling the baseline risk and assessing expectations of risk after the implementation of candidate measures. Where existing risk models fall short of providing adequate insight into the efficacy of candidate risk management policies due to shortcomings in their structure or formulation, the NSRM provides model structure and an associated modeling methodology that captures the relevant dynamics of cyber attacks on PCN for risk analysis. This article develops the NSRM in detail in the context of an illustrative example.

  7. Intelligent Security Auditing Based on Access Control of Devices in Ad Hoc Network

    Institute of Scientific and Technical Information of China (English)

    XU Guang-wei; SHI You-qun; ZHU Ming; WU Guo-wen; CAO Qi-ying

    2006-01-01

    Security in Ad Hoc network is an important issue under the opening circumstance of application service. Some protocols and models of security auditing have been proposed to ensure rationality of contracting strategy and operating regulation and used to identify abnormal operation. Model of security auditing based on access control of devices will be advanced to register sign of devices and property of event of access control and to audit those actions. In the end, the model is analyzed and simulated.

  8. Global security and the impacts in nuclear matter control: Nuclear Security Summit 2016

    International Nuclear Information System (INIS)

    Lima, Martonio Mont’Alverne Barreto; Barreto, Midred Cavalcante

    2017-01-01

    Due to the current international security instability, especially resulting from traffic and nuclear terrorism threat proliferation, the Nuclear Security Summits were conceived with the objective of increasing the cooperation between States, institutions and international organisms, as well as conducting a global community in following the guidelines and action plans which have produced curious results such as the reduction and the removal of enriched uranium in some countries, the reinforcement of safeguard installations that store radioactive materials and the establishment of Excellence Centers, qualification, training and technological development in the fight against nuclear weaponry traffic. (author)

  9. Global security and the impacts in nuclear matter control: Nuclear Security Summit 2016

    Energy Technology Data Exchange (ETDEWEB)

    Lima, Martonio Mont’Alverne Barreto; Barreto, Midred Cavalcante, E-mail: barreto@unifor.br, E-mail: midredcb@hotmail.com [Universidade de Fortaleza (UNIFOR), CE (Brazil)

    2017-07-01

    Due to the current international security instability, especially resulting from traffic and nuclear terrorism threat proliferation, the Nuclear Security Summits were conceived with the objective of increasing the cooperation between States, institutions and international organisms, as well as conducting a global community in following the guidelines and action plans which have produced curious results such as the reduction and the removal of enriched uranium in some countries, the reinforcement of safeguard installations that store radioactive materials and the establishment of Excellence Centers, qualification, training and technological development in the fight against nuclear weaponry traffic. (author)

  10. Control and Non-Payload Communications (CNPC) Prototype Radio - Generation 2 Security Architecture Lab Test Report

    Science.gov (United States)

    Iannicca, Dennis C.; McKim, James H.; Stewart, David H.; Thadhani, Suresh K.; Young, Daniel P.

    2015-01-01

    NASA Glenn Research Center, in cooperation with Rockwell Collins, is working to develop a prototype Control and Non-Payload Communications (CNPC) radio platform as part of NASA Integrated Systems Research Program's (ISRP) Unmanned Aircraft Systems (UAS) Integration in the National Airspace System (NAS) project. A primary focus of the project is to work with the FAA and industry standards bodies to build and demonstrate a safe, secure, and efficient CNPC architecture that can be used by industry to evaluate the feasibility of deploying a system using these technologies in an operational capacity. GRC has been working in conjunction with these groups to assess threats, identify security requirements, and to develop a system of standards-based security controls that can be applied to the current GRC prototype CNPC architecture as a demonstration platform. The security controls were integrated into a lab test bed mock-up of the Mobile IPv6 architecture currently being used for NASA flight testing, and a series of network tests were conducted to evaluate the security overhead of the controls compared to the baseline CNPC link without any security. The aim of testing was to evaluate the performance impact of the additional security control overhead when added to the Mobile IPv6 architecture in various modes of operation. The statistics collected included packet captures at points along the path to gauge packet size as the sample data traversed the CNPC network, round trip latency, jitter, and throughput. The effort involved a series of tests of the baseline link, a link with Robust Header Compression (ROHC) and without security controls, a link with security controls and without ROHC, and finally a link with both ROHC and security controls enabled. The effort demonstrated that ROHC is both desirable and necessary to offset the additional expected overhead of applying security controls to the CNPC link.

  11. Network Attack Detection and Defense: Securing Industrial Control Systems for Critical Infrastructures (Dagstuhl Seminar 14292)

    NARCIS (Netherlands)

    Dacer, Marc; Kargl, Frank; König, Hartmut; Valdes, Alfonso

    2014-01-01

    This report documents the program and the outcomes of Dagstuhl Seminar 14292 “Network Attack Detection and Defense: Securing Industrial Control Systems for Critical Infrastructures”. The main objective of the seminar was to discuss new approaches and ideas for securing industrial control systems. It

  12. Process Control Security in the Cybercrime Information Exchange NICC

    NARCIS (Netherlands)

    Luiijf, H.A.M.

    2009-01-01

    Detecting, investigating and prosecuting cybercrime? Extremely important, but not really the solution for the problem. Prevention is better! The sectors that have joined the Cybercrime Information Exchange have accepted the challenge of ensuring the effectiveness of the (information) security of

  13. 32 CFR 552.109 - Routine security controls.

    Science.gov (United States)

    2010-07-01

    ..., dependent, or DoD civilian identification cards are authorized unimpeded access to Fort Lewis during periods... who desire to visit unit areas, club facilities and other recreational facilities, security personnel...

  14. Study to Improve Security for IoT Smart Device Controller: Drawbacks and Countermeasures

    Directory of Open Access Journals (Sweden)

    Xin Su

    2018-01-01

    Full Text Available Including mobile environment, conventional security mechanisms have been adapted to satisfy the needs of users. However, the device environment-IoT-based number of connected devices is quite different to the previous traditional desktop PC- or mobile-based environment. Based on the IoT, different kinds of smart and mobile devices are fully connected automatically via device controller, such as smartphone. Therefore, controller must be secure compared to conventional security mechanism. According to the existing security threats, these are quite different from the previous ones. Thus, the countermeasures applied should be changed. However, the smart device-based authentication techniques that have been proposed to date are not adequate in terms of usability and security. From the viewpoint of usability, the environment is based on mobility, and thus devices are designed and developed to enhance their owners’ efficiency. Thus, in all applications, there is a need to consider usability, even when the application is a security mechanism. Typically, mobility is emphasized over security. However, considering that the major characteristic of a device controller is deeply related to its owner’s private information, a security technique that is robust to all kinds of attacks is mandatory. In this paper, we focus on security. First, in terms of security achievement, we investigate and categorize conventional attacks and emerging issues and then analyze conventional and existing countermeasures, respectively. Finally, as countermeasure concepts, we propose several representative methods.

  15. Division of Cyber Safety and Security Responsibilities Between Control System Owners and Suppliers

    OpenAIRE

    Skotnes , Ruth

    2016-01-01

    Part 2: CONTROL SYSTEMS SECURITY; International audience; The chapter discusses the important issue of responsibility for information and communications technology (ICT) – or cyber – safety and security for industrial control systems and the challenges involved in dividing the responsibility between industrial control system owners and suppliers in the Norwegian electric power supply industry. Industrial control system owners are increasingly adopting information and communications technologi...

  16. Security-Enhanced Push Button Configuration for Home Smart Control.

    Science.gov (United States)

    Han, Junghee; Park, Taejoon

    2017-06-08

    With the emergence of smart and converged home services, the need for the secure and easy interplay of various devices has been increased. Push Button Configuration (PBC) is one of the technologies proposed for easy set-up of a secure session between IT and consumer devices. Although the Wi-Fi Direct specification explicitly states that all devices must support the PBC method, its applicability is very limited. This is because the security vulnerability of PBC can be maliciously exploited so that attackers can make illegitimate sessions with consumer devices. To address this problem, this paper proposes a novel Security-enhanced PBC (SePBC) scheme with which we can uncover suspicious or malicious devices. The proposed mechanism has several unique features. First, we develop a secure handshake distance measurement protocol by preventing an adversary sitting outside the region from maliciously manipulating its distance to be fake. Second, it is compatible with the original Wi-Fi PBC without introducing a brand-new methodology. Finally, SePBC uses lightweight operations without CPU-intensive cryptography computation and employs inexpensive H/W. Moreover, it needs to incur little overhead when there is no attack. This paper also designs and implements the proposed SePBC in the real world. Our experimental results and analysis show that the proposed SePBC scheme effectively defeats attacks on PBC while minimizing the modification of the original PBC equipment.

  17. IT Security Support for the Spaceport Command Control Systems Development Ground Support Development Operations

    Science.gov (United States)

    Branch, Drew A.

    2014-01-01

    Security is one of the most if not the most important areas today. After the several attacks on the United States, security everywhere has heightened from airports to the communication among the military branches legionnaires. With advanced persistent threats (APT's) on the rise following Stuxnet, government branches and agencies are required, more than ever, to follow several standards, policies and procedures to reduce the likelihood of a breach. Attack vectors today are very advanced and are going to continue to get more and more advanced as security controls advance. This creates a need for networks and systems to be in an updated and secured state in a launch control system environment. FISMA is a law that is mandated by the government to follow when government agencies secure networks and devices. My role on this project is to ensure network devices and systems are in compliance with NIST, as outlined in FISMA. I will achieve this by providing assistance with security plan documentation and collection, system hardware and software inventory, malicious code and malware scanning, and configuration of network devices i.e. routers and IDS's/IPS's. In addition, I will be completing security assessments on software and hardware, vulnerability assessments and reporting, and conducting patch management and risk assessments. A guideline that will help with compliance with NIST is the SANS Top 20 Critical Controls. SANS Top 20 Critical Controls as well as numerous security tools, security software and the conduction of research will be used to successfully complete the tasks given to me. This will ensure compliance with FISMA and NIST, secure systems and a secured network. By the end of this project, I hope to have carried out the tasks stated above as well as gain an immense knowledge about compliance, security tools, networks and network devices, as well as policies and procedures.

  18. Designing a Secure E-commerce with Credential Purpose-based Access Control

    OpenAIRE

    Norjihan Abdul Ghani; Harihodin Selamat; Zailani Mohamed Sidek

    2014-01-01

    The rapid growth of e-commerce has created a great opportunities for both businesses and end users. The essential e-commerce process is required for the successful operation and management of e-commerce activities. One of the processes is access control and security. E-commerce must establish a secure access between the parties in an e-commerce transaction by authenticating users, authorizing access, and enforcing security features. The e-commerce application must authorize access to only tho...

  19. Safety Evaluation Approach with Security Controls for Safety I and C Systems on Nuclear Power Plants

    International Nuclear Information System (INIS)

    Kim, D. H.; Jeong, S. Y.; Kim, Y. M.; Park, H. S.; Lee, M. S.; Kim, T. H.

    2016-01-01

    This paper addresses concepts of safety and security and relations between them for assessing effects of security features in safety systems. Also, evaluation approach for avoiding confliction with safety requirements and cyber security features which may be adopted in safety-related digital I and C system will be described. In this paper, safety-security life cycle model based confliction avoidance method was proposed to evaluate the effects when the cyber security control features are implemented in the safety I and C system. Also, safety effect evaluation results using the proposed evaluation method were described. In case of technical security controls, many of them are expected to conflict with safety requirements, otherwise operational and managerial controls are not relatively. Safety measures and cyber security measures for nuclear power plants should be implemented not to conflict with one another. Where safety function and security features are both required within the systems, and also where security features are implemented within safety systems, they should be justified

  20. Safety Evaluation Approach with Security Controls for Safety I and C Systems on Nuclear Power Plants

    Energy Technology Data Exchange (ETDEWEB)

    Kim, D. H.; Jeong, S. Y.; Kim, Y. M.; Park, H. S. [KINS, Daejeon (Korea, Republic of); Lee, M. S.; Kim, T. H. [Formal Works Inc., Seoul (Korea, Republic of)

    2016-05-15

    This paper addresses concepts of safety and security and relations between them for assessing effects of security features in safety systems. Also, evaluation approach for avoiding confliction with safety requirements and cyber security features which may be adopted in safety-related digital I and C system will be described. In this paper, safety-security life cycle model based confliction avoidance method was proposed to evaluate the effects when the cyber security control features are implemented in the safety I and C system. Also, safety effect evaluation results using the proposed evaluation method were described. In case of technical security controls, many of them are expected to conflict with safety requirements, otherwise operational and managerial controls are not relatively. Safety measures and cyber security measures for nuclear power plants should be implemented not to conflict with one another. Where safety function and security features are both required within the systems, and also where security features are implemented within safety systems, they should be justified.

  1. Main control computer security model of closed network systems protection against cyber attacks

    Science.gov (United States)

    Seymen, Bilal

    2014-06-01

    The model that brings the data input/output under control in closed network systems, that maintains the system securely, and that controls the flow of information through the Main Control Computer which also brings the network traffic under control against cyber-attacks. The network, which can be controlled single-handedly thanks to the system designed to enable the network users to make data entry into the system or to extract data from the system securely, intends to minimize the security gaps. Moreover, data input/output record can be kept by means of the user account assigned for each user, and it is also possible to carry out retroactive tracking, if requested. Because the measures that need to be taken for each computer on the network regarding cyber security, do require high cost; it has been intended to provide a cost-effective working environment with this model, only if the Main Control Computer has the updated hardware.

  2. Management of Control System Information SecurityI: Control System Patch Management

    Energy Technology Data Exchange (ETDEWEB)

    Quanyan Zhu; Miles McQueen; Craig Rieger; Tamer Basar

    2011-09-01

    The use of information technologies in control systems poses additional potential threats due to the frequent disclosure of software vulnerabilities. The management of information security involves a series of policy-making on the vulnerability discovery, disclosure, patch development and patching. In this paper, we use a system approach to devise a model to understand the interdependencies of these decision processes. In more details, we establish a theoretical framework for making patching decision for control systems, taking into account the requirement of functionability of control systems. We illustrate our results with numerical simulations and show that the optimal operation period of control systems given the currently estimated attack rate is roughly around a half a month.

  3. Virtualization Security Combining Mandatory Access Control and Virtual Machine Introspection

    OpenAIRE

    Win, Thu Yein; Tianfield, Huaglory; Mair, Quentin

    2014-01-01

    Virtualization has become a target for attacks in cloud computing environments. Existing approaches to protecting the virtualization environment against the attacks are limited in protection scope and are with high overheads. This paper proposes a novel virtualization security solution which aims to provide comprehensive protection of the virtualization environment.

  4. Social security, dynamic efficiency and self-control problems

    NARCIS (Netherlands)

    Bucciol, A.

    2008-01-01

    We develop an OLG model with uncertainty on labor income and death age to study the welfare implications of unfunded Social Security programs in an economy where agents are affected by temptation à la Gul and Pesendorfer (2001, Econometrica 69, 1403). Tempted agents give additional value to the

  5. From control system security indices to attack identifiability

    NARCIS (Netherlands)

    Herdeiro Teixeira, A.M.; Sandberg, H

    2016-01-01

    In this paper, we investigate detectability and identifiability of attacks on linear dynamical systems that are subjected to external disturbances. We generalize a concept for a security index, which was previously introduced for static systems. The index exactly quantifies the resources

  6. Measures for regional security and arms control in the South-East Asian area

    International Nuclear Information System (INIS)

    Uren, R.T.

    1992-01-01

    The subject of regional security and arms control in the South-East Asia raises some new and difficult issues. No approach to ensuring regional security could be complete without military dimension including the following categories: regional arms control; global arms control measure; confidence building measures that are designed to enhance the transparency of defense policies; confidence building measures that encourage cooperation among the military forces in the region

  7. Autonomy-based security design: the allocation of cash flow and control rights

    NARCIS (Netherlands)

    Boot, A.W.A.; Song, F.; Thakor, A.V.

    2005-01-01

    We derive debt, equity, convertible debt and asset-backed debt securities as optimal security designs in an environment in which the owner-manager has an endogenous control preference - a desire for autonomy - arising from the anticipation of future disagreement with investors over a

  8. 10 CFR 76.111 - Physical security, material control and accounting, and protection of certain information.

    Science.gov (United States)

    2010-01-01

    ... significance (Category III), and for protection of Restricted Data, National Security Information, Safeguards... 10 Energy 2 2010-01-01 2010-01-01 false Physical security, material control and accounting, and protection of certain information. 76.111 Section 76.111 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED...

  9. Load control services in the management of power system security costs

    International Nuclear Information System (INIS)

    Jayantilal, A.; Strbac, G.

    1999-01-01

    The new climate of deregulation in the electricity industry is creating a need for a more transparent cost structure and within this framework the cost of system security has been a subject of considerable interest. Traditionally power system security has been supplied by out-of-merit generation, in the short term, and transmission reinforcement, in the long term. This paper presents a method of analysing the role of load-demand in the management of power system security costs by utilising load control services (LCS). It also proposes a competitive market to enable bidding from various participants within the electricity industry to supply system security. (author)

  10. Information security management handbook

    CERN Document Server

    Tipton, Harold F

    2006-01-01

    Access Control Systems and Methodology. Telecommunications and Network Security. Security Management Practices. Application Program Security. Cryptography. Computer, System, and Security Architecture. Operations Security. Business Continuity Planning and Disaster Recovery Planning. Law, Investigation and Ethics. Physical Security.

  11. SOME QUESTIONS OF THE GRID AND NEURAL NETWORK MODELING OF AIRPORT AVIATION SECURITY CONTROL TASKS

    Directory of Open Access Journals (Sweden)

    N. Elisov Lev

    2017-01-01

    Full Text Available The authors’ original problem-solution-approach concerning aviation security management in civil aviation apply- ing parallel calculation processes method and the usage of neural computers is considered in this work. The statement of secure environment modeling problems for grid models and with the use of neural networks is presented. The research sub- ject area of this article is airport activity in the field of civil aviation, considered in the context of aviation security, defined as the state of aviation security against unlawful interference with the aviation field. The key issue in this subject area is aviation safety provision at an acceptable level. In this case, airport security level management becomes one of the main objectives of aviation security. Aviation security management is organizational-regulation in modern systems that can no longer correspond to changing requirements, increasingly getting complex and determined by external and internal envi- ronment factors, associated with a set of potential threats to airport activity. Optimal control requires the most accurate identification of management parameters and their quantitative assessment. The authors examine the possibility of applica- tion of mathematical methods for the modeling of security management processes and procedures in their latest works. Par- allel computing methods and network neurocomputing for modeling of airport security control processes are examined in this work. It is shown that the methods’ practical application of the methods is possible along with the decision support system, where the decision maker plays the leading role.

  12. A Security Assessment Approach with Graded Importance Score of Security Controls and Asset Consequence for I and C Systems in Operating NPPs

    Energy Technology Data Exchange (ETDEWEB)

    Lee, Sooill; Kim, Yong Sik; Moon, Insun; Lee, Euijong [KHNP CRI, Daejeon (Korea, Republic of)

    2016-10-15

    This paper introduces a security assessment approach with graded importance score of security controls and the asset consequence through an asset and risk analysis to manage the security levels in operating NPPs (Nuclear Power Plants). Whereas, those are being exposed to various types of new and existing cyber threats, vulnerabilities and risks which significantly increase the likelihood that those could be compromised. U.S. NRC(United States Nuclear Regulatory Commission) and KINAC(Korea Institute of Nuclear Nonproliferation And Control) request the cyber security plan by establishing the cyber security program through assessing and managing the potential for adverse effect on safety, security and emergency preparedness functions so as to provide high assurance that critical functions are properly protected from the cyber-attack. This paper shows the security assessment approach with graded importance score of security controls and the asset consequence. It could lead to manage the security levels consistent with the purpose of defense in- depth strategy based on regulatory rule as well as internal risk-based self-assessment. Also, this management of the security level may make effect of encouraging the installation of high ranked countermeasures in order to rapidly increase the security level. Proposed approach could be conducted for the pilot test on the model plants with each reactor type of operating NPPs.

  13. A Security Assessment Approach with Graded Importance Score of Security Controls and Asset Consequence for I and C Systems in Operating NPPs

    International Nuclear Information System (INIS)

    Lee, Sooill; Kim, Yong Sik; Moon, Insun; Lee, Euijong

    2016-01-01

    This paper introduces a security assessment approach with graded importance score of security controls and the asset consequence through an asset and risk analysis to manage the security levels in operating NPPs (Nuclear Power Plants). Whereas, those are being exposed to various types of new and existing cyber threats, vulnerabilities and risks which significantly increase the likelihood that those could be compromised. U.S. NRC(United States Nuclear Regulatory Commission) and KINAC(Korea Institute of Nuclear Nonproliferation And Control) request the cyber security plan by establishing the cyber security program through assessing and managing the potential for adverse effect on safety, security and emergency preparedness functions so as to provide high assurance that critical functions are properly protected from the cyber-attack. This paper shows the security assessment approach with graded importance score of security controls and the asset consequence. It could lead to manage the security levels consistent with the purpose of defense in- depth strategy based on regulatory rule as well as internal risk-based self-assessment. Also, this management of the security level may make effect of encouraging the installation of high ranked countermeasures in order to rapidly increase the security level. Proposed approach could be conducted for the pilot test on the model plants with each reactor type of operating NPPs

  14. A Classification Method of Technical Security Controls for Digital I and C Systems in NPPs

    International Nuclear Information System (INIS)

    Song, J. G.; Lee, J. W.; Park, G. Y.; Kwon, K. C.; Lee, D. Y.; Lee, C. K.

    2012-01-01

    The instrumentation and control (I and C) systems in nuclear power plants (NPPs) are a key facility to monitor plant state, control plant devices, and prevent accidents. Recent I and C systems have been composed of digital systems in order to enhance the effectiveness of operation and maintenance of NPPs. An assessment method for the analysis of security controls is needed to respond to potential cyber attacks against digital I and C systems. RG 5.71 'Cyber Security Programs for Nuclear Facilities' published by U.S.NRC in 2010 presents a comprehensive set of security controls for NPPs. Although this document provides the requirements of security controls, a guidance describing which security controls should be applied to specific digital assets and how to implement them is still needed for the I and C system design and development. In this paper, a classification method of the technical security controls listed in RG 5.71 is proposed to provide a guide useful for the application of the controls during the design and implementation phases of I and C systems

  15. A Classification Method of Technical Security Controls for Digital I and C Systems in NPPs

    Energy Technology Data Exchange (ETDEWEB)

    Song, J. G.; Lee, J. W.; Park, G. Y.; Kwon, K. C.; Lee, D. Y.; Lee, C. K. [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

    2012-05-15

    The instrumentation and control (I and C) systems in nuclear power plants (NPPs) are a key facility to monitor plant state, control plant devices, and prevent accidents. Recent I and C systems have been composed of digital systems in order to enhance the effectiveness of operation and maintenance of NPPs. An assessment method for the analysis of security controls is needed to respond to potential cyber attacks against digital I and C systems. RG 5.71 'Cyber Security Programs for Nuclear Facilities' published by U.S.NRC in 2010 presents a comprehensive set of security controls for NPPs. Although this document provides the requirements of security controls, a guidance describing which security controls should be applied to specific digital assets and how to implement them is still needed for the I and C system design and development. In this paper, a classification method of the technical security controls listed in RG 5.71 is proposed to provide a guide useful for the application of the controls during the design and implementation phases of I and C systems

  16. Colombia: Surveillance, Private Security and Gun Control 1994 -2013

    OpenAIRE

    María Stella Baracaldo Méndez

    2014-01-01

    The culture of reglating behavior in the defense of human life is as ancient as social interaction itself. Both are necessarily mutually related in order to achieve coexistence, security, and justice, according to the covenants established in each society. In the modern State, the Universal Declaration of the Rights of Man, and the Citizen led to institutionalizing public force to achieve these objectives. In the western world, this operates from the principle of “monopoly of legitimate physi...

  17. Wi-Fi Networks Security and Accessing Control

    OpenAIRE

    Tarek S. Sobh

    2013-01-01

    As wireless networks access gains popularity in corporate, private and personal networks, the nature of wireless networks opens up new possibilities for network attacks. This paper negotiating Wi-Fi security against scanning of rogue Wi-Fi networks and other related activities and considers the monitoring of Wi-Fi traffic effects. The unauthorized access point (AP) problem has raised more attention and resulted in obtaining wireless access without subscriber permission.This work assumes Wi-Fi...

  18. Nuclear Security Recommendations on Nuclear and other Radioactive Material out of Regulatory Control: Recommendations (Spanish Edition)

    International Nuclear Information System (INIS)

    2012-01-01

    This publication presents recommendations for the nuclear security of nuclear and other radioactive material that is out of regulatory control. It is based on national experiences and practices and guidance publications in the field of security as well as the nuclear security related international instruments. The recommendations include guidance for States with regard to the nuclear security of nuclear and other radioactive material that has been reported as being out of regulatory control as well as for material that is lost, missing or stolen but has not been reported as such, or has been otherwise discovered. In addition, these recommendations adhere to the detection and assessment of alarms and alerts and to a graded response to criminal or unauthorized acts with nuclear security implications.

  19. Nuclear Security Recommendations on Nuclear and Other Radioactive Material out of Regulatory Control: Recommendations (Arabic Edition)

    International Nuclear Information System (INIS)

    2012-01-01

    This publication presents recommendations for the nuclear security of nuclear and other radioactive material that is out of regulatory control. It is based on national experiences and practices and guidance publications in the ? field of security as well as the nuclear security related international instruments. The recommendations include guidance for States with regard to the nuclear security of nuclear and other radioactive material that has been reported as being out of regulatory control as well as for material that is lost, missing or stolen but has not been reported as such, or has been otherwise discovered. In addition, these recommendations adhere to the detection and assessment of alarms and alerts and to a graded response to criminal or unauthorized acts with nuclear security implications.

  20. Nuclear Security Recommendations on Nuclear and Other Radioactive Material out of Regulatory Control: Recommendations

    International Nuclear Information System (INIS)

    2011-01-01

    This publication presents recommendations for the nuclear security of nuclear and other radioactive material that is out of regulatory control. It is based on national experiences and practices and guidance publications in the field of security as well as the nuclear security related international instruments. The recommendations include guidance for States with regard to the nuclear security of nuclear and other radioactive material that has been reported as being out of regulatory control as well as for material that is lost, missing or stolen but has not been reported as such, or has been otherwise discovered. In addition, these recommendations adhere to the detection and assessment of alarms and alerts and to a graded response to criminal or unauthorized acts with nuclear security implications

  1. Nuclear Security Recommendations on Nuclear and Other Radioactive Material out of Regulatory Control: Recommendations (Russian Edition)

    International Nuclear Information System (INIS)

    2011-01-01

    This publication presents recommendations for the nuclear security of nuclear and other radioactive material that is out of regulatory control. It is based on national experiences and practices and guidance publications in the field of security as well as the nuclear security related international instruments. The recommendations include guidance for States with regard to the nuclear security of nuclear and other radioactive material that has been reported as being out of regulatory control as well as for material that is lost, missing or stolen but has not been reported as such, or has been otherwise discovered. In addition, these recommendations adhere to the detection and assessment of alarms and alerts and to a graded response to criminal or unauthorized acts with nuclear security implications.

  2. Conceptual Design Approach to Implementing Hardware-based Security Controls in Data Communication Systems

    Energy Technology Data Exchange (ETDEWEB)

    Ibrahim, Ahmad Salah; Jung, Jaecheon [KEPCO International Nuclear Graduate School, Ulsan (Korea, Republic of)

    2016-10-15

    In the Korean Advanced Power Reactor (APR1400), safety control systems network is electrically isolated and physically separated from non-safety systems data network. Unidirectional gateways, include data diode fiber-optic cabling and computer-based servers, transmit the plant safety critical parameters to the main control room (MCR) for control and monitoring processes. The data transmission is only one-way from safety to non-safety. Reverse communication is blocked so that safety systems network is protected from potential cyberattacks or intrusions from non-safety side. Most of commercials off-the-shelf (COTS) security devices are software-based solutions that require operating systems and processors to perform its functions. Field Programmable Gate Arrays (FPGAs) offer digital hardware solutions to implement security controls such as data packet filtering and deep data packet inspection. This paper presents a conceptual design to implement hardware-based network security controls for maintaining the availability of gateway servers. A conceptual design of hardware-based network security controls was discussed in this paper. The proposed design is aiming at utilizing the hardware-based capabilities of FPGAs together with filtering and DPI functions of COTS software-based firewalls and intrusion detection and prevention systems (IDPS). The proposed design implemented a network security perimeter between the DCN-I zone and gateway servers zone. Security control functions are to protect the gateway servers from potential DoS attacks that could affect the data availability and integrity.

  3. Conceptual Design Approach to Implementing Hardware-based Security Controls in Data Communication Systems

    International Nuclear Information System (INIS)

    Ibrahim, Ahmad Salah; Jung, Jaecheon

    2016-01-01

    In the Korean Advanced Power Reactor (APR1400), safety control systems network is electrically isolated and physically separated from non-safety systems data network. Unidirectional gateways, include data diode fiber-optic cabling and computer-based servers, transmit the plant safety critical parameters to the main control room (MCR) for control and monitoring processes. The data transmission is only one-way from safety to non-safety. Reverse communication is blocked so that safety systems network is protected from potential cyberattacks or intrusions from non-safety side. Most of commercials off-the-shelf (COTS) security devices are software-based solutions that require operating systems and processors to perform its functions. Field Programmable Gate Arrays (FPGAs) offer digital hardware solutions to implement security controls such as data packet filtering and deep data packet inspection. This paper presents a conceptual design to implement hardware-based network security controls for maintaining the availability of gateway servers. A conceptual design of hardware-based network security controls was discussed in this paper. The proposed design is aiming at utilizing the hardware-based capabilities of FPGAs together with filtering and DPI functions of COTS software-based firewalls and intrusion detection and prevention systems (IDPS). The proposed design implemented a network security perimeter between the DCN-I zone and gateway servers zone. Security control functions are to protect the gateway servers from potential DoS attacks that could affect the data availability and integrity

  4. Controls Over Operating System and Security Software Supporting the Defense Finance and Accounting Service

    National Research Council Canada - National Science Library

    1993-01-01

    ... programs from one another. Security software provides access controls that restrict the use of computer resources to authorized individuals and limit those individuals to the computer resources required to perform their jobs...

  5. Controls Over Operating System and Security Software Supporting the Defense Finance and Accounting Service

    National Research Council Canada - National Science Library

    McKinney, Terry

    1994-01-01

    This is the final in a series of three audits of management controls over the operating systems and security software used by the information processing centers that support the Defense Finance and Accounting Centers (DFAS...

  6. Summary of Security Control Audits of DoD Finance and Accounting Systems

    National Research Council Canada - National Science Library

    2001-01-01

    .... The Act requires DoD to develop a cost-effective security control program that continually assesses risk, is tested and evaluated periodically, and is approved by the Director, Office of Management and Budget...

  7. SAFCM: A Security-Aware Feedback Control Mechanism for Distributed Real-Time Embedded Systems

    DEFF Research Database (Denmark)

    Ma, Yue; Jiang, Wei; Sang, Nan

    2012-01-01

    Distributed Real-time Embedded (DRE) systems are facing great challenges in networked, unpredictable and especially unsecured environments. In such systems, there is a strong need to enforce security on distributed computing nodes in order to guard against potential threats, while satisfying......-time systems, a multi-input multi-output feedback loop is designed and a model predictive controller is deployed based on an equation model that describes the dynamic behavior of the DRE systems. This control loop uses security level scaling to globally control the CPU utilization and security performance...... for the whole system. We propose a "security level" metric based on an evolution of cryptography algorithms used in embedded systems. Experimental results demonstrate that SAFCM not only has the excellent adaptivity compared to open-loop mechanism, but also has a better overall performance than PID control...

  8. A Study of Cyber Security Activities for Development of Safety-related Controller

    Energy Technology Data Exchange (ETDEWEB)

    Lee, Myeongkyun; Song, Seunghwan; Yoo, Kwanwoo; Yun, Donghwa [Korea Univ., Seoul (Korea, Republic of)

    2014-05-15

    Nuclear Power Plant Regulatory guide describes the regulatory requirements to implement cyber security activities to ensure that design and operate to respond to cyber threats that exploited to vulnerability of digital-based technologies associated with safety-related digital instrumentation and control systems at nuclear power plants. Cyber security activities coverage is instrumentation and control systems to perform safety functions and digital-based equipment to use development, test, analysis and asset for instrumentation and control systems. Regulatory guidance is required to the cyber security activities that should be performed in each development phase of safety-related controller. Development organization should establish and implement to cyber security plans for responding to cyber threats throughout each lifecycle phase and the result of the cyber security activities should be generated to the documents. In addition, the independent verification and validation organization should perform simulated penetration test for enhancing response capabilities to cyber security threats and development organization should establish and implement response hardening solutions for the cyber security vulnerabilities identified in the simulated penetration test.

  9. A Study of Cyber Security Activities for Development of Safety-related Controller

    International Nuclear Information System (INIS)

    Lee, Myeongkyun; Song, Seunghwan; Yoo, Kwanwoo; Yun, Donghwa

    2014-01-01

    Nuclear Power Plant Regulatory guide describes the regulatory requirements to implement cyber security activities to ensure that design and operate to respond to cyber threats that exploited to vulnerability of digital-based technologies associated with safety-related digital instrumentation and control systems at nuclear power plants. Cyber security activities coverage is instrumentation and control systems to perform safety functions and digital-based equipment to use development, test, analysis and asset for instrumentation and control systems. Regulatory guidance is required to the cyber security activities that should be performed in each development phase of safety-related controller. Development organization should establish and implement to cyber security plans for responding to cyber threats throughout each lifecycle phase and the result of the cyber security activities should be generated to the documents. In addition, the independent verification and validation organization should perform simulated penetration test for enhancing response capabilities to cyber security threats and development organization should establish and implement response hardening solutions for the cyber security vulnerabilities identified in the simulated penetration test

  10. Requirements for Scalable Access Control and Security Management Architectures

    National Research Council Canada - National Science Library

    Keromytis, Angelos D; Smith, Jonathan M

    2005-01-01

    Maximizing local autonomy has led to a scalable Internet. Scalability and the capacity for distributed control have unfortunately not extended well to resource access control policies and mechanisms...

  11. Colombia: Surveillance, Private Security and Gun Control 1994 -2013

    Directory of Open Access Journals (Sweden)

    María Stella Baracaldo Méndez

    2014-11-01

    Full Text Available The culture of reglating behavior in the defense of human life is as ancient as social interaction itself. Both are necessarily mutually related in order to achieve coexistence, security, and justice, according to the covenants established in each society. In the modern State, the Universal Declaration of the Rights of Man, and the Citizen led to institutionalizing public force to achieve these objectives. In the western world, this operates from the principle of “monopoly of legitimate physical violence” postulated by Weber. This is the political device for the distribution and conservation of power.However, the great transformation, “during the second half of the twentieth century, involving the global economic markets and the system of nation states through daily life and the psychological dynamic of families and individuals,” according to David Garland (2005, p. 141 generated a shift in the matters handled by the State, including people’s security, tranquility, care for their assets, and elements in the environment that make life possible.In Colombia, the force of law and order predominantly focuses its attention on high-impact crime, and very little on citizen conflicts affecting coexistence. Meanwhile, private surveillance and security have skyrocketed in caring for the integrity and assets of private citizens, through mechanisms and means such as firearms, which had formerly been forthe exclusive use of the members of forces of law and order.DOI: http://dx.doi.org/10.5377/rpsp.v4i1.1576

  12. Cyber Security Scenarios and Control for Small and Medium Enterprises

    OpenAIRE

    Nilaykumar Kiran SANGANI; Balakrishnan VIJAYAKUMAR

    2012-01-01

    As the world advances towards the computing era, security threats keeps on increasing in the form of malware, viruses, internet attack, theft of IS assets / technology and a lot more. This is a major concern for any form of business. Loss in company’s status / liability / reputation is a huge downfall for a running business. We have witnessed the attacks getting carried out; large firm’s data getting breached / government bodies’ sites getting phished / attacked. These huge entities hav...

  13. Quantitative Analysis of the Security of Software-Defined Network Controller Using Threat/Effort Model

    Directory of Open Access Journals (Sweden)

    Zehui Wu

    2017-01-01

    Full Text Available SDN-based controller, which is responsible for the configuration and management of the network, is the core of Software-Defined Networks. Current methods, which focus on the secure mechanism, use qualitative analysis to estimate the security of controllers, leading to inaccurate results frequently. In this paper, we employ a quantitative approach to overcome the above shortage. Under the analysis of the controller threat model we give the formal model results of the APIs, the protocol interfaces, and the data items of controller and further provide our Threat/Effort quantitative calculation model. With the help of Threat/Effort model, we are able to compare not only the security of different versions of the same kind controller but also different kinds of controllers and provide a basis for controller selection and secure development. We evaluated our approach in four widely used SDN-based controllers which are POX, OpenDaylight, Floodlight, and Ryu. The test, which shows the similarity outcomes with the traditional qualitative analysis, demonstrates that with our approach we are able to get the specific security values of different controllers and presents more accurate results.

  14. Nuclear security recommendations on nuclear and other radioactive material out of regulatory control: Recommendations

    International Nuclear Information System (INIS)

    2011-01-01

    The purpose of this publication is to provide guidance to States in strengthening their nuclear security regimes, and thereby contributing to an effective global nuclear security framework, by providing: - Recommendations to States and their competent authorities on the establishment or improvement of the capabilities of their nuclear security regimes, for carrying out effective strategies to deter, detect and respond to a criminal act, or an unauthorized act, with nuclear security implications, involving nuclear or other radioactive material that is out of regulatory control; - Recommendations to States in support of international cooperation aimed at ensuring that any nuclear or other radioactive material that is out of regulatory control, whether originating from within the State or from outside that State, is placed under regulatory control and the alleged offenders are, as appropriate, prosecuted or extradited

  15. The implementation of the situational control concept of information security in automated training systems

    Directory of Open Access Journals (Sweden)

    A. M. Chernih

    2016-01-01

    Full Text Available The main approaches to ensuring security of information in the automated training systems are considered, need of application of situational management of security of information for the automated training systems is proved, the mathematical model and a problem definition of situational control is offered, the technique of situational control of security of information is developed.The purpose of the study. The aim of the study is to base the application of situational control of information security by subsystem of the control and protection of information in automated learning systems and to develop implementation methods of the situational control concept.Materials and methods. It is assumed that the automated learning system is a fragment of a larger information system that contains several information paths, each of them treats different information in the protection degree from information, containing constituting state secrets, to open access information.It is considered that the technical methods, measures and means of information protection in automated learning systems implement less than half (30% functions of subsystems of control and protection information. The main part of the functions of this subsystem are organizational measures to protect information. It is obvious that the task of ensuring the security of information in automated learning systems associated with the adoption of decisions on rational selection and proper combination of technical methods and institutional arrangements. Conditions of practical application of automated learning systems change over time and transform the situation of such a decision, and this leads to the use of situational control methods.When situational control is implementing, task of the protection of information in automated learning system is solved by the subsystem control and protection of information by distributing the processes ensuring the security of information and resources of

  16. Control and Non-Payload Communications (CNPC) Prototype Radio - Generation 2 Security Flight Test Report

    Science.gov (United States)

    Iannicca, Dennis C.; Ishac, Joseph A.; Shalkhauser, Kurt A.

    2015-01-01

    NASA Glenn Research Center (GRC), in cooperation with Rockwell Collins, is working to develop a prototype Control and Non-Payload Communications (CNPC) radio platform as part of NASA Integrated Systems Research Program's (ISRP) Unmanned Aircraft Systems (UAS) Integration in the National Airspace System (NAS) project. A primary focus of the project is to work with the Federal Aviation Administration (FAA) and industry standards bodies to build and demonstrate a safe, secure, and efficient CNPC architecture that can be used by industry to evaluate the feasibility of deploying a system using these technologies in an operational capacity. GRC has been working in conjunction with these groups to assess threats, identify security requirements, and to develop a system of standards-based security controls that can be applied to the GRC prototype CNPC architecture as a demonstration platform. The proposed security controls were integrated into the GRC flight test system aboard our S-3B Viking surrogate aircraft and several network tests were conducted during a flight on November 15th, 2014 to determine whether the controls were working properly within the flight environment. The flight test was also the first to integrate Robust Header Compression (ROHC) as a means of reducing the additional overhead introduced by the security controls and Mobile IPv6. The effort demonstrated the complete end-to-end secure CNPC link in a relevant flight environment.

  17. Controlling radioactive sources. Stronger 'cradle-to-grave' security needed, IAEA says

    International Nuclear Information System (INIS)

    2002-01-01

    This article highlights the IAEA activities in the field of radiation safety and security of radiation sources and other radioactive materials in its Member States. The IAEA has been active in lending its expertise to search out and secure orphaned sources in several countries. Additionally more than 70 States have joined with the IAEA to collect and share information on trafficking incidents and other unauthorized movements of radioactive sources and other radioactive materials. In March 2002 the IAEA Board of Governors approved a multi-faceted Action plan to Combat Nuclear Terrorism that includes upgrading radiation safety and security. One programme is designed to ensure that significant, uncontrolled radioactive sources are brought under regulatory control and properly secured by providing assistance to Member States in their efforts to identify, locate and secure or dispose of orphan sources

  18. Intelligent monitoring, control, and security of critical infrastructure systems

    CERN Document Server

    Polycarpou, Marios

    2015-01-01

    This book describes the challenges that critical infrastructure systems face, and presents state of the art solutions to address them. How can we design intelligent systems or intelligent agents that can make appropriate real-time decisions in the management of such large-scale, complex systems? What are the primary challenges for critical infrastructure systems? The book also provides readers with the relevant information to recognize how important infrastructures are, and their role in connection with a society’s economy, security and prosperity. It goes on to describe state-of-the-art solutions to address these points, including new methodologies and instrumentation tools (e.g. embedded software and intelligent algorithms) for transforming and optimizing target infrastructures. The book is the most comprehensive resource to date for professionals in both the private and public sectors, while also offering an essential guide for students and researchers in the areas of modeling and analysis of critical in...

  19. Preventive Security-Constrained Optimal Power Flow Considering UPFC Control Modes

    Directory of Open Access Journals (Sweden)

    Xi Wu

    2017-08-01

    Full Text Available The successful application of the unified power flow controller (UPFC provides a new control method for the secure and economic operation of power system. In order to make the full use of UPFC and improve the economic efficiency and static security of a power system, a preventive security-constrained power flow optimization method considering UPFC control modes is proposed in this paper. Firstly, an iterative method considering UPFC control modes is deduced for power flow calculation. Taking into account the influence of different UPFC control modes on the distribution of power flow after N-1 contingency, the optimization model is then constructed by setting a minimal system operation cost and a maximum static security margin as the objective. Based on this model, the particle swarm optimization (PSO algorithm is utilized to optimize power system operating parameters and UPFC control modes simultaneously. Finally, a standard IEEE 30-bus system is utilized to demonstrate that the proposed method fully exploits the potential of static control of UPFC and significantly increases the economic efficiency and static security of the power system.

  20. Attack tree based cyber security analysis of nuclear digital instrumentation and control systems

    International Nuclear Information System (INIS)

    Khand, P.A.

    2009-01-01

    To maintain the cyber security, nuclear digital Instrumentation and Control (I and C) systems must be analyzed for security risks because a single security breach due to a cyber attack can cause system failure, which can have catastrophic consequences on the environment and staff of a Nuclear Power Plant (NPP). Attack trees have been widely used to analyze the cyber security of digital systems due to their ability to capture system specific as well as attacker specific details. Therefore, a methodology based on attack trees has been proposed to analyze the cyber security of the systems. The methodology has been applied for the Cyber Security Analysis (CSA) of a Bistable Processor (BP) of a Reactor Protection System (RPS). Threats have been described according to their source. Attack scenarios have been generated using the attack tree and possible counter measures according to the Security Risk Level (SRL) of each scenario have been suggested. Moreover, cyber Security Requirements (SRs) have been elicited, and suitability of the requirements has been checked. (author)

  1. Semi-quantum communication: protocols for key agreement, controlled secure direct communication and dialogue

    Science.gov (United States)

    Shukla, Chitra; Thapliyal, Kishore; Pathak, Anirban

    2017-12-01

    Semi-quantum protocols that allow some of the users to remain classical are proposed for a large class of problems associated with secure communication and secure multiparty computation. Specifically, first-time semi-quantum protocols are proposed for key agreement, controlled deterministic secure communication and dialogue, and it is shown that the semi-quantum protocols for controlled deterministic secure communication and dialogue can be reduced to semi-quantum protocols for e-commerce and private comparison (socialist millionaire problem), respectively. Complementing with the earlier proposed semi-quantum schemes for key distribution, secret sharing and deterministic secure communication, set of schemes proposed here and subsequent discussions have established that almost every secure communication and computation tasks that can be performed using fully quantum protocols can also be performed in semi-quantum manner. Some of the proposed schemes are completely orthogonal-state-based, and thus, fundamentally different from the existing semi-quantum schemes that are conjugate coding-based. Security, efficiency and applicability of the proposed schemes have been discussed with appropriate importance.

  2. Mapping the coverage of security controls in cyber insurance proposal forms

    OpenAIRE

    Woods, D; Agrafiotis, I; Nurse, JRC; Creese, S

    2017-01-01

    Policy discussions often assume that wider adoption of cyber insurance will promote information security best practice. However, this depends on the process that applicants need to go through to apply for cyber insurance. A typical process would require an applicant to fill out a proposal form, which is a self-assessed questionnaire. In this paper, we examine 24 proposal forms, offered by insurers based in the UK and the US, to determine which security controls are present in the ...

  3. Future Direction of the Instrumentation and Control System for Security of Nuclear Facilities

    International Nuclear Information System (INIS)

    Kim, Woo Jin; Kim, Jae Kwang

    2014-01-01

    Instrumentation and control systems are pervasively used as a vital component in modern industries. Nuclear facilities, such as nuclear power plants (NPPs), originally use I and C systems for plant status monitoring, processes control, and many other purposes. After some events that raised security concerns, application areas of I and C systems have been expanded to physical protection of nuclear material and facilities. As nuclear policies over the world are strengthening security issues, the future direction of roles and technical requirements of security related I and C systems is described: An introduction of I and C systems, especially digitalized I and C systems, to security of nuclear facilities requires many careful considerations, such as system integration, verification and validation (V/V), etc. Institute of Nuclear Nonproliferation and Control (KINAC) established 'International Nuclear Nonproliferation and Security Academy, INSA' in 2014. One of the main achievements of INSA is test-bed implementation for technical criteria development of nuclear facilities' physical protection systems (PPSs) as well as for education and training of those systems. The test bed was modified and improved more suitably from the previous version to modern PPSs including state-of-the-art I and C technologies. KINAC is confident in the new test bed to become a fundamental technical basis of security related I and C systems in near future

  4. Human engineering considerations in designing a computerized controlled access security system

    International Nuclear Information System (INIS)

    Moore, J.W.; Banks, W.W.

    1988-01-01

    This paper describes a human engineering effort in the design of a major security system upgrade at Lawrence Livermore National Laboratory. This upgrade was to be accomplished by replacing obsolete and difficult-to-man (i.e., multiple operator task actions required) security equipment and systems with a new, automated, computer-based access control system. The initial task was to assist the electronic and mechanical engineering staff in designing a computerized security access system too functionally and ergonomically accommodate 100% of the Laboratory user population. The new computerized access system was intended to control entry into sensitive exclusion areas by requiring personnel to use an entry booth-based system and/or a remote access control panel system. The primary user interface with the system was through a control panel containing a magnetic card reader, function buttons, LCD display, and push-button keypad

  5. Development of a Quantitative Method for Evaluating the Efficacy of Cyber Security Controls in NPPs based on Intrusion Tolerant Concept

    International Nuclear Information System (INIS)

    Lee, Chanyoung; Seong, Poong Hyun

    2017-01-01

    Digital I and C systems have been developed and installed in nuclear power plants (NPPs). However, due to installation of digital I and C systems, cyber security concerns are increasing in the nuclear industry. In order to provide useful information about cyber security issues, many regulatory documents, guides and standards were already published in the nuclear industry. The documents include cyber security plans, methods for cyber security assessments and comprehensive set of security controls. In order for useful information about cyber security issues, many regulatory documents, guides and standards have been already published in the nuclear industry. However, there are still difficulties when it comes to deciding which security controls are needed and to defining appropriate security control requirements. It is because practical examples for the application of security controls have not been available to system designers and there is a lack of means for estimating the effectiveness of security controls. In this regard, this paper suggested a framework to quantitatively evaluate how much cyber security is improved when specific cyber security controls are applied in NPPs.

  6. Education Information Security: Improvements Made But Control Weaknesses Remain

    National Research Council Canada - National Science Library

    2001-01-01

    To assess the effectiveness of information system general controls in place to prevent unauthorized access, disclosure, and disruption to Education's primary accounting and payment system (i.e., EDCAPS...

  7. Inhibitory Control Mediates the Association between Perceived Stress and Secure Relationship Quality

    OpenAIRE

    Toria Herd; Mengjiao Li; Dominique Maciejewski; Jacob Lee; Kirby Deater-Deckard; Brooks King-Casas; Jungmeen Kim-Spoon

    2018-01-01

    Past research has demonstrated negative associations between exposure to stressors and quality of interpersonal relationships among children and adolescents. Nevertheless, underlying mechanisms of this association remain unclear. Chronic stress has been shown to disrupt prefrontal functioning in the brain, including inhibitory control abilities, and evidence is accumulating that inhibitory control may play an important role in secure interpersonal relationship quality, including peer problems...

  8. Tailoring NIST Security Controls for the Ground System: Selection and Implementation -- Recommendations for Information System Owners

    Science.gov (United States)

    Takamura, Eduardo; Mangum, Kevin

    2016-01-01

    The National Aeronautics and Space Administration (NASA) invests millions of dollars in spacecraft and ground system development, and in mission operations in the pursuit of scientific knowledge of the universe. In recent years, NASA sent a probe to Mars to study the Red Planet's upper atmosphere, obtained high resolution images of Pluto, and it is currently preparing to find new exoplanets, rendezvous with an asteroid, and bring a sample of the asteroid back to Earth for analysis. The success of these missions is enabled by mission assurance. In turn, mission assurance is backed by information assurance. The information systems supporting NASA missions must be reliable as well as secure. NASA - like every other U.S. Federal Government agency - is required to manage the security of its information systems according to federal mandates, the most prominent being the Federal Information Security Management Act (FISMA) of 2002 and the legislative updates that followed it. Like the management of enterprise information technology (IT), federal information security management takes a "one-size fits all" approach for protecting IT systems. While this approach works for most organizations, it does not effectively translate into security of highly specialized systems such as those supporting NASA missions. These systems include command and control (C&C) systems, spacecraft and instrument simulators, and other elements comprising the ground segment. They must be carefully configured, monitored and maintained, sometimes for several years past the missions' initially planned life expectancy, to ensure the ground system is protected and remains operational without any compromise of its confidentiality, integrity and availability. Enterprise policies, processes, procedures and products, if not effectively tailored to meet mission requirements, may not offer the needed security for protecting the information system, and they may even become disruptive to mission operations

  9. State of the Art Authentication, Access Control, and Secure Integration in Smart Grid

    Directory of Open Access Journals (Sweden)

    Neetesh Saxena

    2015-10-01

    Full Text Available The smart grid (SG is a promising platform for providing more reliable, efficient, and cost effective electricity to the consumers in a secure manner. Numerous initiatives across the globe are taken by both industry and academia in order to compile various security issues in the smart grid network. Unfortunately, there is no impactful survey paper available in the literature on authentications in the smart grid network. Therefore, this paper addresses the required objectives of an authentication protocol in the smart grid network along with the focus on mutual authentication, access control, and secure integration among different SG components. We review the existing authentication protocols, and analyze mutual authentication, privacy, trust, integrity, and confidentiality of communicating information in the smart grid network. We review authentications between the communicated entities in the smart grid, such as smart appliance, smart meter, energy provider, control center (CC, and home/building/neighborhood area network gateways (GW. We also review the existing authentication schemes for the vehicle-to-grid (V2G communication network along with various available secure integration and access control schemes. We also discuss the importance of the mutual authentication among SG entities while providing confidentiality and privacy preservation, seamless integration, and required access control with lower overhead, cost, and delay. This paper will help to provide a better understanding of current authentication, authorization, and secure integration issues in the smart grid network and directions to create interest among researchers to further explore these promising areas.

  10. Inhibitory Control Mediates the Association between Perceived Stress and Secure Relationship Quality.

    Science.gov (United States)

    Herd, Toria; Li, Mengjiao; Maciejewski, Dominique; Lee, Jacob; Deater-Deckard, Kirby; King-Casas, Brooks; Kim-Spoon, Jungmeen

    2018-01-01

    Past research has demonstrated negative associations between exposure to stressors and quality of interpersonal relationships among children and adolescents. Nevertheless, underlying mechanisms of this association remain unclear. Chronic stress has been shown to disrupt prefrontal functioning in the brain, including inhibitory control abilities, and evidence is accumulating that inhibitory control may play an important role in secure interpersonal relationship quality, including peer problems and social competence. In this prospective longitudinal study, we examine whether changes in inhibitory control, measured at both behavioral and neural levels, mediate the association between stress and changes in secure relationship quality with parents and peers. The sample included 167 adolescents (53% males) who were first recruited at age 13 or 14 years and assessed annually three times. Adolescents' inhibitory control was measured by their behavioral performance and brain activities, and adolescents self-reported perceived stress levels and relationship quality with mothers, fathers, and peers. Results suggest that behavioral inhibitory control mediates the association between perceived stress and adolescent's secure relationship quality with their mothers and fathers, but not their peers. In contrast, given that stress was not significantly correlated with neural inhibitory control, we did not further test the mediation path. Our results highlight the role of inhibitory control as a process through which stressful life experiences are related to impaired secure relationship quality between adolescents and their mothers and fathers.

  11. Inhibitory Control Mediates the Association between Perceived Stress and Secure Relationship Quality

    Directory of Open Access Journals (Sweden)

    Toria Herd

    2018-02-01

    Full Text Available Past research has demonstrated negative associations between exposure to stressors and quality of interpersonal relationships among children and adolescents. Nevertheless, underlying mechanisms of this association remain unclear. Chronic stress has been shown to disrupt prefrontal functioning in the brain, including inhibitory control abilities, and evidence is accumulating that inhibitory control may play an important role in secure interpersonal relationship quality, including peer problems and social competence. In this prospective longitudinal study, we examine whether changes in inhibitory control, measured at both behavioral and neural levels, mediate the association between stress and changes in secure relationship quality with parents and peers. The sample included 167 adolescents (53% males who were first recruited at age 13 or 14 years and assessed annually three times. Adolescents’ inhibitory control was measured by their behavioral performance and brain activities, and adolescents self-reported perceived stress levels and relationship quality with mothers, fathers, and peers. Results suggest that behavioral inhibitory control mediates the association between perceived stress and adolescent’s secure relationship quality with their mothers and fathers, but not their peers. In contrast, given that stress was not significantly correlated with neural inhibitory control, we did not further test the mediation path. Our results highlight the role of inhibitory control as a process through which stressful life experiences are related to impaired secure relationship quality between adolescents and their mothers and fathers.

  12. Power system security enhancement with unified power flow controller under multi-event contingency conditions

    Directory of Open Access Journals (Sweden)

    S. Ravindra

    2017-03-01

    Full Text Available Power system security analysis plays key role in enhancing the system security and to avoid the system collapse condition. In this paper, a novel severity function is formulated using transmission line loadings and bus voltage magnitude deviations. The proposed severity function and generation fuel cost objectives are analyzed under transmission line(s and/or generator(s contingency conditions. The system security under contingency conditions is analyzed using optimal power flow problem. An improved teaching learning based optimization (ITLBO algorithm has been presented. To enhance the system security under contingency conditions in the presence of unified power flow controller (UPFC, it is necessary to identify an optimal location to install this device. Voltage source based power injection model of UPFC, incorporation procedure and optimal location identification strategy based on line overload sensitivity indexes are proposed. The entire proposed methodology is tested on standard IEEE-30 bus test system with supporting numerical and graphical results.

  13. IMPLEMENTATION OF SECURITY CONTROLS ACCORDING TO ISO/IEC 27002 IN A SMALL ORGANISATION

    Directory of Open Access Journals (Sweden)

    MATÚŠ HORVÁTH

    2009-12-01

    Full Text Available Information security should be today a key issue in any organization. With the implementation of information security management system (ISMS the organization can identify and reduce risks in this area. This the area of information security management covers a numbers of ISO / IEC 27000 standards, which are based on best practice solutions. However, smaller organizations are often discourages with the implementation of these systems, because of fear of high cost and complexity. Especially due to the fact that the standards does not strictly require implementation of all security controls it is possible to implement these systems in small-size organizations. In this article, we want to point on this fact through describing practical experience with ISMS implementation in small-size organization.

  14. Safety and security analysis for distributed control system in nuclear power plants

    International Nuclear Information System (INIS)

    Lu Zhigang; Liu Baoxu

    2011-01-01

    The Digital Distributed Control System (DCS) is the core that manages all monitoring and operation tasks in a Nuclear Power Plant (NPP). So, Digital Distributed Control System in Nuclear Power Plant has strict requirements for control and automation device safety and security due to many factors. In this article, factors of safety are analyzed firstly, while placing top priority on reliability, quality of supply and stability have also been carefully considered. In particular, advanced digital and electronic technologies are adopted to maintain sufficient reliability and supervisory capabilities in nuclear power plants. Then, security of networking and information technology have been remarked, several design methodologies considering the security characteristics are suggested. Methods and technologies of this article are being used in testing and evaluation for a real implement of a nuclear power plant in China. (author)

  15. Evaluating the Level of Internal Control System in the Management of Financial Security of Bank

    Directory of Open Access Journals (Sweden)

    Pidvysotska Lyudmyla J.

    2017-06-01

    Full Text Available The article is aimed at studying the organization and technology of evaluation process of the internal control system of bank in order to ensure financial security management of its activities. The work of the internal audit service on monitoring and evaluating the performance of the bank’s internal control system was analyzed. It has been found that improving the level of financial security of commercial banks is conditional upon improvements in the quality of audits and the provision of sound and objective conclusions. The interrelation of the tasks of internal audit service and the tasks of bank’s financial security management has been determined. Methodological recommendations on evaluation of the bank’s internal control system on the basis of results of audit have been proposed.

  16. MOD control center automated information systems security evolution

    Science.gov (United States)

    Owen, Rich

    1991-01-01

    The role of the technology infusion process in future Control Center Automated Information Systems (AIS) is highlighted. The following subject areas are presented in the form of the viewgraphs: goals, background, threat, MOD's AISS program, TQM, SDLC integration, payback, future challenges, and bottom line.

  17. Cyber security

    CERN Document Server

    Voeller, John G

    2014-01-01

    Cyber Security features articles from the Wiley Handbook of Science and Technology for Homeland Security covering topics related to cyber security metrics and measure  and related technologies that meet security needs. Specific applications to web services, the banking and the finance sector, and industrial process control systems are discussed.

  18. Controlled quantum secure direct communication using a non-symmetric quantum channel with quantum superdense coding

    International Nuclear Information System (INIS)

    Xia, Yan; Song, He-Shan

    2007-01-01

    We present a controlled quantum secure direct communication protocol that uses a 2-dimensional Greenberger-Horne-Zeilinger (GHZ) entangled state and a 3-dimensional Bell-basis state and employs the high-dimensional quantum superdense coding, local collective unitary operations and entanglement swapping. The proposed protocol is secure and of high source capacity. It can effectively protect the communication against a destroying-travel-qubit-type attack. With this protocol, the information transmission is greatly increased. This protocol can also be modified, so that it can be used in a multi-party control system

  19. Smart Security System For Home Appliances Control Based On Internet Of Things

    Directory of Open Access Journals (Sweden)

    Su Zin Zin Win

    2015-08-01

    Full Text Available Technology is always evolves. Home security is essential for occupants convenience and protection. Security systems are being preferred over manual system. With the rapid increase in the number of users of internet over the past decade has made Internet a part and parcel of life and IoTs is the latest and emerging internet technology. Home Appliances Control of Smart Security System using IoTs uses computers or mobile devices to control basic home functions and features through internet from anywhere around the world. This security system differs from other system by allowing the user to operate the system from anywhere around the world through internet connection. With the implementation of Arduino Mega microcontroller as an Embedded device security system design was constructed with many sensors and web server database. The Arduino Ethernet shield is used to eliminate the use of a personal computer PC. The motion sensing circuit temperature and humidity sensing circuit smoke or gas sensing circuit door lock sensing circuit light onoff circuit were designed to be connected with Arduino Mega microcontroller and Ethernet shield. This system can monitor the temperature and humidity values and the state of some sensors for intruder detection. It can also control the electric appliances like lights and door at home. Real time result was displayed on web server page via the internet.

  20. Secure digital communication using controlled projective synchronisation of chaos

    International Nuclear Information System (INIS)

    Chee, C.Y.; Xu Daolin

    2005-01-01

    A new approach to chaos communication is proposed to encrypt digital information using controlled projective synchronisation. The scheme encrypts a binary sequence by manipulating the scaling feature of synchronisation from the coupled system. The transmitted signal therefore embeds only a single set of statistical properties. This prevents cryptanalysts from breaking the chaotic encryption scheme by using characteristic cryptanalysis that aims to detect switching of statistical properties in the intercepted information carrier signal. Pseudo-random switching key is incorporated into the scheme to masked out the deterministic nature of the underlying coupled system

  1. Automatic Learning of Fine Operating Rules for Online Power System Security Control.

    Science.gov (United States)

    Sun, Hongbin; Zhao, Feng; Wang, Hao; Wang, Kang; Jiang, Weiyong; Guo, Qinglai; Zhang, Boming; Wehenkel, Louis

    2016-08-01

    Fine operating rules for security control and an automatic system for their online discovery were developed to adapt to the development of smart grids. The automatic system uses the real-time system state to determine critical flowgates, and then a continuation power flow-based security analysis is used to compute the initial transfer capability of critical flowgates. Next, the system applies the Monte Carlo simulations to expected short-term operating condition changes, feature selection, and a linear least squares fitting of the fine operating rules. The proposed system was validated both on an academic test system and on a provincial power system in China. The results indicated that the derived rules provide accuracy and good interpretability and are suitable for real-time power system security control. The use of high-performance computing systems enables these fine operating rules to be refreshed online every 15 min.

  2. Cyber Security for the Spaceport Command and Control System: Vulnerability Management and Compliance Analysis

    Science.gov (United States)

    Gunawan, Ryan A.

    2016-01-01

    With the rapid development of the Internet, the number of malicious threats to organizations is continually increasing. In June of 2015, the United States Office of Personnel Management (OPM) had a data breach resulting in the compromise of millions of government employee records. The National Aeronautics and Space Administration (NASA) is not exempt from these attacks. Cyber security is becoming a critical facet to the discussion of moving forward with projects. The Spaceport Command and Control System (SCCS) project at the Kennedy Space Center (KSC) aims to develop the launch control system for the next generation launch vehicle in the coming decades. There are many ways to increase the security of the network it uses, from vulnerability management to ensuring operating system images are compliant with securely configured baselines recommended by the United States Government.

  3. Accounting and Control in Ensuring Economic Security of the Organizations of Perm Region

    Directory of Open Access Journals (Sweden)

    Vyacheslav Valetyevich Epishin

    2016-09-01

    Full Text Available The article deals with the urgent problem concerning the regional development as well as the specific organization, or to the development of an integrated system of economic security of the organization. The article discusses the importance of such an element of economic security (including the financial security as the accounting and control as well as their possible violations. The authors substantiate their position on the relationship of the violations of accounting and control and also the internal theft, other economic crimes and their negative consequences. The analysis of the existing national and foreign sources related to the subject of the study is carried out. The conclusion is made about the lack of modern research devoted to the study of the protective properties of accounting, control and their violations, which condition economic crimes. The methodological tools of the research include dialectic method, systemic analysis, complex sociological methods: the analysis of the legal sources, of statistical information and judicial practice. On the basis of the analysis of criminal cases, financial statements, publications media, the authors made the conclusion about the conditionality of the theft in the organizations as there are the violations of accounting and control, low efficiency of control and auditing, of preventive measures for neutralization of the violations of accounting and control from the services of economic security, accounting offices, auditing and law enforcement services. The recommendations for the optimization of this work are introduced. They can be used by accounting departments, auditing bodies, fiscal authorities at the municipal and regional level and by law enforcement officials. The economic security is necessary for any organizations regardless of their forms of ownership, ranging from government organizations to small kiosks. The difference will only consist in the means and methods.

  4. COORDINATION IN MULTILEVEL NETWORK-CENTRIC CONTROL SYSTEMS OF REGIONAL SECURITY: APPROACH AND FORMAL MODEL

    Directory of Open Access Journals (Sweden)

    A. V. Masloboev

    2015-01-01

    Full Text Available The paper deals with development of methods and tools for mathematical and computer modeling of the multilevel network-centric control systems of regional security. This research is carried out under development strategy implementation of the Arctic zone of the Russian Federation and national safeguarding for the period before 2020 in the Murmansk region territory. Creation of unified interdepartmental multilevel computer-aided system is proposed intended for decision-making information support and socio-economic security monitoring of the Arctic regions of Russia. The distinctive features of the investigated system class are openness, self-organization, decentralization of management functions and decision-making, weak hierarchy in the decision-making circuit and goal generation capability inside itself. Research techniques include functional-target approach, mathematical apparatus of multilevel hierarchical system theory and principles of network-centric control of distributed systems with pro-active components and variable structure. The work considers network-centric management local decisions coordination problem-solving within the multilevel distributed systems intended for information support of regional security. The coordination problem-solving approach and problem formalization in the multilevel network-centric control systems of regional security have been proposed based on developed multilevel recurrent hierarchical model of regional socio-economic system complex security. The model provides coordination of regional security indexes, optimized by the different elements of multilevel control systems, subject to decentralized decision-making. The model specificity consists in application of functional-target technology and mathematical apparatus of multilevel hierarchical system theory for coordination procedures implementation of the network-centric management local decisions. The work-out and research results can find further

  5. 27 CFR 73.12 - What security controls must I use for identification codes and passwords?

    Science.gov (United States)

    2010-04-01

    ... Firearms ALCOHOL AND TOBACCO TAX AND TRADE BUREAU, DEPARTMENT OF THE TREASURY (CONTINUED) PROCEDURES AND PRACTICES ELECTRONIC SIGNATURES; ELECTRONIC SUBMISSION OF FORMS Electronic Signatures § 73.12 What security controls must I use for identification codes and passwords? If you use electronic signatures based upon use...

  6. THE CYBERSECURITY OF AUTOMATED CONTROL SYSTEMS AS A KEY COMPONENT OF NATIONAL SECURITY

    Directory of Open Access Journals (Sweden)

    Galin R. Ivanov

    2016-10-01

    Full Text Available This article focuses on the current problems raised by the necessity to provide and ensure national cybersecurity. Moreover, it suggests measures for adequate counteraction to present-day cyber threats to automated control systems employed in the sector of national security.

  7. Using Face Recognition in the Automatic Door Access Control in a Secured Room

    Directory of Open Access Journals (Sweden)

    Gheorghe Gilca

    2017-06-01

    Full Text Available The aim of this paper is to help users improve the door security of sensitive locations by using face detection and recognition. This paper is comprised mainly of three subsystems: face detection, face recognition and automatic door access control. The door will open automatically for the known person due to the command of the microcontroller.

  8. The Model-Driven openETCS Paradigm for Secure, Safe and Certifiable Train Control Systems

    DEFF Research Database (Denmark)

    Peleska, Jan; Feuser, Johannes; Haxthausen, Anne Elisabeth

    2012-01-01

    -driven openETCS approach, a threat analysis is performed, identifying both safety and security hazards that may be common to all model-based development paradigms for safety-critical railway control systems, or specific to the openETCS approach. In the subsequent sections state-of-the-art methods suitable...

  9. Economic Security of a Company in the Structure of the Mechanism of Corporate Control

    Directory of Open Access Journals (Sweden)

    Serdyukov Konstantin H.

    2017-12-01

    Full Text Available The spread of the corporate form of business management caused the emergence of specific problems associated with the need to harmonize the interests of owners of corporate rights within a single strategic line of conduct of a joint-stock company. The need to identify such problems and create contours for organization of their management regarding them as specific threats to corporate security has determined the direction of the study. That is why the aim of the article is bringing the processes of economic security management of a joint-stock company in line with the processes of distribution and implementation of its corporate control. The basis for achieving this goal is the model of the problematic area of forming a corporate control mechanism of a company based on the stakeholder approach to defining goals and objectives of corporate control. At the same time, the organization of corporate security management is based on the introduced classification criterion of threats. This criterion allows identifying specific threats that arise specifically in the sphere of corporate relations. The adoption of an architectural approach to the description of the mechanism of corporate control enabled determining the relationship between threats of different hierarchical levels. Management of the level of security is based on the introduction of practices to counter the threats that within the architectural model of a company are associated with stakeholders.

  10. Specific Methods of Information Security for Nuclear Materials Control and Accounting Automate Systems

    Directory of Open Access Journals (Sweden)

    Konstantin Vyacheslavovich Ivanov

    2013-02-01

    Full Text Available The paper is devoted to specific methods of information security for nuclear materials control and accounting automate systems which is not required of OS and DBMS certifications and allowed to programs modification for clients specific without defenses modification. System ACCORD-2005 demonstrates the realization of this method.

  11. An Annotated and Cross-Referenced Bibliography on Computer Security and Access Control in Computer Systems.

    Science.gov (United States)

    Bergart, Jeffrey G.; And Others

    This paper represents a careful study of published works on computer security and access control in computer systems. The study includes a selective annotated bibliography of some eighty-five important published results in the field and, based on these papers, analyzes the state of the art. In annotating these works, the authors try to be…

  12. Improving Control System Cyber-State Awareness using Known Secure Sensor Measurements

    Energy Technology Data Exchange (ETDEWEB)

    Ondrej Linda; Milos Manic; Miles McQueen

    2012-09-01

    Abstract—This paper presents design and simulation of a low cost and low false alarm rate method for improved cyber-state awareness of critical control systems - the Known Secure Sensor Measurements (KSSM) method. The KSSM concept relies on physical measurements to detect malicious falsification of the control systems state. The KSSM method can be incrementally integrated with already installed control systems for enhanced resilience. This paper reviews the previously developed theoretical KSSM concept and then describes a simulation of the KSSM system. A simulated control system network is integrated with the KSSM components. The effectiveness of detection of various intrusion scenarios is demonstrated on several control system network topologies.

  13. Evaluation of secure capability-based access control in the M2M local cloud platform

    DEFF Research Database (Denmark)

    Anggorojati, Bayu; Prasad, Neeli R.; Prasad, Ramjee

    2016-01-01

    delegation. Recently, the capability based access control has been considered as method to manage access in the Internet of Things (IoT) or M2M domain. In this paper, the implementation and evaluation of a proposed secure capability based access control in the M2M local cloud platform is presented......Managing access to and protecting resources is one of the important aspect in managing security, especially in a distributed computing system such as Machine-to-Machine (M2M). One such platform known as the M2M local cloud platform, referring to BETaaS architecture [1], which conceptually consists...... of multiple distributed M2M gateways, creating new challenges in the access control. Some existing access control systems lack in scalability and flexibility to manage access from users or entity that belong to different authorization domains, or fails to provide fine grained and flexible access right...

  14. Real time test bed development for power system operation, control and cyber security

    Science.gov (United States)

    Reddi, Ram Mohan

    The operation and control of the power system in an efficient way is important in order to keep the system secure, reliable and economical. With advancements in smart grid, several new algorithms have been developed for improved operation and control. These algorithms need to be extensively tested and validated in real time before applying to the real electric power grid. This work focuses on the development of a real time test bed for testing and validating power system control algorithms, hardware devices and cyber security vulnerability. The test bed developed utilizes several hardware components including relays, phasor measurement units, phasor data concentrator, programmable logic controllers and several software tools. Current work also integrates historian for power system monitoring and data archiving. Finally, two different power system test cases are simulated to demonstrate the applications of developed test bed. The developed test bed can also be used for power system education.

  15. Summary of the Control System Cyber-Security (CS)2/HEP Workshop

    CERN Document Server

    Lüders, S

    2007-01-01

    Over the last few years modern accelerator and experiment control systems have increasingly been based on commercial-off-the-shelf products (VME crates, PLCs, SCADA systems, etc.), on Windows or Linux PCs, and on communication infrastructures using Ethernet and TCP/IP. Despite the benefits coming with this (r)evolution, new vulnerabilities are inherited, too: Worms and viruses spread within seconds via the Ethernet cable, and attackers are becoming interested in control systems. Unfortunately, control PCs cannot be patched as fast as office PCs. Even worse, vulnerability scans at CERN using standard IT tools have shown that commercial automation systems lack fundamental security precautions: Some systems crashed during the scan, others could easily be stopped or their process data be altered. The (CS)2/HEP workshop held the weekend before ICALEPCS2007 was intended to present, share, and discuss countermeasures deployed in HEP laboratories in order to secure control systems. This presentation will give a summa...

  16. Labour Court Karlsruhe, decision of October 15, 1985 (co-determination in matters of security control)

    International Nuclear Information System (INIS)

    Anon.

    1986-01-01

    In its decision of October 15, 1985, the Labour Court of Karlsruhe deals with the order for security controls in nuclear research centres. The co-determination of the works council in this field is excluded, if the operator is obliged by the licensing authority to carry out these controls pursuant to the operating licence according to sec. 7 and sec. 17 of the Atomic Energy Act. (WG) [de

  17. Cyber Security in Industrial Control Systems and SCADA Applications: Modbus TCP Protocol Example

    Directory of Open Access Journals (Sweden)

    Erdal IRMAK

    2017-12-01

    Full Text Available Electrical energy generation, transmission and distribution systems are evaluated in terms of national security dimension and defined as critical infrastructures. Monitoring and controlling of these systems is provided by Industrial Control Systems (ICS or Supervisory Control and Data Acquisition (SCADA systems. According to the latest advances in communication and internet technology, ICS/SCADA systems have started to become integrated with these systems. As a result of this situation, current or existing vulnerabilities in information and communication technology affect to SCADA systems directly. Therefore, this paper focuses on the cyber security of ICS/SCADA systems. It has been proved that the lack of authentication detected in Modbus TCP protocol, one of the most used in ICS/SCADA systems, can be exploited. In order to solve this security issue, a software is developed using the Python programming language for blocking or mitigating the cyber attacks. The proposed solution is subjected to several tests and results show that the attacks can be prevented successfully. Thus, it is considered that the proposed work will contribute to the security of ICS/SCADA systems and the industrial protocols using for communicating these systems.

  18. A secure transmission scheme of streaming media based on the encrypted control message

    Science.gov (United States)

    Li, Bing; Jin, Zhigang; Shu, Yantai; Yu, Li

    2007-09-01

    As the use of streaming media applications increased dramatically in recent years, streaming media security becomes an important presumption, protecting the privacy. This paper proposes a new encryption scheme in view of characteristics of streaming media and the disadvantage of the living method: encrypt the control message in the streaming media with the high security lever and permute and confuse the data which is non control message according to the corresponding control message. Here the so-called control message refers to the key data of the streaming media, including the streaming media header and the header of the video frame, and the seed key. We encrypt the control message using the public key encryption algorithm which can provide high security lever, such as RSA. At the same time we make use of the seed key to generate key stream, from which the permutation list P responding to GOP (group of picture) is derived. The plain text of the non-control message XORs the key stream and gets the middle cipher text. And then obtained one is permutated according to P. In contrast the decryption process is the inverse process of the above. We have set up a testbed for the above scheme and found our scheme is six to eight times faster than the conventional method. It can be applied not only between PCs but also between handheld devices.

  19. An Improved Protocol for Controlled Deterministic Secure Quantum Communication Using Five-Qubit Entangled State

    Science.gov (United States)

    Kao, Shih-Hung; Lin, Jason; Tsai, Chia-Wei; Hwang, Tzonelih

    2018-03-01

    In early 2009, Xiu et al. (Opt. Commun. 282(2) 333-337 2009) presented a controlled deterministic secure quantum communication (CDSQC) protocol via a newly constructed five-qubit entangled quantum state. Later, Qin et al. (Opt. Commun. 282(13), 2656-2658 2009) pointed out two security loopholes in Xiu et al.'s protocol: (1) A correlation-elicitation (CE) attack can reveal the entire secret message; (2) A leakage of partial information for the receiver is noticed. Then, Xiu et al. (Opt. Commun. 283(2), 344-347 2010) presented a revised CDSQC protocol to remedy the CE attack problem. However, the information leakage problem still remains open. This work proposes a new CDSQC protocol using the same five-qubit entangled state which can work without the above mentioned security problems. Moreover, the Trojan Horse attacks can be automatically avoided without using detecting devices in the new CDSQC.

  20. An Improved Protocol for Controlled Deterministic Secure Quantum Communication Using Five-Qubit Entangled State

    Science.gov (United States)

    Kao, Shih-Hung; Lin, Jason; Tsai, Chia-Wei; Hwang, Tzonelih

    2018-06-01

    In early 2009, Xiu et al. (Opt. Commun. 282(2) 333-337 2009) presented a controlled deterministic secure quantum communication (CDSQC) protocol via a newly constructed five-qubit entangled quantum state. Later, Qin et al. (Opt. Commun. 282(13), 2656-2658 2009) pointed out two security loopholes in Xiu et al.'s protocol: (1) A correlation-elicitation (CE) attack can reveal the entire secret message; (2) A leakage of partial information for the receiver is noticed. Then, Xiu et al. (Opt. Commun. 283(2), 344-347 2010) presented a revised CDSQC protocol to remedy the CE attack problem. However, the information leakage problem still remains open. This work proposes a new CDSQC protocol using the same five-qubit entangled state which can work without the above mentioned security problems. Moreover, the Trojan Horse attacks can be automatically avoided without using detecting devices in the new CDSQC.

  1. An RFID-based luggage and passenger tracking system for airport security control applications

    Science.gov (United States)

    Vastianos, George E.; Kyriazanos, Dimitris M.; Kountouriotis, Vassilios I.; Thomopoulos, Stelios C. A.

    2014-06-01

    Market analysis studies of recent years have shown a steady and significant increase in the usage of RFID technology. Key factors for this growth were the decreased costs of passive RFIDs and their improved performance compared to the other identification technologies. Besides the benefits of RFID technologies into the supply chains, warehousing, traditional inventory and asset management applications, RFID has proven itself worth exploiting on experimental, as well as on commercial level in other sectors, such as healthcare, transport and security. In security sector, airport security is one of the biggest challenges. Airports are extremely busy public places and thus prime targets for terrorism, with aircraft, passengers, crew and airport infrastructure all subject to terrorist attacks. Inside this labyrinth of security challenges, the long range detection capability of the UHF passive RFID technology can be turned into a very important tracking tool that may outperform all the limitations of the barcode tracking inside the current airport security control chain. The Integrated Systems Lab of NCSR Demokritos has developed an RFID based Luggage and Passenger tracking system within the TASS (FP7-SEC-2010-241905) EU research project. This paper describes application scenarios of the system categorized according to the structured nature of the environment, the system architecture and presents evaluation results extracted from measurements with a group of different massive production GEN2 UHF RFID tags that are widely available in the world market.

  2. Summary of the third control system cyber-security (CS)2/HEP workshop

    International Nuclear Information System (INIS)

    Lueders, S.

    2012-01-01

    Over the last decade modern accelerator and experiment control systems have increasingly been based on commercial-off-the-shelf products (VME crates, programmable logic controllers (PLCs), supervisory control and data acquisition (SCADA) systems, etc.), on Windows or Linux PCs, and on communication infrastructures using Ethernet and TCP/IP. Despite the benefits coming with this (r)evolution, new vulnerabilities are inherited, too: Worms and viruses spread within seconds via the Ethernet cable, and attackers are becoming interested in control systems. The Stuxnet worm of 2010 against a particular Siemens PLC is a unique example for a sophisticated attack against control systems. Unfortunately, control PCs cannot be patched as fast as office PCs. Even worse, vulnerability scans at CERN using standard IT tools have shown that commercial automation systems lack fundamental security precautions: Some systems crashed during the scan, others could easily be stopped or their process data being altered. The third (CS)2/HEP workshop was intended to raise awareness; exchange good practices, ideas, and implementations; discuss what works and what not as well as their pros and cons; report on security events, lessons learned and successes; and update on progresses made at HEP laboratories around the world in order to secure control systems. It appears that deploying a 'Defense-in-depth approach is mandatory and corresponds to good practice while the full compliance to ISO-27000 standard is definitely both an ultimate goal and a very difficult challenge. There was a broad consensus to state that developing a 'security culture' among the players whatever they are: system experts, administrators, vendors or operators is the first step to do

  3. THE OPTIMAL CONTROL IN THE MODELOF NETWORK SECURITY FROM MALICIOUS CODE

    Directory of Open Access Journals (Sweden)

    2016-01-01

    Full Text Available The paper deals with a mathematical model of network security. The model is described in terms of the nonlinear optimal control. As a criterion of the control problem quality the price of the summary damage inflicted by the harmful codes is chosen, under additional restriction: the number of recovered nodes is maximized. The Pontryagin maximum principle for construction of the optimal decisions is formulated. The number of switching points of the optimal control is found. The explicit form of optimal control is given using the Lagrange multipliers method.

  4. 48 CFR 1552.235-78 - Data Security for Toxic Substances Control Act Confidential Business Information (DEC 1997).

    Science.gov (United States)

    2010-10-01

    ...: Data Security for Toxic Substances Control Act Confidential Business Information (DEC 1997) The... 48 Federal Acquisition Regulations System 6 2010-10-01 2010-10-01 true Data Security for Toxic Substances Control Act Confidential Business Information (DEC 1997). 1552.235-78 Section 1552.235-78 Federal...

  5. Secure Adaptive Topology Control for Wireless Ad-Hoc Sensor Networks

    Directory of Open Access Journals (Sweden)

    Yen-Chieh Ouyang

    2010-02-01

    Full Text Available This paper presents a secure decentralized clustering algorithm for wireless ad-hoc sensor networks. The algorithm operates without a centralized controller, operates asynchronously, and does not require that the location of the sensors be known a priori. Based on the cluster-based topology, secure hierarchical communication protocols and dynamic quarantine strategies are introduced to defend against spam attacks, since this type of attacks can exhaust the energy of sensor nodes and will shorten the lifetime of a sensor network drastically. By adjusting the threshold of infected percentage of the cluster coverage, our scheme can dynamically coordinate the proportion of the quarantine region and adaptively achieve the cluster control and the neighborhood control of attacks. Simulation results show that the proposed approach is feasible and cost effective for wireless sensor networks.

  6. Security Analysis and Improvements of Authentication and Access Control in the Internet of Things

    Science.gov (United States)

    Ndibanje, Bruce; Lee, Hoon-Jae; Lee, Sang-Gon

    2014-01-01

    Internet of Things is a ubiquitous concept where physical objects are connected over the internet and are provided with unique identifiers to enable their self-identification to other devices and the ability to continuously generate data and transmit it over a network. Hence, the security of the network, data and sensor devices is a paramount concern in the IoT network as it grows very fast in terms of exchanged data and interconnected sensor nodes. This paper analyses the authentication and access control method using in the Internet of Things presented by Jing et al (Authentication and Access Control in the Internet of Things. In Proceedings of the 2012 32nd International Conference on Distributed Computing Systems Workshops, Macau, China, 18–21 June 2012, pp. 588–592). According to our analysis, Jing et al.'s protocol is costly in the message exchange and the security assessment is not strong enough for such a protocol. Therefore, we propose improvements to the protocol to fill the discovered weakness gaps. The protocol enhancements facilitate many services to the users such as user anonymity, mutual authentication, and secure session key establishment. Finally, the performance and security analysis show that the improved protocol possesses many advantages against popular attacks, and achieves better efficiency at low communication cost. PMID:25123464

  7. Security analysis and improvements of authentication and access control in the Internet of Things.

    Science.gov (United States)

    Ndibanje, Bruce; Lee, Hoon-Jae; Lee, Sang-Gon

    2014-08-13

    Internet of Things is a ubiquitous concept where physical objects are connected over the internet and are provided with unique identifiers to enable their self-identification to other devices and the ability to continuously generate data and transmit it over a network. Hence, the security of the network, data and sensor devices is a paramount concern in the IoT network as it grows very fast in terms of exchanged data and interconnected sensor nodes. This paper analyses the authentication and access control method using in the Internet of Things presented by Jing et al. (Authentication and Access Control in the Internet of Things. In Proceedings of the 2012 32nd International Conference on Distributed Computing Systems Workshops, Macau, China, 18-21 June 2012, pp. 588-592). According to our analysis, Jing et al.'s protocol is costly in the message exchange and the security assessment is not strong enough for such a protocol. Therefore, we propose improvements to the protocol to fill the discovered weakness gaps. The protocol enhancements facilitate many services to the users such as user anonymity, mutual authentication, and secure session key establishment. Finally, the performance and security analysis show that the improved protocol possesses many advantages against popular attacks, and achieves better efficiency at low communication cost.

  8. An analysis of Technical Security Control Requirements For Digital I and C Systems in Nuclear Power Plants

    International Nuclear Information System (INIS)

    Song, Jaegu; Lee, Jungwoon; Park, Geeyong; Kwon, Keechoon; Lee, Dongyoung; Lee, Cheolkwon

    2013-01-01

    Instrumentation and control systems in nuclear power plants have been digitalized for the purpose of maintenance and precise operation. This digitalization, however, brings out issues related to cyber security. In the most recent past, international standard organizations, regulatory institutes, and research institutes have performed a number of studies addressing these systems cyber security. In order to provide information helpful to the system designers in their application of cyber security for the systems, this paper presents methods and considerations to define attack vectors in a target system, to review and select the requirements in the Regulatory Guide 5.71, and to integrate the results to identify applicable technical security control requirements. In this study, attack vectors are analyzed through the vulnerability analyses and penetration tests with a simplified safety system, and the elements of critical digital assets acting as attack vectors are identified. Among the security control requirements listed in Appendices B and C to Regulatory Guide 5.71, those that should be implemented into the systems are selected and classified in groups of technical security control requirements using the results of the attack vector analysis. For the attack vector elements of critical digital assets, all the technical security control requirements are evaluated to determine whether they are applicable and effective, and considerations in this evaluation are also discussed. The technical security control requirements in three important categories of access control, monitoring and logging, and encryption are derived and grouped according to the elements of attack vectors as results for the sample safety system

  9. An analysis of Technical Security Control Requirements For Digital I and C Systems in Nuclear Power Plants

    Energy Technology Data Exchange (ETDEWEB)

    Song, Jaegu; Lee, Jungwoon; Park, Geeyong; Kwon, Keechoon; Lee, Dongyoung; Lee, Cheolkwon [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

    2013-10-15

    Instrumentation and control systems in nuclear power plants have been digitalized for the purpose of maintenance and precise operation. This digitalization, however, brings out issues related to cyber security. In the most recent past, international standard organizations, regulatory institutes, and research institutes have performed a number of studies addressing these systems cyber security. In order to provide information helpful to the system designers in their application of cyber security for the systems, this paper presents methods and considerations to define attack vectors in a target system, to review and select the requirements in the Regulatory Guide 5.71, and to integrate the results to identify applicable technical security control requirements. In this study, attack vectors are analyzed through the vulnerability analyses and penetration tests with a simplified safety system, and the elements of critical digital assets acting as attack vectors are identified. Among the security control requirements listed in Appendices B and C to Regulatory Guide 5.71, those that should be implemented into the systems are selected and classified in groups of technical security control requirements using the results of the attack vector analysis. For the attack vector elements of critical digital assets, all the technical security control requirements are evaluated to determine whether they are applicable and effective, and considerations in this evaluation are also discussed. The technical security control requirements in three important categories of access control, monitoring and logging, and encryption are derived and grouped according to the elements of attack vectors as results for the sample safety system.

  10. Circle of Security-Parenting: A randomized controlled trial in Head Start.

    Science.gov (United States)

    Cassidy, Jude; Brett, Bonnie E; Gross, Jacquelyn T; Stern, Jessica A; Martin, David R; Mohr, Jonathan J; Woodhouse, Susan S

    2017-05-01

    Although evidence shows that attachment insecurity and disorganization increase risk for the development of psychopathology (Fearon, Bakermans-Kranenburg, van IJzendoorn, Lapsley, & Roisman, 2010; Groh, Roisman, van IJzendoorn, Bakermans-Kranenburg, & Fearon, 2012), implementation challenges have precluded dissemination of attachment interventions on the broad scale at which they are needed. The Circle of Security-Parenting Intervention (COS-P; Cooper, Hoffman, & Powell, 2009), designed with broad implementation in mind, addresses this gap by training community service providers to use a manualized, video-based program to help caregivers provide a secure base and a safe haven for their children. The present study is a randomized controlled trial of COS-P in a low-income sample of Head Start enrolled children and their mothers. Mothers (N = 141; 75 intervention, 66 waitlist control) completed a baseline assessment and returned with their children after the 10-week intervention for the outcome assessment, which included the Strange Situation. Intent to treat analyses revealed a main effect for maternal response to child distress, with mothers assigned to COS-P reporting fewer unsupportive (but not more supportive) responses to distress than control group mothers, and a main effect for one dimension of child executive functioning (inhibitory control but not cognitive flexibility when maternal age and marital status were controlled), with intervention group children showing greater control. There were, however, no main effects of intervention for child attachment or behavior problems. Exploratory follow-up analyses suggested intervention effects were moderated by maternal attachment style or depressive symptoms, with moderated intervention effects emerging for child attachment security and disorganization, but not avoidance; for inhibitory control but not cognitive flexibility; and for child internalizing but not externalizing behavior problems. This initial randomized

  11. Advanced Approach to Information Security Management System Model for Industrial Control System

    Science.gov (United States)

    2014-01-01

    Organizations make use of important information in day-to-day business. Protecting sensitive information is imperative and must be managed. Companies in many parts of the world protect sensitive information using the international standard known as the information security management system (ISMS). ISO 27000 series is the international standard ISMS used to protect confidentiality, integrity, and availability of sensitive information. While an ISMS based on ISO 27000 series has no particular flaws for general information systems, it is unfit to manage sensitive information for industrial control systems (ICSs) because the first priority of industrial control is safety of the system. Therefore, a new information security management system based on confidentiality, integrity, and availability as well as safety is required for ICSs. This new ISMS must be mutually exclusive of an ICS. This paper provides a new paradigm of ISMS for ICSs, which will be shown to be more suitable than the existing ISMS. PMID:25136659

  12. Controls Mitigating the Risk of Confidential Information Disclosure by Facebook: Essential Concern in Auditing Information Security

    Directory of Open Access Journals (Sweden)

    Ivan Ognyanov Kuyumdzhiev

    2014-08-01

    Full Text Available Facebook allows people to easily share information about themselves which in some cases could be classified as confidential or sensitive in the organisation they’re working for. In this paper we discuss the type of data stored by Facebook and the scope of the terms “confidential” and “sensitive data”. The intersection of these areas shows that there is high possibility for confidential data disclosure in organisations with none or ineffective security policy. This paper proposes a strategy for managing the risks of information leakage. We define five levels of controls against posting non-public data on Facebook - security policy, applications installed on employees’ workstations, specific router software or firmware, software in the cloud, Facebook itself. Advantages and disadvantages of every level are evaluated. As a result we propose developing of new control integrated in the social media.

  13. Strong tobacco control program requirements and secure funding are not enough: lessons from Florida.

    Science.gov (United States)

    Kennedy, Allison; Sullivan, Sarah; Hendlin, Yogi; Barnes, Richard; Glantz, Stanton

    2012-05-01

    Florida's Tobacco Pilot Program (TPP; 1998-2003), with its edgy Truth media campaign, achieved unprecedented youth smoking reductions and became a model for tobacco control programming. In 2006, 3 years after the TPP was defunded, public health groups restored funding for tobacco control programming by convincing Florida voters to amend their constitution. Despite the new program's strong legal structure, Governor Charlie Crist's Department of Health implemented a low-impact program. Although they secured the program's strong structure and funding, Florida's nongovernmental public health organizations did not mobilize to demand a high-impact program. Implementation of Florida's Amendment 4 demonstrates that a strong programmatic structure and secure funding are insufficient to ensure a successful public health program, without external pressure from nongovernmental groups.

  14. A Secure and Verifiable Outsourced Access Control Scheme in Fog-Cloud Computing.

    Science.gov (United States)

    Fan, Kai; Wang, Junxiong; Wang, Xin; Li, Hui; Yang, Yintang

    2017-07-24

    With the rapid development of big data and Internet of things (IOT), the number of networking devices and data volume are increasing dramatically. Fog computing, which extends cloud computing to the edge of the network can effectively solve the bottleneck problems of data transmission and data storage. However, security and privacy challenges are also arising in the fog-cloud computing environment. Ciphertext-policy attribute-based encryption (CP-ABE) can be adopted to realize data access control in fog-cloud computing systems. In this paper, we propose a verifiable outsourced multi-authority access control scheme, named VO-MAACS. In our construction, most encryption and decryption computations are outsourced to fog devices and the computation results can be verified by using our verification method. Meanwhile, to address the revocation issue, we design an efficient user and attribute revocation method for it. Finally, analysis and simulation results show that our scheme is both secure and highly efficient.

  15. A Secure and Verifiable Outsourced Access Control Scheme in Fog-Cloud Computing

    Science.gov (United States)

    Fan, Kai; Wang, Junxiong; Wang, Xin; Li, Hui; Yang, Yintang

    2017-01-01

    With the rapid development of big data and Internet of things (IOT), the number of networking devices and data volume are increasing dramatically. Fog computing, which extends cloud computing to the edge of the network can effectively solve the bottleneck problems of data transmission and data storage. However, security and privacy challenges are also arising in the fog-cloud computing environment. Ciphertext-policy attribute-based encryption (CP-ABE) can be adopted to realize data access control in fog-cloud computing systems. In this paper, we propose a verifiable outsourced multi-authority access control scheme, named VO-MAACS. In our construction, most encryption and decryption computations are outsourced to fog devices and the computation results can be verified by using our verification method. Meanwhile, to address the revocation issue, we design an efficient user and attribute revocation method for it. Finally, analysis and simulation results show that our scheme is both secure and highly efficient. PMID:28737733

  16. Advanced Approach to Information Security Management System Model for Industrial Control System

    Directory of Open Access Journals (Sweden)

    Sanghyun Park

    2014-01-01

    Full Text Available Organizations make use of important information in day-to-day business. Protecting sensitive information is imperative and must be managed. Companies in many parts of the world protect sensitive information using the international standard known as the information security management system (ISMS. ISO 27000 series is the international standard ISMS used to protect confidentiality, integrity, and availability of sensitive information. While an ISMS based on ISO 27000 series has no particular flaws for general information systems, it is unfit to manage sensitive information for industrial control systems (ICSs because the first priority of industrial control is safety of the system. Therefore, a new information security management system based on confidentiality, integrity, and availability as well as safety is required for ICSs. This new ISMS must be mutually exclusive of an ICS. This paper provides a new paradigm of ISMS for ICSs, which will be shown to be more suitable than the existing ISMS.

  17. Advanced approach to information security management system model for industrial control system.

    Science.gov (United States)

    Park, Sanghyun; Lee, Kyungho

    2014-01-01

    Organizations make use of important information in day-to-day business. Protecting sensitive information is imperative and must be managed. Companies in many parts of the world protect sensitive information using the international standard known as the information security management system (ISMS). ISO 27000 series is the international standard ISMS used to protect confidentiality, integrity, and availability of sensitive information. While an ISMS based on ISO 27000 series has no particular flaws for general information systems, it is unfit to manage sensitive information for industrial control systems (ICSs) because the first priority of industrial control is safety of the system. Therefore, a new information security management system based on confidentiality, integrity, and availability as well as safety is required for ICSs. This new ISMS must be mutually exclusive of an ICS. This paper provides a new paradigm of ISMS for ICSs, which will be shown to be more suitable than the existing ISMS.

  18. US Centers for Disease Control and Prevention and Its Partners' Contributions to Global Health Security.

    Science.gov (United States)

    Tappero, Jordan W; Cassell, Cynthia H; Bunnell, Rebecca E; Angulo, Frederick J; Craig, Allen; Pesik, Nicki; Dahl, Benjamin A; Ijaz, Kashef; Jafari, Hamid; Martin, Rebecca

    2017-12-01

    To achieve compliance with the revised World Health Organization International Health Regulations (IHR 2005), countries must be able to rapidly prevent, detect, and respond to public health threats. Most nations, however, remain unprepared to manage and control complex health emergencies, whether due to natural disasters, emerging infectious disease outbreaks, or the inadvertent or intentional release of highly pathogenic organisms. The US Centers for Disease Control and Prevention (CDC) works with countries and partners to build and strengthen global health security preparedness so they can quickly respond to public health crises. This report highlights selected CDC global health protection platform accomplishments that help mitigate global health threats and build core, cross-cutting capacity to identify and contain disease outbreaks at their source. CDC contributions support country efforts to achieve IHR 2005 compliance, contribute to the international framework for countering infectious disease crises, and enhance health security for Americans and populations around the world.

  19. Improving the Security and Performance of the BaBar Detector Controls System

    International Nuclear Information System (INIS)

    Kotturi, Karen D.

    2003-01-01

    It starts out innocently enough--users want to monitor Online data and so run their own copies of the detector control GUIs in their offices and at home. But over time, the number of processes making requests for values to display on GUIs, webpages and stripcharts can grow, and affect the performance of an Input/Output Controller (IOC) such that it is unable to respond to requests from requests critical to data-taking. At worst, an IOC can hang, its CPU having been allocated 100% to responding to network requests. For the BaBar Online Detector Control System, we were able to eliminate this problem and make great gains in security by moving all of the IOCs to a non-routed, virtual LAN and by enlisting a workstation with two network interface cards to act as the interface between the virtual LAN and the public BaBar network. On the interface machine, we run the Experimental Physics Industrial Control System (EPICS) Channel Access (CA) gateway software (originating from Advanced Photon Source). This software accepts as inputs, all the channels which are loaded into the EPICS databases on all the IOCs. It polls them to update its copy of the values. It answers requests from applications by sending them the currently cached value. We adopted the requirement that data-taking would be independent of the gateway, so that, in the event of a gateway failure, data-taking would be uninterrupted. In this way, we avoided introducing any new risk elements to data-taking. Security rules already in use by the IOC were propagated to the gateway's own security rules and the security of the IOCs themselves was improved by removing them from the public BaBar network

  20. Secure, Autonomous, Intelligent Controller for Integrating Distributed Emergency Response Satellite Operations

    Science.gov (United States)

    Ivancic, William D.; Paulsen, Phillip E.; Miller, Eric M.; Sage, Steen P.

    2013-01-01

    This report describes a Secure, Autonomous, and Intelligent Controller for Integrating Distributed Emergency Response Satellite Operations. It includes a description of current improvements to existing Virtual Mission Operations Center technology being used by US Department of Defense and originally developed under NASA funding. The report also highlights a technology demonstration performed in partnership with the United States Geological Service for Earth Resources Observation and Science using DigitalGlobe(Registered TradeMark) satellites to obtain space-based sensor data.

  1. Control and Assurance in E-Commerce: Privacy, Integrity and Security at eBay

    OpenAIRE

    Rong-Ruey Duh; Karim Jamal; Shyam NMI Sunder

    2001-01-01

    Growth of online auctions and other forms of e-commerce has been hampered by concerns about the privacy, integrity, and security of online transactions. To earn the trust of their participants, new e-commerce organizations, like traditional organizations, have to reach the state of expectations equilibrium or control - a state where the actual behavior of participants corresponds to what others expect them to do. Since e-commerce companies provide electronic platforms where buyers and sellers...

  2. Control and Regulation of Private Security Providers in Latin America and the Caribbean: A Comparative Analysis

    Directory of Open Access Journals (Sweden)

    Francesca Caonero

    2014-05-01

    Full Text Available States and different international players have drafted legal frameworks to adequately regulate the phenomenon of privatization of security. Among these initiatives is the Project for a Possible Convention on Private Military and Security Companies, prepared with guidance from the United Nations Human Rights Council. The objective of this proposed convention is to provide a universal framework to regulate these companies.The United Nations Regional Center for Peace, Disarmament and Development in Latin America and the Caribbean (UNLIREC has studied this Proposed Convention and contrasted it with existing national regulations. The objective of this study is to identify whether and how States already comply with some of the provisions contained in this proposal.Based on the study of national private security law, UNLIREC has contrasted it with the Convention Proposal identifying the different items in this document that are referred to in the different national regulations from various countries in Latin America and the Caribbean.As a result of this legal contrast, it can be observed that laws in some States in the region include significant legal aspects put forth in the Proposed Convention, such as licenses, registry and training. Other States go beyond that, stipulating specific regulations that can be noted. Others, on the contrary, lack any provisions regarding control and regulation of private security providers.DOI: http://dx.doi.org/10.5377/rpsp.v1i1.1392

  3. Summary of The 3rd Control System Cyber-Security (CS)2/HEP Workshop

    CERN Document Server

    Lüders, S

    2011-01-01

    Over the last decade modern accelerator and experiment control systems have increasingly been based on commercial-off-the-shelf products (VME crates, programmable logic controllers (PLCs), supervisory control and data acquisition (SCADA) systems, etc.), on Windows or Linux PCs, and on communication infrastructures using Ethernet and TCP/IP. Despite the benefits coming with this (r)evolution, new vulnerabilities are inherited, too: Worms and viruses spread within seconds via the Ethernet cable, and attackers are becoming interested in control systems. The Stuxnet worm of 2010 against a particular Siemens PLC is a unique example for a sophisticated attack against control systems [1]. Unfortunately, control PCs cannot be patched as fast as office PCs. Even worse, vulnerability scans at CERN using standard IT tools have shown that commercial automation systems lack fundamental security precautions: Some systems crashed during the scan, others could easily be stopped or their process data being ...

  4. Control and Communication for a Secure and Reconfigurable Power Distribution System

    Science.gov (United States)

    Giacomoni, Anthony Michael

    A major transformation is taking place throughout the electric power industry to overlay existing electric infrastructure with advanced sensing, communications, and control system technologies. This transformation to a smart grid promises to enhance system efficiency, increase system reliability, support the electrification of transportation, and provide customers with greater control over their electricity consumption. Upgrading control and communication systems for the end-to-end electric power grid, however, will present many new security challenges that must be dealt with before extensive deployment and implementation of these technologies can begin. In this dissertation, a comprehensive systems approach is taken to minimize and prevent cyber-physical disturbances to electric power distribution systems using sensing, communications, and control system technologies. To accomplish this task, an intelligent distributed secure control (IDSC) architecture is presented and validated in silico for distribution systems to provide greater adaptive protection, with the ability to proactively reconfigure, and rapidly respond to disturbances. Detailed descriptions of functionalities at each layer of the architecture as well as the whole system are provided. To compare the performance of the IDSC architecture with that of other control architectures, an original simulation methodology is developed. The simulation model integrates aspects of cyber-physical security, dynamic price and demand response, sensing, communications, intermittent distributed energy resources (DERs), and dynamic optimization and reconfiguration. Applying this comprehensive systems approach, performance results for the IEEE 123 node test feeder are simulated and analyzed. The results show the trade-offs between system reliability, operational constraints, and costs for several control architectures and optimization algorithms. Additional simulation results are also provided. In particular, the

  5. A Pilot Randomized Controlled Trial of Novel Dressing and Securement Techniques in 101 Pediatric Patients.

    Science.gov (United States)

    Kleidon, Tricia M; Ullman, Amanda J; Gibson, Victoria; Chaseling, Brett; Schoutrop, Jason; Mihala, Gabor; Rickard, Claire M

    2017-11-01

    To evaluate feasibility of an efficacy trial comparing peripherally inserted central catheter (PICC) dressing and securement techniques to prevent complications and failure. This pilot, 3-armed, randomized controlled trial was undertaken at Royal Children's Hospital and Lady Cilento Children's Hospital, Brisbane, Australia, between April 2014 and September 2015. Pediatric participants (N = 101; age range, 0-18 y) were assigned to standard care (bordered polyurethane [BPU] dressing, sutureless securement device), tissue adhesive (TA) (plus BPU dressing), or integrated securement dressings (ISDs). Average PICC dwell time was 8.1 days (range, 0.2-27.7 d). Primary outcome was trial feasibility including PICC failure. Secondary outcomes were PICC complications, dressing performance, and parent and staff satisfaction. Protocol feasibility was established. PICC failure was 6% (2/32) with standard care, 6% (2/31) with ISD, and 3% (1/32) with TA. PICC complications were 16% across all groups. TA provided immediate postoperative hemostasis, prolonging the first dressing change until 5.5 days compared with 3.5 days and 2.5 days with standard care and ISD respectively. Bleeding was the most common reason for first dressing change: standard care (n = 18; 75%), ISD (n = 11; 69%), TA (n = 4; 27%). Parental satisfaction (median 9.7/10; P = .006) and staff feedback (9.2/10; P = .002) were most positive for ISD. This research suggests safety and acceptability of different securement dressings compared with standard care; securement dressings may also reduce dressing changes after insertion. Further research is required to confirm clinically cost-effective methods to prevent PICC failure. Copyright © 2017 SIR. Published by Elsevier Inc. All rights reserved.

  6. Programmable Logic Controllers for Research on the Cyber Security of Industrial Power Plants

    Science.gov (United States)

    2017-02-12

    any commercial carriers for shipment of the Goods . WESCO will use its reasonable efforts to comply with Buyer’s requests as to method and route of...and includes a small electrical substation control environment. The lab has already been used to support the research of the PI and his student ...large gToup of gTaduate and undergTadnatc students . The PI is also dcvclopiug a course on control systems security, and t lms wi ll use the lab to

  7. Study on Mandatory Access Control in a Secure Database Management System

    Institute of Scientific and Technical Information of China (English)

    2001-01-01

    This paper proposes a security policy model for mandatory access control in class B1 database management system whose level of labeling is tuple. The relation-hierarchical data model is extended to multilevel relation-hierarchical data model. Based on the multilevel relation-hierarchical data model, the concept of upper-lower layer relational integrity is presented after we analyze and eliminate the covert channels caused by the database integrity. Two SQL statements are extended to process polyinstantiation in the multilevel secure environment. The system is based on the multilevel relation-hierarchical data model and is capable of integratively storing and manipulating multilevel complicated objects (e. g., multilevel spatial data) and multilevel conventional data ( e. g., integer. real number and character string).

  8. Android Security Framework: Enabling Generic and Extensible Access Control on Android

    OpenAIRE

    Backes, Michael; Bugiel, Sven; Gerling, Sebastian; von Styp-Rekowsky, Philipp

    2014-01-01

    We introduce the Android Security Framework (ASF), a generic, extensible security framework for Android that enables the development and integration of a wide spectrum of security models in form of code-based security modules. The design of ASF reflects lessons learned from the literature on established security frameworks (such as Linux Security Modules or the BSD MAC Framework) and intertwines them with the particular requirements and challenges from the design of Android's software stack. ...

  9. Patient-Controlled Attribute-Based Encryption for Secure Electronic Health Records System.

    Science.gov (United States)

    Eom, Jieun; Lee, Dong Hoon; Lee, Kwangsu

    2016-12-01

    In recent years, many countries have been trying to integrate electronic health data managed by each hospital to offer more efficient healthcare services. Since health data contain sensitive information of patients, there have been much research that present privacy preserving mechanisms. However, existing studies either require a patient to perform various steps to secure the data or restrict the patient to exerting control over the data. In this paper, we propose patient-controlled attribute-based encryption, which enables a patient (a data owner) to control access to the health data and reduces the operational burden for the patient, simultaneously. With our method, the patient has powerful control capability of his/her own health data in that he/she has the final say on the access with time limitation. In addition, our scheme provides emergency medical services which allow the emergency staffs to access the health data without the patient's permission only in the case of emergencies. We prove that our scheme is secure under cryptographic assumptions and analyze its efficiency from the patient's perspective.

  10. Health Information System Role-Based Access Control Current Security Trends and Challenges.

    Science.gov (United States)

    de Carvalho Junior, Marcelo Antonio; Bandiera-Paiva, Paulo

    2018-01-01

    This article objective is to highlight implementation characteristics, concerns, or limitations over role-based access control (RBAC) use on health information system (HIS) using industry-focused literature review of current publishing for that purpose. Based on the findings, assessment for indication of RBAC is obsolete considering HIS authorization control needs. We have selected articles related to our investigation theme "RBAC trends and limitations" in 4 different sources related to health informatics or to the engineering technical field. To do so, we have applied the following search query string: "Role-Based Access Control" OR "RBAC" AND "Health information System" OR "EHR" AND "Trends" OR "Challenges" OR "Security" OR "Authorization" OR "Attacks" OR "Permission Assignment" OR "Permission Relation" OR "Permission Mapping" OR "Constraint". We followed PRISMA applicable flow and general methodology used on software engineering for systematic review. 20 articles were selected after applying inclusion and exclusion criteria resulting contributions from 10 different countries. 17 articles advocate RBAC adaptations. The main security trends and limitations mapped were related to emergency access, grant delegation, and interdomain access control. Several publishing proposed RBAC adaptations and enhancements in order to cope current HIS use characteristics. Most of the existent RBAC studies are not related to health informatics industry though. There is no clear indication of RBAC obsolescence for HIS use.

  11. A randomized controlled trial comparing Circle of Security Intervention and treatment as usual as interventions to increase attachment security in infants of mentally ill mothers: Study Protocol.

    Science.gov (United States)

    Ramsauer, Brigitte; Lotzin, Annett; Mühlhan, Christine; Romer, Georg; Nolte, Tobias; Fonagy, Peter; Powell, Bert

    2014-01-30

    Psychopathology in women after childbirth represents a significant risk factor for parenting and infant mental health. Regarding child development, these infants are at increased risk for developing unfavorable attachment strategies to their mothers and for subsequent behavioral, emotional and cognitive impairments throughout childhood. To date, the specific efficacy of an early attachment-based parenting group intervention under standard clinical outpatient conditions, and the moderators and mediators that promote attachment security in infants of mentally ill mothers, have been poorly evaluated. This randomized controlled clinical trial tests whether promoting attachment security in infancy with the Circle of Security (COS) Intervention will result in a higher rate of securely attached children compared to treatment as usual (TAU). Furthermore, we will determine whether the distributions of securely attached children are moderated or mediated by variations in maternal sensitivity, mentalizing, attachment representations, and psychopathology obtained at baseline and at follow-up. We plan to recruit 80 mother-infant dyads when infants are aged 4-9 months with 40 dyads being randomized to each treatment arm. Infants and mothers will be reassessed when the children are 16-18 months of age. Methodological aspects of the study are systematic recruitment and randomization, explicit inclusion and exclusion criteria, research assessors and coders blinded to treatment allocation, advanced statistical analysis, manualized treatment protocols and assessments of treatment adherence and integrity. The aim of this clinical trial is to determine whether there are specific effects of an attachment-based intervention that promotes attachment security in infants. Additionally, we anticipate being able to utilize data on maternal and child outcome measures to obtain preliminary indications about potential moderators of the intervention and inform hypotheses about which intervention

  12. Report: EPA Should Improve Management Practices and Security Controls for Its Network Directory Service System and Related Servers

    Science.gov (United States)

    Report #12-P-0836, September 20, 2012. EPA's OEI is not managing key system management documentation, system administration functions, the granting and monitoring of privileged accounts, and the application of security controls associated with its DSS.

  13. Communications and Information: Strategic Automated Command Control System-Data Transmission Subsystem (SACCS-DTS) Network Security Program. Volume 2

    National Research Council Canada - National Science Library

    1997-01-01

    ...) Systems, and 33-2, Information Protection. This instruction prescribes the requirements, responsibilities and procedures for the security program for the Strategic Automated Command Control System-Data Transmission Subsystem (SACCS-DTS...

  14. Security Implications of OPC, OLE, DCOM, and RPC in Control Systems

    Energy Technology Data Exchange (ETDEWEB)

    2006-01-01

    OPC is a collection of software programming standards and interfaces used in the process control industry. It is intended to provide open connectivity and vendor equipment interoperability. The use of OPC technology simplifies the development of control systems that integrate components from multiple vendors and support multiple control protocols. OPC-compliant products are available from most control system vendors, and are widely used in the process control industry. OPC was originally known as OLE for Process Control; the first standards for OPC were based on underlying services in the Microsoft Windows computing environment. These underlying services (OLE [Object Linking and Embedding], DCOM [Distributed Component Object Model], and RPC [Remote Procedure Call]) have been the source of many severe security vulnerabilities. It is not feasible to automatically apply vendor patches and service packs to mitigate these vulnerabilities in a control systems environment. Control systems using the original OPC data access technology can thus inherit the vulnerabilities associated with these services. Current OPC standardization efforts are moving away from the original focus on Microsoft protocols, with a distinct trend toward web-based protocols that are independent of any particular operating system. However, the installed base of OPC equipment consists mainly of legacy implementations of the OLE for Process Control protocols.

  15. Approaches to regional security and arms control in North-East Asia: Tasks ahead

    International Nuclear Information System (INIS)

    Lee Seo-Hang

    1992-01-01

    In order to pave the way towards regional security and arms control in North-East Asia, one of the outstanding issues left over from the cold war, that is, the question of a divided Korea-must be solved first. In settling the Korean problem, the importance of the bilateral negotiation between the parties in direct conflict can never be overemphasized. Over the past few years, fortunately, there has been an accumulation of developments that would have a positive effect on the improvement of inter-Korean relations and peaceful unification of the peninsula. In this sense, the first challenge for the two Koreas is to fulfil the pledges that they committed in the agreements. Concluding agreements is only a first step. They must be implemented fully both in letter and in spirit. Only upon the sincere and complete translation of the agreements into action can the two Koreas establish a solid peace system and move towards unification. This fulfilment will eventually contribute to security and stability in North-East Asia. To emphasize the importance of bilateral negotiation between the two Koreas is not necessarily to exclude the role of external Powers. The four major Powers in North-East Asia-China, Japan, Russia and the United States - could support the South-North dialogue, help ease tensions, facilitate discussion of common security concerns and possibly guarantee the outcomes negotiated between the two Koreas. By fostering bilateral negotiation between the parties to the conflict, they could contribute to enhancing security, confidence and disarmament in the region. At this moment, the most urgent task in the Korean peninsula relates to the problem of Pyongyang's nuclear weapons programme. To solve the nuclear problem, a significant progress on mutual reciprocal inspections must be made immediately in accordance with the wordings of the Declaration. Mutual inspection will test whether Pyongyang intends to go towards nuclear weapons, or away from them and towards

  16. Security guide for subcontractors

    Energy Technology Data Exchange (ETDEWEB)

    Adams, R.C.

    1991-01-01

    This security guide of the Department of Energy covers contractor and subcontractor access to DOE and Mound facilities. The topics of the security guide include responsibilities, physical barriers, personnel identification system, personnel and vehicular access controls, classified document control, protecting classified matter in use, storing classified matter repository combinations, violations, security education clearance terminations, security infractions, classified information nondisclosure agreement, personnel security clearances, visitor control, travel to communist-controlled or sensitive countries, shipment security, and surreptitious listening devices.

  17. Fault-tolerant controlled quantum secure direct communication over a collective quantum noise channel

    International Nuclear Information System (INIS)

    Yang, Chun-Wei; Hwang, Tzonelih; Tsai, Chia-Wei

    2014-01-01

    This work proposes controlled quantum secure direct communication (CQSDC) over an ideal channel. Based on the proposed CQSDC, two fault-tolerant CQSDC protocols that are robust under two kinds of collective noises, collective-dephasing noise and collective-rotation noise, respectively, are constructed. Due to the use of quantum entanglement of the Bell state (or logical Bell state) as well as dense coding, the proposed protocols provide easier implementation as well as better qubit efficiency than other CQSDC protocols. Furthermore, the proposed protocols are also free from correlation-elicitation attack and other well-known attacks. (paper)

  18. Available transfer capability evaluation and enhancement using various FACTS controllers: Special focus on system security

    Directory of Open Access Journals (Sweden)

    M. Venkateswara Rao

    2016-03-01

    Full Text Available Nowadays, because of the deregulation of the power industry the continuous increase of the load increases the necessity of calculation of available transfer capability (ATC of a system to analyze the system security. With this calculation, the scheduling of generator can be decided to decrease the system severity. Further, constructing new transmission lines, new substations are very cost effective to meet the increasing load and to increase the transfer capability. Hence, an alternative way to increase the transfer capability is use of flexible ac transmission system (FACTS controllers. In this paper, SSSC, STACOM and UPFC are considered to show the effect of these controllers in enhancing system ATC. For this, a novel current based modeling and optimal location strategy of these controllers are presented. The proposed methodology is tested on standard IEEE-30 bus and IEEE-57 bus test systems with supporting numerical and graphical results.

  19. AN ANALYSIS OF TECHNICAL SECURITY CONTROL REQUIREMENTS FOR DIGITAL I&C SYSTEMS IN NUCLEAR POWER PLANTS

    Directory of Open Access Journals (Sweden)

    JAE-GU SONG

    2013-10-01

    Full Text Available Instrumentation and control systems in nuclear power plants have been digitalized for the purpose of maintenance and precise operation. This digitalization, however, brings out issues related to cyber security. In the most recent past, international standard organizations, regulatory institutes, and research institutes have performed a number of studies addressing these systems cyber security. In order to provide information helpful to the system designers in their application of cyber security for the systems, this paper presents methods and considerations to define attack vectors in a target system, to review and select the requirements in the Regulatory Guide 5.71, and to integrate the results to identify applicable technical security control requirements. In this study, attack vectors are analyzed through the vulnerability analyses and penetration tests with a simplified safety system, and the elements of critical digital assets acting as attack vectors are identified. Among the security control requirements listed in Appendices B and C to Regulatory Guide 5.71, those that should be implemented into the systems are selected and classified in groups of technical security control requirements using the results of the attack vector analysis. For the attack vector elements of critical digital assets, all the technical security control requirements are evaluated to determine whether they are applicable and effective, and considerations in this evaluation are also discussed. The technical security control requirements in three important categories of access control, monitoring and logging, and encryption are derived and grouped according to the elements of attack vectors as results for the sample safety system.

  20. Nuclear Security Systems and Measures for the Detection of Nuclear and Other Radioactive Material out of Regulatory Control. Implementing Guide

    International Nuclear Information System (INIS)

    2013-01-01

    Nuclear terrorism and the illicit trafficking of nuclear and other radioactive material threaten the security of all States. There are large quantities of diverse radioactive material in existence, which are used in areas such as health, the environment, agriculture and industry. The possibility that nuclear and other radioactive material may be used for terrorist acts cannot be ruled out in the current global situation. States have responded to this risk by engaging in a collective commitment to strengthen the protection and control of such material, and to establish capabilities for detection and response to nuclear and other radioactive material out of regulatory control. Through its nuclear security programme, the IAEA supports States to establish, maintain and sustain an effective nuclear security regime. The IAEA has adopted a comprehensive approach to nuclear security. This approach recognizes that an effective national nuclear security regime builds on: the implementation of relevant international legal instruments; information protection; physical protection; material accounting and control; detection of and response to trafficking in nuclear and other radioactive material; national response plans; and contingency measures. Within its nuclear security programme, the IAEA aims to assist States in implementing and sustaining such a regime in a coherent and integrated manner. Each State carries the full responsibility for nuclear security, specifically: to provide for the security of nuclear and other radioactive material and associated facilities and activities; to ensure the security of such material in use, storage or in transport; to combat illicit trafficking; and to detect and respond to nuclear security events. This is an Implementing Guide on nuclear security systems and measures for the detection of nuclear and other radioactive material out of regulatory control. The objective of the publication is to provide guidance to Member States for the

  1. PREFACE: 1st International Conference on Sensing for Industry, Control, Communication & Security Technologies

    Science.gov (United States)

    Shuja Syed, Ahmed

    2013-12-01

    The 1st International Conference on Sensing for Industry, Control, Communication & Security Technologies (ICSICCST-2013), took place in Karachi, Pakistan, from 24-26 June 2013. It was organized by Indus University, Karachi, in collaboration with HEJ Research Institute of Chemistry, University of Karachi, Karachi. More than 80 abstracts were submitted to the conference and were double blind-reviewed by an international scientific committee. The topics of the Conference were: Video, Image & Voice Sensing Sensing for Industry, Environment, and Health Automation and Controls Laser Sensors and Systems Displays for Innovative Applications Emerging Technologies Unmanned, Robotic, and Layered Systems Sensing for Defense, Homeland Security, and Law Enforcement The title of the conference, 'Sensing for Industry, Control, Communication & Security Technologies' is very apt in capturing the main issues facing the industry of Pakistan and the world. We believe the sensing industry, particularly in Pakistan, is currently at a critical juncture of its development. The future of the industry will depend on how the industry players choose to respond to the challenge of global competition and opportunities arising from strong growth in the Asian region for which we are pleased to note that the conference covered a comprehensive spectrum of issues with an international perspective. This will certainly assist industry players to make informed decisions in shaping the future of the industry. The conference gathered qualified researchers from developed countries like USA, UK, Sweden, Saudi Arabia, China, South Korea and Malaysia etc whose expertise resulting from the research can be drawn upon to build an exploitable area of new technology that has potential Defense, Homeland Security, and Military applicability. More than 250 researchers/students attended the event and made the event great success as the turnout was 100%. An exceptional line-up of speakers spoke at the occasion. We want

  2. Secure Microprocessor-Controlled Prosthetic Leg for Elderly Amputees: Preliminary Results

    Directory of Open Access Journals (Sweden)

    S. Krut

    2011-01-01

    Full Text Available We introduce a new prosthetic leg design, adapted to elderly trans-femoral amputees. Technical progress in prosthesis design mainly concerns active individuals. An important number of elderly amputees are not very mobile, tire easily, present reduced muscle strength, and have difficulties managing their balance. Therefore, the needs and characteristics of this specific population are very different from those of younger ones and the prosthetic solutions are not adapted. Our artificial knee has been designed to fulfill the specific requirements of this population in terms of capabilities, transfer assistance, security, intuitiveness, simplicity of use, and types of physical activity to be performed. We particularly focused our efforts on ensuring safe and secure stand-to-sit transfers. We developed an approach to control the different states of the prosthetic joint (blocked, free, resistant, associated with different physical activities. Amputee posture and motion are observed through a single multi-axis force sensor embedded in the prosthesis. The patient behaves naturally, while the controller analyses his movements in order to detect his intention to sit down. The detection algorithm is based on a reference pattern, calibrated individually, to which the sensor data are compared, and submitted to a set of tests allowing the discrimination of the intention to sit down from other activities. Preliminary validation of the system has been performed in order to verify the applicability of the prosthesis to different tasks: walking, standing, sitting down, standing up, picking up an object from a chair, slope and stair climbing.

  3. Provably Secure Heterogeneous Access Control Scheme for Wireless Body Area Network.

    Science.gov (United States)

    Omala, Anyembe Andrew; Mbandu, Angolo Shem; Mutiria, Kamenyi Domenic; Jin, Chunhua; Li, Fagen

    2018-04-28

    Wireless body area network (WBAN) provides a medium through which physiological information could be harvested and transmitted to application provider (AP) in real time. Integrating WBAN in a heterogeneous Internet of Things (IoT) ecosystem would enable an AP to monitor patients from anywhere and at anytime. However, the IoT roadmap of interconnected 'Things' is still faced with many challenges. One of the challenges in healthcare is security and privacy of streamed medical data from heterogeneously networked devices. In this paper, we first propose a heterogeneous signcryption scheme where a sender is in a certificateless cryptographic (CLC) environment while a receiver is in identity-based cryptographic (IBC) environment. We then use this scheme to design a heterogeneous access control protocol. Formal security proof for indistinguishability against adaptive chosen ciphertext attack and unforgeability against adaptive chosen message attack in random oracle model is presented. In comparison with some of the existing access control schemes, our scheme has lower computation and communication cost.

  4. SmartVeh: Secure and Efficient Message Access Control and Authentication for Vehicular Cloud Computing.

    Science.gov (United States)

    Huang, Qinlong; Yang, Yixian; Shi, Yuxiang

    2018-02-24

    With the growing number of vehicles and popularity of various services in vehicular cloud computing (VCC), message exchanging among vehicles under traffic conditions and in emergency situations is one of the most pressing demands, and has attracted significant attention. However, it is an important challenge to authenticate the legitimate sources of broadcast messages and achieve fine-grained message access control. In this work, we propose SmartVeh, a secure and efficient message access control and authentication scheme in VCC. A hierarchical, attribute-based encryption technique is utilized to achieve fine-grained and flexible message sharing, which ensures that vehicles whose persistent or dynamic attributes satisfy the access policies can access the broadcast message with equipped on-board units (OBUs). Message authentication is enforced by integrating an attribute-based signature, which achieves message authentication and maintains the anonymity of the vehicles. In order to reduce the computations of the OBUs in the vehicles, we outsource the heavy computations of encryption, decryption and signing to a cloud server and road-side units. The theoretical analysis and simulation results reveal that our secure and efficient scheme is suitable for VCC.

  5. Multi-Agent System based Event-Triggered Hybrid Controls for High-Security Hybrid Energy Generation Systems

    DEFF Research Database (Denmark)

    Dou, Chun-Xia; Yue, Dong; Guerrero, Josep M.

    2017-01-01

    This paper proposes multi-agent system based event- triggered hybrid controls for guaranteeing energy supply of a hybrid energy generation system with high security. First, a mul-ti-agent system is constituted by an upper-level central coordi-nated control agent combined with several lower......-level unit agents. Each lower-level unit agent is responsible for dealing with internal switching control and distributed dynamic regula-tion for its unit system. The upper-level agent implements coor-dinated switching control to guarantee the power supply of over-all system with high security. The internal...

  6. Power system security enhancement through direct non-disruptive load control

    Science.gov (United States)

    Ramanathan, Badri Narayanan

    The transition to a competitive market structure raises significant concerns regarding reliability of the power grid. A need to build tools for security assessment that produce operating limit boundaries for both static and dynamic contingencies is recognized. Besides, an increase in overall uncertainty in operating conditions makes corrective actions at times ineffective leaving the system vulnerable to instability. The tools that are in place for stability enhancement are mostly corrective and suffer from lack of robustness to operating condition changes. They often pose serious coordination challenges. With deregulation, there have also been ownership and responsibility issues associated with stability controls. However, the changing utility business model and the developments in enabling technologies such as two-way communication, metering, and control open up several new possibilities for power system security enhancement. This research proposes preventive modulation of selected loads through direct control for power system security enhancement. Two main contributions of this research are the following: development of an analysis framework and two conceptually different analysis approaches for load modulation to enhance oscillatory stability, and the development and study of algorithms for real-time modulation of thermostatic loads. The underlying analysis framework is based on the Structured Singular Value (SSV or mu) theory. Based on the above framework, two fundamentally different approaches towards analysis of the amount of load modulation for desired stability performance have been developed. Both the approaches have been tested on two different test systems: CIGRE Nordic test system and an equivalent of the Western Electric Coordinating Council test system. This research also develops algorithms for real-time modulation of thermostatic loads that use the results of the analysis. In line with some recent load management programs executed by utilities, two

  7. Secure estimation, control and optimization of uncertain cyber-physical systems with applications to power networks

    Science.gov (United States)

    Taha, Ahmad Fayez

    Transportation networks, wearable devices, energy systems, and the book you are reading now are all ubiquitous cyber-physical systems (CPS). These inherently uncertain systems combine physical phenomena with communication, data processing, control and optimization. Many CPSs are controlled and monitored by real-time control systems that use communication networks to transmit and receive data from systems modeled by physical processes. Existing studies have addressed a breadth of challenges related to the design of CPSs. However, there is a lack of studies on uncertain CPSs subject to dynamic unknown inputs and cyber-attacks---an artifact of the insertion of communication networks and the growing complexity of CPSs. The objective of this dissertation is to create secure, computational foundations for uncertain CPSs by establishing a framework to control, estimate and optimize the operation of these systems. With major emphasis on power networks, the dissertation deals with the design of secure computational methods for uncertain CPSs, focusing on three crucial issues---(1) cyber-security and risk-mitigation, (2) network-induced time-delays and perturbations and (3) the encompassed extreme time-scales. The dissertation consists of four parts. In the first part, we investigate dynamic state estimation (DSE) methods and rigorously examine the strengths and weaknesses of the proposed routines under dynamic attack-vectors and unknown inputs. In the second part, and utilizing high-frequency measurements in smart grids and the developed DSE methods in the first part, we present a risk mitigation strategy that minimizes the encountered threat levels, while ensuring the continual observability of the system through available, safe measurements. The developed methods in the first two parts rely on the assumption that the uncertain CPS is not experiencing time-delays, an assumption that might fail under certain conditions. To overcome this challenge, networked unknown input

  8. On shaky ground - A study of security vulnerabilities in control protocols

    Energy Technology Data Exchange (ETDEWEB)

    Byres, E. J. [Wurldtech Research Inc., 7178 Lancrest Tr., Lantzville, BC V0R 2H0 (Canada); Huffman, D. [Wurldtech Analytics Inc., 208-1040 Hamilton St., Vancouver, BC V6B 2R9 (Canada); Kube, N. [Univ. of Victoria, Dept. of Computer Science, PO Box 3055 STN CSC, Victoria BC V8W 3P6 (Canada)

    2006-07-01

    The recent introduction of information technologies such as Ethernet R into nuclear industry control devices has resulted in significantly less isolation from the outside world. This raises the question of whether these systems could be attacked by malware, network hackers or professional criminals to cause disruption to critical operations in a manner similar to the impacts now felt in the business world. To help answer this question, a study was undertaken to test a representative control protocol to determine if it had vulnerabilities that could be exploited. A framework was created in which a test could express a large number of test cases in very compact formal language. This in turn, allowed for the economical automation of both the generation of selectively malformed protocol traffic and the measurement of device under test's (DUT) behavior in response to this traffic. Approximately 5000 protocol conformance tests were run against two major brands of industrial controller. More than 60 categories of errors were discovered, the majority of which were in the form of incorrect error responses to malformed traffic. Several malformed packets however, caused the device to respond or communicate in inappropriate ways. These would be relatively simple for an attacker to inject into a system and could result in the plant operator losing complete view or control of the control device. Based on this relatively small set of devices, we believe that the nuclear industry urgently needs to adopt better security robustness testing of control devices as standard practice. (authors)

  9. On shaky ground - A study of security vulnerabilities in control protocols

    International Nuclear Information System (INIS)

    Byres, E. J.; Huffman, D.; Kube, N.

    2006-01-01

    The recent introduction of information technologies such as Ethernet R into nuclear industry control devices has resulted in significantly less isolation from the outside world. This raises the question of whether these systems could be attacked by malware, network hackers or professional criminals to cause disruption to critical operations in a manner similar to the impacts now felt in the business world. To help answer this question, a study was undertaken to test a representative control protocol to determine if it had vulnerabilities that could be exploited. A framework was created in which a test could express a large number of test cases in very compact formal language. This in turn, allowed for the economical automation of both the generation of selectively malformed protocol traffic and the measurement of device under test's (DUT) behavior in response to this traffic. Approximately 5000 protocol conformance tests were run against two major brands of industrial controller. More than 60 categories of errors were discovered, the majority of which were in the form of incorrect error responses to malformed traffic. Several malformed packets however, caused the device to respond or communicate in inappropriate ways. These would be relatively simple for an attacker to inject into a system and could result in the plant operator losing complete view or control of the control device. Based on this relatively small set of devices, we believe that the nuclear industry urgently needs to adopt better security robustness testing of control devices as standard practice. (authors)

  10. Risk Informed Approach for Nuclear Security Measures for Nuclear and Other Radioactive Material out of Regulatory Control. Implementing Guide

    International Nuclear Information System (INIS)

    2015-01-01

    This publication provides guidance to States for developing a risk informed approach and for conducting threat and risk assessments as the basis for the design and implementation of sustainable nuclear security systems and measures for prevention of, detection of, and response to criminal and intentional unauthorised acts involving nuclear and other radioactive material out of regulatory control. It describes concepts and methodologies for a risk informed approach, including identification and assessment of threats, targets, and potential consequences; threat and risk assessment methodologies, and the use of risk informed approaches as the basis for informing the development and implementation of nuclear security systems and measures. The publication is an Implementing Guide within the IAEA Nuclear Security Series and is intended for use by national policy makers, law enforcement agencies and experts from competent authorities and other relevant organizations involved in the establishment, implementation, maintenance or sustainability of nuclear security systems and measures related to nuclear and other radioactive material out of regulatory control

  11. Parliamentary control of the security sector of the Republic of Macedonia as a precondition for the development of democratic society

    OpenAIRE

    Muaremoska Abduli, Sevilj; Racaj, Muhamet

    2017-01-01

    The efforts to establish a democratic legal order in the period immediately after the Republic of Macedonia gained its independence in the area of the security sector institutions were carried out with more or less pronounced difficulties. That, more than ever, imposed the need for establishment of parliamentary and other forms of democratic control and monitoring of the work of the security sector institutions, as these institutions are essentially considered as the most conservative and tou...

  12. The Dynamic VPN Controller. Secure Information Sharing in a Coalition Environment

    Science.gov (United States)

    2005-03-01

    coalitionName=" COALA "> <Security>Class A</Security> <Site siteName="SITE1"> <Remote> <Hostname>dvc.site1.com</Hostname> <IPAddress...34 COALA "> <Security>Class A</Security> <Site siteName="SITE1"> <Remote> <Hostname>dvc.site1.com</Hostname> <IPAddress>10.1.1.1

  13. 45 CFR 2508.9 - What officials are responsible for the security, management and control of Corporation record...

    Science.gov (United States)

    2010-10-01

    ..., management and control of Corporation record keeping systems? 2508.9 Section 2508.9 Public Welfare... IMPLEMENTATION OF THE PRIVACY ACT OF 1974 § 2508.9 What officials are responsible for the security, management and control of Corporation record keeping systems? (a) The Director of Administration and Management...

  14. Effective Remote Control of Several Outdoor Security Lights by SMS and Wifi Technology

    Directory of Open Access Journals (Sweden)

    M. F. Akorede

    2017-08-01

    Full Text Available The aim of this study was to design and develop a control system using Short Message Service (SMS and wireless networking (WiFi technology to remotely control outdoor security lights in large organisations. The device comprises four main units, namely: the mobile phone or a computer system, the Global System for Mobile communication (GSM modem, the switching unit and the WiFi module. One feature that makes the developed system better than other related existing works is its ability to use two means of control. It makes use of WiFi when the operator is within the coverage area of the network of about 100 m to the device, at no cost, otherwise it uses SMS containing certain codes to control the lights. A Subscriber Identity Module (SIM card is placed in the GSM modem and SMS from the transmitter are sent to that mobile number. The module is also constantly checked by the microcontroller unit, processes the information, extracts the message and command from the GSM modem and WiFi module respectively and then acts accordingly. Owing to its simplicity, C programming is used to programme the microcontroller. The developed device when tested with three lighting points operating on 230V power supply, gives an impressive performance in terms of accuracy and promptness with both SMS and WiFi technology.

  15. Secure access control and large scale robust representation for online multimedia event detection.

    Science.gov (United States)

    Liu, Changyu; Lu, Bin; Li, Huiling

    2014-01-01

    We developed an online multimedia event detection (MED) system. However, there are a secure access control issue and a large scale robust representation issue when we want to integrate traditional event detection algorithms into the online environment. For the first issue, we proposed a tree proxy-based and service-oriented access control (TPSAC) model based on the traditional role based access control model. Verification experiments were conducted on the CloudSim simulation platform, and the results showed that the TPSAC model is suitable for the access control of dynamic online environments. For the second issue, inspired by the object-bank scene descriptor, we proposed a 1000-object-bank (1000OBK) event descriptor. Feature vectors of the 1000OBK were extracted from response pyramids of 1000 generic object detectors which were trained on standard annotated image datasets, such as the ImageNet dataset. A spatial bag of words tiling approach was then adopted to encode these feature vectors for bridging the gap between the objects and events. Furthermore, we performed experiments in the context of event classification on the challenging TRECVID MED 2012 dataset, and the results showed that the robust 1000OBK event descriptor outperforms the state-of-the-art approaches.

  16. Secure Access Control and Large Scale Robust Representation for Online Multimedia Event Detection

    Directory of Open Access Journals (Sweden)

    Changyu Liu

    2014-01-01

    Full Text Available We developed an online multimedia event detection (MED system. However, there are a secure access control issue and a large scale robust representation issue when we want to integrate traditional event detection algorithms into the online environment. For the first issue, we proposed a tree proxy-based and service-oriented access control (TPSAC model based on the traditional role based access control model. Verification experiments were conducted on the CloudSim simulation platform, and the results showed that the TPSAC model is suitable for the access control of dynamic online environments. For the second issue, inspired by the object-bank scene descriptor, we proposed a 1000-object-bank (1000OBK event descriptor. Feature vectors of the 1000OBK were extracted from response pyramids of 1000 generic object detectors which were trained on standard annotated image datasets, such as the ImageNet dataset. A spatial bag of words tiling approach was then adopted to encode these feature vectors for bridging the gap between the objects and events. Furthermore, we performed experiments in the context of event classification on the challenging TRECVID MED 2012 dataset, and the results showed that the robust 1000OBK event descriptor outperforms the state-of-the-art approaches.

  17. Use of Nuclear Material Accounting and Control for Nuclear Security Purposes at Facilities. Implementing Guide

    International Nuclear Information System (INIS)

    2015-01-01

    Nuclear material accounting and control (NMAC) works in a complementary fashion with the international safeguards programme and physical protection systems to help prevent, deter or detect the unauthorized acquisition and use of nuclear materials. These three methodologies are employed by Member States to defend against external threats, internal threats and both state actors and non-state actors. This publication offers guidance for implementing NMAC measures for nuclear security at the nuclear facility level. It focuses on measures to mitigate the risk posed by insider threats and describes elements of a programme that can be implemented at a nuclear facility in coordination with the physical protection system for the purpose of deterring and detecting unauthorized removal of nuclear material

  18. NATO Advanced Study Institute on Laser Control & Monitoring in New Materials, Biomedicine, Environment, Security & Defense

    CERN Document Server

    Hall, Trevor J; Paredes, Sofia A; Extreme Photonics & Applications

    2010-01-01

    "Extreme Photonics & Applications" arises from the 2008 NATO Advanced Study Institute in Laser Control & Monitoring in New Materials, Biomedicine, Environment, Security and Defense. Leading experts in the manipulation of light offered by recent advances in laser physics and nanoscience were invited to give lectures in their fields of expertise and participate in discussions on current research, applications and new directions. The sum of their contributions to this book is a primer for the state of scientific knowledge and the issues within the subject of photonics taken to the extreme frontiers: molding light at the ultra-finest scales, which represents the beginning of the end to limitations in optical science for the benefit of 21st Century technological societies. Laser light is an exquisite tool for physical and chemical research. Physicists have recently developed pulsed lasers with such short durations that one laser shot takes the time of one molecular vibration or one electron rotation in an ...

  19. Control of the safety and security of radiation sources in Argentina

    International Nuclear Information System (INIS)

    Oliveira, A.A.

    2001-01-01

    The report refers to the main elements of the regulatory infrastructure in Argentina, noting as relevant the promulgation in 1997 of the Act 24.804, which established the Nuclear Regulatory Authority (ARN) as an independent agency empowered to establish standards and enforce their application with regard to the possession and use of radiation sources. Important elements of such regulatory infrastructure are described in the report, and in particular those explaining the existing licensing system, the basic radiological safety and security requirements, the enforcement programme, and the key actions considered for the appropriate control of radioactive sources. In this respect, the report emphasizes the importance of the management of disused and orphan sources, and the role of education and training. (author)

  20. Security for grids

    Energy Technology Data Exchange (ETDEWEB)

    Humphrey, Marty; Thompson, Mary R.; Jackson, Keith R.

    2005-08-14

    Securing a Grid environment presents a distinctive set of challenges. This paper groups the activities that need to be secured into four categories: naming and authentication; secure communication; trust, policy, and authorization; and enforcement of access control. It examines the current state of the art in securing these processes and introduces new technologies that promise to meet the security requirements of Grids more completely.

  1. Supervisory Control and Data Acquisition (SCADA) Systems and Cyber-Security: Best Practices to Secure Critical Infrastructure

    Science.gov (United States)

    Morsey, Christopher

    2017-01-01

    In the critical infrastructure world, many critical infrastructure sectors use a Supervisory Control and Data Acquisition (SCADA) system. The sectors that use SCADA systems are the electric power, nuclear power and water. These systems are used to control, monitor and extract data from the systems that give us all the ability to light our homes…

  2. Complementarities Between Nuclear Security, Safeguards and State System of Accounting for and Control

    International Nuclear Information System (INIS)

    Jalouneix, J.

    2010-01-01

    Nuclear security deals with prevention against theft and diversion of nuclear materials and sabotage against nuclear materials or installations. It is based on provisions of physical protection of nuclear materials and facilities complemented by: - Provisions for accounting for and control to prevent and, where appropriate, detect loss, theft or diversion of nuclear materials; - The nuclear safety provisions to protect nuclear materials and facilities against sabotage. Safeguards are based on the statements and accounting controls in the facilities. The respective aim of EURATOM and IAEA controls is to verify afterwards the respect for the declared use of materials or political commitments undertaken by States under the non-proliferation purpose. However, EURATOM and IAEA controls are not exercised at all facilities (including those working for defence purposes) or in respect of all nuclear materials subject to the French national control. In addition, these international safeguards do not deal with physical protection of nuclear materials which is the sole responsibility of the State. The state control, implemented in France, is positioned upstream to the international controls. It aims to prevent, deter and detect the loss, theft or diversion of nuclear materials in installations or during transport. It places the responsibility of a possible diversion at the operator level. It is made of different components that complement each other and form a coherent whole. This includes: - physical protection; - accounting for and control; - inspections. The physical protection system has to protect nuclear materials against a malicious act. Malicious act means a theft or diversion of nuclear material or an act of sabotage affecting nuclear materials or facilities which could lead to radiological releases into the environment. The accounting for and control system of nuclear materials has to allow the continuous and accurate knowledge of the quantity, quality and location

  3. Cyber-Physical System Security With Deceptive Virtual Hosts for Industrial Control Networks

    International Nuclear Information System (INIS)

    Vollmer, Todd; Manic, Milos

    2014-01-01

    A challenge facing industrial control network administrators is protecting the typically large number of connected assets for which they are responsible. These cyber devices may be tightly coupled with the physical processes they control and human induced failures risk dire real-world consequences. Dynamic virtual honeypots are effective tools for observing and attracting network intruder activity. This paper presents a design and implementation for self-configuring honeypots that passively examine control system network traffic and actively adapt to the observed environment. In contrast to prior work in the field, six tools were analyzed for suitability of network entity information gathering. Ettercap, an established network security tool not commonly used in this capacity, outperformed the other tools and was chosen for implementation. Utilizing Ettercap XML output, a novel four-step algorithm was developed for autonomous creation and update of a Honeyd configuration. This algorithm was tested on an existing small campus grid and sensor network by execution of a collaborative usage scenario. Automatically created virtual hosts were deployed in concert with an anomaly behavior (AB) system in an attack scenario. Virtual hosts were automatically configured with unique emulated network stack behaviors for 92% of the targeted devices. The AB system alerted on 100% of the monitored emulated devices

  4. Regional Labour Court Baden-Wuerttemberg (Mannheim), decision of November 24, 1986 (co-determination in matters of security control)

    International Nuclear Information System (INIS)

    Anon.

    1987-01-01

    In its decision of November 24, 1986, the Regional Court of Baden-Wuerttemberg deals with the direction of security controls in nuclear research plants. The co-determination of the works council in this field is excluded, if the operator is directed by the licensing authority to carry out these controls pursuant to an obligation of the operating licence according to sec. 7 and sec. 17 of the Atomic Energy Act. With regard to the security purpose in sec. 1 no. 2 Atomic Energy Act only the operator is competent to make decisions in these cases. (WG) [de

  5. Cyber security level assignment for research reactor digital instrumentation and control system architecture using concept of defense in depth

    International Nuclear Information System (INIS)

    Shin, Jin Soo; Heo, Gyun Young; Son, Han Seong; Kim, Young Ki; Park, Jaek Wan

    2012-01-01

    Due to recent aging of the analog instrumentation of many nuclear power plants (NPPs) and research reactors, the system reliability decreases while maintenance and testing costs increase. In addition, it is difficult to find the substitutable analog equipment s due to obsolescence. Therefore, the instrumentation and control (I and C) systems have changed from analog system to digital system due to these facts. With the introduction of digital systems, research reactors are forced to care for the problem of cyber attacks because I and C systems have been digitalized using networks or communication systems. Especially, it is more issued at research reactors due to the accessibility of human resources. In the real world, an IBM researcher has been successful in controlling the software by penetrating a NPPs network in U.S. on July 2008 and acquiring the control right of nuclear facilities after one week. Moreover, the malignant code called 'stuxnet' impaired the nearly 1,000 centrifugal separators in Iran according to an IAEA report. The problem of cyber attacks highlights the important of cyber security, which should be emphasized. Defense.in.depth (DID) is a significant concept for the cyber security to work properly. DID institutes and maintains a hardy program for critical digital asset (CDA) by implementing multiple security boundaries. In this work, we assign cyber security levels to a typical digital I and C system using DID concept. This work is very useful in applying the concept of DID to nuclear industry with respect to cyber security

  6. Cyber security level assignment for research reactor digital instrumentation and control system architecture using concept of defense in depth

    Energy Technology Data Exchange (ETDEWEB)

    Shin, Jin Soo; Heo, Gyun Young [Kyung Hee University, Seoul (Korea, Republic of); Son, Han Seong [Joongbu Univ., Chungnam (Korea, Republic of); Kim, Young Ki; Park, Jaek Wan [KAERI, Daejeon (Korea, Republic of)

    2012-10-15

    Due to recent aging of the analog instrumentation of many nuclear power plants (NPPs) and research reactors, the system reliability decreases while maintenance and testing costs increase. In addition, it is difficult to find the substitutable analog equipment s due to obsolescence. Therefore, the instrumentation and control (I and C) systems have changed from analog system to digital system due to these facts. With the introduction of digital systems, research reactors are forced to care for the problem of cyber attacks because I and C systems have been digitalized using networks or communication systems. Especially, it is more issued at research reactors due to the accessibility of human resources. In the real world, an IBM researcher has been successful in controlling the software by penetrating a NPPs network in U.S. on July 2008 and acquiring the control right of nuclear facilities after one week. Moreover, the malignant code called 'stuxnet' impaired the nearly 1,000 centrifugal separators in Iran according to an IAEA report. The problem of cyber attacks highlights the important of cyber security, which should be emphasized. Defense.in.depth (DID) is a significant concept for the cyber security to work properly. DID institutes and maintains a hardy program for critical digital asset (CDA) by implementing multiple security boundaries. In this work, we assign cyber security levels to a typical digital I and C system using DID concept. This work is very useful in applying the concept of DID to nuclear industry with respect to cyber security.

  7. Nudging whom how: Nudging whom how: IT proficiency, impulse control and secure behaviour

    OpenAIRE

    Jeske, Debora; Coventry, Lynne; Briggs, Pamela; van Moorsel, Aad

    2014-01-01

    This paper considers the utility of employing behavioural nudges to change security-related behaviours. We examine the possibility that the effectiveness of nudges may depend on individual user characteristics – which represents a starting point for more personalized behaviour change in security. We asked participants to select from a menu of public wireless networks, using colour and menu order to ‘nudge’ participants towards making more secure choices. The preliminary results from 67 partic...

  8. Case-control study of pleural mesothelioma in workers with social security in Mexico.

    Science.gov (United States)

    Aguilar-Madrid, Guadalupe; Robles-Pérez, Eduardo; Juárez-Pérez, Cuauhtémoc Arturo; Alvarado-Cabrero, Isabel; Rico-Méndez, Flavio Gerardo; Javier, Kelly-García

    2010-03-01

    Environmental and occupational exposure to asbestos in Mexico in the past has been a cause of deaths and health damages. Its magnitude is unknown to date. Our objective was to identify the proportion of cases of malignant pleural mesothelioma (MPM) that can be attributed to and occupational exposure to asbestos. We carried out a case-control study of MPM in 472 workers insured by the Mexican Institute of Social Security, all Valley of Mexico residents, with 119 incident cases and 353 controls. Cases were histologically confirmed. Participants were questioned concerning their occupational history and sociodemographic data. Assignment to one of the four exposures was performed qualitatively by an expert hygienist. Odds ratios (ORs) and attributable risks (ARs) were calculated using a non-conditional logistic regression model. A total of 80.6% of cases and 31.5% of controls had occupational exposure to asbestos. ORs were adjusted for age and gender and by exposure category, and exhibited an increase with probability of exposure as follows: 3.7(95% CI 1.3-10.4) for the likely category and 14.3(95% CI 8-26) for the certain category; AR in the group occupationally exposed to asbestos was 83.2%, and the population AR was 44%. Our results show that the relationship between industrial uses of all forms of asbestos is generating an increase in mesothelioma-related diseases and deaths among Mexican workers. As a public health policy, Mexico should prohibit the use of asbestos in all production processes with the aim of controlling the epidemic and preventing the occurrence of new cases of MPM. 2009 Wiley-Liss, Inc.

  9. Security infrastructures: towards the INDECT system security

    OpenAIRE

    Stoianov, Nikolai; Urueña, Manuel; Niemiec, Marcin; Machník, Petr; Maestro, Gema

    2012-01-01

    This paper provides an overview of the security infrastructures being deployed inside the INDECT project. These security infrastructures can be organized in five main areas: Public Key Infrastructure, Communication security, Cryptography security, Application security and Access control, based on certificates and smartcards. This paper presents the new ideas and deployed testbeds for these five areas. In particular, it explains the hierarchical architecture of the INDECT PKI...

  10. Security management

    International Nuclear Information System (INIS)

    Adams, H.W.

    1990-01-01

    Technical progress is moving more and more quickly and the systems thus produced are so complex and have become so unclear to the individual that he can no longer estimate the consequences: Faith in progress has given way to deep mistrust. Companies have adjusted to this change in consciousness. An interesting tendency can be identified: technical security is already available - now the organization of security has become an important objective for companies. The key message of the book is: If outworn technical systems are no longer adequate, the organization must be thoroughly overhauled. Five chapters deal with the following themes: organization as an aspect of society; risk control; aspects of security; is there security in ADP; the broader concept of security. (orig./HP) [de

  11. Security guide for subcontractors

    Energy Technology Data Exchange (ETDEWEB)

    Adams, R.C.

    1993-06-01

    This guide is provided to aid in the achievement of security objectives in the Department of Energy (DOE) contractor/subcontractor program. The objectives of security are to protect information that, if released, would endanger the common defense and security of the nation and to safeguard plants and installations of the DOE and its contractors to prevent the interruption of research and production programs. The security objective and means of achieving the objective are described. Specific security measures discussed in this guide include physical barriers, personnel identification systems, personnel and vehicular access control, classified document control, protection of classified matter in use, storing classified matter, and repository combinations. Means of dealing with security violations and security infractions are described. Maintenance of a security education program is discussed. Also discussed are methods of handling clearance terminations, visitor control, travel to sensitive countries, and shipment security. The Technical Surveillance Countermeasures Program (TSCM), the Computer Security Program, and the Operations Security Plan (OPSEC) are examined.

  12. To the Problem of Energy Security and Energy Objects Control Optimization

    International Nuclear Information System (INIS)

    Gotsiridze, A.; Abzianidze, D.

    2004-01-01

    One of the method of studying energy security of energy objects is evaluation of character and range of main safety risk influence with the help of indicator analysis. In the work is also reviewed an example of applying modern management theory to the group of tasks, connected with the optimal management of energy objects, which is the basis of their secure functioning. (authors)

  13. Deterring Cybertrespass and Securing Cyberspace: Lessons from United States Border Control Strategies

    Science.gov (United States)

    2016-12-01

    have begun discussing strategies for securing entities in cyberspace—includ- ing the files and software belonging to corporations , government...through the best strategies for deterring cyber-incursions. The immigration analogy is particularly useful for exploring how would-be intruders learn...analysis, evaluation, and refinement of professional expertise in war, strategy , operations, national security, resource management, and responsible

  14. Nonproliferation, arms control and disarmament and extended deterrence in the new security environment

    Energy Technology Data Exchange (ETDEWEB)

    Pilat, Joseph F [Los Alamos National Laboratory

    2009-01-01

    vision of a nuclear-free world is powerful, both existing nuclear powers and proliferators are unlikely to forego nuclear weapons entirely in a world that is dangerous and uncertain. And the emerging world would not necessarily be more secure and stable without nuclear weapons. Even if nuclear weapons were given up by the United States and other nuclear-weapon states, there would continue to be concerns about the proliferation of nuclear, chemical and biological weapons, which would not disappear and could worsen. WMD terrorism would remain a concern that was largely unaffected by US and other nuclear-weapon decisions. Conventional capabilities would not disappear and the prospects for warfare could rise. In addition, new problems could arise if rogue states or other non-status-quo powers attempted to take advantage of moves toward disarmament, while friends and allies who are not reassured as in the past could reconsider their options if deterrence declined. To address these challenges, non- and counter-proliferation and counterterrorismincluding defenses and consequence management-are priorities, especially in light of an anticipated 'renaissance' in civil nuclear power. The current agenda of the United States and others includes efforts to: (1) Strengthen International Atomic Energy Agency (IAEA) and its safeguards system; (2) Strengthen export controls, especially for sensitive technologies, by limiting the development of reprocessing and enrichment technologies and by requiring the Additional Protocol as a condition of supply; (3) Establish a reliable supply regime, including the possibility of multilateral or multinational ownership of fuel cycle facilities, as a means to promote nuclear energy without increasing the risks of proliferation or terrorism; (4) Implement effectively UN Security Council Resolution 1540; and (5) Strengthen and institutionalize the Proliferation Security Initiative and the Global Initiative to Combat Nuclear Terrorism. These and

  15. Nonproliferation, arms control and disarmament and extended deterrence in the new security environment

    International Nuclear Information System (INIS)

    Pilat, Joseph F.

    2009-01-01

    nuclear-free world is powerful, both existing nuclear powers and proliferators are unlikely to forego nuclear weapons entirely in a world that is dangerous and uncertain. And the emerging world would not necessarily be more secure and stable without nuclear weapons. Even if nuclear weapons were given up by the United States and other nuclear-weapon states, there would continue to be concerns about the proliferation of nuclear, chemical and biological weapons, which would not disappear and could worsen. WMD terrorism would remain a concern that was largely unaffected by US and other nuclear-weapon decisions. Conventional capabilities would not disappear and the prospects for warfare could rise. In addition, new problems could arise if rogue states or other non-status-quo powers attempted to take advantage of moves toward disarmament, while friends and allies who are not reassured as in the past could reconsider their options if deterrence declined. To address these challenges, non- and counter-proliferation and counterterrorismincluding defenses and consequence management-are priorities, especially in light of an anticipated 'renaissance' in civil nuclear power. The current agenda of the United States and others includes efforts to: (1) Strengthen International Atomic Energy Agency (IAEA) and its safeguards system; (2) Strengthen export controls, especially for sensitive technologies, by limiting the development of reprocessing and enrichment technologies and by requiring the Additional Protocol as a condition of supply; (3) Establish a reliable supply regime, including the possibility of multilateral or multinational ownership of fuel cycle facilities, as a means to promote nuclear energy without increasing the risks of proliferation or terrorism; (4) Implement effectively UN Security Council Resolution 1540; and (5) Strengthen and institutionalize the Proliferation Security Initiative and the Global Initiative to Combat Nuclear Terrorism. These and other activities are

  16. Research on Quantum Authentication Methods for the Secure Access Control Among Three Elements of Cloud Computing

    Science.gov (United States)

    Dong, Yumin; Xiao, Shufen; Ma, Hongyang; Chen, Libo

    2016-12-01

    Cloud computing and big data have become the developing engine of current information technology (IT) as a result of the rapid development of IT. However, security protection has become increasingly important for cloud computing and big data, and has become a problem that must be solved to develop cloud computing. The theft of identity authentication information remains a serious threat to the security of cloud computing. In this process, attackers intrude into cloud computing services through identity authentication information, thereby threatening the security of data from multiple perspectives. Therefore, this study proposes a model for cloud computing protection and management based on quantum authentication, introduces the principle of quantum authentication, and deduces the quantum authentication process. In theory, quantum authentication technology can be applied in cloud computing for security protection. This technology cannot be cloned; thus, it is more secure and reliable than classical methods.

  17. A Systematic Approach for Dynamic Security Assessment and the Corresponding Preventive Control Scheme Based on Decision Trees

    DEFF Research Database (Denmark)

    Liu, Leo; Sun, Kai; Rather, Zakir Hussain

    2014-01-01

    This paper proposes a decision tree (DT)-based systematic approach for cooperative online power system dynamic security assessment (DSA) and preventive control. This approach adopts a new methodology that trains two contingency-oriented DTs on a daily basis by the databases generated from power...... system simulations. Fed with real-time wide-area measurements, one DT of measurable variables is employed for online DSA to identify potential security issues, and the other DT of controllable variables provides online decision support on preventive control strategies against those issues. A cost......-effective algorithm is adopted in this proposed approach to optimize the trajectory of preventive control. The paper also proposes an importance sampling algorithm on database preparation for efficient DT training for power systems with high penetration of wind power and distributed generation. The performance...

  18. Methods of securing and controlling critical infrastructure assets allocated in information and communications technology sector companies in leading

    Directory of Open Access Journals (Sweden)

    Piotr Sieńko

    2015-12-01

    Full Text Available Critical Infrastructure (CI plays a significant role in maintaining public order and national security. The state may use many different methods to protect and control CI allocated to commercial companies. This article describes the three most important ones: legislation, ownership and government institutions and agencies. The data presented in this paper is the result of research done on the most developed countries in the EU (United Kingdom, France, Germany and Italy and their strategic enterprises in the ICT sector, one of the most important sectors in any national security system.

  19. Security Strategies of Both Players in Asymmetric Information Zero-Sum Stochastic Games with an Informed Controller

    KAUST Repository

    Li, Lichun

    2017-11-07

    This paper considers a zero-sum two-player asymmetric information stochastic game where only one player knows the system state, and the transition law is controlled by the informed player only. For the informed player, it has been shown that the security strategy only depends on the belief and the current stage. We provide LP formulations whose size is only linear in the size of the uninformed player\\'s action set to compute both history based and belief based security strategies. For the uninformed player, we focus on the regret, the difference between 0 and the future payoff guaranteed by the uninformed player in every possible state. Regret is a real vector of the same size as the belief, and depends only on the action of the informed player and the strategy of the uninformed player. This paper shows that the uninformed player has a security strategy that only depends on the regret and the current stage. LP formulations are then given to compute the history based security strategy, the regret at every stage, and the regret based security strategy. The size of the LP formulations are again linear in the size of the uninformed player action set. Finally, an intrusion detection problem is studied to demonstrate the main results in this paper.

  20. Computer security engineering management

    International Nuclear Information System (INIS)

    McDonald, G.W.

    1988-01-01

    For best results, computer security should be engineered into a system during its development rather than being appended later on. This paper addresses the implementation of computer security in eight stages through the life cycle of the system; starting with the definition of security policies and ending with continuing support for the security aspects of the system throughout its operational life cycle. Security policy is addressed relative to successive decomposition of security objectives (through policy, standard, and control stages) into system security requirements. This is followed by a discussion of computer security organization and responsibilities. Next the paper directs itself to analysis and management of security-related risks, followed by discussion of design and development of the system itself. Discussion of security test and evaluation preparations, and approval to operate (certification and accreditation), is followed by discussion of computer security training for users is followed by coverage of life cycle support for the security of the system

  1. Safety, Security, and Stability: The Role of Nuclear Control Regimes in a Proliferated World

    National Research Council Canada - National Science Library

    Collins, James

    1995-01-01

    ... with developing and deploying nuclear weapons. The US, in the past, has refused to provide technical assistance to enhance the safety, security, and stability of proliferating countries' nuclear arsenals-we believe this policy...

  2. Security Engine Management of Router based on Security Policy

    OpenAIRE

    Su Hyung Jo; Ki Young Kim; Sang Ho Lee

    2007-01-01

    Security management has changed from the management of security equipments and useful interface to manager. It analyzes the whole security conditions of network and preserves the network services from attacks. Secure router technology has security functions, such as intrusion detection, IPsec(IP Security) and access control, are applied to legacy router for secure networking. It controls an unauthorized router access and detects an illegal network intrusion. This paper re...

  3. SQC: secure quality control for meta-analysis of genome-wide association studies.

    Science.gov (United States)

    Huang, Zhicong; Lin, Huang; Fellay, Jacques; Kutalik, Zoltán; Hubaux, Jean-Pierre

    2017-08-01

    Due to the limited power of small-scale genome-wide association studies (GWAS), researchers tend to collaborate and establish a larger consortium in order to perform large-scale GWAS. Genome-wide association meta-analysis (GWAMA) is a statistical tool that aims to synthesize results from multiple independent studies to increase the statistical power and reduce false-positive findings of GWAS. However, it has been demonstrated that the aggregate data of individual studies are subject to inference attacks, hence privacy concerns arise when researchers share study data in GWAMA. In this article, we propose a secure quality control (SQC) protocol, which enables checking the quality of data in a privacy-preserving way without revealing sensitive information to a potential adversary. SQC employs state-of-the-art cryptographic and statistical techniques for privacy protection. We implement the solution in a meta-analysis pipeline with real data to demonstrate the efficiency and scalability on commodity machines. The distributed execution of SQC on a cluster of 128 cores for one million genetic variants takes less than one hour, which is a modest cost considering the 10-month time span usually observed for the completion of the QC procedure that includes timing of logistics. SQC is implemented in Java and is publicly available at https://github.com/acs6610987/secureqc. jean-pierre.hubaux@epfl.ch. Supplementary data are available at Bioinformatics online. © The Author (2017). Published by Oxford University Press. All rights reserved. For Permissions, please email: journals.permissions@oup.com

  4. Leadership and New Technologies. New Security Issues for Management of Internet Connectivity and Remote Control in Automotive Industry

    Directory of Open Access Journals (Sweden)

    Cosmin Cătălin Olteanu

    2015-05-01

    Full Text Available The main purpose of the paper is to illustrate the importance of implementing new security policies for infotainment systems in automotive industry. A car is full of technology and is easier today to control car systems through an internet connection linked to car system infotainment. This is how it is possible to gain control of critical car systems. More than 84% of users doesn’t even know the risk of remote control of the car in the presence of Internet connection.

  5. Nuclear Security Systems and Measures for the Detection of Nuclear and Other Radioactive Material out of Regulatory Control. Implementing Guide (Arabic Edition)

    International Nuclear Information System (INIS)

    2015-01-01

    This publication provides guidance to Member States for the development, or improvement of nuclear security systems and measures for the detection of criminal or unauthorized acts with nuclear security implications involving nuclear and other radioactive material out of regulatory control. It describes the elements of an effective nuclear security detection architecture which is composed of an integrated set of nuclear security systems and measures, and is based on an appropriate legal and regulatory framework for the implementation of the national detection strategy. The publication is an implementing guide within the IAEA Nuclear Security Series and is intended for use by national policy makers, legislative bodies, competent authorities, institutions, and individuals involved in the establishment, implementation, maintenance or sustainability of nuclear security systems and measures for the detection of nuclear and other radioactive material out of regulatory control

  6. Are you in Control? : That was the key question discussed at the second Dutch Second Dutch Process Control Security Event at the Technical University of Delft, December 4, 2008

    NARCIS (Netherlands)

    Luiijf, H.A.M.

    2009-01-01

    The second Dutch Process Control Security Event attracted many process control people. The event was organised by the National Infrastructure against Cybercrime (NICC). Over hundred people responsible for the security of process control systems (PCS) and related networks in many of the Dutch

  7. Cyber-physical security of Wide-Area Monitoring, Protection and Control in a smart grid environment.

    Science.gov (United States)

    Ashok, Aditya; Hahn, Adam; Govindarasu, Manimaran

    2014-07-01

    Smart grid initiatives will produce a grid that is increasingly dependent on its cyber infrastructure in order to support the numerous power applications necessary to provide improved grid monitoring and control capabilities. However, recent findings documented in government reports and other literature, indicate the growing threat of cyber-based attacks in numbers and sophistication targeting the nation's electric grid and other critical infrastructures. Specifically, this paper discusses cyber-physical security of Wide-Area Monitoring, Protection and Control (WAMPAC) from a coordinated cyber attack perspective and introduces a game-theoretic approach to address the issue. Finally, the paper briefly describes how cyber-physical testbeds can be used to evaluate the security research and perform realistic attack-defense studies for smart grid type environments.

  8. Cyber-physical security of Wide-Area Monitoring, Protection and Control in a smart grid environment

    Science.gov (United States)

    Ashok, Aditya; Hahn, Adam; Govindarasu, Manimaran

    2013-01-01

    Smart grid initiatives will produce a grid that is increasingly dependent on its cyber infrastructure in order to support the numerous power applications necessary to provide improved grid monitoring and control capabilities. However, recent findings documented in government reports and other literature, indicate the growing threat of cyber-based attacks in numbers and sophistication targeting the nation’s electric grid and other critical infrastructures. Specifically, this paper discusses cyber-physical security of Wide-Area Monitoring, Protection and Control (WAMPAC) from a coordinated cyber attack perspective and introduces a game-theoretic approach to address the issue. Finally, the paper briefly describes how cyber-physical testbeds can be used to evaluate the security research and perform realistic attack-defense studies for smart grid type environments. PMID:25685516

  9. Formal Security-Proved Mobile Anonymous Authentication Protocols with Credit-Based Chargeability and Controllable Privacy

    Directory of Open Access Journals (Sweden)

    Chun-I Fan

    2016-06-01

    Full Text Available Smart mobile phones are widely popularized and advanced mobile communication services are provided increasingly often, such that ubiquitous computing environments will soon be a reality. However, there are many security threats to mobile networks and their impact on security is more serious than that in wireline networks owing to the features of wireless transmissions and the ubiquity property. The secret information which mobile users carry may be stolen by malicious entities. To guarantee the quality of advanced services, security and privacy would be important issues when users roam within various mobile networks. In this manuscript, an anonymous authentication scheme will be proposed to protect the security of the network system and the privacy of users. Not only does the proposed scheme provide mutual authentication between each user and the system, but also each user’s identity is kept secret against anyone else, including the system. Although the system anonymously authenticates the users, it can still generate correct bills to charge these anonymous users via a credit-based solution instead of debit-based ones. Furthermore, our protocols also achieve fair privacy which allows the judge to revoke the anonymity and trace the illegal users when they have misused the anonymity property, for example, if they have committed crimes. Finally, in this paper, we also carry out complete theoretical proofs on each claimed security property.

  10. Problems of collaborative work of the automated process control system (APCS) and the its information security and solutions.

    Science.gov (United States)

    Arakelyan, E. K.; Andryushin, A. V.; Mezin, S. V.; Kosoy, A. A.; Kalinina, Ya V.; Khokhlov, I. S.

    2017-11-01

    The principle of interaction of the specified systems of technological protections by the Automated process control system (APCS) and information safety in case of incorrect execution of the algorithm of technological protection is offered. - checking the correctness of the operation of technological protection in each specific situation using the functional relationship between the monitored parameters. The methodology for assessing the economic feasibility of developing and implementing an information security system.

  11. Socio-Economic Correlates of Information Security Threats and Controls in Global Financial Services Industry: An Analysis

    OpenAIRE

    Princely Ifinedo

    2015-01-01

    Threats to data and information assets of Global Financial Services Industry (GFSI) are ever-present; such problems, if not well understood, could lead to huge negative impact. To some extent, the environment where a business operates does matter for its success. This study presents information about the relationships between selected socio-economic factors and information security threats and controls in the financial services industry. Essentially, it seeks to enrich the information provide...

  12. Methodology for Management of Information Security in Industrial Control Systems: A Proof of Concept aligned with Enterprise Objectives.

    Directory of Open Access Journals (Sweden)

    Fabian Bustamante

    2017-04-01

    Full Text Available This article is an extended version of the study presented at the IEEE Ecuador Technical Chapters Meeting (ETCM-2016. At that time, a methodological proposal was designed, implemented, and applied in a group of industrial plants for the management of the information security of the Industrial control systems (ICS. The present study displays an adaptation and improvement of such methodology with the purpose of aligning the proposal for the effective management of information security with the strategic objectives. The development of this study has been divided into three distinctive phases. Firstly, we induced the articulation of PMI-PMBOK v5 and ITIL v3 both for the management of the project and for the verification of risks in the IT services. Second, we applied a set of risk mitigation strategies based on international standards as NIST 800-82 and 800-30. Thirdly, we assembled the two mentioned phases in a Guide for standards-based instructions and security policies, which previously have been encouraged on NIST 800-82, 800-53 and 800-12. Hereby, we observed the reduction of incidents of information security, the correct delimitation of the functions of the direct responsible of the ICS and the improvement of the communication between the operative and technical areas of the involved companies. The results demonstrate the functionality of these improvements, especially in the context of the availability and integrity of information, which generates an added value to the enterprise.

  13. Challenges for development and provision of metrological quality control tools in nuclear safeguards, nuclear forensics and nuclear security

    International Nuclear Information System (INIS)

    Aregbe, Y.; Richter, S.; Jakopic, R.; Bauwens, J.; Truyens, J.; Sturm, M.; Bujak, R.; Eykens, R.; Kehoe, F.; Kuehn, H.; Hennessy, C.

    2013-01-01

    Joint advancements in quality control tools and measurement sciences of international reference and safeguards laboratories include: -) successful integration of the Modified Total Evaporation technique (MTE) as a new tool for routine thermal ionization mass spectrometry in nuclear safeguards and security, -) research and feasibility studies for the development of new materials standard, particularly for nuclear forensics (Certified Reference Materials - CRMs for age-dating), -) quality control tools to support the additional protocol and nuclear security (particle CRMs, NUSIMEP (inter-laboratory comparisons for U particle analysis), and -) scientific/technical advice, training and knowledge transfer. The European Safeguards Research and Development Association (ESARDA), the Institute of Nuclear Materials Management (INMM) and the CETAMA Commission from the French Commission of Atomic Energy and Alternative Energies (CEA/CETAMA) and the International Atomic Energy Agency (IAEA) Technical Meetings are the platforms to exchange views on the needs and challenges for new Quality Control tools for nuclear safeguards and security. The paper is followed by the slides of the presentation

  14. Secure Access Control and Authority Delegation Based on Capability and Context Awareness for Federated IoT

    DEFF Research Database (Denmark)

    Anggorojati, Bayu; Mahalle, Parikshit N.; Prasad, Neeli R.

    2013-01-01

    Access control is a critical functionality in Internet of Things (IoT), and it is particularly promising to make access control secure, efficient and generic in a distributed environment. Another an important property of access control system in the IoT is flexibility which can be achieved...... by access or authority delegation. Delegation mechanisms in access control that have been studied until now have been intended mainly for a system that has no resource constraint, such as a web-based system, which is not very suitable for a highly pervasive system such as IoT. This chapter presents...... the Capability-based Context Aware Access Control (CCAAC) model including the authority delegation method, along with specification and protocol evaluation intended for federated Machine-to-Machine (M2M)/IoT. By using the identity and capability-based access control approach together with the contextual...

  15. Information Security Controls against Cross-Site Request Forgery Attacks on Software Applications of Automated Systems

    Science.gov (United States)

    Barabanov, A. V.; Markov, A. S.; Tsirlov, V. L.

    2018-05-01

    This paper presents statistical results and their consolidation, which were received in the study into security of various web-application against cross-site request forgery attacks. Some of the results were received in the study carried out within the framework of certification for compliance with information security requirements. The paper provides the results of consolidating information about the attack and protection measures, which are currently used by the developers of web-applications. It specifies results of the study, which demonstrate various distribution types: distribution of identified vulnerabilities as per the developer type (Russian and foreign), distribution of the security measures used in web-applications, distribution of the identified vulnerabilities as per the programming languages, data on the number of security measures that are used in the studied web-applications. The results of the study show that in most cases the developers of web-applications do not pay due attention to protection against cross-site request forgery attacks. The authors give recommendations to the developers that are planning to undergo a certification process for their software applications.

  16. Importance Sampling Based Decision Trees for Security Assessment and the Corresponding Preventive Control Schemes: the Danish Case Study

    DEFF Research Database (Denmark)

    Liu, Leo; Rather, Zakir Hussain; Chen, Zhe

    2013-01-01

    Decision Trees (DT) based security assessment helps Power System Operators (PSO) by providing them with the most significant system attributes and guiding them in implementing the corresponding emergency control actions to prevent system insecurity and blackouts. DT is obtained offline from time...... and adopts a methodology of importance sampling to maximize the information contained in the database so as to increase the accuracy of DT. Further, this paper also studies the effectiveness of DT by implementing its corresponding preventive control schemes. These approaches are tested on the detailed model...

  17. Information Security

    NARCIS (Netherlands)

    Hartel, Pieter H.; Suryana Herman, Nanna; Leukfeldt, E.R.; Stol, W.Ph.

    2012-01-01

    Information security is all about the protection of digital assets, such as digital content, personal health records, state secrets etc. These assets can be handled by a party who is authorised to access and control the asset or a party who is not authorised to do so. Authorisation determines who is

  18. Security controls in an integrated Biobank to protect privacy in data sharing: rationale and study design.

    Science.gov (United States)

    Takai-Igarashi, Takako; Kinoshita, Kengo; Nagasaki, Masao; Ogishima, Soichi; Nakamura, Naoki; Nagase, Sachiko; Nagaie, Satoshi; Saito, Tomo; Nagami, Fuji; Minegishi, Naoko; Suzuki, Yoichi; Suzuki, Kichiya; Hashizume, Hiroaki; Kuriyama, Shinichi; Hozawa, Atsushi; Yaegashi, Nobuo; Kure, Shigeo; Tamiya, Gen; Kawaguchi, Yoshio; Tanaka, Hiroshi; Yamamoto, Masayuki

    2017-07-06

    With the goal of realizing genome-based personalized healthcare, we have developed a biobank that integrates personal health, genome, and omics data along with biospecimens donated by volunteers of 150,000. Such a large-scale of data integration involves obvious risks of privacy violation. The research use of personal genome and health information is a topic of global discussion with regard to the protection of privacy while promoting scientific advancement. The present paper reports on our plans, current attempts, and accomplishments in addressing security problems involved in data sharing to ensure donor privacy while promoting scientific advancement. Biospecimens and data have been collected in prospective cohort studies with the comprehensive agreement. The sample size of 150,000 participants was required for multiple researches including genome-wide screening of gene by environment interactions, haplotype phasing, and parametric linkage analysis. We established the T ohoku M edical M egabank (TMM) data sharing policy: a privacy protection rule that requires physical, personnel, and technological safeguards against privacy violation regarding the use and sharing of data. The proposed policy refers to that of NCBI and that of the Sanger Institute. The proposed policy classifies shared data according to the strength of re-identification risks. Local committees organized by TMM evaluate re-identification risk and assign a security category to a dataset. Every dataset is stored in an assigned segment of a supercomputer in accordance with its security category. A security manager should be designated to handle all security problems at individual data use locations. The proposed policy requires closed networks and IP-VPN remote connections. The mission of the biobank is to distribute biological resources most productively. This mission motivated us to collect biospecimens and health data and simultaneously analyze genome/omics data in-house. The biobank also has the

  19. Home blood pressure monitoring, secure electronic messaging and medication intensification for improving hypertension control: a mediation analysis.

    Science.gov (United States)

    Ralston, J D; Cook, A J; Anderson, M L; Catz, S L; Fishman, P A; Carlson, J; Johnson, R; Green, B B

    2014-01-01

    We evaluated the role of home monitoring, communication with pharmacists, medication intensification, medication adherence and lifestyle factors in contributing to the effectiveness of an intervention to improve blood pressure control in patients with uncontrolled essential hypertension. We performed a mediation analysis of a published randomized trial based on the Chronic Care Model delivered over a secure patient website from June 2005 to December 2007. Study arms analyzed included usual care with a home blood pressure monitor and usual care with home blood pressure monitor and web-based pharmacist care. Mediator measures included secure messaging and telephone encounters; home blood pressure monitoring; medications intensification and adherence and lifestyle factors. Overall fidelity to the Chronic Care Model was assessed with the Patient Assessment of Chronic Care (PACIC) instrument. The primary outcome was percent of participants with blood pressure (BP) <140/90 mm Hg. At 12 months follow-up, patients in the web-based pharmacist care group were more likely to have BP <140/90 mm Hg (55%) compared to patients in the group with home blood pressure monitors only (37%) (p = 0.001). Home blood pressure monitoring accounted for 30.3% of the intervention effect, secure electronic messaging accounted for 96%, and medication intensification for 29.3%. Medication adherence and self-report of fruit and vegetable intake and weight change were not different between the two study groups. The PACIC score accounted for 22.0 % of the main intervention effect. The effect of web-based pharmacist care on improved blood pressure control was explained in part through a combination of home blood pressure monitoring, secure messaging, and antihypertensive medication intensification.

  20. Controls-based approach for evaluation of information security standards implementation costs

    OpenAIRE

    OLIFER, Dmitrij; GORANIN, Nikolaj; KACENIAUSKAS, Arnas; CENYS, Antanas

    2017-01-01

    According to the PricewaterhouseCoopers analysis, the average cost of a single information security and data protections breaches has increased twice during 2015 (Pricewaterhouse Coopers 2015). Amount of organizations who reported serious breach has also risen (from 9% in 2015 to 17% in 2016) (PricewaterhouseCoopers 2016). To achieve their goals criminals are using different techniques starting from Social engineering (phishing, whaling) and finishing with malware execution (such as ransomwar...

  1. Improving Security in Bring Your Own Device (BYOD) Environment by Controlling Access

    OpenAIRE

    Muhammad, M.A.; Zadeh, P.B.; Ayesh, Aladdin, 1972-

    2017-01-01

    With the rapid increase in smartphones and tablets, Bring Your Own Devices (BYOD) has simplified computing by introducing the use of personally owned devices. These devices can be utilised in accessing business enterprise contents and networks. The effectiveness of BYOD offers several business benefits like employee job satisfaction, increased job efficiency and flexibility. However, allowing employees to bring their own devices could lead to a plethora of security issues; like data theft, un...

  2. Escape and evade control policies for ensuring the physical security of nonholonomic, ground-based, unattended mobile sensor nodes

    Science.gov (United States)

    Mascarenas, David; Stull, Christopher; Farrar, Charles

    2011-06-01

    In order to realize the wide-scale deployment of high-endurance, unattended mobile sensing technologies, it is vital to ensure the self-preservation of the sensing assets. Deployed mobile sensor nodes face a variety of physical security threats including theft, vandalism and physical damage. Unattended mobile sensor nodes must be able to respond to these threats with control policies that facilitate escape and evasion to a low-risk state. In this work the Precision Immobilization Technique (PIT) problem has been considered. The PIT maneuver is a technique that a pursuing, car-like vehicle can use to force a fleeing vehicle to abruptly turn ninety degrees to the direction of travel. The abrupt change in direction generally causes the fleeing driver to lose control and stop. The PIT maneuver was originally developed by law enforcement to end vehicular pursuits in a manner that minimizes damage to the persons and property involved. It is easy to imagine that unattended autonomous convoys could be targets of this type of action by adversarial agents. This effort focused on developing control policies unattended mobile sensor nodes could employ to escape, evade and recover from PIT-maneuver-like attacks. The development of these control policies involved both simulation as well as small-scale experimental testing. The goal of this work is to be a step toward ensuring the physical security of unattended sensor node assets.

  3. Controlling disasters: Local emergency management perceptions about Federal Emergency Management and Homeland Security actions after September 11, 2001.

    Science.gov (United States)

    Hildebrand, Sean

    This article examines local emergency manager's beliefs regarding control over tasks during various stages of the hazard cycle since federal policies went into effect following the September 11 attacks. The study considers whether a disparity exists between the actions of local officials during each phase of the "hazard cycle" and the policy expectations of the federal government, which call for greater federal control over activities in emergency management and homeland security. To do so, hypothesis testing investigates the jurisdiction's use of comprehensive emergency management (CEM) practices, the perceived "clarity" of the federal policy demands, and if the local actors feel coerced to comply with federal policy demands so that grant funding is not compromised. Using a model developed from "third-generation" policy implementation research, the results show that the odds of local officials citing federal control over these actions have very limited statistical significance. This signals that the perceived lack of local input into the development of these federal policies and the policies' limited use of traditional CEM measures may not be in concert with what local actors perform in the field. Simply put, the respondents claim to understand the federal policy demands, support the concept of federal control as the policies describe, yet follow their own plans or traditional CEM principles, even if such actions do not support the federal policy demands. These results align with pre-existing research in the emergency management field that show issues with efforts to centralize policies under the Department of Homeland Security and Federal Emergency Management Agency.

  4. Human factors in network security

    OpenAIRE

    Jones, Francis B.

    1991-01-01

    Human factors, such as ethics and education, are important factors in network information security. This thesis determines which human factors have significant influence on network security. Those factors are examined in relation to current security devices and procedures. Methods are introduced to evaluate security effectiveness by incorporating the appropriate human factors into network security controls

  5. Alternative security

    International Nuclear Information System (INIS)

    Weston, B.H.

    1990-01-01

    This book contains the following chapters: The Military and Alternative Security: New Missions for Stable Conventional Security; Technology and Alternative Security: A Cherished Myth Expires; Law and Alternative Security: Toward a Just World Peace; Politics and Alternative Security: Toward a More Democratic, Therefore More Peaceful, World; Economics and Alternative Security: Toward a Peacekeeping International Economy; Psychology and Alternative Security: Needs, Perceptions, and Misperceptions; Religion and Alternative Security: A Prophetic Vision; and Toward Post-Nuclear Global Security: An Overview

  6. Homeland Security

    Science.gov (United States)

    Provides an overview of EPA's homeland security roles and responsibilities, and links to specific homeland security issues: water security, research, emergency response, recovery, and waste management.

  7. An Attribute-Based Access Control with Efficient and Secure Attribute Revocation for Cloud Data Sharing Service

    Institute of Scientific and Technical Information of China (English)

    Nyamsuren Vaanchig; Wei Chen; Zhi-Guang Qin

    2017-01-01

    Nowadays, there is the tendency to outsource data to cloud storage servers for data sharing purposes. In fact, this makes access control for the outsourced data a challenging issue. Ciphertext-policy attribute-based encryption (CP-ABE) is a promising cryptographic solution for this challenge. It gives the data owner (DO) direct control on access policy and enforces the access policy cryptographically. However, the practical application of CP-ABE in the data sharing service also has its own inherent challenge with regard to attribute revocation. To address this challenge, we proposed an attribute-revocable CP-ABE scheme by taking advantages of the over-encryption mechanism and CP-ABE scheme and by considering the semi-trusted cloud service provider (CSP) that participates in decryption processes to issue decryption tokens for authorized users. We further presented the security and performance analysis in order to assess the effectiveness of the scheme. As compared with the existing attribute-revocable CP-ABE schemes, our attribute-revocable scheme is reasonably efficient and more secure to enable attribute-based access control over the outsourced data in the cloud data sharing service.

  8. Securing the Vista Environment

    CERN Document Server

    Gregory, Peter

    2007-01-01

    "Securing the Vista Environment" takes you on a quick tour of the most significant security features in Vista, Microsoft's first revision of Windows in almost six years. You'll get background on threats and vulnerabilities that will make you think differently about security. Security is more than just the technology and configurations--it's about how we use the system that makes it secure or not. Then we'll cover Vista's security features, from user privileges to Windows Defender, User Account Control, and BitLocker, as well as strategies for protecting your information from unwanted disclo

  9. Android apps security

    CERN Document Server

    Gunasekera, Sheran

    2012-01-01

    Android Apps Security provides guiding principles for how to best design and develop Android apps with security in mind. It explores concepts that can be used to secure apps and how developers can use and incorporate these security features into their apps. This book will provide developers with the information they need to design useful, high-performing, and secure apps that expose end-users to as little risk as possible.  Overview of Android OS versions, features, architecture and security.  Detailed examination of areas where attacks on applications can take place and what controls should b

  10. Mechanical analysis of flying robot for nuclear safety and security control by radiological monitoring

    International Nuclear Information System (INIS)

    Cho, Hyo Sung; Woo, Tae Ho

    2016-01-01

    Highlights: • Radiological monitoring of the NPPs site is performed by the flying robot. • The mechanics of drone is investigated in the NPPs. • Yaw and Pitch motions are simulated for the robotic behaviors. • The flying robot is analyzed for the nuclear safety and security successfully. - Abstract: The flying robot is investigated for the nuclear accident and security treatment. Several mechanics are introduced for the movement of the drone. The optimized motion of the drone should cover all areas of Nuclear Power Plants (NPPs) over the site where the circular and surmounting motions are needed with traverse of zigzag shapes. There is the Yaw motion in the circular moving and the Pitch motion in the climbing and downing against reactor facility. The fallout is calculated from the radiation concentration in the breaking part of the NPPs where the radioactive material leaks from the containment, coolant loop, plant facility and so on. The dose equivalents are obtained where the values are changeable following the random values of the y value, average wind speed, and dispersed concentration in the detection position. The simulation of new positions of x, y, and z are normalized from 0.0 to 1.0. The mechanics of flying robot produces the multidisciplinary converged technology incorporated with the aerial radiation monitoring information.

  11. Security Dilemma

    DEFF Research Database (Denmark)

    Wivel, Anders

    2011-01-01

    What is a security dilemma? What are the consequences of security dilemmas in international politics?......What is a security dilemma? What are the consequences of security dilemmas in international politics?...

  12. SNAP-Ed (Supplemental Nutrition Assistance Program-Education) Increases Long-Term Food Security among Indiana Households with Children in a Randomized Controlled Study.

    Science.gov (United States)

    Rivera, Rebecca L; Maulding, Melissa K; Abbott, Angela R; Craig, Bruce A; Eicher-Miller, Heather A

    2016-11-01

    Food insecurity is negatively associated with US children's dietary intake and health. The Supplemental Nutrition Assistance Program-Education (SNAP-Ed) aims to alleviate food insecurity by offering nutrition, budgeting, and healthy lifestyle education to low-income individuals and families. The objective of this study was to evaluate the long-term impact of the Indiana SNAP-Ed on food security among households with children. A randomized, controlled, parallel study design with SNAP-Ed as an intervention was carried out during a 4- to 10-wk intervention period. Intervention group participants received the first 4 Indiana SNAP-Ed curriculum lessons. Study participants (n = 575) were adults aged ≥18 y from low-income Indiana households with ≥1 child living in the household. Both treatment groups completed an assessment before and after the intervention period and 1 y after recruitment. The 18-item US Household Food Security Survey Module was used to classify the primary outcomes of food security for the household and adults and children in the household. A linear mixed model was used to compare intervention with control group effects over time on food security. Mean ± SEM changes in household food security score and food security score among household adults from baseline to 1-y follow-up were 1.2 ± 0.4 and 0.9 ± 0.3 units lower, respectively, in the intervention group than in the control group (P security score from baseline to 1-y follow-up among household children was not significantly different in the intervention group compared with the control group. SNAP-Ed improved food security over a longitudinal time frame among low-income Indiana households with children in this study. SNAP-Ed may be a successful intervention to improve food security. © 2016 American Society for Nutrition.

  13. Security of supply, energy spillage control and peaking options within a 100% renewable electricity system for New Zealand

    International Nuclear Information System (INIS)

    Mason, I.G.; Page, S.C.; Williamson, A.G.

    2013-01-01

    In this paper, issues of security of supply, energy spillage control, and peaking options, within a fully renewable electricity system, are addressed. We show that a generation mix comprising 49% hydro, 23% wind, 13% geothermal, 14% pumped hydro energy storage peaking plant, and 1% biomass-fuelled generation on an installed capacity basis, was capable of ensuring security of supply over an historic 6-year period, which included the driest hydrological year on record in New Zealand since 1931. Hydro spillage was minimised, or eliminated, by curtailing a proportion of geothermal generation. Wind spillage was substantially reduced by utilising surplus generation for peaking purposes, resulting in up to 99.8% utilisation of wind energy. Peaking requirements were satisfied using 1550 MW of pumped hydro energy storage generation, with a capacity factor of 0.76% and an upper reservoir storage equivalent to 8% of existing hydro storage capacity. It is proposed that alternative peaking options, including biomass-fuelled gas turbines and demand-side measures, should be considered. As a transitional policy, the use of fossil-gas–fuelled gas turbines for peaking would result in a 99.8% renewable system on an energy basis. Further research into whether a market-based system is capable of delivering such a renewable electricity system is suggested. - Highlights: • A 100% renewable electricity system was modelled over a 6-year period. • Security of supply was demonstrated, including for the driest year since 1931. • Stored energy spillage was controlled by using flexible base-load generation. • Wind energy utilisation of 99.8% was obtained. • Transitional use of fossil gas for peaking resulted in a 99.8% renewable system

  14. Network security

    CERN Document Server

    Perez, André

    2014-01-01

    This book introduces the security mechanisms deployed in Ethernet, Wireless-Fidelity (Wi-Fi), Internet Protocol (IP) and MultiProtocol Label Switching (MPLS) networks. These mechanisms are grouped throughout the book according to the following four functions: data protection, access control, network isolation, and data monitoring. Data protection is supplied by data confidentiality and integrity control services. Access control is provided by a third-party authentication service. Network isolation is supplied by the Virtual Private Network (VPN) service. Data monitoring consists of applying

  15. Cloud security mechanisms

    OpenAIRE

    2014-01-01

    Cloud computing has brought great benefits in cost and flexibility for provisioning services. The greatest challenge of cloud computing remains however the question of security. The current standard tools in access control mechanisms and cryptography can only partly solve the security challenges of cloud infrastructures. In the recent years of research in security and cryptography, novel mechanisms, protocols and algorithms have emerged that offer new ways to create secure services atop cloud...

  16. Hybrid Security Policies

    Directory of Open Access Journals (Sweden)

    Radu CONSTANTINESCU

    2006-01-01

    Full Text Available Policy is defined as the rules and regulations set by the organization. They are laid down by management in compliance with industry regulations, law and internal decisions. Policies are mandatory. Security policies rules how the information is protected against security vulnerabilities and they are the basis for security awareness, training and vital for security audits. Policies are focused on desired results. The means of achieving the goals are defined on controls, standards and procedures.

  17. Mobile platform security

    CERN Document Server

    Asokan, N; Dmitrienko, Alexandra

    2013-01-01

    Recently, mobile security has garnered considerable interest in both the research community and industry due to the popularity of smartphones. The current smartphone platforms are open systems that allow application development, also for malicious parties. To protect the mobile device, its user, and other mobile ecosystem stakeholders such as network operators, application execution is controlled by a platform security architecture. This book explores how such mobile platform security architectures work. We present a generic model for mobile platform security architectures: the model illustrat

  18. Client attachment security predicts alliance in a randomized controlled trial of two psychotherapies for bulimia nervosa

    DEFF Research Database (Denmark)

    Folke, Sofie; Daniel, Sarah Ingrid Franksdatter; Poulsen, Stig Bernt

    2016-01-01

    interaction whereby dismissing clients would develop weaker alliances in psychoanalytic psychotherapy and preoccupied clients would develop weaker alliances in cognitive-behavioral therapy. Conclusions: As the first study to examine client attachment and therapeutic alliance using observer-based instruments......Objective: This study investigated the relation between clients’ attachment patterns and the therapeutic alliance in two psychotherapies for bulimia nervosa. Method: Data derive from a randomized clinical trial comparing cognitive-behavioral therapy and psychoanalytic psychotherapy for bulimia...... to be a significant (p = .007) predictor of alliance levels at the three measured time points, with clients higher on attachment security developing stronger alliances with their therapists in both treatments as compared to clients higher on attachment insecurity. No evidence was found to support a hypothesized...

  19. Privacy in confidential administrative micro data: implementing statistical disclosure control in a secure computing environment.

    Science.gov (United States)

    Hochfellner, Daniela; Müller, Dana; Schmucker, Alexandra

    2014-12-01

    The demand for comprehensive and innovative data is constantly growing in social science. In particular, micro data from various social security agencies become more and more attractive. In contrast to survey data, administrative data offer a census with highly reliable information but are restricted in their usage. To make them accessible for researchers, data or research output either have to be anonymized or released after disclosure review procedures have been used. This article discusses the trade-off between maintaining a high capability of research potential while protecting private information, by exploiting the data disclosure portfolio and the adopted disclosure strategies of the Research Data Center of the German Federal Employment Agency. © The Author(s) 2014.

  20. Specificity of Correlation Pattern Recognition Methods Application in Security Holograms Identity Control Apparatus

    Science.gov (United States)

    Zlokazov, E. Yu.; Starikov, R. S.; Odinokov, S. B.; Tsyganov, I. K.; Talalaev, V. E.; Koluchkin, V. V.

    Automatic inspection of security hologram (SH) identity is highly demanded issue due high distribution of SH worldwide to protect documents such as passports, driving licenses, banknotes etc. While most of the known approaches use inspection of SH design features none of these approaches inspect the features of its surface relief that is a direct contribution to original master matrix used for these holograms production. In our previous works we represented the device that was developed to provide SH identification by processing of coherent responses of its surface elements. Most of the algorithms used in this device are based on application of correlation pattern recognition methods. The main issue of the present article is a description of these methods application specificities.

  1. Enhancing Security and Privacy in Video Surveillance through Role-Oriented Access Control Mechanism

    DEFF Research Database (Denmark)

    Mahmood Rajpoot, Qasim

    sensitive regions, e.g. faces, from the videos. However, very few research efforts have focused on addressing the security aspects of video surveillance data and on authorizing access to this data. Interestingly, while PETs help protect the privacy of individuals, they may also hinder the usefulness....... Pervasive usage of such systems gives substantial powers to those monitoring the videos and poses a threat to the privacy of anyone observed by the system. Aside from protecting privacy from the outside attackers, it is equally important to protect the privacy of individuals from the inside personnel...... involved in monitoring surveillance data to minimize the chances of misuse of the system, e.g. voyeurism. In this context, several techniques to protect the privacy of individuals, called privacy enhancing techniques (PET) have therefore been proposed in the literature which detect and mask the privacy...

  2. SOSPO-SP: Secure Operation of Sustainable Power Systems Simulation Platform for Real-Time System State Evaluation and Control

    DEFF Research Database (Denmark)

    Morais, Hugo; Vancraeyveld, Pieter; Pedersen, Allan Henning Birger

    2014-01-01

    Measurement Units (PMUs) provides more information and enables wide-area monitoring with accurate timing. One of the challenges in the near future is converting the high quantity and quality of information provided by PMUs into useful knowledge about operational state of a global system. The use of real-time...... simulation in closed-loop is essential to develop and validate new real-time applications of wide-area PMU data. This paper presents a simulation platform developed within the research project Secure Operation of Sustainable Power Systems (SOSPO). The SOSPO simulation platform (SOSPO-SP) functions...... in a closed-loop, integrating new real-time assessment methods to provide useful information to operators in power system control centers and to develop new control methodologies that handle emergency situations and avoid power system blackouts....

  3. Sliding mode control for synchronization of Roessler systems with time delays and its application to secure communication

    International Nuclear Information System (INIS)

    Chen, C-K; Yan, J-J; Liao, T-L

    2007-01-01

    This study is concerned with the chaos synchronization problem of Roessler systems subjected to multiple time delays. Based on the sliding mode control (SMC) technique, we first propose an adaptive switching surface which does not allow for a reduction of system order, as is the case in most SMC schemes. Then both a sliding mode controller and a new sufficient condition are derived to guarantee, respectively, the global hitting of the sliding mode and stability of the equivalent error dynamics in the sliding mode. Thus, the chaos synchronization for Roessler systems with multiple time delays can surely be achieved. Moreover, the proposed scheme is then applied to the secure communication system. Numerical simulations are included to demonstrate the feasibility of the proposed scheme

  4. Standard guide for application of radiation monitors to the control and physical security of special nuclear material

    International Nuclear Information System (INIS)

    Anon.

    1989-01-01

    This guide briefly describes the state-of-the-art of radiation monitors for detecting special nuclear material (SNM) in order to establish the context in which to write performance standards for the monitors. This guide extracts information from technical documentation to provide information for selecting, calibrating, testing, and operating such radiation monitors when they are used for the control and protection of SNM. This guide offers an unobtrusive means of searching pedestrians, packages, and motor vehicles for concealed SNM as one part of a nuclear material control or security plan for nuclear materials. The radiation monitors can provide an efficient, sensitive, and reliable means of detecting the theft of small quantities of SNM while maintaining a low likelihood of nuisance alarms

  5. Standard guide for application of radiation monitors to the control and physical security of special nuclear material

    CERN Document Server

    American Society for Testing and Materials. Philadelphia

    1999-01-01

    1.1 This guide briefly describes the state-of-the-art of radiation monitors for detecting special nuclear material (SNM) (see 3.1.11) in order to establish the context in which to write performance standards for the monitors. This guide extracts information from technical documentation to provide information for selecting, calibrating, testing, and operating such radiation monitors when they are used for the control and protection of SNM. This guide offers an unobtrusive means of searching pedestrians, packages, and motor vehicles for concealed SNM as one part of a nuclear material control or security plan for nuclear materials. The radiation monitors can provide an efficient, sensitive, and reliable means of detecting the theft of small quantities of SNM while maintaining a low likelihood of nuisance alarms. 1.2 Dependable operation of SNM radiation monitors rests on selecting appropriate monitors for the task, operating them in a hospitable environment, and conducting an effective program to test, calibrat...

  6. Modernization of control instrumentation and security of reactor IAN - R1

    International Nuclear Information System (INIS)

    Gonzalez, J. M.

    1993-01-01

    The program to modernize IAN-R1 research reactor control and safety instrumentation has been carried out considering two main aspects: updating safety philosophy requirements and acquiring the newest reactor control instrumentation controlled by computer, following the present criteria internationally recognized, for safety and reliable reactor operations and the latest developments of nuclear electronic technology. The new IAN-R1 reactor instrumentation consist of two wide range neutron monitoring channels, commanded by microprocessor a data acquisition system and reactor control, (controlled by computers). The reactor control desk is providing through two displays; all safety and control signals to the reactor operators; furthermore some signals like reactor power, safety and period signals are also showed on digital bar graphics, which are hard wired directly from the neutron monitoring channels

  7. Security for multihop wireless networks

    CERN Document Server

    Khan, Shafiullah

    2014-01-01

    Security for Multihop Wireless Networks provides broad coverage of the security issues facing multihop wireless networks. Presenting the work of a different group of expert contributors in each chapter, it explores security in mobile ad hoc networks, wireless sensor networks, wireless mesh networks, and personal area networks.Detailing technologies and processes that can help you secure your wireless networks, the book covers cryptographic coprocessors, encryption, authentication, key management, attacks and countermeasures, secure routing, secure medium access control, intrusion detection, ep

  8. Food security is related to adult type 2 diabetes control over time in a United States safety net primary care clinic population.

    Science.gov (United States)

    Shalowitz, M U; Eng, J S; McKinney, C O; Krohn, J; Lapin, B; Wang, C-H; Nodine, E

    2017-05-15

    Successful Type 2 diabetes management requires adopting a high nutrient-density diet made up of food items that both meet dietary needs and preferences and can be feasibly obtained on a regular basis. However, access to affordable, nutrient-dense foods often is lacking in poorer neighbourhoods. Therefore, low food security should directly impair glucose control, even when patients have full access to and utilize comprehensive medical management. The present study sought to determine whether food security is related longitudinally to glucose control, over-and-above ongoing medication management, among Type 2 diabetes patients receiving comprehensive care at a Midwestern multi-site federally qualified health centre (FQHC). In this longitudinal observational study, we completed a baseline assessment of patients' food security (using the US Household Food Security Module), demographics (via Census items), and diabetes history/management (using a structured clinical encounter form) when patients began receiving diabetes care at the health centre. We then recorded those patients' A1C levels several times during a 24-month follow-up period. Three hundred and ninety-nine patients (56% with low food security) had a baseline A1c measurement; a subsample of 336 (median age=52 years; 56% female; 60% Hispanic, 27% African American, and 9% White) also had at least one follow-up A1c measurement. Patients with lower (vs higher) food security were more likely to be on insulin and have higher A1c levels at baseline. Moreover, the disparity in glucose control by food security status persisted throughout the next 2 years. Although results were based on one multi-site FQHC, potentially limiting their generalizability, they seem to suggest that among Type 2 diabetes patients, low food security directly impairs glucose control-even when patients receive full access to comprehensive medical management-thereby increasing their long-term risks of high morbidity, early mortality, and high

  9. Intrusion Detection in Networked Control Systems: From System Knowledge to Network Security

    NARCIS (Netherlands)

    Caselli, M.

    2016-01-01

    “Networked control system‿ (NCS) is an umbrella term encompassing a broad variety of infrastructures such as industrial control systems (ICSs) and building automation systems (BASs). Nowadays, all these infrastructures play an important role in several aspects of our daily life, from managing

  10. Cyber (In-)security of Industrial Control Systems : A Societal Challenge

    NARCIS (Netherlands)

    Luiijf, H.A.M.

    2015-01-01

    Our society and its citizens increasingly depend on the undisturbed functioning of critical infrastructures (CI), their products and services. Many of the CI services as well as other organizations use Industrial Control Systems (ICS) to monitor and control their mission-critical processes.

  11. Export Controls and the Tensions between Academic Freedom and National Security

    Science.gov (United States)

    Evans, Samuel A. W.; Valdivia, Walter D.

    2012-01-01

    In the U.S.A., advocates of academic freedom--the ability to pursue research unencumbered by government controls--have long found sparring partners in government officials who regulate technology trade. From concern over classified research in the 1950s, to the expansion of export controls to cover trade in information in the 1970s, to current…

  12. State Labour Inspectorate – specialized authority exercising supervising and control tasks in the field of labour security and health

    Directory of Open Access Journals (Sweden)

    Nicolae ROMANDAŞ

    2016-06-01

    Full Text Available In present, State Labour Inspectorate is the main supervisory body in health and safety at the work, and has all the rights to exercise an efficient control in order to target the compliance of employers of legal regulations which aim mentioned sphere. Therefore, the mechanism which involves changes in work culture, the most important from of them which refers to security and healthy of work place, take place in our society for harmonization and labor market adjustment. It is obviously that more units start to realize that human resources are most important capital of an organization and is the decisive factor in the production process. That’s why employers should be conscious about the fact that security of an employee it’s not an expanse, but a necessary investment to avoid some costs, direct or indirect caused by work stoppages in the case of a serious and imminent danger or in cases the most unfortunate, the consequences of accidents at work and occupational diseases.

  13. Apparatus and method supporting wireless access to multiple security layers in an industrial control and automation system or other system

    Science.gov (United States)

    Chen, Yu-Gene T.

    2013-04-16

    A method includes receiving a message at a first wireless node. The first wireless node is associated with a first wired network, and the first wired network is associated with a first security layer. The method also includes transmitting the message over the first wired network when at least one destination of the message is located in the first security layer. The method further includes wirelessly transmitting the message for delivery to a second wireless node when at least one destination of the message is located in a second security layer. The second wireless node is associated with a second wired network, and the second wired network is associated with the second security layer. The first and second security layers may be associated with different security paradigms and/or different security domains. Also, the message could be associated with destinations in the first and second security layers.

  14. Nuclear Security Recommendations on Nuclear and other Radioactive Material out of Regulatory Control: Recommendations (Spanish Edition); Recomendaciones de Seguridad Fisica Nuclear sobre Materiales Nucleares y otros Materiales Radiactivos no sometidos a Control Reglamentario: Recomendaciones

    Energy Technology Data Exchange (ETDEWEB)

    NONE

    2012-06-15

    This publication presents recommendations for the nuclear security of nuclear and other radioactive material that is out of regulatory control. It is based on national experiences and practices and guidance publications in the field of security as well as the nuclear security related international instruments. The recommendations include guidance for States with regard to the nuclear security of nuclear and other radioactive material that has been reported as being out of regulatory control as well as for material that is lost, missing or stolen but has not been reported as such, or has been otherwise discovered. In addition, these recommendations adhere to the detection and assessment of alarms and alerts and to a graded response to criminal or unauthorized acts with nuclear security implications.

  15. Security, development and human rights: normative, legal and policy challenges for the international drug control system.

    Science.gov (United States)

    Barrett, Damon

    2010-03-01

    This commentary addresses some of the challenges posed by the broader normative, legal and policy framework of the United Nations for the international drug control system. The 'purposes and principles' of the United Nations are presented and set against the threat based rhetoric of the drug control system and the negative consequences of that system. Some of the challenges posed by human rights law and norms to the international drug control system are also described, and the need for an impact assessment of the current system alongside alternative policy options is highlighted as a necessary consequence of these analyses. Copyright (c) 2010 Elsevier B.V. All rights reserved.

  16. International Guidelines on Human Rights and Drug Control: A Tool for Securing Women's Rights in Drug Control Policy.

    Science.gov (United States)

    Schleifer, Rebecca; Pol, Luciana

    2017-06-01

    Discrimination and inequality shape women's experiences of drug use and in the drug trade and the impact of drug control efforts on them, with disproportionate burdens faced by poor and otherwise marginalized women. In recent years, UN member states and UN drug control and human rights entities have recognized this issue and made commitments to integrate a 'gender perspective' into drug control policies, with 'gender' limited to those conventionally deemed women. But the concept of gender in international law is broader, rooted in socially constructed and culturally determined norms and expectations around gender roles, sex, and sexuality. Also, drug control policies often fail to meaningfully address the specific needs and circumstances of women (inclusively defined), leaving them at risk of recurrent violations of their rights in the context of drugs. This article explores what it means to 'mainstream' this narrower version of gender into drug control efforts, using as examples various women's experiences as people who use drugs, in the drug trade, and in the criminal justice system. It points to international guidelines on human rights and drug control as an important tool to ensure attention to women's rights in drug control policy design and implementation.

  17. Policy-based secure communication with automatic key management for industrial control and automation systems

    Science.gov (United States)

    Chernoguzov, Alexander; Markham, Thomas R.; Haridas, Harshal S.

    2016-11-22

    A method includes generating at least one access vector associated with a specified device in an industrial process control and automation system. The specified device has one of multiple device roles. The at least one access vector is generated based on one or more communication policies defining communications between one or more pairs of devices roles in the industrial process control and automation system, where each pair of device roles includes the device role of the specified device. The method also includes providing the at least one access vector to at least one of the specified device and one or more other devices in the industrial process control and automation system in order to control communications to or from the specified device.

  18. INFORMATION SECURITY: Weak Controls Place DC Highway Trust Fund and Other Data at Risk

    National Research Council Canada - National Science Library

    2001-01-01

    We reviewed information system general controls over the financial systems that process and account for the financial activities of the District of Columbia Highway Trust Fund as part of our annual...

  19. Railway cognitive radio to enhance safety, security, and performance of positive train control.

    Science.gov (United States)

    2013-02-01

    Robust and interoperable wireless communications are vital to Positive Train Control (PTC). The railway industry has started adopting software-defined radios (SDRs) for packet-data transmission. SDR systems realize previously fixed components as reco...

  20. Design of High-Fidelity Testing Framework for Secure Electric Grid Control

    Energy Technology Data Exchange (ETDEWEB)

    Yoginath, Srikanth B [ORNL; Perumalla, Kalyan S [ORNL

    2014-01-01

    A solution methodology and implementation components are presented that can uncover unwanted, unintentional or unanticipated effects on electric grids from changes to actual electric grid control software. A new design is presented to leapfrog over the limitations of current modeling and testing techniques for cyber technologies in electric grids. We design a fully virtualized approach in which actual, unmodified operational software under test is enabled to interact with simulated surrogates of electric grids. It enables the software to influence the (simulated) grid operation and vice versa in a controlled, high fidelity environment. Challenges in achieving such capability include achieving low-overhead time control mechanisms in hypervisor schedulers, network capture and time-stamping, translation of network packets emanating from grid software into discrete events of virtual grid models, translation back from virtual sensors/actuators into data packets to control software, and transplanting the entire system onto an accurately and efficiently maintained virtual-time plane.

  1. Homeland Security and Information Control: A Model of Asymmetric Information Flows.

    Science.gov (United States)

    Maxwell, Terrence A.

    2003-01-01

    Summarizes some of the activities the United States government has undertaken to control the dissemination of information since 2001. It also explores, through a conceptual model of information flows, potential impacts and discontinuities between policy purposes and outcomes. (AEF)

  2. Intrusion Detection in Networked Control Systems: From System Knowledge to Network Security

    OpenAIRE

    Caselli, M.

    2016-01-01

    “Networked control system‿ (NCS) is an umbrella term encompassing a broad variety of infrastructures such as industrial control systems (ICSs) and building automation systems (BASs). Nowadays, all these infrastructures play an important role in several aspects of our daily life, from managing essential services such as en- ergy and water (e.g., critical infrastructures) to monitoring the increasingly smart environments that surround us (e.g., the Internet of Things). Over the years, NCS techn...

  3. Security Evolution.

    Science.gov (United States)

    De Patta, Joe

    2003-01-01

    Examines how to evaluate school security, begin making schools safe, secure schools without turning them into fortresses, and secure schools easily and affordably; the evolution of security systems into information technology systems; using schools' high-speed network lines; how one specific security system was developed; pros and cons of the…

  4. Method to control the persons permitted to enter plants with increased security requirements and personnel lock for such plants

    International Nuclear Information System (INIS)

    Blaser, E.; Eickhoff, H.; Tretschoks, W.

    1978-01-01

    The personnel lock for a plant with increased security requirements, e.g. a nuclear power plant, has got two lock gates. Only persons whose right to enter has been established by the control equipment will be admitted to the lock chamber. For this purpose an identification recess is built in front of the first access to the lock chamber, where size, weight and the contours of the persons wanting to enter are roughly measured and compared with a code card carried along. The weight is established by a balance forming part of the base of the recess. By means of contact surfaces in the region of knees, upper thigh, chest and shoulder an upright position of the person is guaranteed. Scanning of the physical dimensions is performed with laser, infrared and light barriers. (DG) [de

  5. Limitation of right of codetermination of the works council in case of an administrative order for security controls

    International Nuclear Information System (INIS)

    Anon.

    1988-01-01

    BetrVG section 87, sub-sec. (1), No. 1 and 7, first sentence; Atomic Energy Act section 7, sub-sec. (2), No. 5; section 17, sub-sec. (1), sentence 2. On the basis of a right of codetermination, the works council may only claim an arrangement that could be decided upon by the employer alone outside the Works Constitution Act. In case the employer is obliged by an administrative act binding upon him, to take certain measures, the works council may not claim an arrangement deviating from this directive by referring to the right of codetermination. Federal Labour Court, decision of May 26, 1988 - 1 ABR 9/87 - concerning the execution of security controls on the personnel entering the WAK. (orig./HP) [de

  6. Mission impossible or border security – Practical and effective infection control on air ambulances

    Directory of Open Access Journals (Sweden)

    M. Kuhn*

    2013-12-01

    These principles have been applied to our air ambulance system based from Lanseria International Airport. By combining preventative and control measures, there has been no breach in our infection control strategies, as evidenced by no growth noted on specific and random swabs even when more and more ”super bugs” are being identified in hospital. As an air ambulance service flying patients from various African countries, we have the responsibility to conduct our own ”Border Security” to keep our hospitals, patients, aircraft and crews clean and safe. In this presentation we will share our ”Border Security” principles and experiences with the audience.

  7. Role of nuclear material accounting and control on nuclear security. Countermeasure against insider threat

    International Nuclear Information System (INIS)

    Osabe, Takeshi

    2014-01-01

    Possibility on unauthorized removal (theft) of nuclear material by a facility insider is a recognized as a serious threat. An insider could take advantage or knowledge of control system and access to nuclear material to intercept facility's system designed to protect theft of nuclear material by an insider. This paper will address how the facility level Nuclear Material Accounting and Control (NMAC) System should be designed and implemented to enhance deterring and detect theft of nuclear material by a facility insider. (author)

  8. A Survey of Security Tools for the Industrial Control System Environment

    Energy Technology Data Exchange (ETDEWEB)

    Hurd, Carl M. [Idaho National Lab. (INL), Idaho Falls, ID (United States); McCarty, Michael V. [Idaho National Lab. (INL), Idaho Falls, ID (United States)

    2017-06-12

    This report details the results of a survey conducted by Idaho National Laboratory (INL) to identify existing tools which could be used to prevent, detect, mitigate, or investigate a cyber-attack in an industrial control system (ICS) environment. This report compiles a list of potentially applicable tools and shows the coverage of the tools in an ICS architecture.

  9. A Survey of Security Tools for the Industrial Control System Environment

    International Nuclear Information System (INIS)

    Hurd, Carl M.; McCarty, Michael V.

    2017-01-01

    This report details the results of a survey conducted by Idaho National Laboratory (INL) to identify existing tools which could be used to prevent, detect, mitigate, or investigate a cyber-attack in an industrial control system (ICS) environment. This report compiles a list of potentially applicable tools and shows the coverage of the tools in an ICS architecture.

  10. Seguridad industrial y minera: Aspectos estratégicos para el control pasivo de ruido. // Industrial and mining security: estrategics aspects for the passive control of noise.

    Directory of Open Access Journals (Sweden)

    Luis Felipe Sexto

    2001-04-01

    of effective maintenance politics.Such relationship constitutes the starting point to assure the personnel's health, the good equipment performance,operational security, and a decrease of the acoustic contamination in industrial environment.Key words: Noise, contamination, maintenance, security, health, passive control.

  11. Data Integrated System for the control to the security information and radiological protection to national scale

    International Nuclear Information System (INIS)

    Valdes Ramos, M.; Domenech Nieves, H.; Jova Sed, L.

    1998-01-01

    RASSYN was developed to maintain upgraded the national registrations that store the data that allow to the regulatory organ to exercise its function give control and supervision. On the other hand the system serves tool for the emission authorizations, licenses, permits and it facilitates the task inspection. The system notices on time situations that require attention and it values and it correlates the information with view to obtain the national at grade radiological situation or give a territory

  12. SECURE INTERNET OF THINGS-BASED CLOUD FRAMEWORK TO CONTROL ZIKA VIRUS OUTBREAK.

    Science.gov (United States)

    Sareen, Sanjay; Sood, Sandeep K; Gupta, Sunil Kumar

    2017-01-01

    Zika virus (ZikaV) is currently one of the most important emerging viruses in the world which has caused outbreaks and epidemics and has also been associated with severe clinical manifestations and congenital malformations. Traditional approaches to combat the ZikaV outbreak are not effective for detection and control. The aim of this study is to propose a cloud-based system to prevent and control the spread of Zika virus disease using integration of mobile phones and Internet of Things (IoT). A Naive Bayesian Network (NBN) is used to diagnose the possibly infected users, and Google Maps Web service is used to provide the geographic positioning system (GPS)-based risk assessment to prevent the outbreak. It is used to represent each ZikaV infected user, mosquito-dense sites, and breeding sites on the Google map that helps the government healthcare authorities to control such risk-prone areas effectively and efficiently. The performance and accuracy of the proposed system are evaluated using dataset for 2 million users. Our system provides high accuracy for initial diagnosis of different users according to their symptoms and appropriate GPS-based risk assessment. The cloud-based proposed system contributed to the accurate NBN-based classification of infected users and accurate identification of risk-prone areas using Google Maps.

  13. Water security evaluation in Yellow River basin

    Science.gov (United States)

    Jiang, Guiqin; He, Liyuan; Jing, Juan

    2018-03-01

    Water security is an important basis for making water security protection strategy, which concerns regional economic and social sustainable development. In this paper, watershed water security evaluation index system including 3 levels of 5 criterion layers (water resources security, water ecological security and water environment security, water disasters prevention and control security and social economic security) and 24 indicators were constructed. The entropy weight method was used to determine the weights of the indexes in the system. The water security index of 2000, 2005, 2010 and 2015 in Yellow River basin were calculated by linear weighting method based on the relative data. Results show that the water security conditions continue to improve in Yellow River basin but still in a basic security state. There is still a long way to enhance the water security in Yellow River basin, especially the water prevention and control security, the water ecological security and water environment security need to be promoted vigorously.

  14. Security studies

    International Nuclear Information System (INIS)

    Venot, R.

    2001-01-01

    Full text: Security studies constitute one of the major tools for evaluating the provisions implemented at facilities to protect and control Nuclear Material against unauthorized removal. Operators use security studies to demonstrate that they are complying with objectives set by the Competent Authority to counter internal or external acts aimed at unauthorized removal of NM. The paper presents the context of security studies carried out in France. The philosophy of these studies is based on a postulated unauthorized removal of NM and the study of the behavior of the systems implemented to control and protect NM in a facility. The potential unauthorized removal of NM usually may take place in two stages. The first stage involves the sequence leading to handling of the NM. It occurs inside the physical barriers of a facility and may include action involving the documents corresponding to Material Control and Accounting systems. At this stage it is possible to limit the risk of unauthorized removal of NM by means of detection capabilities of the MC and A systems. The second stage is more specific to theft and involves removing the NM out of the physical barriers of a facility in which they are being held, notably by affecting the Physical Protection System. Operators have to study, from a quantity and time lapse point of view, the ability of the installed systems to detect unauthorized removal, as well as the possibility of tampering with the systems to mask unlawful operations. Operators have also to analyze the sequences during which NM are accessed, removed from their containment and further removed from the facility in which they are stored. At each stage in the process, the probability of detection and the time taken to carry out the above actions have to be estimated. Of course, these two types of studies complement each other. Security studies have begun, in France, for more than fifteen years. Up to now more than fifty security studies are available in the

  15. DNS security management

    CERN Document Server

    Dooley, Michael

    2017-01-01

    An advanced Domain Name System (DNS) security resource that explores the operation of DNS, its vulnerabilities, basic security approaches, and mitigation strategies DNS Security Management offers an overall role-based security approach and discusses the various threats to the Domain Name Systems (DNS). This vital resource is filled with proven strategies for detecting and mitigating these all too frequent threats. The authors—noted experts on the topic—offer an introduction to the role of DNS and explore the operation of DNS. They cover a myriad of DNS vulnerabilities and include preventative strategies that can be implemented. Comprehensive in scope, the text shows how to secure DNS resolution with the Domain Name System Security Extensions (DNSSEC), DNS firewall, server controls, and much more. In addition, the text includes discussions on security applications facilitated by DNS, such as anti-spam, SFP, and DANE.

  16. Preventive voltage control actions to securely face load evolution in power systems

    Energy Technology Data Exchange (ETDEWEB)

    Marano Marcolini, A.; Martinez Ramos, J.L.; Romero Ramos, E.; Trigo Garcia, A.L. [Department of Electrical Engineering, University of Seville, Camino de los Descubrimientos s/n, 41092 Sevilla (Spain)

    2010-04-15

    One of the main aims of the System Operator (SO) is to maintain in every moment the system parameters between feasible operational margins. In certain periods of the day the load suffers fast changes which cause, specially when it tends to increase, a generalized voltage decrement and a more stressed condition for many reactive resources. In such cases, many devices may arrive to their operational limits, situation which translates into a weaker system. To avoid this negative effect the control variables should be rescheduled to maintain the normal operation conditions in the foreseeable future. This work proposes a useful tool to assist the SO when determining such actions. The main improvements are due to the implementation of a hybrid method that allows the comparison of different kinds of control variables and the inclusion of the operator background and experience in the algorithm that determines the actions. The performance of the proposed method is tested in both the IEEE 14-Bus and 118-Bus test systems. (author)

  17. Information Security

    OpenAIRE

    2005-01-01

    Information security is all about the protection of digital assets, such as digital content, personal health records, state secrets etc. These assets can be handled by a party who is authorised to access and control the asset or a party who is not authorised to do so. Authorisation determines who is trusted to actually handle an asset. Two concepts complement authorisation. Authentication deter-mines who makes a request to handle an asset. To decide who is authorised, a system needs to au-the...

  18. Computer Security: Security operations at CERN (4/4)

    CERN Document Server

    CERN. Geneva

    2012-01-01

    Stefan Lueders, PhD, graduated from the Swiss Federal Institute of Technology in Zurich and joined CERN in 2002. Being initially developer of a common safety system used in all four experiments at the Large Hadron Collider, he gathered expertise in cyber-security issues of control systems. Consequently in 2004, he took over responsibilities in securing CERN's accelerator and infrastructure control systems against cyber-threats. Subsequently, he joined the CERN Computer Security Incident Response Team and is today heading this team as CERN's Computer Security Officer with the mandate to coordinate all aspects of CERN's computer security --- office computing security, computer centre security, GRID computing security and control system security --- whilst taking into account CERN's operational needs. Dr. Lueders has presented on these topics at many different occasions to international bodies, governments, and companies, and published several articles. With the prevalence of modern information technologies and...

  19. Securing a robust electrical discharge drilling process by means of flow rate control

    Science.gov (United States)

    Risto, Matthias; Munz, Markus; Haas, Ruediger; Abdolahi, Ali

    2017-10-01

    This paper deals with the increase of the process robustness while drilling cemented carbide using electrical discharge machining (EDM). A demand for high efficiency in the resulting diameter is equivalent with a high robustness of the EDM drilling process. Analysis were done to investigate the process robustness (standard deviation of the borehole diameter) when drilling cemented carbide. The investigation has shown that the dielectric flow rate changes over the drilling process. In this case the flow rate decreased with a shorter tool electrode due to an uneven wear of the tool electrode's cross section. Using a controlled flow rate during the drilling process has led to a reduced standard deviation of the borehole diameter, thus to a higher process robustness when drilling cemented carbide.

  20. Secured Session-key Distribution using control Vector Encryption / Decryption Process

    International Nuclear Information System (INIS)

    Ismail Jabiullah, M.; Abdullah Al-Shamim; Khaleqdad Khan, ANM; Lutfar Rahman, M.

    2006-01-01

    Frequent key changes are very much desirable for the secret communications and are thus in high demand. A session-key distribution technique has been designed and implemented using the programming language C on which the communication between the end-users is encrypted is used for the duration of a logical connection. Each session-key is obtained from the key distribution center (KDC) over the same networking facilities used for end-user communication. The control vector is cryptographically coupled with the session-key at the time of key generation in the KDC. For this, the generated hash function, master key and the session-key are used for producing the encrypted session-key, which has to be transferred. All the operations have been performed using the C programming language. This process can be widely applicable to all sorts of electronic transactions online or offline; commercially and academically.(authors)

  1. An Expressive, Lightweight and Secure Construction of Key Policy Attribute-Based Cloud Data Sharing Access Control

    Science.gov (United States)

    Lin, Guofen; Hong, Hanshu; Xia, Yunhao; Sun, Zhixin

    2017-10-01

    Attribute-based encryption (ABE) is an interesting cryptographic technique for flexible cloud data sharing access control. However, some open challenges hinder its practical application. In previous schemes, all attributes are considered as in the same status while they are not in most of practical scenarios. Meanwhile, the size of access policy increases dramatically with the raise of its expressiveness complexity. In addition, current research hardly notices that mobile front-end devices, such as smartphones, are poor in computational performance while too much bilinear pairing computation is needed for ABE. In this paper, we propose a key-policy weighted attribute-based encryption without bilinear pairing computation (KP-WABE-WB) for secure cloud data sharing access control. A simple weighted mechanism is presented to describe different importance of each attribute. We introduce a novel construction of ABE without executing any bilinear pairing computation. Compared to previous schemes, our scheme has a better performance in expressiveness of access policy and computational efficiency.

  2. Financial security

    NARCIS (Netherlands)

    de Goede, M.; Burgess, J.P.

    2010-01-01

    1. Introduction J. Peter Burgess Part 1: New Security Concepts 2. Civilizational Security Brett Bowden 3. Risk Oliver Kessler 4. Small Arms Keith Krause 5. Critical Human Security Taylor Owen 6. Critical Geopolitics Simon Dalby Part 2: New Security Subjects 7. Biopolitics Michael Dillon 8. Gendered

  3. Convention on the establishment of a security control in the field of nuclear energy. Protocol on the tribunal established by the convention on the establishment of a security control in the field of nuclear energy

    International Nuclear Information System (INIS)

    1957-01-01

    The governments of Germany, Austria, Belgium, Denmark, France, Greece, Ireland, Iceland, Italy, Luxembourg, Norway, Netherlands, Portugal, United Kingdom, Sweden, Switzerland and Turkey, having resolved to promote the development of the production and uses of nuclear energy in the Member countries of the Organisation for European Economic Co-operation between these countries and the harmonisation of national measures; considering that the joint action undertaken to this end in the Organisation is intended to develop the European nuclear industry for purely peaceful ends and must not further any military purpose; considering that at its meeting of' 18 July, 1956, the Council of the Organisation decided to establish to this effect an international security control; considering that by a Decision dated this day the Council has established, within the Organisation, a European Nuclear Energy Agency with the task of pursuing the joint action undertaken; have agreed the present convention. The governments party to the Convention, desirous of determining in accordance with Article 12 of the Convention the organisation of the Tribunal established by the said Article and the status of its judges; have agreed upon the provisions which are annexed to the Convention

  4. Addressing Software Security

    Science.gov (United States)

    Bailey, Brandon

    2015-01-01

    Historically security within organizations was thought of as an IT function (web sites/servers, email, workstation patching, etc.) Threat landscape has evolved (Script Kiddies, Hackers, Advanced Persistent Threat (APT), Nation States, etc.) Attack surface has expanded -Networks interconnected!! Some security posture factors Network Layer (Routers, Firewalls, etc.) Computer Network Defense (IPS/IDS, Sensors, Continuous Monitoring, etc.) Industrial Control Systems (ICS) Software Security (COTS, FOSS, Custom, etc.)

  5. Intercorporate Security Event Correlation

    Directory of Open Access Journals (Sweden)

    D. O. Kovalev

    2010-03-01

    Full Text Available Security controls are prone to false positives and false negatives which can lead to unwanted reputation losses for the bank. The reputational database within the security operations center (SOC and intercorporate correlation of security events are offered as a solution to increase attack detection fidelity. The theses introduce the definition and structure of the reputation, architectures of reputational exchange and the place of intercorporate correlation in overall SOC correlation analysis.

  6. Security negotiation

    OpenAIRE

    Mitrović, Miroslav M.; Ivaniš, Željko

    2013-01-01

    Contemporary security challenges, risks and threats represent a resultant of the achieved level of interaction between various entities within the paradigm of global security relations. Asymmetry and nonlinearity are main features of contemporary challenges in the field of global security. Negotiation in the area of security, namely the security negotiation, thus goes beyond just the domain of negotiation in conflicts and takes into consideration particularly asymmetric forms of possible sour...

  7. 685. Order amending the Order concerning the definition of goods whose export requires a permit in accordance with the Security Control Act

    International Nuclear Information System (INIS)

    1990-01-01

    The list of goods which may not be exported without a permit, in accordance with the Act of 1972 on security control, was amended by this Order. The amendment includes numerous items or equipment involving radiation or radioactive materials. It came into effect on 1 December 1990. (NEA)

  8. Securing Stability and Inclusiveness: G20 Summit Success in Controlling Financial Crises

    Directory of Open Access Journals (Sweden)

    John Kirton

    2017-08-01

    Full Text Available The G20 summit system has successfully controlled financial crises, restoring global financial stability after the shock from the US in 2008 and preventing the third shock from Europe in 2010 from resulting in a global contagion. After the G20 finance ministers effectively responded to the Asian-turned-global financial crisis in 1999, they failed to prevent the greater American-turned-global financial crisis in 2008, yet their leaders together responded effectively to it, then prevented the escalating euro crisis from going global, and finally reduced the likelihood of another global financial crisis emanating from a systemically significant country. Since 2013, the G20 has also enhanced economic equality between rich and poor countries, but has not fully made up for the loss in economic growth experienced in 2008 to 2013 or eliminated the socioeconomic scarring created during that period. This increasing success was driven by the changing conditions of the forces identified in the systemic hub model of G20 governance. The first was steadily escalating shocks in finance and economics, and related fields, from 1997 to 2012. The sources of these shifted from emerging Asia to a newly-vulnerable United States, Europe and then China in a much reduced form. With such shocks exposing and equalizing the vulnerability of the major powers, the formal multilateral organizations created by the United States and its Atlantic allies in the 1940s and their subsequent informal supplements such as the G7 could not cope. Among its many international institutional competitors, the G20 alone contained, as full, equal members, the countries that increasingly possessed the collectively predominant and internally equalizing capabilities required to respond effectively. They increasingly, if unevenly, became more internationally and domestically open and interconnected financial systems, economies and societies, albeit with some setbacks after 2013. The often high

  9. Security Strategies of Both Players in Asymmetric Information Zero-Sum Stochastic Games with an Informed Controller

    KAUST Repository

    Li, Lichun; Langbort, Cedric; Shamma, Jeff S.

    2017-01-01

    that the security strategy only depends on the belief and the current stage. We provide LP formulations whose size is only linear in the size of the uninformed player's action set to compute both history based and belief based security strategies. For the uninformed

  10. Security Expertise

    DEFF Research Database (Denmark)

    systematic study of security expertise and opens up a productive dialogue between science and technology studies and security studies to investigate the character and consequences of this expertise. In security theory, the study of expertise is crucial to understanding whose knowledge informs security making......This volume brings together scholars from different fields to explore the power, consequences and everyday practices of security expertise. Expertise mediates between different forms of knowledge: scientific and technological, legal, economic and political knowledge. This book offers the first...... and to reflect on the impact and responsibility of security analysis. In science and technology studies, the study of security politics adds a challenging new case to the agenda of research on expertise and policy. The contributors investigate cases such as academic security studies, security think tanks...

  11. Dynamic model of minimax control over economic security state of the region in the presence of risks

    Directory of Open Access Journals (Sweden)

    Andrey Fedorovich Shorikov

    2012-06-01

    Full Text Available Investigation and solution of management of economic security state in the region (MESSR requires development of a dynamic economic-mathematical model that takes into account the presence of control actions, uncontrolled parameters (risk modeling errors, etc. and availability of information deficit. At the same time, the existing approaches to solving such problems are based primarily on static models and the use of stochastic modeling of the device, which is required for the application of knowledge of the probability characteristics of the main model parameters and special conditions for the realization of the process. We should note that to use the apparatus of stochastic modeling, very strict conditions are required, which in practice are usually not feasible in advance In this paper, we propose to use a deterministic approach for modeling and solving the original problem in the form of a dynamic programming problem of minimax control (optimization of a guaranteed result MESSR at the determined point of time, taking into account the availability of risks of deterministic and stochastic nature (combined risks model. At thesametime, under therisks in thesocial and economic system we understand thefactors that negatively catastrophically affect the results of the reviewed processes inside it. For an effective use, a technique of prediction and assessment of time rows and stochastic risks in MESSR optimization process is presented, which can serve as a basis for the development of appropriate computer software. To solve the problem of program minimax control MESSR in the presence of risks, we propose a method which is reduced to the realization of a finite number of solutions of linear and convex mathematical programming and discrete optimization problem. The proposed method makes it possible to develop efficient numerical procedures to implement computer simulation of the dynamics of the problem, build program minimax control and gain optimal

  12. 5 CFR 3201.103 - Prohibition on acquisition, ownership, or control of securities of FDIC-insured depository...

    Science.gov (United States)

    2010-01-01

    ... described in paragraph (a) of this section if: (i) The security was acquired by inheritance, gift, stock...-insured depository institution as custodian or trustee of accounts containing tax-deferred retirement...

  13. Command and Control of Private Security Contractors: Are They a Viable Force Option for the Combatant Commander?

    National Research Council Canada - National Science Library

    Sherard, Scott H

    2008-01-01

    If a Combatant Commander (CCDR) or Joint Force Commander (JFC) were to take command of the approximately 25,000 security contractors in Iraq, a force of such size and capability would prove to be a valuable operational asset...

  14. Use of the iTClamp versus standard suturing techniques for securing chest tubes: A randomized controlled cadaver study

    Directory of Open Access Journals (Sweden)

    Jessica Mckee

    2018-03-01

    Full Text Available Objectives: Tube thoracostomy (TT is a common yet potentially life-saving trauma procedure. After successful placement however, securing a TT through suturing is a skillset that requires practice, risking that the TT may become dislodged during prehospital transport. The purpose of this study was to examine if the iTClamp was a simpler technique with equivalent effectiveness for securing TTs. Materials and methods: In a cadaver model, a 1.5 inch incision was utilized along the upper border of the rib below the 5th intercostal space at the anterior axillary line. TTs (sizes 28Fr, 32Fr, 36Fr and 40Fr were inserted and secured with both suturing and iTClamp techniques according to the preset randomization. TT were then functionally tested for positive and negative pressure as well as the force required to remove the TT (pull test-up to 5 lbs. Time to secure the TT was also recorded. Results: When sutured is placed by a trained surgeon, the sutures and iTClamp were functionally equivalent for holding a positive and negative pressure. Mean pull force for both sutures and iTClamp exceeded the 5 lb threshold; there was no significant difference between the groups. Securing the TT with the iTClamp was significantly faster (p < 0.0001 with the iTClamp having a mean application time of 37.0 ± 22.8 s and using a suture had a man application time of 96.3 ± 29.0 s. Conclusion: The iTClamp was effective in securing TTs. The main benefit to the iTClamp is that minimal skill is required to adequately secure a TT to ensure that it does not become dislodged during transport to a trauma center. Keywords: Chest tube, Tube thoracostomy, Securing chest tubes

  15. Watermarking security

    CERN Document Server

    Bas, Patrick; Cayre, François; Doërr, Gwenaël; Mathon, Benjamin

    2016-01-01

    This book explains how to measure the security of a watermarking scheme, how to design secure schemes but also how to attack popular watermarking schemes. This book gathers the most recent achievements in the field of watermarking security by considering both parts of this cat and mouse game. This book is useful to industrial practitioners who would like to increase the security of their watermarking applications and for academics to quickly master this fascinating domain.

  16. Comparison of secure messaging application (WhatsApp) and standard telephone usage for consultations on Length of Stay in the ED. A prospective randomized controlled study.

    Science.gov (United States)

    Gulacti, Umut; Lok, Ugur

    2017-07-19

    Consultation, the process of an Emergency Physician seeking an opinion from other specialties, occurs frequently in the Emergency Department (ED). The aim of this study was to determine the effect of secure messaging application (WhatsApp) usage for medical consultations on Emergency Department Length of Stay (ED LOS) and consult time. We conducted a prospective, randomized controlled trial in the ED using allocation concealment over three months. Consultations requested in the ED were allocated into two groups: consultations requested via the secure messaging application and consultations requested by telephone as verbal. A total of 439 consultations requested in the ED were assessed for eligibility and 345 were included in the final analysis: 173 consultations were conducted using secure messaging application and 172 consultations were conducted using standard telephone communications. The median ED LOS was 240 minutes (IQR:230-270, 95% CI:240 to 255.2) for patients in the secure messaging application group and 277 minutes (IQR:270-287.8, 95% CI:277 to 279) for patients in the telephone group. The median total ED LOS was significantly lower among consults conducted using Secure messaging application relative to consults conducted by telephone (median dif: -30, 95%CI:-37to-25, p<0.0001). The median consult time was 158 minutes (IQR:133 to 177.25, 95% CI:150 to 169) for patients in the Secure messaging application group and 170 minutes (IQR:165 to 188.5, 95% CI:170-171) for patients in the Telephone group (median dif: -12, 95%CI:-19 to-7,p<0.0001). Consultations completed without ED arrival was 61.8% in the secure messaging group and 33.1% in the Telephone group (dif: 28.7, 95% CI:48.3 to 66, p<0.001). Use of secure messaging application for consultations in the ED reduces the total ED LOS and consultation time. Consultation with secure messaging application eliminated more than half of in-person ED consultation visits.

  17. 'Lowering the threshold of effective deterrence'-Testing the effect of private security agents in public spaces on crime: A randomized controlled trial in a mass transit system.

    Science.gov (United States)

    Ariel, Barak; Bland, Matthew; Sutherland, Alex

    2017-01-01

    Supplementing local police forces is a burgeoning multibillion-dollar private security industry. Millions of formal surveillance agents in public settings are tasked to act as preventative guardians, as their high visibility presence is hypothesized to create a deterrent threat to potential offenders. Yet, rigorous evidence is lacking. We randomly assigned all train stations in the South West of England that experienced crime into treatment and controls conditions over a six-month period. Treatment consisted of directed patrol by uniformed, unarmed security agents. Hand-held trackers on every agent yielded precise measurements of all patrol time in the stations. Count-based regression models, estimated marginal means and odds-ratios are used to assess the effect of these patrols on crimes reported to the police by victims, as well as new crimes detected by police officers. Outcomes are measured at both specified target locations to which security guards were instructed to attend, as well as at the entire station complexes. Analyses show that 41% more patrol visits and 29% more minutes spent by security agents at treatment compared to control stations led to a significant 16% reduction in victim-generated crimes at the entirety of the stations' complexes, with a 49% increase in police-generated detections at the target locations. The findings illustrate the efficacy of private policing for crime prevention theory.

  18. Security Locks

    Science.gov (United States)

    Hart, Kevin

    2010-01-01

    According to a 2008 "Year in Review" report by Educational Security Incidents, an online repository that collects data on higher education security issues, the total number of security incidents reported at universities and colleges worldwide rose to 173 in 2008, a 24.5 percent increase over 2007. The number of institutions…

  19. Enterprise Mac Security Mac OS X Snow Leopard Security

    CERN Document Server

    Edge, Stephen Charles; Hunter, Beau; Sullivan, Gene; LeBlanc, Dee-Ann

    2010-01-01

    A common misconception in the Mac community is that Mac's operating system is more secure than others. While this might be true in certain cases, security on the Mac is still a crucial issue. When sharing is enabled or remote control applications are installed, Mac OS X faces a variety of security threats. Enterprise Mac Security: Mac OS X Snow Leopard is a definitive, expert-driven update of the popular, slash-dotted first edition and was written in part as a companion to the SANS Institute course for Mac OS X. It contains detailed Mac OS X security information, and walkthroughs on securing s

  20. Security and SCADA protocols

    International Nuclear Information System (INIS)

    Igure, V. M.; Williams, R. D.

    2006-01-01

    Supervisory control and data acquisition (SCADA) networks have replaced discrete wiring for many industrial processes, and the efficiency of the network alternative suggests a trend toward more SCADA networks in the future. This paper broadly considers SCADA to include distributed control systems (DCS) and digital control systems. These networks offer many advantages, but they also introduce potential vulnerabilities that can be exploited by adversaries. Inter-connectivity exposes SCADA networks to many of the same threats that face the public internet and many of the established defenses therefore show promise if adapted to the SCADA differences. This paper provides an overview of security issues in SCADA networks and ongoing efforts to improve the security of these networks. Initially, a few samples from the range of threats to SCADA network security are offered. Next, attention is focused on security assessment of SCADA communication protocols. Three challenges must be addressed to strengthen SCADA networks. Access control mechanisms need to be introduced or strengthened, improvements are needed inside of the network to enhance security and network monitoring, and SCADA security management improvements and policies are needed. This paper discusses each of these challenges. This paper uses the Profibus protocol as an example to illustrate some of the vulnerabilities that arise within SCADA networks. The example Profibus security assessment establishes a network model and an attacker model before proceeding to a list of example attacks. (authors)

  1. Lecture 1: General Security

    CERN Multimedia

    CERN. Geneva

    2013-01-01

    The CERN Computer Security Team is mandated to coordinate all aspects of CERN’s computer security --- office computing security, computer centre security, GRID computing security and control system security --- whilst taking into account CERN’s operational needs. This presentation will cover a series of security incidents which happened at CERN over the last five years, and discuss the lessons-learned in order to avoid similar things from happening again (there is enough blunder out there so there is need to make the same mistake twice). In the second part, I will outline how computer security --- prevention, protection, detection and response --- is generated at CERN, what the main objectives of the CERN computer security team are, and which policies, procedures and tools have been put in place. Stefan Lüders, PhD, graduated from the Swiss Federal Institute of Technology in Zurich and joined CERN in 2002. Being initially developer of a common safety system used in all four experiments at the Large Hadr...

  2. Directions for Web and E-Commerce Applications Security

    OpenAIRE

    Thuraisingham, Bhavani; Clifton, Chris; Gupta, Amar; Bertino, Elisa; Ferrari, Elena

    2003-01-01

    This paper provides directions for web and e-commerce applications security. In particular, access control policies, workflow security, XML security and federated database security issues pertaining to the web and ecommerce applications are discussed.

  3. Why SCADA security is NOT like Computer Centre Security

    CERN Multimedia

    CERN. Geneva

    2014-01-01

    Today, the industralized world lives in symbiosis with control systems (aka SCADA systems): it depends on power distribution, oil production, public transport, automatic production lines. While the convenience is at hand, still too many control systems are designed without any security in mind, lack basic security protections, and are not even robust enough to withstand basic attacks. The Stuxnet worm attacking Siemens PLCs in 2010 was another close call. Attackers currently enjoy hacking control systems, and aim to switch lights off. This presentation shall recap the current situation and discuss the differences (or not) between computer center cyber-security and control system cyber-security.

  4. System Security Management in SNMP

    OpenAIRE

    P. Deivendran; Dr. R. Dhanapal Ph.D

    2010-01-01

    We present a framework for managing system security, based on a SNMP Management Information Base (MIB), namely the System Security MIB (SSEC MIB), We have defined managed objects and completed the ASN.1 description of the MIB that embeds them. The related security management functions are mainly focused on monitoring external script execution for system security scanning and access control. The main goal of this work is to introduce the semantics and a standard interface that will allow the r...

  5. International Nuclear Security

    Energy Technology Data Exchange (ETDEWEB)

    Doyle, James E. [Los Alamos National Laboratory

    2012-08-14

    This presentation discusses: (1) Definitions of international nuclear security; (2) What degree of security do we have now; (3) Limitations of a nuclear security strategy focused on national lock-downs of fissile materials and weapons; (4) What do current trends say about the future; and (5) How can nuclear security be strengthened? Nuclear security can be strengthened by: (1) More accurate baseline inventories; (2) Better physical protection, control and accounting; (3) Effective personnel reliability programs; (4) Minimize weapons-usable materials and consolidate to fewer locations; (5) Consider local threat environment when siting facilities; (6) Implement pledges made in the NSS process; and (7) More robust interdiction, emergency response and special operations capabilities. International cooperation is desirable, but not always possible.

  6. ORDER SECURITY – NATIONAL SECURITY ADMINISTRATION. NATIONAL SECURITY DEFENSE AS SPECIAL ADMINISTRATION

    OpenAIRE

    Zoltán BALLA

    2009-01-01

    National security administration is the special executivedisposal activity of the national security agencies, the section of the state administration that helps the governmental work by reconnoitering and preventing with secret-servicing methods of the risks that shall harm or endanger the national security’s interests. The main operational principles of national security governing are the followings among others: - controlling the operation of national security organization belongs to the ex...

  7. SMS security system for smart home detectors

    OpenAIRE

    Cekova, Katerina; Gelev, Saso

    2016-01-01

    Security has always been an important problem everywhere. Home security has been a major issue where crime is increasing and everybody wants home security to protect the home. Safety from theft and flame are the most important requirements of a home security system for people. A remote home security system offers many benefits from keeping homeowners, and their property safe. This paper present controlling of the home security system remotely from Android Application. Owners can turn on or...

  8. Information security management with ITIL V3

    CERN Document Server

    Cazemier, Jacques A; Peters, Louk

    2010-01-01

    This groundbreaking new title looks at Information Security from defining what security measures positively support the business, to implementation to maintaining the required level and anticipating required changes. It covers:Fundamentals of information security ? providing readers insight and give background about what is going to be managed. Topics covered include: types of security controls, business benefits and the perspectives of business, customers, partners, service providers, and auditors.Fundamentals of management of information security - explains what information security manageme

  9. Qualitative Case Study Exploring Operational Barriers Impeding Small and Private, Nonprofit Higher Education Institutions from Implementing Information Security Controls

    Science.gov (United States)

    Liesen, Joseph J.

    2017-01-01

    The higher education industry uses the very latest technologies to effectively prepare students for their careers, but these technologies often contain vulnerabilities that can be exploited via their connection to the Internet. The complex task of securing information and computing systems is made more difficult at institutions of higher education…

  10. 21 CFR 1301.72 - Physical security controls for non-practitioners; narcotic treatment programs and compounders for...

    Science.gov (United States)

    2010-04-01

    ... of No. 10 gauge steel fabric on a metal door frame in a metal door flange, and in all other respects... secured areas: (1) Where small quantities permit, a safe or steel cabinet; (i) Which safe or steel cabinet... radiological techniques; (ii) Which safe or steel cabinet, if it weighs less than 750 pounds, is bolted or...

  11. Securing Hadoop

    CERN Document Server

    Narayanan, Sudheesh

    2013-01-01

    This book is a step-by-step tutorial filled with practical examples which will focus mainly on the key security tools and implementation techniques of Hadoop security.This book is great for Hadoop practitioners (solution architects, Hadoop administrators, developers, and Hadoop project managers) who are looking to get a good grounding in what Kerberos is all about and who wish to learn how to implement end-to-end Hadoop security within an enterprise setup. It's assumed that you will have some basic understanding of Hadoop as well as be familiar with some basic security concepts.

  12. Grid Security

    CERN Multimedia

    CERN. Geneva

    2004-01-01

    The aim of Grid computing is to enable the easy and open sharing of resources between large and highly distributed communities of scientists and institutes across many independent administrative domains. Convincing site security officers and computer centre managers to allow this to happen in view of today's ever-increasing Internet security problems is a major challenge. Convincing users and application developers to take security seriously is equally difficult. This paper will describe the main Grid security issues, both in terms of technology and policy, that have been tackled over recent years in LCG and related Grid projects. Achievements to date will be described and opportunities for future improvements will be addressed.

  13. Innovative protection and control systems for a reliable and secure operation of electrical transmission systems; Innovative Schutz- und Leitsysteme zur zuverlaessigen und sicheren elektrischen Energieuebertragung

    Energy Technology Data Exchange (ETDEWEB)

    Mueller, Sven C.; Kubis, Adreas; Rehtanz, Christian [Technische Univ. Dortmund (Germany). Inst. fuer Energiesysteme, Energieeffizienz und Energiewirtschaft (ie3); Brato, Sebastian; Goetze, Juergen [Technische Univ. Dortmund (Germany). Arbeitsgebiet Datentechnik

    2012-07-01

    The integration of European electricity markets as well as the increasing power feed-in by renewable energy sources pose new challenges to the operation of electrical transmission systems. Modern protection and control systems based on wide-area information can substantially contribute to a reliable and secure system operation even against the background of future demands. In this paper research advances regarding new applications for wide-area monitoring, protection and control as well as an integrated simulation for power and ICT systems are presented that have been developed in the course of DFG research unit FOR1511 at TU Dortmund. (orig.)

  14. Information security architecture an integrated approach to security in the organization

    CERN Document Server

    Killmeyer, Jan

    2000-01-01

    An information security architecture is made up of several components. Each component in the architecture focuses on establishing acceptable levels of control. These controls are then applied to the operating environment of an organization. Functionally, information security architecture combines technical, practical, and cost-effective solutions to provide an adequate and appropriate level of security.Information Security Architecture: An Integrated Approach to Security in the Organization details the five key components of an information security architecture. It provides C-level executives

  15. Contributions of the US Centers for Disease Control and Prevention in Implementing the Global Health Security Agenda in 17 Partner Countries.

    Science.gov (United States)

    Fitzmaurice, Arthur G; Mahar, Michael; Moriarty, Leah F; Bartee, Maureen; Hirai, Mitsuaki; Li, Wenshu; Gerber, A Russell; Tappero, Jordan W; Bunnell, Rebecca

    2017-12-01

    The Global Health Security Agenda (GHSA), a partnership of nations, international organizations, and civil society, was launched in 2014 with a mission to build countries' capacities to respond to infectious disease threats and to foster global compliance with the International Health Regulations (IHR 2005). The US Centers for Disease Control and Prevention (CDC) assists partner nations to improve IHR 2005 capacities and achieve GHSA targets. To assess progress through these CDC-supported efforts, we analyzed country activity reports dating from April 2015 through March 2017. Our analysis shows that CDC helped 17 Phase I countries achieve 675 major GHSA accomplishments, particularly in the cross-cutting areas of public health surveillance, laboratory systems, workforce development, and emergency response management. CDC's engagement has been critical to these accomplishments, but sustained support is needed until countries attain IHR 2005 capacities, thereby fostering national and regional health protection and ensuring a world safer and more secure from global health threats.

  16. International and European Security Law

    Directory of Open Access Journals (Sweden)

    Jonathan Herbach

    2012-02-01

    Full Text Available Security law, or more comprehensively conflict and security law, on the international level represents the intersection of three distinct but interrelated fields: international humanitarian law (the law of armed conflict, jus in bello, the law of collective security (most identified with the United Nations (UN system, jus ad bellum and arms control law (including non-proliferation. Security in this sense is multifaceted - interest security, military security and, as is often referred to in the context of the EU, human security. As such, the law covers a wide range of specific topics with respect to conflict, encompassing the use of force, including choice of weapons and fighting techniques, extending to the rules applicable in peacekeeping and peace enforcement, and yet also dictating obligations outside the context of conflict, such as safeguarding and securing dual-use materials (those with both peaceful and military applications to prevent malicious use.

  17. Social Security.

    Science.gov (United States)

    Social and Labour Bulletin, 1983

    1983-01-01

    This group of articles discusses a variety of studies related to social security and retirement benefits. These studies are related to both developing and developed nations and are also concerned with studying work conditions and government role in administering a democratic social security system. (SSH)

  18. Securing the Cloud Cloud Computer Security Techniques and Tactics

    CERN Document Server

    Winkler, Vic (JR)

    2011-01-01

    As companies turn to cloud computing technology to streamline and save money, security is a fundamental concern. Loss of certain control and lack of trust make this transition difficult unless you know how to handle it. Securing the Cloud discusses making the move to the cloud while securing your peice of it! The cloud offers felxibility, adaptability, scalability, and in the case of security-resilience. This book details the strengths and weaknesses of securing your company's information with different cloud approaches. Attacks can focus on your infrastructure, communications network, data, o

  19. Secure Data Access Control for Fog Computing Based on Multi-Authority Attribute-Based Signcryption with Computation Outsourcing and Attribute Revocation.

    Science.gov (United States)

    Xu, Qian; Tan, Chengxiang; Fan, Zhijie; Zhu, Wenye; Xiao, Ya; Cheng, Fujia

    2018-05-17

    Nowadays, fog computing provides computation, storage, and application services to end users in the Internet of Things. One of the major concerns in fog computing systems is how fine-grained access control can be imposed. As a logical combination of attribute-based encryption and attribute-based signature, Attribute-based Signcryption (ABSC) can provide confidentiality and anonymous authentication for sensitive data and is more efficient than traditional "encrypt-then-sign" or "sign-then-encrypt" strategy. Thus, ABSC is suitable for fine-grained access control in a semi-trusted cloud environment and is gaining more and more attention recently. However, in many existing ABSC systems, the computation cost required for the end users in signcryption and designcryption is linear with the complexity of signing and encryption access policy. Moreover, only a single authority that is responsible for attribute management and key generation exists in the previous proposed ABSC schemes, whereas in reality, mostly, different authorities monitor different attributes of the user. In this paper, we propose OMDAC-ABSC, a novel data access control scheme based on Ciphertext-Policy ABSC, to provide data confidentiality, fine-grained control, and anonymous authentication in a multi-authority fog computing system. The signcryption and designcryption overhead for the user is significantly reduced by outsourcing the undesirable computation operations to fog nodes. The proposed scheme is proven to be secure in the standard model and can provide attribute revocation and public verifiability. The security analysis, asymptotic complexity comparison, and implementation results indicate that our construction can balance the security goals with practical efficiency in computation.

  20. INFORMATION SYSTEM SECURITY (CYBER SECURITY

    Directory of Open Access Journals (Sweden)

    Muhammad Siddique Ansari

    2016-03-01

    Full Text Available Abstract - Business Organizations and Government unequivocally relies on upon data to deal with their business operations. The most unfavorable impact on association is disappointment of friendship, goodness, trustworthiness, legitimacy and probability of data and administrations. There is an approach to ensure data and to deal with the IT framework's Security inside association. Each time the new innovation is made, it presents some new difficulties for the insurance of information and data. To secure the information and data in association is imperative on the grounds that association nowadays inside and remotely joined with systems of IT frameworks. IT structures are inclined to dissatisfaction and security infringement because of slips and vulnerabilities. These slips and vulnerabilities can be brought on by different variables, for example, quickly creating headway, human slip, poor key particulars, poor movement schedules or censuring the threat. Likewise, framework changes, new deserts and new strikes are a huge piece of the time displayed, which helpers augmented vulnerabilities, disappointments and security infringement all through the IT structure life cycle. The business went to the confirmation that it is essentially difficult to ensure a slip free, risk free and secure IT structure in perspective of the disfigurement of the disavowing security parts, human pass or oversight, and part or supplies frustration. Totally secure IT frameworks don't exist; just those in which the holders may have changing degrees of certainty that security needs of a framework are fulfilled do. The key viewpoints identified with security of data outlining are examined in this paper. From the start, the paper recommends pertinent legitimate structure and their duties including open association obligation, and afterward it returns to present and future time, system limits, structure security in business division. At long last, two key inadequacy markers

  1. Secure and Efficient Access Control Scheme for Wireless Sensor Networks in the Cross-Domain Context of the IoT

    Directory of Open Access Journals (Sweden)

    Ming Luo

    2018-01-01

    Full Text Available Nowadays wireless sensor network (WSN is increasingly being used in the Internet of Things (IoT for data collection, and design of an access control scheme that allows an Internet user as part of IoT to access the WSN becomes a hot topic. A lot of access control schemes have been proposed for the WSNs in the context of the IoT. Nevertheless, almost all of these schemes assume that communication nodes in different network domains share common system parameters, which is not suitable for cross-domain IoT environment in practical situations. To solve this shortcoming, we propose a more secure and efficient access control scheme for wireless sensor networks in the cross-domain context of the Internet of Things, which allows an Internet user in a certificateless cryptography (CLC environment to communicate with a sensor node in an identity-based cryptography (IBC environment with different system parameters. Moreover, our proposed scheme achieves known session-specific temporary information security (KSSTIS that most of access control schemes cannot satisfy. Performance analysis is given to show that our scheme is well suited for wireless sensor networks in the cross-domain context of the IoT.

  2. Strategic information security

    CERN Document Server

    Wylder, John

    2003-01-01

    Introduction to Strategic Information SecurityWhat Does It Mean to Be Strategic? Information Security Defined The Security Professional's View of Information Security The Business View of Information SecurityChanges Affecting Business and Risk Management Strategic Security Strategic Security or Security Strategy?Monitoring and MeasurementMoving Forward ORGANIZATIONAL ISSUESThe Life Cycles of Security ManagersIntroductionThe Information Security Manager's Responsibilities The Evolution of Data Security to Information SecurityThe Repository Concept Changing Job Requirements Business Life Cycles

  3. Security Bingo

    CERN Multimedia

    Computer Security Team

    2011-01-01

    Want to check your security awareness and win one of three marvellous books on computer security? Just print out this page, mark which of the 25 good practices below you already follow, and send the sheet back to us by 31 October 2011 at either Computer.Security@cern.ch or P.O. Box G19710.   Winners[1] must show that they fulfil at least five good practices in a continuous vertical, horizontal or diagonal row. For details on CERN Computer Security, please consult http://cern.ch/security. I personally…   …am concerned about computer security. …run my computer with an anti-virus software and up-to-date signature files. …lock my computer screen whenever I leave my office. …have chosen a reasonably complex password. …have restricted access to all my files and data. …am aware of the security risks and threats to CERN’s computing facilities. &hell...

  4. [Biological security confronting bioterrorism].

    Science.gov (United States)

    Suárez Fernández, Guillermo

    2002-01-01

    A review is made on Biosecurity at both local and global level in relationship with Bioterrorism as a real threat and its control and prevention. The function of the network of High Security Laboratories around the world able to make immediate diagnosis, research on vaccines, fundamental and urgent epidemiological studies, conform a steady basis to control natural infections and also the possible bioterrorism attacks.

  5. Perspectives on Energy Security

    International Nuclear Information System (INIS)

    Carlsson-Kanyama, Annika; Holmgren, Aake J.; Joensson, Thomas; Larsson, Robert L.

    2007-05-01

    A common notion of 'Energy Security' is that it includes access to energy resources without risking the the survival of the state. 'Security of supply' is most often the concept emphasized in the political discourse on energy security and it includes both production as well as secure and safe delivery of energy to the end consumers. Another aspect of energy security is the need for reducing energy consumption by improving energy efficiency. In this report, eight chapters covering these and other perspectives on energy security are presented. Six of the chapters deal with the supply perspective. Included topics cover power politics and geopolitical perspectives regarding large infrastructure projects and the ambitions of the EU in this regard. Further, methods and approaches for conducting risk analyses of electricity supply systems as well as for improving the security of digital control systems are discussed. As climate change will affect the supply and distribution of energy, one chapter presents an overview of this topic. The consumption perspective is discussed against the backdrop of research about household consumption practices and the role of climate change for future consumption levels. Finally, the role of armed forces as a large energy users is touched upon, as well as how so-called 'future studies' have dealt with energy as a topic

  6. The Key to School Security.

    Science.gov (United States)

    Hotle, Dan

    1993-01-01

    In addition to legislative accessibility requirements, other security issues facing school administrators who select a security system include the following: access control; user friendliness; durability or serviceability; life safety precautions; possibility of vandalism, theft, and tampering; and key control. Offers steps to take in considering…

  7. Computer security

    CERN Document Server

    Gollmann, Dieter

    2011-01-01

    A completely up-to-date resource on computer security Assuming no previous experience in the field of computer security, this must-have book walks you through the many essential aspects of this vast topic, from the newest advances in software and technology to the most recent information on Web applications security. This new edition includes sections on Windows NT, CORBA, and Java and discusses cross-site scripting and JavaScript hacking as well as SQL injection. Serving as a helpful introduction, this self-study guide is a wonderful starting point for examining the variety of competing sec

  8. Secure PVM

    Energy Technology Data Exchange (ETDEWEB)

    Dunigan, T.H.; Venugopal, N.

    1996-09-01

    This research investigates techniques for providing privacy, authentication, and data integrity to PVM (Parallel Virtual Machine). PVM is extended to provide secure message passing with no changes to the user`s PVM application, or, optionally, security can be provided on a message-by message basis. Diffe-Hellman is used for key distribution of a single session key for n-party communication. Keyed MD5 is used for message authentication, and the user may select from various secret-key encryption algorithms for message privacy. The modifications to PVM are described, and the performance of secure PVM is evaluated.

  9. Junos Security

    CERN Document Server

    Cameron, Rob; Giecco, Patricio; Eberhard, Timothy; Quinn, James

    2010-01-01

    Junos® Security is the complete and authorized introduction to the new Juniper Networks SRX hardware series. This book not only provides a practical, hands-on field guide to deploying, configuring, and operating SRX, it also serves as a reference to help you prepare for any of the Junos Security Certification examinations offered by Juniper Networks. Network administrators and security professionals will learn how to use SRX Junos services gateways to address an array of enterprise data network requirements -- including IP routing, intrusion detection, attack mitigation, unified threat manag

  10. Information risk and security modeling

    Science.gov (United States)

    Zivic, Predrag

    2005-03-01

    This research paper presentation will feature current frameworks to addressing risk and security modeling and metrics. The paper will analyze technical level risk and security metrics of Common Criteria/ISO15408, Centre for Internet Security guidelines, NSA configuration guidelines and metrics used at this level. Information IT operational standards view on security metrics such as GMITS/ISO13335, ITIL/ITMS and architectural guidelines such as ISO7498-2 will be explained. Business process level standards such as ISO17799, COSO and CobiT will be presented with their control approach to security metrics. Top level, the maturity standards such as SSE-CMM/ISO21827, NSA Infosec Assessment and CobiT will be explored and reviewed. For each defined level of security metrics the research presentation will explore the appropriate usage of these standards. The paper will discuss standards approaches to conducting the risk and security metrics. The research findings will demonstrate the need for common baseline for both risk and security metrics. This paper will show the relation between the attribute based common baseline and corporate assets and controls for risk and security metrics. IT will be shown that such approach spans over all mentioned standards. The proposed approach 3D visual presentation and development of the Information Security Model will be analyzed and postulated. Presentation will clearly demonstrate the benefits of proposed attributes based approach and defined risk and security space for modeling and measuring.

  11. Secure Environments for Collaboration among Ubiquitous Roaming Entities

    DEFF Research Database (Denmark)

    Jensen, Christian D.

    2002-01-01

    SECURE is a newly started IST project, which addresses secure collaboration among computational entities in emerging global computing systems. The properties of these systems introduce new security challenges that are not adequately addressed by existing security models and mechanisms. The scale ...... and uncertainty of this global computing environment invalidates existing security models. Instead, new security models have to be developed along with new security mechanisms that control access to protected resources.......SECURE is a newly started IST project, which addresses secure collaboration among computational entities in emerging global computing systems. The properties of these systems introduce new security challenges that are not adequately addressed by existing security models and mechanisms. The scale...

  12. Quantum Secure Group Communication.

    Science.gov (United States)

    Li, Zheng-Hong; Zubairy, M Suhail; Al-Amri, M

    2018-03-01

    We propose a quantum secure group communication protocol for the purpose of sharing the same message among multiple authorized users. Our protocol can remove the need for key management that is needed for the quantum network built on quantum key distribution. Comparing with the secure quantum network based on BB84, we show our protocol is more efficient and securer. Particularly, in the security analysis, we introduce a new way of attack, i.e., the counterfactual quantum attack, which can steal information by "invisible" photons. This invisible photon can reveal a single-photon detector in the photon path without triggering the detector. Moreover, the photon can identify phase operations applied to itself, thereby stealing information. To defeat this counterfactual quantum attack, we propose a quantum multi-user authorization system. It allows us to precisely control the communication time so that the attack can not be completed in time.

  13. Collective Security

    DEFF Research Database (Denmark)

    Galster, Kjeld

    in worldwide market conditions left perceptible ripples in Danish economy, budget discussions grew in importance over this period. The pacifist stance entailed disinclination to accept that the collective security concept and international treaties and accords signed by Denmark should necessitate credible...... and other international treaties provided arguments for adjusting the foreign and security policy ambitions, and since the general flux in worldwide market conditions left perceptible ripples in Danish economy, budget discussions grew in importance over this period. The pacifist stance entailed......Collective Security: National Egotism (Abstract) In Danish pre-World War I defence debate the notion of collective security is missing. During the early years of the 19th century, the political work is influenced by a pervasive feeling of rising tension and danger on the continent of Europe...

  14. Security Transformation

    National Research Council Canada - National Science Library

    Metz, Steven

    2003-01-01

    ... adjustment. With American military forces engaged around the world in both combat and stabilization operations, the need for rigorous and critical analysis of security transformation has never been greater...

  15. European Security

    DEFF Research Database (Denmark)

    Møller, Bjørn

    Theoretical chapters on "Security", "Organisations" and "Regions," Historical Chapters on "Europe and Its Distinguishing Features" and on "The United Nations," "NATO," "The CSCE/OSCE and the Council of Europe" and "The European Union"......Theoretical chapters on "Security", "Organisations" and "Regions," Historical Chapters on "Europe and Its Distinguishing Features" and on "The United Nations," "NATO," "The CSCE/OSCE and the Council of Europe" and "The European Union"...

  16. Data Security

    OpenAIRE

    Lopez, Diego

    2013-01-01

    Training specialists in the field of data security and security administrators for the information systems represents a significant priority demanded by both governmental environments and the central and local administrations, as well as by the private sector - companies, banks. They are responsible for implementing information services and systems, but they are also their beneficiaries, with applicability in fields such as: e government, e-administration, e-banking, e-commerce, e-payment, wh...

  17. Nuclear security

    International Nuclear Information System (INIS)

    1991-12-01

    This paper reports that despite their crucial importance to national security, safeguards at the Department of Energy's (DOE) weapons facilities may be falling short. DOE security inspections have identified many weaknesses, including poor performance by members of DOE's security force, poor accountability for quantities of nuclear materials, and the inability of personnel to locate documents containing classified information. About 13 percent of the 2,100 identified weakness resulted in DOE inspectors giving out unsatisfactory security ratings; another 38 percent led to marginal ratings. In addition, DOE's centralized safeguards and security information tracking system lacks current data on whether DOE field offices have corrected the identified weaknesses. Without reliable information, DOE has no way of knowing whether timely action was taken to correct problems, nor can it determine whether weaknesses are systematic. DOE has tried to minimize the impact of these security weaknesses at its facilities by establishing multiple layers of protection measures and instituting interim and compensatory measures for identified weaknesses. DOE is planning enhancements to the centralized tracking system that should improve its reliability and increase its effectiveness

  18. FOOD SECURITY

    Directory of Open Access Journals (Sweden)

    Dorina Ardelean

    2013-12-01

    Full Text Available The assurance of food security at the individual level doesn’t implicitly provide for the one at family level as the concepts of hunger, malnutrition and food insecurity are the steps of the same process of access restricted to a sufficient supply of food. In order to achieve food security at the individual level the following is necessary: ensuring food availability (production, reserve stocks; redistribution of food availability within the country or out through international exchanges; effective access of the population to purchase food consumer goods, by ensuring its effective demand as required. Food security of families (FFS is required for assuring individual food security (IFS, but it is not sufficient because the food available may be unevenly distributed between family members. National food security (NFS corresponds to the possibilities that different countries have to ensure both FFS and IFS without sacrificing other important objectives. Under the name of GAS is defined the global food security which represents permanent access for the entire population of the globe to the necessary food for a healthy and active life.

  19. Lemnos Interoperable Security Program

    Energy Technology Data Exchange (ETDEWEB)

    Stewart, John [Tennessee Valley Authority, Knoxville, TN (United States); Halbgewachs, Ron [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Chavez, Adrian [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Smith, Rhett [Schweitzer Engineering Laboratories, Chattanooga, TN (United States); Teumim, David [Teumim Technical, Allentown, PA (United States)

    2012-01-31

    The manner in which the control systems are being designed and operated in the energy sector is undergoing some of the most significant changes in history due to the evolution of technology and the increasing number of interconnections to other system. With these changes however come two significant challenges that the energy sector must face; 1) Cyber security is more important than ever before, and 2) Cyber security is more complicated than ever before. A key requirement in helping utilities and vendors alike in meeting these challenges is interoperability. While interoperability has been present in much of the discussions relating to technology utilized within the energy sector and especially the Smart Grid, it has been absent in the context of cyber security. The Lemnos project addresses these challenges by focusing on the interoperability of devices utilized within utility control systems which support critical cyber security functions. In theory, interoperability is possible with many of the cyber security solutions available to utilities today. The reality is that the effort required to achieve cyber security interoperability is often a barrier for utilities. For example, consider IPSec, a widely-used Internet Protocol to define Virtual Private Networks, or tunnels , to communicate securely through untrusted public and private networks. The IPSec protocol suite has a significant number of configuration options and encryption parameters to choose from, which must be agreed upon and adopted by both parties establishing the tunnel. The exercise in getting software or devices from different vendors to interoperate is labor intensive and requires a significant amount of security expertise by the end user. Scale this effort to a significant number of devices operating over a large geographical area and the challenge becomes so overwhelming that it often leads utilities to pursue solutions from a single vendor. These single vendor solutions may inadvertently lock

  20. Health Security and Risk Aversion.

    Science.gov (United States)

    Herington, Jonathan

    2016-09-01

    Health security has become a popular way of justifying efforts to control catastrophic threats to public health. Unfortunately, there has been little analysis of the concept of health security, nor the relationship between health security and other potential aims of public health policy. In this paper I develop an account of health security as an aversion to risky policy options. I explore three reasons for thinking risk avoidance is a distinctly worthwhile aim of public health policy: (i) that security is intrinsically valuable, (ii) that it is necessary for social planning and (iii) that it is an appropriate response to decision-making in contexts of very limited information. Striking the right balance between securing and maximizing population health thus requires a substantive, and hitherto unrecognized, value judgment. Finally, I critically evaluate the current health security agenda in light of this new account of the concept and its relationship to the other aims of public health policy. © 2016 John Wiley & Sons Ltd.

  1. Implementing an Information Security Program

    Energy Technology Data Exchange (ETDEWEB)

    Glantz, Clifford S.; Lenaeus, Joseph D.; Landine, Guy P.; O' Neil, Lori Ross; Leitch, Rosalyn; Johnson, Christopher; Lewis, John G.; Rodger, Robert M.

    2017-11-01

    The threats to information security have dramatically increased with the proliferation of information systems and the internet. Chemical, biological, radiological, nuclear, and explosives (CBRNe) facilities need to address these threats in order to protect themselves from the loss of intellectual property, theft of valuable or hazardous materials, and sabotage. Project 19 of the European Union CBRN Risk Mitigation Centres of Excellence Initiative is designed to help CBRN security managers, information technology/cybersecurity managers, and other decision-makers deal with these threats through the application of cost-effective information security programs. Project 19 has developed three guidance documents that are publically available to cover information security best practices, planning for an information security management system, and implementing security controls for information security.

  2. The remote security station (RSS)

    International Nuclear Information System (INIS)

    Pletta, J.B.

    1991-01-01

    This paper reports that, as an outgrowth of research into physical security systems, Sandia is investigating robotic technologies for improving physical security performance and flexibility. Robotic systems have the potential to allow more effective utilization of security personnel, especially in scenarios where they might be exposed to harm. They also can supplement fixed site installations where sensors have failed or where transient assets are present. The Remote Security Station (RSS) program for the defense Nuclear Agency is developing a proof-of-principle robotic system which will be used to evaluate the role, and associated cost, of robotic technologies in exterior physical security systems. The RSS consists of three primary elements: a fixed but quickly moveable tripod with intrusion detection sensors and assessment camera; a mobile robotic platform with a functionally identical security module; and a control console which allows an operator to perform security functions and teleoperate the mobile platform

  3. Security an introduction

    CERN Document Server

    Purpura, Philip P

    2011-01-01

    Section I The History and Profession of SecurityDefinition, Role, and History of Security Security Defined The Contexts of Security The Roles of Security The History of Security Security in an Environment of Threats, Terrorism, and All-Hazards Threats and Hazards Terrorism National Strategies The Profession and Business of Security The Business of Security Professionalism and Security Associations Ethics Regulation of the Security Industry Security Training Higher Education Careers Section II Protecting People and AssetsSecurity Methodology Methodology Defined Security Business Proposals Secur

  4. Security System Software

    Science.gov (United States)

    1993-01-01

    C Language Integration Production System (CLIPS), a NASA-developed expert systems program, has enabled a security systems manufacturer to design a new generation of hardware. C.CURESystem 1 Plus, manufactured by Software House, is a software based system that is used with a variety of access control hardware at installations around the world. Users can manage large amounts of information, solve unique security problems and control entry and time scheduling. CLIPS acts as an information management tool when accessed by C.CURESystem 1 Plus. It asks questions about the hardware and when given the answer, recommends possible quick solutions by non-expert persons.

  5. Development and analysis of security policies in security enhanced Android

    OpenAIRE

    Rimando, Ryan A.

    2012-01-01

    Approved for public release; distribution is unlimited. This thesis examines Security Enhanced Android. Both its policy and its additional security features are explored. The policy is examined in depth, providing a better understanding of the security provided by SE Android. We analyze the default SE Android policy. We identify a potential weakness and change the policy to facilitate control over communication channels. A proof-of-concept set of applications is developed to demonstrate ho...

  6. Model of a Nuclear Security Naval Agency for radiation control of the Industrial Complex of of Submarine Construction and Maintenance Ship with Nuclear Propulsion

    International Nuclear Information System (INIS)

    Lins Junior, Amilton de Sousa

    2017-01-01

    Due to the construction, by Brazilian Navy, of a Submarine Construction and Maintenance Ship with Nuclear Propulsion, where, among other activities, the commissioning and exchange of the fuel elements of the reactor in the future Nuclear Submarine, and of a Naval Base where the Nuclear Submarine and the Conventional Submarines, it is necessary the establishment of a Nuclear Security Naval Agency to monitor activities involving ionizing radiation sources and nuclear materials aimed at the radiological protection of exposed occupationally individuals (IOE), the general public and the environment. It should be noted that nuclear and radioactive material will be present only in a part of the yard called Radiological Complex. Therefore, the development of a structure for the control of the Radiological Complex is fundamental, considering that the future licensing process will be unprecedented in Brazil and will face several difficulties. This work presents a model of a structure for the radiological control of the industrial complex for the construction and maintenance of the submarine with nuclear propulsion, as well as the fundamental concepts of the activities, such as inspection, regulations and authorizations, to be carried out by the various component sectors of the Nuclear Security Naval Agency. (author)

  7. Theoreticalaspects ofinformation war and national security

    Directory of Open Access Journals (Sweden)

    A. V. Shumka

    2015-07-01

    Organization of effective ensuring information security system provides centralized control of specific functions that provide monitoring and control of all components of the national information space.

  8. Multilevel security for relational databases

    CERN Document Server

    Faragallah, Osama S; El-Samie, Fathi E Abd

    2014-01-01

    Concepts of Database Security Database Concepts Relational Database Security Concepts Access Control in Relational Databases      Discretionary Access Control      Mandatory Access Control      Role-Based Access Control Work Objectives Book Organization Basic Concept of Multilevel Database Security IntroductionMultilevel Database Relations Polyinstantiation      Invisible Polyinstantiation      Visible Polyinstantiation      Types of Polyinstantiation      Architectural Consideration

  9. Security culture for nuclear facilities

    Science.gov (United States)

    Gupta, Deeksha; Bajramovic, Edita

    2017-01-01

    Natural radioactive elements are part of our environment and radioactivity is a natural phenomenon. There are numerous beneficial applications of radioactive elements (radioisotopes) and radiation, starting from power generation to usages in medical, industrial and agriculture applications. But the risk of radiation exposure is always attached to operational workers, the public and the environment. Hence, this risk has to be assessed and controlled. The main goal of safety and security measures is to protect human life, health, and the environment. Currently, nuclear security considerations became essential along with nuclear safety as nuclear facilities are facing rapidly increase in cybersecurity risks. Therefore, prevention and adequate protection of nuclear facilities from cyberattacks is the major task. Historically, nuclear safety is well defined by IAEA guidelines while nuclear security is just gradually being addressed by some new guidance, especially the IAEA Nuclear Security Series (NSS), IEC 62645 and some national regulations. At the overall level, IAEA NSS 7 describes nuclear security as deterrence and detection of, and response to, theft, sabotage, unauthorized access, illegal transfer or other malicious acts involving nuclear, other radioactive substances and their associated facilities. Nuclear security should be included throughout nuclear facilities. Proper implementation of a nuclear security culture leads to staff vigilance and a high level of security posture. Nuclear security also depends on policy makers, regulators, managers, individual employees and members of public. Therefore, proper education and security awareness are essential in keeping nuclear facilities safe and secure.

  10. DIRAC Security

    CERN Document Server

    Casajús Ramo, A

    2006-01-01

    DIRAC is the LHCb Workload and Data Management System. Based on a service-oriented architecture, it enables generic distributed computing with lightweight Agents and Clients for job execution and data transfers. DIRAC implements a client-server architecture exposing server methods through XML Remote Procedure Call (XML-RPC) protocol. DIRAC is mostly coded in python. DIRAC security infrastructure has been designed to be a completely generic XML-RPC transport over a SSL tunnel. This new security layer is able to handle standard X509 certificates as well as grid-proxies to authenticate both sides of the connection. Serve and client authentication relies over OpenSSL and py-Open SSL, but to be able to handle grid proxies some modifications have been added to those libraries. DIRAC security infrastructure handles authorization and authorization as well as provides extended capabilities like secure connection tunneling and file transfer. Using this new security infrastructure all LHCb users can safely make use o...

  11. 15 CFR 742.4 - National security.

    Science.gov (United States)

    2010-01-01

    ... 15 Commerce and Foreign Trade 2 2010-01-01 2010-01-01 false National security. 742.4 Section 742.4... INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE EXPORT ADMINISTRATION REGULATIONS CONTROL POLICY-CCL BASED CONTROLS § 742.4 National security. (a) License requirements. It is the policy of the United States to...

  12. Privatising Security

    Directory of Open Access Journals (Sweden)

    Irina Mindova-Docheva

    2016-06-01

    Full Text Available The article proposes an analysis of the different approaches towards employing the international legal framework in the regulation and oversight of private military and security companies’ operation in armed conflicts and in peace time security systems. It proposes a partnership-based approach for public and private actors aiming at creating and sharing common values under the principles of solidarity, protection of human rights and rule of law. A focus of further research should be the process of shaping those common values.

  13. Security at the Expense of Liberty: A Test of Predictions Deriving from the Culture of Control Thesis

    Science.gov (United States)

    Pickett, Justin T.; Mears, Daniel P.; Stewart, Eric A.; Gertz, Marc

    2013-01-01

    In "The Culture of Control: Crime and Social Order in Contemporary Society," David Garland linked contemporary crime control policies and welfare reforms to a cultural formation that he termed the "crime complex of late modernity." According to Garland, once established, the crime complex exerts a contemporaneous effect on…

  14. Information Security Service Branding – beyond information security awareness

    Directory of Open Access Journals (Sweden)

    Rahul Rastogi

    2012-12-01

    Full Text Available End-users play a critical role in the effective implementation and running of an information security program in any organization. The success of such a program depends primarily on the effective implementation and execution of associated information security policies and controls and the resultant behavior and actions of end-users. However, end-users often have negative perception of information security in the organization and exhibit non-compliance. In order to improve compliance levels, it is vital to improve the image of information security in the minds of end-users. This paper borrows the concepts of brands and branding from the domain of marketing to achieve this objective and applies these concepts to information security. The paper also describes a process for creating the information security service brand in the organization.

  15. International conference on the safety and security of radioactive sources: Towards a global system for the continuous control of sources throughout their life cycle. Contributed papers

    International Nuclear Information System (INIS)

    2005-01-01

    The objective of the conference is to promote a wide exchange of information on key issues relating to the safety and security of radioactive sources, including: drawing up an inventory; finding a solution without delay to situations resulting from past activities; preparing for the future by defining a global cooperative approach to the continuous control of radioactive sources during their life cycle. It is expected that the conference will foster a better understanding of the risks posed by these sources from the point of view of radiation safety and the threat associated with some of them in the event of malevolent use, and will help in finding ways of reducing the likelihood of the occurrence of a radiological incident or accident, or of a malevolent act. It is also expected to identify the preparedness and response measures that are necessary and to facilitate a common understanding on the feasibility of creating a sustainable global system for ensuring the safety and security of radioactive sources

  16. International conference on the safety and security of radioactive sources: Towards a global system for the continuous control of sources throughout their life cycle. Contributed papers

    Energy Technology Data Exchange (ETDEWEB)

    NONE

    2005-07-01

    The objective of the conference is to promote a wide exchange of information on key issues relating to the safety and security of radioactive sources, including: drawing up an inventory; finding a solution without delay to situations resulting from past activities; preparing for the future by defining a global cooperative approach to the continuous control of radioactive sources during their life cycle. It is expected that the conference will foster a better understanding of the risks posed by these sources from the point of view of radiation safety and the threat associated with some of them in the event of malevolent use, and will help in finding ways of reducing the likelihood of the occurrence of a radiological incident or accident, or of a malevolent act. It is also expected to identify the preparedness and response measures that are necessary and to facilitate a common understanding on the feasibility of creating a sustainable global system for ensuring the safety and security of radioactive sources.

  17. Food security

    NARCIS (Netherlands)

    Ridder, M. de

    2011-01-01

    Food security is back on the agenda as a top priority for policy makers. In January 2011, record high food prices resulted in protests in Tunisia, which subsequently led to the spread of the revolutions in other North African and Middle Eastern countries. Although experts have asserted that no

  18. Cloud Computing Security: A Survey

    Directory of Open Access Journals (Sweden)

    Issa M. Khalil

    2014-02-01

    Full Text Available Cloud computing is an emerging technology paradigm that migrates current technological and computing concepts into utility-like solutions similar to electricity and water systems. Clouds bring out a wide range of benefits including configurable computing resources, economic savings, and service flexibility. However, security and privacy concerns are shown to be the primary obstacles to a wide adoption of clouds. The new concepts that clouds introduce, such as multi-tenancy, resource sharing and outsourcing, create new challenges to the security community. Addressing these challenges requires, in addition to the ability to cultivate and tune the security measures developed for traditional computing systems, proposing new security policies, models, and protocols to address the unique cloud security challenges. In this work, we provide a comprehensive study of cloud computing security and privacy concerns. We identify cloud vulnerabilities, classify known security threats and attacks, and present the state-of-the-art practices to control the vulnerabilities, neutralize the threats, and calibrate the attacks. Additionally, we investigate and identify the limitations of the current solutions and provide insights of the future security perspectives. Finally, we provide a cloud security framework in which we present the various lines of defense and identify the dependency levels among them. We identify 28 cloud security threats which we classify into five categories. We also present nine general cloud attacks along with various attack incidents, and provide effectiveness analysis of the proposed countermeasures.

  19. Strengthening nuclear security

    International Nuclear Information System (INIS)

    Kurihara, Hiroyoshi

    2003-01-01

    The international situation after the end of the Cold-War has been quite unstable, due to the occurrence of frequent regional conflicts and domestic wars based on ethnic, religious or racial reasons. Further, threats to the would peace and security by non-state actors, like international terrorist groups, have been recognized after 9.11 terrorist attacks to the World Trade Center buildings and to the Pentagon. Utilization of nuclear energy, which encompasses both peaceful uses and military ones, required an establishment of regulatory system, by which risks associated with the development of nuclear energy can be controlled. Accordingly, nuclear safety control system, and then non-proliferation control system has been developed, both in the international level and notional level. In recognition of the present unstable international situations, it is required to establish, maintain and strengthen a system which control nuclear security aspect, in addition to the present systems. (author)

  20. Information technology - Security techniques - Information security management systems - Requirements

    CERN Document Server

    International Organization for Standardization. Geneva

    2005-01-01

    ISO/IEC 27001:2005 covers all types of organizations (e.g. commercial enterprises, government agencies, not-for profit organizations). ISO/IEC 27001:2005 specifies the requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented Information Security Management System within the context of the organization's overall business risks. It specifies requirements for the implementation of security controls customized to the needs of individual organizations or parts thereof. ISO/IEC 27001:2005 is designed to ensure the selection of adequate and proportionate security controls that protect information assets and give confidence to interested parties. ISO/IEC 27001:2005 is intended to be suitable for several different types of use, including the following: use within organizations to formulate security requirements and objectives; use within organizations as a way to ensure that security risks are cost effectively managed; use within organizations to ensure comp...

  1. 33 CFR 101.405 - Maritime Security (MARSEC) Directives.

    Science.gov (United States)

    2010-07-01

    ... 33 Navigation and Navigable Waters 1 2010-07-01 2010-07-01 false Maritime Security (MARSEC... SECURITY MARITIME SECURITY MARITIME SECURITY: GENERAL Control Measures for Security § 101.405 Maritime... necessary to respond to a threat assessment or to a specific threat against the maritime elements of the...

  2. Criticality analysis of the EU gas infrastructure: heightened security requirements for gas control and management centres; Kritikalitaetsanalyse der EU-Gasinfrastruktur: Erhoehte Sicherheitsanforderungen an Gasleit- und -kontrollzentren

    Energy Technology Data Exchange (ETDEWEB)

    Nerlich, Uwe; Umbach, Frank [Centre for European Security Strategies (CESS), Muenchen/Berlin (Germany)

    2009-11-15

    Since the terror attacks of 2001 critical infrastructure objects have gained substantially in strategic importance in the eyes of the German government and EU authorities as well as the European industry. This has not only been due to the worldwide increase in terrorist attacks on energy infrastructure objects but also to the attacks of Madrid on 11 March 2004 and London on 7 July 2005, which have shown that Europe is no longer being spared from terrorism. Strategies for the abatement of these hazards and their repercussions are therefore more urgently needed than ever before. This requires a differentiated assessment of the situation, as has been carried out, for example, in raising the security requirements and investigating the vulnerability of the gas management and control centres of the EU's Octavio project.

  3. Machine Learning for Security

    CERN Multimedia

    CERN. Geneva

    2015-01-01

    Applied statistics, aka ‘Machine Learning’, offers a wealth of techniques for answering security questions. It’s a much hyped topic in the big data world, with many companies now providing machine learning as a service. This talk will demystify these techniques, explain the math, and demonstrate their application to security problems. The presentation will include how-to’s on classifying malware, looking into encrypted tunnels, and finding botnets in DNS data. About the speaker Josiah is a security researcher with HP TippingPoint DVLabs Research Group. He has over 15 years of professional software development experience. Josiah used to do AI, with work focused on graph theory, search, and deductive inference on large knowledge bases. As rules only get you so far, he moved from AI to using machine learning techniques identifying failure modes in email traffic. There followed digressions into clustered data storage and later integrated control systems. Current ...

  4. Computer Security: the security marathon

    CERN Multimedia

    Computer Security Team

    2014-01-01

    If you believe that “security” is a sprint, that a quick hack is invulnerable, that quick bug fixing is sufficient, that plugging security measures on top of existing structures is good, that once you are secure your life will be easy... then let me convince you otherwise.   An excellent example of this is when the summer students join us at CERN. As the summer period is short, software projects must be accomplished quickly, like a sprint. Rush, rush! But often, this sprint ends with aching muscles. Regularly, these summer students approach us to have their project or web server made visible to the Internet. Regularly, quick security reviews of those web servers diagnose severe underperformance with regards to security: the web applications are flawed or use insecure protocols; the employed software tools, databases or web frameworks are sub-optimal and not adequately chosen for that project; the operating system is non-standard and has never been brought up-to-date; and ...

  5. Security constrained economic load dispatch in the presence of interline power flow controller using modified BAT algorithm

    Directory of Open Access Journals (Sweden)

    Y.N. Vijay Kumar

    2016-12-01

    Full Text Available The utilization of electrical energy due to urbanization and industrialization is increasing day by day, and due to this, there is chance of increasing the uncertainties in a given power system and that affects the economy of the country. The conventional power system in the presence of flexible AC transmission system (FACTS controllers is an alternative to solve this problem and can increase the power system capability to handle rapid changes in operating conditions of the system. In general, multi-line FACTS controllers are effective than single line FACTS controllers. In this paper, a detailed mathematical modeling of IPFC is presented and the effect of an optimal location is also analyzed. A novel optimization algorithm i.e. modified BAT algorithm is proposed to solve optimal power flow problem in the presence of IPFC including system constraints and device limits. The proposed methodology has been tested on standard test systems.

  6. Security Administration Reports Application

    Data.gov (United States)

    Social Security Administration — Contains SSA Security Reports that allow Information Security Officers (ISOs) to access, review and take appropriate action based on the information contained in the...

  7. Security Investigation Database (SID)

    Data.gov (United States)

    US Agency for International Development — Security Investigation & Personnel Security Clearance - COTS personnel security application in a USAID virtualized environement that can support USAID's business...

  8. Nuclear security

    International Nuclear Information System (INIS)

    1991-07-01

    This paper reports that despite an Executive Order limiting the authority to make original classification decisions to government officials, DOE has delegated this authority to a number of contractor employees. Although the number of original classification decisions made by these contractors is small, this neither negates nor diminishes the significance of the improper delegation of authority. If misclassification were to occur, particularly at the Top Secret level, U.S. national security interests could potentially be seriously affected and threatened. DOE's argument that the delegation of such authority is a long-standing policy and done on a selective basis does not legitimize the practice and does not relieve DOE of its responsibility to meet the requirements of the Executive Order. DOE needs to independently assess all original classification determinations made by contractors; otherwise, it cannot be sure that U.S. national security interests have been or are being adequately protected

  9. Security seal

    Science.gov (United States)

    Gobeli, Garth W.

    1985-01-01

    Security for a package or verifying seal in plastic material is provided by a print seal with unique thermally produced imprints in the plastic. If tampering is attempted, the material is irreparably damaged and thus detectable. The pattern of the imprints, similar to "fingerprints" are recorded as a positive identification for the seal, and corresponding recordings made to allow comparison. The integrity of the seal is proved by the comparison of imprint identification records made by laser beam projection.

  10. Security system

    Science.gov (United States)

    Baumann, Mark J.; Kuca, Michal; Aragon, Mona L.

    2016-02-02

    A security system includes a structure having a structural surface. The structure is sized to contain an asset therein and configured to provide a forceful breaching delay. The structure has an opening formed therein to permit predetermined access to the asset contained within the structure. The structure includes intrusion detection features within or associated with the structure that are activated in response to at least a partial breach of the structure.

  11. 21 CFR 1301.73 - Physical security controls for non-practitioners; compounders for narcotic treatment programs...

    Science.gov (United States)

    2010-04-01

    ...; compounders for narcotic treatment programs; manufacturing and compounding areas. 1301.73 Section 1301.73 Food... controls for non-practitioners; compounders for narcotic treatment programs; manufacturing and compounding... unauthorized persons may not enter or leave the area without his knowledge. (c) During the production of...

  12. Changes of Global Infectious Disease Governance in 2000s: Rise of Global Health Security and Transformation of Infectious Disease Control System in South Korea.

    Science.gov (United States)

    Choi, Eun Kyung; Lee, Jong-Koo

    2016-12-01

    This paper focus upon the changes of global infectious disease governance in 2000s and the transformation of infectious disease control system in South Korea. Traditionally, infectious disease was globally governed by the quarantine regulated by the international conventions. When an infectious disease outbreak occurred in one country, each country prevented transmission of the disease through the standardized quarantine since the installation of international sanitary convention in 1892. Republic of Korea also organized the infectious disease control system with quarantine and disease report procedure after the establishment of government. Additionally, Korea National Health Institute(KNIH) was founded as research and training institute for infectious disease. However, traditional international health regulation system faced a serious challenge by the appearance of emerging and re-emerging infectious disease in 1990s. As a result, global infectious disease governance was rapidly changed under the demand to global disease surveillance and response. Moreover, global health security frame became important after 2001 bioterror and 2003 SARS outbreak. Consequently, international health regulation was fully revised in 2005, which included not only infectious disease but also public health emergency. The new international health regime was differently characterized in several aspects; reinforcement of global cooperation and surveillance, enlargement of the role of supranational and international agencies, and reorganization of national capacity. KNIH was reorganized with epidemic control and research since late 1990s. However, in 2004 Korea Center for Disease Control and Prevention(KCDC) was established as a disease control institution with combining quarantine and other functions after 2003 SARS outbreak. KCDC unified national function against infectious disease including prevention, protection, response and research, as a national representative in disease control. The

  13. Changes of Global Infectious Disease Governance in 2000s: Rise of Global Health Security and Transformation of Infectious Disease Control System in South Korea

    Directory of Open Access Journals (Sweden)

    Eun Kyung CHOI

    2016-12-01

    Full Text Available This paper focus upon the changes of global infectious disease governance in 2000s and the transformation of infectious disease control system in South Korea. Traditionally, infectious disease was globally governed by the quarantine regulated by the international conventions. When an infectious disease outbreak occurred in one country, each country prevented transmission of the disease through the standardized quarantine since the installation of international sanitary convention in 1892. Republic of Korea also organized the infectious disease control system with quarantine and disease report procedure after the establishment of government. Additionally, Korea National Health Institute(KNIH was founded as research and training institute for infectious disease. However, traditional international health regulation system faced a serious challenge by the appearance of emerging and re-emerging infectious disease in 1990s. As a result, global infectious disease governance was rapidly changed under the demand to global disease surveillance and response. Moreover, global health security frame became important after 2001 bioterror and 2003 SARS outbreak. Consequently, international health regulation was fully revised in 2005, which included not only infectious disease but also public health emergency. The new international health regime was differently characterized in several aspects; reinforcement of global cooperation and surveillance, enlargement of the role of supranational and international agencies, and reorganization of national capacity. KNIH was reorganized with epidemic control and research since late 1990s. However, in 2004 Korea Center for Disease Control and Prevention(KCDC was established as a disease control institution with combining quarantine and other functions after 2003 SARS outbreak. KCDC unified national function against infectious disease including prevention, protection, response and research, as a national representative in

  14. CLOUD SECURITY AND COMPLIANCE - A SEMANTIC APPROACH IN END TO END SECURITY

    OpenAIRE

    Kalaiprasath, R.; Elankavi, R.; Udayakumar, R.

    2017-01-01

    The Cloud services are becoming an essential part of many organizations. Cloud providers have to adhere to security and privacy policies to ensure their users' data remains confidential and secure. Though there are some ongoing efforts on developing cloud security standards, most cloud providers are implementing a mish-mash of security and privacy controls. This has led to confusion among cloud consumers as to what security measures they should expect from the cloud services, and whether thes...

  15. Cyber-physical security of Wide-Area Monitoring, Protection and Control in a smart grid environment

    OpenAIRE

    Ashok, Aditya; Hahn, Adam; Govindarasu, Manimaran

    2013-01-01

    Smart grid initiatives will produce a grid that is increasingly dependent on its cyber infrastructure in order to support the numerous power applications necessary to provide improved grid monitoring and control capabilities. However, recent findings documented in government reports and other literature, indicate the growing threat of cyber-based attacks in numbers and sophistication targeting the nation’s electric grid and other critical infrastructures. Specifically, this paper discusses cy...

  16. National Cyber Security Policy

    Indian Academy of Sciences (India)

    National Cyber Security Policy. Salient Features: Caters to ... Creating a secure cyber ecosystem. Creating an assurance framework. Encouraging Open Standards. Strengthening the Regulatory framework. Creating mechanisms for security threat early warning, vulnerability management and response to security threats.

  17. Statistical security for Social Security.

    Science.gov (United States)

    Soneji, Samir; King, Gary

    2012-08-01

    The financial viability of Social Security, the single largest U.S. government program, depends on accurate forecasts of the solvency of its intergenerational trust fund. We begin by detailing information necessary for replicating the Social Security Administration's (SSA's) forecasting procedures, which until now has been unavailable in the public domain. We then offer a way to improve the quality of these procedures via age- and sex-specific mortality forecasts. The most recent SSA mortality forecasts were based on the best available technology at the time, which was a combination of linear extrapolation and qualitative judgments. Unfortunately, linear extrapolation excludes known risk factors and is inconsistent with long-standing demographic patterns, such as the smoothness of age profiles. Modern statistical methods typically outperform even the best qualitative judgments in these contexts. We show how to use such methods, enabling researchers to forecast using far more information, such as the known risk factors of smoking and obesity and known demographic patterns. Including this extra information makes a substantial difference. For example, by improving only mortality forecasting methods, we predict three fewer years of net surplus, $730 billion less in Social Security Trust Funds, and program costs that are 0.66% greater for projected taxable payroll by 2031 compared with SSA projections. More important than specific numerical estimates are the advantages of transparency, replicability, reduction of uncertainty, and what may be the resulting lower vulnerability to the politicization of program forecasts. In addition, by offering with this article software and detailed replication information, we hope to marshal the efforts of the research community to include ever more informative inputs and to continue to reduce uncertainties in Social Security forecasts.

  18. 5 CFR 1312.31 - Security violations.

    Science.gov (United States)

    2010-01-01

    ... States Secret Service when an office/division fails to properly secure classified information. Upon... 5 Administrative Personnel 3 2010-01-01 2010-01-01 false Security violations. 1312.31 Section 1312..., DOWNGRADING, DECLASSIFICATION AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION Control and Accountability of...

  19. 19 CFR 19.47 - Security.

    Science.gov (United States)

    2010-04-01

    ... 19 Customs Duties 1 2010-04-01 2010-04-01 false Security. 19.47 Section 19.47 Customs Duties U.S. CUSTOMS AND BORDER PROTECTION, DEPARTMENT OF HOMELAND SECURITY; DEPARTMENT OF THE TREASURY CUSTOMS WAREHOUSES, CONTAINER STATIONS AND CONTROL OF MERCHANDISE THEREIN Container Stations § 19.47 Security. The...

  20. Nuclear Testing: Arms Control Opportunities. Hearing before the Subcommittee on Arms Control, International Security and Science of the Committee on Foreign Affairs, US House of Representatives, One Hundredth Congress, Second Session, June 28, 1988

    International Nuclear Information System (INIS)

    Anon.

    1988-01-01

    The results of this hearing before the Subcommittee on Arms Control, International Security and Science that had a three-fold purpose are recorded. The three-fold purpose was: (1) to examine the nuclear testing policy of the USA and how that policy fits into a larger USA arms control and national security strategy; (2) to discuss the status of the USA-Soviet Nuclear Testing Talks in Geneva, i.e. what is the status of the protocols of the Threshold Test Ban Treaty (TTBT) and the Peaceful Nuclear Explosion Treaty (PNET)? and what is the next step in the US negotiating strategy after the protocols are completed?; and (3) to examine the conclusions of a 139 page report completed by the Office of Technology Assessment (OTA) on 'Seismic Verification of Nuclear Testing Treaties'. The OTA report addressed two key questions: (1) down to what size explosion can underground testing be seismically monitored with high confidence; and (2) how accurately can the yields of underground explosions be measured seismically? The answers to these questions are featured in the hearings

  1. Computer Security: SAHARA - Security As High As Reasonably Achievable

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    History has shown us time and again that our computer systems, computing services and control systems have digital security deficiencies. Too often we deploy stop-gap solutions and improvised hacks, or we just accept that it is too late to change things.    In my opinion, this blatantly contradicts the professionalism we show in our daily work. Other priorities and time pressure force us to ignore security or to consider it too late to do anything… but we can do better. Just look at how “safety” is dealt with at CERN! “ALARA” (As Low As Reasonably Achievable) is the objective set by the CERN HSE group when considering our individual radiological exposure. Following this paradigm, and shifting it from CERN safety to CERN computer security, would give us “SAHARA”: “Security As High As Reasonably Achievable”. In other words, all possible computer security measures must be applied, so long as ...

  2. Control Areas

    Data.gov (United States)

    Department of Homeland Security — This feature class represents electric power Control Areas. Control Areas, also known as Balancing Authority Areas, are controlled by Balancing Authorities, who are...

  3. Securing cloud services a pragmatic approach to security architecture in the cloud

    CERN Document Server

    Newcombe, Lee

    2012-01-01

    This book provides an overview of security architecture processes and explains how they may be used to derive an appropriate set of security controls to manage the risks associated with working in the Cloud.

  4. Shamba Maisha: Pilot agricultural intervention for food security and HIV health outcomes in Kenya: design, methods, baseline results and process evaluation of a cluster-randomized controlled trial.

    Science.gov (United States)

    Cohen, Craig R; Steinfeld, Rachel L; Weke, Elly; Bukusi, Elizabeth A; Hatcher, Abigail M; Shiboski, Stephen; Rheingans, Richard; Scow, Kate M; Butler, Lisa M; Otieno, Phelgona; Dworkin, Shari L; Weiser, Sheri D

    2015-01-01

    Despite advances in treatment of people living with HIV, morbidity and mortality remains unacceptably high in sub-Saharan Africa, largely due to parallel epidemics of poverty and food insecurity. We conducted a pilot cluster randomized controlled trial (RCT) of a multisectoral agricultural and microfinance intervention (entitled Shamba Maisha) designed to improve food security, household wealth, HIV clinical outcomes and women's empowerment. The intervention was carried out at two HIV clinics in Kenya, one randomized to the intervention arm and one to the control arm. HIV-infected patients >18 years, on antiretroviral therapy, with moderate/severe food insecurity and/or body mass index (BMI) loan (~$150) to purchase the farming commodities, 2) a micro-irrigation pump, seeds, and fertilizer, and 3) trainings in sustainable agricultural practices and financial literacy. Enrollment of 140 participants took four months, and the screening-to-enrollment ratio was similar between arms. We followed participants for 12 months and conducted structured questionnaires. We also conducted a process evaluation with participants and stakeholders 3-5 months after study start and at study end. Baseline results revealed that participants at the two sites were similar in age, gender and marital status. A greater proportion of participants at the intervention site had a low BMI in comparison to participants at the control site (18% vs. 7%, p = 0.054). While median CD4 count was similar between arms, a greater proportion of participants enrolled at the intervention arm had a detectable HIV viral load compared with control participants (49% vs. 28%, respectively, p loans, agricultural challenges due to weather patterns, and a challenging partnership with the microfinance institution. We expect the results from this pilot study to provide useful data on the impacts of livelihood interventions and will help in the design of a definitive cluster RCT. This trial is registered at Clinical

  5. CryptosFS: Fast Cryptographic Secure NFS

    OpenAIRE

    O'Shanahan, Declan

    2000-01-01

    The issue of security in file-systems is as relevant today as when the first file system was developed. Current file system implementations rely heavily on centralised security mechanisms such as access control lists. The problem of security in file systems was made more complicated by the introduction of remote access to files. Storing information on a remote server has the potential to introduce additional security weaknesses into the file system model. The client, the commun...

  6. Privatisation of security:

    DEFF Research Database (Denmark)

    use of violence as being the domain of the modern state, which as a natural consequence, delegitimises non-state providers of security. Legitimacy is, therefore, tied to the formal state. Th e international debate concerning the role of PMSCs has been split primarily into two segments. One argues...... to control confl icts has led to low-intensity confl icts (LIC), which can be witnessed, for instance, in Uganda, the Democratic Republic of Congo, Colombia and Sri Lanka (O’Brien, 1998, p. 80). Since the end of the Cold War it has been common for weak state rulers with formal state legitimacy...... security contractors have led, both historically and at the present day, to fi erce academic and public debate. As Sarah Percy argues, the anti-mercenary discourse has two basic elements. One focuses on the fact that mercenaries use force outside what is considered to be legitimate, authoritative control...

  7. Secure ICCP Final Report

    Energy Technology Data Exchange (ETDEWEB)

    Rice, Mark J.; Bonebrake, Christopher A.; Dayley, Greg K.; Becker, Larry J.

    2017-06-30

    Inter-Control Center Communications Protocol (ICCP), defined by the IEC 60870-6 TASE.2 standard, was developed to enable data exchange over wide area networks between electric system entities, including utility control centers, Independent System Operators (ISOs), Regional Transmission Operators (RTOs) and Independent Power Producers (IPP) also known as Non-Utility Generators (NUG). ICCP is an unprotected protocol, and as a result is vulnerable to such actions as integrity violation, interception or alteration, spoofing, and eavesdropping. Because of these vulnerabilities with unprotected ICCP communication, security enhancements, referred to as Secure ICCP, have been added and are included in the ICCP products that utilities have received since 2003 when the standard was defined. This has resulted in an ICCP product whose communication can be encrypted and authenticated to address these vulnerabilities.

  8. Skin graft secured by VAC (vacuum-assisted closure) therapy in chronic leg ulcers: A controlled randomized study.

    Science.gov (United States)

    Leclercq, A; Labeille, B; Perrot, J-L; Vercherin, P; Cambazard, F

    2016-01-01

    Leg ulcers are a common condition. There have been very few studies of combined therapy involving VAC (vacuum-assisted closure) and skin graft. We performed a randomized controlled trial of VAC therapy vs. hydrocolloid dressings over 5 days following autologous grafting on chronic leg ulcers. The primary objective was to assess the difference in success (defined as a reduction in wound area of at least 50% at 1 month) between the two dressing methods. Forty-six patients with ulcers present for over one month were included. Following a 7-day hospitalization period, follow-up was performed for 3 months on an outpatient basis. Our study does not demonstrate a statistically significant difference, with a 45.8% success rate in the VAC group vs. 40.9% in the conventional dressing group (P=0.73). In the venous ulcer group, the success rate was 57.9% for VAC vs. 40% for conventional dressings (P=0.3). The difference in favor of VAC in this group was not statistically significant, most likely due to an insufficient number of patients studied. Our study does not demonstrate superiority of VAC associated with skin graft over conventional dressings. We observed more complications with VAC (40%) than with conventional dressings (23%) (P=0.06). Copyright © 2015 Elsevier Masson SAS. All rights reserved.

  9. [Chronic low back pain and associated risk factors, in patients with social security medical attention: A case-control study].

    Science.gov (United States)

    Durán-Nah, Jaime Jesús; Benítez-Rodríguez, Carlos René; Miam-Viana, Emilio Jesús

    2016-01-01

    Chronic low back pain (CLBP) is frequently seen in the orthopedic outpatient consultation. The aim of this paper is to identify risk factors associated with CLBP in patients cared for during the year 2012, at a General Hospital belonging to Instituto Mexicano del Seguro Social, in Yucatán, Mexico. Data of 95 patients with CLBP (cases) was compared with data of 190 patients without CLBP (controls) using a binary logistic model (BLM), from which odd ratios (OR) and 95 % confidence intervals (95 % CI) were obtained. School level, body mass index (BMI) as a continuous variable, story of heavy weight lifting, some types of comorbidities and dyslipidemia, were identified as statistically significant in the bivariate analysis (p ≤ 0.05 each). In a second step, secondary school level (OR 0.25, 95 % CI: 0.08-0.81), dyslipidemia (OR 0.26, 95 % CI: 0.12-0.56), heavy weights lifting (OR 0.22, 95 % CI: 0.12-0.42), and BMI (OR 1.22, 95 % CI: 1.12-1.32) were all identified by the BLM as statistically significant. In this sample, secondary school level, dislipidemia and heavy weights lifting reduced the risk of CLBP, while the BMI increased the risk.

  10. Coal Mines Security System

    OpenAIRE

    Ankita Guhe; Shruti Deshmukh; Bhagyashree Borekar; Apoorva Kailaswar; Milind E.Rane

    2012-01-01

    Geological circumstances of mine seem to be extremely complicated and there are many hidden troubles. Coal is wrongly lifted by the musclemen from coal stocks, coal washeries, coal transfer and loading points and also in the transport routes by malfunctioning the weighing of trucks. CIL —Coal India Ltd is under the control of mafia and a large number of irregularities can be contributed to coal mafia. An Intelligent Coal Mine Security System using data acquisition method utilizes sensor, auto...

  11. Internet Banking Security Strategy: Securing Customer Trust

    OpenAIRE

    Frimpong Twum; Kwaku Ahenkora

    2012-01-01

    Internet banking strategies should enhance customers¡¯ online experiences which are affected by trust and security issues. This study provides perspectives of users and nonusers on internet banking security with a view to understanding trust and security factors in relation to adoption and continuous usage. Perception of internet banking security influenced usage intentions. Nonusers viewed internet banking to be insecure but users perceived it to be secure with perceived ease of use influenc...

  12. Privacy and security in teleradiology

    International Nuclear Information System (INIS)

    Ruotsalainen, Pekka

    2010-01-01

    Teleradiology is probably the most successful eHealth service available today. Its business model is based on the remote transmission of radiological images (e.g. X-ray and CT-images) over electronic networks, and on the interpretation of the transmitted images for diagnostic purpose. Two basic service models are commonly used teleradiology today. The most common approach is based on the message paradigm (off-line model), but more developed teleradiology systems are based on the interactive use of PACS/RIS systems. Modern teleradiology is also more and more cross-organisational or even cross-border service between service providers having different jurisdictions and security policies. This paper defines the requirements needed to make different teleradiology models trusted. Those requirements include a common security policy that covers all partners and entities, common security and privacy protection principles and requirements, controlled contracts between partners, and the use of security controls and tools that supporting the common security policy. The security and privacy protection of any teleradiology system must be planned in advance, and the necessary security and privacy enhancing tools should be selected (e.g. strong authentication, data encryption, non-repudiation services and audit-logs) based on the risk analysis and requirements set by the legislation. In any case the teleradiology system should fulfil ethical and regulatory requirements. Certification of the whole teleradiology service system including security and privacy is also proposed. In the future, teleradiology services will be an integrated part of pervasive eHealth. Security requirements for this environment including dynamic and context aware security services are also discussed in this paper.

  13. Privacy and security in teleradiology

    Energy Technology Data Exchange (ETDEWEB)

    Ruotsalainen, Pekka [National Institute for Health and Welfare, Helsinki (Finland)], E-mail: pekka.ruotsalainen@THL.fi

    2010-01-15

    Teleradiology is probably the most successful eHealth service available today. Its business model is based on the remote transmission of radiological images (e.g. X-ray and CT-images) over electronic networks, and on the interpretation of the transmitted images for diagnostic purpose. Two basic service models are commonly used teleradiology today. The most common approach is based on the message paradigm (off-line model), but more developed teleradiology systems are based on the interactive use of PACS/RIS systems. Modern teleradiology is also more and more cross-organisational or even cross-border service between service providers having different jurisdictions and security policies. This paper defines the requirements needed to make different teleradiology models trusted. Those requirements include a common security policy that covers all partners and entities, common security and privacy protection principles and requirements, controlled contracts between partners, and the use of security controls and tools that supporting the common security policy. The security and privacy protection of any teleradiology system must be planned in advance, and the necessary security and privacy enhancing tools should be selected (e.g. strong authentication, data encryption, non-repudiation services and audit-logs) based on the risk analysis and requirements set by the legislation. In any case the teleradiology system should fulfil ethical and regulatory requirements. Certification of the whole teleradiology service system including security and privacy is also proposed. In the future, teleradiology services will be an integrated part of pervasive eHealth. Security requirements for this environment including dynamic and context aware security services are also discussed in this paper.

  14. Privacy and security in teleradiology.

    Science.gov (United States)

    Ruotsalainen, Pekka

    2010-01-01

    Teleradiology is probably the most successful eHealth service available today. Its business model is based on the remote transmission of radiological images (e.g. X-ray and CT-images) over electronic networks, and on the interpretation of the transmitted images for diagnostic purpose. Two basic service models are commonly used teleradiology today. The most common approach is based on the message paradigm (off-line model), but more developed teleradiology systems are based on the interactive use of PACS/RIS systems. Modern teleradiology is also more and more cross-organisational or even cross-border service between service providers having different jurisdictions and security policies. This paper defines the requirements needed to make different teleradiology models trusted. Those requirements include a common security policy that covers all partners and entities, common security and privacy protection principles and requirements, controlled contracts between partners, and the use of security controls and tools that supporting the common security policy. The security and privacy protection of any teleradiology system must be planned in advance, and the necessary security and privacy enhancing tools should be selected (e.g. strong authentication, data encryption, non-repudiation services and audit-logs) based on the risk analysis and requirements set by the legislation. In any case the teleradiology system should fulfil ethical and regulatory requirements. Certification of the whole teleradiology service system including security and privacy is also proposed. In the future, teleradiology services will be an integrated part of pervasive eHealth. Security requirements for this environment including dynamic and context aware security services are also discussed in this paper. Copyright (c) 2009 Elsevier Ireland Ltd. All rights reserved.

  15. Counterproliferation, Border Security and Counterterrorism Subject-Related Laws and Regulations, Including Export Control Regimes in South-Eastern European Countries

    International Nuclear Information System (INIS)

    Bokan, S.

    2007-01-01

    gaps exist, much less fill them. All this suggests that, to fulfil obligations under UNSC Resolutions 1540 and 1373, States must enact harmonized criminal prohibitions and authorization for law enforcement cooperation in order to establish a seamless web of security among all nations. Failure to do so implicitly poses a threat to international peace and security. One of the main issues which deserve to be further addressed and which prompts the continuation of the Southeast Europe Counterproliferation, Borger Security and Counterterrorism (CBSC) Working Group is to harmonize national laws and regulations that deal with deterring, detecting and interdicting WMD. Inventory of relevant CBSC subject-related laws of the Southeast Europe countries, including Export Control Laws was created and prepared for further consideration and harmonization by judiciary experts, with the aim to develop m odel laws . Let me very briefly present you the main features of the SEDM CBSC subject-related laws and regulations. This paper will present that inventory which includes the membership in the international Conventions, Treaties and Arrangements and also the membership in Multilateral Export Control Regimes of Southeast Europe countries. Also, it will be presented the membership in the international legal instruments that play an integral part in the global fight against terrorism. (author)

  16. Planning security for supply security

    International Nuclear Information System (INIS)

    Spies von Buellesheim.

    1994-01-01

    The situation of the hardcoal mining industry is still difficult, however better than last year. Due to better economic trends in the steel industry, though on a lower level, sales in 1994 have stabilised. Stocks are being significantly reduced. As to the production, we have nearly reached a level which has been politically agreed upon in the long run. Due to the determined action of the coalmining companies, a joint action of management and labour, the strong pressure has been mitigated. On the energy policy sector essential targets have been achieved: First of all the ECSC decision on state aid which will be in force up to the year 2002 and which will contribute to accomplish the results of the 1991 Coal Round. Furthermore, the 1994 Act on ensuring combustion of hardcoal in electricity production up to the year 2005. The hardcoal mining industry is grateful to all political decision makers for the achievements. The industry demands, however, that all questions still left open, including the procurement of financial means after 1996, should be settled soon on the basis of the new act and in accordance with the 1991 Coal Round and the energy concept of the Federal Government. German hardcoal is an indispensable factor within a balanced energy mix which guarantees the security of our energy supply, the security of the price structure and the respect of the environment. (orig.) [de

  17. Information security fundamentals

    CERN Document Server

    Peltier, Thomas R

    2013-01-01

    Developing an information security program that adheres to the principle of security as a business enabler must be the first step in an enterprise's effort to build an effective security program. Following in the footsteps of its bestselling predecessor, Information Security Fundamentals, Second Edition provides information security professionals with a clear understanding of the fundamentals of security required to address the range of issues they will experience in the field.The book examines the elements of computer security, employee roles and r

  18. ORACLE DATABASE SECURITY

    OpenAIRE

    Cristina-Maria Titrade

    2011-01-01

    This paper presents some security issues, namely security database system level, data level security, user-level security, user management, resource management and password management. Security is a constant concern in the design and database development. Usually, there are no concerns about the existence of security, but rather how large it should be. A typically DBMS has several levels of security, in addition to those offered by the operating system or network. Typically, a DBMS has user a...

  19. Computer Security: the security marathon, part 2

    CERN Multimedia

    Computer Security Team

    2014-01-01

    Do you recall our latest article on the “Security Marathon” (see here) and why it’s wrong to believe that computer security is a sprint, that a quick hack is invulnerable, that quick bug-fixing is sufficient, that plugging security measures on top of existing structures is a good idea, that once you are secure, your life is cosy?   In fact, security is a marathon for us too. Again and again, we have felt comfortable with the security situation at CERN, with dedicated protections deployed on individual hosts, with the security measures deployed by individual service managers, with the attentiveness and vigilance of our users, and with the responsiveness of the Management. Again and again, however, we subsequently detect or receive reports that this is wrong, that protections are incomplete, that security measures are incomplete, that security awareness has dropped. Thus, unfortunately, we often have to go back to square one and address similar issues over and over...

  20. The role of optics in secure credentials

    Science.gov (United States)

    Lichtenstein, Terri L.

    2006-02-01

    The global need for secure ID credentials has grown rapidly over the last few years. This is evident both in government and commercial sectors. Governmental programs include national ID card programs, permanent resident cards for noncitizens, biometric visas or border crossing cards, foreign worker ID programs and secure vehicle registration programs. The commercial need for secure credentials includes secure banking and financial services, security and access control systems and digital healthcare record cards. All of these programs necessitate the use of multiple tamper and counterfeit resistant features for credential authentication and cardholder verification. It is generally accepted that a secure credential should include a combination of overt, covert and forensic security features. The LaserCard optical memory card is a proven example of a secure credential that uses a variety of optical features to enhance its counterfeit resistance and reliability. This paper will review those features and how they interact to create a better credential.