WorldWideScience

Sample records for security environment cnss

  1. CNSS: Interagency Partnering to Protect Our National Security Systems

    National Research Council Canada - National Science Library

    Grimes, John G

    2008-01-01

    .... The CNSS performs the vital function of mobilizing the full, interagency National Security Community for the protection of telecommunications and information systems that support U.S. national security...

  2. 400-MWe consolidated nuclear steam system (CNSS). 1255 MWt CNSS design/cost update

    International Nuclear Information System (INIS)

    1984-07-01

    Since 1976 Babcock and Wilcox (B and W) has been extensively involved in the development of a medium-sized (1255 MWt/400 MWe) reactor. Under the sponsorship of the U.S. Department of Energy (DOE) and through a contract with Oak Ridge National Laboratories (ORNL), B and W investigated the feasibility of the concept for utility power generation and cogenerated process heat. The potential benefits of the design, called the Consolidated Nuclear Steam System (CNSS), were also identified. This study provides an update of the CNSS design and cost reflecting current regulatory requirements and operating reactor experience. The study was funded by DOE through ORNL and was performed by B and W and UE and C

  3. CNSS plant concept, capital cost, and multi-unit station economics

    Energy Technology Data Exchange (ETDEWEB)

    1984-07-01

    United Engineers and Constructors (UE and C) and the Babcock and Wilcox Company (B and W) have performed several studies over the last eight years related to small integral pressurized water reactors. These reactors include the 365 MWt (100 MWe) Consolidated Nuclear Steam Generator (CNSG) and the 1200 MWt Consolidated Nuclear Steam System (CNSS). The studies, mostly performed under contract to the Oak Ridge National Laboratory, have led to a 1250 MWt (400 MWe) Consolidated Nuclear Steam System (CNSS) plant concept, with unique design and cost features. This report contains an update of earlier studies of the CNSS reactor and balance-of-plant concept design, capital costs, and multi-unit plant economics incorporating recent design developments, improvements, and post-TMI-2 upgrades. The economic evaluation compares the total system economic impact of a phased, three stage 400 MWe CNSS implementation program, i.e., a three-unit station, to the installation of a single 1200 MWe Pressurized Water Reactor (PWR) into a typical USA utility system.

  4. CNSS plant concept, capital cost, and multi-unit station economics

    International Nuclear Information System (INIS)

    1984-07-01

    United Engineers and Constructors (UE and C) and the Babcock and Wilcox Company (B and W) have performed several studies over the last eight years related to small integral pressurized water reactors. These reactors include the 365 MWt (100 MWe) Consolidated Nuclear Steam Generator (CNSG) and the 1200 MWt Consolidated Nuclear Steam System (CNSS). The studies, mostly performed under contract to the Oak Ridge National Laboratory, have led to a 1250 MWt (400 MWe) Consolidated Nuclear Steam System (CNSS) plant concept, with unique design and cost features. This report contains an update of earlier studies of the CNSS reactor and balance-of-plant concept design, capital costs, and multi-unit plant economics incorporating recent design developments, improvements, and post-TMI-2 upgrades. The economic evaluation compares the total system economic impact of a phased, three stage 400 MWe CNSS implementation program, i.e., a three-unit station, to the installation of a single 1200 MWe Pressurized Water Reactor (PWR) into a typical USA utility system

  5. 32 CFR 2001.50 - Telecommunications automated information systems and network security.

    Science.gov (United States)

    2010-07-01

    ... NATIONAL SECURITY INFORMATION Safeguarding § 2001.50 Telecommunications automated information systems and... identified in the Committee on National Security Systems (CNSS) issuances and the Intelligence Community Directive (ICD) 503, Intelligence Community Information Technology Systems Security Risk Management...

  6. Securing collaborative environments

    Energy Technology Data Exchange (ETDEWEB)

    Agarwal, Deborah [Lawrence Berkeley National Lab. (LBNL), Berkeley, CA (United States); Jackson, Keith [Lawrence Berkeley National Lab. (LBNL), Berkeley, CA (United States); Thompson, Mary [Lawrence Berkeley National Lab. (LBNL), Berkeley, CA (United States)

    2002-05-16

    The diverse set of organizations and software components involved in a typical collaboratory make providing a seamless security solution difficult. In addition, the users need support for a broad range of frequency and locations for access to the collaboratory. A collaboratory security solution needs to be robust enough to ensure that valid participants are not denied access because of its failure. There are many tools that can be applied to the task of securing collaborative environments and these include public key infrastructure, secure sockets layer, Kerberos, virtual and real private networks, grid security infrastructure, and username/password. A combination of these mechanisms can provide effective secure collaboration capabilities. In this paper, we discuss the requirements of typical collaboratories and some proposals for applying various security mechanisms to collaborative environments.

  7. 400-MWe consolidated nuclear steam system (CNSS): 1200-MWt/conceptual design

    International Nuclear Information System (INIS)

    1977-06-01

    A 1200-MWt consolidated nuclear steam system (CNSS) conceptual design is described. The concept, derived from nuclear merchant ship propulsion steam systems but distinctly different from those systems in detail, incorporates the steam generators within the reactor pressure vessel. This configuration eliminates primary coolant circulating piping external to the reactor pressure vessel since the primary coolant circulating pumps are mounted in the pressure vessel head. So arranged, the maximum piping break that must be assumed is that of the pressurizer surge line, which is substantially smaller than a primary coolant circulating line. A fracture of the pressurizer surge line would result in substantially lower mass and energy release rates of the primary coolant during the assumed loss-of-coolant accident. This in turn makes practical a pressure-suppression containment rather than the ''dry'' containment commonly used for pressurized water reactors

  8. Securing the Vista Environment

    CERN Document Server

    Gregory, Peter

    2007-01-01

    "Securing the Vista Environment" takes you on a quick tour of the most significant security features in Vista, Microsoft's first revision of Windows in almost six years. You'll get background on threats and vulnerabilities that will make you think differently about security. Security is more than just the technology and configurations--it's about how we use the system that makes it secure or not. Then we'll cover Vista's security features, from user privileges to Windows Defender, User Account Control, and BitLocker, as well as strategies for protecting your information from unwanted disclo

  9. Forensic nursing in secure environments.

    Science.gov (United States)

    Shelton, Deborah

    2009-01-01

    There are few well-designed studies of corrections or prison nursing roles. This study seeks to describe the corrections or prison role of forensic nurses in the United States who provide care in secure environments. National data detailing the scope of practice in secure environments are limited. This pencil and paper survey describes the roles of 180 forensic nurses from 14 states who work in secure environments. Descriptive statistics are utilized. A repeated measures ANOVA with post hoc analyses was implemented. These nurses were older than average in age, but had 10 years or less experience in forensic nursing practice. Two significant roles emerged to "promote and implement principles that underpin effective quality and practice" and to "assess, develop, implement, and improve programs of care for individuals." Significant roles varied based upon the security classification of the unit or institution in which the nurses were employed. Access to information about these nurses and their nursing practice was difficult in these closed systems. Minimal data are available nationally, indicating a need for collection of additional data over time to examine changes in role. It is through such developments that forensic nursing provided in secure environments will define its specialization and attract the attention it deserves.

  10. 400-MWe Consolidated Nuclear Steam System (CNSS). 1200-MWt Phase 2A interim studies

    International Nuclear Information System (INIS)

    1978-09-01

    The Phase 2A interim studies of the Consolidated Nuclear Steam System (CNSS) consisted of a number of separate task studies addressing the design concepts developed during the Phase 1 study reported in BAW--1445. The purpose of the interim studies was to better establish overall concept feasibility from both a hardware and economic standpoint, to make modification and additions to the design where appropriate, and to understand and reduce the technical risks in critical areas of the design. The work on these task studies included input from Barberton, Mt. Vernon, and the Alliance Research Center as well as United Engineers and Constructors (UE and C). The UE and C work was carried out under a separate DOE contract

  11. Application Security in the ISO27001 Environment

    CERN Document Server

    Vinod, Vasudevan; Firosh, Ummer

    2008-01-01

    Application Security in the ISO27001 Environment demonstrates how to secure software applications within a best practice ISO/IEC 27001 environment and supports implementation of the PCI DSS Payment Application Security Standard.

  12. 400-MWe Consolidated Nuclear Steam System (CNSS). 1200-MWt Phase 2A interim studies. [PWR

    Energy Technology Data Exchange (ETDEWEB)

    1978-09-01

    The Phase 2A interim studies of the Consolidated Nuclear Steam System (CNSS) consisted of a number of separate task studies addressing the design concepts developed during the Phase 1 study reported in BAW--1445. The purpose of the interim studies was to better establish overall concept feasibility from both a hardware and economic standpoint, to make modification and additions to the design where appropriate, and to understand and reduce the technical risks in critical areas of the design. The work on these task studies included input from Barberton, Mt. Vernon, and the Alliance Research Center as well as United Engineers and Constructors (UE and C). The UE and C work was carried out under a separate DOE contract.

  13. Security Management Model in Cloud Computing Environment

    OpenAIRE

    Ahmadpanah, Seyed Hossein

    2016-01-01

    In the cloud computing environment, cloud virtual machine (VM) will be more and more the number of virtual machine security and management faced giant Challenge. In order to address security issues cloud computing virtualization environment, this paper presents a virtual machine based on efficient and dynamic deployment VM security management model state migration and scheduling, study of which virtual machine security architecture, based on AHP (Analytic Hierarchy Process) virtual machine de...

  14. Using Trust for Secure Collaboration in Uncertain Environments

    DEFF Research Database (Denmark)

    Cahill, Vinny; Gray, Elizabeth; Seigneur, Jean-Marc

    2003-01-01

    The SECURE project investigates the design of security mechanisms for pervasive computing based on trust. It addresses how entities in unfamiliar pervasive computing environments can overcome initial suspicion to provide secure collaboration.......The SECURE project investigates the design of security mechanisms for pervasive computing based on trust. It addresses how entities in unfamiliar pervasive computing environments can overcome initial suspicion to provide secure collaboration....

  15. A Cluster- Based Secure Active Network Environment

    Institute of Scientific and Technical Information of China (English)

    CHEN Xiao-lin; ZHOU Jing-yang; DAI Han; LU Sang-lu; CHEN Gui-hai

    2005-01-01

    We introduce a cluster-based secure active network environment (CSANE) which separates the processing of IP packets from that of active packets in active routers. In this environment, the active code authorized or trusted by privileged users is executed in the secure execution environment (EE) of the active router, while others are executed in the secure EE of the nodes in the distributed shared memory (DSM) cluster. With the supports of a multi-process Java virtual machine and KeyNote, untrusted active packets are controlled to securely consume resource. The DSM consistency management makes that active packets can be parallelly processed in the DSM cluster as if they were processed one by one in ANTS (Active Network Transport System). We demonstrate that CSANE has good security and scalability, but imposing little changes on traditional routers.

  16. Secure Enclaves: An Isolation-centric Approach for Creating Secure High Performance Computing Environments

    Energy Technology Data Exchange (ETDEWEB)

    Aderholdt, Ferrol [Tennessee Technological Univ., Cookeville, TN (United States); Caldwell, Blake A. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Hicks, Susan Elaine [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Koch, Scott M. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Naughton, III, Thomas J. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Pelfrey, Daniel S. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Pogge, James R [Tennessee Technological Univ., Cookeville, TN (United States); Scott, Stephen L [Tennessee Technological Univ., Cookeville, TN (United States); Shipman, Galen M. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Sorrillo, Lawrence [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States)

    2017-01-01

    High performance computing environments are often used for a wide variety of workloads ranging from simulation, data transformation and analysis, and complex workflows to name just a few. These systems may process data at various security levels but in so doing are often enclaved at the highest security posture. This approach places significant restrictions on the users of the system even when processing data at a lower security level and exposes data at higher levels of confidentiality to a much broader population than otherwise necessary. The traditional approach of isolation, while effective in establishing security enclaves poses significant challenges for the use of shared infrastructure in HPC environments. This report details current state-of-the-art in virtualization, reconfigurable network enclaving via Software Defined Networking (SDN), and storage architectures and bridging techniques for creating secure enclaves in HPC environments.

  17. Security Technologies for Open Networking Environments (STONE)

    Energy Technology Data Exchange (ETDEWEB)

    Muftic, Sead

    2005-03-31

    Under this project SETECS performed research, created the design, and the initial prototype of three groups of security technologies: (a) middleware security platform, (b) Web services security, and (c) group security system. The results of the project indicate that the three types of security technologies can be used either individually or in combination, which enables effective and rapid deployment of a number of secure applications in open networking environments. The middleware security platform represents a set of object-oriented security components providing various functions to handle basic cryptography, X.509 certificates, S/MIME and PKCS No.7 encapsulation formats, secure communication protocols, and smart cards. The platform has been designed in the form of security engines, including a Registration Engine, Certification Engine, an Authorization Engine, and a Secure Group Applications Engine. By creating a middleware security platform consisting of multiple independent components the following advantages have been achieved - Object-oriented, Modularity, Simplified Development, and testing, Portability, and Simplified extensions. The middleware security platform has been fully designed and a preliminary Java-based prototype has been created for the Microsoft Windows operating system. The Web services security system, designed in the project, consists of technologies and applications that provide authentication (i.e., single sign), authorization, and federation of identities in an open networking environment. The system is based on OASIS SAML and XACML standards for secure Web services. Its topology comprises three major components: Domain Security Server (DSS) is the main building block of the system Secure Application Server (SAS) Secure Client In addition to the SAML and XACML engines, the authorization system consists of two sets of components An Authorization Administration System An Authorization Enforcement System Federation of identities in multi

  18. Managing security in an e-business environment

    OpenAIRE

    Davcev, Ljupco

    2009-01-01

    Technological developments over the past few years have made significant contributions to securing the Internet for e-business. Ensuring security for e-business information exchange is essential as it entails exchange of sensitive information. E-business transactions entail transfer of funds with buyers, sellers and business partners. Vulnerabilities and security incidents in the digital environment require an understanding of technology issues and security challenges for privacy and trust...

  19. A cooperative model for IS security risk management in distributed environment.

    Science.gov (United States)

    Feng, Nan; Zheng, Chundong

    2014-01-01

    Given the increasing cooperation between organizations, the flexible exchange of security information across the allied organizations is critical to effectively manage information systems (IS) security in a distributed environment. In this paper, we develop a cooperative model for IS security risk management in a distributed environment. In the proposed model, the exchange of security information among the interconnected IS under distributed environment is supported by Bayesian networks (BNs). In addition, for an organization's IS, a BN is utilized to represent its security environment and dynamically predict its security risk level, by which the security manager can select an optimal action to safeguard the firm's information resources. The actual case studied illustrates the cooperative model presented in this paper and how it can be exploited to manage the distributed IS security risk effectively.

  20. Secure Environments for Collaboration among Ubiquitous Roaming Entities

    DEFF Research Database (Denmark)

    Jensen, Christian D.

    2002-01-01

    SECURE is a newly started IST project, which addresses secure collaboration among computational entities in emerging global computing systems. The properties of these systems introduce new security challenges that are not adequately addressed by existing security models and mechanisms. The scale ...... and uncertainty of this global computing environment invalidates existing security models. Instead, new security models have to be developed along with new security mechanisms that control access to protected resources.......SECURE is a newly started IST project, which addresses secure collaboration among computational entities in emerging global computing systems. The properties of these systems introduce new security challenges that are not adequately addressed by existing security models and mechanisms. The scale...

  1. Causes of improvement in the security environment of Iraq, 2006-2009

    OpenAIRE

    Wheeler, Seth A.

    2009-01-01

    Approved for public release, distribution unlimited Popular consensus exists that the 2007 surge of U.S. forces in Iraq led to an improved security environment. The surge was designed to reduce violence and improve security by protecting the Iraqi population - a change in strategy. According to the consensus, the security environment improved due to the surge, measured by the decreasing number of attacks. For this thesis, the security environment consists of the number of attacks and t...

  2. Еcological security of environment in Zhytomyr region

    Directory of Open Access Journals (Sweden)

    I.М. Kovalevska

    2016-03-01

    Full Text Available The article is aiming at the study of environmental hazards in Zhytomir region. Its main objective is to identify the set of adverse factors affecting the state of danger and compose a necessary starting material for the prediction of possible negative consequences, their nature and extent. The matter of special importance for the study of the phenomenon of security is the security classification. First of all, the forms (system of security in relation to the forces and processes of natural, social and technical character should be distinguished. They can be defined as systems of geo-bio-physical, social and technical security. The classification of security can be determined in many ways, for example, in relation to the object of security; in relation to the subject of security; according to the problem indication; according to the functional indication. Security is a distinctive characteristic and prerequisite of life, progressive development and viability of real-world objects. The methodology of its evaluation is based on the states of the essence of natural and anthropogenic environmental pollution, the standard requirements for the quality of environmental objects and standards of acceptable contamination. The assessment of ecological security of the environment is the quantitative measure of parameters of environmental pollution dangers, threats and risks of natural character as well as the state of anthropogenic security. This assessment is carried out according to the methods and ways to measure environmental parameters. For this purpose it is important to know the factors of danger and the system of indicators that characterizes all natural and environmental phenomena and processes of geo-ecological dangers, natural environmental conditions, ecological condition. The system of natural and industrial environmental indicators consists of the indicators which characterize all phenomena and processes of geo-ecological dangers of natural

  3. 6th Annual Homeland Security and Defense Education Summit, Developing an Adaptive Homeland Security Environment

    OpenAIRE

    2013-01-01

    6th Annual Homeland Security and Defense Education Summit Developing an Adaptive Homeland Security Environment, Burlington, MA, September 26-28, 2013 2013 Summit Agenda Naval Postgraduate School Center for Homeland Defense and Security In Partnership With Northeastern University, Department of Homeland Security, Federal Emergency Management Agency, National Guard Homeland Security Institute, National Homeland Defense Foundation Naval Postgraduate School Center for Homeland Defense and S...

  4. Methodology for considering environments and culture in developing information security systems

    OpenAIRE

    Mwakalinga, G Jeffy; Kowalski, Stewart; Yngström, Louise

    2009-01-01

    In this paper, we describe a methodology for considering culture of users and environments when developing information security systems. We discuss the problem of how researchers and developers of security for information systems have had difficulties in considering culture of users and environments when they develop information security systems. This has created environments where people serve technology instead of technology serving people. Users have been considered just as any other compo...

  5. Design and Implementation of Wiki Services in a Multilevel Secure Environment

    National Research Council Canada - National Science Library

    Ong, Kar L

    2007-01-01

    The Monterey Security Architecture (MYSEA) provides a distributed multilevel secure networking environment where authenticated users can securely access data and services at different security classification levels...

  6. Why the Gulf War still matters: Foreign perspectives on the war and the future of international security. Report No. 16

    Energy Technology Data Exchange (ETDEWEB)

    Garrity, P.J.

    1993-07-01

    This report summarizes the main findings of a Center for National Security Studies (CNSS) project that examined how a number of nations other than the United States have reacted to the course and outcome of the Persian Gulf War of 1991. The project was built around studies of key countries on which the Gulf War might reasonably be expected to have had a significant impact: Argentina, the ASEAN states, Brazil, China, Cuba, Egypt, France, Germany, India, Iran, Iraq, Israel, Italy, Japan, Jordan, Libya, North Korea, Russia, Saudi Arabia, South Korea, Spain, Syria, Taiwan, the United Kingdom, Vietnam, and the states of the former Yugoslavia. These country studies were written by well-recognized independent experts following a common set of guidelines provided by CNSS. When the country studies were completed, they were reviewed and supplemented through a series of peer assessments and workshops. The report represents a synthesis of material generated through this process, and is intended to stimulate thought and further analysis on the critical topics discussed herein.

  7. Web Server Security on Open Source Environments

    Science.gov (United States)

    Gkoutzelis, Dimitrios X.; Sardis, Manolis S.

    Administering critical resources has never been more difficult that it is today. In a changing world of software innovation where major changes occur on a daily basis, it is crucial for the webmasters and server administrators to shield their data against an unknown arsenal of attacks in the hands of their attackers. Up until now this kind of defense was a privilege of the few, out-budgeted and low cost solutions let the defender vulnerable to the uprising of innovating attacking methods. Luckily, the digital revolution of the past decade left its mark, changing the way we face security forever: open source infrastructure today covers all the prerequisites for a secure web environment in a way we could never imagine fifteen years ago. Online security of large corporations, military and government bodies is more and more handled by open source application thus driving the technological trend of the 21st century in adopting open solutions to E-Commerce and privacy issues. This paper describes substantial security precautions in facing privacy and authentication issues in a totally open source web environment. Our goal is to state and face the most known problems in data handling and consequently propose the most appealing techniques to face these challenges through an open solution.

  8. Security risks associated with radio frequency identification in medical environments.

    Science.gov (United States)

    Hawrylak, Peter J; Schimke, Nakeisha; Hale, John; Papa, Mauricio

    2012-12-01

    Radio frequency identification (RFID) is a form of wireless communication that is used to identify assets and people. RFID has significant benefits to the medical environment. However, serious security threats are present in RFID systems that must be addressed in a medical environment. Of particular interest are threats to patient privacy and safety based on interception of messages, interruption of communication, modification of data, and fabrication of messages and devices. This paper presents an overview of these security threats present in RFID systems in a medical environment and provides guidance on potential solutions to these threats. This paper provides a roadmap for researchers and implementers to address the security issues facing RFID in the medical space.

  9. Evaluation of Data Security Measures in a Network Environment Towards Developing Cooperate Data Security Guidelines

    OpenAIRE

    Ayub Hussein Shirandula; Dr. G. Wanyembi; Mr. Maina karume

    2012-01-01

    Data security in a networked environment is a topic that has become significant in organizations. As companies and organizations rely more on technology to run their businesses, connecting system to each other in different departments for efficiency data security is the concern for administrators. This research assessed the data security measures put in place at Mumias Sugar Company and the effort it was using to protect its data. The researcher also highlighted major security issues that wer...

  10. Applying the National Industrial Security Program (NISP) in the laboratory environment

    International Nuclear Information System (INIS)

    Bruckner, D.G.

    1995-01-01

    With continuing changes in the world safeguards and security environment the effectiveness of many laboratory operations depends on correctly assessing the risk to its programs and developing protection technologies, research and concepts of operations being employed by the scientific community. This paper explores the opportunities afforded by the National Industrial Security Program (NISP) to uniformly and simply protect Laboratory security assets, sensitive and classified information and matter, during all aspects of a laboratory program. The developments in information systems, program security, physical security and access controls suggest an industrial security approach. This paper's overall objective is to indicate that the Laboratory environment is particularly well suited to take advantage being pursued by NISP and the performance objectives of the new DOE orders

  11. Operational security in a grid environment

    CERN Document Server

    CERN. Geneva

    2008-01-01

    This talk presents the main goals of computer security in a grid environment, by using a FAQ approach. It details the evolution of the risks in the recent years, likely objectives for attackers and the progress made by the malware toolkits and frameworks. Finally, recommendations to deal with these threats are proposed.

  12. A Cluster-Based Framework for the Security of Medical Sensor Environments

    Science.gov (United States)

    Klaoudatou, Eleni; Konstantinou, Elisavet; Kambourakis, Georgios; Gritzalis, Stefanos

    The adoption of Wireless Sensor Networks (WSNs) in the healthcare sector poses many security issues, mainly because medical information is considered particularly sensitive. The security mechanisms employed are expected to be more efficient in terms of energy consumption and scalability in order to cope with the constrained capabilities of WSNs and patients’ mobility. Towards this goal, cluster-based medical WSNs can substantially improve efficiency and scalability. In this context, we have proposed a general framework for cluster-based medical environments on top of which security mechanisms can rely. This framework fully covers the varying needs of both in-hospital environments and environments formed ad hoc for medical emergencies. In this paper, we further elaborate on the security of our proposed solution. We specifically focus on key establishment mechanisms and investigate the group key agreement protocols that can best fit in our framework.

  13. IoT Privacy and Security Challenges for Smart Home Environments

    Directory of Open Access Journals (Sweden)

    Huichen Lin

    2016-07-01

    Full Text Available Often the Internet of Things (IoT is considered as a single problem domain, with proposed solutions intended to be applied across a wide range of applications. However, the privacy and security needs of critical engineering infrastructure or sensitive commercial operations are very different to the needs of a domestic Smart Home environment. Additionally, the financial and human resources available to implement security and privacy vary greatly between application domains. In domestic environments, human issues may be as important as technical issues. After surveying existing solutions for enhancing IoT security, the paper identifies key future requirements for trusted Smart Home systems. A gateway architecture is selected as the most appropriate for resource-constrained devices, and for high system availability. Two key technologies to assist system auto-management are identified. Firstly, support for system auto-configuration will enhance system security. Secondly, the automatic update of system software and firmware is needed to maintain ongoing secure system operation.

  14. Robotic security vehicle for exterior environments

    International Nuclear Information System (INIS)

    Klarer, P.R.; Workhoven, R.M.

    1988-01-01

    This paper describes a current effort at Sandia National Labs to develop an outdoor robotic vehicle capable of performing limited security functions autonomously in a structured environment. The present stage of development entails application of algorithms originally developed for the SIR vehicle to a testbed vehicle more appropriate to an outdoor environment. The current effort will culminate in a full scale demonstration of autonomous navigation capabilities on routine patrol and teleoperation by a human operator for alarm assessment and response. Various schemes for implementation of the robot system are discussed, as are plans for further development of the system

  15. Securing Resources in Collaborative Environments: A Peer-to-peerApproach

    Energy Technology Data Exchange (ETDEWEB)

    Berket, Karlo; Essiari, Abdelilah; Thompson, Mary R.

    2005-09-19

    We have developed a security model that facilitates control of resources by autonomous peers who act on behalf of collaborating users. This model allows a gradual build-up of trust. It enables secure interactions among users that do not necessarily know each other and allows them to build trust over the course of their collaboration. This paper describes various aspects of our security model and describes an architecture that implements this model to provide security in pure peer-to-peer environments.

  16. Deterrence and the New Global Security Environment - Lecture note

    International Nuclear Information System (INIS)

    Sitt, Bernard

    2006-01-01

    This lecture note makes an analysis of a collective publication entitled 'Deterrence and the New Global Security Environment', edited by Ian Kenyon and John Simpson (Routledge, New York, 2006). This collection of papers rigorously examines the current place of deterrence in international security relations, delivering the best of contemporary thinking. This is a special issue of the leading journal 'Contemporary Security Policy'. The present Lecture note emphasises a particular deterrence situation mentioned in this publication which is the one involving terrorist actors

  17. Latvian Security and Defense Policy within the Twenty-First Century Security Environment

    Directory of Open Access Journals (Sweden)

    Rublovskis Raimonds

    2014-12-01

    Full Text Available The aim of this paper is to analyze fundamental factors which form and profoundly shape security and defense policy of the Republic of Latvia. One can argue that historical background, geographical location, common institutional history within the former Soviet Union, the Russia factor, the relative smallness of the territory of state and the population, the ethnic composition of the population, the low density of the population and rather limited financial and manpower resources available for the defense of the Republic of Latvia are the key factors of influence on the state security and defense policy. The core principles of the security and defense policy of Latvia are the membership in powerful global military alliance of NATO and bilateral strategic partnership with the United States. However, security and defense cooperation among the three Baltic States as well as enhanced cooperation within the Baltic-Nordic framework is seen as an important supplementary factor for the increased security of the Republic of Latvia. Latvia has developed a sustainable legal and institutional framework in order to contribute to state security and defense; however, security challenges and significant changes within the global security environment of the twenty-first century will further challenge the ability of the Republic of Latvia to sustain its current legal framework, and more importantly, current institutional structure of Latvian security and defense architecture. Significant internal and external challenges will impact the fundamental pillars of Latvian security and defense policy, such as American strategic shift to the Pacific, and lack of political will to increase defense budgets in European part of NATO. It has to be clear that very independence, security and defense of the Republic of Latvia depend on the ability of NATO to remain an effective organization with timely and efficient decision-making, and the ability of the United States to remain

  18. A Secure Authenticate Framework for Cloud Computing Environment

    OpenAIRE

    Nitin Nagar; Pradeep k. Jatav

    2014-01-01

    Cloud computing has an important aspect for the companies to build and deploy their infrastructure and application. Data Storage service in the cloud computing is easy as compare to the other data storage services. At the same time, cloud security in the cloud environment is challenging task. Security issues ranging from missing system configuration, lack of proper updates, or unwise user actions from remote data storage. It can expose user’s private data and information to unwanted access. i...

  19. Evaluation of Ecological Environment Security in Contiguous Poverty Alleviation Area of Sichuan Province

    Science.gov (United States)

    Xian, W.; Chen, Y.; Chen, J.; Luo, X.; Shao, H.

    2018-04-01

    According to the overall requirements of ecological construction and environmental protection, rely on the national key ecological engineering, strengthen ecological environmental restoration and protection, improve forest cover, control soil erosion, construct important ecological security barrier in poor areas, inhibit poverty alleviation through ecological security in this area from environmental damage to the vicious cycle of poverty. Obviously, the dynamic monitoring of ecological security in contiguous destitute areas of Sichuan province has a policy sense of urgency and practical significance. This paper adopts RS technology and GIS technology to select the Luhe region of Jinchuan county and Ganzi prefecture as the research area, combined with the characteristics of ecological environment in poor areas, the impact factors of ecological environment are determined as land use type, terrain slope, vegetation cover, surface water, soil moisture and other factors. Using the ecological environmental safety assessment model, the ecological environment safety index is calculated. According to the index, the ecological environment safety of the research area is divided into four levels. The ecological environment safety classification map of 1990 in 2009 is obtained. It can be seen that with the human modern life and improve their economic level, the surrounding environment will be destroyed, because the research area ecological environment is now in good, the ecological environment generally tends to be stable. We should keep its ecological security good and improve local economic income. The relationship between ecological environmental security and economic coordinated development in poor areas has very important strategic significance.

  20. A secure medical data exchange protocol based on cloud environment.

    Science.gov (United States)

    Chen, Chin-Ling; Yang, Tsai-Tung; Shih, Tzay-Farn

    2014-09-01

    In recent years, health care technologies already became matured such as electronic medical records that can be easily stored. However, how to get medical resources more convenient is currently concern issue. In spite of many literatures discussed about medical systems, but these literatures should face many security challenges. The most important issue is patients' privacy. Therefore, we propose a secure medical data exchange protocol based on cloud environment. In our scheme, we use mobile device's characteristics, allowing peoples use medical resources on the cloud environment to seek medical advice conveniently.

  1. Enhancing Security by System-Level Virtualization in Cloud Computing Environments

    Science.gov (United States)

    Sun, Dawei; Chang, Guiran; Tan, Chunguang; Wang, Xingwei

    Many trends are opening up the era of cloud computing, which will reshape the IT industry. Virtualization techniques have become an indispensable ingredient for almost all cloud computing system. By the virtual environments, cloud provider is able to run varieties of operating systems as needed by each cloud user. Virtualization can improve reliability, security, and availability of applications by using consolidation, isolation, and fault tolerance. In addition, it is possible to balance the workloads by using live migration techniques. In this paper, the definition of cloud computing is given; and then the service and deployment models are introduced. An analysis of security issues and challenges in implementation of cloud computing is identified. Moreover, a system-level virtualization case is established to enhance the security of cloud computing environments.

  2. EVALUATION OF ECOLOGICAL ENVIRONMENT SECURITY IN CONTIGUOUS POVERTY ALLEVIATION AREA OF SICHUAN PROVINCE

    Directory of Open Access Journals (Sweden)

    W. Xian

    2018-04-01

    Full Text Available According to the overall requirements of ecological construction and environmental protection, rely on the national key ecological engineering, strengthen ecological environmental restoration and protection, improve forest cover, control soil erosion, construct important ecological security barrier in poor areas, inhibit poverty alleviation through ecological security in this area from environmental damage to the vicious cycle of poverty. Obviously, the dynamic monitoring of ecological security in contiguous destitute areas of Sichuan province has a policy sense of urgency and practical significance. This paper adopts RS technology and GIS technology to select the Luhe region of Jinchuan county and Ganzi prefecture as the research area, combined with the characteristics of ecological environment in poor areas, the impact factors of ecological environment are determined as land use type, terrain slope, vegetation cover, surface water, soil moisture and other factors. Using the ecological environmental safety assessment model, the ecological environment safety index is calculated. According to the index, the ecological environment safety of the research area is divided into four levels. The ecological environment safety classification map of 1990 in 2009 is obtained. It can be seen that with the human modern life and improve their economic level, the surrounding environment will be destroyed, because the research area ecological environment is now in good, the ecological environment generally tends to be stable. We should keep its ecological security good and improve local economic income. The relationship between ecological environmental security and economic coordinated development in poor areas has very important strategic significance.

  3. Security in Distributed Collaborative Environments: Limitations and Solutions

    Science.gov (United States)

    Saadi, Rachid; Pierson, Jean-Marc; Brunie, Lionel

    The main goal of establishing collaboration between heterogeneous environment is to create such as Pervasive context which provide nomadic users with ubiquitous access to digital information and surrounding resources. However, the constraints of mobility and heterogeneity arise a number of crucial issues related to security, especially authentication access control and privacy. First of all, in this chapter we explore the trust paradigm, specially the transitive capability to enable a trust peer to peer collaboration. In this manner, when each organization sets its own security policy to recognize (authenticate) users members of a trusted community and provide them a local access (access control), the trust transitivity between peers will allows users to gain a broad, larger and controlled access inside the pervasive environment. Next, we study the problem of user's privacy. In fact in pervasive and ubiquitous environments, nomadic users gather and exchange certificates or credential which providing them rights to access by transitivity unknown and trusted environments. These signed documents embeds increasing number of attribute that require to be filtered according to such contextual situation. In this chapter, we propose a new morph signature enabling each certificate owner to preserve his privacy by discloses or blinds some sensitive attributes according to faced situation.

  4. PLANNING INTELLIGENCE ACTIVITIES IN A DYNAMIC SECURITY ENVIRONMENT

    Directory of Open Access Journals (Sweden)

    Anca Pavel

    2016-10-01

    Full Text Available The hypothesis introduced by this article is that, in order to perform intelligence missions and to obtain valuable intelligence for the consumers it is necessary to implement processes and tools to support planning activities. Today's challenges consist rather in the ability of intelligence organizations to identify and initiate new connections, processes and communication flows with other partners operating in the security environment than to plan in their own name secret operations. From this point of view, planning activities should focus on new procedures, at a much more extensive level in order to align institutional efforts beyond the boundaries of their own organization and the national community of information. Also, in order to coordinate intelligence activities, strategic planning must be anchored into a complex analysis of the potential impact of existing and possible future global phenomena that shape the security environment and thus identify better ways of improving results.

  5. A Practice of Secure Development and Operational Environment Plan

    International Nuclear Information System (INIS)

    Park, Jaekwan; Seo, Sangmun; Suh, Yongsukl; Park, Cheol

    2017-01-01

    This paper suggests a practice of plan for SDOE establishment in a nuclear I and C. First, it is necessary to perform a requirements analysis to define key regulatory issues and determine the target systems. The analysis includes a survey to find out the applicable measures credited internationally. Based on the analysis results, this paper proposes an implementation plan including a process harmonizing security activities with legacy software activities and applicable technical, operational, and management measures for target systems. Recently, nuclear I and C has been faced with two security issues, cyber security (CS) and secure development and operational environment (SDOE). Unlike cyber security, few studies on planning SDOE have been presented. This paper suggests a plan for establishing an SDOE in a nuclear I and C. This paper defines three key considerations to comply with the regulatory position of RG. 1.152(R3) and proposes a process harmonizing the security activities with legacy software activities. In addition, this paper proposes technical, operational, and management measures applicable for SDOE.

  6. Secure vendor environment (SVE) for PACS

    Science.gov (United States)

    Honeyman-Buck, Janice; Frost, Meryll

    2005-04-01

    A Secure Vendor Environment (SVE) was created to protect radiology modalities from network intrusion, worms, viruses, and other forms of damaging attacks. Many vendors do not attempt any form of network security and if an institution demands a non-standard and secure installation, a future system upgrade could and frequently does eliminate any security measures installed during the initial installation. The SVE isolates the vendor equipment behind a virtual firewall on a private network that is invisible to the outside world. All interactions must go though a device containing two network interface cards called an Application Processor that acts as a store-and forward router, performs DICOM repair, proxies modality worklist, and isolates the vendor modalities. A small VPN appliance can open the device temporarily for remote access by vendor engineers. Prior to the routine installation of the SVE, vendor equipment was often attacked by hostile network intruders and viruses or worms, sometimes rendering the equipment unusable until the vendor could reload the system. The resulted in considerable clinical downtime and loss of revenue. Since the relatively low cost SVE solution has routinely been installed with all new equipment, no intrusions have occurred, although our network sniffers and intrusion detectors indicate that we are constantly being scanned for vulnerability. Purpose: To provide a secure network for vendor equipment in a PACS environment while allowing vendor access for upgrades and system repairs. Method: The network administrators at our university believe that network security should be implemented at the machine level rather than relying on a firewall. A firewall solution could conceivably block unwanted intrusion from outside the university network, but would still allow literally thousands of potential network users to get through to the PACS network. All the PACS archive, display and routing systems are individually protected from intrusion, but

  7. Secure Software Configuration Management Processes for nuclear safety software development environment

    International Nuclear Information System (INIS)

    Chou, I.-Hsin

    2011-01-01

    Highlights: → The proposed method emphasizes platform-independent security processes. → A hybrid process based on the nuclear SCM and security regulations is proposed. → Detailed descriptions and Process Flow Diagram are useful for software developers. - Abstract: The main difference between nuclear and generic software is that the risk factor is infinitely greater in nuclear software - if there is a malfunction in the safety system, it can result in significant economic loss, physical damage or threat to human life. However, secure software development environment have often been ignored in the nuclear industry. In response to the terrorist attacks on September 11, 2001, the US Nuclear Regulatory Commission (USNRC) revised the Regulatory Guide (RG 1.152-2006) 'Criteria for use of computers in safety systems of nuclear power plants' to provide specific security guidance throughout the software development life cycle. Software Configuration Management (SCM) is an essential discipline in the software development environment. SCM involves identifying configuration items, controlling changes to those items, and maintaining integrity and traceability of them. For securing the nuclear safety software, this paper proposes a Secure SCM Processes (S 2 CMP) which infuses regulatory security requirements into proposed SCM processes. Furthermore, a Process Flow Diagram (PFD) is adopted to describe S 2 CMP, which is intended to enhance the communication between regulators and developers.

  8. A Method for Evaluating Information Security Governance (ISG) Components in Banking Environment

    Science.gov (United States)

    Ula, M.; Ula, M.; Fuadi, W.

    2017-02-01

    As modern banking increasingly relies on the internet and computer technologies to operate their businesses and market interactions, the threats and security breaches have highly increased in recent years. Insider and outsider attacks have caused global businesses lost trillions of Dollars a year. Therefore, that is a need for a proper framework to govern the information security in the banking system. The aim of this research is to propose and design an enhanced method to evaluate information security governance (ISG) implementation in banking environment. This research examines and compares the elements from the commonly used information security governance frameworks, standards and best practices. Their strength and weakness are considered in its approaches. The initial framework for governing the information security in banking system was constructed from document review. The framework was categorized into three levels which are Governance level, Managerial level, and technical level. The study further conducts an online survey for banking security professionals to get their professional judgment about the ISG most critical components and the importance for each ISG component that should be implemented in banking environment. Data from the survey was used to construct a mathematical model for ISG evaluation, component importance data used as weighting coefficient for the related component in the mathematical model. The research further develops a method for evaluating ISG implementation in banking based on the mathematical model. The proposed method was tested through real bank case study in an Indonesian local bank. The study evidently proves that the proposed method has sufficient coverage of ISG in banking environment and effectively evaluates the ISG implementation in banking environment.

  9. Service-Oriented Security Framework for Remote Medical Services in the Internet of Things Environment

    Science.gov (United States)

    Lee, Jae Dong; Yoon, Tae Sik; Chung, Seung Hyun

    2015-01-01

    Objectives Remote medical services have been expanding globally, and this is expansion is steadily increasing. It has had many positive effects, including medical access convenience, timeliness of service, and cost reduction. The speed of research and development in remote medical technology has been gradually accelerating. Therefore, it is expected to expand to enable various high-tech information and communications technology (ICT)-based remote medical services. However, the current state lacks an appropriate security framework that can resolve security issues centered on the Internet of things (IoT) environment that will be utilized significantly in telemedicine. Methods This study developed a medical service-oriented frame work for secure remote medical services, possessing flexibility regarding new service and security elements through its service-oriented structure. First, the common architecture of remote medical services is defined. Next medical-oriented secu rity threats and requirements within the IoT environment are identified. Finally, we propose a "service-oriented security frame work for remote medical services" based on previous work and requirements for secure remote medical services in the IoT. Results The proposed framework is a secure framework based on service-oriented cases in the medical environment. A com parative analysis focusing on the security elements (confidentiality, integrity, availability, privacy) was conducted, and the analysis results demonstrate the security of the proposed framework for remote medical services with IoT. Conclusions The proposed framework is service-oriented structure. It can support dynamic security elements in accordance with demands related to new remote medical services which will be diversely generated in the IoT environment. We anticipate that it will enable secure services to be provided that can guarantee confidentiality, integrity, and availability for all, including patients, non-patients, and medical

  10. Service-Oriented Security Framework for Remote Medical Services in the Internet of Things Environment.

    Science.gov (United States)

    Lee, Jae Dong; Yoon, Tae Sik; Chung, Seung Hyun; Cha, Hyo Soung

    2015-10-01

    Remote medical services have been expanding globally, and this is expansion is steadily increasing. It has had many positive effects, including medical access convenience, timeliness of service, and cost reduction. The speed of research and development in remote medical technology has been gradually accelerating. Therefore, it is expected to expand to enable various high-tech information and communications technology (ICT)-based remote medical services. However, the current state lacks an appropriate security framework that can resolve security issues centered on the Internet of things (IoT) environment that will be utilized significantly in telemedicine. This study developed a medical service-oriented frame work for secure remote medical services, possessing flexibility regarding new service and security elements through its service-oriented structure. First, the common architecture of remote medical services is defined. Next medical-oriented secu rity threats and requirements within the IoT environment are identified. Finally, we propose a "service-oriented security frame work for remote medical services" based on previous work and requirements for secure remote medical services in the IoT. The proposed framework is a secure framework based on service-oriented cases in the medical environment. A com parative analysis focusing on the security elements (confidentiality, integrity, availability, privacy) was conducted, and the analysis results demonstrate the security of the proposed framework for remote medical services with IoT. The proposed framework is service-oriented structure. It can support dynamic security elements in accordance with demands related to new remote medical services which will be diversely generated in the IoT environment. We anticipate that it will enable secure services to be provided that can guarantee confidentiality, integrity, and availability for all, including patients, non-patients, and medical staff.

  11. Family Food Security and Children’s Environment: A Comprehensive Analysis with Structural Equation Modeling

    OpenAIRE

    Che Wan Jasimah bt Wan Mohamed Radzi; Huang Hui; Nur Anisah Binti Mohamed @ A. Rahman; Hashem Salarzadeh Jenatabadi

    2017-01-01

    Structural Equation Modeling (SEM) has been used extensively in sustainability studies to model relationships among latent and manifest variables. This paper provides a tutorial exposition of the SEM approach in food security studies and introduces a basic framework based on family food security and children’s environment sustainability. This framework includes family food security and three main concepts representing children’s environment, including children’s BMI, health, and school perfor...

  12. A Secure Protocol Based on a Sedentary Agent for Mobile Agent Environments

    OpenAIRE

    Abdelmorhit E. Rhazi; Samuel Pierre; Hanifa Boucheneb

    2007-01-01

    The main challenge when deploying mobile agent environments pertains to security issues concerning mobile agents and their executive platform. This paper proposes a secure protocol which protects mobile agents against attacks from malicious hosts in these environments. Protection is based on the perfect cooperation of a sedentary agent running inside a trusted third host. Results show that the protocol detects several attacks, such as denial of service, incorrect execution and re-execution of...

  13. Precision Security: Integrating Video Surveillance with Surrounding Environment Changes

    Directory of Open Access Journals (Sweden)

    Wenfeng Wang

    2018-01-01

    Full Text Available Video surveillance plays a vital role in maintaining the social security although, until now, large uncertainty still exists in danger understanding and recognition, which can be partly attributed to intractable environment changes in the backgrounds. This article presents a brain-inspired computing of attention value of surrounding environment changes (EC with a processes-based cognition model by introducing a ratio value λ of EC-implications within considered periods. Theoretical models for computation of warning level of EC-implications to the universal video recognition efficiency (quantified as time cost of implication-ratio variations from λk to λk+1, k=1,2,… are further established. Imbedding proposed models into the online algorithms is suggested as a future research priority towards precision security for critical applications and, furthermore, schemes for a practical implementation of such integration are also preliminarily discussed.

  14. Trust Model to Enhance Security and Interoperability of Cloud Environment

    Science.gov (United States)

    Li, Wenjuan; Ping, Lingdi

    Trust is one of the most important means to improve security and enable interoperability of current heterogeneous independent cloud platforms. This paper first analyzed several trust models used in large and distributed environment and then introduced a novel cloud trust model to solve security issues in cross-clouds environment in which cloud customer can choose different providers' services and resources in heterogeneous domains can cooperate. The model is domain-based. It divides one cloud provider's resource nodes into the same domain and sets trust agent. It distinguishes two different roles cloud customer and cloud server and designs different strategies for them. In our model, trust recommendation is treated as one type of cloud services just like computation or storage. The model achieves both identity authentication and behavior authentication. The results of emulation experiments show that the proposed model can efficiently and safely construct trust relationship in cross-clouds environment.

  15. Building Psychological Contracts in Security-Risk Environments

    DEFF Research Database (Denmark)

    Ramirez, Jacobo; Madero, Sergio; Vélez-Zapata, Claudia

    2015-01-01

    This paper examines the reciprocal obligations between employers and employees that are framed as psychological contracts in security-risk environments. A total of 30 interviews based on psychological contract frameworks, duty-of-care strategies in terms of human resource management (HRM) systems...... and the impacts of narcoterrorism on firms were conducted with human resources (HR) personnel, line managers and subordinates at eight national and multinational corporations (MNCs) with subsidiaries in Colombia and Mexico. Our findings generally support the existence of a relational psychological contract in our...... sample. Duty-of-care strategies based on both HRM systems and the sensitivities of HR personnel and line managers to the narcoterrorism context, in combination with both explicit and implicit security policies, tend to be the sources of the content of psychological contracts. We propose a psychological...

  16. IoT Privacy and Security Challenges for Smart Home Environments

    OpenAIRE

    Huichen Lin; Neil W. Bergmann

    2016-01-01

    Often the Internet of Things (IoT) is considered as a single problem domain, with proposed solutions intended to be applied across a wide range of applications. However, the privacy and security needs of critical engineering infrastructure or sensitive commercial operations are very different to the needs of a domestic Smart Home environment. Additionally, the financial and human resources available to implement security and privacy vary greatly between application domains. In domestic enviro...

  17. A secure RFID mutual authentication protocol for healthcare environments using elliptic curve cryptography.

    Science.gov (United States)

    Jin, Chunhua; Xu, Chunxiang; Zhang, Xiaojun; Zhao, Jining

    2015-03-01

    Radio Frequency Identification(RFID) is an automatic identification technology, which can be widely used in healthcare environments to locate and track staff, equipment and patients. However, potential security and privacy problems in RFID system remain a challenge. In this paper, we design a mutual authentication protocol for RFID based on elliptic curve cryptography(ECC). We use pre-computing method within tag's communication, so that our protocol can get better efficiency. In terms of security, our protocol can achieve confidentiality, unforgeability, mutual authentication, tag's anonymity, availability and forward security. Our protocol also can overcome the weakness in the existing protocols. Therefore, our protocol is suitable for healthcare environments.

  18. The Transformation of Security Environment at the beginning of XXIst Century

    Directory of Open Access Journals (Sweden)

    Florin Iftode

    2009-06-01

    Full Text Available The current security environment is characterized by a high degree of instability andunpredictability, by the manifestation of new risks and threats, by redefining relations between thegreat powers and increased freedom of action of regional factors. The evolution of global security inthe last decade, has confirmed that the success of actions and the stability can only be the result of amultidimensional cooperation of the international community, through emphasizing the dialogue in aninstitutional framework and activating the decisive role that the great international organizations playin defining the state of security of the world.

  19. A secure RFID authentication protocol for healthcare environments using elliptic curve cryptosystem.

    Science.gov (United States)

    Zhao, Zhenguo

    2014-05-01

    With the fast advancement of the wireless communication technology and the widespread use of medical systems, the radio frequency identification (RFID) technology has been widely used in healthcare environments. As the first important protocol for ensuring secure communication in healthcare environment, the RFID authentication protocols derive more and more attentions. Most of RFID authentication protocols are based on hash function or symmetric cryptography. To get more security properties, elliptic curve cryptosystem (ECC) has been used in the design of RFID authentication protocol. Recently, Liao and Hsiao proposed a new RFID authentication protocol using ECC and claimed their protocol could withstand various attacks. In this paper, we will show that their protocol suffers from the key compromise problem, i.e. an adversary could get the private key stored in the tag. To enhance the security, we propose a new RFID authentication protocol using ECC. Detailed analysis shows the proposed protocol not only could overcome weaknesses in Liao and Hsiao's protocol but also has the same performance. Therefore, it is more suitable for healthcare environments.

  20. Designing a Secure Exam Management System (SEMS) for M-Learning Environments

    Science.gov (United States)

    Kaiiali, Mustafa; Ozkaya, Armagan; Altun, Halis; Haddad, Hatem; Alier, Marc

    2016-01-01

    M-learning has enhanced the e-learning by making the learning process learner-centered. However, enforcing exam security in open environments where each student has his/her own mobile/tablet device connected to a Wi-Fi network through which it is further connected to the Internet can be one of the most challenging tasks. In such environments,…

  1. Security environment and nuclear proliferation problems in East Asia

    International Nuclear Information System (INIS)

    Suh, Mark Byung-Moon

    1997-01-01

    East Asia was and still is divided into two conflicting ideological blocs. Because of the Cold War between these two blocs, two international wars were fought and tensions limited interactions among these countries. Despite these political constraints, in recent years East Asia has become economically one of the most dynamic regions in the world. Now that the Cold War between the USA and the Soviet Union is over, the danger of global nuclear war involving the nuclear powers in the region has been practically eliminated. Nonetheless, security has become more complex and demands a whole new set of arrangements. Yet the region lacks a cohesive multilateral framework for conflict resolution, and only recently have various attempts been made to create a political forum for the countries in the region. The problem and the danger of nuclear proliferation was vividly shown by the North Korean nuclear crisis in the last years. This issue not only halted the fragile process of normalization between the two Koreas, which started in 1988, but almost led to a new military conflict on the peninsula involving the two Koreas and the USA. It was defused only after the USA proved willing to offer security guarantees to North Korea. This problem still needs to be resolved, and it demands radical changes in the overall political environment in the region. Needless to say, proliferation in North Korea would have entailed grave consequences for the security of the region as well as for the international non-proliferation regime. This paper reviews the issue of nuclear proliferation of the three non-nuclear states in the region and deals with the non-introduction of nuclear weapons in the region by the nuclear powers. It discusses the prospects for a nuclear-weapon-free zone on the Korean peninsula. Perspectives of a sustainable security environment in East Asia will be briefly discussed

  2. An Efficient Secure Scheme Based on Hierarchical Topology in the Smart Home Environment

    Directory of Open Access Journals (Sweden)

    Mansik Kim

    2017-08-01

    Full Text Available As the Internet of Things (IoT has developed, the emerging sensor network (ESN that integrates emerging technologies, such as autonomous driving, cyber-physical systems, mobile nodes, and existing sensor networks has been in the limelight. Smart homes have been researched and developed by various companies and organizations. Emerging sensor networks have some issues of providing secure service according to a new environment, such as a smart home, and the problems of low power and low-computing capacity for the sensor that previous sensor networks were equipped with. This study classifies various sensors used in smart homes into three classes and contains the hierarchical topology for efficient communication. In addition, a scheme for establishing secure communication among sensors based on physical unclonable functions (PUFs that cannot be physically cloned is suggested in regard to the sensor’s low performance. In addition, we analyzed this scheme by conducting security and performance evaluations proving to constitute secure channels while consuming fewer resources. We believe that our scheme can provide secure communication by using fewer resources in a smart home environment in the future.

  3. Operating nuclear power stations in a regulated cyber security environment: a roadmap for success

    Energy Technology Data Exchange (ETDEWEB)

    Dorman, E., E-mail: Erik.Dorman@areva.com [AREVA Inc., Cyber Security Solutions, Charlotte, NC (United States)

    2015-07-01

    The United States Nuclear Regulatory Commission (NRC) issued 10CFR73.54 to implement a regulated Cyber Security Program at each operating nuclear reactor facility. Milestones were implemented December 31, 2012 to mitigate the attack vectors for the most critical digital assets acknowledged by the industry and the NRC. The NRC inspections have begun. The nuclear Cyber Security Plan, implemented by the site Cyber Security Program (Program), is an element of the operating license at each facility. The Program is designed to protect critical digital assets (CDAs) by applying and maintaining defense-in depth protective strategies to ensure the capability to detect, respond to, and recover from cyber-attacks. The Program references NEI 08-09 R. 6, the Nuclear Energy Institute Template that provides guidance for applying Cyber Security controls derived from NIST 800-53/82 and slightly modified to fit the nuclear environment. Many mature processes are in place at nuclear facilities in response to numerous regulations implemented over the past 30 years. Many of these processes such as the Physical Security Program offer protections that are leveraged to protect the functions of critical digital assets from unauthorized physical access. Other processes and technology such as engineering design control, work management and pre-job briefs, control of portable media and mobile devices, and deterministically segregated networks protect critical digital assets. By leveraging the regulated nuclear environment, integrating NIST type Cyber Security controls, and prudently deploying technology the Cyber Security posture of operating nuclear facilities supports on-demand base load electricity 24/7 with capacity factors exceeding 85%. This paper is designed to provide a glimpse into Cyber Security Programs that support safe operation and reliability in the regulated nuclear environment while supporting the on-demand base load electricity production 24/7. (author)

  4. Operating nuclear power stations in a regulated cyber security environment: a roadmap for success

    International Nuclear Information System (INIS)

    Dorman, E.

    2015-01-01

    The United States Nuclear Regulatory Commission (NRC) issued 10CFR73.54 to implement a regulated Cyber Security Program at each operating nuclear reactor facility. Milestones were implemented December 31, 2012 to mitigate the attack vectors for the most critical digital assets acknowledged by the industry and the NRC. The NRC inspections have begun. The nuclear Cyber Security Plan, implemented by the site Cyber Security Program (Program), is an element of the operating license at each facility. The Program is designed to protect critical digital assets (CDAs) by applying and maintaining defense-in depth protective strategies to ensure the capability to detect, respond to, and recover from cyber-attacks. The Program references NEI 08-09 R. 6, the Nuclear Energy Institute Template that provides guidance for applying Cyber Security controls derived from NIST 800-53/82 and slightly modified to fit the nuclear environment. Many mature processes are in place at nuclear facilities in response to numerous regulations implemented over the past 30 years. Many of these processes such as the Physical Security Program offer protections that are leveraged to protect the functions of critical digital assets from unauthorized physical access. Other processes and technology such as engineering design control, work management and pre-job briefs, control of portable media and mobile devices, and deterministically segregated networks protect critical digital assets. By leveraging the regulated nuclear environment, integrating NIST type Cyber Security controls, and prudently deploying technology the Cyber Security posture of operating nuclear facilities supports on-demand base load electricity 24/7 with capacity factors exceeding 85%. This paper is designed to provide a glimpse into Cyber Security Programs that support safe operation and reliability in the regulated nuclear environment while supporting the on-demand base load electricity production 24/7. (author)

  5. Psychological factors of the readiness of teachers to ensure social security in the educational environment.

    Directory of Open Access Journals (Sweden)

    Shmeleva E.A.

    2015-03-01

    Full Text Available The negative sociocultural transformations that are taking place in modern society and the resulting psychological transformation of personality and mode of life strongly require searching for ways of providing social safety to the next generation, with teachers being the implementers of this process. Teachers’ professionalism is determined by their willingness to solve personal and socially relevant problems, including the willingness to provide social security for other people, to thwart social risks, and to build constructive interpersonal relationships. The aim of our research was to reveal and to analyze the psychological factors affecting the readiness of teachers to ensure social security in educational environments. The environmental factors of social risk have been theoretically characterized. It has been shown that the essential factor in ensuring students’ social security is providing a safe social environment in educational institutions; such an environment provides the learners and the teachers with sociopsychological security and psychosocial well-being. The empirical part of our study was devoted to identifying negative social phenomena in the schools in the Ivanovo region (with the help of a questionnaire administered to 700 students and to identifying the personally and professionally important qualities of the teachers and the subjective psychological factors of their readiness to ensure social security in the educational environment (through interviewing 300 teachers; the administration of the questionnaires and the interviewing were followed by an assessment of their significance (with the help of a questionnaire administered to 140 teachers. Using factor analysis we identified the relevant indicators and grouped them into six factors of the readiness of teachers to ensure a safe educational environment. Relevant personal and professional qualities of teachers were revealed; these are the subjective factors of the

  6. Ensuring the Security of the Educational Environment: Cases of US, Russia and Europe

    Directory of Open Access Journals (Sweden)

    Vitaly V. Kabernik

    2015-01-01

    Full Text Available The article deals with security, including informational, educational environment. The article considers experience of the United States and Europe, including specific examples. Given a classification of the major threats and they are allocated on the basis of foreign and domestic experience. The article also determines the range of problems actually facing educational institutions and regularly described in special reports on the subject. Provides an overview of a set of measures designed to regulate access to inappropriate content, with special attention given to the phenomenon of social networks that put new challenges in ensuring security of the educational environment.

  7. Secure environment for real-time tele-collaboration on virtual simulation of radiation treatment planning.

    Science.gov (United States)

    Ntasis, Efthymios; Maniatis, Theofanis A; Nikita, Konstantina S

    2003-01-01

    A secure framework is described for real-time tele-collaboration on Virtual Simulation procedure of Radiation Treatment Planning. An integrated approach is followed clustering the security issues faced by the system into organizational issues, security issues over the LAN and security issues over the LAN-to-LAN connection. The design and the implementation of the security services are performed according to the identified security requirements, along with the need for real time communication between the collaborating health care professionals. A detailed description of the implementation is given, presenting a solution, which can directly be tailored to other tele-collaboration services in the field of health care. The pilot study of the proposed security components proves the feasibility of the secure environment, and the consistency with the high performance demands of the application.

  8. One of the Approaches to Creation of Hybrid Cloud Secure Environment

    Directory of Open Access Journals (Sweden)

    Andrey Konstantinovich Kachko

    2014-02-01

    Full Text Available In response to the ever growing needs in the storage and processing of data the main position are occupied by informational-telecommunication systems, operating on the basis of cloud computing. In this case, the key point in the use of cloud computing is the problem of information security. This article is primarily intended to cover the main information safety issues that occur in cloud environments and ways of their solutions in the construction of an integrated information security management system on the cloud architecture.

  9. Securing the virtual environment how to defend the enterprise against attack

    CERN Document Server

    Ottenheimer, Davi

    2012-01-01

    A step-by-step guide to identifying and defending against attacks on the virtual environment As more and more data is moved into virtual environments the need to secure them becomes increasingly important. Useful for service providers as well as enterprise and small business IT professionals the book offers a broad look across virtualization used in various industries as well as a narrow view of vulnerabilities unique to virtual environments. A companion DVD is included with recipes and testing scripts. Examines the difference in a virtual model versus traditional computing models an

  10. Analysis of Security Mechanisms Based on Clusters IoT Environments

    Directory of Open Access Journals (Sweden)

    Paulo Gaona-García

    2017-03-01

    Full Text Available Internet of things is based on sensors, communication networks and intelligence that manages the entire process and the generated data. Sensors are the senses of systems, because of this, they can be used in large quantities. Sensors must have low power consumption and cost, small size and great flexibility for its use in all circumstances. Therefore, the security of these network devices, data sensors and other devices, is a major concern as it grows rapidly in terms of nodes interconnected via sensor data. This paper presents an analysis from a systematic review point of view of articles on Internet of Things (IoT, security aspects specifically at privacy level and control access in this type of environment. Finally, it presents an analysis of security issues that must be addressed, from different clusters and identified areas within the fields of application of this technology.

  11. The role of food-security solutions in the protection of natural resources and environment of developing countries.

    Science.gov (United States)

    Lashgarara, Farhad; Mirdamadi, Seyyed Mehdi; Hosseini, Seyyed Jamal Farajollah; Chizari, Mohammad

    2008-10-01

    The majority of the countries of the world, especially developing countries, face environmental problems. Limitations of basic resources (water and soil) and population growth have been the cause of these environmental problems that countries are confronted with. Developing countries have numerous problems, including destruction of forests, vegetable and animal species, and pollution of the environment. Damage to natural resources and the environment can influence the food-security situation. One of the main millennium development goals (MDGs) is protection of the environment and people's health. This cannot obtained unless there is ensured food security. Food security has been defined as a situation when all people, at all times, have physical and economic access to sufficient, safe, and nutritious food needed to maintain a healthy and active life. At the same time, with ensured food security, we can hope to protect the natural resources and environment. The methodology used is descriptive-analytical, and its main purpose is determining the importance and role of food-security solutions in the reduction of environmental hazards and improvement of natural resources and the environmental situation in developing countries. Therefore, some of the most important food-security solutions that can play an important role in this relation were discussed, including conventional research-based technology, biotechnology, information and communication technologies (ICTs), alternative energy sources, and food irradiation.

  12. An Adaptive Multilevel Security Framework for the Data Stored in Cloud Environment

    Science.gov (United States)

    Dorairaj, Sudha Devi; Kaliannan, Thilagavathy

    2015-01-01

    Cloud computing is renowned for delivering information technology services based on internet. Nowadays, organizations are interested in moving their massive data and computations into cloud to reap their significant benefits of on demand service, resource pooling, and rapid elasticity that helps to satisfy the dynamically changing infrastructure demand without the burden of owning, managing, and maintaining it. Since the data needs to be secured throughout its life cycle, security of the data in cloud is a major challenge to be concentrated on because the data is in third party's premises. Any uniform simple or high level security method for all the data either compromises the sensitive data or proves to be too costly with increased overhead. Any common multiple method for all data becomes vulnerable when the common security pattern is identified at the event of successful attack on any information and also encourages more attacks on all other data. This paper suggests an adaptive multilevel security framework based on cryptography techniques that provide adequate security for the classified data stored in cloud. The proposed security system acclimates well for cloud environment and is also customizable and more reliant to meet the required level of security of data with different sensitivity that changes with business needs and commercial conditions. PMID:26258165

  13. An Adaptive Multilevel Security Framework for the Data Stored in Cloud Environment

    Directory of Open Access Journals (Sweden)

    Sudha Devi Dorairaj

    2015-01-01

    Full Text Available Cloud computing is renowned for delivering information technology services based on internet. Nowadays, organizations are interested in moving their massive data and computations into cloud to reap their significant benefits of on demand service, resource pooling, and rapid elasticity that helps to satisfy the dynamically changing infrastructure demand without the burden of owning, managing, and maintaining it. Since the data needs to be secured throughout its life cycle, security of the data in cloud is a major challenge to be concentrated on because the data is in third party’s premises. Any uniform simple or high level security method for all the data either compromises the sensitive data or proves to be too costly with increased overhead. Any common multiple method for all data becomes vulnerable when the common security pattern is identified at the event of successful attack on any information and also encourages more attacks on all other data. This paper suggests an adaptive multilevel security framework based on cryptography techniques that provide adequate security for the classified data stored in cloud. The proposed security system acclimates well for cloud environment and is also customizable and more reliant to meet the required level of security of data with different sensitivity that changes with business needs and commercial conditions.

  14. An Adaptive Multilevel Security Framework for the Data Stored in Cloud Environment.

    Science.gov (United States)

    Dorairaj, Sudha Devi; Kaliannan, Thilagavathy

    2015-01-01

    Cloud computing is renowned for delivering information technology services based on internet. Nowadays, organizations are interested in moving their massive data and computations into cloud to reap their significant benefits of on demand service, resource pooling, and rapid elasticity that helps to satisfy the dynamically changing infrastructure demand without the burden of owning, managing, and maintaining it. Since the data needs to be secured throughout its life cycle, security of the data in cloud is a major challenge to be concentrated on because the data is in third party's premises. Any uniform simple or high level security method for all the data either compromises the sensitive data or proves to be too costly with increased overhead. Any common multiple method for all data becomes vulnerable when the common security pattern is identified at the event of successful attack on any information and also encourages more attacks on all other data. This paper suggests an adaptive multilevel security framework based on cryptography techniques that provide adequate security for the classified data stored in cloud. The proposed security system acclimates well for cloud environment and is also customizable and more reliant to meet the required level of security of data with different sensitivity that changes with business needs and commercial conditions.

  15. Secure and Efficient User Authentication Scheme Based on Password and Smart Card for Multiserver Environment

    Directory of Open Access Journals (Sweden)

    Yan Zhao

    2018-01-01

    Full Text Available The rapid development of information and network technologies motivates the emergence of various new computing paradigms, such as distributed computing, cloud computing, and edge computing. This also enables more and more network enterprises to provide multiple different services simultaneously. To ensure these services can only be accessed conveniently by authorized users, many password and smart card based authentication schemes for multiserver architecture have been proposed. Recently, Truong et al. introduced an identity based user authentication scheme on elliptic curve cryptography in multiserver environment and claimed that their scheme is secure against popular attacks. However, in this paper, we point out that their scheme suffers from offline password guessing and impersonation attack and fails to achieve security requirements of this kind of authentication scheme. Moreover, we put forward a new scheme to conquer security pitfalls in the above scheme. Security analysis indicates that the proposed scheme can be free from well-known attacks. Performance discussion demonstrates that our scheme has advantages in terms of both security property and computation efficiency and thus is more desirable for practical applications in multiserver environment.

  16. Economic Security Environment and Implementation of Planning, Programming, Budgeting, Execution (PPBE) System in Georgia

    Science.gov (United States)

    2004-06-01

    Roy J. What Determines Economic Growth? Economic Review – Second Quarter 1993 [References: Barro (1991); Mankiw , Romer, and Well (1992); De Long...NAVAL POSTGRADUATE SCHOOL MONTEREY, CALIFORNIA THESIS Approved for public release: distribution unlimited ECONOMIC SECURITY...DATES COVERED Master’s Thesis 4. TITLE AND SUBTITLE: Economic Security Environment and Implementation of Planning, Programming, Budgeting, Execution

  17. Fabrication and growth mechanism of carbon nanospheres by chemical vapor deposition

    International Nuclear Information System (INIS)

    Tian, F.; He, C.N.

    2010-01-01

    The synthesis of carbon nanospheres (CNSs) by chemical vapor deposition (CVD) of methane on catalyst of Ni-Al composite powders was reported. The influence factors on the growth morphology of CNSs, such as reaction temperature, reaction time and different carrier gases concerning hydrogen, nitrogen as well as no carrier gas were investigated using transmission electron microscope. The results showed that the reaction temperature had great effect on the structure of CNSs, higher temperature led to high-crystallized CNSs with high purity. The reaction time brought no significant influence to the structure of CNSs, but the average diameter of the CNSs was obviously increased with prolonging the reaction time. Relatively pure CNSs could be obtained with hydrogen as the carrier gas but with poor product rate compared with the CNSs with no carrier gas. Proper amount of CNSs with pure characteristic could be obtained with nitrogen as the carrier gas. Finally, a growth mechanism of dissolution-precipitation-diffusion is proposed for elucidating the growth process of general CNSs.

  18. Information security management: a proposal to improve the effectiveness of information security in the scientific research environment

    International Nuclear Information System (INIS)

    Alexandria, Joao Carlos Soares de

    2009-01-01

    The increase of the connectivity in the business environment, combined with the growing dependency of information systems, has become the information security management an important governance tool. Information security has as main goal to protect the business transactions in order to work normally. In this way, It will be safeguarding the business continuity. The threats of information come from hackers' attacks, electronic frauds and spying, as well as fire, electrical energy interruption and humans fault. Information security is made by implementation of a set of controls, including of the others politics, processes, procedures, organizational structures, software and hardware, which require a continuous management and a well established structure to be able to face such challenges. This work tried to search the reasons why the organizations have difficulties to make a practice of information security management. Many of them just limit to adopt points measures, sometimes they are not consistent with their realities. The market counts on enough quantity of standards and regulations related to information security issues, for example, ISO/IEC 27002, American Sarbanes-Oxley act, Basel capital accord, regulations from regulatory agency (such as the Brazilians ones ANATEL, ANVISA and CVM). The market researches have showed that the information security implementation is concentrated on a well-defined group of organization mainly formed by large companies and from specifics sectors of economy, for example, financial and telecommunication. However, information security must be done by all organizations that use information systems to carry out their activities, independently of its size or economic area that it belongs. The situation of information security in the governmental sector of Brazil, and inside its research institutions, is considered worrying by the Brazilian Court of Accounts (TCU). This research work presents an assessment and diagnostic proposal of

  19. IT-security challenges in IoT environments and autonomous systems

    Science.gov (United States)

    Heun, Ulrich

    2017-05-01

    Internet of Things will open the digital world for future services working across company borders. Together with autonomous systems intelligent things will communicate and work together without direct influence of human technicians or service managers. IT-security will become one of the most important challenges to ensure a stable service performance and to provide a trustful environment to let people use such service without any concerns regarding data privacy and eligibility of the outcomes.

  20. Enhancing energy security in Malayia: the challenges towards sustainable environment

    International Nuclear Information System (INIS)

    Sahid, E J M; Peng, L Y; Siang, C Ch

    2013-01-01

    Energy is known as one of the essential ingredients for economic development and security of energy supply is crucial in ensuring continuous economic development of a country. Malaysia's proven domestic oil reserves are estimated to last for another 25 years, while that of gas for another 39 years as of 2011. Despite the depleting indigenous energy resources, the primary energy demand has continued to grow robustly, at an annual rate of 6.3 percent per year from 1990 to 2010, while the primary energy import has grown 7.2% per year and the primary energy export has grown at a slower rate of 1.9% per year. This worrying trend is further compounded by the faster rate of primary oil import averaging 10.5% per year while the primary energy export has shrink at a rate of 1.4% per year. This paper has identified two main concerns namely overdependence on fossil fuel and increasing energy import dependency in creating a precarious position towards energy self-sufficiency. The study will analyse the energy security of the country and explore possible options and challenges in enhancing the energy supply security toward sustainable environment.

  1. The Feasibility of Wearables in an Enterprise Environment and Their Impact on IT Security

    Science.gov (United States)

    Scotti, Vincent, Jr.

    2015-01-01

    This paper is intended to explore the usability and feasibility of wearables in an enterprise environment and their impact on IT Security. In this day and age, with the advent of the Internet of Things, we must explore all the new technology emerging from the minds of the new inventors. This means exploring the use of wearables in regards to their benefits, limitations, and the new challenges they pose to securing computer networks in the Federal environment. We will explore the design of the wearables, the interfaces needed to connect them, and what it will take to connect personal devices in the Federal enterprise network environment. We will provide an overview of the wearable design, concerns of ensuring the confidentiality, integrity, and availability of information and the challenges faced by those doing so. We will also review the implications and limitations of the policies governing wearable technology and the physical efforts to enforce them.

  2. A Secure and Anonymous Two-Factor Authentication Protocol in Multiserver Environment

    Directory of Open Access Journals (Sweden)

    Chenyu Wang

    2018-01-01

    Full Text Available With the great development of network technology, the multiserver system gets widely used in providing various of services. And the two-factor authentication protocols in multiserver system attract more and more attention. Recently, there are two new schemes for multiserver environment which claimed to be secure against the known attacks. However, after a scrutinization of these two schemes, we found that (1 their description of the adversary’s abilities is inaccurate; (2 their schemes suffer from many attacks. Thus, firstly, we corrected their description on the adversary capacities to introduce a widely accepted adversary model and then summarized fourteen security requirements of multiserver based on the works of pioneer contributors. Secondly, we revealed that one of the two schemes fails to preserve forward secrecy and user anonymity and cannot resist stolen-verifier attack and off-line dictionary attack and so forth and also demonstrated that another scheme fails to preserve forward secrecy and user anonymity and is not secure to insider attack and off-line dictionary attack, and so forth. Finally, we designed an enhanced scheme to overcome these identified weaknesses, proved its security via BAN logic and heuristic analysis, and then compared it with other relevant schemes. The comparison results showed the superiority of our scheme.

  3. Short sequence motifs, overrepresented in mammalian conservednon-coding sequences

    Energy Technology Data Exchange (ETDEWEB)

    Minovitsky, Simon; Stegmaier, Philip; Kel, Alexander; Kondrashov,Alexey S.; Dubchak, Inna

    2007-02-21

    Background: A substantial fraction of non-coding DNAsequences of multicellular eukaryotes is under selective constraint. Inparticular, ~;5 percent of the human genome consists of conservednon-coding sequences (CNSs). CNSs differ from other genomic sequences intheir nucleotide composition and must play important functional roles,which mostly remain obscure.Results: We investigated relative abundancesof short sequence motifs in all human CNSs present in the human/mousewhole-genome alignments vs. three background sets of sequences: (i)weakly conserved or unconserved non-coding sequences (non-CNSs); (ii)near-promoter sequences (located between nucleotides -500 and -1500,relative to a start of transcription); and (iii) random sequences withthe same nucleotide composition as that of CNSs. When compared tonon-CNSs and near-promoter sequences, CNSs possess an excess of AT-richmotifs, often containing runs of identical nucleotides. In contrast, whencompared to random sequences, CNSs contain an excess of GC-rich motifswhich, however, lack CpG dinucleotides. Thus, abundance of short sequencemotifs in human CNSs, taken as a whole, is mostly determined by theiroverall compositional properties and not by overrepresentation of anyspecific short motifs. These properties are: (i) high AT-content of CNSs,(ii) a tendency, probably due to context-dependent mutation, of A's andT's to clump, (iii) presence of short GC-rich regions, and (iv) avoidanceof CpG contexts, due to their hypermutability. Only a small number ofshort motifs, overrepresented in all human CNSs are similar to bindingsites of transcription factors from the FOX family.Conclusion: Human CNSsas a whole appear to be too broad a class of sequences to possess strongfootprints of any short sequence-specific functions. Such footprintsshould be studied at the level of functional subclasses of CNSs, such asthose which flank genes with a particular pattern of expression. Overallproperties of CNSs are affected by

  4. METHODOLOGICAL APPROACHES TO THE ANALYSIS OF ЕCONOMIC SECURITY MARKET ENVIRONMENT

    Directory of Open Access Journals (Sweden)

    V. P. Voronin

    2014-01-01

    Full Text Available Summary The market environment is not only important for the good functioning of enterprises and organizations, but also an indicator of the attractiveness for business. In this regard, on the first place of its economic analysis of the state and dynamics, not only the definition of capacity and market, but also its innovation, investment and institutional components, as well as economic security for businesses and organizations. Economic security for businesses and organizations associated with the identification of factors affecting the state of criminal and corrupt elements. Globalization of world economic relations led to the spread of corruption market environment from local to global markets. Increasingly close involvement of Russia into the world economy was accompanied by negative phenomena of this nature. This was facilitated by liberalization of public relations; sharp stratification of society in terms of income, inefficient system of income redistribution: the weakness and backwardness of civil institutions, all lower income level communication with the humanistic and patriotic values. As a result, generated problems and threats: market institutions there, ethical values and justice, sustainable normal course of business. Simultaneously, it contributes to the establishment and complication of the linkages between corruption and economic crime, the spread of illicit acquisition of personal wealth. Needless business community can and should take an active part in monitoring and economic analysis of the marketing environment of enterprises and organizations, making it more transparent and accessible information across a wide range of its customers.

  5. Research on Influence of Cloud Environment on Traditional Network Security

    Science.gov (United States)

    Ming, Xiaobo; Guo, Jinhua

    2018-02-01

    Cloud computing is a symbol of the progress of modern information network, cloud computing provides a lot of convenience to the Internet users, but it also brings a lot of risk to the Internet users. Second, one of the main reasons for Internet users to choose cloud computing is that the network security performance is great, it also is the cornerstone of cloud computing applications. This paper briefly explores the impact on cloud environment on traditional cybersecurity, and puts forward corresponding solutions.

  6. Security controls in a Cullinet database environment

    International Nuclear Information System (INIS)

    Thompson, R.E.

    1988-01-01

    Security controls using Cullinet's Integrated Data Management System (IDMS) are examined. IDMS software integrity problems, with emphasis on security package interfaces, are disclosed. Solutions applied at Sandia Laboratories Engineering Information Management computing facilty are presented. An overall IDMS computer security philosophy is reviewed

  7. A collaborative virtual environment for training of security agents in nuclear emergencies

    Energy Technology Data Exchange (ETDEWEB)

    Fernandes, Sara I.; Passos, Cláudio A.; Silva, Marcio H.; Carvalho, Paulo Victor R.; Legey, Ana Paula; Mol, Antonio Carlos; Machado, Daniel M.; Cotelli, André; Rocha, Tiago L., E-mail: mol@ien.gov.br [Instituto de Engenharia Nuclear (IEN/CNEN-RJ), Rio de Janeiro, RJ (Brazil). Departamento de Realidade Virtual

    2017-07-01

    In face the recently observed security menaces related to terrorist actions and natural disasters, there is a need for a major qualification and training of the agents responsible for avoid any problems regarding to abnormal conditions. In the conventional training procedures, however, field simulations are associated to logistical and operational constraints regarded to the execution of the tests which can expose the user to risk. On the other hand, the use of virtual simulations provides an alternative to such limitations besides of promote the qualifying of professionals with a great reliability. For this reason, this paper proposes the development of a collaborative virtual environment that will be used to prepare the security agents on identifying individuals suspected of carrying radioactive materials. The development of the virtual environment consisted on modeling using Autodesk 3ds Max, where the scene itself and the scene objects were modeled besides the terrain creation and basic features programming using the Game Engine Unity 3D. In the Engine Game were included radiation detectors and avatars. The security agents were able to communicate to each other by means of auxiliary external tools like a headset software that makes possible the communication, coordination and cooperation required for an effective collaboration. Experimental tests of the virtual simulations were performed with the participation of CNEN radiological protection agents and collaborators. The tests have shown that the proposed method can contribute to improve the training results of the basic collaborative skills required for a CNEN agent in an emergency situation without the need to expose him to any kind of risk. In face of that, we hope that it can contribute to minimize the demand for qualified security professionals. (author)

  8. A collaborative virtual environment for training of security agents in nuclear emergencies

    International Nuclear Information System (INIS)

    Fernandes, Sara I.; Passos, Cláudio A.; Silva, Marcio H.; Carvalho, Paulo Victor R.; Legey, Ana Paula; Mol, Antonio Carlos; Machado, Daniel M.; Cotelli, André; Rocha, Tiago L.

    2017-01-01

    In face the recently observed security menaces related to terrorist actions and natural disasters, there is a need for a major qualification and training of the agents responsible for avoid any problems regarding to abnormal conditions. In the conventional training procedures, however, field simulations are associated to logistical and operational constraints regarded to the execution of the tests which can expose the user to risk. On the other hand, the use of virtual simulations provides an alternative to such limitations besides of promote the qualifying of professionals with a great reliability. For this reason, this paper proposes the development of a collaborative virtual environment that will be used to prepare the security agents on identifying individuals suspected of carrying radioactive materials. The development of the virtual environment consisted on modeling using Autodesk 3ds Max, where the scene itself and the scene objects were modeled besides the terrain creation and basic features programming using the Game Engine Unity 3D. In the Engine Game were included radiation detectors and avatars. The security agents were able to communicate to each other by means of auxiliary external tools like a headset software that makes possible the communication, coordination and cooperation required for an effective collaboration. Experimental tests of the virtual simulations were performed with the participation of CNEN radiological protection agents and collaborators. The tests have shown that the proposed method can contribute to improve the training results of the basic collaborative skills required for a CNEN agent in an emergency situation without the need to expose him to any kind of risk. In face of that, we hope that it can contribute to minimize the demand for qualified security professionals. (author)

  9. Information Assurance Security in the Information Environment

    CERN Document Server

    Blyth, Andrew

    2006-01-01

    Intended for IT managers and assets protection professionals, this work aims to bridge the gap between information security, information systems security and information warfare. It covers topics such as the role of the corporate security officer; Corporate cybercrime; Electronic commerce and the global marketplace; Cryptography; and, more.

  10. PRINCIPLE OF THE ELECTRONIC EDUCATIONAL ENVIRONMENT SECURITY IN THE PROFESSIONAL TRAINING OF UNIVERSITY STUDENTS

    Directory of Open Access Journals (Sweden)

    Valery G. Tylets

    2017-12-01

    Full Text Available The article considers the problem of professional training of students in e-learning environment in accordance with the principle of security. The authors offer the essay technology of multiple difficulty levels. In the article the description of each level of technology proves its conformity to the positions of principle of security. The main methods of measurement performance were made by expert assessment and subjective scaling. The analysis of results of approbation of essay technology of multiple difficulty levels in the experimental sample showed an increase of objective and subjective indicators. Positive methodological and personal effects of the introduction of technology into the process of university education were identified, corresponding to the positions of principle of security. Methodical recommendations of application of technology were formulated.

  11. Security Analysis of Measurement-Device-Independent Quantum Key Distribution in Collective-Rotation Noisy Environment

    Science.gov (United States)

    Li, Na; Zhang, Yu; Wen, Shuang; Li, Lei-lei; Li, Jian

    2018-01-01

    Noise is a problem that communication channels cannot avoid. It is, thus, beneficial to analyze the security of MDI-QKD in noisy environment. An analysis model for collective-rotation noise is introduced, and the information theory methods are used to analyze the security of the protocol. The maximum amount of information that Eve can eavesdrop is 50%, and the eavesdropping can always be detected if the noise level ɛ ≤ 0.68. Therefore, MDI-QKD protocol is secure as quantum key distribution protocol. The maximum probability that the relay outputs successful results is 16% when existing eavesdropping. Moreover, the probability that the relay outputs successful results when existing eavesdropping is higher than the situation without eavesdropping. The paper validates that MDI-QKD protocol has better robustness.

  12. In-situ growth of LiFePO4 nanocrystals on interconnected carbon nanotubes/mesoporous carbon nanosheets for high-performance lithium ion batteries

    International Nuclear Information System (INIS)

    Wu, Ruofei; Xia, Guofeng; Shen, Shuiyun; Zhu, Fengjuan; Jiang, Fengjing; Zhang, Junliang

    2015-01-01

    Graphical abstract: In-situ soft-templated LFP nanocrystals on interconnected carbon nanotubes/mesoporous carbon nanosheets (designated as LFP@CNTs/CNSs), exhibited superior electrochemical performance due to the synergetic effect between CNTs and CNSs, which form interconnected conductive network for fast transport of both electrons and lithium ions. - Highlights: • LFP nanocrystals were in-situ synthesized on interconnected CNTs/CNSs framework with an in-situ soft-templated method. • LFP@CNTs/CNSs exhibited superior rate capability and cycling stability, due to interconnected conductive network for fast transport of both electrons and lithium ions. • The synergetic effect between CNTs and CNSs on the electrochemical performance of LFP electrode was demonstrated by a systematically electrochemical study compared with LFP/CNSs and LFP/CNTs. - Abstract: Lithium ion phosphate (LiFePO 4 ) nanocrystals are successfully in-situ grown on interconnected carbon nanotubes/mesoporous carbon nanosheets (designated as LFP@CNTs/CNSs) with a soft-templated method, which involves the multi-constituent co-assembly of a triblock copolymer, CNTs, resol and precursors of LFP followed by thermal treatment. X-ray diffraction, scanning electron microscopy, high resolution transmission electron microscopy and N 2 adsorption-desorption techniques are used to characterize the structure and morphology of the as-synthesized materials. When used as the cathode of lithium ion batteries, the LFP@CNTs/CNSs composite exhibits superior rate capability and cycling stability, compared with the samples modified only with CNSs (designated as LFP/CNSs) or with CNTs (designated as LFP/CNTs). This is mainly attributed to the synergetic effect between CNTs and CNSs caused by their unique structure, which forms interconnected conductive network for fast transport of both electrons and lithium ions, and thus remarkably improves the electrode kinetics. Firstly, nano-sized LFP are in-situ grown on the

  13. An approach for investigation of secure access processes at a combined e-learning environment

    Science.gov (United States)

    Romansky, Radi; Noninska, Irina

    2017-12-01

    The article discuses an approach to investigate processes for regulation the security and privacy control at a heterogenous e-learning environment realized as a combination of traditional and cloud means and tools. Authors' proposal for combined architecture of e-learning system is presented and main subsystems and procedures are discussed. A formalization of the processes for using different types resources (public, private internal and private external) is proposed. The apparatus of Markovian chains (MC) is used for modeling and analytical investigation of the secure access to the resources is used and some assessments are presented.

  14. Synthesis of carbon nanospheres using fallen willow leaves and adsorption of Rhodamine B and heavy metals by them.

    Science.gov (United States)

    Qu, Jiao; Zhang, Qian; Xia, Yunsheng; Cong, Qiao; Luo, Chunqiu

    2015-01-01

    This paper focuses on the synthesis of carbon nanospheres (CNSs) using fallen willow leaves as a low-cost precursor. The scanning electron microscopy (SEM) image and transmission electron microscopy (TEM) image demonstrated that the structure of synthesized CNSs was spherical, with a diameter of 100 nm. The crystal structure and chemical information were characterized by Raman spectrum and energy-dispersive spectrum (EDS), respectively. BET results showed that the CNSs had a larger specific surface area of 294.32 m(2) g(-1), which makes it a potentially superior adsorbent. Rh-B and heavy metal ions such as Cu(2+), Zn(2+), and Cr(6+) were used as targets to investigate the adsorption capacity of the CNSs. The effects of adsorption parameters such as adsorption equilibrium time, dose of CNSs, adsorption kinetics, and effect factors were also studied. These findings not only established a cost-effective method of synthesizing CNSs using fallen willow leaves but also broadened the potential application range of these CNSs.

  15. Research review of nongovernmental organizations' security policies for humanitarian programs in war, conflict, and postconflict environments.

    Science.gov (United States)

    Rowley, Elizabeth; Burns, Lauren; Burnham, Gilbert

    2013-06-01

    To identify the most and least commonly cited security management messages that nongovernmental organizations (NGOs) are communicating to their field staff, to determine the types of documentation that NGOs most often use to communicate key security messages, and to distinguish the points of commonality and divergence across organizations in the content of key security messages. The authors undertook a systematic review of available security policies, manuals, and training materials from 20 international humanitarian NGOs using the InterAction Minimum Operating Security Standards as the basis for a review framework. The most commonly cited standards include analytical security issues such as threat and risk assessment processes and guidance on acceptance, protection, and deterrence approaches. Among the least commonly cited standards were considering security threats to national staff during staffing decision processes, incorporating security awareness into job descriptions, and ensuring that national staff security issues are addressed in trainings. NGO staff receive security-related messages through multiple document types, but only 12 of the 20 organizations have a distinct security policy document. Points of convergence across organizations in the content of commonly cited standards were found in many areas, but differences in security risk and threat assessment guidance may undermine communication between aid workers about changes in local security environments. Although the humanitarian community has experienced significant progress in the development of practical staff security guidance during the past 10 years, gaps remain that can hinder efforts to garner needed resources, clarify security responsibilities, and ensure that the distinct needs of national staff are recognized and addressed.

  16. Security an introduction

    CERN Document Server

    Purpura, Philip P

    2011-01-01

    Section I The History and Profession of SecurityDefinition, Role, and History of Security Security Defined The Contexts of Security The Roles of Security The History of Security Security in an Environment of Threats, Terrorism, and All-Hazards Threats and Hazards Terrorism National Strategies The Profession and Business of Security The Business of Security Professionalism and Security Associations Ethics Regulation of the Security Industry Security Training Higher Education Careers Section II Protecting People and AssetsSecurity Methodology Methodology Defined Security Business Proposals Secur

  17. Urban environment and health: food security.

    Science.gov (United States)

    Galal, Osman; Corroon, Meghan; Tirado, Cristina

    2010-07-01

    The authors examine the impact of urbanization on food security and human health in the Middle East. Within-urban-population disparities in food security represent one of the most dramatic indicators of economic and health disparities. These disparities are reflected in a double burden of health outcomes: increasing levels of chronic disease as well as growing numbers of undernourished among the urban poor. These require further comprehensive solutions. Some of the factors leading to food insecurity are an overdependence on purchased food commodities, lack of sufficient livelihoods, rapid reductions in peripheral agricultural land, and adverse impacts of climate change. The Food and Agriculture Organization of the United Nations (FAO) Food Security Framework is used to examine and compare 2 cities in the Middle East: Amman, Jordan, and Manama, Bahrain.

  18. Interworking between IP security and NAT-PT under IPv4/IPv6 co-existent environments

    Science.gov (United States)

    Ye, Run-Guo; Yu, Shu-Yao; Yang, Hong-Wei; Song, Chuck

    2005-02-01

    Similar to conventional NAT gateways, NAT-PT gateways break traditional TCP/IP"s end-to-end argument property; hence, any IP-based applications protected by IPSec protocol cannot traverse NAT-PT gateways properly. The interworking issues between IPSec and NAT-PT gateways under IPv4/IPv6 co-existent environments were studied: this paper first pointed out the deficiency of current NAT-Traversal scheme when interworking with NAT-PT gateways and proposed an enhanced scheme, which enabled interworking between IPSec and NAT-PT gateways and served the following three scenarios: 1) secure communication between IPv6 hosts and IPv4 hosts; 2) secure communication between IPv6 subnets and IPv4 subnets; 3) secure communication between remote IPv6 hosts and legacy IPv4 subnets.

  19. Policies and measures for economic efficiency, energy security and environment protection in India

    International Nuclear Information System (INIS)

    Venkaiah, M.; Kaushik, S.C.; Dewangan, M.L.

    2007-01-01

    India needs to sustain 8-10% economic growth to meet energy needs of people below poverty line. India would, at least, need to grow its primary energy supply (3-4 times) of present consumption to deliver a sustained growth of 8% by 2031. This paper discusses India's policies and measures for economic efficiency, environment protection and energy security (3-E). (author)

  20. Security Isolation Strategy Mechanism for Lightweight Virtualization Environment

    Directory of Open Access Journals (Sweden)

    Liu Qian

    2017-01-01

    Full Text Available For cloud service providers, lightweight virtualization is a more economical way of virtualization. While the user is worried about the safety of applications and data of the container, due to the container sharing the underlying interface and the kernel, therefore the security and trusted degree of lightweight virtualization container isolation mechanism is critical for the promotion of lightweight virtualization service. Because the user cannot directly participate in the process of the construction and management of container isolation mechanism, it is difficult for them to establish confidence in the security and trusted degree of container isolation mechanism. Based on the research and analysis of system credible and virtualization isolation mechanism, this paper puts forward a set of lightweight virtualization security isolation strategy mechanism, divides lightweight virtualization container storage address space into several parts, puts forward the definition of lightweight virtualization security isolation, gives the formal description and proof of container security isolation strategy, and combines with related technology to verify the feasibility of lightweight virtualization security isolation strategy mechanism. The mechanism has important guiding significance for cloud services providers to deploy container security isolation.

  1. Secure Scientific Applications Scheduling Technique for Cloud Computing Environment Using Global League Championship Algorithm.

    Science.gov (United States)

    Abdulhamid, Shafi'i Muhammad; Abd Latiff, Muhammad Shafie; Abdul-Salaam, Gaddafi; Hussain Madni, Syed Hamid

    2016-01-01

    Cloud computing system is a huge cluster of interconnected servers residing in a datacenter and dynamically provisioned to clients on-demand via a front-end interface. Scientific applications scheduling in the cloud computing environment is identified as NP-hard problem due to the dynamic nature of heterogeneous resources. Recently, a number of metaheuristics optimization schemes have been applied to address the challenges of applications scheduling in the cloud system, without much emphasis on the issue of secure global scheduling. In this paper, scientific applications scheduling techniques using the Global League Championship Algorithm (GBLCA) optimization technique is first presented for global task scheduling in the cloud environment. The experiment is carried out using CloudSim simulator. The experimental results show that, the proposed GBLCA technique produced remarkable performance improvement rate on the makespan that ranges between 14.44% to 46.41%. It also shows significant reduction in the time taken to securely schedule applications as parametrically measured in terms of the response time. In view of the experimental results, the proposed technique provides better-quality scheduling solution that is suitable for scientific applications task execution in the Cloud Computing environment than the MinMin, MaxMin, Genetic Algorithm (GA) and Ant Colony Optimization (ACO) scheduling techniques.

  2. Secure Scientific Applications Scheduling Technique for Cloud Computing Environment Using Global League Championship Algorithm

    Science.gov (United States)

    Abdulhamid, Shafi’i Muhammad; Abd Latiff, Muhammad Shafie; Abdul-Salaam, Gaddafi; Hussain Madni, Syed Hamid

    2016-01-01

    Cloud computing system is a huge cluster of interconnected servers residing in a datacenter and dynamically provisioned to clients on-demand via a front-end interface. Scientific applications scheduling in the cloud computing environment is identified as NP-hard problem due to the dynamic nature of heterogeneous resources. Recently, a number of metaheuristics optimization schemes have been applied to address the challenges of applications scheduling in the cloud system, without much emphasis on the issue of secure global scheduling. In this paper, scientific applications scheduling techniques using the Global League Championship Algorithm (GBLCA) optimization technique is first presented for global task scheduling in the cloud environment. The experiment is carried out using CloudSim simulator. The experimental results show that, the proposed GBLCA technique produced remarkable performance improvement rate on the makespan that ranges between 14.44% to 46.41%. It also shows significant reduction in the time taken to securely schedule applications as parametrically measured in terms of the response time. In view of the experimental results, the proposed technique provides better-quality scheduling solution that is suitable for scientific applications task execution in the Cloud Computing environment than the MinMin, MaxMin, Genetic Algorithm (GA) and Ant Colony Optimization (ACO) scheduling techniques. PMID:27384239

  3. Preparation of ultrasmall porous carbon nanospheres by reverse microemulsion-hydrothermal method

    Science.gov (United States)

    Wang, Jiasheng; Zhao, Yahong; Wang, Wan-Hui; Bao, Ming

    Porous carbon nanospheres (CNSs) have wide applications. A big challenge in materials science is synthesis of discrete ultrasmall porous carbon nanospheres. Herein, we report a facile reverse microemulsion-hydrothermal method to prepare discrete porous CNSs. The obtained CNSs possess an average diameter of 20nm and pores of 0.7nm and 3.4nm. Our work has provided a convenient method for the controllable synthesis of ultrasmall porous CNSs with potential applications.

  4. Climate Change Impact on the Southeastern Europe Security Environment and the Increasing Role of the Bulgarian Army as the World Warms

    Science.gov (United States)

    2016-06-10

    CLIMATE CHANGE IMPACT ON THE SOUTHEASTERN EUROPE SECURITY ENVIRONMENT AND THE INCREASING ROLE OF THE BULGARIAN ARMY AS THE WORLD WARMS...DD-MM-YYYY) 10-06-2016 2. REPORT TYPE Master’s Thesis 3. DATES COVERED (From - To) AUG 2015 – JUN 2016 4. TITLE AND SUBTITLE Climate Change ...14. ABSTRACT Climate change impacts on the security environment are real and have the potential to create unprecedented levels of risk through

  5. Security Investigation Database (SID)

    Data.gov (United States)

    US Agency for International Development — Security Investigation & Personnel Security Clearance - COTS personnel security application in a USAID virtualized environement that can support USAID's business...

  6. The strategic security officer.

    Science.gov (United States)

    Hodges, Charles

    2014-01-01

    This article discusses the concept of the strategic security officer, and the potential that it brings to the healthcare security operational environment. The author believes that training and development, along with strict hiring practices, can enable a security department to reach a new level of professionalism, proficiency and efficiency. The strategic officer for healthcare security is adapted from the "strategic corporal" concept of US Marine Corps General Charles C. Krulak which focuses on understanding the total force implications of the decisions made by the lowest level leaders within the Corps (Krulak, 1999). This article focuses on the strategic organizational implications of every security officer's decisions in the constantly changing and increasingly volatile operational environment of healthcare security.

  7. Flexible, Secure, and Reliable Data Sharing Service Based on Collaboration in Multicloud Environment

    Directory of Open Access Journals (Sweden)

    Qiang Wei

    2018-01-01

    Full Text Available Due to the abundant storage resources and high reliability data service of cloud computing, more individuals and enterprises are motivated to outsource their data to public cloud platform and enable legal data users to search and download what they need in the outsourced dataset. However, in “Paid Data Sharing” model, some valuable data should be encrypted before outsourcing for protecting owner’s economic benefits, which is an obstacle for flexible application. Specifically, if the owner does not know who (user will download which data files in advance and even does not know the attributes of user, he/she has to either remain online all the time or import a trusted third party (TTP to distribute the file decryption key to data user. Obviously, making the owner always remain online is too inflexible, and wholly depending on the security of TTP is a potential risk. In this paper, we propose a flexible, secure, and reliable data sharing scheme based on collaboration in multicloud environment. For securely and instantly providing data sharing service even if the owner is offline and without TTP, we distribute all encrypted split data/key blocks together to multiple cloud service providers (CSPs, respectively. An elaborate cryptographic protocol we designed helps the owner verify the correctness of data exchange bills, which is directly related to the owner’s economic benefits. Besides, in order to support reliable data service, the erasure-correcting code technic is exploited for tolerating multiple failures among CSPs, and we offer a secure keyword search mechanism that makes the system more close to reality. Extensive security analyses and experiments on real-world data show that our scheme is secure and efficient.

  8. Security for grids

    Energy Technology Data Exchange (ETDEWEB)

    Humphrey, Marty; Thompson, Mary R.; Jackson, Keith R.

    2005-08-14

    Securing a Grid environment presents a distinctive set of challenges. This paper groups the activities that need to be secured into four categories: naming and authentication; secure communication; trust, policy, and authorization; and enforcement of access control. It examines the current state of the art in securing these processes and introduces new technologies that promise to meet the security requirements of Grids more completely.

  9. Final Report: 03-LW-005 Space-Time Secure Communications for Hostile Environments

    Energy Technology Data Exchange (ETDEWEB)

    Candy, J V; Poggio, A J; Chambers, D H; Guidry, B L; Robbins, C L; Hertzog, C A; Dowla, F; Burke, G; Kane, R

    2005-10-31

    The development of communications for highly reverberative environments is a major concern for both the private and military sectors whether the application is aimed at the securing a stock order or stalking hostile in a tunnel or cave. Other such environments can range from a hostile urban setting populated with a multitude of buildings and vehicles to the simple complexity of a large number of sound sources that are common in the stock exchange, or military operations in an environment with a topographic features hills, valleys, mountains or even a maze of buried water pipes attempting to transmit information about any chemical anomalies in the water system servicing a city or town. These inherent obstructions cause transmitted signals to reflect, refract and disperse in a multitude of directions distorting both their shape and arrival times at network receiver locations. Imagine troops attempting to communicate on missions in underground caves consisting of a maze of chambers causing multiple echoes with the platoon leader trying to issue timely commands to neutralize terrorists. This is the problem with transmitting information in a complex environment. Waves are susceptible to multiple paths and distortions created by a variety of possible obstructions, which may exist in the particular propagation medium. This is precisely the communications problem we solve using the physics of wave propagation to not only mitigate the noxious effects created by the hostile medium, but also to utilize it in a constructive manner enabling a huge benefit in communications. We employ time-reversal (T/R) communications to accomplish this task. This project is concerned with the development of secure communications techniques that can operate even in the most extreme conditions while maintaining a secure link between host and client stations. We developed an approach based on the concept of time-reversal (T/R) signal processing. In fact, the development of T/R communication

  10. Enhanced Survey and Proposal to secure the data in Cloud Computing Environment

    OpenAIRE

    MR.S.SUBBIAH; DR.S.SELVA MUTHUKUMARAN; DR.T.RAMKUMAR

    2013-01-01

    Cloud computing have the power to eliminate the cost of setting high end computing infrastructure. It is a promising area or design to give very flexible architecture, accessible through the internet. In the cloud computing environment the data will be reside at any of the data centers. Due to that, some data center may leak the data stored on there, beyond the reach and control of the users. For this kind of misbehaving data centers, the service providers should take care of the security and...

  11. Security Analysis in the Migration to Cloud Environments

    Directory of Open Access Journals (Sweden)

    Eduardo Fernández-Medina

    2012-05-01

    Full Text Available Cloud computing is a new paradigm that combines several computing concepts and technologies of the Internet creating a platform for more agile and cost-effective business applications and IT infrastructure. The adoption of Cloud computing has been increasing for some time and the maturity of the market is steadily growing. Security is the question most consistently raised as consumers look to move their data and applications to the cloud. We justify the importance and motivation of security in the migration of legacy systems and we carry out an analysis of different approaches related to security in migration processes to cloud with the aim of finding the needs, concerns, requirements, aspects, opportunities and benefits of security in the migration process of legacy systems.

  12. Security Flaws in an Efficient Pseudo-Random Number Generator for Low-Power Environments

    Science.gov (United States)

    Peris-Lopez, Pedro; Hernandez-Castro, Julio C.; Tapiador, Juan M. E.; Millán, Enrique San; van der Lubbe, Jan C. A.

    In 2004, Settharam and Rhee tackled the design of a lightweight Pseudo-Random Number Generator (PRNG) suitable for low-power environments (e.g. sensor networks, low-cost RFID tags). First, they explicitly fixed a set of requirements for this primitive. Then, they proposed a PRNG conforming to these requirements and using a free-running timer [9]. We analyze this primitive discovering important security faults. The proposed algorithm fails to pass even relatively non-stringent batteries of randomness such as ENT (i.e. a pseudorandom number sequence test program). We prove that their recommended PRNG has a very short period due to the flawed design of its core. The internal state can be easily revealed, compromising its backward and forward security. Additionally, the rekeying algorithm is defectively designed mainly related to the unpractical value proposed for this purpose.

  13. Physics of societal issues calculations on national security, environment, and energy

    CERN Document Server

    Hafemeister, David

    2007-01-01

    Why this book on the Physics of Societal Issues? The subdivisions of physics - nuclear physics, particle physics, condensed-matter physics, biophysics - have their textbooks, while the subdivision of physics and society lacks an equation-oriented text on the physics of arms, energy and the environment. Physics of Societal Issues is intended for undergraduate and doctoral students who may work on applied topics, or who simply want to know why things are the way they are. Decisions guiding policies on nuclear arms, energy and the environment often seem mysterious and contradictory. What is the science behind the deployment of MIRVed ICBMs, the quest for space-based beam weapons, the fear of powerline EM fields, the wholesale acceptance of SUVs, the issues of climactic change, and the failure of the pre-embargo market to produce buildings and appliances that now save over 50 power plants? Physics of Societal Issues is three "mini-texts" in one: National Security (5 chapters): Weapons, offense, defense, verificat...

  14. Mastering wireless penetration testing for highly secured environments

    CERN Document Server

    Johns, Aaron

    2015-01-01

    This book is intended for security professionals who want to enhance their wireless penetration testing skills and knowledge. Since this book covers advanced techniques, you will need some previous experience in computer security and networking.

  15. Microsoft Azure security

    CERN Document Server

    Freato, Roberto

    2015-01-01

    This book is intended for Azure administrators who want to understand the application of security principles in distributed environments and how to use Azure to its full capability to reduce the risks of security breaches. Only basic knowledge of the security processes and services of Microsoft Azure is required.

  16. Information security architecture an integrated approach to security in the organization

    CERN Document Server

    Killmeyer, Jan

    2000-01-01

    An information security architecture is made up of several components. Each component in the architecture focuses on establishing acceptable levels of control. These controls are then applied to the operating environment of an organization. Functionally, information security architecture combines technical, practical, and cost-effective solutions to provide an adequate and appropriate level of security.Information Security Architecture: An Integrated Approach to Security in the Organization details the five key components of an information security architecture. It provides C-level executives

  17. Sowing the Seeds of Strategic Success Across West Africa: Propagating the State Partnership Program to Shape the Security Environment

    Science.gov (United States)

    2017-06-09

    region’s continued growth in economics , population, influence, and the correlating 17 increase in risks to stability from radicalization and...environment and stem the tide of regional instability . The National Guard’s State Partnership Program is a security cooperation tool that Geographic... instability . The National Guard’s State Partnership Program is a security cooperation tool that Geographic Combatant Commanders can leverage to enhance the

  18. Security in cloud computing and virtual environments

    OpenAIRE

    Aarseth, Raymond

    2015-01-01

    Cloud computing is a big buzzwords today. Just watch the commercials on TV and I can promise that you will hear the word cloud service at least once. With the growth of cloud technology steadily rising, and everything from cellphones to cars connected to the cloud, how secure is cloud technology? What are the caveats of using cloud technology? And how does it all work? This thesis will discuss cloud security and the underlying technology called Virtualization to ...

  19. The adoption of IT security standards in a healthcare environment.

    Science.gov (United States)

    Gomes, Rui; Lapão, Luís Velez

    2008-01-01

    Security is a vital part of daily life to Hospitals that need to ensure that the information is adequately secured. In Portugal, more CIOs are seeking that their hospital IS departments are properly protecting information assets from security threats. It is imperative to take necessary measures to ensure risk management and business continuity. Security management certification provides just such a guarantee, increasing patient and partner confidence. This paper introduces one best practice for implementing four security controls in a hospital datacenter infrastructure (ISO27002), and describes the security assessment for implementing such controls.

  20. Security: A Catalyst for Sustainable Development | Solomon | African ...

    African Journals Online (AJOL)

    This paper explores intricate nexus between security, and the challenges of promoting sustainable development in a volatile environment. It conceptualises security, sustainable development, and volatile environment. The paper argues that the volatile environment in the country has led to security breaches and slowed ...

  1. Computers, business, and security the new role for security

    CERN Document Server

    Schweitzer, James A

    1987-01-01

    Computers, Business, and Security: The New Role for Security addresses the professional security manager's responsibility to protect all business resources, with operating environments and high technology in mind. This book discusses the technological aspects of the total security programs.Organized into three parts encompassing 10 chapters, this book begins with an overview of how the developing information age is affecting business management, operations, and organization. This text then examines a number of vulnerabilities that arise in the process of using business computing and communicat

  2. Security culture for nuclear facilities

    Science.gov (United States)

    Gupta, Deeksha; Bajramovic, Edita

    2017-01-01

    Natural radioactive elements are part of our environment and radioactivity is a natural phenomenon. There are numerous beneficial applications of radioactive elements (radioisotopes) and radiation, starting from power generation to usages in medical, industrial and agriculture applications. But the risk of radiation exposure is always attached to operational workers, the public and the environment. Hence, this risk has to be assessed and controlled. The main goal of safety and security measures is to protect human life, health, and the environment. Currently, nuclear security considerations became essential along with nuclear safety as nuclear facilities are facing rapidly increase in cybersecurity risks. Therefore, prevention and adequate protection of nuclear facilities from cyberattacks is the major task. Historically, nuclear safety is well defined by IAEA guidelines while nuclear security is just gradually being addressed by some new guidance, especially the IAEA Nuclear Security Series (NSS), IEC 62645 and some national regulations. At the overall level, IAEA NSS 7 describes nuclear security as deterrence and detection of, and response to, theft, sabotage, unauthorized access, illegal transfer or other malicious acts involving nuclear, other radioactive substances and their associated facilities. Nuclear security should be included throughout nuclear facilities. Proper implementation of a nuclear security culture leads to staff vigilance and a high level of security posture. Nuclear security also depends on policy makers, regulators, managers, individual employees and members of public. Therefore, proper education and security awareness are essential in keeping nuclear facilities safe and secure.

  3. An Analysis of Security System for Intrusion in Smartphone Environment

    Directory of Open Access Journals (Sweden)

    Maya Louk

    2014-01-01

    Full Text Available There are many malware applications in Smartphone. Smartphone’s users may become unaware if their data has been recorded and stolen by intruders via malware. Smartphone—whether for business or personal use—may not be protected from malwares. Thus, monitoring, detecting, tracking, and notification (MDTN have become the main purpose of the writing of this paper. MDTN is meant to enable Smartphone to prevent and reduce the number of cybercrimes. The methods are shown to be effective in protecting Smartphone and isolating malware and sending warning in the form of notification to the user about the danger in progress. In particular, (a MDTN process is possible and will be enabled for Smartphone environment. (b The methods are shown to be an advanced security for private sensitive data of the Smartphone user.

  4. An analysis of security system for intrusion in Smartphone environment.

    Science.gov (United States)

    Louk, Maya; Lim, Hyotaek; Lee, HoonJae

    2014-01-01

    There are many malware applications in Smartphone. Smartphone's users may become unaware if their data has been recorded and stolen by intruders via malware. Smartphone--whether for business or personal use--may not be protected from malwares. Thus, monitoring, detecting, tracking, and notification (MDTN) have become the main purpose of the writing of this paper. MDTN is meant to enable Smartphone to prevent and reduce the number of cybercrimes. The methods are shown to be effective in protecting Smartphone and isolating malware and sending warning in the form of notification to the user about the danger in progress. In particular, (a) MDTN process is possible and will be enabled for Smartphone environment. (b) The methods are shown to be an advanced security for private sensitive data of the Smartphone user.

  5. Medical Information Security

    OpenAIRE

    William C. Figg, Ph.D.; Hwee Joo Kam, M.S.

    2011-01-01

    Modern medicine is facing a complex environment, not from medical technology but rather government regulations and information vulnerability. HIPPA is the government’s attempt to protect patient’s information yet this only addresses traditional record handling. The main threat is from the evolving security issues. Many medical offices and facilities have multiple areas of information security concerns. Physical security is often weak, office personnel are not always aware of security needs an...

  6. Considerations for Cloud Security Operations

    OpenAIRE

    Cusick, James

    2016-01-01

    Information Security in Cloud Computing environments is explored. Cloud Computing is presented, security needs are discussed, and mitigation approaches are listed. Topics covered include Information Security, Cloud Computing, Private Cloud, Public Cloud, SaaS, PaaS, IaaS, ISO 27001, OWASP, Secure SDLC.

  7. Cyber-physical security of Wide-Area Monitoring, Protection and Control in a smart grid environment.

    Science.gov (United States)

    Ashok, Aditya; Hahn, Adam; Govindarasu, Manimaran

    2014-07-01

    Smart grid initiatives will produce a grid that is increasingly dependent on its cyber infrastructure in order to support the numerous power applications necessary to provide improved grid monitoring and control capabilities. However, recent findings documented in government reports and other literature, indicate the growing threat of cyber-based attacks in numbers and sophistication targeting the nation's electric grid and other critical infrastructures. Specifically, this paper discusses cyber-physical security of Wide-Area Monitoring, Protection and Control (WAMPAC) from a coordinated cyber attack perspective and introduces a game-theoretic approach to address the issue. Finally, the paper briefly describes how cyber-physical testbeds can be used to evaluate the security research and perform realistic attack-defense studies for smart grid type environments.

  8. Cyber-physical security of Wide-Area Monitoring, Protection and Control in a smart grid environment

    Science.gov (United States)

    Ashok, Aditya; Hahn, Adam; Govindarasu, Manimaran

    2013-01-01

    Smart grid initiatives will produce a grid that is increasingly dependent on its cyber infrastructure in order to support the numerous power applications necessary to provide improved grid monitoring and control capabilities. However, recent findings documented in government reports and other literature, indicate the growing threat of cyber-based attacks in numbers and sophistication targeting the nation’s electric grid and other critical infrastructures. Specifically, this paper discusses cyber-physical security of Wide-Area Monitoring, Protection and Control (WAMPAC) from a coordinated cyber attack perspective and introduces a game-theoretic approach to address the issue. Finally, the paper briefly describes how cyber-physical testbeds can be used to evaluate the security research and perform realistic attack-defense studies for smart grid type environments. PMID:25685516

  9. A Secure and Robust User Authenticated Key Agreement Scheme for Hierarchical Multi-medical Server Environment in TMIS.

    Science.gov (United States)

    Das, Ashok Kumar; Odelu, Vanga; Goswami, Adrijit

    2015-09-01

    The telecare medicine information system (TMIS) helps the patients to gain the health monitoring facility at home and access medical services over the Internet of mobile networks. Recently, Amin and Biswas presented a smart card based user authentication and key agreement security protocol usable for TMIS system using the cryptographic one-way hash function and biohashing function, and claimed that their scheme is secure against all possible attacks. Though their scheme is efficient due to usage of one-way hash function, we show that their scheme has several security pitfalls and design flaws, such as (1) it fails to protect privileged-insider attack, (2) it fails to protect strong replay attack, (3) it fails to protect strong man-in-the-middle attack, (4) it has design flaw in user registration phase, (5) it has design flaw in login phase, (6) it has design flaw in password change phase, (7) it lacks of supporting biometric update phase, and (8) it has flaws in formal security analysis. In order to withstand these security pitfalls and design flaws, we aim to propose a secure and robust user authenticated key agreement scheme for the hierarchical multi-server environment suitable in TMIS using the cryptographic one-way hash function and fuzzy extractor. Through the rigorous security analysis including the formal security analysis using the widely-accepted Burrows-Abadi-Needham (BAN) logic, the formal security analysis under the random oracle model and the informal security analysis, we show that our scheme is secure against possible known attacks. Furthermore, we simulate our scheme using the most-widely accepted and used Automated Validation of Internet Security Protocols and Applications (AVISPA) tool. The simulation results show that our scheme is also secure. Our scheme is more efficient in computation and communication as compared to Amin-Biswas's scheme and other related schemes. In addition, our scheme supports extra functionality features as compared to

  10. Android security cookbook

    CERN Document Server

    Makan, Keith

    2013-01-01

    Android Security Cookbook' breaks down and enumerates the processes used to exploit and remediate Android app security vulnerabilities in the form of detailed recipes and walkthroughs.""Android Security Cookbook"" is aimed at anyone who is curious about Android app security and wants to be able to take the necessary practical measures to protect themselves; this means that Android application developers, security researchers and analysts, penetration testers, and generally any CIO, CTO, or IT managers facing the impeding onslaught of mobile devices in the business environment will benefit from

  11. Using the safety/security interface to the security manager's advantage

    International Nuclear Information System (INIS)

    Stapleton, B.W.

    1993-01-01

    Two aspects of the safety/security interface are discussed: (1) the personal safety of nuclear security officers; and (2) how the security manager can effectively deal with the safety/security interface in solving today's requirements yet supporting the overall mission of the facility. The basis of this presentation is the result of interviews, document analyses, and observations. The conclusion is that proper planning and communication between the players involved in the security/safety interface can benefit the two programs and help achieve overall system integration, ultimately contributing to the bottom line. This is especially important in today's cost conscious environment

  12. The Personal Information Security Assistant

    NARCIS (Netherlands)

    Kegel, Roeland Hendrik,Pieter

    The human element is often found to be the weakest link in the information security chain. The Personal Information Security Assistant project aims to address this by improving the privacy and security awareness of end-users and by aligning the user's personal IT environment to the user's security

  13. Population, environment and security: a new trinity.

    Science.gov (United States)

    Hartmann, B

    1998-10-01

    This paper critically examines the literature on the interaction between population, the environment, and development. It posits that population pressure and resource scarcities are unfairly blamed for internal conflicts in Africa, Asia, and Latin America. Internal conflicts are, in fact, affected by underlying economic and political causes (international companies, development assistance agencies, and military). This reasoning implies that the national security threats are environmental groups, poor women, and social change groups, which in fact should be integrated within solutions to poverty, environmental destruction, and violence. The US military's focus on "neutralizing environmental consequences that could lead to instability" and promoting sustainable development is misspecified and falls within the domain of civilian agencies. Use of military satellites by the US Central Intelligence Agency in environmental surveillance raises questions about the management of secret archives. The scarcity-conflict model has an indirect role in misshaping public opinion, legitimizes population control as a top priority, neglects gender issues, and dehumanizes refugees. Evidence indicates that the conflicts in Rwanda were the result of institutional failure and ethnic divisions. Homer-Dixon's model fails due to weak definitions of scarcity, ignorance of the role of colonial history and economic inequities, idealized views of the state, and neglect of external factors. The scarcity-conflict model is popular due to opportunism and political pragmatism. For the military, it provides new rationales for a huge budget.

  14. Assessing Psycho-Social Resilience in Diplomatic, Civilian & Military Personnel Serving in a High-Threat Security Environment during Counter-Insurgency and Counter-Terrorism Operations in Iraq

    Directory of Open Access Journals (Sweden)

    Anne Speckhard

    2012-08-01

    Full Text Available Currently thousands of military, diplomatic and civilian personnel are deployed under NATO, UN, and other multi-national, as well as national auspices in high-threat security environments, including active conflict zones such as Iraq and Afghanistan.  Soldiers are generally well trained and prepared psychologically to face armed conflict. Civilian contractors and diplomats, on the other hand, often are not.  Moreover in today’s high-threat security environments terrorists, insurgents and even child soldiers may be the opposing force, creating a more uncertain and anxiety provoking environment and more difficult to identify security threat. These facts have serious implications for the psycho-social resilience of diplomatic, civilian and military personnel deployed in such environments.  This article investigates psycho-social resilience in a small exploratory sample of US embassy staff, contractors and US forces serving in Iraq during 2007, a time when Improvised Explosive Devices (IEDs, roadside bombings, mortar attacks, kidnappings, murders and sniper fire were an everyday occurrence in Iraq.

  15. A survey of energy policy priorities in the United States: Energy supply security, economics, and the environment

    International Nuclear Information System (INIS)

    Manley, Dawn K.; Hines, Valerie A.; Jordan, Matthew W.; Stoltz, Ronald E.

    2013-01-01

    Security, environment, and economic concerns are commonly identified as three major objectives of energy policy. State and federal governments have set aggressive targets for carbon emissions reductions and for alternative fuel use and increased vehicle efficiency to reduce petroleum consumption. Moreover, jobs creation and GDP growth are often cited as key drivers for energy policies. Previous studies on energy policy decision-making have examined the process for developing and evaluating options using multi-criteria decision analysis tools. In addition, energy opinion polls have either elicited preferences between two goals or whether the public supports a specific policy action. In this article, we report results from a survey of 884 members of professional membership organizations on how the U.S. should prioritize energy policy across the goals of energy supply security, environment and climate, and economics and job creation. The majority favor policymaking that is balanced across all three. Security and economic concerns increase with age for male respondents, whereas environment is the highest priority for females regardless of age. Unlike previous surveys that target the general public and focus on a particular objective or technology, these results provide an example of eliciting a portfolio allocation across multiple energy policy goals from targeted constituents. - Highlights: • We surveyed 884 members of professional membership organizations on how the U.S. should prioritize energy policy. • The paper addresses direct elicitation of energy policy goal portfolio allocation for a large set of energy stakeholders. • The majority of respondents favor policymaking balanced across multiple goals. • We observed differences in priorities based on age and gender. • Respondents expressed a tension in allocating across goals that are interrelated

  16. Water security evaluation in Yellow River basin

    Science.gov (United States)

    Jiang, Guiqin; He, Liyuan; Jing, Juan

    2018-03-01

    Water security is an important basis for making water security protection strategy, which concerns regional economic and social sustainable development. In this paper, watershed water security evaluation index system including 3 levels of 5 criterion layers (water resources security, water ecological security and water environment security, water disasters prevention and control security and social economic security) and 24 indicators were constructed. The entropy weight method was used to determine the weights of the indexes in the system. The water security index of 2000, 2005, 2010 and 2015 in Yellow River basin were calculated by linear weighting method based on the relative data. Results show that the water security conditions continue to improve in Yellow River basin but still in a basic security state. There is still a long way to enhance the water security in Yellow River basin, especially the water prevention and control security, the water ecological security and water environment security need to be promoted vigorously.

  17. The clinical nurse specialist in an Irish hospital.

    Science.gov (United States)

    Wickham, Sheelagh

    2011-01-01

    This study was set in an acute Irish health care setting and aimed to explore the activity of the clinical nurse specialist (CNS) in this setting. Quantitative methodology, using a valid and reliable questionnaire, provided descriptive statistics that gave accurate data on the total population of CNSs in the health care setting. The study was set in an acute-care 750-bed hospital that had 25 CNSs in practice. The sample consisted of all 25 CNSs who are the total population of CNSs working in the acute health care institution. The findings show the CNS to be active in the roles of researcher, educator, communicator, change agent, leader, and clinical specialist, but the level of activity varies between different roles. There is variety in the activity of CNSs in the various roles and to what extent they enact the role. The findings merit further study on CNS role activity and possible variables that influence role activity.

  18. Systems Security Engineering

    Science.gov (United States)

    2010-08-22

    environment that contains network- borne cybersecurity threats, an argument may be made that the firewall increases overall system functionality by reserving...the number of administered devices. This approach to security analysis is at once old and new. In the early days of eCommerce , security

  19. About Security Solutions in Fog Computing

    Directory of Open Access Journals (Sweden)

    Eugen Petac

    2016-01-01

    Full Text Available The key for improving a system's performance, its security and reliability is to have the dataprocessed locally in remote data centers. Fog computing extends cloud computing through itsservices to devices and users at the edge of the network. Through this paper it is explored the fogcomputing environment. Security issues in this area are also described. Fog computing providesthe improved quality of services to the user by complementing shortages of cloud in IoT (Internet ofThings environment. Our proposal, named Adaptive Fog Computing Node Security Profile(AFCNSP, which is based security Linux solutions, will get an improved security of fog node withrich feature sets.

  20. About Security in Contemporary World

    Directory of Open Access Journals (Sweden)

    Ladislav Hofreiter

    2015-06-01

    Full Text Available The task to ensure security in contemporary world is a complicated political, scientific-technological and socio-economic problem. As the security itself is complicated, multifactor and hierarchized phenomen also its investigation has to be of an interdisciplinary character. The character of security environment, the character of security risks and threats and also the character of tools for their elimination are essentially changing. The basis to security of social subject consisted in arrangement of the conditions for their existence, to surviving in the present time and advancement into the future. Assurance of this condition means it provided ability to the social subjects to eliminated threats that are defined. In situations of asymmetrical security, the threats are not always clearly defined. They often consist of their own structure systems, in relationships and status the subjects of internationals relations. Asymmetrical of security, by our opinion, presents a discrepancy, unbalance, non-parity between subjects of the international security environment. The unbalance, discrepancy, non-parity has political, military, economic, law, social and societal dimensions.

  1. Two-stage Security Controls Selection

    NARCIS (Netherlands)

    Yevseyeva, I.; Basto, Fernandes V.; Moorsel, van A.; Janicke, H.; Michael, Emmerich T. M.

    2016-01-01

    To protect a system from potential cyber security breaches and attacks, one needs to select efficient security controls, taking into account technical and institutional goals and constraints, such as available budget, enterprise activity, internal and external environment. Here we model the security

  2. Securing MDSplus in a multi-organisation environment

    Energy Technology Data Exchange (ETDEWEB)

    Castro, R., E-mail: rodrigo.castro@ciemat.e [Asociacion EURATOM/CIEMAT para Fusion, Avda. Complutense, 22, 28040 Madrid (Spain); Vega, J. [Asociacion EURATOM/CIEMAT para Fusion, Avda. Complutense, 22, 28040 Madrid (Spain); Fredian, T. [MIT Plasma Science and Fusion Center, Massachusetts Institute of Technology, NW17-268, 175 Albany Street, Cambridge, MA 02494 (United States); Purahoo, K. [EURATOM/UKAEA Fusion Association, Culham Science Centre, Abingdon OX14 3DB (United Kingdom); Pereira, A.; Portas, A. [Asociacion EURATOM/CIEMAT para Fusion, Avda. Complutense, 22, 28040 Madrid (Spain)

    2010-07-15

    MDSplus has become the de facto standard data access method in the fusion community. Based on this, it was a priority for EFDA Federation to integrate this technology as a new service for federated users, providing secure access mechanisms to MDSplus compatible applications. To achieve this, it has been necessary to upgrade MDSplus and make it compatible with PAPI technology, which is currently used as security infrastructure in the EFDA Federation. Additionally, the included modifications are useful for future integrations in other federation technologies such as Shibboleth . The integration of MDSplus into a federated structure has several benefits. From the service management point of view, there is a simplification of the installation of new MDSplus services in fusion community and its corresponding security management. From the user point of view, the integration of MDSplus into a federated structure has several advantages. The first one is user mobility, which is the possibility of accessing data independently of his client IP address. The second one is a multi-organisation infrastructure, so the user can access data from different organisations that implement MDSplus interface. Finally, single sign on PAPI feature enables users to access to different MDSplus data sources, and other federated services, with just one authentication.

  3. The corporate security professional

    DEFF Research Database (Denmark)

    Petersen, Karen Lund

    2013-01-01

    In our age of globalization and complex threat environments, every business is called upon to manage security. This tendency is reflected in the fact that a wide range of businesses increasingly think about security in broad terms and strive to translate national security concerns into corporate...... speech. This article argues that the profession of the security manager has become central for understanding how the relationship between national and corporate security is currently negotiated. The national security background of most private sector security managers makes the corporate security...... professional inside the company a powerful hybrid agent. By zooming in on the profession and the practice of national security inside companies, the article raises questions about where to draw the line between corporate security and national security along with the political consequences of the constitution...

  4. Enhancing the Security of Customer Data in Cloud Environments Using a Novel Digital Fingerprinting Technique

    Directory of Open Access Journals (Sweden)

    Nithya Chidambaram

    2016-01-01

    Full Text Available With the rapid rise of the Internet and electronics in people’s life, the data related to it has also undergone a mammoth increase in magnitude. The data which is stored in the cloud can be sensitive and at times needs a proper file storage system with a tough security algorithm. Whereas cloud is an open shareable elastic environment, it needs impenetrable and airtight security. This paper deals with furnishing a secure storage system for the above-mentioned purpose in the cloud. To become eligible to store data a user has to register with the cloud database. This prevents unauthorized access. The files stored in the cloud are encrypted with RSA algorithm and digital fingerprint for the same has been generated through MD5 message digest before storage. The RSA provides unreadability of data to anyone without the private key. MD5 makes it impossible for any changes on data to go unnoticed. After the application of RSA and MD5 before storage, the data becomes resistant to access or modifications by any third party and to intruders of cloud storage system. This application is tested in Amazon Elastic Compute Cloud Web Services.

  5. Cloud Infrastructure Security

    OpenAIRE

    Velev , Dimiter; Zlateva , Plamena

    2010-01-01

    Part 4: Security for Clouds; International audience; Cloud computing can help companies accomplish more by eliminating the physical bonds between an IT infrastructure and its users. Users can purchase services from a cloud environment that could allow them to save money and focus on their core business. At the same time certain concerns have emerged as potential barriers to rapid adoption of cloud services such as security, privacy and reliability. Usually the information security professiona...

  6. On Secure Workflow Decentralisation on the Internet

    Directory of Open Access Journals (Sweden)

    Petteri Kaskenpalo

    2010-06-01

    Full Text Available Decentralised workflow management systems are a new research area, where most work to-date has focused on the system's overall architecture. As little attention has been given to the security aspects in such systems, we follow a security driven approach, and consider, from the perspective of available security building blocks, how security can be implemented and what new opportunities are presented when empowering the decentralised environment with modern distributed security protocols. Our research is motivated by a more general question of how to combine the positive enablers that email exchange enjoys, with the general benefits of workflow systems, and more specifically with the benefits that can be introduced in a decentralised environment. This aims to equip email users with a set of tools to manage the semantics of a message exchange, contents, participants and their roles in the exchange in an environment that provides inherent assurances of security and privacy. This work is based on a survey of contemporary distributed security protocols, and considers how these protocols could be used in implementing a distributed workflow management system with decentralised control . We review a set of these protocols, focusing on the required message sequences in reviewing the protocols, and discuss how these security protocols provide the foundations for implementing core control-flow, data, and resource patterns in a distributed workflow environment.

  7. Secure Encapsulation and Publication of Biological Services in the Cloud Computing Environment

    Science.gov (United States)

    Zhang, Weizhe; Wang, Xuehui; Lu, Bo; Kim, Tai-hoon

    2013-01-01

    Secure encapsulation and publication for bioinformatics software products based on web service are presented, and the basic function of biological information is realized in the cloud computing environment. In the encapsulation phase, the workflow and function of bioinformatics software are conducted, the encapsulation interfaces are designed, and the runtime interaction between users and computers is simulated. In the publication phase, the execution and management mechanisms and principles of the GRAM components are analyzed. The functions such as remote user job submission and job status query are implemented by using the GRAM components. The services of bioinformatics software are published to remote users. Finally the basic prototype system of the biological cloud is achieved. PMID:24078906

  8. Secure Encapsulation and Publication of Biological Services in the Cloud Computing Environment

    Directory of Open Access Journals (Sweden)

    Weizhe Zhang

    2013-01-01

    Full Text Available Secure encapsulation and publication for bioinformatics software products based on web service are presented, and the basic function of biological information is realized in the cloud computing environment. In the encapsulation phase, the workflow and function of bioinformatics software are conducted, the encapsulation interfaces are designed, and the runtime interaction between users and computers is simulated. In the publication phase, the execution and management mechanisms and principles of the GRAM components are analyzed. The functions such as remote user job submission and job status query are implemented by using the GRAM components. The services of bioinformatics software are published to remote users. Finally the basic prototype system of the biological cloud is achieved.

  9. Secure encapsulation and publication of biological services in the cloud computing environment.

    Science.gov (United States)

    Zhang, Weizhe; Wang, Xuehui; Lu, Bo; Kim, Tai-hoon

    2013-01-01

    Secure encapsulation and publication for bioinformatics software products based on web service are presented, and the basic function of biological information is realized in the cloud computing environment. In the encapsulation phase, the workflow and function of bioinformatics software are conducted, the encapsulation interfaces are designed, and the runtime interaction between users and computers is simulated. In the publication phase, the execution and management mechanisms and principles of the GRAM components are analyzed. The functions such as remote user job submission and job status query are implemented by using the GRAM components. The services of bioinformatics software are published to remote users. Finally the basic prototype system of the biological cloud is achieved.

  10. China's energy security and strategic choices

    International Nuclear Information System (INIS)

    Pellistrandi, J.

    2010-01-01

    Considering the present day international political and economical situation, China's energy security covers five important aspects: energy supplies security, energy prices security, environment security with respect to energy consumption, energy transport security, R and D security in the domain of energy resources exploration, exploitation and utilisation. Considering the above-mentioned aspects, China's strategic choices should include five major goals: counting on its own energy resources and giving priority to energy saving, participating to the international competition and implementing a national strategic reserves system, readjusting the energy consumption structure and promoting environment protection by developing nuclear energy, harmonizing China's relations with some countries and avoiding political and military conflicts, increasing investment in energy R and D, in particular in clean coal, nuclear, automotive, renewable energy and energy saving technologies. (J.S.)

  11. MODEL-BASED SECURITY ENGINEERING OF SOA SYSTEM USING SECURITY INTENT DSL

    OpenAIRE

    Muhammad Qaiser Saleem; Jafreezal Jaafar; Mohd Fadzil Hassan

    2011-01-01

    Currently most of the enterprises are using SOA and web services technologies to build their web information system. They are using MDA principles for design and development of WIS and using UML as a modelling language for business process modelling. Along with the increased connectivity in SOA environment, security risks rise exponentially. Security is not defined during the early phases of development and left onto developer. Properly configuring security requirements in SOA applications is...

  12. Protecting America's economy, environment, health, and security against invasive species requires a strong federal program in systematic biology

    Science.gov (United States)

    Hilda Diaz-Soltero; Amy Y. Rossman

    2011-01-01

    Systematics is the science that identifies and groups organisms by understanding their origins, relationships, and distributions. It is fundamental to understanding life on earth, our crops, wildlife, and diseases, and it provides the scientific foundation to recognize and manage invasive species. Protecting America's economy, environment, health, and security...

  13. Security planning an applied approach

    CERN Document Server

    Lincke, Susan

    2015-01-01

    This book guides readers through building an IT security plan. Offering a template, it helps readers to prioritize risks, conform to regulation, plan their defense and secure proprietary/confidential information. The process is documented in the supplemental online security workbook. Security Planning is designed for the busy IT practitioner, who does not have time to become a security expert, but needs a security plan now. It also serves to educate the reader of a broader set of concepts related to the security environment through the Introductory Concepts and Advanced sections. The book serv

  14. Securing MDSplus in a Multi-organization Environment

    Energy Technology Data Exchange (ETDEWEB)

    Castro, R.; Vega, J.; Pereira, A.; Portas, A. [Asociation Euratom/CIEMAT para Fusion, Madrid (Spain); Fredian, T. [MIT Plasma Science and Fusion Center, Littleton, NH (United States); Purahoo, K. [EURATOM/UKAEA Fusion Association, Abingdon (United Kingdom)

    2009-07-01

    MDSplus has become a real standard de facto data access method in the fusion community. Based on this, it was a priority for EFDA-Federation to integrate this technology as a new service for federated users, providing secure access mechanisms to MDSplus compatible applications. To achieve this, it has been necessary to upgrade MDSplus and make it compatible with PAPI technology, which is currently used as security infrastructure in the EFDA-Federation. Additionally, the included modifications are useful for future integrations in other federation technologies such as Shibboleth. The integration of MDSplus into a federated structure has several benefits. From the service management point of view, there is a simplification of the installation of new MDSplus services in fusion community and its corresponding security management. From the user point of view, the integration of MDSplus into a federated structure has several advantages. The first one is user mobility, which is the possibility of accessing data independently of his client IP address. The second one is a multi-organisation infrastructure, so the user can access data from different organisations that implement MDSplus interface. Finally, single sign on PAPI feature enables users to access to different MDSplus data sources, and other federated services, with just one authentication. This document is composed of a poster and its abstract. (authors)

  15. 40 CFR 265.14 - Security.

    Science.gov (United States)

    2010-07-01

    ... 40 Protection of Environment 25 2010-07-01 2010-07-01 false Security. 265.14 Section 265.14... Facility Standards § 265.14 Security. (a) The owner or operator must prevent the unknowing entry, and...) for discussion of security requirements at disposal facilities during the post-closure care period...

  16. Additional Security Considerations for Grid Management

    Science.gov (United States)

    Eidson, Thomas M.

    2003-01-01

    The use of Grid computing environments is growing in popularity. A Grid computing environment is primarily a wide area network that encompasses multiple local area networks, where some of the local area networks are managed by different organizations. A Grid computing environment also includes common interfaces for distributed computing software so that the heterogeneous set of machines that make up the Grid can be used more easily. The other key feature of a Grid is that the distributed computing software includes appropriate security technology. The focus of most Grid software is on the security involved with application execution, file transfers, and other remote computing procedures. However, there are other important security issues related to the management of a Grid and the users who use that Grid. This note discusses these additional security issues and makes several suggestions as how they can be managed.

  17. Saturated versus unsaturated hydrocarbon interactions with carbon nanostructures

    Directory of Open Access Journals (Sweden)

    Deivasigamani eUmadevi

    2014-09-01

    Full Text Available The interactions of various acyclic and cyclic hydrocarbons in both saturated and unsaturated forms with the carbon nanostructures (CNSs have been explored by using density functional theory (DFT calculations. Model systems representing armchair and zigzag carbon nanotubes (CNTs and graphene have been considered to investigate the effect of chirality and curvature of the CNSs towards these interactions. Results of this study reveal contrasting binding nature of the acyclic and cyclic hydrocarbons towards CNSs. While the saturated molecules show stronger binding affinity in acyclic hydrocarbons; the unsaturated molecules exhibit higher binding affinity in cyclic hydrocarbons. In addition, acyclic hydrocarbons exhibit stronger binding affinity towards the CNSs when compared to their corresponding cyclic counterparts. The computed results excellently corroborate the experimental observations. The interaction of hydrocarbons with graphene is more favourable when compared with CNTs. Bader’s theory of atoms in molecules has been invoked to characterize the noncovalent interactions of saturated and unsaturated hydrocarbons. Our results are expected to provide useful insights towards the development of rational strategies for designing complexes with desired noncovalent interaction involving CNSs.

  18. The Dynamic VPN Controller. Secure Information Sharing in a Coalition Environment

    Science.gov (United States)

    2005-03-01

    coalitionName=" COALA "> <Security>Class A</Security> <Site siteName="SITE1"> <Remote> <Hostname>dvc.site1.com</Hostname> <IPAddress...34 COALA "> <Security>Class A</Security> <Site siteName="SITE1"> <Remote> <Hostname>dvc.site1.com</Hostname> <IPAddress>10.1.1.1

  19. Data Security

    OpenAIRE

    Lopez, Diego

    2013-01-01

    Training specialists in the field of data security and security administrators for the information systems represents a significant priority demanded by both governmental environments and the central and local administrations, as well as by the private sector - companies, banks. They are responsible for implementing information services and systems, but they are also their beneficiaries, with applicability in fields such as: e government, e-administration, e-banking, e-commerce, e-payment, wh...

  20. 40 CFR 264.14 - Security.

    Science.gov (United States)

    2010-07-01

    ... 40 Protection of Environment 25 2010-07-01 2010-07-01 false Security. 264.14 Section 264.14... Standards § 264.14 Security. (a) The owner or operator must prevent the unknowing entry, and minimize the...) for discussion of security requirements at disposal facilities during the post-closure care period...

  1. Tele-Lab IT-Security: an Architecture for an online virtual IT Security Lab

    Directory of Open Access Journals (Sweden)

    Christoph Meinel

    2008-05-01

    Full Text Available Recently, Awareness Creation in terms of IT security has become a big thing – not only for enterprises. Campaigns for pupils try to highlight the importance of IT security even in the user’s early years. Common practices in security education – as seen in computer science courses at universities – mainly consist of literature and lecturing. In the best case, the teaching facility offers practical courses in a dedicated isolated computer lab. Additionally, there are some more or less interactive e-learning applications around. Most existing offers can do nothing more than impart theoretical knowledge or basic information. They all lack of possibilities to provide practical experience with security software or even hacker tools in a realistic environment. The only exceptions are the expensive and hard-to-maintain dedicated computer security labs. Those can only be provided by very few organizations. Tele-Lab IT-Security was designed to offer hands-on experience exercises in IT security without the need of additional hardware or maintenance expenses. The existing implementation of Tele-Lab even provides access to the learning environment over the Internet – and thus can be used anytime and anywhere. The present paper describes the extended architecture on which the current version of the Tele-Lab server is built.

  2. European Security Organizations in the Post-Cold-War Security Environment. The New Frame of European Security

    National Research Council Canada - National Science Library

    Bugai, Veaceslav

    2006-01-01

    .... In particular, it gives an over view of the transformations that occurred within NATO and OSCE in the post-Cold War period, which have created and developed new security mechanisms and policies for dealing with crises...

  3. Security challenges for virtualization in cloud

    International Nuclear Information System (INIS)

    Tayab, A.

    2015-01-01

    Virtualization is a model that is vastly growing in IT industry. Virtualization provides more than one logical resource in one single physical machine. Infrastructure use cloud services and on behalf of virtualization, cloud computing is also a rapidly growing model of IT industry. Cloud provider and cloud user, both remain ignorant of each other's security. Since virtualization and cloud computing are rapidly expanding and becoming more and more complex in infrastructure, more security is required to protect them from potential attacks and security threats. Virtualization provides various benefits in terms of hardware utilization, resources protection, remote access and other resources. This paper intends to discuss the common exploits of security uses in the virtualized environment and focuses on the security threats from the attacker's perspective. This paper discuss the major areas of virtualized model environment and also address the security concerns. And finally presents a solution for secure valorization in IT infrastructure and to protect inter communication of virtual machines. (author)

  4. Changing Homeland Security: Ten Essential Homeland Security Books

    National Research Council Canada - National Science Library

    Bellavita, Christopher

    2007-01-01

    .... The list is personal and provisional. The discipline is too new to have a canon. We need to continuously examine what is signal and what is background noise in homeland security's academic environment...

  5. Operating Nuclear Power Stations in a Regulated Cyber Security Environment

    Energy Technology Data Exchange (ETDEWEB)

    Dorman, E.

    2014-07-01

    The United States Nuclear Regulatory Commission (NRC) issued 10CFR73.54 to implement a regulated Cyber Security Program at each operating nuclear reactor facility. Milestones were implemented December 31, 2012 to mitigate the attack vectors for the most critical digital assets acknowledged by the industry and the NR C. The NRC inspections have begun. The nuclear Cyber Security Plan, implemented by the site Cyber Security Program (Program), is an element of the operating license at each facility. (Author)

  6. Operating Nuclear Power Stations in a Regulated Cyber Security Environment

    International Nuclear Information System (INIS)

    Dorman, E.

    2014-01-01

    The United States Nuclear Regulatory Commission (NRC) issued 10CFR73.54 to implement a regulated Cyber Security Program at each operating nuclear reactor facility. Milestones were implemented December 31, 2012 to mitigate the attack vectors for the most critical digital assets acknowledged by the industry and the NR C. The NRC inspections have begun. The nuclear Cyber Security Plan, implemented by the site Cyber Security Program (Program), is an element of the operating license at each facility. (Author)

  7. Information Security and People: A Conundrum for Compliance

    Directory of Open Access Journals (Sweden)

    Hiep Cong Pham

    2017-01-01

    Full Text Available This evaluation of end-users and IT experts/managers’ attitudes towards performing IT security tasks indicates important differences between their perspectives on what is and is not necessary to establish a secure corporate IT environment. Through a series of case studies, this research illustrates that making it easier for end-users to comply does not necessarily equate to enhanced implementation of security measures. End-users want to be autonomous, competent, self-motivated and active participants in the development of secure environments. However, managers and experts want to limit autonomy to ensure that procedures are followed closely, rather than permitting flexibility. This results in the creation of environments that are intrinsically de-motivating rather than motivating end-users to become self-determined and self-regulating co-creators of a secure IT environment. The paper also discusses alternative approaches to developing a human system that works for end-users and experts.

  8. Coping with Security in Programming

    OpenAIRE

    Frank Schindler

    2006-01-01

    This article deals with importance of security issues in computer programming.Secure software can only be designed with security as a primary goal. To achieve that wewould have to redesign our computer systems with security in our mind including entirecomputer environment, e.g. hardware, programming languages and, of course, operatingsystems. In software development process the quality of resulting computer code should bethe most important aspect during the whole program development process. ...

  9. Remote sensing evaluation of fire hazard : Towards operational tools for improving the security of citizens and protecting the environment

    NARCIS (Netherlands)

    Maffei, C.; Gambardella, C.; Menenti, M.

    2015-01-01

    Forest fires are a threat for both the environment and the security of citizens. This is particularly relevant in the Mediterranean, where the population density is high, and long dry summers drive vegetation into fireprone conditions. Policy makers underline the key role of prevention over damage

  10. Implementing healthcare information security: standards can help.

    Science.gov (United States)

    Orel, Andrej; Bernik, Igor

    2013-01-01

    Using widely spread common approaches to systems security in health dedicated controlled environments, a level of awareness, confidence and acceptance of relevant standardisation is evaluated. Patients' information is sensitive, so putting appropriate organisational techniques as well as modern technology in place to secure health information is of paramount importance. Mobile devices are becoming the top priorities in advanced information security planning with healthcare environments being no exception. There are less and less application areas in healthcare without having a need for a mobile functionality which represents an even greater information security challenge. This is also true in emergency treatments, rehabilitation and homecare just to mention a few areas outside hospital controlled environments. Unfortunately quite often traditional unsecured communications principles are still in routine use for communicating sensitive health related information. The security awareness level with users, patients and care professionals is not high enough so potential threats and risks may not be addressed and the respective information security management is therefore weak. Standards like ISO/IEC 27000 ISMS family, the ISO/IEC 27799 information security guidelines in health are often not well known, but together with legislation principles such as HIPAA, they can help.

  11. International Nuclear Security

    Energy Technology Data Exchange (ETDEWEB)

    Doyle, James E. [Los Alamos National Laboratory

    2012-08-14

    This presentation discusses: (1) Definitions of international nuclear security; (2) What degree of security do we have now; (3) Limitations of a nuclear security strategy focused on national lock-downs of fissile materials and weapons; (4) What do current trends say about the future; and (5) How can nuclear security be strengthened? Nuclear security can be strengthened by: (1) More accurate baseline inventories; (2) Better physical protection, control and accounting; (3) Effective personnel reliability programs; (4) Minimize weapons-usable materials and consolidate to fewer locations; (5) Consider local threat environment when siting facilities; (6) Implement pledges made in the NSS process; and (7) More robust interdiction, emergency response and special operations capabilities. International cooperation is desirable, but not always possible.

  12. OpenLabs Security Laboratory - The Online Security Experiment Platform

    OpenAIRE

    Johan Zackrisson; Charlie Svahnberg

    2008-01-01

    For experiments to be reproducible, it is important to have a known and controlled environment. This requires isolation from the surroundings. For security experiments, e.g. with hostile software, this is even more important as the experiment can affect the environment in adverse ways. In a normal campus laboratory, isolation can be achieved by network separation. For an online environment, where remote control is essential, separation and isolation are still needed, and therefore the securit...

  13. Emerging trends in ICT security

    CERN Document Server

    Akhgar, Babak

    2013-01-01

    Emerging Trends in ICT Security, an edited volume, discusses the foundations and theoretical aspects of ICT security; covers trends, analytics, assessments and frameworks necessary for performance analysis and evaluation; and gives you the state-of-the-art knowledge needed for successful deployment of security solutions in many environments. Application scenarios provide you with an insider's look at security solutions deployed in real-life scenarios, including but limited to smart devices, biometrics, social media, big data security, and crowd sourcing. Provides a multidisciplinary approach

  14. The new strategic balance and cooperative security

    International Nuclear Information System (INIS)

    Simpson, J.

    1995-01-01

    The new strategic balance and cooperative security in the world now is discussed including the following issues: strategic balances and the features of the old strategic environment; the main characteristics of the new political and security environment; the future role of nuclear weapons; the role of arms limitation agreements

  15. Integrity and security in an Ada runtime environment

    Science.gov (United States)

    Bown, Rodney L.

    1991-01-01

    A review is provided of the Formal Methods group discussions. It was stated that integrity is not a pure mathematical dual of security. The input data is part of the integrity domain. The group provided a roadmap for research. One item of the roadmap and the final position statement are closely related to the space shuttle and space station. The group's position is to use a safe subset of Ada. Examples of safe sets include the Army Secure Operating System and the Penelope Ada verification tool. It is recommended that a conservative attitude is required when writing Ada code for life and property critical systems.

  16. Simple & Secure: Attitude and behaviour towards security and usability in internet products and services at home

    NARCIS (Netherlands)

    Wolthuis, R.; Broenink, E.G.; Fransen, F.; Schultz, S.; Vries, A. de

    2010-01-01

    This paper is the result of research on the security perception of users in ICT services and equipment. We analyze the rationale of users to have an interest in security and to decide to change security parameters of equipment and services. We focus on the home environment, where more and more

  17. Privacy vs security

    CERN Document Server

    Stalla-Bourdillon, Sophie; Ryan, Mark D

    2014-01-01

    Securing privacy in the current environment is one of the great challenges of today's democracies. Privacy vs. Security explores the issues of privacy and security and their complicated interplay, from a legal and a technical point of view. Sophie Stalla-Bourdillon provides a thorough account of the legal underpinnings of the European approach to privacy and examines their implementation through privacy, data protection and data retention laws. Joshua Philips and Mark D. Ryan focus on the technological aspects of privacy, in particular, on today's attacks on privacy by the simple use of today'

  18. Towards an automated security awareness system in a virtualized environment

    CSIR Research Space (South Africa)

    Labuschagne, WA

    2012-07-01

    Full Text Available resources. This is an efficient solution to access the Internet. However users might not be aware of the security threats that exist on using shared resources. Many companies provide security solutions to automatically protect resources on the network...

  19. A description of the roles, activities, and skills of clinical nurse specialists in the United States.

    Science.gov (United States)

    Scott, R A

    1999-07-01

    Clinical nurse specialists (CNSs) frequently adapt to meet the challenging and changing needs of patients, families, nurses, physicians, and institutions, thus creating an advance practice role that is problematic in definition and description. The two dilemmas associated with CNSs have been role confusion and ambiguity, and the inability to explicate CNSs' value in economic terms. The purpose of this study was to describe the roles, activities, skills, and the cost-saving and revenue-generating activities of Master's-prepared nurses who function in traditional CNS roles in the United States. A descriptive research design was employed, using Role Theory as a framework to guide the study. The tool used to measure CNS practice included a 68-item instrument. It was pretested and used in two pilot studies. Content validity was supported by three experienced CNSs who were, at the time, in a doctoral nursing program. Instrument reliability was 0.89. Surveys were mailed to all individuals who subscribed (n = 2379) to the Clinical Nurse Specialist Journal. From the convenience sample, 724 CNSs participated, providing a margin of error of +/- 4 percentage points with a 99% confidence level. Regarding the five role components, CNSs reported (listed from most frequently to least frequently) spending time in the role of expert practitioner, educator, consultant, administrator, and researcher. Most of the activities listed in each of the roles were typical of CNS practice. Of the advanced practice roles, the two with the most surprising results were the expert practitioner and administrator roles. The results indicated a trend toward performing advanced skills that have been in the past considered solely medical practice and toward increasing administrative responsibilities. A small number of CNSs were able to identify cost-saving and revenue-generating activities, including the monetary value of the activity.

  20. Understanding the security management practices of humanitarian organizations.

    Science.gov (United States)

    Bollettino, Vincenzo

    2008-06-01

    Humanitarian organisations operate in increasingly hostile environments. Although authoritative statistics are scarce, anecdotal evidence suggests that aid workers face life-threatening risks that are exacerbated by the growing number of humanitarian organisations operating in the field, the diversity of their mandates, the lack of common professional security standards, and limited success in inter-agency security coordination. Despite broad acceptance of the need for better security management and coordination, many humanitarian organisations remain ambivalent about devoting increased resources to security management and security coordination. A critical lack of basic empirical knowledge of the field security environment hampers efforts to enhance security management practices. The absence of a systematic means of sharing incident data undermines the capacity of the humanitarian community to address proactively security threats. In discussions about humanitarian staff safety and security, the least common denominator remains cumulative anecdotal evidence provided by the many security personnel working for humanitarian organisations in the feld.

  1. The Future Security Environment: Why the U.S. Army Must Differentiate and Grow Millennial Officer Talent

    Science.gov (United States)

    2015-09-01

    and M. Epstein, “ Millennials and the World of Work: An Organizational and Management Perspective,” Journal of Business and Psychology, Vol. 25, 2010...Why the U.S. Army Must Differentiate and Grow Millennial Officer Talent FOR THIS AND OTHER PUBLICATIONS, VISIT US AT http://www.carlisle.army.mil...SUBTITLE The Future Security Environment: Why the U.S. Army Must Differentiate and Grow Millennial Officer Talent 5a. CONTRACT NUMBER 5b. GRANT NUMBER 5c

  2. Measuring Stability and Security in Iraq

    National Research Council Canada - National Science Library

    2006-01-01

    ... of the report, "Stability and Security in Iraq," describes trends and progress towards meeting goals for political stability, strengthening economic activity, and achieving a stable security environment in Iraq...

  3. Information security management principles

    CERN Document Server

    Taylor, Andy; Finch, Amanda; Sutton, David; Taylor, Andy

    2013-01-01

    In today's technology-driven environment, there is an ever-increasing demand for information delivery. A compromise has to be struck between security and availability. This book is a pragmatic guide to information assurance for both business professionals and technical experts. This second edition includes the security of cloud-based resources.

  4. Nonvolatile write-once-read-many-times memory device with functionalized-nanoshells/PEDOT:PSS nanocomposites

    International Nuclear Information System (INIS)

    Avila-Nino, J.A.; Segura-Cardenas, E.; Sustaita, A.O.; Cruz-Cruz, I.; Lopez-Sandoval, R.; Reyes-Reyes, M.

    2011-01-01

    We have investigated the memory effect of the nanocomposites of functionalized carbon nanoshells (f-CNSs) mixed with poly(3,4-ethylenedioxythiophene) doped with polystyrenesulfonate (PEDOT:PSS) polymer. The f-CNSs were synthesized by the spray pyrolysis method and functionalized in situ with functional groups (OH, COOH, C-H, C-OH) with the aim of improving their compatibility in the aqueous dispersion of PEDOT:PSS. The current-voltage (I-V) sweep curves at room temperature for the Al/f-CNSs, for certain concentrations range, embedded in a PEDOT:PSS layer/Al devices showed electrical bistability for write-once-read-many-times (WORM) memory devices. The memory effect observed in the devices can be explained due to the existence of trapped charges in the f-CNSs/PEDOT:PSS layer. The carrier transport mechanisms for the memory devices is studied and discussed.

  5. Nonvolatile write-once-read-many-times memory device with functionalized-nanoshells/PEDOT:PSS nanocomposites

    Energy Technology Data Exchange (ETDEWEB)

    Avila-Nino, J.A.; Segura-Cardenas, E. [Universidad Autonoma de San Luis Potosi, Instituto de Investigacion en Comunicacion Optica, Alvaro Obregon 64 Zona Centro, 78000 SLP (Mexico); Sustaita, A.O. [Instituto Potosino de Investigacion Cientifica y Tecnologica, Camino a la presa San Jose 2055, CP 78216, San Luis Potosi (Mexico); Cruz-Cruz, I. [Universidad Autonoma de San Luis Potosi, Instituto de Investigacion en Comunicacion Optica, Alvaro Obregon 64 Zona Centro, 78000 SLP (Mexico); Lopez-Sandoval, R. [Instituto Potosino de Investigacion Cientifica y Tecnologica, Camino a la presa San Jose 2055, CP 78216, San Luis Potosi (Mexico); Reyes-Reyes, M., E-mail: reyesm@iico.uaslp.mx [Universidad Autonoma de San Luis Potosi, Instituto de Investigacion en Comunicacion Optica, Alvaro Obregon 64 Zona Centro, 78000 SLP (Mexico)

    2011-03-25

    We have investigated the memory effect of the nanocomposites of functionalized carbon nanoshells (f-CNSs) mixed with poly(3,4-ethylenedioxythiophene) doped with polystyrenesulfonate (PEDOT:PSS) polymer. The f-CNSs were synthesized by the spray pyrolysis method and functionalized in situ with functional groups (OH, COOH, C-H, C-OH) with the aim of improving their compatibility in the aqueous dispersion of PEDOT:PSS. The current-voltage (I-V) sweep curves at room temperature for the Al/f-CNSs, for certain concentrations range, embedded in a PEDOT:PSS layer/Al devices showed electrical bistability for write-once-read-many-times (WORM) memory devices. The memory effect observed in the devices can be explained due to the existence of trapped charges in the f-CNSs/PEDOT:PSS layer. The carrier transport mechanisms for the memory devices is studied and discussed.

  6. Survey on Security Issues in File Management in Cloud Computing Environment

    Science.gov (United States)

    Gupta, Udit

    2015-06-01

    Cloud computing has pervaded through every aspect of Information technology in past decade. It has become easier to process plethora of data, generated by various devices in real time, with the advent of cloud networks. The privacy of users data is maintained by data centers around the world and hence it has become feasible to operate on that data from lightweight portable devices. But with ease of processing comes the security aspect of the data. One such security aspect is secure file transfer either internally within cloud or externally from one cloud network to another. File management is central to cloud computing and it is paramount to address the security concerns which arise out of it. This survey paper aims to elucidate the various protocols which can be used for secure file transfer and analyze the ramifications of using each protocol.

  7. Securing wireless communications at the physical layer

    CERN Document Server

    Liu, Ruoheng

    2009-01-01

    Throughout this book there is an underlying theme that the rich multipath environment that is typical of wireless scenarios supports the establishment of new security services at the physical layer, including new mechanisms that establish cryptographic keys, that support communication with assured confidentiality, and that can authenticate transmitters in mobile environments. The book takes a holistic approach to covering topics related to physical layer security solutions, with contributions ranging from the theoretical underpinnings behind secure communications to practical systems validatio

  8. A Holistic and Immune System inspired Security Framework

    OpenAIRE

    Mwakalinga, G. Jeffy; Yngström, Louise; Kowalski, Stewart

    2009-01-01

    This paper presents a Framework for adaptive information security systems for securing information systems. Information systems today are vulnerable and not adaptive to the dynamic environments because initial development of these systems focused on computer technology and communications protocol only. Most research in information security does not consider culture of users, system environments and does not pay enough attention to the enemies of information systems. As a result, users serve t...

  9. Nonproliferation, arms control and disarmament and extended deterrence in the new security environment

    International Nuclear Information System (INIS)

    Pilat, Joseph F.

    2009-01-01

    With the end of the Cold War, in a dramatically changed security environment, the advances in nonnuclear strategic capabilities along with reduced numbers and roles for nuclear forces has altered the calculus of deterrence and defense, at least for the United States. For many, this opened up a realistic possibility of a nuclear-free world. It soon became clear that the initial post-Cold War hopes were exaggerated. The world did change fundamentally, but it did not become more secure and stable. In place of the old Soviet threat, there has been growing concern about proliferation and terrorism involving nuclear and other weapons of mass destruction (WMD), regional conflicts, global instability and increasingly serious new and emerging threats, including cyber attacks and attacks on satellites. For the United States at least, in this emerging environment, the political rationales for nuclear weapons, from deterrence to reassurance to alliance management, are changing and less central than during the Cold War to the security of the United States, its friends and allies. Nuclear weapons remain important for the US, but for a far more limited set of roles and missions. As the Perry-Schlesinger Commission report reveals, there is a domestic US consensus on nuclear policy and posture at the highest level and for the near term, including the continued role of nuclear arms in deterring WMD use and in reassuring allies. Although the value of nuclear weapons has declined for the United States, the value of these weapons for Russia, China and so-called 'rogue' states is seen to be rising. The nuclear logic of NATO during Cold War - the need for nuclear weapons to counter vastly superior conventional capabilities of the Soviet Union and the Warsaw Pact - is today heard from Russians and even some proliferants. Moreover, these weapons present a way for rogues to achieve regional hegemony and possibly to deter interventions by the United States or others. While the vision of a

  10. Nonproliferation, arms control and disarmament and extended deterrence in the new security environment

    Energy Technology Data Exchange (ETDEWEB)

    Pilat, Joseph F [Los Alamos National Laboratory

    2009-01-01

    With the end of the Cold War, in a dramatically changed security environment, the advances in nonnuclear strategic capabilities along with reduced numbers and roles for nuclear forces has altered the calculus of deterrence and defense, at least for the United States. For many, this opened up a realistic possibility of a nuclear-free world. It soon became clear that the initial post-Cold War hopes were exaggerated. The world did change fundamentally, but it did not become more secure and stable. In place of the old Soviet threat, there has been growing concern about proliferation and terrorism involving nuclear and other weapons of mass destruction (WMD), regional conflicts, global instability and increasingly serious new and emerging threats, including cyber attacks and attacks on satellites. For the United States at least, in this emerging environment, the political rationales for nuclear weapons, from deterrence to reassurance to alliance management, are changing and less central than during the Cold War to the security of the United States, its friends and allies. Nuclear weapons remain important for the US, but for a far more limited set of roles and missions. As the Perry-Schlesinger Commission report reveals, there is a domestic US consensus on nuclear policy and posture at the highest level and for the near term, including the continued role of nuclear arms in deterring WMD use and in reassuring allies. Although the value of nuclear weapons has declined for the United States, the value of these weapons for Russia, China and so-called 'rogue' states is seen to be rising. The nuclear logic of NATO during Cold War - the need for nuclear weapons to counter vastly superior conventional capabilities of the Soviet Union and the Warsaw Pact - is today heard from Russians and even some proliferants. Moreover, these weapons present a way for rogues to achieve regional hegemony and possibly to deter interventions by the United States or others. While the

  11. Measuring Stability and Security in Iraq

    National Research Council Canada - National Science Library

    2005-01-01

    .... The initial section of the report, "Stability and Security in Iraq," describes trends and progress towards meeting goals for political stability, economic progress, and achieving a stable security environment in Iraq...

  12. VMware view security essentials

    CERN Document Server

    Langenhan, Daniel

    2013-01-01

    A practical and fast-paced guide that gives you all the information you need to secure your virtual environment.This book is a ""how-to"" for the novice, a ""reference guide"" for the advanced user, and a ""go to"" for the experienced user in all the aspects of VMware View desktop virtualization security.

  13. Potential risks and threats to international security

    Directory of Open Access Journals (Sweden)

    Iurie RICHICINSCHI

    2016-12-01

    Full Text Available Today we can ascertain with certainty that in the early part of the 21st century, the challenges addressed to the current security environment tend to become increasingly diffuse, less predictable and multidimensional, being both a feature of external security, as well as an internal one and, of course, becoming an indispensable part of security policies and strategies. Therefore, the need for international cooperation as a foundation for the stability of the security environment has increased. It should provide a sense of trust and peace by ensuring the absence of danger both for the individual and for the community to which he belongs.

  14. An Elliptic Curve Based Schnorr Cloud Security Model in Distributed Environment

    Directory of Open Access Journals (Sweden)

    Vinothkumar Muthurajan

    2016-01-01

    Full Text Available Cloud computing requires the security upgrade in data transmission approaches. In general, key-based encryption/decryption (symmetric and asymmetric mechanisms ensure the secure data transfer between the devices. The symmetric key mechanisms (pseudorandom function provide minimum protection level compared to asymmetric key (RSA, AES, and ECC schemes. The presence of expired content and the irrelevant resources cause unauthorized data access adversely. This paper investigates how the integrity and secure data transfer are improved based on the Elliptic Curve based Schnorr scheme. This paper proposes a virtual machine based cloud model with Hybrid Cloud Security Algorithm (HCSA to remove the expired content. The HCSA-based auditing improves the malicious activity prediction during the data transfer. The duplication in the cloud server degrades the performance of EC-Schnorr based encryption schemes. This paper utilizes the blooming filter concept to avoid the cloud server duplication. The combination of EC-Schnorr and blooming filter efficiently improves the security performance. The comparative analysis between proposed HCSA and the existing Distributed Hash Table (DHT regarding execution time, computational overhead, and auditing time with auditing requests and servers confirms the effectiveness of HCSA in the cloud security model creation.

  15. Design of Secure and Lightweight Authentication Protocol for Wearable Devices Environment.

    Science.gov (United States)

    Das, Ashok Kumar; Wazid, Mohammad; Kumar, Neeraj; Khan, Muhammad Khurram; Choo, Kim-Kwang Raymond; Park, YoungHo

    2017-09-18

    Wearable devices are used in various applications to collect information including step information, sleeping cycles, workout statistics, and health related information. Due to the nature and richness of the data collected by such devices, it is important to ensure the security of the collected data. This paper presents a new lightweight authentication scheme suitable for wearable device deployment. The scheme allows a user to mutually authenticate his/her wearable device(s) and the mobile terminal (e.g., Android and iOS device) and establish a session key among these devices (worn and carried by the same user) for secure communication between the wearable device and the mobile terminal. The security of the proposed scheme is then demonstrated through the broadly-accepted Real-Or-Random model, as well as using the popular formal security verification tool, known as the Automated Validation of Internet Security Protocols and Applications (AVISPA). Finally, we present a comparative summary of the proposed scheme in terms of the overheads such as computation and communication costs, security and functionality features of the proposed scheme and related schemes, and also the evaluation findings from the NS2 simulation.

  16. An Elliptic Curve Based Schnorr Cloud Security Model in Distributed Environment.

    Science.gov (United States)

    Muthurajan, Vinothkumar; Narayanasamy, Balaji

    2016-01-01

    Cloud computing requires the security upgrade in data transmission approaches. In general, key-based encryption/decryption (symmetric and asymmetric) mechanisms ensure the secure data transfer between the devices. The symmetric key mechanisms (pseudorandom function) provide minimum protection level compared to asymmetric key (RSA, AES, and ECC) schemes. The presence of expired content and the irrelevant resources cause unauthorized data access adversely. This paper investigates how the integrity and secure data transfer are improved based on the Elliptic Curve based Schnorr scheme. This paper proposes a virtual machine based cloud model with Hybrid Cloud Security Algorithm (HCSA) to remove the expired content. The HCSA-based auditing improves the malicious activity prediction during the data transfer. The duplication in the cloud server degrades the performance of EC-Schnorr based encryption schemes. This paper utilizes the blooming filter concept to avoid the cloud server duplication. The combination of EC-Schnorr and blooming filter efficiently improves the security performance. The comparative analysis between proposed HCSA and the existing Distributed Hash Table (DHT) regarding execution time, computational overhead, and auditing time with auditing requests and servers confirms the effectiveness of HCSA in the cloud security model creation.

  17. The joint European TEMPUS project 'Human Security (environment, quality of food, public health, and society) on territories contaminated by radioactive agents'

    International Nuclear Information System (INIS)

    Goncharova, N.; Butchenkow, I.; Maestri, E.

    2016-01-01

    Full text: The Joint European TEMPUS Project 'Human Security (environment, quality of food, public health, and society) on Territories Contaminated by Radioactive Agents', started in 2012. The EU project participants are the following: University of Cordoba (Spain) - Project Coordinator, University of Parma (Italy), University of Florence (Italy), Swedish University of Agricultural Sciences (Sweden) and Riga Technical University (Latvia). The project involves three partner countries - Belarus, Russia, Ukraine, represented by the following institutions: Belarusian State University, International Sakharov Environmental University, Grodno State Medical University, Grodno State Agrarian University, Voronezh State University, Tyumen State Medical Academy, Ural Federal University (Yekaterinburg), Chelyabinsk State University, Nuclear Cities Information-Education Centre, Vinnitsa National Medical University, Zhytomyr State Technological University, Kyiv International University, Sevastopol National University of Nuclear Energy and Industry, Polissya branch of G.M. Vysotsky Ukrainian Research Institute of Forestry and Forest Melioration. The main objectives of the project are: to develop interdisciplinary Master and Doctoral (PhD) programs in the field of Human Security of people living in areas affected by accidents at nuclear power plants / plant for processing nuclear fuel within the following specialties: Ecology and Environment Sciences - 'Human Security and Environment'; Food quality control - 'Human Security and Quality of Food'; Medicine - 'Human Security and Public Health'; Political and Social Sciences - 'Human Security and Society'. These programs will be implemented at 12 universities, 4 from each partner country. During the project implementation it is expected to achieve the following main results: modified interdisciplinary Master and Doctoral (PhD) programs taking into account the studied European experience and practice; joint system of upgrade of

  18. Interdependent Risk and Cyber Security: An Analysis of Security Investment and Cyber Insurance

    Science.gov (United States)

    Shim, Woohyun

    2010-01-01

    An increasing number of firms rely on highly interconnected information networks. In such environments, defense against cyber attacks is complicated by residual risks caused by the interdependence of information security decisions of firms. IT security is affected not only by a firm's own management strategies but also by those of others. This…

  19. Use Trust Management Framework to Achieve Effective Security Mechanisms in Cloud Environment

    Directory of Open Access Journals (Sweden)

    Hicham Toumi

    2017-03-01

    Full Text Available Cloud Computing is an Internet based Computing where virtual shared servers provide software, infrastructure, platform and other resources to the customer on pay-as-you-use basis. Cloud Computing is increasingly becoming popular as many enterprise applications and data are moving into cloud platforms. However, with the enormous use of Cloud, the probability of occurring intrusion also increases. There is a major need of bringing security, transparency and reliability in cloud model for client satisfaction. One of the security issues is how to reduce the impact of any type of intrusion in this environment. To address this issue, a security solution is proposed in this paper. We provide a collaborative framework between our Hybrid Intrusion Detection System (Hy-IDS based on Mobile Agents and virtual firewalls. Therefore, our hybrid intrusion detection system consists of three types of IDS namely IDS-C, IDS-Cr and IDS-M, which are dispatched over three layer of cloud computing. In the first layer, we use IDS-C over our framework to collect, analyze and detect malicious data using Mobile Agents. In case of attack, we collect at the level of the second layer all the malicious data detected in the first layer for the generation of new signatures using IDS-Cr, which is based on a Signature Generation Algorithm (SGA and network intrusion detection system (NIDS. Finally, through an IDS-M placed in the third layer, the new signatures will be used to update the database NIDS belonging to IDS-Cr, then the database to NIDS belonging of IDS-Cr the cluster neighboring and also their IDS-C. Hardware firewall is unable to control communication between virtual machines on the same hypervisor. Moreover, they are blind to virtual traffic. Mostly, they are deployed at Virtual Machine Monitor- level (VMM under Cloud provider’s control. Equally, the mobile agents play an important role in this collaboration. They are used in our framework for investigation of hosts

  20. NATO Advanced Study Institute on Optical Waveguide Sensing and Imaging in Medicine, Environment, Security and Defence

    CERN Document Server

    Bock, Wojtek J; Tanev, Stoyan

    2008-01-01

    The book explores various aspects of existing and emerging fiber and waveguide optics sensing and imaging technologies including recent advances in nanobiophotonics. The focus is both on fundamental and applied research as well as on applications in civil engineering, biomedical sciences, environment, security and defence. The main goal of the multi-disciplinarry team of Editors was to provide an useful reference of state-of-the-art overviews covering a variety of complementary topics on the interface of engineering and biomedical sciences.

  1. Computer-Based Testing: Test Site Security.

    Science.gov (United States)

    Rosen, Gerald A.

    Computer-based testing places great burdens on all involved parties to ensure test security. A task analysis of test site security might identify the areas of protecting the test, protecting the data, and protecting the environment as essential issues in test security. Protecting the test involves transmission of the examinations, identifying the…

  2. Physics of societal issues calculations on national security, environment, and energy

    CERN Document Server

    Hafemeister, David

    2014-01-01

    This book provides the reader with essential tools needed to analyze complex societal issues and demonstrates the transition from physics to modern-day laws and treaties. This second edition features new equation-oriented material and extensive data sets drawing upon current information from experts in their fields. Problems to challenge the reader and extend discussion are presented on three timely issues:   •        National Security: Weapons, Offense, Defense, Verification, Nuclear Proliferation, Terrorism •        Environment: Air/Water, Nuclear, Climate Change, EM Fields/Epidemiology •        Energy: Current Energy Situation, Buildings, Solar Buildings, Renewable  Energy, Enhanced End-Use Efficiency, Transportation, Economics   Praise for the first edition: "This insight is needed in Congress and the Executive Branch. Hafemeister, a former Congressional fellow with wide Washington experience, has written a book for physicists, chemists and engineers who want to learn science...

  3. A study of institutional environment and household food security at ...

    African Journals Online (AJOL)

    The study looked into the current scenario of food security in Rwanda. After analysing the national level institutional and food security scenarios by using available secondary data, the researchers used primary data that have been collected from a random sample of 200 households spreading over six sectors of the Huye ...

  4. OPINIONS ABOUT MILITARY LOGISTICS IN A TURBULENT MEDIUM SECURITY

    Directory of Open Access Journals (Sweden)

    Mircea UDRESCU

    2013-06-01

    Full Text Available In the natural world, turbulence involves violent demonstrations, random appearances, unpredictability. Scientists have developed chaos theory to explain some possible variants of development of events that have a given initial state and a number of deterministic assumptions. In these cases, the initial process can take the exponential expression as a form of incorporation of disturbances. Turbulence, for any social environment, especially for the security environment, means extra risk and uncertainty. Policy makers use the security risks to cover their uncertainties, subordinating national security of an umbrella collective, which makes collective security risks to become national security and safety risks.

  5. Smart grid security

    Energy Technology Data Exchange (ETDEWEB)

    Cuellar, Jorge (ed.) [Siemens AG, Muenchen (Germany). Corporate Technology

    2013-11-01

    The engineering, deployment and security of the future smart grid will be an enormous project requiring the consensus of many stakeholders with different views on the security and privacy requirements, not to mention methods and solutions. The fragmentation of research agendas and proposed approaches or solutions for securing the future smart grid becomes apparent observing the results from different projects, standards, committees, etc, in different countries. The different approaches and views of the papers in this collection also witness this fragmentation. This book contains the following papers: 1. IT Security Architecture Approaches for Smart Metering and Smart Grid. 2. Smart Grid Information Exchange - Securing the Smart Grid from the Ground. 3. A Tool Set for the Evaluation of Security and Reliability in Smart Grids. 4. A Holistic View of Security and Privacy Issues in Smart Grids. 5. Hardware Security for Device Authentication in the Smart Grid. 6. Maintaining Privacy in Data Rich Demand Response Applications. 7. Data Protection in a Cloud-Enabled Smart Grid. 8. Formal Analysis of a Privacy-Preserving Billing Protocol. 9. Privacy in Smart Metering Ecosystems. 10. Energy rate at home Leveraging ZigBee to Enable Smart Grid in Residential Environment.

  6. Security and privacy issues of personal health.

    Science.gov (United States)

    Blobel, Bernd; Pharow, Peter

    2007-01-01

    While health systems in developed countries and increasingly also in developing countries are moving from organisation-centred to person-centred health service delivery, the supporting communication and information technology is faced with new risks regarding security and privacy of stakeholders involved. The comprehensively distributed environment puts special burden on guaranteeing communication security services, but even more on guaranteeing application security services dealing with privilege management, access control and audit regarding social implication and connected sensitivity of personal information recorded, processed, communicated and stored in an even internationally distributed environment.

  7. Security Sector Reform in Albania

    OpenAIRE

    Abazi, Enika; Bumci, Aldo; Hide, Enri; Rakipi, Albert

    2009-01-01

    International audience; This paper analyses security sector reform (SSR) in Albania. In all its enterprises in reforming the security sector,Albania is assisted by different initiatives and projects that provide expertise and financial support. To assesswhether reforms improved the overall security environment (national and human) of the country, it is necessaryto measure the effectiveness of the various initiatives and projects. This is gauged by how well the initiatives andprojects achieved...

  8. Macro Security Methodology for Conducting Facility Security and Sustainability Assessments

    International Nuclear Information System (INIS)

    Herdes, Greg A.; Freier, Keith D.; Wright, Kyle A.

    2007-01-01

    Pacific Northwest National Laboratory (PNNL) has developed a macro security strategy that not only addresses traditional physical protection systems, but also focuses on sustainability as part of the security assessment and management process. This approach is designed to meet the needs of virtually any industry or environment requiring critical asset protection. PNNL has successfully demonstrated the utility of this macro security strategy through its support to the NNSA Office of Global Threat Reduction implementing security upgrades at international facilities possessing high activity radioactive sources that could be used in the assembly of a radiological dispersal device, commonly referred to as a 'dirty bomb'. Traditional vulnerability assessments provide a snap shot in time of the effectiveness of a physical protection system without significant consideration to the sustainability of the component elements that make up the system. This paper describes the approach and tools used to integrate technology, plans and procedures, training, and sustainability into a simple, quick, and easy-to-use security assessment and management tool.

  9. 40 CFR 1042.635 - National security exemption.

    Science.gov (United States)

    2010-07-01

    ... 40 Protection of Environment 32 2010-07-01 2010-07-01 false National security exemption. 1042.635... Compliance Provisions § 1042.635 National security exemption. The standards and requirements of this part and... government responsible for national defense. (b) Manufacturers may request a national security exemption for...

  10. 40 CFR 85.1708 - National security exemption.

    Science.gov (United States)

    2010-07-01

    ... 40 Protection of Environment 18 2010-07-01 2010-07-01 false National security exemption. 85.1708... Vehicle Engines § 85.1708 National security exemption. A manufacturer requesting a national security... agency of the Federal Government charged with responsibility for national defense. [39 FR 32611, Sept. 10...

  11. The Water Security Hydra

    Science.gov (United States)

    Lall, U.

    2017-12-01

    As the editor of a new journal on water security, I have been pondering what it can mean theoretically and practically. At one level, it is pretty aobvious that it refers to the ability to affordably and reliably access water of appropriate quality, and to be protected from the water related ravages of nature, such as floods, droughts and water borne disease. The concept of water security can apply to a family, a company, a state or globally. Of course, since we value the environment, water security embraces the needs of the environment. Where, we consider economic development or energy production, water security also emerges as a critical factor. So, in short it touches almost all things about water that pertain to our lives. New stresses are created by a changing climate, growing populations and an ever changing society, economic activity and environment. Thus, if assuring water security is a goal at any of the scales of interest, many factors need to be considered, and what can really be assured, where and for how long emerges as an interesting question. Local (place, time, individuals, politics) as well as global (climate, economics, hydrology) factors interact to determine outcomes, not all of which are readily mapped in our mathematical or cognitive models to a functional notion of what constitutes security in the face of changing conditions and actors. Further, assurance implies going beyond characterization to developing actions, responses to stressors and risk mitigation strategies. How these perform in the short and long run, and what are the outcomes and strategies for impact mitigation in the event of failure then determines water security. Recognizing that providing assurance of water security has always been the goal of water management, regulation and development, perhaps the challenge is to understand what this means from the perspective of not just the "water managers" but the individuals who are the unwitting beneficiaries, or the instruments for

  12. 40 CFR 90.908 - National security exemption.

    Science.gov (United States)

    2010-07-01

    ... 40 Protection of Environment 20 2010-07-01 2010-07-01 false National security exemption. 90.908... Exemption of Nonroad Engines from Regulations § 90.908 National security exemption. (a)(1) Any nonroad... defense, will be considered exempt from this part for purposes of national security. No request for...

  13. 40 CFR 92.908 - National security exemption.

    Science.gov (United States)

    2010-07-01

    ... 40 Protection of Environment 20 2010-07-01 2010-07-01 false National security exemption. 92.908... Provisions § 92.908 National security exemption. A manufacturer or remanufacturer requesting a national security exemption must state the purpose for which the exemption is required and the request must be...

  14. 40 CFR 91.1008 - National security exemption.

    Science.gov (United States)

    2010-07-01

    ... 40 Protection of Environment 20 2010-07-01 2010-07-01 false National security exemption. 91.1008... Engines § 91.1008 National security exemption. (a)(1) Any marine SI engine, otherwise subject to this part... for purposes of national security. No request for exemption is necessary. (2) Manufacturers may...

  15. 40 CFR 89.908 - National security exemption.

    Science.gov (United States)

    2010-07-01

    ... 40 Protection of Environment 20 2010-07-01 2010-07-01 false National security exemption. 89.908... Provisions § 89.908 National security exemption. (a)(1) Any nonroad engine, otherwise subject to this part... regulations for purposes of national security. No request for exemption is necessary. (2) Manufacturers may...

  16. Character of the mutual perception of the political system and the environment as a criterion of the political security

    Directory of Open Access Journals (Sweden)

    I. V. Ishchenko

    2017-01-01

    Full Text Available Political security is connected with the lack of external and internal threats, or the reduction of their severity. The maintenance of the internal public security should start from the explanation of the nature of the relationship between the political and institutional structures and most active social groups. The author suggests using a mental construct as an indicator of conflict/harmony in this sphere. It has been proposed to implement this idea by comparing the mental constructs of political institutions and social environment. One of the methods to implement this idea has been revealed in the article. This method is based on the search of leading values which are characterizing basic political and institutional structures and social environment. Two components have been described in the mental constructor: rational and irrational. Moreover, the formula, that makes it possible to compare and evaluate the congruence of mental constructs of political and institutional structures and the environment on the basis of the detected values, has been suggested. The advantage of this formula is its flexibility. Consequently, it can describe the features of social and political interaction in all political systems. The regularity has four components. The first component describes the level of implementation of the social environment’s values being a result of certain internal and external policies. It contains a self-assessment of individuals - representatives of the social environment level of its own value system’s implementation. Moreover, the author takes into account the assessment of the political and institutional structures that is given by these individuals. Individuals assess these structures in connection to the actions and decisions aimed at the implementation of public interests and values. The second component of the formula describes the level of implementation and the congruence of values of basic political and institutional

  17. Multi-Level Secure Local Area Network

    OpenAIRE

    Naval Postgraduate School (U.S.); Center for Information Systems Studies Security and Research (CISR)

    2011-01-01

    Multi-Level Secure Local Area Network is a cost effective, multi-level, easy to use office environment leveraging existing high assurance technology. The Department of Defense and U.S. Government have an identified need to securely share information classified at differing security levels. Because there exist no commercial solutions to this problem, NPS is developing a MLS LAN. The MLS LAN extends high assurance capabilities of an evaluated multi-level secure system to commercial personal com...

  18. Securing classification and regulatory approval for deepwater projects: management challenges in a global environment

    Energy Technology Data Exchange (ETDEWEB)

    Feijo, Luiz P.; Burton, Gareth C. [American Bureau of Shipping (ABS), Rio de Janeiro, RJ (Brazil)

    2008-07-01

    As the offshore industry continues to develop and move into increasingly deeper waters, technological boundaries are being pushed to new limits. Along with these advances, the design, fabrication and installation of deepwater oil and gas projects has become an increasingly global endeavor. After providing an overview of the history and role of Classification Societies, this paper reviews the challenges of securing classification and regulatory approval in a global environment. Operational, procedural and technological changes which one Classification Society; the American Bureau of Shipping, known as ABS, has implemented to address these challenges are presented. The result of the changes has been a more customized service aiming at faster and more streamlined classification approval process. (author)

  19. Managing information security in a process industrial environment; Gestao de seguranca da informacao em processos industriais

    Energy Technology Data Exchange (ETDEWEB)

    Pereira, Raphael Gomes; Aguiar, Leandro Pfleger de [Siemens Company (Brazil)

    2008-07-01

    With the recently globalization expansion (growth), the exploration of energetic resources is crossing over countries boundaries, resulting in worldwide companies exploring Oil and Gas fields available in any place of the world. To the government's bodies, this information about those fields should be treated as a national security interest subject by bringing an adequate management and protection to all the important and critical information and assets, and making possible, at the same time, the freedom and transparency in concurrence processes. This create a complex security context to be managed, where information disruption might, for instance, imply in broke of integrity in public auctions processes as a result of privileged information usage. Furthermore, with the terrorism problem, the process itself becomes an attractive target for different kinds of attacks, motivated by the opportunism to explore the known incapacity of the big industries in well manage their large and complex environments. With all transformations that are happening in productive processes, as the growing TCP/IP protocol usage, the Windows operating systems adoption in SCADA systems and the integration of industrial with business network, are factors that contribute to an eminent landscape of problems. This landscape demonstrates the need from the organizations and countries that are operating in energetic resources exploration, for renew their risk management areas, establishing a unique and integrated process to protect information security infrastructure. This work presents a study of the challenges to be faced by the organizations while rebuilding their internal processes to integrate the risk management and information security areas, as long as a set of essential steps to establish an affective corporative governance of risk management and compliance aspects. Moreover, the work presents the necessary points of the government involvement to improve all the regulatory aspects

  20. Orienting and Onboarding Clinical Nurse Specialists: A Process Improvement Project.

    Science.gov (United States)

    Garcia, Mayra G; Watt, Jennifer L; Falder-Saeed, Karie; Lewis, Brennan; Patton, Lindsey

    Clinical nurse specialists (CNSs) have a unique advanced practice role. This article describes a process useful in establishing a comprehensive orientation and onboarding program for a newly hired CNS. The project team used the National Association of Clinical Nurse Specialists core competencies as a guide to construct a process for effectively onboarding and orienting newly hired CNSs. Standardized documents were created for the orientation process including a competency checklist, needs assessment template, and professional evaluation goals. In addition, other documents were revised to streamline the orientation process. Standardizing the onboarding and orientation process has demonstrated favorable results. As of 2016, 3 CNSs have successfully been oriented and onboarded using the new process. Unique healthcare roles require special focus when onboarding and orienting into a healthcare system. The use of the National Association of Clinical Nurse Specialists core competencies guided the project in establishing a successful orientation and onboarding process for newly hired CNSs.

  1. 40 CFR 94.908 - National security exemption.

    Science.gov (United States)

    2010-07-01

    ... 40 Protection of Environment 20 2010-07-01 2010-07-01 false National security exemption. 94.908... § 94.908 National security exemption. (a)(1) Any marine engine, otherwise subject to this part, that is... regulations in this subpart for reasons of national security. No request for this exemption is necessary. (2...

  2. Security Problems in Cloud Computing

    Directory of Open Access Journals (Sweden)

    Rola Motawie

    2016-12-01

    Full Text Available Cloud is a pool of computing resources which are distributed among cloud users. Cloud computing has many benefits like scalability, flexibility, cost savings, reliability, maintenance and mobile accessibility. Since cloud-computing technology is growing day by day, it comes with many security problems. Securing the data in the cloud environment is most critical challenges which act as a barrier when implementing the cloud. There are many new concepts that cloud introduces, such as resource sharing, multi-tenancy, and outsourcing, create new challenges for the security community. In this work, we provide a comparable study of cloud computing privacy and security concerns. We identify and classify known security threats, cloud vulnerabilities, and attacks.

  3. Securing the Application Layer in eCommerce

    OpenAIRE

    Bala Musa S; Norita Md Norwawi; Mohd Hasan Selamat

    2012-01-01

    As e-commerce transaction is evolving, security is becoming a paramount issue since a great deal of credit cards, fund transfer, web shopping and public retirements are involved. Therefore, an appropriate development process is necessary for such security critical application. Also, handling security issues at early stage of software development is paramount to avoiding vulnerabilities from scaling through production environment unnoticed. This paper proposes a comprehensive security requirem...

  4. Recommendations on Future Operational Environments Command Control and Cyber Security

    OpenAIRE

    Goztepe, Kerim

    2015-01-01

    It is a well-known fact that today a nation's telecommunication networks, critical infrastructure, and information systems are vulnerable to growing number of attacks in cyberspace. Cyber space contains very different problems involving various sets of threats, targets and costs. Cyber security is not only problem of banking, communication or transportation. It also threatens core systems of army as command control. Some significant recommendations on command control (C2) and cyber security h...

  5. Development of Cyber Security Scheme for Nuclear Power Plant

    Energy Technology Data Exchange (ETDEWEB)

    Hong, S. B.; Choi, Y. S.; Cho, J. W. (and others)

    2009-12-15

    Nuclear I and C system is considered to be safe on the cyber threat because of the use of exclusive communication network and operating system. But the trend of open architecture and standardization on the equipment of I and C system, it is not safe on the cyber threat such as hacking and cyber terror. It is needed to protect nuclear I and C systems by the cyber attack, Countermeasures of the cyber security is required a lot of time and endeavors because there are many factors on the environment of cyber security and cyber attack. For the nuclear cyber security, we should make structural framework and eliminate cyber vulnerabilities by the analysis of cyber environment. The framework for the cyber security includes planning, embodiment of security technologies, security audit, security management and security maintenance. In this report, we examined IT security technology and the trend of standard in the industrial I and C system, and proposed a method to construct cyber security for the nuclear power plant. We analysed the threat of cyber security, vulnerability and cyber risk, then we present a method for the cyber security structure and the countermeasures.

  6. Development of Cyber Security Scheme for Nuclear Power Plant

    International Nuclear Information System (INIS)

    Hong, S. B.; Choi, Y. S.; Cho, J. W.

    2009-12-01

    Nuclear I and C system is considered to be safe on the cyber threat because of the use of exclusive communication network and operating system. But the trend of open architecture and standardization on the equipment of I and C system, it is not safe on the cyber threat such as hacking and cyber terror. It is needed to protect nuclear I and C systems by the cyber attack, Countermeasures of the cyber security is required a lot of time and endeavors because there are many factors on the environment of cyber security and cyber attack. For the nuclear cyber security, we should make structural framework and eliminate cyber vulnerabilities by the analysis of cyber environment. The framework for the cyber security includes planning, embodiment of security technologies, security audit, security management and security maintenance. In this report, we examined IT security technology and the trend of standard in the industrial I and C system, and proposed a method to construct cyber security for the nuclear power plant. We analysed the threat of cyber security, vulnerability and cyber risk, then we present a method for the cyber security structure and the countermeasures

  7. Security vs. Safety.

    Science.gov (United States)

    Sturgeon, Julie

    1999-01-01

    Provides administrative advice on how some safety experts have made college campuses safer and friendlier without breaking the budget. Tips on security and advice on safety management that encompasses the whole environment are highlighted. (GR)

  8. Application of an intermediate LWR for electricity production and hot-water district heating

    International Nuclear Information System (INIS)

    1983-05-01

    The objective of the study is to evaluate the technical and economic feasibility of a 400 MWe Consolidated Nuclear Steam System (CNSS) for supplying district heat to the Minneapolis/St. Paul area. A total of three CNSS reactor sites, located various distances from the Minneapolis-St. Paul area load center, are evaluated. The distance from the load center is determined by the credited safety features of the plant design. Each site is also evaluated for three different hot water supply/return temperatures providing a total of nine CNSS study cases. The cost of district heat delivered to the load center is determined for each case

  9. Energy security in Yemen

    International Nuclear Information System (INIS)

    Torosyan, Emil

    2009-09-01

    Yemen, situated in the Arab world, has considerable energy resources. However, its history of repeated revolts, civil wars and terrorism and also the presence of the Wahabi movement and al Qaeda in the country constitute security issues for the energy industry and its infrastructure. The aim of this paper is to assess the impact level on the security of the energy sector in Yemen and the effect that the threats to that sector could have on global energy security. Analyses of the political environment, the security threats and the measures taken to respond to these threats have been carried out. Results showed that Yemen's resources are depleting and that the government is having trouble containing the escalation of conflicts; this situation could lead to Yemen's political collapse which could have an important impact on global energy security.

  10. 40 CFR 211.110-2 - National security exemptions.

    Science.gov (United States)

    2010-07-01

    ... 40 Protection of Environment 24 2010-07-01 2010-07-01 false National security exemptions. 211.110... ABATEMENT PROGRAMS PRODUCT NOISE LABELING General Provisions § 211.110-2 National security exemptions. (a) A new product which is produced to conform with specifications developed by national security agency...

  11. E-learning stakeholders information security vulnerability model

    OpenAIRE

    Mohd Alwi, Najwa Hayaati

    2012-01-01

    The motivation to conduct this research has come from awareness that the Internet exposes the e-learning environment to information security threats and vulnerabilities. Information security management as practised as a top down approach in many organisations tend to detach of people’s responsibility in ensuring the security of e-learning. Literature has pointed out that people’s behaviour required to be addressed to control the information security threats. This research proposes an ISM huma...

  12. Short Form of Weinstein Noise Sensitivity Scale (NSS-SF): Reliability, Validity and Gender Invariance among Chinese Individuals.

    Science.gov (United States)

    Zhong, Tao; Chung, Pak-Kwong; Liu, Jing Dong

    2018-02-01

    Independent from noise exposure, noise sensitivity plays a pivotal role in people's noise annoyance perception and concomitant health deteriorations. The present study empirically investigated the psychometric properties of the Chinese version of the Weinstein Noise Sensitivity Scale-Short Form (CNSS-SF), the widely used inventory measuring individual differences in noise perception. In total, 373 Chinese participants (age = 21.41 ± 3.36) completed the online, anonymous questionnaire package. Examination of the CNSS-SF's reliability (internal consistency), factorial validity through validation and cross-validation, nomological validity and measurement invariance across gender groups were undertaken. The Cronbach alpha coefficients and composite reliabilities indicated sufficient reliability of the CNSS-SF. Two confirmatory factor analyses (CFA), in two randomly partitioned groups of participants, substantiated the factorial validity of the scale. The nomological validity of the scale was also corroborated by the significant positive association of its score with the trait anxiety score. Measurement invariance of the CNSS-SF was also found across genders via multi-group CFA. Though not without limitations, findings from the present research provide promising evidence for the utility of the scale in measuring noise sensitivity among the Chinese population. The availability of the CNSS-SF can promote research related to environmental noise and health in China, as well as facilitate cross-cultural comparisons. Copyright © 2018 The Editorial Board of Biomedical and Environmental Sciences. Published by China CDC. All rights reserved.

  13. 78 FR 68784 - Cargo Securing Manuals

    Science.gov (United States)

    2013-11-15

    .../Circ.) 1352 (``Cargo Stowage and Securing (CSS Code) Annex 14 Guidance on Providing Safe Working... Providing Safe Working Conditions for the Securing of Containers'') of the IMO 2010 CSS Code. A cargo safe.... Indian Tribal Governments K. Energy Effects L. Technical Standards M. Environment I. Public Participation...

  14. High Assurance Models for Secure Systems

    Science.gov (United States)

    Almohri, Hussain M. J.

    2013-01-01

    Despite the recent advances in systems and network security, attacks on large enterprise networks consistently impose serious challenges to maintaining data privacy and software service integrity. We identify two main problems that contribute to increasing the security risk in a networked environment: (i) vulnerable servers, workstations, and…

  15. Multi-perspective analysis of China's energy supply security

    International Nuclear Information System (INIS)

    Geng, Jiang-Bo; Ji, Qiang

    2014-01-01

    China's energy supply security has faced many challenges such as the drastic change of the international energy environment and the domestic energy situation and so on. This paper constructs a multi-dimensional indicator system for the main risks deriving from four aspects to evaluate the situation of China's energy supply security and analyze its evolution characteristics from 1994 to 2011. The results indicate that the situation of China's energy supply security generally presented a downtrend during 1994–2008, as a result of increasing international energy market monopoly and high volatility of international crude oil prices. After 2008, the overall level of China's energy supply security has improved to the level of 2003, which is attributed to the relatively stable international energy environment as well as the effective implementation of energy policies. - Highlights: • A multi-dimensional index system for energy supply security is constructed. • The dynamic influences of external and internal risks are analyzed. • China's energy supply security presents a downward trend during 1994–2008. • The level of China's energy supply security has improved since 2009

  16. Vehicular ad hoc network security and privacy

    CERN Document Server

    Lin, X

    2015-01-01

    Unlike any other book in this area, this book provides innovative solutions to security issues, making this book a must read for anyone working with or studying security measures. Vehicular Ad Hoc Network Security and Privacy mainly focuses on security and privacy issues related to vehicular communication systems. It begins with a comprehensive introduction to vehicular ad hoc network and its unique security threats and privacy concerns and then illustrates how to address those challenges in highly dynamic and large size wireless network environments from multiple perspectives. This book is richly illustrated with detailed designs and results for approaching security and privacy threats.

  17. Secure Web System in a Cloud Environment

    OpenAIRE

    Pokherl, Bibesh

    2013-01-01

    Advent of cloud computing has brought a lot of benefits for users based on its essential characteristics. Users are attracted by its costs per use service and rapidly deploy their applications in the cloud and scale by using virtualization technology without investing in their own IT infrastructure. These applications can be accessed through web based technology, such as web browsers or mobile apps. However, security becomes a major challenge when user’s data and applications are stored in a ...

  18. Layered Location-Based Security Mechanism for Mobile Sensor Networks: Moving Security Areas

    Directory of Open Access Journals (Sweden)

    Ze Wang

    2015-09-01

    Full Text Available Network security is one of the most important issues in mobile sensor networks (MSNs. Networks are particularly vulnerable in hostile environments because of many factors, such as uncertain mobility, limitations on computation, and the need for storage in mobile nodes. Though some location-based security mechanisms can resist some malicious attacks, they are only suitable for static networks and may sometimes require large amounts of storage. To solve these problems, using location information, which is one of the most important properties in outdoor wireless networks, a security mechanism called a moving security area (MSA is proposed to resist malicious attacks by using mobile nodes’ dynamic location-based keys. The security mechanism is layered by performing different detection schemes inside or outside the MSA. The location-based private keys will be updated only at the appropriate moments, considering the balance of cost and security performance. By transferring parts of the detection tasks from ordinary nodes to the sink node, the memory requirements are distributed to different entities to save limited energy.

  19. Layered Location-Based Security Mechanism for Mobile Sensor Networks: Moving Security Areas.

    Science.gov (United States)

    Wang, Ze; Zhang, Haijuan; Wu, Luqiang; Zhou, Chang

    2015-09-25

    Network security is one of the most important issues in mobile sensor networks (MSNs). Networks are particularly vulnerable in hostile environments because of many factors, such as uncertain mobility, limitations on computation, and the need for storage in mobile nodes. Though some location-based security mechanisms can resist some malicious attacks, they are only suitable for static networks and may sometimes require large amounts of storage. To solve these problems, using location information, which is one of the most important properties in outdoor wireless networks, a security mechanism called a moving security area (MSA) is proposed to resist malicious attacks by using mobile nodes' dynamic location-based keys. The security mechanism is layered by performing different detection schemes inside or outside the MSA. The location-based private keys will be updated only at the appropriate moments, considering the balance of cost and security performance. By transferring parts of the detection tasks from ordinary nodes to the sink node, the memory requirements are distributed to different entities to save limited energy.

  20. Teaching Network Security in a Virtual Learning Environment

    Science.gov (United States)

    Bergstrom, Laura; Grahn, Kaj J.; Karlstrom, Krister; Pulkkis, Goran; Astrom, Peik

    2004-01-01

    This article presents a virtual course with the topic network security. The course has been produced by Arcada Polytechnic as a part of the production team Computer Networks, Telecommunication and Telecommunication Systems in the Finnish Virtual Polytechnic. The article begins with an introduction to the evolution of the information security…

  1. Securing social media in the enterprise

    CERN Document Server

    Dalziel, Henry

    2015-01-01

    Securing Social Media in the Enterprise is a concise overview of the security threats posed by the use of social media sites and apps in enterprise network environments. Social media sites and apps are now a ubiquitous presence within enterprise systems and networks, and are vulnerable to a wide range of digital systems attacks. This brief volume provides security professionals and network systems administrators a much-needed dive into the most current threats, detection techniques, and defenses for these attacks, and provides a roadmap for best practices to secure and manage social media wi

  2. Methods of Organizational Information Security

    Science.gov (United States)

    Martins, José; Dos Santos, Henrique

    The principle objective of this article is to present a literature review for the methods used in the security of information at the level of organizations. Some of the principle problems are identified and a first group of relevant dimensions is presented for an efficient management of information security. The study is based on the literature review made, using some of the more relevant certified articles of this theme, in international reports and in the principle norms of management of information security. From the readings that were done, we identified some of the methods oriented for risk management, norms of certification and good practice of security of information. Some of the norms are oriented for the certification of the product or system and others oriented to the processes of the business. There are also studies with the proposal of Frameworks that suggest the integration of different approaches with the foundation of norms focused on technologies, in processes and taking into consideration the organizational and human environment of the organizations. In our perspective, the biggest contribute to the security of information is the development of a method of security of information for an organization in a conflicting environment. This should make available the security of information, against the possible dimensions of attack that the threats could exploit, through the vulnerability of the organizational actives. This method should support the new concepts of "Network centric warfare", "Information superiority" and "Information warfare" especially developed in this last decade, where information is seen simultaneously as a weapon and as a target.

  3. 40 CFR 205.5-2 - National security exemptions.

    Science.gov (United States)

    2010-07-01

    ... 40 Protection of Environment 24 2010-07-01 2010-07-01 false National security exemptions. 205.5-2... PROGRAMS TRANSPORTATION EQUIPMENT NOISE EMISSION CONTROLS General Provisions § 205.5-2 National security... a national security exemption is required. (c) For purposes of section 11(d) of the Act, any...

  4. Moving towards Cloud Security

    Directory of Open Access Journals (Sweden)

    Edit Szilvia Rubóczki

    2015-01-01

    Full Text Available Cloud computing hosts and delivers many different services via Internet. There are a lot of reasons why people opt for using cloud resources. Cloud development is increasing fast while a lot of related services drop behind, for example the mass awareness of cloud security. However the new generation upload videos and pictures without reason to a cloud storage, but only few know about data privacy, data management and the proprietary of stored data in the cloud. In an enterprise environment the users have to know the rule of cloud usage, however they have little knowledge about traditional IT security. It is important to measure the level of their knowledge, and evolve the training system to develop the security awareness. The article proves the importance of suggesting new metrics and algorithms for measuring security awareness of corporate users and employees to include the requirements of emerging cloud security.

  5. Energy policy in the European Community: conflicts between the objectives of the unified single market, supply security and a clean environment

    International Nuclear Information System (INIS)

    Surrey, J.

    1992-01-01

    Policies for energy and the environment in Europe were previously the preserve of national governments, but the Commission of the European Community has gained a role in both policy areas in the past few years. This was due to the 1987 Single European Act which, in effect, extends the writ of competition law throughout the energy and other previously excluded sectors, expresses the desire to reduce acid rain and greenhouse gas emissions, and reaffirms Europe's renewed concern for long-term oil and gas supply security after the Gulf War and the disintegration of the USSR. The Commission's proposals for the unified internal energy market were driven by concern for competition and free market forces, and seemed to exclude any scope for long-term policy considerations. This paper argues that the implementation of those proposals will be uneven and protracted, and that the Commission's more recent proposals for reducing CO 2 emissions and the European Energy Charter appear to mark positive steps towards a long-term strategy for a clean environment, energy efficiency, and oil and gas supply security. 27 refs., 4 tabs

  6. 40 CFR 204.5-2 - National security exemptions.

    Science.gov (United States)

    2010-07-01

    ... 40 Protection of Environment 24 2010-07-01 2010-07-01 false National security exemptions. 204.5-2... PROGRAMS NOISE EMISSION STANDARDS FOR CONSTRUCTION EQUIPMENT General Provisions § 204.5-2 National security... for a national security exemption is required. (c) For purposes of section 11(d) of the Act, any...

  7. RFID Based Security Access Control System with GSM Technology

    OpenAIRE

    Peter Adole; Joseph M. Môm; Gabriel A. Igwue

    2016-01-01

    The security challenges being encountered in many places today require electronic means of controlling access to secured premises in addition to the available security personnel. Various technologies were used in different forms to solve these challenges. The Radio Frequency Identification (RFID) Based Access Control Security system with GSM technology presented in this work helps to prevent unauthorized access to controlled environments (secured premises). This is achieved mainly...

  8. BASIC CONCEPTS OF TAX SECURITY AS PART OF THE FINANCIAL SECURITY OF UKRAINE

    Directory of Open Access Journals (Sweden)

    Sergiy Golikov

    2016-11-01

    Full Text Available The purpose of the paper is to examine the essence of the term «tax security», its fundamental characteristics, such as threats, risks, interests and protection, defined how the state could provide them. The paper analyses economic, social and legal nature of the term. Key indicators of tax security of Ukraine identified and analyzed. In addition, the paper studies an integrated approach of tax security threats. In case of a big amount of threats, they divided to four main sources of threats: the state of the national economy, the state of the public finances, social features of the society and institutional environment. For each source, there have been identified and analyzed the most important factors of threats of tax security of Ukraine. Methodology. The survey based on an analysis of existing studies of Ukrainian and foreign scientists about the essence and nature of "tax security" for the last 10 years. In addition, to determine the essence and the concept, goals and objectives, methods and principles of the economic nature of the tax security, main risks, threats, expectations and results of efficient tax security identified. To build an integrated approach it is necessary to analyse all existing and potential factors of threats. There data used from reports of the State Statistics Service of Ukraine, Ministry of Economic Development and Trade of Ukraine, PWC and World Bank. Results of the survey showed that tax security is such a condition of tax security, when the process of harmonization of taxation provided under effective management of risks and threats that arise in tax area, by taking the necessary measures by the executive bodies to meet the interests of the state, society and taxpayers (business entities, organizations, people. Integrated approach of threats analysis of tax security shows that the most dangerous threats are those that are associated with poor economic development, considerable socio-economic stratification of

  9. Overview of security culture

    International Nuclear Information System (INIS)

    Matulanya, M. A.

    2014-04-01

    Nuclear Security culture concept has been aggressively promoted over the past several years as a tool to improve the physical protection of the nuclear and radioactive materials due to growing threats of catastrophic terrorism and other new security challenges. It is obvious that, the scope of nuclear security and the associated cultures need to be extended beyond the traditional task of protecting weapons-usable materials. The role of IAEA is to strengthen the nuclear security framework globally and in leading the coordination of international activities in this field. Therefore all governments should work closely with the IAEA to take stronger measures to ensure the physical protection, the safety and security of the nuclear and radioactive materials. In the effort to reflect this new realities and concerns, the IAEA in 2008 came up with the document, the Nuclear Security Culture, Nuclear Security Series No. 7, Implementing Guide to the member states which urged every member state to take appropriate measures to promote security culture with respect to nuclear and radioactive materials. The document depicted this cultural approach as the way to protect individual, society and the environment. Among other things, the document defined nuclear security culture as characteristics and attitudes in organizations and of individuals which establishes that, nuclear security issues receives attention warranted by their significance. (au)

  10. NOSArmor: Building a Secure Network Operating System

    Directory of Open Access Journals (Sweden)

    Hyeonseong Jo

    2018-01-01

    Full Text Available Software-Defined Networking (SDN, controlling underlying network devices (i.e., data plane in a logically centralized manner, is now actively adopted in many real world networking environments. It is clear that a network administrator can easily understand and manage his networking environments with the help of SDN. In SDN, a network operating system (NOS, also known as an SDN controller, is the most critical component because it should be involved in all transactions for controlling network devices, and thus the security of NOS cannot be highly exaggerated. However, in spite of its importance, no previous works have thoroughly investigated the security of NOS. In this work, to address this problem, we present the NOSArmor, which integrates several security mechanisms, named as security building block (SBB, into a consolidated SDN controller. NOSArmor consists of eight SBBs and each of them addresses different security principles of network assets. For example, while role-based authorization focuses on securing confidentiality of internal storage from malicious applications, OpenFlow protocol verifier protects availability of core service in the controller from malformed control messages received from switches. In addition, NOSArmor shows competitive performance compared to existing other controllers (i.e., ONOS, Floodlight with secureness of network assets.

  11. Black Sea Energy Security - Present and Future

    Directory of Open Access Journals (Sweden)

    Florinel Iftode

    2011-05-01

    Full Text Available We chose this theme to highlight the need for continuous and sustained human society to secure energy resources needed to survive, needs reflected in an increasingly in recent years in the strategies adopted at both states, as at the level of international organizations. Achieving security and stability in the wider Black Sea area has been among the priorities of each country's interests in this region. In this context, state and non-state actors were being called to come up with new solutions to achieve those interests. Certainly not in all cases the negotiations were completed or not yet found a generally accepted formula for others to apply, but most of them show off their values. The main environmental threats to security environment in the Black Sea region are represented by ethnic conflicts and territorial secessionism. A significant contribution to the security environment of the Black Sea region has the phenomenon of globalization, which in this region is manifested by a steady increase in traffic and volume of shipping passage of communication, which largely affects the security in the region. Globalization and the need for energy resources in the Black Sea was an important area not only as energy transport route, but as a potential supplier of material energy (oil and natural gas. Black Sea Basin can be stabilized and secured only by the will and input from all States and interested international organizations in pragmatic and effective institutional frameworks, meant to promote and protect the common interests of countries decided to participate in actions aimed at ensuring a stable environment security.

  12. Radiation effects on man health, environment, safety, security. Global Chernobyl mapping

    International Nuclear Information System (INIS)

    Bebeshko, V.; Bazyka, D.; Volovik, S.; Loganovsky, K.; Sushko, V.; Siedow, J.; Cohen, H.; Ginsburg, G.; Chao, N.; Chute, J.

    2007-01-01

    Complete text of publication follows. Objectives: Ionizing radiation is a primordial terrestrial and extraterrestrial background and archetypal environmental stress-factor for life origin, evolution, and existence. We all live in radiation world inevitably involving nuclear energy production, nuclear weapon, nuclear navy, radioactive waste, pertinent medical diagnostics and treatment, etc with connected certain probability of relevant accidents and terrorist attack, space and jet travels, high natural background radiation, etc - actual and potential sources of radiation exposures and effects. State-of- the art integral fundamental research on radiation effects on man health, environment, safety, and security (REMHESS) is nowadays paramount necessity and challenge. Methods and results: In given generalized conceptual framework unique 20 years Chernobyl multidimensional research and databases for radiation effects on man's all organism systems represent invaluable original basis and resources for mapping Chernobyl data and REMHESS challenge. Granted by DOE brand new Chernobyl Research and Service Project based on 'Sarcophagus-II' (Object 'Shelter') workers only one in radiation history baseline cohort, corresponding biorepository prospective dynamic data, integrated conceptual database system, and 'state of the art' 'omics' (genomics, proteomics, metabolomics) analysis is designed specifically for coherent addressing global REMHESS problems. In this connection 'Sarcophagus-II' is only one unique universal model. Conclusions: The fundamental goals of novel strategic Project and global Chernobyl mapping are to determine specific 'omics' signatures of radiation for man depending of exposure peculiarity to understand ultimate molecular mechanisms of radiation effects, gene environment interactions, etiology of organisms systems disorders and diseases, and to develop new biomarkers and countermeasures to protect man health in the framework of global REMHESS challenge

  13. Non-covalently functionalized carbon nanostructures for synthesizing carbon-based hybrid nanomaterials.

    Science.gov (United States)

    Li, Haiqing; Song, Sing I; Song, Ga Young; Kim, Il

    2014-02-01

    Carbon nanostructures (CNSs) such as carbon nanotubes, graphene sheets, and nanodiamonds provide an important type of substrate for constructing a variety of hybrid nanomaterials. However, their intrinsic chemistry-inert surfaces make it indispensable to pre-functionalize them prior to immobilizing additional components onto their surfaces. Currently developed strategies for functionalizing CNSs include covalent and non-covalent approaches. Conventional covalent treatments often damage the structure integrity of carbon surfaces and adversely affect their physical properties. In contrast, the non-covalent approach offers a non-destructive way to modify CNSs with desired functional surfaces, while reserving their intrinsic properties. Thus far, a number of surface modifiers including aromatic compounds, small-molecular surfactants, amphiphilic polymers, and biomacromolecules have been developed to non-covalently functionalize CNS surfaces. Mediated by these surface modifiers, various functional components such as organic species and inorganic nanoparticles were further decorated onto their surfaces, resulting in versatile carbon-based hybrid nanomaterials with broad applications in chemical engineering and biomedical areas. In this review, the recent advances in the generation of such hybrid nanostructures based on non-covalently functionalized CNSs will be reviewed.

  14. Security of pipeline facilities

    Energy Technology Data Exchange (ETDEWEB)

    Lee, S.C. [Alberta Energy and Utilities Board, Calgary, AB (Canada); Van Egmond, C.; Duquette, L. [National Energy Board, Calgary, AB (Canada); Revie, W. [Canada Centre for Mineral and Energy Technology, Ottawa, ON (Canada)

    2005-07-01

    This working group provided an update on provincial, federal and industry directions regarding the security of pipeline facilities. The decision to include security issues in the NEB Act was discussed as well as the Pipeline Security Management Assessment Project, which was created to establish a better understanding of existing security management programs as well as to assist the NEB in the development and implementation of security management regulations and initiatives. Amendments to the NEB were also discussed. Areas of pipeline security management assessment include physical safety management; cyber and information security management; and personnel security. Security management regulations were discussed, as well as implementation policies. Details of the Enbridge Liquids Pipelines Security Plan were examined. It was noted that the plan incorporates flexibility for operations and is integrated with Emergency Response and Crisis Management. Asset characterization and vulnerability assessments were discussed, as well as security and terrorist threats. It was noted that corporate security threat assessment and auditing are based on threat information from the United States intelligence community. It was concluded that the oil and gas industry is a leader in security in North America. The Trans Alaska Pipeline Incident was discussed as a reminder of how costly accidents can be. Issues of concern for the future included geographic and climate issues. It was concluded that limited resources are an ongoing concern, and that the regulatory environment is becoming increasingly prescriptive. Other concerns included the threat of not taking international terrorism seriously, and open media reporting of vulnerability of critical assets, including maps. tabs., figs.

  15. Control System Applicable Use Assessment of the Secure Computing Corporation - Secure Firewall (Sidewinder)

    Energy Technology Data Exchange (ETDEWEB)

    Hadley, Mark D.; Clements, Samuel L.

    2009-01-01

    Battelle’s National Security & Defense objective is, “applying unmatched expertise and unique facilities to deliver homeland security solutions. From detection and protection against weapons of mass destruction to emergency preparedness/response and protection of critical infrastructure, we are working with industry and government to integrate policy, operational, technological, and logistical parameters that will secure a safe future”. In an ongoing effort to meet this mission, engagements with industry that are intended to improve operational and technical attributes of commercial solutions that are related to national security initiatives are necessary. This necessity will ensure that capabilities for protecting critical infrastructure assets are considered by commercial entities in their development, design, and deployment lifecycles thus addressing the alignment of identified deficiencies and improvements needed to support national cyber security initiatives. The Secure Firewall (Sidewinder) appliance by Secure Computing was assessed for applicable use in critical infrastructure control system environments, such as electric power, nuclear and other facilities containing critical systems that require augmented protection from cyber threat. The testing was performed in the Pacific Northwest National Laboratory’s (PNNL) Electric Infrastructure Operations Center (EIOC). The Secure Firewall was tested in a network configuration that emulates a typical control center network and then evaluated. A number of observations and recommendations are included in this report relating to features currently included in the Secure Firewall that support critical infrastructure security needs.

  16. Enabling a Secure Environment for Vehicle-to-Vehicle (V2V) and Vehicle-to-Infrastructure (V2I) Transactions : April 2012 Public Workshop Proceedings

    Science.gov (United States)

    2012-06-08

    This report provides a summary and overview of the Public Workshop entitled, Enabling a Secure Environment for Vehicle-to-Vehicle and Vehicle-to-Infrastructure Transactions, presented by USDOT. The workshop took place on April 19-20, 2012 at th...

  17. Spatio-temporal dynamics of security investments in an interdependent risk environment

    Science.gov (United States)

    Shafi, Kamran; Bender, Axel; Zhong, Weicai; Abbass, Hussein A.

    2012-10-01

    In a globalised world where risks spread through contagion, the decision of an entity to invest in securing its premises from stochastic risks no longer depends solely on its own actions but also on the actions of other interacting entities in the system. This phenomenon is commonly seen in many domains including airline, logistics and computer security and is referred to as Interdependent Security (IDS). An IDS game models this decision problem from a game-theoretic perspective and deals with the behavioural dynamics of risk-reduction investments in such settings. This paper enhances this model and investigates the spatio-temporal aspects of the IDS games. The spatio-temporal dynamics are studied using simple replicator dynamics on a variety of network structures and for various security cost tradeoffs that lead to different Nash equilibria in an IDS game. The simulation results show that the neighbourhood configuration has a greater effect on the IDS game dynamics than network structure. An in-depth empirical analysis of game dynamics is carried out on regular graphs, which leads to the articulation of necessary and sufficient conditions for dominance in IDS games under spatial constraints.

  18. Hardware security and trust design and deployment of integrated circuits in a threatened environment

    CERN Document Server

    Chaves, Ricardo; Natale, Giorgio; Regazzoni, Francesco

    2017-01-01

    This book provides a comprehensive introduction to hardware security, from specification to implementation. Applications discussed include embedded systems ranging from small RFID tags to satellites orbiting the earth. The authors describe a design and synthesis flow, which will transform a given circuit into a secure design incorporating counter-measures against fault attacks. In order to address the conflict between testability and security, the authors describe innovative design-for-testability (DFT) computer-aided design (CAD) tools that support security challenges, engineered for compliance with existing, commercial tools. Secure protocols are discussed, which protect access to necessary test infrastructures and enable the design of secure access controllers. Covers all aspects of hardware security including design, manufacturing, testing, reliability, validation and utilization; Describes new methods and algorithms for the identification/detection of hardware trojans; Defines new architectures capable o...

  19. The secure heating reactor

    International Nuclear Information System (INIS)

    Pind, C.

    1987-01-01

    The SECURE heating reactor was designed by ASEA-ATOM as a realistic alternative for district heating in urban areas and for supplying heat to process industries. SECURE has unique safety characteristics, that are based on fundamental laws of physics. The safety does not depend on active components or operator intervention for shutdown and cooling of the reactor. The inherent safety characteristics of the plant cannot be affected by operator errors. Due to its very low environment impact, it can be sited close to heat consumers. The SECURE heating reactor has been shown to be competitive in comparison with other alternatives for heating Helsinki and Seoul. The SECURE heating reactor forms a basis for the power-producing SECURE-P reactor known as PIUS (Process Inherent Ultimate Safety), which is based on the same inherent safety principles. The thermohydraulic function and transient response have been demonstrated in a large electrically heated loop at the ASEA-ATOM laboratories

  20. VMware vsphere security cookbook

    CERN Document Server

    Greer, Mike

    2014-01-01

    This book is intended for virtualization professionals who are experienced with the setup and configuration of VMware vSphere, but didn't get the opportunity to learn how to secure the environment properly.

  1. Coordination and organization of security software process for power information application environment

    Science.gov (United States)

    Wang, Qiang

    2017-09-01

    As an important part of software engineering, the software process decides the success or failure of software product. The design and development feature of security software process is discussed, so is the necessity and the present significance of using such process. Coordinating the function software, the process for security software and its testing are deeply discussed. The process includes requirement analysis, design, coding, debug and testing, submission and maintenance. In each process, the paper proposed the subprocesses to support software security. As an example, the paper introduces the above process into the power information platform.

  2. AUTOMATING THE DATA SECURITY PROCESS

    OpenAIRE

    Florin Ogigau-Neamtiu

    2017-01-01

    Contemporary organizations face big data security challenges in the cyber environment due to modern threats and actual business working model which relies heavily on collaboration, data sharing, tool integration, increased mobility, etc. The nowadays data classification and data obfuscation selection processes (encryption, masking or tokenization) suffer because of the human implication in the process. Organizations need to shirk data security domain by classifying information based on its...

  3. Environment | Argonne National Laboratory

    Science.gov (United States)

    Skip to main content Argonne National Laboratory Toggle Navigation Toggle Search Energy Environment Laboratory About Safety News Careers Education Community Diversity Directory Energy Environment National Security User Facilities Science Work with Us Environment Atmospheric and Climate Science Ecological

  4. Security cooperation with China: Analysis and a proposal. Final report

    Energy Technology Data Exchange (ETDEWEB)

    Wilborn, T.L.

    1994-11-25

    The author examines U.S.-China security cooperation before Tiananmen Square; the strategic context in which it took place; and the strategic environment of U.S.-China relations at the present time. As a member of the U.N. Security Council and one of the five acknowledged nuclear powers, China`s actions can influence a wide range of U.S. global interests. Continued U.S.-China security cooperation will contribute to stability in an important region of the world and help achieve U.S. global objectives. He concludes that, although the reasons which justified the program of security cooperation with China during the cold war are irrelevant today, security cooperation and military-to-military relations are highly desirable in the current strategic environment.

  5. Security-aware design for cyber-physical systems a platform-based approach

    CERN Document Server

    Lin, Chung-Wei

    2017-01-01

    Addressing the rising security issues during the design stages of cyber-physical systems, this book develops a systematic approach to address security at early design stages together with all other design constraints. Cyber-attacks become more threatening as systems are becoming more connected with the surrounding environment, infrastructures, and other systems. Security mechanisms can be designed to protect against attacks and meet security requirements, but there are many challenges of applying security mechanisms to cyber-physical systems including open environments, limited resources, strict timing requirements, and large number of devices. Designed for researchers and professionals, this book is valuable for individuals working in network systems, security mechanisms, and system design. It is also suitable for advanced-level students of computer science. .

  6. Information Security for Compliance with Select Agent Regulations

    Science.gov (United States)

    Lewis, Nick; Campbell, Mark J.

    2015-01-01

    The past decade has seen a significant rise in research on high-consequence human and animal pathogens, many now known as “select agents.” While physical security around these agents is tightly regulated, information security standards are still lagging. The understanding of the threats unique to the academic and research environment is still evolving, in part due to poor communication between the various stakeholders. Perhaps as a result, information security guidelines published by select agent regulators lack the critical details and directives needed to achieve even the lowest security level of the Federal Information Security Management Act (FISMA). While only government agencies are currently required to abide by the provisions of FISMA (unless specified as preconditions for obtaining government grants or contracts—still a relatively rare or narrowly scoped occurrence), the same strategies were recently recommended by executive order for others. We propose that information security guidelines for select agent research be updated to promulgate and detail FISMA standards and processes and that the latter be ultimately incorporated into select agent regulations. We also suggest that information security in academic and research institutions would greatly benefit from active efforts to improve communication among the biosecurity, security, and information technology communities, and from a secure venue for exchange of timely information on emerging threats and solutions in the research environment. PMID:26042864

  7. Information security for compliance with select agent regulations.

    Science.gov (United States)

    Lewis, Nick; Campbell, Mark J; Baskin, Carole R

    2015-01-01

    The past decade has seen a significant rise in research on high-consequence human and animal pathogens, many now known as "select agents." While physical security around these agents is tightly regulated, information security standards are still lagging. The understanding of the threats unique to the academic and research environment is still evolving, in part due to poor communication between the various stakeholders. Perhaps as a result, information security guidelines published by select agent regulators lack the critical details and directives needed to achieve even the lowest security level of the Federal Information Security Management Act (FISMA). While only government agencies are currently required to abide by the provisions of FISMA (unless specified as preconditions for obtaining government grants or contracts--still a relatively rare or narrowly scoped occurrence), the same strategies were recently recommended by executive order for others. We propose that information security guidelines for select agent research be updated to promulgate and detail FISMA standards and processes and that the latter be ultimately incorporated into select agent regulations. We also suggest that information security in academic and research institutions would greatly benefit from active efforts to improve communication among the biosecurity, security, and information technology communities, and from a secure venue for exchange of timely information on emerging threats and solutions in the research environment.

  8. Information Security Behavioral Model: Towards Employees' Knowledge and Attitude

    OpenAIRE

    Mishra, Saurabh; Snehlata, Snehlata; Srivastava, Anjali

    2014-01-01

    Information Security has become a significant concern for today's organizations. The internal security threats acts as the most curtail type of security threat within an organization. These internal security threats are a result of poor conduct of security behavior by the employees within an organization. If not deal properly, it may hamper the auditing of organization. Auditing plays an important role in the business environment. Before conducting auditing it is essential to examine the beha...

  9. Food Security Strategy Based on Computer Innovation

    OpenAIRE

    Ruihui Mu

    2015-01-01

    Case analysis to identify innovative strategies for food security occurred in the Oriental Hotel, voluntarily implement food safety control. Food security strategy investigation and the reasons for their use of multiple data sources, including accommodation and catering industry to implement and document interviews with key decision makers in the hotel performed to observe the business environment were examined. This finding suggests that addressing food security, not only is the food control...

  10. Security, at what cost? A stated preference approach toward understanding individuals' privacy and civil liberties trade-offs regarding security measures

    NARCIS (Netherlands)

    Robinson, N.; Potoglou, D.

    2010-01-01

    In the presently heightened security environment there are a number of examples of policy that must strike a delicate balance between strengthening security without jeopardising public liberties and personal privacy. The introduction of national identity cards and biometric passports, the expansion

  11. Transboundary natural area protection: Broadening the definition of national security

    Science.gov (United States)

    Haven B. Cook

    2007-01-01

    This paper looks at the definition and concept of national security, and examines how the environment is linked with national security. The traditional, state view of national security that guides most foreign policy includes the concepts of military power, sovereignty and geopolitical stability. This paper advocates broadening the definition of security to include...

  12. Multi-Level Security Cannot Realise NEC Objectives

    NARCIS (Netherlands)

    Schotanus, H.A.; Hartog, T.; Verkoelen, C.A.A.

    2012-01-01

    Multi-Level Security (MLS) is often viewed as the holy grail of information security, especially in those environments where information of different classifications is being processed. In this paper we argue that MLS cannot facilitate the right balance between need-to-protect and duty-to-share as

  13. Security for Multimedia Space Data Distribution over the Internet

    Science.gov (United States)

    Stone, Thom; Picinich, Lou; Givens, John J. (Technical Monitor)

    1995-01-01

    Distribution of interactive multimedia to remote investigators will be required for high quality science on the International Space Station (ISS). The Internet with the World Wide Web (WWW) and the JAVA environment are a good match for distribution of data, video and voice to remote science centers. Utilizing the "open" Internet in a secure manner is the major hurdle in making use of this cost effective, off-the-shelf, universal resource. This paper examines the major security threats to an Internet distribution system for payload data and the mitigation of these threats. A proposed security environment for the Space Station Biological Research Facility (SSBRP) is presented with a short description of the tools that have been implemented or planned. Formulating and implementing a security policy, firewalls, host hardware and software security are also discussed in this paper. Security is a vast topic and this paper can only give an overview of important issues. This paper postulates that a structured approach is required and stresses that security must be built into a network from the start. Ignoring security issues or putting them off until late in the development cycle can be disastrous.

  14. Key Based Mutual Authentication (KBMA Mechanism for Secured Access in MobiCloud Environment

    Directory of Open Access Journals (Sweden)

    Donald A. Cecil

    2016-01-01

    Full Text Available Mobile Cloud Computing (MCC fuels innovation in Mobile Computing and opens new pathways between mobile devices and infrastructures. There are several issues in MCC environment as it integrates various technologies. Among all issues, security lies on the top where many users are not willing to adopt the cloud services. This paper focuses on the authentication. The objective of this paper is to provide a mechanism for authenticating all the entities involved in accessing the cloud services. A mechanism called Key Based Mutual Authentication (KBMA is proposed which is divided into two processes namely registration and authentication. Registration is a one-time process where the users are registered for accessing the cloud services by giving the desired unique information. Authentication process is carried out mutually to verify the identities of Device and Cloud Service Provider (CSP. Scyther tool is used for analysing the vulnerability in terms of attacks. The result claims show that the proposed mechanism is resilient against various attacks.

  15. Study to Improve Security for IoT Smart Device Controller: Drawbacks and Countermeasures

    Directory of Open Access Journals (Sweden)

    Xin Su

    2018-01-01

    Full Text Available Including mobile environment, conventional security mechanisms have been adapted to satisfy the needs of users. However, the device environment-IoT-based number of connected devices is quite different to the previous traditional desktop PC- or mobile-based environment. Based on the IoT, different kinds of smart and mobile devices are fully connected automatically via device controller, such as smartphone. Therefore, controller must be secure compared to conventional security mechanism. According to the existing security threats, these are quite different from the previous ones. Thus, the countermeasures applied should be changed. However, the smart device-based authentication techniques that have been proposed to date are not adequate in terms of usability and security. From the viewpoint of usability, the environment is based on mobility, and thus devices are designed and developed to enhance their owners’ efficiency. Thus, in all applications, there is a need to consider usability, even when the application is a security mechanism. Typically, mobility is emphasized over security. However, considering that the major characteristic of a device controller is deeply related to its owner’s private information, a security technique that is robust to all kinds of attacks is mandatory. In this paper, we focus on security. First, in terms of security achievement, we investigate and categorize conventional attacks and emerging issues and then analyze conventional and existing countermeasures, respectively. Finally, as countermeasure concepts, we propose several representative methods.

  16. Understanding the security situation in Colombia

    Energy Technology Data Exchange (ETDEWEB)

    Escobar, C.O. [Colombia Central Bank (Colombia)

    1997-11-01

    The following aspects influencing Colombia are considered: the causes of security problems, including social, political and criminal violence; the political and economic crises produced by financing of the presidential campaign; coal`s social, economic and cultural environment in Guajira and Cesar; a description of the security situation in the carboniferous region focusing on guerrilla, crime and paramilitary threats; and three possible scenarios in the region`s security future. The government`s strategy of assuring restricted security to carboniferous and petroleum plants has proven expensive for the state and country. A competitive regional economy would bring social and economic benefits in the medium and long terms. 1 tab.

  17. Control system security in nuclear power plant

    International Nuclear Information System (INIS)

    Li Jianghai; Huang Xiaojin

    2012-01-01

    The digitalization and networking of control systems in nuclear power plants has brought significant improvements in system control, operation and maintenance. However, the highly digitalized control system also introduces additional security vulnerabilities. Moreover, the replacement of conventional proprietary systems with common protocols, software and devices makes these vulnerabilities easy to be exploited. Through the interaction between control systems and the physical world, security issues in control systems impose high risks on health, safety and environment. These security issues may even cause damages of critical infrastructures and threaten national security. The importance of control system security by reviewing several control system security incidents that happened in nuclear power plants was showed in recent years. Several key difficulties in addressing these security issues were described. Finally, existing researches on control system security and propose several promising research directions were reviewed. (authors)

  18. Environment and homeland security in France

    International Nuclear Information System (INIS)

    Taithe, Alexandre

    2011-01-01

    The author comments the impact of extreme events related to global warming and climate change on the French homeland security. He comments the evolution of temperature during the last century, the various transformations notably predicted by IPCC reports, and the various climate evolutions. Then, he discusses impacts of climate change on different economic sectors. He notably addresses the impact on coast lines (risks of submersion and erosion, more particularly for overseas territories), the impact extreme events may have on soft water (a temperature rise would impact the operation of nuclear plants; sewage and water networks will be threatened by more intense rainfalls), the positive and negative impacts on forests (high productivity but loss of diversity, development of parasites, risks of forest fires), and the impacts on various economic activities (agriculture, food supply, tourism, insurance) and on health

  19. The Design of Compass/BeiDou Navigation Satellite Terminal for Migrant Bird Research

    Directory of Open Access Journals (Sweden)

    Yaohui Li

    2014-01-01

    Full Text Available A terminal of Compass Navigation Satellite System (CNSS, which can not only support BeiDou-1 and BeiDou-2 but also support Global Positioning System (GPS, is designed to research the activities of the migrant birds, with our novel design of a multiband antenna. By a high-density integration, this terminal is designed with a compact size and light weight. When the terminal is assembled to a whooper swan, its flying trace is recorded by the CNSS, which is in agreement with that of GPS. The flying route map based on the CNSS is useful to check the situation and habit of the migrant bird, which is important for animal protection and bird flu outbreak prediction.

  20. Security Architecture of Cloud Computing

    OpenAIRE

    V.KRISHNA REDDY; Dr. L.S.S.REDDY

    2011-01-01

    The Cloud Computing offers service over internet with dynamically scalable resources. Cloud Computing services provides benefits to the users in terms of cost and ease of use. Cloud Computing services need to address the security during the transmission of sensitive data and critical applications to shared and public cloud environments. The cloud environments are scaling large for data processing and storage needs. Cloud computing environment have various advantages as well as disadvantages o...

  1. Securing 'supportive environments' for health in the face of ecosystem collapse: meeting the triple threat with a sociology of creative transformation.

    Science.gov (United States)

    Poland, Blake; Dooris, Mark; Haluza-Delay, Randolph

    2011-12-01

    In this paper, we reflect on and explore what remains to be done to make the concept of supportive environments--one of the Ottawa Charter's five core action areas--a reality in the context of growing uncertainty about the future and accelerated pace of change. We pay particular attention to the physical environment, while underscoring the inextricable links between physical and social environments, and particularly the need to link social and environmental justice. The paper begins with a brief orientation to three emerging threats to health equity, namely ecological degradation, climate change, and peak oil, and their connection to economic instability, food security, energy security and other key determinants of health. We then present three contrasting perspectives on the nature of social change and how change is catalyzed, arguing for an examination of the conditions under which cultural change on the scale required to realize the vision of 'supportive environments for all' might be catalyzed, and the contribution that health promotion as a field could play in this process. Drawing on sociological theory, and specifically practice theory and the work of Pierre Bourdieu, we advocate rethinking education for social change by attending more adequately to the social conditions of transformative learning and cultural change. We conclude with an explication of three key implications for health promotion practice: a more explicit alignment with those seeking to curtail environmental destruction and promote environmental justice, strengthening engagement with local or settings-focused 'communities of practice' (such as the Transition Town movement), and finding new ways to creatively 'engage emergence', a significant departure from the current dominant focus on 'risk management'.

  2. Comparison of Routable Control System Security Approaches

    Energy Technology Data Exchange (ETDEWEB)

    Edgar, Thomas W.; Hadley, Mark D.; Carroll, Thomas E.; Manz, David O.; Winn, Jennifer D.

    2011-06-01

    This document is an supplement to the 'Secure and Efficient Routable Control Systems.' It addressed security in routable control system communication. The control system environment that monitors and manages the power grid historically has utilized serial communication mechanisms. Leased-line serial communication environments operating at 1200 to 9600 baud rates are common. However, recent trends show that communication media such as fiber, optical carrier 3 (OC-3) speeds, mesh-based high-speed wireless, and the Internet are becoming the media of choice. In addition, a dichotomy has developed between the electrical transmission and distribution environments, with more modern communication infrastructures deployed by transmission utilities. The preceding diagram represents a typical control system. The Communication Links cloud supports all of the communication mechanisms a utility might deploy between the control center and devices in the field. Current methodologies used for security implementations are primarily led by single vendors or standards bodies. However, these entities tend to focus on individual protocols. The result is an environment that contains a mixture of security solutions that may only address some communication protocols at an increasing operational burden for the utility. A single approach is needed that meets operational requirements, is simple to operate, and provides the necessary level of security for all control system communication. The solution should be application independent (e.g., Distributed Network Protocol/Internet Protocol [DNP/IP], International Electrotechnical Commission [IEC] C37.118, Object Linking and Embedding for Process Control [OPC], etc.) and focus on the transport layer. In an ideal setting, a well-designed suite of standards for control system communication will be used for vendor implementation and compliance testing. An expected outcome of this effort is an international standard.

  3. Materials for the information security education

    International Nuclear Information System (INIS)

    Yashiro, Shigeo; Aoki, Kazuhisa; Sato, Tomohiko; Tanji, Kazuhiro

    2014-01-01

    With the rapid progress of the utilization of Information Technology (IT), IT infrastructure (network environment and information system) became crucial as a lifeline for promoting business. At the same time, changes in the circumstances surrounding the IT infrastructure globalize the threat of cyber attacks and increase the risk of the information security such as unlawful access to an information system, viral infection, an alteration of a website, disclosure of subtlety information, destruction of an information system and so on. Information security measure is an important issue in Japan Atomic Energy Agency (JAEA). In order to protect the information property of JAEA from the threat, Center for Computational Science and e-Systems (CCSE) has been taking triadic measures for information security: (1) to lay down a set of information security rules, (2) to introduce security equipments to backbone network and (3) to provide information security education. This report is a summary of the contents of the information security education by e-learning. (author)

  4. Transparent Data Encryption -- Solution for Security of Database Contents

    OpenAIRE

    Deshmukh, Dr. Anwar Pasha; Qureshi, Dr. Riyazuddin

    2013-01-01

    The present study deals with Transparent Data Encryption which is a technology used to solve the problems of security of data. Transparent Data Encryption means encrypting databases on hard disk and on any backup media. Present day global business environment presents numerous security threats and compliance challenges. To protect against data thefts and frauds we require security solutions that are transparent by design. Transparent Data Encryption provides transparent, standards-based secur...

  5. Secure computing on reconfigurable systems

    OpenAIRE

    Fernandes Chaves, R.J.

    2007-01-01

    This thesis proposes a Secure Computing Module (SCM) for reconfigurable computing systems. SC provides a protected and reliable computational environment, where data security and protection against malicious attacks to the system is assured. SC is strongly based on encryption algorithms and on the attestation of the executed functions. The use of SC on reconfigurable devices has the advantage of being highly adaptable to the application and the user requirements, while providing high performa...

  6. Cloud security - An approach with modern cryptographic solutions

    OpenAIRE

    Kostadinovska, Ivana

    2016-01-01

    The term “cloud computing” has been in the spotlights of IT specialists due to its potential of transforming computer industry. Unfortunately, there are still some challenges to be resolved and the security aspects in the cloud based computing environment remain at the core of interest. The goal of our work is to identify the main security issues of cloud computing and to present approaches to secure clouds. Our research also focuses on data and storage security layers. As a result, we f...

  7. Heteroatom Doped-Carbon Nanospheres as Anodes in Lithium Ion Batteries.

    Science.gov (United States)

    Pappas, George S; Ferrari, Stefania; Huang, Xiaobin; Bhagat, Rohit; Haddleton, David M; Wan, Chaoying

    2016-01-09

    Long cycle performance is a crucial requirement in energy storage devices. New formulations and/or improvement of "conventional" materials have been investigated in order to achieve this target. Here we explore the performance of a novel type of carbon nanospheres (CNSs) with three heteroatom co-doped (nitrogen, phosphorous and sulfur) and high specific surface area as anode materials for lithium ion batteries. The CNSs were obtained from carbonization of highly-crosslinked organo (phosphazene) nanospheres (OPZs) of 300 nm diameter. The OPZs were synthesized via a single and facile step of polycondensation reaction between hexachlorocyclotriphosphazene (HCCP) and 4,4'-sulphonyldiphenol (BPS). The X-ray Photoelectron Spectroscopy (XPS) analysis showed a high heteroatom-doping content in the structure of CNSs while the textural evaluation from the N₂ sorption isotherms revealed the presence of micro- and mesopores and a high specific surface area of 875 m²/g. The CNSs anode showed remarkable stability and coulombic efficiency in a long charge-discharge cycling up to 1000 cycles at 1C rate, delivering about 130 mA·h·g -1 . This study represents a step toward smart engineering of inexpensive materials with practical applications for energy devices.

  8. Formation of carbon nanosheets via simultaneous activation and catalytic carbonization of macroporous anion-exchange resin for supercapacitors application.

    Science.gov (United States)

    Peng, Hui; Ma, Guofu; Sun, Kanjun; Mu, Jingjing; Zhang, Zhe; Lei, Ziqiang

    2014-12-10

    Two-dimensional mesoporous carbon nanosheets (CNSs) have been prepared via simultaneous activation and catalytic carbonization route using macroporous anion-exchange resin (AER) as carbon precursor and ZnCl2 and FeCl3 as activating agent and catalyst, respectively. The iron catalyst in the skeleton of the AER may lead to carburization to form a sheetlike structure during the carbonization process. The obtained CNSs have a large number of mesopores, a maximum specific surface area of 1764.9 m(2) g(-1), and large pore volume of 1.38 cm(3) g(-1). As an electrode material for supercapacitors application, the CNSs electrode possesses a large specific capacitance of 283 F g(-1) at 0.5 A g(-1) and excellent rate capability (64% retention ratio even at 50 A g(-1)) in 6 mol L(-1) KOH. Furthermore, CNSs symmetric supercapacitor exhibits specific energies of 17.2 W h kg(-1) at a power density of 224 W kg(-1) operated in the voltage range of 0-1.8 V in 0.5 mol L(-1) Na2SO4 aqueous electrolyte, and outstanding cyclability (retains about 96% initial capacitance after 5000 cycles).

  9. Activities of Intellectual Disability Clinical Nurse Specialists in Ireland.

    Science.gov (United States)

    Doody, Owen; Slevin, Eamonn; Taggart, Laurence

    The aim of this study was to identify the contribution of Irish intellectual disability clinical nurse specialists (ID CNSs) to service delivery. A nonexperimental descriptive design was selected to survey ID CNSs presently working in Ireland. The questionnaire was developed based on focus group interviews, available literature, and expert panel views. Ethical approval and access were granted to all ID CNSs in Ireland. Thirty-two responded (33.68% response rate) from all work areas (voluntary organizations or health service executive) practicing within residential, community, or school services. Respondents were surveyed across a range of areas (demographic details and support to client, staff, family, organization, community, other agencies, and professional development). Findings identify that ID CNSs are active in all aspects of their roles as clinical specialist, educator, communicator, researcher, change agent, and leader, thus supporting person-centered care and improving service delivery. To meet changing healthcare demands, promote person-centered care, and improve service delivery, the CNS role in ID should be developed and supported. The findings merit a further study on ID CNS role activity, possible variables influencing role activity, and team members' views.

  10. ESPOON$_{{ERBAC}}$: Enforcing Security Policies In Outsourced Environments

    OpenAIRE

    Asghar, Muhammad Rizwan; Ion, Mihaela; Russello, Giovanni; Crispo, Bruno

    2013-01-01

    Data outsourcing is a growing business model offering services to individuals and enterprises for processing and storing a huge amount of data. It is not only economical but also promises higher availability, scalability, and more effective quality of service than in-house solutions. Despite all its benefits, data outsourcing raises serious security concerns for preserving data confidentiality. There are solutions for preserving confidentiality of data while supporting search on the data stor...

  11. Data Security and Privacy in Cloud Computing

    OpenAIRE

    Yunchuan Sun; Junsheng Zhang; Yongping Xiong; Guangyu Zhu

    2014-01-01

    Data security has consistently been a major issue in information technology. In the cloud computing environment, it becomes particularly serious because the data is located in different places even in all the globe. Data security and privacy protection are the two main factors of user’s concerns about the cloud technology. Though many techniques on the topics in cloud computing have been investigated in both academics and industries, data security and privacy protection are becoming more impo...

  12. Web Syndication in a Multilevel Security Environment

    Science.gov (United States)

    2012-03-01

    Group LAMP Linux, Apache, MySQL and PHP LAN Local Area Network MAC Mandatory Access Control MILS Multiple Independent Levels of Security MLS Multilevel...Reader [35] Section 1.4.3 – X X X X X FeedShow [36] Section 1.4.3 – X X X X feed on feeds [37] Section 1.4.3 GPL PHP 4.3.2+, MySQL – X X / Tiny Tiny RSS...38] Section 1.4.3 GPL PHP 5+, MySQL /Postgres – X X X X – zFeeder [39] Section 1.4.3 GPL PHP 4.2+ – X X – / lylina [40] Section 1.4.3 GPL PHP 5.2

  13. A Layered Trust Information Security Architecture

    Science.gov (United States)

    de Oliveira Albuquerque, Robson; García Villalba, Luis Javier; Sandoval Orozco, Ana Lucila; Buiati, Fábio; Kim, Tai-Hoon

    2014-01-01

    Information can be considered the most important asset of any modern organization. Securing this information involves preserving confidentially, integrity and availability, the well-known CIA triad. In addition, information security is a risk management job; the task is to manage the inherent risks of information disclosure. Current information security platforms do not deal with the different facets of information technology. This paper presents a layered trust information security architecture (TISA) and its creation was motivated by the need to consider information and security from different points of view in order to protect it. This paper also extends and discusses security information extensions as a way of helping the CIA triad. Furthermore, this paper suggests information representation and treatment elements, operations and support components that can be integrated to show the various risk sources when dealing with both information and security. An overview of how information is represented and treated nowadays in the technological environment is shown, and the reason why it is so difficult to guarantee security in all aspects of the information pathway is discussed. PMID:25470490

  14. A layered trust information security architecture.

    Science.gov (United States)

    de Oliveira Albuquerque, Robson; Villalba, Luis Javier García; Orozco, Ana Lucila Sandoval; Buiati, Fábio; Kim, Tai-Hoon

    2014-12-01

    Information can be considered the most important asset of any modern organization. Securing this information involves preserving confidentially, integrity and availability, the well-known CIA triad. In addition, information security is a risk management job; the task is to manage the inherent risks of information disclosure. Current information security platforms do not deal with the different facets of information technology. This paper presents a layered trust information security architecture (TISA) and its creation was motivated by the need to consider information and security from different points of view in order to protect it. This paper also extends and discusses security information extensions as a way of helping the CIA triad. Furthermore, this paper suggests information representation and treatment elements, operations and support components that can be integrated to show the various risk sources when dealing with both information and security. An overview of how information is represented and treated nowadays in the technological environment is shown, and the reason why it is so difficult to guarantee security in all aspects of the information pathway is discussed.

  15. A Layered Trust Information Security Architecture

    Directory of Open Access Journals (Sweden)

    Robson de Oliveira Albuquerque

    2014-12-01

    Full Text Available Information can be considered the most important asset of any modern organization. Securing this information involves preserving confidentially, integrity and availability, the well-known CIA triad. In addition, information security is a risk management job; the task is to manage the inherent risks of information disclosure. Current information security platforms do not deal with the different facets of information technology. This paper presents a layered trust information security architecture (TISA and its creation was motivated by the need to consider information and security from different points of view in order to protect it. This paper also extends and discusses security information extensions as a way of helping the CIA triad. Furthermore, this paper suggests information representation and treatment elements, operations and support components that can be integrated to show the various risk sources when dealing with both information and security. An overview of how information is represented and treated nowadays in the technological environment is shown, and the reason why it is so difficult to guarantee security in all aspects of the information pathway is discussed.

  16. Economic and agricultural transformation through large-scale farming : impacts of large-scale farming on local economic development, household food security and the environment in Ethiopia

    NARCIS (Netherlands)

    Bekele, M.S.

    2016-01-01

    This study examined impacts of large-scale farming in Ethiopia on local economic development, household food security, incomes, employment, and the environment. The study adopted a mixed research approach in which both qualitative and quantitative data were generated from secondary and primary

  17. Security Measures to Protect Mobile Agents

    Science.gov (United States)

    Dadhich, Piyanka; Govil, M. C.; Dutta, Kamlesh

    2010-11-01

    The security issues of mobile agent systems have embarrassed its widespread implementation. Mobile agents that move around the network are not safe because the remote hosts that accommodate the agents initiates all kinds of attacks. These hosts try to analyze the agent's decision logic and their accumulated data. So, mobile agent security is the most challenging unsolved problems. The paper analyzes various security measures deeply. Security especially the attacks performed by hosts to the visiting mobile agent (the malicious hosts problem) is a major obstacle that prevents mobile agent technology from being widely adopted. Being the running environment for mobile agent, the host has full control over them and could easily perform many kinds of attacks against them.

  18. Nuclear security officer training

    International Nuclear Information System (INIS)

    Harrington, W.F.

    1981-01-01

    Training has become complex and precise in today's world of critical review and responsibility. Entrusted to a security officer is the success or demise of large business. In more critical environments the security officer is entrusted with the monitoring and protection of life sensitive systems and devices. The awareness of this high visibility training requirement has been addressed by a limited few. Those involved in the nuclear power industry through dedication and commitment to the American public have without a doubt become leading pioneers in demanding training excellence

  19. Securing Distributed Research

    CERN Multimedia

    CERN. Geneva

    2018-01-01

    Global science calls for global infrastructure. A typical large-scale research group will use a suite of international services and involve hundreds of collaborating institutes and users from around the world. How can these users access those services securely? How can their digital identities be established, verified and maintained? We will explore the motivation for distributed authentication and the ways in which research communities are addressing the challenges. We will discuss security incident response in distributed environments - a particular challenge for the operators of these infrastructures. Through this course you should gain an overview of federated identity technologies and protocols, including x509 certificates, SAML and OIDC.

  20. The effects of environmental resource and security on aggressive behavior.

    Science.gov (United States)

    Ng, Henry Kin Shing; Chow, Tak Sang

    2017-05-01

    Exposure to different environments has been reported to change aggressive behavior, but previous research did not consider the underlying elements that caused such an effect. Based on previous work on environmental perception, we examined the role of environmental resource and security in altering aggression level. In three experiments, participants were exposed to environments that varied in resource (High vs. Low) and security (High vs. Low) levels, after which aggression was measured. The environments were presented through visual priming (Experiments 1-2) and a first-person gameplay (Experiment 3). We observed a consistent resource-security interaction effect on aggression, operationalized as the level of noise blast (Experiment 1) and number of unpleasant pictures (Experiments 2-3) delivered to strangers by the participants. High resource levels associated with higher aggression in insecure conditions, but lower aggression in secure conditions. The findings suggest that the adaptive value of aggression varies under different environmental constraints. Implications are discussed in terms of the effects of adverse environments on aggression, and the nature's effects on social behavior. Aggr. Behav. 43:304-314, 2017. © 2016 Wiley Periodicals, Inc. © 2016 Wiley Periodicals, Inc.

  1. The New Pacific Security Environment: Challenges and Opportunities

    Science.gov (United States)

    1993-01-01

    ECONOMIC COOPERATION 45 Malaysian Prime Minister Mahathir in December 1990. The pro- posed grouping was to be restricted to Asian countries, thus ex...caused the a in the Diet and then was torpedoed by the US Department of State, which did not want a settle- ment and warned that Okinawa may remain...not convene a special session of the National Security Council, but finally, in October 1990, did submit a bill to the Diet calling for the creation

  2. Information Security and Integrity Systems

    Science.gov (United States)

    1990-01-01

    Viewgraphs from the Information Security and Integrity Systems seminar held at the University of Houston-Clear Lake on May 15-16, 1990 are presented. A tutorial on computer security is presented. The goals of this tutorial are the following: to review security requirements imposed by government and by common sense; to examine risk analysis methods to help keep sight of forest while in trees; to discuss the current hot topic of viruses (which will stay hot); to examine network security, now and in the next year to 30 years; to give a brief overview of encryption; to review protection methods in operating systems; to review database security problems; to review the Trusted Computer System Evaluation Criteria (Orange Book); to comment on formal verification methods; to consider new approaches (like intrusion detection and biometrics); to review the old, low tech, and still good solutions; and to give pointers to the literature and to where to get help. Other topics covered include security in software applications and development; risk management; trust: formal methods and associated techniques; secure distributed operating system and verification; trusted Ada; a conceptual model for supporting a B3+ dynamic multilevel security and integrity in the Ada runtime environment; and information intelligence sciences.

  3. The application of artificial intelligence within information security.

    OpenAIRE

    2012-01-01

    D.Phil. Computer-based information systems will probably always have to contend with security issues. Much research have already gone into the field of information security. These research results have yielded some very sophisticated and effective security mechanisms and procedures. However, due to the ever increasing sophistication of criminals, combined with the ever changing and evolving information technology environment, some limitations still exist within the field of information sec...

  4. Virtual-Reality training system for nuclear security

    International Nuclear Information System (INIS)

    Nonaka, Nobuyuki

    2012-01-01

    At the Integrated Support Center for Nuclear Nonproliferation and Nuclear Security (ISCN) of the Japan Atomic Energy Agency, the virtual reality (VR) training system is under development for providing a practical training environment to implement experience-oriented and interactive lessons on nuclear security for wide range of participants in human resource development assistance program mainly to Asian emerging nuclear-power countries. This system electrically recreates and visualizes nuclear facilities and training conditions in stereoscopic (3D) view on a large-scale display (CAVE system) as virtual reality training facility (VR facility) and it provides training participants with effective environments to learn installation and layout of security equipment in the facility testing and verifying visually the protection performances under various situations such as changes in day-night lighting and weather conditions, which may lead to practical exercise in the design and evaluation of the physical protection system. This paper introduces basic concept of the system and outline of training programs as well as featured aspects in using the VR technology for the nuclear security. (author)

  5. Interface for safety and security of radioactive sources

    International Nuclear Information System (INIS)

    Seggane, Richard

    2016-04-01

    In facilities and activities involving use of radiation sources, safety and security measures have in common the aim of protecting human life and health and the environment. In addition, safety and security measures must be designed and implemented in an integrated manner, so that security measures do not compromise safety and safety measures do not compromise security measures. This work reviewed issues related to establishing a clear interface between safety and security of radiation sources. The Government, the Regulatory Authority and licensee/registrants and other relevant stakeholders should work together and contribute to ensure that safety and security of sources is ensured and well interfaced. A Radiotherapy facility has been used as a case study. (au)

  6. Secure Authentication of Cloud Data Mining API

    OpenAIRE

    Bhadauria, Rohit; Borgohain, Rajdeep; Biswas, Abirlal; Sanyal, Sugata

    2013-01-01

    Cloud computing is a revolutionary concept that has brought a paradigm shift in the IT world. This has made it possible to manage and run businesses without even setting up an IT infrastructure. It offers multi-fold benefits to the users moving to a cloud, while posing unknown security and privacy issues. User authentication is one such growing concern and is greatly needed in order to ensure privacy and security in a cloud computing environment. This paper discusses the security at different...

  7. Bigdata Driven Cloud Security: A Survey

    Science.gov (United States)

    Raja, K.; Hanifa, Sabibullah Mohamed

    2017-08-01

    Cloud Computing (CC) is a fast-growing technology to perform massive-scale and complex computing. It eliminates the need to maintain expensive computing hardware, dedicated space, and software. Recently, it has been observed that massive growth in the scale of data or big data generated through cloud computing. CC consists of a front-end, includes the users’ computers and software required to access the cloud network, and back-end consists of various computers, servers and database systems that create the cloud. In SaaS (Software as-a-Service - end users to utilize outsourced software), PaaS (Platform as-a-Service-platform is provided) and IaaS (Infrastructure as-a-Service-physical environment is outsourced), and DaaS (Database as-a-Service-data can be housed within a cloud), where leading / traditional cloud ecosystem delivers the cloud services become a powerful and popular architecture. Many challenges and issues are in security or threats, most vital barrier for cloud computing environment. The main barrier to the adoption of CC in health care relates to Data security. When placing and transmitting data using public networks, cyber attacks in any form are anticipated in CC. Hence, cloud service users need to understand the risk of data breaches and adoption of service delivery model during deployment. This survey deeply covers the CC security issues (covering Data Security in Health care) so as to researchers can develop the robust security application models using Big Data (BD) on CC (can be created / deployed easily). Since, BD evaluation is driven by fast-growing cloud-based applications developed using virtualized technologies. In this purview, MapReduce [12] is a good example of big data processing in a cloud environment, and a model for Cloud providers.

  8. The Graduate MIS Security Course: Objectives and Challenges

    Science.gov (United States)

    Jensen, Bradley K.; Guynes, Carl S.; Nyaboga, Andrew

    2009-01-01

    Given the magnitude of real and potential losses, both private and public employers increasingly expect graduates of management information systems (MIS) programs to understand information security concepts. The infrastructure requirements for the course includes setting up a secure laboratory environment to accommodate the development of viruses…

  9. Security challenges for energy-harvesting wireless sensor networks

    DEFF Research Database (Denmark)

    Di Mauro, Alessio; Papini, Davide; Dragoni, Nicola

    2012-01-01

    With the recent introduction of Energy-Harvesting nodes, security is gaining more and more importance in sensor networks. By exploiting the ability of scavenging energy from the surrounding environment, the lifespan of a node has drastically increased. This is one of the reason why security needs...

  10. Secure Virtualization Environment Based on Advanced Memory Introspection

    Directory of Open Access Journals (Sweden)

    Shuhui Zhang

    2018-01-01

    Full Text Available Most existing virtual machine introspection (VMI technologies analyze the status of a target virtual machine under the assumption that the operating system (OS version and kernel structure information are known at the hypervisor level. In this paper, we propose a model of virtual machine (VM security monitoring based on memory introspection. Using a hardware-based approach to acquire the physical memory of the host machine in real time, the security of the host machine and VM can be diagnosed. Furthermore, a novel approach for VM memory forensics based on the virtual machine control structure (VMCS is put forward. By analyzing the memory of the host machine, the running VMs can be detected and their high-level semantic information can be reconstructed. Then, malicious activity in the VMs can be identified in a timely manner. Moreover, by mutually analyzing the memory content of the host machine and VMs, VM escape may be detected. Compared with previous memory introspection technologies, our solution can automatically reconstruct the comprehensive running state of a target VM without any prior knowledge and is strongly resistant to attacks with high reliability. We developed a prototype system called the VEDefender. Experimental results indicate that our system can handle the VMs of mainstream Linux and Windows OS versions with high efficiency and does not influence the performance of the host machine and VMs.

  11. A Framework for Adaptive Information Security Systems : A Holistic Investigation

    OpenAIRE

    Mwakalinga, Jeffy

    2011-01-01

    This research proposes a framework for adaptive information security systems that considers both the technical and social aspects of information systems security. Initial development of information systems security focused on computer technology and communication protocols. Researchers and designers did not consider culture, traditions, ethics, and other social issues of the people using the systems when designing and developing information security systems. They also seemed to ignore environ...

  12. International symposium on uranium production and raw materials for the nuclear fuel cycle - Supply and demand, economics, the environment and energy security. Extended synopses

    Energy Technology Data Exchange (ETDEWEB)

    NONE

    2005-07-01

    The IAEA periodically organizes nical meetings and international symposia on all areas of the uranium production cycle. This publication contains 160 extended synopses related to the 2005 international symposium on 'Uranium Production and Raw Materials for the Nuclear Fuel Cycle - Supply and Demand, Economics, the Environment and Energy Security'. They cover all areas of natural uranium resources and production cycle including uranium supply and demand; uranium geology and deposit; uranium exploration; uranium mining and milling; waste management; and environment and regulation. Each synopsis was indexed individually.

  13. ADP Security Plan, Math Building, Room 1139

    Energy Technology Data Exchange (ETDEWEB)

    Melton, R.

    1985-08-27

    This document provides the draft copy of an updated (ADP) Security Plan for an IBM Personal Computer to be used in the Math Building at PNL for classified data base management. Using the equipment specified in this document and implementing the administrative and physical procedures as outlined will provide the secure environment necessary for this work to proceed.

  14. Secure and Efficient Routable Control Systems

    Energy Technology Data Exchange (ETDEWEB)

    Edgar, Thomas W.; Hadley, Mark D.; Manz, David O.; Winn, Jennifer D.

    2010-05-01

    This document provides the methods to secure routable control system communication in the electric sector. The approach of this document yields a long-term vision for a future of secure communication, while also providing near term steps and a roadmap. The requirements for the future secure control system environment were spelled out to provide a final target. Additionally a survey and evaluation of current protocols was used to determine if any existing technology could achieve this goal. In the end a four-step path was described that brought about increasing requirement completion and culminates in the realization of the long term vision.

  15. Derived virtual devices: a secure distributed file system mechanism

    Science.gov (United States)

    VanMeter, Rodney; Hotz, Steve; Finn, Gregory

    1996-01-01

    This paper presents the design of derived virtual devices (DVDs). DVDs are the mechanism used by the Netstation Project to provide secure shared access to network-attached peripherals distributed in an untrusted network environment. DVDs improve Input/Output efficiency by allowing user processes to perform I/O operations directly from devices without intermediate transfer through the controlling operating system kernel. The security enforced at the device through the DVD mechanism includes resource boundary checking, user authentication, and restricted operations, e.g., read-only access. To illustrate the application of DVDs, we present the interactions between a network-attached disk and a file system designed to exploit the DVD abstraction. We further discuss third-party transfer as a mechanism intended to provide for efficient data transfer in a typical NAP environment. We show how DVDs facilitate third-party transfer, and provide the security required in a more open network environment.

  16. Resilient Infrastructure and Building Security

    DEFF Research Database (Denmark)

    Ingwar, Mads Ingerslew

    inference. Persistent authentication offers an effective integrated protection measure that is distributed directly in the facility and is non-intrusive to the public and affordable to the facility owners. Persistent authentication is suitable for security sensitive applications and can help protect...... to authentication that combines traditional access control systems with the sensing technologies and tracking capabilities offered by smart environments. Our approach is called Persistent Authentication for Location-based Services. Persistent authentication enables the secure provision of location-based services...

  17. A Survey on Secure Wireless Body Area Networks

    Directory of Open Access Journals (Sweden)

    Shihong Zou

    2017-01-01

    Full Text Available Combining tiny sensors and wireless communication technology, wireless body area network (WBAN is one of the most promising fields. Wearable and implantable sensors are utilized for collecting the physiological data to achieve continuously monitoring of people’s physical conditions. However, due to the openness of wireless environment and the significance and privacy of people’s physiological data, WBAN is vulnerable to various attacks; thus, strict security mechanisms are required to enable a secure WBAN. In this article, we mainly focus on a survey on the security issues in WBAN, including securing internal communication in WBAN and securing communication between WBAN and external users. For each part, we discuss and identify the security goals to be achieved. Meanwhile, relevant security solutions in existing research on WBAN are presented and their applicability is analyzed.

  18. Information Security in Small and Medium-Sized Companies

    OpenAIRE

    David Kral

    2011-01-01

    Information security doesn’t involve only large organizations. Small and medium-sized companies must closely examine this issue too, because they are increasingly threatened by cyber attacks. Many of them mistakenly believe, that security of their valuable data is sufficient, or that the attackers are not interested in them. Existing standards and methodologies for implementation and management of information security are often hard to transfer to the environment of small and medium-sized bus...

  19. Mobile code security

    Science.gov (United States)

    Ramalingam, Srikumar

    2001-11-01

    A highly secure mobile agent system is very important for a mobile computing environment. The security issues in mobile agent system comprise protecting mobile hosts from malicious agents, protecting agents from other malicious agents, protecting hosts from other malicious hosts and protecting agents from malicious hosts. Using traditional security mechanisms the first three security problems can be solved. Apart from using trusted hardware, very few approaches exist to protect mobile code from malicious hosts. Some of the approaches to solve this problem are the use of trusted computing, computing with encrypted function, steganography, cryptographic traces, Seal Calculas, etc. This paper focuses on the simulation of some of these existing techniques in the designed mobile language. Some new approaches to solve malicious network problem and agent tampering problem are developed using public key encryption system and steganographic concepts. The approaches are based on encrypting and hiding the partial solutions of the mobile agents. The partial results are stored and the address of the storage is destroyed as the agent moves from one host to another host. This allows only the originator to make use of the partial results. Through these approaches some of the existing problems are solved.

  20. Towards adaptive security for convergent wireless sensor networks in beyond 3G environments

    DEFF Research Database (Denmark)

    Mitseva, Anelia; Aivaloglou, Efthimia; Marchitti, Maria-Antonietta

    2010-01-01

    The integration of wireless sensor networks with different network systems gives rise to many research challenges to ensure security, privacy and trust in the overall architecture. The main contribution of this paper is a generic security, privacy and trust framework providing context-aware adapt...

  1. SECURITY STRATEGIES OF MEMBER STATES OF THE EUROPEAN UNION FROM THE LISBON TREATY AND THE EUROPEAN SECURITY STRATEGY

    Directory of Open Access Journals (Sweden)

    PABLO RIVAS PARDO

    2017-09-01

    in mind, it is possible to study the variability of the Security Strategy in relation to four strategic guidelines: strategic self-perception, the necessity to tune these postulates with the common objectives of the European Union, the statement of threats and finally the actions projected by these strategies to face the changing environment of international security. This variability will seek the fact of the existence or nonexistence of tuning and consistency between the Security Strategies and the community positions in the matter of security and defense. The selected countries are those who have published their documents after the signing of the Treaty of Lisbon and the publication of the European Security Strategy, in other words, after2009: Austria, Bulgaria, Slovenia, Spain, Estonia, Holland, Hungary, Lithuania, UK and the Czech Republic.

  2. Reputation-based secure sensor localization in wireless sensor networks.

    Science.gov (United States)

    He, Jingsha; Xu, Jing; Zhu, Xingye; Zhang, Yuqiang; Zhang, Ting; Fu, Wanqing

    2014-01-01

    Location information of sensor nodes in wireless sensor networks (WSNs) is very important, for it makes information that is collected and reported by the sensor nodes spatially meaningful for applications. Since most current sensor localization schemes rely on location information that is provided by beacon nodes for the regular sensor nodes to locate themselves, the accuracy of localization depends on the accuracy of location information from the beacon nodes. Therefore, the security and reliability of the beacon nodes become critical in the localization of regular sensor nodes. In this paper, we propose a reputation-based security scheme for sensor localization to improve the security and the accuracy of sensor localization in hostile or untrusted environments. In our proposed scheme, the reputation of each beacon node is evaluated based on a reputation evaluation model so that regular sensor nodes can get credible location information from highly reputable beacon nodes to accomplish localization. We also perform a set of simulation experiments to demonstrate the effectiveness of the proposed reputation-based security scheme. And our simulation results show that the proposed security scheme can enhance the security and, hence, improve the accuracy of sensor localization in hostile or untrusted environments.

  3. Subjective Security in a Volatile Geopolitical Situation: Does Lithuanian Society Feel Safe?

    Directory of Open Access Journals (Sweden)

    Vileikienė Eglė

    2016-12-01

    Full Text Available The geopolitical situation of Lithuania has deteriorated since the annexation of Crimea and the military conflict in Eastern Ukraine. It has affected the objective security of the state as well as subjective security of the Lithuanian population. This article analyses subjective security and deals with the subjective perception of geopolitical and military threats, mainly social attitudes towards national security and the willingness to defend the country. Article is based on theories of securitisation and human security and holds that individuals are the primary referents of security. Empirically, the article relies on the original data of the research project “Subjective Security in a Volatile Geopolitical Context: Traits, Factors and Individual Strategies”, funded by the Research Council of Lithuania. Article shows the dynamics of social attitudes towards security. Over the last 15 years, a clear shift towards the understanding of potential military threats has occurred. Nevertheless, the predominant concern about individual security, overshadowing security of the state and security of the global order, found in previous studies, has persisted. An individual, as a rule, feels most secure in his/her “closest” environment, e.g. family and friends, and least secure in the “farthest” environment, e.g. other continents.

  4. Learning with Security

    Science.gov (United States)

    Jokela, Paivi; Karlsudd, Peter

    2007-01-01

    The current higher education, both distance education and traditional campus courses, relies more and more on modern information and communication technologies (ICT). The use of computer systems and networks results in a wide range of security issues that must be dealt with in order to create a safe learning environment. In this work, we study the…

  5. A Framework for Security Transparency in Cloud Computing

    Directory of Open Access Journals (Sweden)

    Umar Mukhtar Ismail

    2016-02-01

    Full Text Available Individuals and corporate users are persistently considering cloud adoption due to its significant benefits compared to traditional computing environments. The data and applications in the cloud are stored in an environment that is separated, managed and maintained externally to the organisation. Therefore, it is essential for cloud providers to demonstrate and implement adequate security practices to protect the data and processes put under their stewardship. Security transparency in the cloud is likely to become the core theme that underpins the systematic disclosure of security designs and practices that enhance customer confidence in using cloud service and deployment models. In this paper, we present a framework that enables a detailed analysis of security transparency for cloud based systems. In particular, we consider security transparency from three different levels of abstraction, i.e., conceptual, organisation and technical levels, and identify the relevant concepts within these levels. This allows us to provide an elaboration of the essential concepts at the core of transparency and analyse the means for implementing them from a technical perspective. Finally, an example from a real world migration context is given to provide a solid discussion on the applicability of the proposed framework.

  6. The Connotation and Extension of Agricultural Water Resources Security

    Institute of Scientific and Technical Information of China (English)

    LIU Bu-chun; MEI Xu-rong; LI Yu-zhong; YANG You-lu

    2007-01-01

    The objective of this study is to define agricultural water resources security and its connotation and extension. The definitions of water security, water resources security, and water environment security were summarized, and their relationship was differentiated and analyzed. Based on these, the elements of the conception of agricultural water resources security were hashed and the conception was defined. Agricultural water resources security is the provision of water resource that ensures protection of agriculture against threat, hazards, destruction, and loss. Moreover, the connotation and extension of agricultural water resources security were ascertained. In detail, the connotation of the definition has natural attributes, socioeconomic attributes, and cultural attributes. The extensions of agricultural water resources security include both broad and narrow ones, as well as, food security, agroenvironmental security, agroeconomic security, rural society security, etc. The definition will serve as the frame of reference for developing the researches, limiting the frame of the theory, and founding a appraising system for agricultural water resources security.

  7. Information Analysis Methodology for Border Security Deployment Prioritization and Post Deployment Evaluation

    International Nuclear Information System (INIS)

    Booker, Paul M.; Maple, Scott A.

    2010-01-01

    Due to international commerce, cross-border conflicts, and corruption, a holistic, information driven, approach to border security is required to best understand how resources should be applied to affect sustainable improvements in border security. The ability to transport goods and people by land, sea, and air across international borders with relative ease for legitimate commercial purposes creates a challenging environment to detect illicit smuggling activities that destabilize national level border security. Smuggling activities operated for profit or smuggling operations driven by cross border conflicts where militant or terrorist organizations facilitate the transport of materials and or extremists to advance a cause add complexity to smuggling interdiction efforts. Border security efforts are further hampered when corruption thwarts interdiction efforts or reduces the effectiveness of technology deployed to enhance border security. These issues necessitate the implementation of a holistic approach to border security that leverages all available data. Large amounts of information found in hundreds of thousands of documents can be compiled to assess national or regional borders to identify variables that influence border security. Location data associated with border topics of interest may be extracted and plotted to better characterize the current border security environment for a given country or region. This baseline assessment enables further analysis, but also documents the initial state of border security that can be used to evaluate progress after border security improvements are made. Then, border security threats are prioritized via a systems analysis approach. Mitigation factors to address risks can be developed and evaluated against inhibiting factor such as corruption. This holistic approach to border security helps address the dynamic smuggling interdiction environment where illicit activities divert to a new location that provides less resistance

  8. Security infrastructure for on-demand provisioned Cloud infrastructure services

    NARCIS (Netherlands)

    Demchenko, Y.; Ngo, C.; de Laat, C.; Wlodarczyk, T.W.; Rong, C.; Ziegler, W.

    2011-01-01

    Providing consistent security services in on-demand provisioned Cloud infrastructure services is of primary importance due to multi-tenant and potentially multi-provider nature of Clouds Infrastructure as a Service (IaaS) environment. Cloud security infrastructure should address two aspects of the

  9. Information security in SCADA systems in nuclear power plants

    International Nuclear Information System (INIS)

    Satyamurty, S.A.V.

    2013-01-01

    Few decades back most of the I and C systems are Hardwired based. With the developments in digital electronics, micro processors and micro controllers, the I and C systems are becoming more and more Computer based. Though it brought convenience to the designer, comfort to the operator in the form of better GUI, it also brought many challenges in the form of information security. The talk covers the typical I and C design using SCADA systems, the challenges, typical problems faced and the need for information security. The talk illustrates various security measures to be implemented in the design, development and testing stages. These security measures have to be taken both in the development environment and deployment environment. Verification and validation of computer based system is very important. Configuration change management is very essential for smooth running of the plant. The talk illustrates the various measures need to be taken. (author)

  10. CASP CompTIA Advanced Security Practitioner Study Guide Exam CAS-001

    CERN Document Server

    Gregg, Michael

    2012-01-01

    Get Prepared for CompTIA Advanced Security Practitioner (CASP) Exam Targeting security professionals who either have their CompTIA Security+ certification or are looking to achieve a more advanced security certification, this CompTIA Authorized study guide is focused on the new CompTIA Advanced Security Practitioner (CASP) Exam CAS-001. Veteran IT security expert and author Michael Gregg details the technical knowledge and skills you need to conceptualize, design, and engineer secure solutions across complex enterprise environments. He prepares you for aspects of the certification test that as

  11. The role of the health physicist in nuclear security.

    Science.gov (United States)

    Waller, Edward J; van Maanen, Jim

    2015-04-01

    Health physics is a recognized safety function in the holistic context of the protection of workers, members of the public, and the environment against the hazardous effects of ionizing radiation, often generically designated as radiation protection. The role of the health physicist as protector dates back to the Manhattan Project. Nuclear security is the prevention and detection of, and response to, criminal or intentional unauthorized acts involving or directed at nuclear material, other radioactive material, associated facilities, or associated activities. Its importance has become more visible and pronounced in the post 9/11 environment, and it has a shared purpose with health physics in the context of protection of workers, members of the public, and the environment. However, the duties and responsibilities of the health physicist in the nuclear security domain are neither clearly defined nor recognized, while a fundamental understanding of nuclear phenomena in general, nuclear or other radioactive material specifically, and the potential hazards related to them is required for threat assessment, protection, and risk management. Furthermore, given the unique skills and attributes of professional health physicists, it is argued that the role of the health physicist should encompass all aspects of nuclear security, ranging from input in the development to implementation and execution of an efficient and effective nuclear security regime. As such, health physicists should transcend their current typical role as consultants in nuclear security issues and become fully integrated and recognized experts in the nuclear security domain and decision making process. Issues regarding the security clearances of health physics personnel and the possibility of insider threats must be addressed in the same manner as for other trusted individuals; however, the net gain from recognizing and integrating health physics expertise in all levels of a nuclear security regime far

  12. Security Management and Safeguards Office

    Science.gov (United States)

    Bewley, Nathaniel M.

    2004-01-01

    The Security Management and Safeguards Office at NASA is here to keep the people working in a safe environment. They also are here to protect the buildings and documents from sabotage, espionage, and theft. During the summer of 2004, I worked with Richard Soppet in Physical Security. While I was working here I helped out with updating the map that we currently use at NASA Glenn Research Center, attended meetings for homeland security, worked with the security guards and the locksmith. The meetings that I attended for homeland security talked about how to protect ourselves before something happened, they told us to always be on the guard and look for anything suspicious, and the different ways that terrorist groups operate. When I was with the security guards I was taught how to check someone into the base, showed how to use a radar gun, observed a security guard make a traffic stop for training and was with them while they patrolled NASA Glenn Research Center to make sure things were running smooth and no one was in danger. When I was with the lock smith I was taught how to make keys and locks for the employees here at NASA. The lock smith also showed me that he had inventory cabinets of files that show how many keys were out to people and who currently has access to the rooms that they keys were made for. I also helped out the open house at NASA Glenn Research Center. I helped out by showing the Army Reserves, and Brook Park's SWAT team where all the main events were going to take place a week before the open house was going to begin. Then during the open house I helped out by making sure people had there IDS, checked through there bags, and handed out a map to them that showed where the different activities were going to take place. So the main job here at NASA Glenn Research Center for the Security Management and Safeguards Office is to make sure that nothing is stolen, sabotaged, and espionaged. Also most importantly make sure all the employees here at NASA are

  13. Distributed security framework for modern workforce

    Energy Technology Data Exchange (ETDEWEB)

    Balatsky, G.; Scherer, C. P., E-mail: gbalatsky@lanl.gov, E-mail: scherer@lanl.gov [Los Alamos National Laboratory, Los Alamos, NM (United States)

    2014-07-01

    Safe and sustainable nuclear power production depends on strict adherence to nuclear security as a necessary prerequisite for nuclear power. This paper considers the current challenges for nuclear security, and proposes a conceptual framework to address those challenges. We identify several emerging factors that affect nuclear security: 1. Relatively high turnover rates in the nuclear workforce compared to the earlier years of the nuclear industry, when nuclear workers were more likely to have secure employment, a lifelong career at one company, and retirement on a pension plan. 2. Vulnerabilities stemming from the ubiquitous presence of modern electronics and their patterns of use by the younger workforce. 3. Modern management practices, including outsourcing and short-term contracting (which relates to number 1 above). In such a dynamic and complex environment, nuclear security personnel alone cannot effectively guarantee adequate security. We propose that one solution to this emerging situation is a distributed security model in which the components of nuclear security become the responsibility of each and every worker at a nuclear facility. To implement this model, there needs to be a refurbishment of current workforce training and mentoring practices. The paper will present an example of distributed security framework model, and how it may look in practice. (author)

  14. Distributed security framework for modern workforce

    International Nuclear Information System (INIS)

    Balatsky, G.; Scherer, C. P.

    2014-01-01

    Safe and sustainable nuclear power production depends on strict adherence to nuclear security as a necessary prerequisite for nuclear power. This paper considers the current challenges for nuclear security, and proposes a conceptual framework to address those challenges. We identify several emerging factors that affect nuclear security: 1. Relatively high turnover rates in the nuclear workforce compared to the earlier years of the nuclear industry, when nuclear workers were more likely to have secure employment, a lifelong career at one company, and retirement on a pension plan. 2. Vulnerabilities stemming from the ubiquitous presence of modern electronics and their patterns of use by the younger workforce. 3. Modern management practices, including outsourcing and short-term contracting (which relates to number 1 above). In such a dynamic and complex environment, nuclear security personnel alone cannot effectively guarantee adequate security. We propose that one solution to this emerging situation is a distributed security model in which the components of nuclear security become the responsibility of each and every worker at a nuclear facility. To implement this model, there needs to be a refurbishment of current workforce training and mentoring practices. The paper will present an example of distributed security framework model, and how it may look in practice. (author)

  15. One health security: an important component of the global health security agenda.

    Science.gov (United States)

    Gronvall, Gigi; Boddie, Crystal; Knutsson, Rickard; Colby, Michelle

    2014-01-01

    The objectives of the Global Health Security Agenda (GHSA) will require not only a "One Health" approach to counter natural disease threats against humans, animals, and the environment, but also a security focus to counter deliberate threats to human, animal, and agricultural health and to nations' economies. We have termed this merged approach "One Health Security." It will require the integration of professionals with expertise in security, law enforcement, and intelligence to join the veterinary, agricultural, environmental, and human health experts essential to One Health and the GHSA. Working across such different professions, which occasionally have conflicting aims and different professional cultures, poses multiple challenges, but a multidisciplinary and multisectoral approach is necessary to prevent disease threats; detect them as early as possible (when responses are likely to be most effective); and, in the case of deliberate threats, find who may be responsible. This article describes 2 project areas that exemplify One Health Security that were presented at a workshop in January 2014: the US government and private industry efforts to reduce vulnerabilities to foreign animal diseases, especially foot-and-mouth disease; and AniBioThreat, an EU project to counter deliberate threats to agriculture by raising awareness and implementing prevention and response policies and practices.

  16. Research on a Valuation Standard and the Actual Condition About Security Management in PACS

    International Nuclear Information System (INIS)

    Jeong, Jae Ho; Son, Gi Gyeong; Kang, Hee Doo; Dong, Kyung Rae; Kweon, Dae Cheol; Kim, Hyun Soo

    2008-01-01

    This study is to prepare an evaluation standard about personal information protection and security management of a medical institution and to build up a grade standard of evaluation in PACS environment. We built up evaluation index based on 10 detailed items in four big categories (political security, technical security, data management security and physical security) by referring to ISO17799 (BS 7799), HIPPA (Health Insurance and Portability and Accountability Act of 1996) and domestic medical law. We have investigated at the thirty places where medical facility with the extracted security criteria and security evaluation index. Average score of physical security list, one of the big categories, was 18.5/20 (93%) at all medical institutions. Political security score was 18.5/30 (62%), data management security score was 12/20 (60%) and technical security score was 17.5/30 (58%). Therefore, security evaluation score was average 67 in 30 general hospitals, which was 4th level. The results showed that it is necessary to establish evaluation and management standard about personal information protection and security consciousness which are weak in PACS environment.

  17. Secure data exchange between intelligent devices and computing centers

    Science.gov (United States)

    Naqvi, Syed; Riguidel, Michel

    2005-03-01

    The advent of reliable spontaneous networking technologies (commonly known as wireless ad-hoc networks) has ostensibly raised stakes for the conception of computing intensive environments using intelligent devices as their interface with the external world. These smart devices are used as data gateways for the computing units. These devices are employed in highly volatile environments where the secure exchange of data between these devices and their computing centers is of paramount importance. Moreover, their mission critical applications require dependable measures against the attacks like denial of service (DoS), eavesdropping, masquerading, etc. In this paper, we propose a mechanism to assure reliable data exchange between an intelligent environment composed of smart devices and distributed computing units collectively called 'computational grid'. The notion of infosphere is used to define a digital space made up of a persistent and a volatile asset in an often indefinite geographical space. We study different infospheres and present general evolutions and issues in the security of such technology-rich and intelligent environments. It is beyond any doubt that these environments will likely face a proliferation of users, applications, networked devices, and their interactions on a scale never experienced before. It would be better to build in the ability to uniformly deal with these systems. As a solution, we propose a concept of virtualization of security services. We try to solve the difficult problems of implementation and maintenance of trust on the one hand, and those of security management in heterogeneous infrastructure on the other hand.

  18. Improving ward environments and developing skills for discharge with the implementation of self-catering on a low secure forensic unit.

    Science.gov (United States)

    O'Reilly, Alison

    2016-01-01

    The opportunities for service users to develop skills for more independent living and take control of their environments are limited in secure mental health units. This paper will outline a quality improvement project that changed how the catering services were delivered in a low secure unit in East London NHS Foundation Trust (ELFT). A Quality Improvement methodology was adopted incorporating the Plan, Do, Study, Act (PDSA) cycle which included the trial of service users preparing their own meals on a daily basis. The participation rates were measured and functional daily living skills were recorded. Following success of the trial, long-term implementation of self-catering was agreed, with service users being supported to prepare a shared evening meal every day on the ward with an average of 60% participation. Functional living skills indicated an improvement in the area of process skills. The project aligned with ELFT's aims of service users working in collaboration with staff to implement changes in service delivery.

  19. MANAGEMENT OF RESOURCES IN DYNAMICALLY CHANGING SECURITY ENVRIONMENT

    Directory of Open Access Journals (Sweden)

    Sevdalina Dimitrova

    2014-09-01

    Full Text Available The monograph recommends integration between science and practice, experts from national bodies and scientific research potential of academic community of military universities in the field of management of resources of security and defence in accordance to the challenges in security environment caused by its dynamic and often unpredictable changes.

  20. The evolution of central securities depositaries in Europe: stable functions in a changing environment

    OpenAIRE

    Dominique Chabert; Gisèle Chanel-Reynaud

    2006-01-01

    National audience; Settlement-delivery (S&D) operations of CSDs or ICSDs are the second last stage of the securities treatment procedure, the last stage being the delivery of securities into the accounts of the final holders by their account managers/custodians. As for national transfers, the organisation is fairly simple since regional depositors are directly connected to the central securities depositary which fulfils two overriding functions on their behalf:- ensuring the final custody of ...

  1. Heteroatom Doped-Carbon Nanospheres as Anodes in Lithium Ion Batteries

    Directory of Open Access Journals (Sweden)

    George S. Pappas

    2016-01-01

    Full Text Available Long cycle performance is a crucial requirement in energy storage devices. New formulations and/or improvement of “conventional” materials have been investigated in order to achieve this target. Here we explore the performance of a novel type of carbon nanospheres (CNSs with three heteroatom co-doped (nitrogen, phosphorous and sulfur and high specific surface area as anode materials for lithium ion batteries. The CNSs were obtained from carbonization of highly-crosslinked organo (phosphazene nanospheres (OPZs of 300 nm diameter. The OPZs were synthesized via a single and facile step of polycondensation reaction between hexachlorocyclotriphosphazene (HCCP and 4,4′-sulphonyldiphenol (BPS. The X-ray Photoelectron Spectroscopy (XPS analysis showed a high heteroatom-doping content in the structure of CNSs while the textural evaluation from the N2 sorption isotherms revealed the presence of micro- and mesopores and a high specific surface area of 875 m2/g. The CNSs anode showed remarkable stability and coulombic efficiency in a long charge–discharge cycling up to 1000 cycles at 1C rate, delivering about 130 mA·h·g−1. This study represents a step toward smart engineering of inexpensive materials with practical applications for energy devices.

  2. Description of the role of nonphysician practitioners in radiation oncology

    International Nuclear Information System (INIS)

    Kelvin, Joanne Frankel; Moore-Higgs, Giselle Josephine

    1999-01-01

    Purpose: With changes in reimbursement and a decrease in the number of residents, there is a need to explore new ways of achieving high-quality patient care in radiation oncology. One mechanism is the implementation of nonphysician practitioner roles. The purpose of this paper is to describe the roles and responsibilities of clinical nurse specialists (CNSs), nurse practitioners (NPs), and physician assistants (PAs) currently working in the field of radiation oncology in the United States. Methods and Materials: A nationwide mailing was sent to elicit responses to an 8-page self-report questionnaire. Results: The final sample of 86 included 45 (52%) CNSs, 31 (36%) NPs, and 10 (12%) PAs. Two-thirds worked in private practice settings. Most of the nonphysician practitioners frequently obtained histories (57-90%) and ordered laboratory studies (52-68%). However, NPs and PAs were more likely than CNSs to frequently perform 'medical' services such as perform physical exams (42-80% vs. 19-36%), order radiologic studies (50% vs. 17%), and prescribe medication (60-84% vs. 26%). CNSs were more likely to provide 'supportive' services such as develop educational materials, participate in quality improvement initiatives, and develop policies and procedures. Conclusions: Nonphysician practitioners are not substituting for physicians, but rather are working in collaboration with them, performing designated tasks

  3. Privacy and security in teleradiology

    International Nuclear Information System (INIS)

    Ruotsalainen, Pekka

    2010-01-01

    Teleradiology is probably the most successful eHealth service available today. Its business model is based on the remote transmission of radiological images (e.g. X-ray and CT-images) over electronic networks, and on the interpretation of the transmitted images for diagnostic purpose. Two basic service models are commonly used teleradiology today. The most common approach is based on the message paradigm (off-line model), but more developed teleradiology systems are based on the interactive use of PACS/RIS systems. Modern teleradiology is also more and more cross-organisational or even cross-border service between service providers having different jurisdictions and security policies. This paper defines the requirements needed to make different teleradiology models trusted. Those requirements include a common security policy that covers all partners and entities, common security and privacy protection principles and requirements, controlled contracts between partners, and the use of security controls and tools that supporting the common security policy. The security and privacy protection of any teleradiology system must be planned in advance, and the necessary security and privacy enhancing tools should be selected (e.g. strong authentication, data encryption, non-repudiation services and audit-logs) based on the risk analysis and requirements set by the legislation. In any case the teleradiology system should fulfil ethical and regulatory requirements. Certification of the whole teleradiology service system including security and privacy is also proposed. In the future, teleradiology services will be an integrated part of pervasive eHealth. Security requirements for this environment including dynamic and context aware security services are also discussed in this paper.

  4. Privacy and security in teleradiology

    Energy Technology Data Exchange (ETDEWEB)

    Ruotsalainen, Pekka [National Institute for Health and Welfare, Helsinki (Finland)], E-mail: pekka.ruotsalainen@THL.fi

    2010-01-15

    Teleradiology is probably the most successful eHealth service available today. Its business model is based on the remote transmission of radiological images (e.g. X-ray and CT-images) over electronic networks, and on the interpretation of the transmitted images for diagnostic purpose. Two basic service models are commonly used teleradiology today. The most common approach is based on the message paradigm (off-line model), but more developed teleradiology systems are based on the interactive use of PACS/RIS systems. Modern teleradiology is also more and more cross-organisational or even cross-border service between service providers having different jurisdictions and security policies. This paper defines the requirements needed to make different teleradiology models trusted. Those requirements include a common security policy that covers all partners and entities, common security and privacy protection principles and requirements, controlled contracts between partners, and the use of security controls and tools that supporting the common security policy. The security and privacy protection of any teleradiology system must be planned in advance, and the necessary security and privacy enhancing tools should be selected (e.g. strong authentication, data encryption, non-repudiation services and audit-logs) based on the risk analysis and requirements set by the legislation. In any case the teleradiology system should fulfil ethical and regulatory requirements. Certification of the whole teleradiology service system including security and privacy is also proposed. In the future, teleradiology services will be an integrated part of pervasive eHealth. Security requirements for this environment including dynamic and context aware security services are also discussed in this paper.

  5. National Security Crisis Decision-Making: The Role of Regional Combatant Commander

    National Research Council Canada - National Science Library

    Williams, Sean C

    2007-01-01

    The successful management of the Cuban Missile Crisis of 1962 set an unfortunate precedent for crisis management and national security crisis decision-making that persists into the contemporary security environment...

  6. Agrofuels Production and its Relation with Food Security and Food Sovereignty

    Directory of Open Access Journals (Sweden)

    Caroline Vargas Barbosa

    2016-10-01

    Full Text Available The article discusses agrofuels production as a reason for increasing the dissociation between the human being, the land and the environment, considering the issues involving food security and food sovereignty. By using the deductive method, it aims to demonstrate that the growing distance between men and land is one of the results determined by capitalism, which is based on exploitation and maximized land production in order to obtain profit, interfering thereas in national food security and food sovereignty. Thus, it first deals with the relation between the human being, land, the environment, economy, State and politics, focusing on environmental  human  rights  protagonism  such  as  side  for  recognizing  and  developing /enveloping fundamental rights material. Secondly, it brings agrofuels production scenario and its relation with food security and sovereignty. Finally, it concepts food security and food sovereignty, establishing its differences in order to permit the build up a solid reality that is also able to secure their implement in an economy of family polycultural basis even if there is an opposite side oriented by capitalism and protected by State, specially in which concerns to productions and environmental excessive exploitation. The article concludes that to secure fundamental rights the being needs to recognize oneself as part of the environment in order to develop a significant State behavior which will reflect on economical politics that favors food security and food sovereignty.

  7. Enhancing Cyber Security for SME organizations through self-assessments : How self-assessment raises awareness

    OpenAIRE

    Hassinen, Tarmo

    2017-01-01

    This thesis primarily studied the importance of self-assessment in increasing business organizations’ cyber security awareness of their ICT environment. The secondary studied item was the relevance of self-assessment in detecting new business potential while understanding ICT environment changes. The self-assessment is based on FINCS, the Finnish basic level cyber security certificate launched in December 2016. FINCSC consists of physical and management security, ICT service and system securi...

  8. The Land Component Role in Maritime Security

    Science.gov (United States)

    2016-12-31

    nations for resources. They must also confront maritime threats, which include piracy , armed robbery, damage to the marine environment (i.e. pollution...such as an armed attack from a military vessel. Most definitions also usually include security from crimes at sea, such as piracy , armed robbery...security through stability operations, one must accept that any effective government must focus on basic governmental functions – providing for the

  9. NATIONAL SECURITY IMPLICATIONS OF CYBER THREATS

    Directory of Open Access Journals (Sweden)

    ALEJANDRO AMIGO TOSSI

    2017-09-01

    Full Text Available Cyber threat is one of the main risks for security in developing countries, as well in States on the development path, such as ours. This phenomena is a challenge to national security, that needs the adoption of a paramount approach in its analysis, that have to consider all the aspects that had transformed the actors and malevolent actions in this environment in one of the most important challenges to the security of governmental as well as private organizations all over the world. States, hackers, cyber activists, and cyber criminals have been main actors in several situations that had shaped a new dimension for international and national security. The purpose of this article is to propose topics that could be included in the national assessment of cyber threats to the Chilean national security, based upon several conceptual definitions, cyber attacks already executed to state and military organization’s in Chile, and lastly, considerations over cyber threats included in the National Security Strategies of some western powers.

  10. Secure Service Invocation in a Peer-to-Peer Environment Using JXTA-SOAP

    Science.gov (United States)

    Laghi, Maria Chiara; Amoretti, Michele; Conte, Gianni

    The effective convergence of service-oriented architectures (SOA) and peer-to-peer (P2P) is an urgent task, with many important applications ranging from e-business to ambient intelligence. A considerable standardization effort is being carried out from both SOA and P2P communities, but a complete platform for the development of secure, distributed applications is still missing. In this context, the result of our research and development activity is JXTA-SOAP, an official extension for JXTA enabling Web Service sharing in peer-to-peer networks. Recently we focused on security aspects, providing JXTA-SOAP with a general security management system, and specialized policies that target both J2SE and J2ME versions of the component. Among others, we implemented a policy based on Multimedia Internet KEYing (MIKEY), which can be used to create a key pair and all the required parameters for encryption and decryption of service messages in consumer and provider peers running on resource-constrained devices.

  11. Library and Archival Security: Policies and Procedures To Protect Holdings from Theft and Damage.

    Science.gov (United States)

    Trinkaus-Randall, Gregor

    1998-01-01

    Firm policies and procedures that address the environment, patron/staff behavior, general attitude, and care and handling of materials need to be at the core of the library/archival security program. Discussion includes evaluating a repository's security needs, collections security, security in non-public areas, security in the reading room,…

  12. Evaluation of the nuclear security culture

    International Nuclear Information System (INIS)

    Spitalnik, Jorge

    2003-01-01

    The security culture of an organization resides in its workers and it is expressed by the way the personnel that works in a particular organization practice daily its activities. The security culture can be practice in a high or in a low level, but it always exists and it can always be improved. It is based on the security condition and procedures that have been established in the planning phase and in the implementation of a project. After its implantation, in order to avoid deterioration, basically it is necessary to maintain and to bring updated those conditions and procedures through strategies of follow up and control. This process establishes the basis of a program of maintenance and improvement of the Security Culture. Many self-evaluations that have been accomplished at nuclear organizations based on workers perception concerning working conditions and management environment, have permitted objectively determine if the security doctrine, which the organization assure to follow rigorously into its dally activities, is really so (LS)

  13. Shotgun Wedding: Interagency Transformation for the 21st Century Security Environment

    National Research Council Canada - National Science Library

    Gibler, Michael L

    2008-01-01

    .... Equally present are the numerous statements and studies by governmental bodies, military leadership, non-partisan think tanks, academia and political elites who believe the current National Security...

  14. The Design and Analysis of a Secure Personal Healthcare System Based on Certificates

    Directory of Open Access Journals (Sweden)

    Jungho Kang

    2016-11-01

    Full Text Available Due to the development of information technology (IT, it has been applied to various fields such as the smart home, medicine, healthcare, and the smart car. For these fields, IT has been providing continuous prevention and management, including health conditions beyond the mere prevention of disease, improving the quality of life. e-Healthcare is a health management and medical service to provide prevention, diagnosis, treatment, and the follow-up management of diseases at any time and place in connection with information communication technology, without requiring patients to visit hospitals. However, e-Healthcare has been exposed to eavesdropping, manipulation, and the forgery of information that is personal, biological, medical, etc., and is a security threat from malicious attackers. This study suggests a security service model to exchange personal health records (PHRs for e-Healthcare environments. To be specific, this study suggests a scheme in which communicators are able to securely authorize and establish security channels by constituting the infrastructure each organization relies on. In addition, the possibility of establishing a security service model is indicated by suggesting an e-Healthcare system for a secure e-Healthcare environment as a secure personal health record system. This is anticipated to provide securer communication in e-Healthcare environments in the future through the scheme suggested in this study.

  15. CONSIDERATIONS REGARDING THE 21st CENTURY’s HIGH QUALITY SECURITY CONCEPT

    Directory of Open Access Journals (Sweden)

    Eugen SITEANU

    2017-12-01

    Full Text Available The present paper is devoted to qualitative security which today has to become a topic issue of world security. The opinions regarding the 21st century’s security concept are contradictory since people have different understandings and perceptions of security, respectively insecurity, and do not agree to analyze the security concept as a function of the system. Our take is that implementation of some new security concepts should aim an analysis and understanding of security in an integrating view, in order to make the most comprehensive security environment possible. Therefore, we do believe that it is necessary to define the concept of high quality security, which is translated in our current paper.

  16. Intelligent Model for Video Survillance Security System

    Directory of Open Access Journals (Sweden)

    J. Vidhya

    2013-12-01

    Full Text Available Video surveillance system senses and trails out all the threatening issues in the real time environment. It prevents from security threats with the help of visual devices which gather the information related to videos like CCTV’S and IP (Internet Protocol cameras. Video surveillance system has become a key for addressing problems in the public security. They are mostly deployed on the IP based network. So, all the possible security threats exist in the IP based application might also be the threats available for the reliable application which is available for video surveillance. In result, it may increase cybercrime, illegal video access, mishandling videos and so on. Hence, in this paper an intelligent model is used to propose security for video surveillance system which ensures safety and it provides secured access on video.

  17. EVALUATION OF ECOLOGICAL ENVIRONMENT SECURITY IN CONTIGUOUS POVERTY ALLEVIATION AREA OF SICHUAN PROVINCE

    OpenAIRE

    W. Xian; Y. Chen; J. Chen; X. Luo; H. Shao

    2018-01-01

    According to the overall requirements of ecological construction and environmental protection, rely on the national key ecological engineering, strengthen ecological environmental restoration and protection, improve forest cover, control soil erosion, construct important ecological security barrier in poor areas, inhibit poverty alleviation through ecological security in this area from environmental damage to the vicious cycle of poverty. Obviously, the dynamic monitoring of ecological securi...

  18. Privacy and security in teleradiology.

    Science.gov (United States)

    Ruotsalainen, Pekka

    2010-01-01

    Teleradiology is probably the most successful eHealth service available today. Its business model is based on the remote transmission of radiological images (e.g. X-ray and CT-images) over electronic networks, and on the interpretation of the transmitted images for diagnostic purpose. Two basic service models are commonly used teleradiology today. The most common approach is based on the message paradigm (off-line model), but more developed teleradiology systems are based on the interactive use of PACS/RIS systems. Modern teleradiology is also more and more cross-organisational or even cross-border service between service providers having different jurisdictions and security policies. This paper defines the requirements needed to make different teleradiology models trusted. Those requirements include a common security policy that covers all partners and entities, common security and privacy protection principles and requirements, controlled contracts between partners, and the use of security controls and tools that supporting the common security policy. The security and privacy protection of any teleradiology system must be planned in advance, and the necessary security and privacy enhancing tools should be selected (e.g. strong authentication, data encryption, non-repudiation services and audit-logs) based on the risk analysis and requirements set by the legislation. In any case the teleradiology system should fulfil ethical and regulatory requirements. Certification of the whole teleradiology service system including security and privacy is also proposed. In the future, teleradiology services will be an integrated part of pervasive eHealth. Security requirements for this environment including dynamic and context aware security services are also discussed in this paper. Copyright (c) 2009 Elsevier Ireland Ltd. All rights reserved.

  19. Securing the Data Storage and Processing in Cloud Computing Environment

    Science.gov (United States)

    Owens, Rodney

    2013-01-01

    Organizations increasingly utilize cloud computing architectures to reduce costs and energy consumption both in the data warehouse and on mobile devices by better utilizing the computing resources available. However, the security and privacy issues with publicly available cloud computing infrastructures have not been studied to a sufficient depth…

  20. Information Interpretation Code For Providing Secure Data Integrity On Multi-Server Cloud Infrastructure

    OpenAIRE

    Sathiya Moorthy Srinivsan; Chandrasekar Chaillah

    2014-01-01

    Data security is one of the biggest concerns in cloud computing environment. Although the advantages of storing data in cloud computing environment is extremely high, there arises a problem related to data missing. CyberLiveApp (CLA) supports secure application development between multiple users, even though cloud users distinguish their vision privileges during storing of data. But CyberLiveApp failed to integrate the system with certain cloud-based computing environments on multi-server. En...

  1. The cloud security ecosystem technical, legal, business and management issues

    CERN Document Server

    Ko, Ryan

    2015-01-01

    Drawing upon the expertise of world-renowned researchers and experts, The Cloud Security Ecosystem comprehensively discusses a range of cloud security topics from multi-disciplinary and international perspectives, aligning technical security implementations with the most recent developments in business, legal, and international environments. The book holistically discusses key research and policy advances in cloud security - putting technical and management issues together with an in-depth treaties on a multi-disciplinary and international subject. The book features contributions from key tho

  2. A Secure Framework for Location Verification in Pervasive Computing

    Science.gov (United States)

    Liu, Dawei; Lee, Moon-Chuen; Wu, Dan

    The way people use computing devices has been changed in some way by the relatively new pervasive computing paradigm. For example, a person can use a mobile device to obtain its location information at anytime and anywhere. There are several security issues concerning whether this information is reliable in a pervasive environment. For example, a malicious user may disable the localization system by broadcasting a forged location, and it may impersonate other users by eavesdropping their locations. In this paper, we address the verification of location information in a secure manner. We first present the design challenges for location verification, and then propose a two-layer framework VerPer for secure location verification in a pervasive computing environment. Real world GPS-based wireless sensor network experiments confirm the effectiveness of the proposed framework.

  3. Impacts of Climate Change on Food Security and Poverty Reduction ...

    African Journals Online (AJOL)

    Dynamic interactions between bio-geophysical and human environments lead to the production, processing, distribution, preparation and consumption of foods, resulting in food systems that underpin food security. Food systems encompass food availability, utilization and access, so that food security is diminished when ...

  4. American security perspectives: public views on energy, environment, nuclear weapons and terrorism: 2008

    International Nuclear Information System (INIS)

    Herron, Kerry Gale; Jenkins-Smith, Hank C.

    2008-01-01

    We analyze and compare findings from matching national surveys of the US general public on US energy and environmental security administered by telephone and Internet in mid-2008. Key areas of investigation include: energy supplies and reliability; energy vulnerabilities and threats, and relationships among security, costs, energy dependence, alter-native sources, and research and investment priorities. We analyze public assessments of nuclear energy risks and benefits, nuclear materials management issues, and preferences for the future of nuclear energy in the US. Additionally, we investigate environmental issues as they relate to energy security, to include evolving perspectives on global climate change and relationships among environmental issues and potential policy options. We also report findings from an Internet survey of the general public conducted in mid-2008 that investigates assessments of threats to US security; valuations of US nuclear weapons and nuclear deterrence; perspectives on nuclear proliferation; and support for investments in nuclear weapons capabilities. Our analysis of public views on terrorism include assessments of the current threat, progress in the struggle against terrorism, preferences for responding to terrorist attacks at different levels of assumed casualties, and support for domestic policies intended to reduce the threat of terrorism.

  5. Control Systems Cyber Security Standards Support Activities

    Energy Technology Data Exchange (ETDEWEB)

    Robert Evans

    2009-01-01

    The Department of Homeland Security’s Control Systems Security Program (CSSP) is working with industry to secure critical infrastructure sectors from cyber intrusions that could compromise control systems. This document describes CSSP’s current activities with industry organizations in developing cyber security standards for control systems. In addition, it summarizes the standards work being conducted by organizations within the sector and provides a brief listing of sector meetings and conferences that might be of interest for each sector. Control systems cyber security standards are part of a rapidly changing environment. The participation of CSSP in the development effort for these standards has provided consistency in the technical content of the standards while ensuring that information developed by CSSP is included.

  6. Information security management: a proposal to improve the effectiveness of information security in the scientific research environment; Gestao da seguranca da informacao: uma proposta para potencializar a efetividade da seguranca da informacao em ambiente de pesquisa cientifica

    Energy Technology Data Exchange (ETDEWEB)

    Alexandria, Joao Carlos Soares de

    2009-07-01

    The increase of the connectivity in the business environment, combined with the growing dependency of information systems, has become the information security management an important governance tool. Information security has as main goal to protect the business transactions in order to work normally. In this way, It will be safeguarding the business continuity. The threats of information come from hackers' attacks, electronic frauds and spying, as well as fire, electrical energy interruption and humans fault. Information security is made by implementation of a set of controls, including of the others politics, processes, procedures, organizational structures, software and hardware, which require a continuous management and a well established structure to be able to face such challenges. This work tried to search the reasons why the organizations have difficulties to make a practice of information security management. Many of them just limit to adopt points measures, sometimes they are not consistent with their realities. The market counts on enough quantity of standards and regulations related to information security issues, for example, ISO/IEC 27002, American Sarbanes-Oxley act, Basel capital accord, regulations from regulatory agency (such as the Brazilians ones ANATEL, ANVISA and CVM). The market researches have showed that the information security implementation is concentrated on a well-defined group of organization mainly formed by large companies and from specifics sectors of economy, for example, financial and telecommunication. However, information security must be done by all organizations that use information systems to carry out their activities, independently of its size or economic area that it belongs. The situation of information security in the governmental sector of Brazil, and inside its research institutions, is considered worrying by the Brazilian Court of Accounts (TCU). This research work presents an assessment and diagnostic proposal

  7. Learning from the blackouts. Transmission system security in competitive electricity markets

    Energy Technology Data Exchange (ETDEWEB)

    none

    2005-07-01

    Electricity market reform has fundamentally changed the environment for maintaining reliable and secure power supplies. Growing inter-regional trade has placed new demands on transmission systems, creating a more integrated and dynamic network environment with new real-time challenges for reliable and secure transmission system operation. Despite these fundamental changes, system operating rules and practices remain largely unchanged. The major blackouts of 2003 and 2004 raised searching questions about the appropriateness of these arrangements. Management of system security needs to be transformed to maintain reliable electricity services in this more dynamic operating environment. These challenges raise fundamental issues for policymakers. This publication presents case studies drawn from recent large-scale blackouts in Europe, North America, and Australia. It concludes that a comprehensive, integrated policy response is required to avoid preventable large-scale blackouts in the future.

  8. Design Methodologies for Secure Embedded Systems

    CERN Document Server

    Biedermann, Alexander

    2011-01-01

    Embedded systems have been almost invisibly pervading our daily lives for several decades. They facilitate smooth operations in avionics, automotive electronics, or telecommunication. New problems arise by the increasing employment, interconnection, and communication of embedded systems in heterogeneous environments: How secure are these embedded systems against attacks or breakdowns? Therefore, how can embedded systems be designed to be more secure? And how can embedded systems autonomically react to threats? Facing these questions, Sorin A. Huss is significantly involved in the exploration o

  9. An evaluation index system of water security in China based on macroeconomic data from 2000 to 2012

    Science.gov (United States)

    Li, X. S.; Peng, Z. Y.; Li, T. T.

    2016-08-01

    This paper establishes an evaluation index system of water security. The index system employs 5 subsystems (water circulation security, water environment security, water ecology security, water society security and water economy security) and has 39 indicators. Using the AHP method, each indicator is given a relative weight to integrate within the whole system. With macroeconomic data from 2000 to 2012, a model of water security evaluation is applied to assess the state of water security in China. The results show an improving trend in the overall state of China's water security. In particular, the cycle of water security is at a high and low fluctuation. Water environment security presents an upward trend on the whole; however, this trend is unsteady and has shown a descending tendency in some years. Yet, water ecology security, water society security, and water economy security are basically on the rise. However, the degree of coordination of China's water security system remains in need of consolidation.

  10. Aspects regarding the security environment in South Caucasus

    Directory of Open Access Journals (Sweden)

    Lavinia Lupu

    2012-08-01

    Full Text Available Transitions from Soviet authoritarianism and planned economies to democracy and market economies have not been successfully completed in any of the three states from South Caucasus. This region continues to be characterized by high instability and insecurity due the absence of solutions to the protracted or „frozen” conflicts between Armenia and Azerbaijan – over the territory of Nagorno-Karabakh – and between Georgia and Russia – over the breakaway regions of South Ossetia and Abkhazia. Finding common ground upon which all parties can agree has proven to be an impossible task. Protracted or „frozen” conflicts present a challenge for the stability and security of South Caucasus.

  11. Information-Pooling Bias in Collaborative Security Incident Correlation Analysis.

    Science.gov (United States)

    Rajivan, Prashanth; Cooke, Nancy J

    2018-03-01

    Incident correlation is a vital step in the cybersecurity threat detection process. This article presents research on the effect of group-level information-pooling bias on collaborative incident correlation analysis in a synthetic task environment. Past research has shown that uneven information distribution biases people to share information that is known to most team members and prevents them from sharing any unique information available with them. The effect of such biases on security team collaborations are largely unknown. Thirty 3-person teams performed two threat detection missions involving information sharing and correlating security incidents. Incidents were predistributed to each person in the team based on the hidden profile paradigm. Participant teams, randomly assigned to three experimental groups, used different collaboration aids during Mission 2. Communication analysis revealed that participant teams were 3 times more likely to discuss security incidents commonly known to the majority. Unaided team collaboration was inefficient in finding associations between security incidents uniquely available to each member of the team. Visualizations that augment perceptual processing and recognition memory were found to mitigate the bias. The data suggest that (a) security analyst teams, when conducting collaborative correlation analysis, could be inefficient in pooling unique information from their peers; (b) employing off-the-shelf collaboration tools in cybersecurity defense environments is inadequate; and (c) collaborative security visualization tools developed considering the human cognitive limitations of security analysts is necessary. Potential applications of this research include development of team training procedures and collaboration tool development for security analysts.

  12. Secure OpenID Authentication Model by Using Trusted Computing

    Directory of Open Access Journals (Sweden)

    E. Ghazizadeh

    2014-01-01

    Full Text Available The growth of Internet online services has been very quick in recent years. Each online service requires Internet users to create a new account to use the service. The problem can be seen when each user usually needs more than one service and, consequently, has numerous accounts. These numerous accounts have to be managed in a secure and simple way to be protected against identity theft. Single sign-on (SSO and OpenID have been used to decrease the complexity of managing numerous accounts required in the Internet identity environment. Trusted Platform Module (TPM and Trust Multitenancy are great trusted computing-based technologies to solve security concerns in the Internet identity environment. Since trust is one of the pillars of security in the cloud, this paper analyzes the existing cloud identity techniques in order to investigate their strengths and weaknesses. This paper proposes a model in which One Time Password (OTP, TPM, and OpenID are used to provide a solution against phishing as a common identity theft in cloud environment.

  13. An electronically controlled automatic security access gate

    Directory of Open Access Journals (Sweden)

    Jonathan A. ENOKELA

    2014-11-01

    Full Text Available The security challenges being encountered in many places require electronic means of controlling access to communities, recreational centres, offices, and homes. The electronically controlled automated security access gate being proposed in this work helps to prevent an unwanted access to controlled environments. This is achieved mainly through the use of a Radio Frequency (RF transmitter-receiver pair. In the design a microcontroller is programmed to decode a given sequence of keys that is entered on a keypad and commands a transmitter module to send out this code as signal at a given radio frequency. Upon reception of this RF signal by the receiver module, another microcontroller activates a driver circuitry to operate the gate automatically. The codes for the microcontrollers were written in C language and were debugged and compiled using the KEIL Micro vision 4 integrated development environment. The resultant Hex files were programmed into the memories of the microcontrollers with the aid of a universal programmer. Software simulation was carried out using the Proteus Virtual System Modeling (VSM version 7.7. A scaled-down prototype of the system was built and tested. The electronically controlled automated security access gate can be useful in providing security for homes, organizations, and automobile terminals. The four-character password required to operate the gate gives the system an increased level of security. Due to its standalone nature of operation the system is cheaper to maintain in comparison with a manually operated type.

  14. NATO Advanced Study Institute on Laser Control & Monitoring in New Materials, Biomedicine, Environment, Security & Defense

    CERN Document Server

    Hall, Trevor J; Paredes, Sofia A; Extreme Photonics & Applications

    2010-01-01

    "Extreme Photonics & Applications" arises from the 2008 NATO Advanced Study Institute in Laser Control & Monitoring in New Materials, Biomedicine, Environment, Security and Defense. Leading experts in the manipulation of light offered by recent advances in laser physics and nanoscience were invited to give lectures in their fields of expertise and participate in discussions on current research, applications and new directions. The sum of their contributions to this book is a primer for the state of scientific knowledge and the issues within the subject of photonics taken to the extreme frontiers: molding light at the ultra-finest scales, which represents the beginning of the end to limitations in optical science for the benefit of 21st Century technological societies. Laser light is an exquisite tool for physical and chemical research. Physicists have recently developed pulsed lasers with such short durations that one laser shot takes the time of one molecular vibration or one electron rotation in an ...

  15. Re-designing the PhEDEx Security Model

    Science.gov (United States)

    C-H, Huang; Wildish, T.; X, Zhang

    2014-06-01

    PhEDEx, the data-placement tool used by the CMS experiment at the LHC, was conceived in a more trusting time. The security model provided a safe environment for site agents and operators, but offerred little more protection than that. Data was not sufficiently protected against loss caused by operator error or software bugs or by deliberate manipulation of the database. Operators were given high levels of access to the database, beyond what was actually needed to accomplish their tasks. This exposed them to the risk of suspicion should an incident occur. Multiple implementations of the security model led to difficulties maintaining code, which can lead to degredation of security over time. In order to meet the simultaneous goals of protecting CMS data, protecting the operators from undue exposure to risk, increasing monitoring capabilities and improving maintainability of the security model, the PhEDEx security model was redesigned and re-implemented. Security was moved from the application layer into the database itself, fine-grained access roles were established, and tools and procedures created to control the evolution of the security model over time. In this paper we describe this work, we describe the deployment of the new security model, and we show how these enhancements improve security on several fronts simultaneously.

  16. Re-designing the PhEDEx security model

    International Nuclear Information System (INIS)

    Huang C-H; Wildish, T; Zhang X

    2014-01-01

    PhEDEx, the data-placement tool used by the CMS experiment at the LHC, was conceived in a more trusting time. The security model provided a safe environment for site agents and operators, but offerred little more protection than that. Data was not sufficiently protected against loss caused by operator error or software bugs or by deliberate manipulation of the database. Operators were given high levels of access to the database, beyond what was actually needed to accomplish their tasks. This exposed them to the risk of suspicion should an incident occur. Multiple implementations of the security model led to difficulties maintaining code, which can lead to degredation of security over time. In order to meet the simultaneous goals of protecting CMS data, protecting the operators from undue exposure to risk, increasing monitoring capabilities and improving maintainability of the security model, the PhEDEx security model was redesigned and re-implemented. Security was moved from the application layer into the database itself, fine-grained access roles were established, and tools and procedures created to control the evolution of the security model over time. In this paper we describe this work, we describe the deployment of the new security model, and we show how these enhancements improve security on several fronts simultaneously.

  17. Security Guards for the Future Web

    National Research Council Canada - National Science Library

    Reed, Nancy; Bryson, Dave; Garriss, James; Gosnell, Steve; Heaton, Brook; Huber, Gary; Jacobs, David; Pulvermacher, Mary; Semy, Salim; Smith, Chad; Standard, John

    2004-01-01

    .... Guard technology needs to keep pace with the evolving Web environment. The authors conjectured that a family of security guard services would be needed to provide the full range of functionality necessary to support the future Web...

  18. Mathematical and Statistical Opportunities in Cyber Security

    Energy Technology Data Exchange (ETDEWEB)

    Meza, Juan; Campbell, Scott; Bailey, David

    2009-03-23

    The role of mathematics in a complex system such as the Internet has yet to be deeply explored. In this paper, we summarize some of the important and pressing problems in cyber security from the viewpoint of open science environments. We start by posing the question 'What fundamental problems exist within cyber security research that can be helped by advanced mathematics and statistics'? Our first and most important assumption is that access to real-world data is necessary to understand large and complex systems like the Internet. Our second assumption is that many proposed cyber security solutions could critically damage both the openness and the productivity of scientific research. After examining a range of cyber security problems, we come to the conclusion that the field of cyber security poses a rich set of new and exciting research opportunities for the mathematical and statistical sciences.

  19. Security Assistance in Nigeria: Shaping the International Environment to Meet U.S. National Security Objectives in the Global Era

    National Research Council Canada - National Science Library

    Prendergast, Kenneth

    2003-01-01

    .... While American interests in Sub-Saharan Africa are significant and growing, there are also important transnational security threats, infectious diseases, organized international criminal activities...

  20. Raman Spectroscopy for Homeland Security Applications

    Directory of Open Access Journals (Sweden)

    Gregory Mogilevsky

    2012-01-01

    Full Text Available Raman spectroscopy is an analytical technique with vast applications in the homeland security and defense arenas. The Raman effect is defined by the inelastic interaction of the incident laser with the analyte molecule’s vibrational modes, which can be exploited to detect and identify chemicals in various environments and for the detection of hazards in the field, at checkpoints, or in a forensic laboratory with no contact with the substance. A major source of error that overwhelms the Raman signal is fluorescence caused by the background and the sample matrix. Novel methods are being developed to enhance the Raman signal’s sensitivity and to reduce the effects of fluorescence by altering how the hazard material interacts with its environment and the incident laser. Basic Raman techniques applicable to homeland security applications include conventional (off-resonance Raman spectroscopy, surface-enhanced Raman spectroscopy (SERS, resonance Raman spectroscopy, and spatially or temporally offset Raman spectroscopy (SORS and TORS. Additional emerging Raman techniques, including remote Raman detection, Raman imaging, and Heterodyne imaging, are being developed to further enhance the Raman signal, mitigate fluorescence effects, and monitor hazards at a distance for use in homeland security and defense applications.

  1. Tools for an effective annual review of the Security Management Plan.

    Science.gov (United States)

    Daniel, Matthew

    2014-01-01

    A hospital's Security Management Plan, required by the Joint Commission, can also be used by security management professionals, the author points out, to ensure that they are continually monitoring and improving the program in a changing healthcare environment.

  2. Data Security in Smart Cities: Challenges and Solutions

    Directory of Open Access Journals (Sweden)

    Daniela POPESCUL

    2016-01-01

    Full Text Available The purpose of this paper is to provide an extensive overview of security-related problems in the context of smart cities, seen as huge data consumers and producers. Trends as hyper connectivity, messy complexity, loss of boundary and industrialized hacking transform smart cities in complex environments in which the already-existing security analysis are not useful anymore. Specific data-security requirements and solutions are approached in a four-layer framework, with elements considered to be critical to the operation of a smart city: smart things, smart spaces, smart systems and smart citizens. As urban management should pay close attention to security and privacy protection, network protocols, identity management, standardization, trusted architecture etc., the paper will serve them as a start point for better decisions in security design and management.

  3. Industrial Security – a Component of the Production Operational Management

    OpenAIRE

    Ilie GHEORGHE; Roxana STEFANESCU

    2005-01-01

    The problem of the industrial objectives security imposes as a fundamental condition of economic efficiency. This is why is necessary the elaboration of a new concept regarding industrial security. This concept must integrate quality problems, with technological and ecological characteristics of the industrial objective with the security problems of the business environment and to protect physical and informational objective against fires or natural calamities. Another role of the new industr...

  4. webinos project deliverable: Phase 1 Security Framework

    OpenAIRE

    webinos consortium

    2011-01-01

    The webinos project aims to deliver a cross-device web application runtime environment, providing a unified development platform and standardized inter-device communication and interaction. This document contains the first iteration of the technical security and privacy framework designed for the webinos project. It accompanies two other documents - D3.1 System Specification and D3.2 API Specifications - and refers to concepts developed in them. The security and privacy architecture aims to p...

  5. Secure Data Service Outsourcing with Untrusted Cloud

    OpenAIRE

    Xiong, Huijun

    2013-01-01

    Outsourcing data services to the cloud is a nature fit for cloud usage. However, increasing security and privacy concerns from both enterprises and individuals on their outsourced data inhibit this trend. In this dissertation, we introduce service-centric solutions to address two types of security threats existing in the current cloud environments: semi-honest cloud providers and malicious cloud customers. Our solution aims not only to provide confidentiality and access controllability of out...

  6. A security analysis of the 802.11s wireless mesh network routing protocol and its secure routing protocols.

    Science.gov (United States)

    Tan, Whye Kit; Lee, Sang-Gon; Lam, Jun Huy; Yoo, Seong-Moo

    2013-09-02

    Wireless mesh networks (WMNs) can act as a scalable backbone by connecting separate sensor networks and even by connecting WMNs to a wired network. The Hybrid Wireless Mesh Protocol (HWMP) is the default routing protocol for the 802.11s WMN. The routing protocol is one of the most important parts of the network, and it requires protection, especially in the wireless environment. The existing security protocols, such as the Broadcast Integrity Protocol (BIP), Counter with cipher block chaining message authentication code protocol (CCMP), Secure Hybrid Wireless Mesh Protocol (SHWMP), Identity Based Cryptography HWMP (IBC-HWMP), Elliptic Curve Digital Signature Algorithm HWMP (ECDSA-HWMP), and Watchdog-HWMP aim to protect the HWMP frames. In this paper, we have analyzed the vulnerabilities of the HWMP and developed security requirements to protect these identified vulnerabilities. We applied the security requirements to analyze the existing secure schemes for HWMP. The results of our analysis indicate that none of these protocols is able to satisfy all of the security requirements. We also present a quantitative complexity comparison among the protocols and an example of a security scheme for HWMP to demonstrate how the result of our research can be utilized. Our research results thus provide a tool for designing secure schemes for the HWMP.

  7. Application Security for the Android Platform Processes, Permissions, and Other Safeguards

    CERN Document Server

    Six, Jeff

    2011-01-01

    This book will educate readers on the need for application security and secure coding practices when designing any app. No prior knowledge of security or secure programming techniques is assumed. The book will discuss the need for such practices, how the Android environment is structured with respect to security considerations, what services and techniques are available on the platform to protect data, and how developers can build and code applications that address the risk to their applications and the data processed by them. This text is especially important now, as Android is fast becoming

  8. Security Risks: Management and Mitigation in the Software Life Cycle

    Science.gov (United States)

    Gilliam, David P.

    2004-01-01

    A formal approach to managing and mitigating security risks in the software life cycle is requisite to developing software that has a higher degree of assurance that it is free of security defects which pose risk to the computing environment and the organization. Due to its criticality, security should be integrated as a formal approach in the software life cycle. Both a software security checklist and assessment tools should be incorporated into this life cycle process and integrated with a security risk assessment and mitigation tool. The current research at JPL addresses these areas through the development of a Sotfware Security Assessment Instrument (SSAI) and integrating it with a Defect Detection and Prevention (DDP) risk management tool.

  9. A European Perspective on Security Research

    Science.gov (United States)

    Liem, Khoen; Hiller, Daniel; Castex, Christoph

    Tackling the complexity and interdependence of today's security environment in the globalized world of the 21st century is an everlasting challenge. Whereas the end of the Cold War presented a caesura of global dimension for the political and economic architecture and a realignment of power distribution and international relations between former adversaries, September 11th of 2001 may be seen as another caesura. Since then, specifically among countries of the Western hemisphere, traditional security paradigms and theories have been critically questioned and the different security cultures and perceptions have resulted in diverse security and defence policies as well as in security research efforts of individual countries. Consensus, it seems, exists on the question of what the threats are that our modern interconnected societies are facing. Whether looking at international terrorism, organized crime, climate change, the illegal trafficking of goods and people or naturally caused catastrophes, these phenomena all have in common that they are in most cases of transnational nature. Formerly existing dividing lines between internal and external security continue to fade, presenting an enormous challenge for those in charge of designing security policy and even more so for the various institutions safeguarding European security. That is why dissent often revolves around the question on how to get hold of these complex problems. Geographic location, cultural background, ethical make-up of society as well as relations with neighbouring countries are all important aspects to be considered when assessing the security culture and policy of individual countries.

  10. Information Security Risks on a University Campus

    Directory of Open Access Journals (Sweden)

    Amer A. Al-Rawas

    2002-06-01

    Full Text Available This paper is concerned with issues relating to security in the provision of information systems (IS services within a campus environment. It is based on experiences with a specific known environment; namely Sultan Qaboos University. In considering the risks and challenges that face us in the provision of IS services we need to consider a number of interwoven subject areas.  These are: the importance of information to campus communities, the types of information utilised, and the risk factors that relate to the provision of IS services. Based on our discussion of the risk factors identified within this paper, we make a number of recommendations for improving security within any environment that wishes to take the matter seriously. These recommendations are classified into three main groups: general, which are applicable to the entire institution; social, aimed at the work attitudes of staff and students; and technical, addressing the skills and technologies required.

  11. Hydro-hegemony or water security community? Collective action, cooperation and conflict in the SADC transboundary security complex

    CSIR Research Space (South Africa)

    Meissner, Richard

    2017-09-01

    Full Text Available In an anarchical global environment, the conflict potential of shared water resources has made rivers subject to high politics (i.e. security). While researchers and diplomats consider regional treaties as cooperation indicators (Wold 1995), unequal...

  12. Virtualization Security Combining Mandatory Access Control and Virtual Machine Introspection

    OpenAIRE

    Win, Thu Yein; Tianfield, Huaglory; Mair, Quentin

    2014-01-01

    Virtualization has become a target for attacks in cloud computing environments. Existing approaches to protecting the virtualization environment against the attacks are limited in protection scope and are with high overheads. This paper proposes a novel virtualization security solution which aims to provide comprehensive protection of the virtualization environment.

  13. Food security, agricultural subsidies, energy, and the environment: a process of 'glocalization' in Sri Lanka

    Energy Technology Data Exchange (ETDEWEB)

    Mendis, P.

    2001-07-01

    This paper analyzes the interplay of policy dilemma in the areas of food security, agricultural subsidies, energy consumption, and the environment in the 'glocalization' process of Sri Lanka. It demonstrates that the domestic agricultural and food sector is intricately interconnected with the global economy and world market forces. While this paper gives a primary focus on domestic rice production and wheat import policies, it further examines the environmental consequences and public health issues that are associated with the process of 'glocalization' as part of globalization. This 'glocalization' has led to a series of intended and unintended externalities for Sri Lanka whose economic integration is irreversibly linked to agricultural and subsidy policies of other food exporting and producing countries of Asia and the United States. (author)

  14. Fruit-80: A Secure Ultra-Lightweight Stream Cipher for Constrained Environments

    Directory of Open Access Journals (Sweden)

    Vahid Amin Ghafari

    2018-03-01

    Full Text Available In Fast Software Encryption (FSE 2015, while presenting a new idea (i.e., the design of stream ciphers with the small internal state by using a secret key, not only in the initialization but also in the keystream generation, Sprout was proposed. Sprout was insecure and an improved version of Sprout was presented in FSE 2017. We introduced Fruit stream cipher informally in 2016 on the web page of IACR (eprint and few cryptanalysis were published on it. Fortunately, the main structure of Fruit was resistant. Now, Fruit-80 is presented as a final version which is easier to implement and is secure. The size of LFSR and NFSR in Fruit-80 is only 80 bits (for 80-bit security level, while for resistance to the classical time-memory-data tradeoff (TMDTO attacks, the internal state size should be at least twice that of the security level. To satisfy this rule and to design a concrete cipher, we used some new design ideas. It seems that the bottleneck of designing an ultra-lightweight stream cipher is TMDTO distinguishing attacks. A countermeasure was suggested, and another countermeasure is proposed here. Fruit-80 is better than other small-state stream ciphers in terms of the initialization speed and area size in hardware. It is possible to redesign many of the stream ciphers and achieve significantly smaller area size by using the new idea.

  15. Don't Drop Your Guard: Securing Nuclear Facilities

    International Nuclear Information System (INIS)

    Lööf, Susanna

    2013-01-01

    You're never quite finished with nuclear security. ''Even the most advanced security system for radioactive or nuclear material needs to be continuously updated to ensure that it remains effective,'' says Arvydas Stadalnikas, an IAEA Senior Nuclear Security Officer. ''Security can always be improved. Even if you think you have the best system for today, it may require enhancements because of the changing environment,'' he said. To help States with this daunting task, the IAEA offers support through its International Physical Protection Advisory Service (IPPAS) which includes in-depth analysis of the physical protection and nuclear security followed by expert advice. The IAEA has carried out 58 missions to 37 countries since the IPPAS programme was launched in 1996, helping States translate international conventions, codes and guidance on nuclear security into practice. Although each mission focuses on improving the security in a specific country, ''the programme has benefits that reach far beyond the recipient State's national borders,'' Stadalnikas noted. ''Each IPPAS mission helps improve global nuclear security because enhanced security in one country means that you improve globally. Deficiencies in one country could open the way for malicious acts, which can have worldwide effects,'' he said

  16. Seven layers of security to help protect biomedical research facilities.

    Science.gov (United States)

    Mortell, Norman

    2010-04-01

    In addition to risks such as theft and fire that can confront any type of business, the biomedical research community often faces additional concerns over animal rights extremists, infiltrations, data security and intellectual property rights. Given these concerns, it is not surprising that the industry gives a high priority to security. This article identifies security threats faced by biomedical research companies and shows how these threats are ranked in importance by industry stakeholders. The author then goes on to discuss seven key 'layers' of security, from the external environment to the research facility itself, and how these layers all contribute to the creation of a successfully secured facility.

  17. A Study on Corporate Security Awareness and Compliance Behavior Intent

    Science.gov (United States)

    Clark, Christine Y.

    2013-01-01

    Understanding the drivers to encourage employees' security compliance behavior is increasingly important in today's highly networked environment to protect computer and information assets of the company. The traditional approach for corporations to implement technology-based controls, to prevent security breaches is no longer sufficient.…

  18. Development of a Secure Mobile GPS Tracking and Management System

    Science.gov (United States)

    Liu, Anyi

    2012-01-01

    With increasing demand of mobile devices and cloud computing, it becomes increasingly important to develop efficient mobile application and its secured backend, such as web applications and virtualization environment. This dissertation reports a systematic study of mobile application development and the security issues of its related backend. …

  19. Climate Change and Risks to National Security

    Science.gov (United States)

    Titley, D.

    2017-12-01

    Climate change impacts national security in three ways: through changes in the operating environments of the military; by increasing risks to security infrastructure, specifically bases and training ranges; and by exacerbating and accelerating the risks of state collapse and conflict in regions that are already fragile and unstable. Additionally there will be unique security challenges in the Arctic as sea-ice melts out and human activities increase across multiple dimensions. Military forces will also likely see increased demand for Humanitarian Assistance and Disaster Relief resulting from a combination of increased human population, rising sea-level, and potentially stronger and wetter storms. The talk will explore some of the lesser known aspects of these changes, examine selected climate-driven 'wild cards' that have the potential to disrupt regional and global security, and explore how migration in the face of a changing climate may heighten security issues. I will assess the positions U.S. executive and legislative branches with respect to climate & security, and how those positions have evolved since the November 2016 election, sometimes in counter-intuitive ways. The talk will close with some recommended courses of action the security enterprise can take to manage this climate risk.

  20. Securing Sub-Saharan Africa’s Maritime Environment: Lessons Learned from the Caribbean and Southeast Asia

    Science.gov (United States)

    2009-06-01

    Worst of Times: Maritime Security in the Asia-Pacific eds. Joshua Ho and Catherine Zara Raymond (Singapore: Institute of Defense and Strategic Studies...Security Outlook for Southeast Asia,” in The Best of Times, the Worst of Times: Maritime Security in the Asia-Pacific eds. Joshua Ho and Catherine Zara

  1. The development of mobile robot for security application and nuclear facilities

    Energy Technology Data Exchange (ETDEWEB)

    Kim, B. S.; Lee, Y. B.; Choi, Y. S.; Seo, Y. C.; Park, Y. M

    1999-12-01

    The use of a mobile robot system in nuclear radioactive environments has the advantage of watching and inspecting the NPP safety-related equipment systematically and repairing damaged parts efficiently, thereby enhancing the safe operations of NPPs as well as reducing significantly personnel's dose rate to radioactive environment. Key technology achieved through the development of such robotic system can be used for security application and can offer new approaches to many of the tasks faced to the industry as well. The mobile robot system was composed of a mobile subsystem, a manipulator subsystem, a control subsystem, and a sensor subsystem to use in security application and nuclear radioactive environments. The mobile subsystem was adopted to synchro-drive method to improve the mobility of it. And the manipulator subsystem was developed to minimize the weight and easy to control at remote site. Finally, we developed the USB-based robot control system considering the expandability and modularity. The developed mobile robot for inspection and security was experimented for the collision avoidance and autonomous algorithm, and then it was confirmed that the mobile robot was very effective to the security application and inspection of nuclear facilities. (author)

  2. The development of mobile robot for security application and nuclear facilities

    International Nuclear Information System (INIS)

    Kim, B. S.; Lee, Y. B.; Choi, Y. S.; Seo, Y. C.; Park, Y. M.

    1999-12-01

    The use of a mobile robot system in nuclear radioactive environments has the advantage of watching and inspecting the NPP safety-related equipment systematically and repairing damaged parts efficiently, thereby enhancing the safe operations of NPPs as well as reducing significantly personnel's dose rate to radioactive environment. Key technology achieved through the development of such robotic system can be used for security application and can offer new approaches to many of the tasks faced to the industry as well. The mobile robot system was composed of a mobile subsystem, a manipulator subsystem, a control subsystem, and a sensor subsystem to use in security application and nuclear radioactive environments. The mobile subsystem was adopted to synchro-drive method to improve the mobility of it. And the manipulator subsystem was developed to minimize the weight and easy to control at remote site. Finally, we developed the USB-based robot control system considering the expandability and modularity. The developed mobile robot for inspection and security was experimented for the collision avoidance and autonomous algorithm, and then it was confirmed that the mobile robot was very effective to the security application and inspection of nuclear facilities. (author)

  3. Does the PCEHR mean a new paradigm for information security? Implications for health information management.

    Science.gov (United States)

    Williams, Patricia A H

    Australia is stepping up to the new e-health environment. With this comes new legislation and new demands on information security. The expanded functionality of e-health and the increased legislative requirements, coupled with new uses of technology, means that enhancement of existing security practice will be necessary. This paperanalyses the new operating environment for Australian healthcare and the legislation governing it, and highlights the changes that are required to meet this new context. Individuals are now more responsible for security and organisations should be prompted to review their security measures in light of the new demands of legislative compliance.

  4. Re-designing the PhEDEx security model

    CERN Document Server

    Wildish, Anthony

    2013-01-01

    PhEDEx. the data-placement tool used by the CMS experiment at the LHC, was conceived in a more trusting time. The security model was designed to provide a safe working environment for site agents and operators, but provided little more protection than that. CMS data was not sufficiently protected against accidental loss caused by operator error or software bugs or from loss of data caused by deliberate manipulation of the database. Operations staff were given high levels of access to the database, beyond what should have been needed to accomplish their tasks. This exposed them to the risk of suspicion should an incident occur. Multiple implementations of the security model led to difficulties maintaining code, which can lead to degredation of security over time.In order to meet the simultaneous goals of protecting CMS data, protecting the operators from undue exposure to risk, increasing monitoring capabilities and improving maintainability of the security model, the PhEDEx security model was redesigned and r...

  5. Comparative approach between nuclear safety and security

    International Nuclear Information System (INIS)

    2009-04-01

    Adopting the definition of nuclear safety and nuclear security as they are specified by IAEA glossaries, this report first outlines that these both notions refer to similar risks but with causes of different nature. They discuss the notions of transparency and confidentiality and outline that security and safety both aims at the protection of population and of the environment. They discuss their organisational principles, notice that both have their own legal and regulatory framework, that authorities have expertise on both, that the responsibility is distributed among operators and the State, and that safety and security cultures are complementary. They analyse the design, exploitation and management principles of security and safety approaches: graded approach, defence-in-depth, synergy between security and safety, same daily monitoring requirement, same necessity to address the return on experience, same need to update a referential, a more constrained exchange of good practices in safety, a necessity to deal with their respective requirements, elaboration of emergency plans, performance of exercises

  6. Privacy and Security in Connected Vehicles Ecosystems

    Directory of Open Access Journals (Sweden)

    Marius POPA

    2017-01-01

    Full Text Available Modern vehicles could not be figured out without Internet connections in order to provide customers a wide range of services in the vehicle: infotainment platforms, third-party support, on-board and online monitor and maintenance, business analytics for car fleets. Exposure of the vehicles to the Internet turns them into targets for viruses, worms, Trojans, DoS and lot of other threats for connected vehicle security. Beside the classic threats of the Internet exposure, other new threats are introduced by the Internet of Things (IoT new technologies that are poor regulated or undefined yet from the security point of view. Also, the large variety of the IoT technologies not being standardized yet contribute to security issues in this area of the automotive industry. This paper provides an overview of the connected vehicle environment, considering the main components of such kind of system and the main security challenges to be considered for building reliable secure online systems for connected vehicles.

  7. China's mineral resources security under economic globalization

    Energy Technology Data Exchange (ETDEWEB)

    Wang, Y. [China University of Mining and Technology, Xuzhou (China). College of Environment and Spatial Informatics

    2002-10-01

    The concept and intention of mineral resources security are introduced. From the insurance and leverage that mineral resources has on China's socio-economic development, the strength of support, the opportunity and challenge imposed by globalised economy, the effect of mineral resource development on the safety of the eco-environment, the author analyses the basic situation and existing problem of the mineral resources security in China; summarizes the current research situation of mineral resources security and the main tactics which are used to ensure mineral resources security in the developed countries; presents the essence of mineral resources security, the basic principles of research and the problems focused; and points out the research areas and goals that should be strengthened urgently. 15 refs.

  8. A secured authentication protocol for wireless sensor networks using elliptic curves cryptography.

    Science.gov (United States)

    Yeh, Hsiu-Lien; Chen, Tien-Ho; Liu, Pin-Chuan; Kim, Tai-Hoo; Wei, Hsin-Wen

    2011-01-01

    User authentication is a crucial service in wireless sensor networks (WSNs) that is becoming increasingly common in WSNs because wireless sensor nodes are typically deployed in an unattended environment, leaving them open to possible hostile network attack. Because wireless sensor nodes are limited in computing power, data storage and communication capabilities, any user authentication protocol must be designed to operate efficiently in a resource constrained environment. In this paper, we review several proposed WSN user authentication protocols, with a detailed review of the M.L Das protocol and a cryptanalysis of Das' protocol that shows several security weaknesses. Furthermore, this paper proposes an ECC-based user authentication protocol that resolves these weaknesses. According to our analysis of security of the ECC-based protocol, it is suitable for applications with higher security requirements. Finally, we present a comparison of security, computation, and communication costs and performances for the proposed protocols. The ECC-based protocol is shown to be suitable for higher security WSNs.

  9. A comparative study of field-emission from different one dimensional carbon nanostructures synthesized via thermal CVD system

    International Nuclear Information System (INIS)

    Jha, A.; Banerjee, D.; Chattopadhyay, K.K.

    2011-01-01

    Different one dimensional (1D) carbon nanostructures, such as carbon nanonoodles (CNNs), carbon nanospikes (CNSs) and carbon nanotubes (CNTs) have been synthesized via thermal chemical vapour deposition (TCVD) technique. The different 1D morphologies were synthesized by varying the substrate material and the deposition conditions. The as-prepared samples were characterized by X-ray diffraction (XRD), field emission scanning electron microscope (FESEM) and transmission electron microscope (TEM). FESEM and TEM images showed that the diameters of the CNNs and CNTs were ∼40 nm while the diameters of the CNSs were around 100 nm. Field emission studies of the as-prepared samples showed that CNSs to be a better field emitter than CNNs, whereas CNTs are the best among the three producing large emission current. The variation of field emission properties with inter-electrode distance has been studied in detail. Also the time dependent field emission studies of all the nanostructures have been carried out.

  10. Temporal and Spatial Distribution of Ecological Security in Arid Region Based on GIS: A Case Study in Xinjiang

    Science.gov (United States)

    Zhang, Q.; Song, W.; Yang, J.

    2017-12-01

    Ecological security is close related to the people's survival and development. In the context of the global warming, with the increasingly frequent human activities, ecological and environmental problems have become increasingly prominent. Ecological security has aroused widespread concern, especially in the arid region. It has an important role in national security as well as political security, military security, economic security, social security. Taken Xinjiang as the research area, which is a typical arid region in China, this study establishes an ecological safety assessment indicator system from perspective of the generic process and the formation mechanism of the ecosystem. The framework is based on natural resources dimensions, natural environment dimensions and human disturbance dimensions. Water is the restrictive factor for the development of arid region, so the water resources carrying capacity is the main natural resource of the study area. The natural environment includes SPI(standardized precipitation index), dryness index, landscape vulnerability, NDVI. Human disturbance includes urbanization rate, population density, afforestation area, per capita GDP, water-saving irrigation area, fertilizer and pesticide application, agriculture Mechanical power, energy consumption. The expert scoring method and the coefficient of variation method are used to determine the weight of each indicator, and finally a comprehensive index is constructed to evaluate the ecological security of Xinjiang, that is, the ecological security index. The results indicate that the ecological security of Xinjiang is 0.43, which is in the critical area. The ecological security of Hami, Turpan and Karamay is the lowest, and the ecological security of the Arabian and Yili is the highest. The ecological security of the south in the Xinjiang is higher than that in the north. In short, ecological environment of Xinjiang is in a sensitive period. Effective ecological protection policy

  11. Energy policy seesaw between security and protecting the environment

    International Nuclear Information System (INIS)

    Finon, D.

    1994-01-01

    It is just the price of oil that causes the energy policies of importing countries to vacillate. Changing perceptions of energy supply factors has had as much to do with transfiguring government action modes since 1973 as has the idea of the legitimacy of that action. The present paper thus draws a parallel between the goal of energy security twenty years ago and that of global environmental protection today, which explains the critical reversion to a view of minimum government action in the energy field - a view that marked the eighties. (author). 20 refs

  12. Study on defensive security concepts and policies

    International Nuclear Information System (INIS)

    1993-01-01

    The report begins by describing the background against which the proposal for the study emerged-the welcome developments brought about by the end of the cold war but also the emergence of new threats and the reappearance of long-standing problems. The study proceeds to examine current trends in the international security environment and how they may influence the peaceful settlement of dispute and the effecting of restraint and a defensive orientation in the development, maintenance and use of armed forces. A discussion of the substance and main features of defensive security concepts and policies follows. Existing studies and models designed to eliminate the offensive character of military force postures by effecting a defensive orientation of capabilities are surveyed. In addition, the study discusses political and military aspects of defensive security, pointing out how defensive security differs from those existing models

  13. Competition, Speculative Risks, and IT Security Outsourcing

    Science.gov (United States)

    Cezar, Asunur; Cavusoglu, Huseyin; Raghunathan, Srinivasan

    Information security management is becoming a more critical and, simultaneously, a challenging function for many firms. Even though many security managers are skeptical about outsourcing of IT security, others have cited reasons that are used for outsourcing of traditional IT functions for why security outsourcing is likely to increase. Our research offers a novel explanation, based on competitive externalities associated with IT security, for firms' decisions to outsource IT security. We show that if competitive externalities are ignored, then a firm will outsource security if and only if the MSSP offers a quality (or a cost) advantage over in-house operations, which is consistent with the traditional explanation for security outsourcing. However, a higher quality is neither a prerequisite nor a guarantee for a firm to outsource security. The competitive risk environment and the nature of the security function outsourced, in addition to quality, determine firms' outsourcing decisions. If the reward from the competitor's breach is higher than the loss from own breach, then even if the likelihood of a breach is higher under the MSSP the expected benefit from the competitive demand externality may offset the loss from the higher likelihood of breaches, resulting in one or both firms outsourcing security. The incentive to outsource security monitoring is higher than that of infrastructure management because the MSSP can reduce the likelihood of breach on both firms and thus enhance the demand externality effect. The incentive to outsource security monitoring (infrastructure management) is higher (lower) if either the likelihood of breach on both firms is lower (higher) when security is outsourced or the benefit (relative to loss) from the externality is higher (lower). The benefit from the demand externality arising out of a security breach is higher when more of the customers that leave the breached firm switch to the non-breached firm.

  14. International security and arms control

    International Nuclear Information System (INIS)

    Ekeus, R.

    2000-01-01

    The end of the cold war also ended the focus on the bilateral approach to arms control and disarmament. Key concepts of security needed to be revisited, along with their implications for the disarmament and arms control agenda. Though there is currently a unipolar global security environment, there remain important tasks on the multilateral arms control agenda. The major task is that of reducing and eliminating weapons of mass destruction, especially nuclear weapons. The author contends that maintaining reliance on the nuclear-weapons option makes little sense in a time when the major Powers are strengthening their partnerships in economics, trade, peacemaking and building. (author)

  15. Compatibility of safety and security

    International Nuclear Information System (INIS)

    Jalouneix, J.

    2013-01-01

    Nuclear safety means the achievement of proper operating conditions, prevention of accidents or mitigation of accident consequences, resulting in protection of workers, the public and the environment from undue radiation hazards while nuclear security means the prevention and detection of, and response to, theft, sabotage, unauthorized access, illegal transfer or other malicious acts involving nuclear material. Nuclear safety and nuclear security present large similarities in their aim as in their methods and are mutually complementary in the field of protection with regard to the risk of sabotage. However they show specific attributes in certain areas which leads to differences in their implementation. For instance security culture must integrate deterrence and confidentiality while safety culture implies transparency and open dialogue. Two important design principles apply identically for safety and security: the graded approach and the defense in depth. There are also strong similarities in operating provisions: -) a same need to check the availability of the equipment, -) a same need to treat the experience feedback, or -) a same need to update the basic rules. There are also strong similarities in emergency management, for instance the elaboration of emergency plans and the performance of periodic exercises. Activities related to safety of security of an installation must be managed by a quality management system. For all types of nuclear activities and facilities, a well shared safety culture and security culture is the guarantee of a safe and secure operation. The slides of the presentation have been added at the end of the paper

  16. ECONOMIC SECURITY – NEW APPROACHES IN THE CONTEXT OF GLOBALIZATION

    Directory of Open Access Journals (Sweden)

    Gabriel ANDRUSEAC

    2015-08-01

    Full Text Available Nowadays, more than ever, economic relations between states are the ones that define the general character of the relations between them and establish economic security as a concept which cannot be neglected anymore. Globalization, the process that shapes the international environment, undermines the old definition of economic security and forces its redefinition. The article aims to identify and analyse the effects of globalization on economic security and the new approaches it takes in this context.

  17. A Broker Framework for Secure and Cost-Effective Business Process Deployment on Multiple Clouds

    OpenAIRE

    Goettelmann , Elio; Dahman , Karim; Gateau , Benjamin; Godart , Claude

    2014-01-01

    International audience; Security risk management on information systems provides security guarantees while controlling costs. But security risk assessments can be very complex, especially in a cloud context where data is dis-tributed over multiple environments. To prevent costs from becoming the only cloud selection factor, while disregarding security, we propose a method for performing multiple cloud security risk assessments. In this paper we present a broker framework for balancing costs a...

  18. The Handbook for Campus Safety and Security Reporting. 2016 Edition

    Science.gov (United States)

    US Department of Education, 2016

    2016-01-01

    Campus security and safety is an important feature of postsecondary education. The Department of Education is committed to assisting schools in providing students nationwide a safe environment in which to learn and to keep students, parents and employees well informed about campus security. These goals were advanced by the Crime Awareness and…

  19. Northern Security and Global Politics

    DEFF Research Database (Denmark)

    This book takes a comprehensive approach to security in the Nordic-Baltic region, studying how this region is affected by developments in the international system. The advent of the new millennium coincided with the return of the High North to the world stage. A number of factors have contributed......-unipolar", indicating a period of flux and of declining US unipolar hegemony. Drawing together contributions from key thinkers in the field, Northern Security and Global Politics explores how this situation has affected the Nordic-Baltic area by addressing two broad sets of questions. First, it examines what impact...... declining unipolarity - with a geopolitical shift to Asia, a reduced role for Europe in United States policy, and a more assertive Russia - will have on regional Nordic-Baltic security. Second, it takes a closer look at how the regional actors respond to these changes in their strategic environment...

  20. Validity of information security policy models

    Directory of Open Access Journals (Sweden)

    Joshua Onome Imoniana

    Full Text Available Validity is concerned with establishing evidence for the use of a method to be used with a particular set of population. Thus, when we address the issue of application of security policy models, we are concerned with the implementation of a certain policy, taking into consideration the standards required, through attribution of scores to every item in the research instrument. En today's globalized economic scenarios, the implementation of information security policy, in an information technology environment, is a condition sine qua non for the strategic management process of any organization. Regarding this topic, various studies present evidences that, the responsibility for maintaining a policy rests primarily with the Chief Security Officer. The Chief Security Officer, in doing so, strives to enhance the updating of technologies, in order to meet all-inclusive business continuity planning policies. Therefore, for such policy to be effective, it has to be entirely embraced by the Chief Executive Officer. This study was developed with the purpose of validating specific theoretical models, whose designs were based on literature review, by sampling 10 of the Automobile Industries located in the ABC region of Metropolitan São Paulo City. This sampling was based on the representativeness of such industries, particularly with regards to each one's implementation of information technology in the region. The current study concludes, presenting evidence of the discriminating validity of four key dimensions of the security policy, being such: the Physical Security, the Logical Access Security, the Administrative Security, and the Legal & Environmental Security. On analyzing the Alpha of Crombach structure of these security items, results not only attest that the capacity of those industries to implement security policies is indisputable, but also, the items involved, homogeneously correlate to each other.

  1. Non-proliferation and security: synergy and differences

    International Nuclear Information System (INIS)

    Joly, J.

    2013-01-01

    Operators of nuclear facilities put in place both physical and organisational means to meet in a comprehensive way the requirements associated with Nuclear Non-Proliferation, Safety and Security. The common aim is to protect man and the environment from ionising radiation. The approaches for meeting these requirements have real similarities, but also differences which need to be respected in order to develop an appropriate synergy for obtaining the best possible level of safety, security and non-proliferation. This article aims to show the provisions that have been taken with regard to non-proliferation, security and safety which complement and reinforce each other.The paper is followed by the slides of the presentation. (author)

  2. IMIRSEL: a secure music retrieval testing environment

    Science.gov (United States)

    Downie, John S.

    2004-10-01

    The Music Information Retrieval (MIR) and Music Digital Library (MDL) research communities have long noted the need for formal evaluation mechanisms. Issues concerning the unavailability of freely-available music materials have greatly hindered the creation of standardized test collections with which these communities could scientifically assess the strengths and weaknesses of their various music retrieval techniques. The International Music Information Retrieval Systems Evaluation Laboratory (IMIRSEL) is being developed at the University of Illinois at Urbana-Champaign (UIUC) specifically to overcome this hindrance to the scientific evaluation of MIR/MDL systems. Together with its subsidiary Human Use of Music Information Retrieval Systems (HUMIRS) project, IMIRSEL will allow MIR/MDL researchers access to the standardized large-scale collection of copyright-sensitive music materials and standardized test queries being housed at UIUC's National Center for Supercomputing Applications (NCSA). Virtual Research Labs (VRL), based upon NCSA's Data-to-Knowledge (D2K) tool set, are being developed through which MIR/MDL researchers will interact with the music materials under a "trusted code" security model.

  3. E-Commerce and Security Governance in Developing Countries

    Science.gov (United States)

    Sanayei, Ali.; Rajabion, Lila

    Security is very often mentioned as one of the preconditions for the faster growth of e-commerce. Without a secure and reliable internet, customer will continue to be reluctant to provide confidential information online, such as credit card number. Moreover, organizations of all types and sizes around the world rely heavily on technologies of electronic commerce (e-commerce) for conducting their day-to-day business transaction. Providing organizations with a secure e-commerce environment is a major issue and challenging one especially in Middle Eastern countries. Without secure e-commerce, it is almost impossible to take advantage of the opportunities offered by e-commerce technologies. E-commerce can create opportunities for small entrepreneurs in Middle Eastern countries. This requires removing infrastructure blockages in telecommunications and logistics alongside the governance of e-commerce with policies on consumer protection, security of transactions, privacy of records and intellectual property. In this paper, we will explore the legal implications of e-commerce security governance by establishing who is responsible for ensuring compliance with this discipline, demonstrating the value to be derived from information security governance, the methodology of applying information security governance, and liability for non-compliance with this discipline. Our main focus will be on analyzing the importance and implication of e-commerce security governance in developing countries.

  4. On the Modelling of Context-Aware Security for Mobile Devices

    Directory of Open Access Journals (Sweden)

    Tomasz Zurek

    2016-01-01

    Full Text Available Security management in wireless networks has to deal with the changing character of the environment, which can further lead to decision making problem for unexpected events. Among a huge list of devices, the mobile ones are especially vulnerable to this situation. The solution for adapting systems and applications to dynamic environments can be context-aware description of the user actions, which gives a possibility to take into account the factors that influence these actions. In the article, we propose a context-aware security adjusting model, which is based on proposition logic and incorporates mechanisms that assist in the reasoning process. The main benefits that differentiate our approach from similar ones are a formal representation of the model, the usage of the whole spectrum of context attributes, the detection and analysis of contextual data integrity, and conflicting rules’ eradication capability. All these traits transcribe into a more effective way of adjusting security measures in accordance with existing circumstances. To illustrate the proposed approach, we present the case study of context-aware security management for mobile devices.

  5. Cloud Security Audit for Migration and Continuous Monitoring

    OpenAIRE

    Ismail, Umar Mukhtar; Islam, Shareeful; Mouratidis, Haralambos

    2015-01-01

    Security assurance in cloud computing is one of the main barriers for wider cloud adoption. Potential cloud computing consumers like to know whether the controls in cloud environments can adequately protect critical assets migrated into the cloud. We present a cloud security audit approach to enable users' evaluate cloud service provider offerings before migration, as well as monitoring of events after migration. Our approach entails a set of concepts such as actor, goals, monitoring, conditi...

  6. Operating Security System Support for Run-Time Security with a Trusted Execution Environment

    DEFF Research Database (Denmark)

    Gonzalez, Javier

    Software services have become an integral part of our daily life. Cyber-attacks have thus become a problem of increasing importance not only for the IT industry, but for society at large. A way to contain cyber-attacks is to guarantee the integrity of IT systems at run-time. Put differently......, it is safe to assume that any complex software is compromised. The problem is then to monitor and contain it when it executes in order to protect sensitive data and other sensitive assets. To really have an impact, any solution to this problem should be integrated in commodity operating systems...... sensitive assets at run-time that we denote split-enforcement, and provide an implementation for ARM-powered devices using ARM TrustZone security extensions. We design, build, and evaluate a prototype Trusted Cell that provides trusted services. We also present the first generic TrustZone driver...

  7. A Game Theory Based Solution for Security Challenges in CRNs

    Science.gov (United States)

    Poonam; Nagpal, Chander Kumar

    2018-03-01

    Cognitive radio networks (CRNs) are being envisioned to drive the next generation Ad hoc wireless networks due to their ability to provide communications resilience in continuously changing environments through the use of dynamic spectrum access. Conventionally CRNs are dependent upon the information gathered by other secondary users to ensure the accuracy of spectrum sensing making them vulnerable to security attacks leading to the need of security mechanisms like cryptography and trust. However, a typical cryptography based solution is not a viable security solution for CRNs owing to their limited resources. Effectiveness of trust based approaches has always been, in question, due to credibility of secondary trust resources. Game theory with its ability to optimize in an environment of conflicting interests can be quite a suitable tool to manage an ad hoc network in the presence of autonomous selfish/malevolent/malicious and attacker nodes. The literature contains several theoretical proposals for augmenting game theory in the ad hoc networks without explicit/detailed implementation. This paper implements a game theory based solution in MATLAB-2015 to secure the CRN environment and compares the obtained results with the traditional approaches of trust and cryptography. The simulation result indicates that as the time progresses the game theory performs much better with higher throughput, lower jitter and better identification of selfish/malicious nodes.

  8. Aspects regarding the implementation of information security standards in organizations

    Directory of Open Access Journals (Sweden)

    Mihai Bârsan

    2017-03-01

    Full Text Available Information security is one of the major challenges of the information and knowledge based society. The preoccupation of organizations to ensure the security of information in the digital environment has led to the emergence of specific standards in the field. Thus, ISO 27000 brings together reference standards in the field. Starting from ISO 27001, which summarizes policies and procedures on physical, legal and technological security risks, this paper looks at the steps the organization must undertake to implement the standards.

  9. Security Requirements for New Threats at International Airports

    Directory of Open Access Journals (Sweden)

    Gabriel Nowacki

    2018-03-01

    Full Text Available The paper refers to security requirements for new threats international airports, taking specifically into consideration current challenges within processing of passengers, in light of types of current major threats, in a way ensuring positive passenger experience within their journey. In addition, within the scope of this paper, presented initial outcome of study research among professional aviation stakeholder?s environment, on current threats in the area of security and protection of airport infrastructure. The airports are a very demanding environment: seasonal traffic, fluctuating passenger volumes and last minute changes mean there is a lot of flexibility required in order to meet specific needs of airport authorities and their clients or the passengers (Dolnik, 2009. Therefore, security in aviation sector has been a big issue for civil aviation authorities, as airports are susceptible targets for terrorist attacks. The list of incidents is extensive and gets longer every year despite strict security measures. Within decades, aviation has become the backbone of our global economy bringing people to business, tourists to vacation destinations and products to markets. Statistically flying remains the safest mode of travelling compared to other modes of transportation. However, simultaneously terrorists and criminals continue in their quest to explore new ways of disrupting air transportation and the challenge to secure airports and airline assets remain real. This calls for greater awareness of security concerns in the aviation sector. The key element, how to protects against terrorist modus operandi, is to stay ahead of recent threats, incidents and breaches occurring worldwide. It requires implementation of effective data sharing systems, in order to proactively monitor potential risks and vulnerabilities within different type of aviation ecosystems.

  10. 17 CFR 240.17Ad-21T - Operational capability in a Year 2000 environment.

    Science.gov (United States)

    2010-04-01

    ... 17 Commodity and Securities Exchanges 3 2010-04-01 2010-04-01 false Operational capability in a Year 2000 environment. 240.17Ad-21T Section 240.17Ad-21T Commodity and Securities Exchanges SECURITIES... Company Rules § 240.17Ad-21T Operational capability in a Year 2000 environment. (a) This section applies...

  11. Comprehensive evaluation of ecological security in mining area based on PSR-ANP-GRAY.

    Science.gov (United States)

    He, Gang; Yu, Baohua; Li, Shuzhou; Zhu, Yanna

    2017-09-06

    With the large exploitation of mineral resources, a series of problems have appeared in the ecological environment of the mining area. Therefore, evaluating the ecological security of mining area is of great significance to promote its healthy development. In this paper, the evaluation index system of ecological security in mining area was constructed from three dimensions of nature, society and economy, combined with Pressure-State-Response framework model. Then network analytic hierarchy process and GRAY relational analysis method were used to evaluate the ecological security of the region, and the weighted correlation degree of ecological security was calculated through the index data of a coal mine from 2012 to 2016 in China. The results show that the ecological security in the coal mine area is on the rise as a whole, though it alternatively rose and dropped from 2012 to 2016. Among them, the ecological security of the study mining area is at the general security level from 2012 to 2015, and at a relatively safe level in 2016. It shows that the ecological environment of the study mining area can basically meet the requirement of the survival and development of the enterprises.

  12. Public views on multiple dimensions of security: nuclear weapons, terrorism, energy, and the environment: 2007

    International Nuclear Information System (INIS)

    Herron, Kerry Gale; Jenkins-Smith, Hank C.

    2008-01-01

    We analyze and compare findings from identical national surveys of the US general public on nuclear security and terrorism administered by telephone and Internet in mid-2007. Key areas of investigation include assessments of threats to US security; valuations of US nuclear weapons and nuclear deterrence; perspectives on nuclear proliferation, including the specific cases of North Korea and Iran; and support for investments in nuclear weapons capabilities. Our analysis of public views on terrorism include assessments of the current threat, progress in the struggle against terrorism, preferences for responding to terrorist attacks at different levels of assumed casualties, and support for domestic policies intended to reduce the threat of terrorism. Also we report findings from an Internet survey conducted in mid 2007 that investigates public views of US energy security, to include: energy supplies and reliability; energy vulnerabilities and threats, and relationships among security, costs, energy dependence, alternative sources, and research and investment priorities. We analyze public assessments of nuclear energy risks and benefits, nuclear materials management issues, and preferences for the future of nuclear energy in the US. Additionally, we investigate environmental issues as they relate to energy security, to include expected implications of global climate change, and relationships among environmental issues and potential policy options.

  13. Public views on multiple dimensions of security : nuclear waepons, terrorism, energy, and the environment : 2007.

    Energy Technology Data Exchange (ETDEWEB)

    Herron, Kerry Gale (University of Oklahoma, Norman, OK); Jenkins-Smith, Hank C. (University of Oklahoma, Norman, OK)

    2008-01-01

    We analyze and compare findings from identical national surveys of the US general public on nuclear security and terrorism administered by telephone and Internet in mid-2007. Key areas of investigation include assessments of threats to US security; valuations of US nuclear weapons and nuclear deterrence; perspectives on nuclear proliferation, including the specific cases of North Korea and Iran; and support for investments in nuclear weapons capabilities. Our analysis of public views on terrorism include assessments of the current threat, progress in the struggle against terrorism, preferences for responding to terrorist attacks at different levels of assumed casualties, and support for domestic policies intended to reduce the threat of terrorism. Also we report findings from an Internet survey conducted in mid 2007 that investigates public views of US energy security, to include: energy supplies and reliability; energy vulnerabilities and threats, and relationships among security, costs, energy dependence, alternative sources, and research and investment priorities. We analyze public assessments of nuclear energy risks and benefits, nuclear materials management issues, and preferences for the future of nuclear energy in the US. Additionally, we investigate environmental issues as they relate to energy security, to include expected implications of global climate change, and relationships among environmental issues and potential policy options.

  14. Problems of environment pollution in energy production

    International Nuclear Information System (INIS)

    Soyberk, Oe.

    2000-01-01

    This publication relates to nuclear fuel cycle and environment, nuclear accidents, risk analysis, test of nuclear weapon, security problems of nuclear power plants, advantages and disadvantages of energy sources, climate variation due to environment pollution

  15. A secure online image trading system for untrusted cloud environments.

    Science.gov (United States)

    Munadi, Khairul; Arnia, Fitri; Syaryadhi, Mohd; Fujiyoshi, Masaaki; Kiya, Hitoshi

    2015-01-01

    In conventional image trading systems, images are usually stored unprotected on a server, rendering them vulnerable to untrusted server providers and malicious intruders. This paper proposes a conceptual image trading framework that enables secure storage and retrieval over Internet services. The process involves three parties: an image publisher, a server provider, and an image buyer. The aim is to facilitate secure storage and retrieval of original images for commercial transactions, while preventing untrusted server providers and unauthorized users from gaining access to true contents. The framework exploits the Discrete Cosine Transform (DCT) coefficients and the moment invariants of images. Original images are visually protected in the DCT domain, and stored on a repository server. Small representation of the original images, called thumbnails, are generated and made publicly accessible for browsing. When a buyer is interested in a thumbnail, he/she sends a query to retrieve the visually protected image. The thumbnails and protected images are matched using the DC component of the DCT coefficients and the moment invariant feature. After the matching process, the server returns the corresponding protected image to the buyer. However, the image remains visually protected unless a key is granted. Our target application is the online market, where publishers sell their stock images over the Internet using public cloud servers.

  16. Risk assessment for sustainable food security in China according to integrated food security--taking Dongting Lake area for example.

    Science.gov (United States)

    Qi, Xiaoxing; Liu, Liming; Liu, Yabin; Yao, Lan

    2013-06-01

    Integrated food security covers three aspects: food quantity security, food quality security, and sustainable food security. Because sustainable food security requires that food security must be compatible with sustainable development, the risk assessment of sustainable food security is becoming one of the most important issues. This paper mainly focuses on the characteristics of sustainable food security problems in the major grain-producing areas in China. We establish an index system based on land resources and eco-environmental conditions and apply a dynamic assessment method based on status assessments and trend analysis models to overcome the shortcomings of the static evaluation method. Using fuzzy mathematics, the risks are categorized into four grades: negligible risk, low risk, medium risk, and high risk. A case study was conducted in one of China's major grain-producing areas: Dongting Lake area. The results predict that the status of the sustainable food security in the Dongting Lake area is unsatisfactory for the foreseeable future. The number of districts at the medium-risk range will increase from six to ten by 2015 due to increasing population pressure, a decrease in the cultivated area, and a decrease in the effective irrigation area. Therefore, appropriate policies and measures should be put forward to improve it. The results could also provide direct support for an early warning system-which could be used to monitor food security trends or nutritional status so to inform policy makers of impending food shortages-to prevent sustainable food security risk based on some classical systematic methods. This is the first research of sustainable food security in terms of risk assessment, from the perspective of resources and the environment, at the regional scale.

  17. THE REALITY OF OPERATIONAL ENVIRONMENT IN MILITARY OPERATIONS

    Directory of Open Access Journals (Sweden)

    Milan PODHOREC

    2012-01-01

    Full Text Available The strategic and operational environment affecting national security is complex, multifaceted and variable. Even in the long term, it will be characterized by high dynamics of changes, the growing diversity of players and increasingly complex interdependence of security trends and factors. Threats, risks and their sources are often difficult to localize and nowadays have mostly non-state and transnational character. Many of the specific threats and their impacts are difficult to predict. It all adds up to a further blurring of distinctions between internal and external national security. The operating environment consists of a set of factors arising from the nature of an area where the operation is carried out or will be. Operating environment is also formed by the character of a potential enemy, possibilities of effecting technological and informational areas and further by terrain, climatic conditions and level of own forces and coalition forces.

  18. Clinicians, security and information technology support services in practice settings--a pilot study.

    Science.gov (United States)

    Fernando, Juanita

    2010-01-01

    This case study of 9 information technology (IT) support staff in 3 Australian (Victoria) public hospitals juxtaposes their experiences at the user-level of eHealth security in the Natural Hospital Environment with that previously reported by 26 medical, nursing and allied healthcare clinicians. IT support responsibilities comprised the entire hospital, of which clinician eHealth security needs were only part. IT staff believed their support tasks were often fragmented while work responsibilities were hampered by resources shortages. They perceived clinicians as an ongoing security risk to private health information. By comparison clinicians believed IT staff would not adequately support the private and secure application of eHealth for patient care. Preliminary data analysis suggests the tension between these cohorts manifests as an eHealth environment where silos of clinical work are disconnected from silos of IT support work. The discipline-based silos hamper health privacy outcomes. Privacy and security policies, especially those influencing the audit process, will benefit by further research of this phenomenon.

  19. Autonomy-based security design: the allocation of cash flow and control rights

    NARCIS (Netherlands)

    Boot, A.W.A.; Song, F.; Thakor, A.V.

    2005-01-01

    We derive debt, equity, convertible debt and asset-backed debt securities as optimal security designs in an environment in which the owner-manager has an endogenous control preference - a desire for autonomy - arising from the anticipation of future disagreement with investors over a

  20. Security research roadmap; Security-tutkimuksen roadmap

    Energy Technology Data Exchange (ETDEWEB)

    Naumanen, M.; Rouhiainen, V. (eds.)

    2006-02-15

    Requirements for increasing security have arisen in Europe after highly visible and tragic events in Madrid and in London. While responsibility for security rests largely with the national activities, the EU has also started planning a research area .Space and security. as a part of the 7th Framework Programme. As the justification for this research area it has been presented that technology alone can not assure security, but security can not be assured without the support of technology. Furthermore, the justification highlights that security and military research are becoming ever closer. The old separation between civil and military research is decreasing, because it has been noticed that both areas are nowadays utilising the same knowledge. In Finland, there is already now noteworthy entrepreneurship related to security. Although some of the companies are currently only operating in Finland, others are already international leaders in their area. The importance of the security area is increasing and remarkable potential for new growth business areas can already be identified. This however also requires an increase in research efforts. VTT has a broad range of security research ongoing in many technology areas. The main areas have been concentrating on public safety and security, but VTT is participating also in several research projects related to the defence technology. For identifying and defining in more detail the expertise and research goals, the Security research roadmap was developed. The roadmap identified three particularly significant areas related to security. The assurance of critical infrastructure emphasises the protection of energy networks, information networks, water supply, traffic and transport, and obviously also the citizens. For assuring the activities of entrepreneurship, significant areas include the security of production and services, the security of sites and assets, and information security for embedded systems. The most important

  1. INFORMATION SYSTEM SECURITY (CYBER SECURITY

    Directory of Open Access Journals (Sweden)

    Muhammad Siddique Ansari

    2016-03-01

    Full Text Available Abstract - Business Organizations and Government unequivocally relies on upon data to deal with their business operations. The most unfavorable impact on association is disappointment of friendship, goodness, trustworthiness, legitimacy and probability of data and administrations. There is an approach to ensure data and to deal with the IT framework's Security inside association. Each time the new innovation is made, it presents some new difficulties for the insurance of information and data. To secure the information and data in association is imperative on the grounds that association nowadays inside and remotely joined with systems of IT frameworks. IT structures are inclined to dissatisfaction and security infringement because of slips and vulnerabilities. These slips and vulnerabilities can be brought on by different variables, for example, quickly creating headway, human slip, poor key particulars, poor movement schedules or censuring the threat. Likewise, framework changes, new deserts and new strikes are a huge piece of the time displayed, which helpers augmented vulnerabilities, disappointments and security infringement all through the IT structure life cycle. The business went to the confirmation that it is essentially difficult to ensure a slip free, risk free and secure IT structure in perspective of the disfigurement of the disavowing security parts, human pass or oversight, and part or supplies frustration. Totally secure IT frameworks don't exist; just those in which the holders may have changing degrees of certainty that security needs of a framework are fulfilled do. The key viewpoints identified with security of data outlining are examined in this paper. From the start, the paper recommends pertinent legitimate structure and their duties including open association obligation, and afterward it returns to present and future time, system limits, structure security in business division. At long last, two key inadequacy markers

  2. Energy security and climate policy. Assessing interactions

    Energy Technology Data Exchange (ETDEWEB)

    NONE

    2007-03-28

    World energy demand is surging. Oil, coal and natural gas still meet most global energy needs, creating serious implications for the environment. One result is that CO2 emissions, the principal cause of global warming, are rising. This new study underlines the close link between efforts to ensure energy security and those to mitigate climate change. Decisions on one side affect the other. To optimise the efficiency of their energy policy, OECD countries must consider energy security and climate change mitigation priorities jointly. The book presents a framework to assess interactions between energy security and climate change policies, combining qualitative and quantitative analyses. The quantitative analysis is based on the development of energy security indicators, tracking the evolution of policy concerns linked to energy resource concentration. The 'indicators' are applied to a reference scenario and CO2 policy cases for five case-study countries: The Czech Republic, France, Italy, the Netherlands, and the United Kingdom. Simultaneously resolving energy security and environmental concerns is a key challenge for policy makers today. This study helps chart the course.

  3. Security issues of cloud computing environment in possible military applications

    OpenAIRE

    Samčović, Andreja B.

    2013-01-01

    The evolution of cloud computing over the past few years is potentially one of major advances in the history of computing and telecommunications. Although there are many benefits of adopting cloud computing, there are also some significant barriers to adoption, security issues being the most important of them. This paper introduces the concept of cloud computing; looks at relevant technologies in cloud computing; takes into account cloud deployment models and some military applications. Addit...

  4. A sensor monitoring system for telemedicine, safety and security applications

    Science.gov (United States)

    Vlissidis, Nikolaos; Leonidas, Filippos; Giovanis, Christos; Marinos, Dimitrios; Aidinis, Konstantinos; Vassilopoulos, Christos; Pagiatakis, Gerasimos; Schmitt, Nikolaus; Pistner, Thomas; Klaue, Jirka

    2017-02-01

    A sensor system capable of medical, safety and security monitoring in avionic and other environments (e.g. homes) is examined. For application inside an aircraft cabin, the system relies on an optical cellular network that connects each seat to a server and uses a set of database applications to process data related to passengers' health, safety and security status. Health monitoring typically encompasses electrocardiogram, pulse oximetry and blood pressure, body temperature and respiration rate while safety and security monitoring is related to the standard flight attendance duties, such as cabin preparation for take-off, landing, flight in regions of turbulence, etc. In contrast to previous related works, this article focuses on the system's modules (medical and safety sensors and associated hardware), the database applications used for the overall control of the monitoring function and the potential use of the system for security applications. Further tests involving medical, safety and security sensing performed in an real A340 mock-up set-up are also described and reference is made to the possible use of the sensing system in alternative environments and applications, such as health monitoring within other means of transport (e.g. trains or small passenger sea vessels) as well as for remotely located home users, over a wired Ethernet network or the Internet.

  5. Security Scheme Based on Parameter Hiding Technic for Mobile Communication in a Secure Cyber World

    Directory of Open Access Journals (Sweden)

    Jong Hyuk Park

    2016-10-01

    Full Text Available Long Term Evolution (LTE and Long Term Evolution-Advanced (LTE-A support a better data transmission service than 3G dose and are globally commercialized technologies in a cyber world that is essential for constructing a future mobile environment, since network traffics have exponentially increased as people have started to use more than just one mobile device. However, when User Equipment (UE is executing initial attach processes to access LTE networks, there is a vulnerability in which identification parameters like International Mobile Subscriber Identity (IMSI and Radio Network Temporary Identities (RNTI are transmitted as plain texts. It can threat various services that are commercialized therewith in a cyber world. Therefore, a security scheme is proposed in this paper where identification parameters can be securely transmitted and hidden in four cases where initial attach occurs between UE and Mobility Management Entity (MME. The proposed security scheme not only supports encrypted transmission of identification parameters but also mutual authentication between Evolved Node B (eNB and MME to make a secure cyber world. Additionally, performance analysis results using an OPNET simulator showed the satisfaction of the average delay rate that is specified in LTE standards.

  6. Keeping Sealed Radioactive Sources Safe and Secure

    International Nuclear Information System (INIS)

    Potterton, Louise

    2013-01-01

    Radioactive sources are used in a wide variety of devices in medical, industrial, agricultural and research facilities worldwide. These sources, such as cobalt-60 and caesium-137, emit high levels of ionizing radiation, which can treat cancer, measure materials used in industry and sterilize food and medical appliances. Problems may arise when these sources are no longer needed, or if they are damaged or decayed. If these sources are not properly stored they can be a threat to human health and the environment and pose a security risk. Procedures to secure these spent or 'disused' sources are often highly expensive and need specialized assistance. The IAEA helps its States find long term solutions for the safe and secure storage of disused sealed radioactive sources (DSRSs)

  7. Optimal dispatch in dynamic security constrained open power market

    International Nuclear Information System (INIS)

    Singh, S.N.; David, A.K.

    2002-01-01

    Power system security is a new concern in the competitive power market operation, because the integration of the system controller and the generation owner has been broken. This paper presents an approach for dynamic security constrained optimal dispatch in restructured power market environment. The transient energy margin using transient energy function (TEF) approach has been used to calculate the stability margin of the system and a hybrid method is applied to calculate the approximate unstable equilibrium point (UEP) that is used to calculate the exact UEP and thus, the energy margin using TEF. The case study results illustrated on two systems shows that the operating mechanisms are compatible with the new business environment. (author)

  8. A secure file manager for UNIX

    Energy Technology Data Exchange (ETDEWEB)

    DeVries, R.G.

    1990-12-31

    The development of a secure file management system for a UNIX-based computer facility with supercomputers and workstations is described. Specifically, UNIX in its usual form does not address: (1) Operation which would satisfy rigorous security requirements. (2) Online space management in an environment where total data demands would be many times the actual online capacity. (3) Making the file management system part of a computer network in which users of any computer in the local network could retrieve data generated on any other computer in the network. The characteristics of UNIX can be exploited to develop a portable, secure file manager which would operate on computer systems ranging from workstations to supercomputers. Implementation considerations making unusual use of UNIX features, rather than requiring extensive internal system changes, are described, and implementation using the Cray Research Inc. UNICOS operating system is outlined.

  9. Improving Control System Security through the Evaluation of Current Trends in Computer Security Research

    Energy Technology Data Exchange (ETDEWEB)

    Rolston

    2005-03-01

    At present, control system security efforts are primarily technical and reactive in nature. What has been overlooked is the need for proactive efforts, focused on the IT security research community from which new threats might emerge. Evaluating cutting edge IT security research and how it is evolving can provide defenders with valuable information regarding what new threats and tools they can anticipate in the future. Only known attack methodologies can be blocked, and there is a gap between what is known to the general security community and what is being done by cutting edge researchers --both those trying to protect systems and those trying to compromise them. The best security researchers communicate with others in their field; they know what cutting edge research is being done; what software can be penetrated via this research; and what new attack techniques and methodologies are being circulated in the black hat community. Standardization of control system applications, operating systems, and networking protocols is occurring at a rapid rate, following a path similar to the standardization of modern IT networks. Many attack methodologies used on IT systems can be ported over to the control system environment with little difficulty. It is extremely important to take advantage of the lag time between new research, its use on traditional IT networks, and the time it takes to port the research over for use on a control system network. Analyzing nascent trends in IT security and determining their applicability to control system networks provides significant information regarding defense mechanisms needed to secure critical infrastructure more effectively. This work provides the critical infrastructure community with a better understanding of how new attacks might be launched, what layers of defense will be needed to deter them, how the attacks could be detected, and how their impact could be limited.

  10. Security, privacy, and confidentiality issues on the Internet

    OpenAIRE

    Kelly, Grant; McKenzie, Bruce

    2002-01-01

    We introduce the issues around protecting information about patients and related data sent via the Internet. We begin by reviewing three concepts necessary to any discussion about data security in a healthcare environment: privacy, confidentiality, and consent. We are giving some advice on how to protect local data. Authentication and privacy of e-mail via encryption is offered by Pretty Good Privacy (PGP) and Secure Multipurpose Internet Mail Extensions (S/MIME). The de facto Internet standa...

  11. International Conference SES 2009: Secure Energy Supply

    International Nuclear Information System (INIS)

    2009-01-01

    The Conference included the following sessions: Opening addresses; (I) Energy policy; (II) Environment, Renewable sources and NPPs; (III) Secure energy supply - New nuclear units. Verbal 21 presentations have been inputted into INIS, all in the form of the full authors' presentations.

  12. Security Functions for a File Repository

    NARCIS (Netherlands)

    Helme, A.; Helme, Arne; Stabell-Kulo, Tage

    1997-01-01

    When personal machines are incorporated into distributed systems a new mixture of threats is exposed. The security effort in the MobyDick project is aimed at understanding how privacy can be protected in this new environment. Our claim is that a two-step process for authentication and authorisation

  13. Transmission Line Security Monitor: Final Report

    Energy Technology Data Exchange (ETDEWEB)

    John Svoboda

    2011-04-01

    The Electric Power Transmission Line Security Monitor System Operational Test is a project funded by the Technical Support Working Group (TSWG). TSWG operates under the Combating Terrorism Technical Support Office that functions under the Department of Defense. The Transmission Line Security Monitor System is based on technology developed by Idaho National Laboratory. The technology provides a means for real-time monitoring of physical threats and/or damage to electrical transmission line towers and conductors as well as providing operational parameters to transmission line operators to optimize transmission line operation. The end use is for monitoring long stretches of transmission lines that deliver electrical power from remote generating stations to cities and industry. These transmission lines are generally located in remote transmission line corridors where security infrastructure may not exist. Security and operational sensors in the sensor platform on the conductors take power from the transmission line and relay security and operational information to operations personnel hundreds of miles away without relying on existing infrastructure. Initiated on May 25, 2007, this project resulted in pre-production units tested in realistic operational environments during 2010. A technology licensee, Lindsey Manufacturing of Azusa California, is assisting in design, testing, and ultimately production. The platform was originally designed for a security monitoring mission, but it has been enhanced to include important operational features desired by electrical utilities.

  14. Research award: Agriculture and Food Security 2019 | IDRC ...

    International Development Research Centre (IDRC) Digital Library (Canada)

    The AFS program works with organizations to intensify and diversify small‐scale ... and social) without adversely impacting societies and the environment. ... loss, rural economic development, improved food and nutrition security, and the ...

  15. Enersec conference series. Nuclear energy and security (NUSEC). Book of abstracts

    Energy Technology Data Exchange (ETDEWEB)

    Steinhaeusler, F; Heissl, C [Division of Physics and Biophysics, University of Salzburg, Hellbrunnerstrasse 34, Salzburg (Austria)

    2005-07-01

    Full text: After the terror attacks in the last years, the issue of security of nuclear power plants was raised, therefore members of national regulatory agencies, international organizations, and research institutions have engaged in the assessment of the security threats to nuclear facilities and the potential risks to man and the environment in the case of a successful terror attack. The risks range from the theft of nuclear material leading to illicit trafficking, to sabotage of nuclear power plants, and attacks on spent fuel transport resulting in an uncontrolled release of radioactivity. The NUSEC conference was focused on the security-related risks in the nuclear sector and its objective was to provide an overview of the currently available terrorism risk assessment methodology and international security approaches. Papers were presented in the following sessions: security of nuclear material, security of nuclear power plants, security of the transport of nuclear material, security of nuclear waste, national approaches to nuclear security and future outlook. (nevyjel)

  16. Enersec conference series. Nuclear energy and security (NUSEC). Book of abstracts

    International Nuclear Information System (INIS)

    Steinhaeusler, F.; Heissl, C.

    2005-01-01

    Full text: After the terror attacks in the last years, the issue of security of nuclear power plants was raised, therefore members of national regulatory agencies, international organizations, and research institutions have engaged in the assessment of the security threats to nuclear facilities and the potential risks to man and the environment in the case of a successful terror attack. The risks range from the theft of nuclear material leading to illicit trafficking, to sabotage of nuclear power plants, and attacks on spent fuel transport resulting in an uncontrolled release of radioactivity. The NUSEC conference was focused on the security-related risks in the nuclear sector and its objective was to provide an overview of the currently available terrorism risk assessment methodology and international security approaches. Papers were presented in the following sessions: security of nuclear material, security of nuclear power plants, security of the transport of nuclear material, security of nuclear waste, national approaches to nuclear security and future outlook. (nevyjel)

  17. ASPECTS OF POLICIES AND STRATEGIES FOR CYBER SECURITY IN THE EUROPEAN UNION

    Directory of Open Access Journals (Sweden)

    Ilina ARMENCHEVA

    2015-10-01

    Full Text Available Freedom and prosperity of mankind greatly depend on an innovative, safe and reliable Internet that, of course, will keep evolving. Cyber space must be protected from incidents, misuse and abuse. Handling the increasing number of threats to cyber security is a challenge that national security and the trend in the international environment face. This makes taking fast and adequate measures at national, European and international level a must. Changing national security strategies and adopting new cyber security strategies are a part of these measures.

  18. A New Trusted and Collaborative Agent Based Approach for Ensuring Cloud Security

    OpenAIRE

    Pal, Shantanu; Khatua, Sunirmal; Chaki, Nabendu; Sanyal, Sugata

    2011-01-01

    In order to determine the user's trust is a growing concern for ensuring privacy and security in a cloud computing environment. In cloud, user's data is stored in one or more remote server(s) which poses more security challenges for the system. One of the most important concerns is to protect user's sensitive information from other users and hackers that may cause data leakage in cloud storage. Having this security challenge in mind, this paper focuses on the development of a more secure clou...

  19. A Secure Communication Suite for Underwater Acoustic Sensor Networks

    Directory of Open Access Journals (Sweden)

    Angelica Lo Duca

    2012-11-01

    Full Text Available In this paper we describe a security suite for Underwater Acoustic Sensor Networks comprising both fixed and mobile nodes. The security suite is composed of a secure routing protocol and a set of cryptographic primitives aimed at protecting the confidentiality and the integrity of underwater communication while taking into account the unique characteristics and constraints of the acoustic channel. By means of experiments and simulations based on real data, we show that the suite is suitable for an underwater networking environment as it introduces limited, and sometimes negligible, communication and power consumption overhead.

  20. Secure real-time wireless video streaming in the aeronautical telecommunications network

    Science.gov (United States)

    Czernik, Pawel; Olszyna, Jakub

    2010-09-01

    As Air Traffic Control Systems move from a voice only environment to one in which clearances are issued via data link, there is a risk that an unauthorized entity may attempt to masquerade as either the pilot or controller. In order to protect against this and related attacks, air-ground communications must be secured. The challenge is to add security in an environment in which bandwidth is limited. The Aeronautical Telecommunications Network (ATN) is an enabling digital network communications technology that addresses capacity and efficiency issues associated with current aeronautical voice communication systems. Equally important, the ATN facilitates migration to free flight, where direct computer-to-computer communication will automate air traffic management, minimize controller and pilot workload, and improve overall aircraft routing efficiency. Protecting ATN communications is critical since safety-of-flight is seriously affected if an unauthorized entity, a hacker for example, is able to penetrate an otherwise reliable communications system and accidentally or maliciously introduce erroneous information that jeopardizes the overall safety and integrity of a given airspace. However, an ATN security implementation must address the challenges associated with aircraft mobility, limited bandwidth communication channels, and uninterrupted operation across organizational and geopolitical boundaries. This paper provides a brief overview of the ATN, the ATN security concept, and begins a basic introduction to the relevant security concepts of security threats, security services and security mechanisms. Security mechanisms are further examined by presenting the fundamental building blocks of symmetric encipherment, asymmetric encipherment, and hash functions. The second part of this paper presents the project of cryptographiclly secure wireless communication between Unmanned Aerial Vehicles (UAV) and the ground station in the ATM system, based on the ARM9 processor

  1. Democratizing Authority in the Built Environment

    Energy Technology Data Exchange (ETDEWEB)

    Andersen, Michael P [UC Berkeley; Kolb, John [UC Berkeley; Chen, Kaifei [UC Berkeley; Culler, David [UC Berkeley; Katz, Randy [UC Berkeley

    2017-11-08

    Operating systems and applications in the built environment have relied upon central authorization and management mechanisms which restrict their scalability, especially with respect to administrative overhead. We propose a new set of primitives encompassing syndication, security, and service execution that unifies the management of applications and services across the built environment, while enabling participants to individually delegate privilege across multiple administrative domains with no loss of security or manageability. We show how to leverage a decentralized authorization syndication platform to extend the design of building operating systems beyond the single administrative domain of a building. The authorization system leveraged is based on blockchain smart contracts to permit decentralized and democratized delegation of authorization without central trust. Upon this, a publish/subscribe syndication tier and a containerized service execution environment are constructed. Combined, these mechanisms solve problems of delegation, federation, device protection and service execution that arise throughout the built environment. We leverage a high-fidelity city-scale emulation to verify the scalability of the authorization tier, and briefly describe a prototypical democratized operating system for the built environment using this foundation.

  2. Recommended Practices Guide Securing WLANs using 802.11i

    Energy Technology Data Exchange (ETDEWEB)

    Masica, K

    2006-10-16

    This paper addresses design principles and best practices regarding the implementation and operation of Wireless LAN (WLAN) communication networks based on the 802.11i security standard. First, a general overview of WLAN technology and standards is provided in order to ground the discussion in the evolution of WLAN standards and security approaches. This is followed by a detailed explanation of the 802.11i standard for securing WLAN networks. Principles for designing secure WLAN networks are then presented, followed by a list of specific best practices that can be used as a guideline for organizations considering the deployment of WLAN networks for non-critical control and monitoring applications. Finally, a section on technical issues and considerations for deploying WLAN networks in critical environments is presented.

  3. Evaluating ALWadHA for providing secure localisation for wireless sensor networks

    CSIR Research Space (South Africa)

    Abu-Mahfouz, Adnan M

    2013-09-01

    Full Text Available secure localisation algorithms that are able to work in a hostile environment. An attacker could compromise, or masquerade as, a beacon node and send incorrect location information. Localisation in a hostile environment is a critical problem in wireless...

  4. Confusion surrounding the concept of nuclear 'security'. 'Preventing Japan from going nuclear contributes to Japan's national security'?

    International Nuclear Information System (INIS)

    Kubota, Masafumi

    2012-01-01

    A law enacted on June 20 to establish a new Nuclear Regulatory Authority (NRA) fully separated from the nuclear promotional authorities. It added the provision, which says nuclear safety should be guaranteed not only to defend lives, people's health and the environment but also to 'contribute to Japan's national security', to Article 2 of the Atomic Energy Basic Law. NRA integrated the existing regulatory authorities for safety, security and safeguards, into one. Supporters of an amendment quietly slipped into the law were denying it could provide cover for military use of nuclear technology, but arouse international concern about recycling program of extracting plutonium from spent fuels. Nuclear policy minister said: 'The safeguards are in place to prevent nuclear proliferation. The world 'security' precisely means the prevention of nuclear proliferation.' If not used explicitly about safeguards, they left room for stretched interpretation. The author recommended the world' contribute to Japan's national security' should be deleted instead of explaining appropriately, both at home and abroad, the use of nuclear power in Japan limited to peaceful purposes. (T. Tanaka)

  5. Developing Iraq's Security Sector: The Coalition Provisional Authority's Experience

    National Research Council Canada - National Science Library

    Rathmell, Andrew; Oliker, Olga; Kelly, Terrence K; Brannan, David; Crane, Keith

    2005-01-01

    .... The environment was not benign -- it was deteriorating. Iraqi security forces had largely disintegrated, and those that remained were incapable of responding to rising criminality and political violence...

  6. Nevada National Security Site Environmental Report 2011 Summary

    Energy Technology Data Exchange (ETDEWEB)

    Cathy Wills, ed

    2012-09-12

    The U.S. Department of Energy, National Nuclear Security Administration Nevada Site Office (NNSA/NSO) directs the management and operation of the Nevada National Security Site (NNSS). NNSA/NSO prepares the Nevada National Security Site Environmental Report (NNSSER) to provide the public an understanding of the environmental monitoring and compliance activities that are conducted on the NNSS to protect the public and the environment from radiation hazards and from nonradiological impacts. The NNSSER is a comprehensive report of environmental activities performed at the NNSS and offsite facilities over the previous calendar year. It is prepared annually to meet the requirements and guidelines of the U.S. Department of Energy (DOE) and the information needs of NNSA/NSO stakeholders. This summary provides an abbreviated and more readable version of the NNSSER. It does not contain detailed descriptions or presentations of monitoring designs, data collection methods, data tables, the NNSS environment, or all environmental program activities performed throughout the year. The NNSS is currently the nation's unique site for ongoing national security-related missions and high-risk operations. The NNSS is located about 65 miles northwest of Las Vegas. The approximately 1,360-square-mile site is one of the largest restricted access areas in the United States. It is surrounded by federal installations with strictly controlled access, as well as by lands that are open to public entry.

  7. Nevada National Security Site Environmental Report 2011 Summary

    International Nuclear Information System (INIS)

    Wills, Cathy

    2012-01-01

    The U.S. Department of Energy, National Nuclear Security Administration Nevada Site Office (NNSA/NSO) directs the management and operation of the Nevada National Security Site (NNSS). NNSA/NSO prepares the Nevada National Security Site Environmental Report (NNSSER) to provide the public an understanding of the environmental monitoring and compliance activities that are conducted on the NNSS to protect the public and the environment from radiation hazards and from nonradiological impacts. The NNSSER is a comprehensive report of environmental activities performed at the NNSS and offsite facilities over the previous calendar year. It is prepared annually to meet the requirements and guidelines of the U.S. Department of Energy (DOE) and the information needs of NNSA/NSO stakeholders. This summary provides an abbreviated and more readable version of the NNSSER. It does not contain detailed descriptions or presentations of monitoring designs, data collection methods, data tables, the NNSS environment, or all environmental program activities performed throughout the year. The NNSS is currently the nation's unique site for ongoing national security-related missions and high-risk operations. The NNSS is located about 65 miles northwest of Las Vegas. The approximately 1,360-square-mile site is one of the largest restricted access areas in the United States. It is surrounded by federal installations with strictly controlled access, as well as by lands that are open to public entry.

  8. Integrating Safeguards and Security with Safety into Design

    International Nuclear Information System (INIS)

    Bean, Robert S.; Hockert, John W.; Hebditch, David J.

    2009-01-01

    There is a need to minimize security risks, proliferation hazards, and safety risks in the design of new nuclear facilities in a global environment of nuclear power expansion, while improving the synergy of major design features and raising operational efficiency. In 2008, the U.S. Department of Energy (DOE), National Nuclear Security Administration (NNSA) launched the Next Generation Safeguards Initiative (NGSI) covering many safeguards areas. One of these, launched by NNSA with support of the DOE Office of Nuclear Energy, was a multi-laboratory project, led by the Idaho National Laboratory (INL), to develop safeguards by design. The proposed Safeguards-by-Design (SBD) process has been developed as a structured approach to ensure the timely, efficient, and cost effective integration of international safeguards and other nonproliferation barriers with national material control and accountability, physical security, and safety objectives into the overall design process for the nuclear facility lifecycle. A graded, iterative process was developed to integrate these areas throughout the project phases. It identified activities, deliverables, interfaces, and hold points covering both domestic regulatory requirements and international safeguards using the DOE regulatory environment as exemplar to provide a framework and guidance for project management and integration of safety with security during design. Further work, reported in this paper, created a generalized SBD process which could also be employed within the licensed nuclear industry and internationally for design of new facilities. Several tools for integrating safeguards, safety, and security into design are discussed here. SBD appears complementary to the EFCOG TROSSI process for security and safety integration created in 2006, which focuses on standardized upgrades to enable existing DOE facilities to meet a more severe design basis threat. A collaborative approach is suggested.

  9. Stability, Security, Transition and Reconstruction Operations Conference

    Science.gov (United States)

    2010-12-16

    integration and measureable outcome of security, stability and prosperity. Introduction 4 • Background • Nature of Non-permissive environments...stage, And all the men and women merely players – William Shakespeare • Sharing the Experience • Reinventing the wheel 11 Conclusion – The

  10. Organizational Characteristics Influencing SME Information Security Maturity

    NARCIS (Netherlands)

    Mijnhardt, F.; Baars, T.; Spruit, M.

    2016-01-01

    In the current business environment, many organizations use popular standards such as the ISO 27000x series, COBIT and related frameworks to protect themselves against security incidents. However, these standards and frameworks are overly complicated for Small to Medium sized Enterprises, leaving

  11. 40 CFR 80.606 - What national security exemption applies to fuels covered under this subpart?

    Science.gov (United States)

    2010-07-01

    ... 40 Protection of Environment 16 2010-07-01 2010-07-01 false What national security exemption... national security exemption applies to fuels covered under this subpart? (a) The standards of all the fuels..., including locomotive and marine, having an EPA national security exemption from the motor vehicle emission...

  12. 40 CFR 1068.225 - What are the provisions for exempting engines/equipment for national security?

    Science.gov (United States)

    2010-07-01

    ... engines/equipment for national security? 1068.225 Section 1068.225 Protection of Environment ENVIRONMENTAL...) Manufacturers may request a national security exemption for engines/equipment not meeting the conditions of... applicable): (i) “THIS ENGINE HAS AN EXEMPTION FOR NATIONAL SECURITY UNDER 40 CFR 1068.225.” (ii) “THIS...

  13. 46 CFR 151.03-19 - Environment.

    Science.gov (United States)

    2010-10-01

    ... 46 Shipping 5 2010-10-01 2010-10-01 false Environment. 151.03-19 Section 151.03-19 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) CERTAIN BULK DANGEROUS CARGOES BARGES CARRYING BULK LIQUID HAZARDOUS MATERIAL CARGOES Definitions § 151.03-19 Environment. This term refers to the atmosphere...

  14. 17 CFR 240.15b7-3T - Operational capability in a Year 2000 environment.

    Science.gov (United States)

    2010-04-01

    ... 17 Commodity and Securities Exchanges 3 2010-04-01 2010-04-01 false Operational capability in a Year 2000 environment. 240.15b7-3T Section 240.15b7-3T Commodity and Securities Exchanges SECURITIES... § 240.15b7-3T Operational capability in a Year 2000 environment. (a) This section applies to every...

  15. Research About Attacks Over Cloud Environment

    Directory of Open Access Journals (Sweden)

    Li Jie

    2017-01-01

    Full Text Available Cloud computing is expected to continue expanding in the next few years and people will start to see some of the following benefits in their real lives. Security of cloud computing environments is the set of control-based technologies and policies absolute to adhere regulatory compliance rules and protect information data applications and infrastructure related with cloud use. In this paper we suggest a model to estimating the cloud computing security and test the services provided to users. The simulator NG-Cloud Next Generation Secure Cloud Storage is used and modified to administer the proposed model. This implementation achieved security functions potential attacks as defined in the proposed model. Finally we also solve some attacks over cloud computing to provide the security and safety of the cloud.

  16. SecurePhone: a mobile phone with biometric authentication and e-signature support for dealing secure transactions on the fly

    Science.gov (United States)

    Ricci, R.; Chollet, G.; Crispino, M. V.; Jassim, S.; Koreman, J.; Olivar-Dimas, M.; Garcia-Salicetti, S.; Soria-Rodriguez, P.

    2006-05-01

    This article presents an overview of the SecurePhone project, with an account of the first results obtained. SecurePhone's primary aim is to realise a mobile phone prototype - the 'SecurePhone' - in which biometrical authentication enables users to deal secure, dependable transactions over a mobile network. The SecurePhone is based on a commercial PDA-phone, supplemented with specific software modules and a customised SIM card. It integrates in a single environment a number of advanced features: access to cryptographic keys through strong multimodal biometric authentication; appending and verification of digital signatures; real-time exchange and interactive modification of (esigned) documents and voice recordings. SecurePhone's 'biometric recogniser' is based on original research. A fused combination of three different biometric methods - speaker, face and handwritten signature verification - is exploited, with no need for dedicated hardware components. The adoption of non-intrusive, psychologically neutral biometric techniques is expected to mitigate rejection problems that often inhibit the social use of biometrics, and speed up the spread of e-signature technology. Successful biometric authentication grants access to SecurePhone's built-in esignature services through a user-friendly interface. Special emphasis is accorded to the definition of a trustworthy security chain model covering all aspects of system operation. The SecurePhone is expected to boost m-commerce and open new scenarios for m-business and m-work, by changing the way people interact and by improving trust and confidence in information technologies, often considered intimidating and difficult to use. Exploitation plans will also explore other application domains (physical and logical access control, securised mobile communications).

  17. Effect of the nature the carbon precursor on the physico-chemical characteristics of the resulting activated carbon materials

    International Nuclear Information System (INIS)

    Jimenez, Vicente; Sanchez, Paula; Valverde, Jose Luis; Romero, Amaya

    2010-01-01

    Carbon materials, including amorphous carbon, graphite, carbon nanospheres (CNSs) and different types of carbon nanofibers (CNFs) [platelet, herringbone and ribbon], were chemically activated using KOH. The pore structure of carbon materials was analyzed using N 2 /77 K adsorption isotherms. The presence of oxygen groups was analyzed by temperature programmed desorption in He and acid-base titration. The structural order of the materials was studied by X-ray diffraction and temperature programmed oxidation. The morphology and diameter distribution of CNFs and CNSs were characterized by transmission electron microscopy. The materials were also characterized by temperature-desorption programmed of H 2 and elemental composition. The ways in which the different structures were activated are described, showing the type of pores generated. Relationships between carbon yield, removed carbon, activation degree and graphitic character were also examined. The oxygen content in the form of oxygen-containing surface groups increased after the activation giving qualitative information about them. The average diameter of both CNFs and CNSs was decreased after the activation process as consequence of the changes produced on the material surface.

  18. Truncation of the C-terminal region of Toscana Virus NSs protein is critical for interferon-β antagonism and protein stability.

    Science.gov (United States)

    Gori Savellini, Gianni; Gandolfo, Claudia; Cusi, Maria Grazia

    2015-12-01

    Toscana Virus (TOSV) is a Phlebovirus responsible for central nervous system (CNS) injury in humans. The TOSV non-structural protein (NSs), which interacting with RIG-I leads to its degradation, was analysed in the C terminus fragment in order to identify its functional domains. To this aim, two C-terminal truncated NSs proteins, Δ1C-NSs (aa 1-284) and Δ2C-NSs (aa 1-287) were tested. Only Δ1C-NSs did not present any inhibitory effect on RIG-I and it showed a greater stability than the whole NSs protein. Moreover, the deletion of the TLQ aa sequence interposed between the two ΔC constructs caused a greater accumulation of the protein with a weak inhibitory effect on RIG-I, indicating some involvement of these amino acids in the NSs activity. Nevertheless, all the truncated proteins were still able to interact with RIG-I, suggesting that the domains responsible for RIG-I signaling and RIG-I interaction are mapped on different regions of the protein. Copyright © 2015 Elsevier Inc. All rights reserved.

  19. Effect of the nature the carbon precursor on the physico-chemical characteristics of the resulting activated carbon materials

    Energy Technology Data Exchange (ETDEWEB)

    Jimenez, Vicente, E-mail: vicente.jimenez@uclm.es [Facultad de Ciencias Quimicas, Departamento de Ingenieria Quimica, Universidad de Castilla-La Mancha, 13071 Ciudad Real (Spain); Sanchez, Paula; Valverde, Jose Luis [Facultad de Ciencias Quimicas, Departamento de Ingenieria Quimica, Universidad de Castilla-La Mancha, 13071 Ciudad Real (Spain); Romero, Amaya [Escuela Tecnica Agricola, Departamento de Ingenieria Quimica, Universidad de Castilla-La Mancha, 13071 Ciudad Real (Spain)

    2010-11-01

    Carbon materials, including amorphous carbon, graphite, carbon nanospheres (CNSs) and different types of carbon nanofibers (CNFs) [platelet, herringbone and ribbon], were chemically activated using KOH. The pore structure of carbon materials was analyzed using N{sub 2}/77 K adsorption isotherms. The presence of oxygen groups was analyzed by temperature programmed desorption in He and acid-base titration. The structural order of the materials was studied by X-ray diffraction and temperature programmed oxidation. The morphology and diameter distribution of CNFs and CNSs were characterized by transmission electron microscopy. The materials were also characterized by temperature-desorption programmed of H{sub 2} and elemental composition. The ways in which the different structures were activated are described, showing the type of pores generated. Relationships between carbon yield, removed carbon, activation degree and graphitic character were also examined. The oxygen content in the form of oxygen-containing surface groups increased after the activation giving qualitative information about them. The average diameter of both CNFs and CNSs was decreased after the activation process as consequence of the changes produced on the material surface.

  20. A framework for cyber security test

    International Nuclear Information System (INIS)

    Han, Kyungsoo; Song, Jaegu; Jung, Sungmin; Lee, Jungwoon; Lee, Cheolkwon

    2014-01-01

    The person in charge of I and C cyber security must not only perform real-time security inspections but also have the capabilities for performing vulnerability scanning and penetration testing, in order for vulnerability assessment. Vulnerability scanning and penetration testing are intended to find vulnerabilities in a digital system in order to make it more secure, and to determine whether it is vulnerable to attacks. In the IT sector, automated vulnerability scanning and penetration testing tools are being developed and continually researched. However, for a NPP I and C systems in which the method of communication is mixed (TCP/IP and serial), it is difficult to use the existing tools. This paper describes the penetration test framework for the IT sector, which is one of the cyber security test methods available. It concludes by discussing the need to develop a new penetration method for performing cyber security testing for NPP I and C systems, as well as the need for the NPP I and C test-bed. Security vulnerabilities need to be identified and continuously managed through vulnerability scans and assessments. For known vulnerabilities, the vulnerabilities of the target system can be periodically managed via a vulnerability database. These activities such as fuzzing, penetration testing, etc. must not affect the availability or the integrity of the NPP I and C systems. It is desired that a NPP I and C cyber security test-bad environment that exactly models the actual system must be first constructed and then penetration testing done

  1. A framework for cyber security test

    Energy Technology Data Exchange (ETDEWEB)

    Han, Kyungsoo; Song, Jaegu; Jung, Sungmin; Lee, Jungwoon; Lee, Cheolkwon [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

    2014-05-15

    The person in charge of I and C cyber security must not only perform real-time security inspections but also have the capabilities for performing vulnerability scanning and penetration testing, in order for vulnerability assessment. Vulnerability scanning and penetration testing are intended to find vulnerabilities in a digital system in order to make it more secure, and to determine whether it is vulnerable to attacks. In the IT sector, automated vulnerability scanning and penetration testing tools are being developed and continually researched. However, for a NPP I and C systems in which the method of communication is mixed (TCP/IP and serial), it is difficult to use the existing tools. This paper describes the penetration test framework for the IT sector, which is one of the cyber security test methods available. It concludes by discussing the need to develop a new penetration method for performing cyber security testing for NPP I and C systems, as well as the need for the NPP I and C test-bed. Security vulnerabilities need to be identified and continuously managed through vulnerability scans and assessments. For known vulnerabilities, the vulnerabilities of the target system can be periodically managed via a vulnerability database. These activities such as fuzzing, penetration testing, etc. must not affect the availability or the integrity of the NPP I and C systems. It is desired that a NPP I and C cyber security test-bad environment that exactly models the actual system must be first constructed and then penetration testing done.

  2. A Novel Computer Virus Propagation Model under Security Classification

    Directory of Open Access Journals (Sweden)

    Qingyi Zhu

    2017-01-01

    Full Text Available In reality, some computers have specific security classification. For the sake of safety and cost, the security level of computers will be upgraded with increasing of threats in networks. Here we assume that there exists a threshold value which determines when countermeasures should be taken to level up the security of a fraction of computers with low security level. And in some specific realistic environments the propagation network can be regarded as fully interconnected. Inspired by these facts, this paper presents a novel computer virus dynamics model considering the impact brought by security classification in full interconnection network. By using the theory of dynamic stability, the existence of equilibria and stability conditions is analysed and proved. And the above optimal threshold value is given analytically. Then, some numerical experiments are made to justify the model. Besides, some discussions and antivirus measures are given.

  3. Organisational Information Security Strategy: Review, Discussion and Future Research

    Directory of Open Access Journals (Sweden)

    Craig A. Horne

    2017-05-01

    Full Text Available Dependence on information, including for some of the world’s largest organisations such as governments and multi-national corporations, has grown rapidly in recent years. However, reports of information security breaches and their associated consequences indicate that attacks are escalating on organisations conducting these information-based activities. Organisations need to formulate strategy to secure their information, however gaps exist in knowledge. Through a thematic review of academic security literature, (1 we analyse the antecedent conditions that motivate the adoption of a comprehensive information security strategy, (2 the conceptual elements of strategy and (3 the benefits that are enjoyed post-adoption. Our contributions include a definition of information security strategy that moves from an internally-focussed protection of information towards a strategic view that considers the organisation, its resources and capabilities, and its external environment. Our findings are then used to suggest future research directions.

  4. Managing Security Risks in an Industrial Investment – Analysis Directions

    Directory of Open Access Journals (Sweden)

    Stefan Dragomir

    2016-05-01

    Full Text Available This paper achieved an analysis of some important management strategies for an investment, in correlation with index of global pollution. Environmental security assessment shall be determined taking into account the workplace security and effects on health, safety of workers in an industry investment. It is necessary to observe and collect a larger number of data generated by the development of an industrial process, so as to make a deep analysis on global pollution index and how it is affected industrial investment environment. This research shows how can the substances that infest the environment to produce much damage and influence the environmental factors (air, water, soil, landscape, fauna and flora. When we know the risks that characterize the plant equipment, we can protect the life and we can protect the environment for a sustainable development in the future.

  5. Thundercloud: Domain specific information security training for the smart grid

    Science.gov (United States)

    Stites, Joseph

    In this paper, we describe a cloud-based virtual smart grid test bed: ThunderCloud, which is intended to be used for domain-specific security training applicable to the smart grid environment. The test bed consists of virtual machines connected using a virtual internal network. ThunderCloud is remotely accessible, allowing students to undergo educational exercises online. We also describe a series of practical exercises that we have developed for providing the domain-specific training using ThunderCloud. The training exercises and attacks are designed to be realistic and to reflect known vulnerabilities and attacks reported in the smart grid environment. We were able to use ThunderCloud to offer practical domain-specific security training for smart grid environment to computer science students at little or no cost to the department and no risk to any real networks or systems.

  6. Planning security for supply security

    International Nuclear Information System (INIS)

    Spies von Buellesheim.

    1994-01-01

    The situation of the hardcoal mining industry is still difficult, however better than last year. Due to better economic trends in the steel industry, though on a lower level, sales in 1994 have stabilised. Stocks are being significantly reduced. As to the production, we have nearly reached a level which has been politically agreed upon in the long run. Due to the determined action of the coalmining companies, a joint action of management and labour, the strong pressure has been mitigated. On the energy policy sector essential targets have been achieved: First of all the ECSC decision on state aid which will be in force up to the year 2002 and which will contribute to accomplish the results of the 1991 Coal Round. Furthermore, the 1994 Act on ensuring combustion of hardcoal in electricity production up to the year 2005. The hardcoal mining industry is grateful to all political decision makers for the achievements. The industry demands, however, that all questions still left open, including the procurement of financial means after 1996, should be settled soon on the basis of the new act and in accordance with the 1991 Coal Round and the energy concept of the Federal Government. German hardcoal is an indispensable factor within a balanced energy mix which guarantees the security of our energy supply, the security of the price structure and the respect of the environment. (orig.) [de

  7. What is Security? A perspective on achieving security

    Energy Technology Data Exchange (ETDEWEB)

    Atencio, Julian J.

    2014-05-05

    This presentation provides a perspective on achieving security in an organization. It touches upon security as a mindset, ability to adhere to rules, cultivating awareness of the reason for a security mindset, the quality of a security program, willingness to admit fault or acknowledge failure, peer review in security, science as a model that can be applied to the security profession, the security vision, security partnering, staleness in the security program, security responsibilities, and achievement of success over time despite the impossibility of perfection.

  8. Securing Single Points of Compromise (SPoC)

    Energy Technology Data Exchange (ETDEWEB)

    Belangia, David Warren [Los Alamos National Lab. (LANL), Los Alamos, NM (United States)

    2015-06-25

    Securing the Single Points of Compromise that provide central services to the institution’s environment is paramount to success when trying to protect the business. (Fisk, 2014) Time Based Security mandates protection (erecting and ensuring effective controls) that last longer than the time to detect and react to a compromise. When enterprise protections fail, providing additional layered controls for these central services provides more time to detect and react. While guidance is readily available for securing the individual critical asset, protecting these assets as a group is not often discussed. Using best business practices to protect these resources as individual assets while leveraging holistic defenses for the group increases the opportunity to maximize protection time, allowing detection and reaction time for the SPoCs that is commensurate with the inherent risk of these centralized services.

  9. Global Military Operating Environments (GMOE) Phase I: Linking Natural Environments, International Security, and Military Operations

    Science.gov (United States)

    2013-01-30

    diverse range of natural environments and will require that U.S. forces adapt to a wide range of terrain, climate, and associated hazards within these...Synthetic Environment Core Area), baseline terrain information, and application of remote‐sensing technologies for Warfighter and Chameleon . The

  10. Audited credential delegation: a usable security solution for the virtual physiological human toolkit

    Science.gov (United States)

    Haidar, Ali N.; Zasada, Stefan J.; Coveney, Peter V.; Abdallah, Ali E.; Beckles, Bruce; Jones, Mike A. S.

    2011-01-01

    We present applications of audited credential delegation (ACD), a usable security solution for authentication, authorization and auditing in distributed virtual physiological human (VPH) project environments that removes the use of digital certificates from end-users' experience. Current security solutions are based on public key infrastructure (PKI). While PKI offers strong security for VPH projects, it suffers from serious usability shortcomings in terms of end-user acquisition and management of credentials which deter scientists from exploiting distributed VPH environments. By contrast, ACD supports the use of local credentials. Currently, a local ACD username–password combination can be used to access grid-based resources while Shibboleth support is underway. Moreover, ACD provides seamless and secure access to shared patient data, tools and infrastructure, thus supporting the provision of personalized medicine for patients, scientists and clinicians participating in e-health projects from a local to the widest international scale. PMID:22670214

  11. Audited credential delegation: a usable security solution for the virtual physiological human toolkit.

    Science.gov (United States)

    Haidar, Ali N; Zasada, Stefan J; Coveney, Peter V; Abdallah, Ali E; Beckles, Bruce; Jones, Mike A S

    2011-06-06

    We present applications of audited credential delegation (ACD), a usable security solution for authentication, authorization and auditing in distributed virtual physiological human (VPH) project environments that removes the use of digital certificates from end-users' experience. Current security solutions are based on public key infrastructure (PKI). While PKI offers strong security for VPH projects, it suffers from serious usability shortcomings in terms of end-user acquisition and management of credentials which deter scientists from exploiting distributed VPH environments. By contrast, ACD supports the use of local credentials. Currently, a local ACD username-password combination can be used to access grid-based resources while Shibboleth support is underway. Moreover, ACD provides seamless and secure access to shared patient data, tools and infrastructure, thus supporting the provision of personalized medicine for patients, scientists and clinicians participating in e-health projects from a local to the widest international scale.

  12. Secure Nearest Neighbor Query on Crowd-Sensing Data

    Directory of Open Access Journals (Sweden)

    Ke Cheng

    2016-09-01

    Full Text Available Nearest neighbor queries are fundamental in location-based services, and secure nearest neighbor queries mainly focus on how to securely and quickly retrieve the nearest neighbor in the outsourced cloud server. However, the previous big data system structure has changed because of the crowd-sensing data. On the one hand, sensing data terminals as the data owner are numerous and mistrustful, while, on the other hand, in most cases, the terminals find it difficult to finish many safety operation due to computation and storage capability constraints. In light of they Multi Owners and Multi Users (MOMU situation in the crowd-sensing data cloud environment, this paper presents a secure nearest neighbor query scheme based on the proxy server architecture, which is constructed by protocols of secure two-party computation and secure Voronoi diagram algorithm. It not only preserves the data confidentiality and query privacy but also effectively resists the collusion between the cloud server and the data owners or users. Finally, extensive theoretical and experimental evaluations are presented to show that our proposed scheme achieves a superior balance between the security and query performance compared to other schemes.

  13. Security model for picture archiving and communication systems.

    Science.gov (United States)

    Harding, D B; Gac, R J; Reynolds, C T; Romlein, J; Chacko, A K

    2000-05-01

    The modern information revolution has facilitated a metamorphosis of health care delivery wrought with the challenges of securing patient sensitive data. To accommodate this reality, Congress passed the Health Insurance Portability and Accountability Act (HIPAA). While final guidance has not fully been resolved at this time, it is up to the health care community to develop and implement comprehensive security strategies founded on procedural, hardware and software solutions in preparation for future controls. The Virtual Radiology Environment (VRE) Project, a landmark US Army picture archiving and communications system (PACS) implemented across 10 geographically dispersed medical facilities, has addressed that challenge by planning for the secure transmission of medical images and reports over their local (LAN) and wide area network (WAN) infrastructure. Their model, which is transferable to general PACS implementations, encompasses a strategy of application risk and dataflow identification, data auditing, security policy definition, and procedural controls. When combined with hardware and software solutions that are both non-performance limiting and scalable, the comprehensive approach will not only sufficiently address the current security requirements, but also accommodate the natural evolution of the enterprise security model.

  14. Secure Dynamic access control scheme of PHR in cloud computing.

    Science.gov (United States)

    Chen, Tzer-Shyong; Liu, Chia-Hui; Chen, Tzer-Long; Chen, Chin-Sheng; Bau, Jian-Guo; Lin, Tzu-Ching

    2012-12-01

    With the development of information technology and medical technology, medical information has been developed from traditional paper records into electronic medical records, which have now been widely applied. The new-style medical information exchange system "personal health records (PHR)" is gradually developed. PHR is a kind of health records maintained and recorded by individuals. An ideal personal health record could integrate personal medical information from different sources and provide complete and correct personal health and medical summary through the Internet or portable media under the requirements of security and privacy. A lot of personal health records are being utilized. The patient-centered PHR information exchange system allows the public autonomously maintain and manage personal health records. Such management is convenient for storing, accessing, and sharing personal medical records. With the emergence of Cloud computing, PHR service has been transferred to storing data into Cloud servers that the resources could be flexibly utilized and the operation cost can be reduced. Nevertheless, patients would face privacy problem when storing PHR data into Cloud. Besides, it requires a secure protection scheme to encrypt the medical records of each patient for storing PHR into Cloud server. In the encryption process, it would be a challenge to achieve accurately accessing to medical records and corresponding to flexibility and efficiency. A new PHR access control scheme under Cloud computing environments is proposed in this study. With Lagrange interpolation polynomial to establish a secure and effective PHR information access scheme, it allows to accurately access to PHR with security and is suitable for enormous multi-users. Moreover, this scheme also dynamically supports multi-users in Cloud computing environments with personal privacy and offers legal authorities to access to PHR. From security and effectiveness analyses, the proposed PHR access

  15. The Role of Physical Layer Security in IoT: A Novel Perspective

    Directory of Open Access Journals (Sweden)

    Tommaso Pecorella

    2016-08-01

    Full Text Available This paper deals with the problem of securing the configuration phase of an Internet of Things (IoT system. The main drawbacks of current approaches are the focus on specific techniques and methods, and the lack of a cross layer vision of the problem. In a smart environment, each IoT device has limited resources and is often battery operated with limited capabilities (e.g., no keyboard. As a consequence, network security must be carefully analyzed in order to prevent security and privacy issues. In this paper, we will analyze the IoT threats, we will propose a security framework for the device initialization and we will show how physical layer security can effectively boost the security of IoT systems.

  16. UGV: security analysis of subsystem control network

    Science.gov (United States)

    Abbott-McCune, Sam; Kobezak, Philip; Tront, Joseph; Marchany, Randy; Wicks, Al

    2013-05-01

    Unmanned Ground vehicles (UGVs) are becoming prolific in the heterogeneous superset of robotic platforms. The sensors which provide odometry, localization, perception, and vehicle diagnostics are fused to give the robotic platform a sense of the environment it is traversing. The automotive industry CAN bus has dominated the industry due to the fault tolerance and the message structure allowing high priority messages to reach the desired node in a real time environment. UGVs are being researched and produced at an accelerated rate to preform arduous, repetitive, and dangerous missions that are associated with a military action in a protracted conflict. The technology and applications of the research will inevitably be turned into dual-use platforms to aid civil agencies in the performance of their various operations. Our motivation is security of the holistic system; however as subsystems are outsourced in the design, the overall security of the system may be diminished. We will focus on the CAN bus topology and the vulnerabilities introduced in UGVs and recognizable security vulnerabilities that are inherent in the communications architecture. We will show how data can be extracted from an add-on CAN bus that can be customized to monitor subsystems. The information can be altered or spoofed to force the vehicle to exhibit unwanted actions or render the UGV unusable for the designed mission. The military relies heavily on technology to maintain information dominance, and the security of the information introduced onto the network by UGVs must be safeguarded from vulnerabilities that can be exploited.

  17. EFFICIENCY INDICATORS INFORMATION MANAGEMENT IN INTEGRATED SECURITY SYSTEMS

    Directory of Open Access Journals (Sweden)

    N. S. Rodionova

    2014-01-01

    Full Text Available Summary. Introduction of information technology to improve the efficiency of security activity leads to the need to consider a number of negative factors associated with in consequence of the use of these technologies as a key element of modern security systems. One of the most notable factor is the exposure to information processes in protection systems security threats. This largely relates to integrated security systems (ISS is the system of protection with the highest level of informatization security functions. Significant damage to protected objects that they could potentially incur as a result of abnormal operation ISS, puts a very actual problem of assessing factors that reduce the efficiency of the ISS to justify the ways and methods to improve it. Because of the nature of threats and blocking distortion of information in the ISS of interest are: the volume undistorted ISF working environment, as a characteristic of data integrity; time access to information as a feature of its availability. This in turn leads to the need to use these parameters as the performance characteristics of information processes in the ISS - the completeness and timeliness of information processing. The article proposes performance indicators of information processes in integrated security systems in terms of optimal control procedures to protect information from unauthorized access. Set the considered parameters allows to conduct comprehensive security analysis of integrated security systems, and to provide recommendations to improve the management of information security procedures in them.

  18. Saudi Security: Challenges in the Post-Saddam Era

    National Research Council Canada - National Science Library

    Burke, David

    2004-01-01

    Events at the beginning of the 2lst century have brought a fundamental change to the security environment in the Kingdom of Saudi Arabia of a significance not witnessed in the region since the Iranian Revolution in 1979...

  19. Auditing cloud computing a security and privacy guide

    CERN Document Server

    Halpert, Ben

    2011-01-01

    The auditor's guide to ensuring correct security and privacy practices in a cloud computing environment Many organizations are reporting or projecting a significant cost savings through the use of cloud computing-utilizing shared computing resources to provide ubiquitous access for organizations and end users. Just as many organizations, however, are expressing concern with security and privacy issues for their organization's data in the "cloud." Auditing Cloud Computing provides necessary guidance to build a proper audit to ensure operational integrity and customer data protection, among othe

  20. An Analysis of Cloud Model-Based Security for Computing Secure Cloud Bursting and Aggregation in Real Environment

    OpenAIRE

    Pritesh Jain; Vaishali Chourey; Dheeraj Rane

    2011-01-01

    Cloud Computing has emerged as a major information and communications technology trend and has been proved as a key technology for market development and analysis for the users of several field. The practice of computing across two or more data centers separated by the Internet is growing in popularity due to an explosion in scalable computing demands. However, one of the major challenges that faces the cloud computing is how to secure and protect the data and processes the data of the user. ...