WorldWideScience

Sample records for security environment cnss

  1. CNSS: Interagency Partnering to Protect Our National Security Systems

    National Research Council Canada - National Science Library

    Grimes, John G

    2008-01-01

    .... The CNSS performs the vital function of mobilizing the full, interagency National Security Community for the protection of telecommunications and information systems that support U.S. national security...

  2. Securing the Vista Environment

    CERN Document Server

    Gregory, Peter

    2007-01-01

    "Securing the Vista Environment" takes you on a quick tour of the most significant security features in Vista, Microsoft's first revision of Windows in almost six years. You'll get background on threats and vulnerabilities that will make you think differently about security. Security is more than just the technology and configurations--it's about how we use the system that makes it secure or not. Then we'll cover Vista's security features, from user privileges to Windows Defender, User Account Control, and BitLocker, as well as strategies for protecting your information from unwanted disclo

  3. Securing collaborative environments

    Energy Technology Data Exchange (ETDEWEB)

    Agarwal, Deborah [Lawrence Berkeley National Lab. (LBNL), Berkeley, CA (United States); Jackson, Keith [Lawrence Berkeley National Lab. (LBNL), Berkeley, CA (United States); Thompson, Mary [Lawrence Berkeley National Lab. (LBNL), Berkeley, CA (United States)

    2002-05-16

    The diverse set of organizations and software components involved in a typical collaboratory make providing a seamless security solution difficult. In addition, the users need support for a broad range of frequency and locations for access to the collaboratory. A collaboratory security solution needs to be robust enough to ensure that valid participants are not denied access because of its failure. There are many tools that can be applied to the task of securing collaborative environments and these include public key infrastructure, secure sockets layer, Kerberos, virtual and real private networks, grid security infrastructure, and username/password. A combination of these mechanisms can provide effective secure collaboration capabilities. In this paper, we discuss the requirements of typical collaboratories and some proposals for applying various security mechanisms to collaborative environments.

  4. 400-MWe consolidated nuclear steam system (CNSS). 1255 MWt CNSS design/cost update

    International Nuclear Information System (INIS)

    1984-07-01

    Since 1976 Babcock and Wilcox (B and W) has been extensively involved in the development of a medium-sized (1255 MWt/400 MWe) reactor. Under the sponsorship of the U.S. Department of Energy (DOE) and through a contract with Oak Ridge National Laboratories (ORNL), B and W investigated the feasibility of the concept for utility power generation and cogenerated process heat. The potential benefits of the design, called the Consolidated Nuclear Steam System (CNSS), were also identified. This study provides an update of the CNSS design and cost reflecting current regulatory requirements and operating reactor experience. The study was funded by DOE through ORNL and was performed by B and W and UE and C

  5. Forensic nursing in secure environments.

    Science.gov (United States)

    Shelton, Deborah

    2009-01-01

    There are few well-designed studies of corrections or prison nursing roles. This study seeks to describe the corrections or prison role of forensic nurses in the United States who provide care in secure environments. National data detailing the scope of practice in secure environments are limited. This pencil and paper survey describes the roles of 180 forensic nurses from 14 states who work in secure environments. Descriptive statistics are utilized. A repeated measures ANOVA with post hoc analyses was implemented. These nurses were older than average in age, but had 10 years or less experience in forensic nursing practice. Two significant roles emerged to "promote and implement principles that underpin effective quality and practice" and to "assess, develop, implement, and improve programs of care for individuals." Significant roles varied based upon the security classification of the unit or institution in which the nurses were employed. Access to information about these nurses and their nursing practice was difficult in these closed systems. Minimal data are available nationally, indicating a need for collection of additional data over time to examine changes in role. It is through such developments that forensic nursing provided in secure environments will define its specialization and attract the attention it deserves.

  6. Application Security in the ISO27001 Environment

    CERN Document Server

    Vinod, Vasudevan; Firosh, Ummer

    2008-01-01

    Application Security in the ISO27001 Environment demonstrates how to secure software applications within a best practice ISO/IEC 27001 environment and supports implementation of the PCI DSS Payment Application Security Standard.

  7. Security Management Model in Cloud Computing Environment

    OpenAIRE

    Ahmadpanah, Seyed Hossein

    2016-01-01

    In the cloud computing environment, cloud virtual machine (VM) will be more and more the number of virtual machine security and management faced giant Challenge. In order to address security issues cloud computing virtualization environment, this paper presents a virtual machine based on efficient and dynamic deployment VM security management model state migration and scheduling, study of which virtual machine security architecture, based on AHP (Analytic Hierarchy Process) virtual machine de...

  8. Security Technologies for Open Networking Environments (STONE)

    Energy Technology Data Exchange (ETDEWEB)

    Muftic, Sead

    2005-03-31

    Under this project SETECS performed research, created the design, and the initial prototype of three groups of security technologies: (a) middleware security platform, (b) Web services security, and (c) group security system. The results of the project indicate that the three types of security technologies can be used either individually or in combination, which enables effective and rapid deployment of a number of secure applications in open networking environments. The middleware security platform represents a set of object-oriented security components providing various functions to handle basic cryptography, X.509 certificates, S/MIME and PKCS No.7 encapsulation formats, secure communication protocols, and smart cards. The platform has been designed in the form of security engines, including a Registration Engine, Certification Engine, an Authorization Engine, and a Secure Group Applications Engine. By creating a middleware security platform consisting of multiple independent components the following advantages have been achieved - Object-oriented, Modularity, Simplified Development, and testing, Portability, and Simplified extensions. The middleware security platform has been fully designed and a preliminary Java-based prototype has been created for the Microsoft Windows operating system. The Web services security system, designed in the project, consists of technologies and applications that provide authentication (i.e., single sign), authorization, and federation of identities in an open networking environment. The system is based on OASIS SAML and XACML standards for secure Web services. Its topology comprises three major components: Domain Security Server (DSS) is the main building block of the system Secure Application Server (SAS) Secure Client In addition to the SAML and XACML engines, the authorization system consists of two sets of components An Authorization Administration System An Authorization Enforcement System Federation of identities in multi

  9. A Cluster- Based Secure Active Network Environment

    Institute of Scientific and Technical Information of China (English)

    CHEN Xiao-lin; ZHOU Jing-yang; DAI Han; LU Sang-lu; CHEN Gui-hai

    2005-01-01

    We introduce a cluster-based secure active network environment (CSANE) which separates the processing of IP packets from that of active packets in active routers. In this environment, the active code authorized or trusted by privileged users is executed in the secure execution environment (EE) of the active router, while others are executed in the secure EE of the nodes in the distributed shared memory (DSM) cluster. With the supports of a multi-process Java virtual machine and KeyNote, untrusted active packets are controlled to securely consume resource. The DSM consistency management makes that active packets can be parallelly processed in the DSM cluster as if they were processed one by one in ANTS (Active Network Transport System). We demonstrate that CSANE has good security and scalability, but imposing little changes on traditional routers.

  10. Operational security in a grid environment

    CERN Document Server

    CERN. Geneva

    2008-01-01

    This talk presents the main goals of computer security in a grid environment, by using a FAQ approach. It details the evolution of the risks in the recent years, likely objectives for attackers and the progress made by the malware toolkits and frameworks. Finally, recommendations to deal with these threats are proposed.

  11. CNSS plant concept, capital cost, and multi-unit station economics

    Energy Technology Data Exchange (ETDEWEB)

    1984-07-01

    United Engineers and Constructors (UE and C) and the Babcock and Wilcox Company (B and W) have performed several studies over the last eight years related to small integral pressurized water reactors. These reactors include the 365 MWt (100 MWe) Consolidated Nuclear Steam Generator (CNSG) and the 1200 MWt Consolidated Nuclear Steam System (CNSS). The studies, mostly performed under contract to the Oak Ridge National Laboratory, have led to a 1250 MWt (400 MWe) Consolidated Nuclear Steam System (CNSS) plant concept, with unique design and cost features. This report contains an update of earlier studies of the CNSS reactor and balance-of-plant concept design, capital costs, and multi-unit plant economics incorporating recent design developments, improvements, and post-TMI-2 upgrades. The economic evaluation compares the total system economic impact of a phased, three stage 400 MWe CNSS implementation program, i.e., a three-unit station, to the installation of a single 1200 MWe Pressurized Water Reactor (PWR) into a typical USA utility system.

  12. CNSS plant concept, capital cost, and multi-unit station economics

    International Nuclear Information System (INIS)

    1984-07-01

    United Engineers and Constructors (UE and C) and the Babcock and Wilcox Company (B and W) have performed several studies over the last eight years related to small integral pressurized water reactors. These reactors include the 365 MWt (100 MWe) Consolidated Nuclear Steam Generator (CNSG) and the 1200 MWt Consolidated Nuclear Steam System (CNSS). The studies, mostly performed under contract to the Oak Ridge National Laboratory, have led to a 1250 MWt (400 MWe) Consolidated Nuclear Steam System (CNSS) plant concept, with unique design and cost features. This report contains an update of earlier studies of the CNSS reactor and balance-of-plant concept design, capital costs, and multi-unit plant economics incorporating recent design developments, improvements, and post-TMI-2 upgrades. The economic evaluation compares the total system economic impact of a phased, three stage 400 MWe CNSS implementation program, i.e., a three-unit station, to the installation of a single 1200 MWe Pressurized Water Reactor (PWR) into a typical USA utility system

  13. 32 CFR 2001.50 - Telecommunications automated information systems and network security.

    Science.gov (United States)

    2010-07-01

    ... NATIONAL SECURITY INFORMATION Safeguarding § 2001.50 Telecommunications automated information systems and... identified in the Committee on National Security Systems (CNSS) issuances and the Intelligence Community Directive (ICD) 503, Intelligence Community Information Technology Systems Security Risk Management...

  14. Web Server Security on Open Source Environments

    Science.gov (United States)

    Gkoutzelis, Dimitrios X.; Sardis, Manolis S.

    Administering critical resources has never been more difficult that it is today. In a changing world of software innovation where major changes occur on a daily basis, it is crucial for the webmasters and server administrators to shield their data against an unknown arsenal of attacks in the hands of their attackers. Up until now this kind of defense was a privilege of the few, out-budgeted and low cost solutions let the defender vulnerable to the uprising of innovating attacking methods. Luckily, the digital revolution of the past decade left its mark, changing the way we face security forever: open source infrastructure today covers all the prerequisites for a secure web environment in a way we could never imagine fifteen years ago. Online security of large corporations, military and government bodies is more and more handled by open source application thus driving the technological trend of the 21st century in adopting open solutions to E-Commerce and privacy issues. This paper describes substantial security precautions in facing privacy and authentication issues in a totally open source web environment. Our goal is to state and face the most known problems in data handling and consequently propose the most appealing techniques to face these challenges through an open solution.

  15. Secure Environments for Collaboration among Ubiquitous Roaming Entities

    DEFF Research Database (Denmark)

    Jensen, Christian D.

    2002-01-01

    SECURE is a newly started IST project, which addresses secure collaboration among computational entities in emerging global computing systems. The properties of these systems introduce new security challenges that are not adequately addressed by existing security models and mechanisms. The scale ...... and uncertainty of this global computing environment invalidates existing security models. Instead, new security models have to be developed along with new security mechanisms that control access to protected resources.......SECURE is a newly started IST project, which addresses secure collaboration among computational entities in emerging global computing systems. The properties of these systems introduce new security challenges that are not adequately addressed by existing security models and mechanisms. The scale...

  16. Robotic security vehicle for exterior environments

    International Nuclear Information System (INIS)

    Klarer, P.R.; Workhoven, R.M.

    1988-01-01

    This paper describes a current effort at Sandia National Labs to develop an outdoor robotic vehicle capable of performing limited security functions autonomously in a structured environment. The present stage of development entails application of algorithms originally developed for the SIR vehicle to a testbed vehicle more appropriate to an outdoor environment. The current effort will culminate in a full scale demonstration of autonomous navigation capabilities on routine patrol and teleoperation by a human operator for alarm assessment and response. Various schemes for implementation of the robot system are discussed, as are plans for further development of the system

  17. Using Trust for Secure Collaboration in Uncertain Environments

    DEFF Research Database (Denmark)

    Cahill, Vinny; Gray, Elizabeth; Seigneur, Jean-Marc

    2003-01-01

    The SECURE project investigates the design of security mechanisms for pervasive computing based on trust. It addresses how entities in unfamiliar pervasive computing environments can overcome initial suspicion to provide secure collaboration.......The SECURE project investigates the design of security mechanisms for pervasive computing based on trust. It addresses how entities in unfamiliar pervasive computing environments can overcome initial suspicion to provide secure collaboration....

  18. Secure vendor environment (SVE) for PACS

    Science.gov (United States)

    Honeyman-Buck, Janice; Frost, Meryll

    2005-04-01

    A Secure Vendor Environment (SVE) was created to protect radiology modalities from network intrusion, worms, viruses, and other forms of damaging attacks. Many vendors do not attempt any form of network security and if an institution demands a non-standard and secure installation, a future system upgrade could and frequently does eliminate any security measures installed during the initial installation. The SVE isolates the vendor equipment behind a virtual firewall on a private network that is invisible to the outside world. All interactions must go though a device containing two network interface cards called an Application Processor that acts as a store-and forward router, performs DICOM repair, proxies modality worklist, and isolates the vendor modalities. A small VPN appliance can open the device temporarily for remote access by vendor engineers. Prior to the routine installation of the SVE, vendor equipment was often attacked by hostile network intruders and viruses or worms, sometimes rendering the equipment unusable until the vendor could reload the system. The resulted in considerable clinical downtime and loss of revenue. Since the relatively low cost SVE solution has routinely been installed with all new equipment, no intrusions have occurred, although our network sniffers and intrusion detectors indicate that we are constantly being scanned for vulnerability. Purpose: To provide a secure network for vendor equipment in a PACS environment while allowing vendor access for upgrades and system repairs. Method: The network administrators at our university believe that network security should be implemented at the machine level rather than relying on a firewall. A firewall solution could conceivably block unwanted intrusion from outside the university network, but would still allow literally thousands of potential network users to get through to the PACS network. All the PACS archive, display and routing systems are individually protected from intrusion, but

  19. Security controls in a Cullinet database environment

    International Nuclear Information System (INIS)

    Thompson, R.E.

    1988-01-01

    Security controls using Cullinet's Integrated Data Management System (IDMS) are examined. IDMS software integrity problems, with emphasis on security package interfaces, are disclosed. Solutions applied at Sandia Laboratories Engineering Information Management computing facilty are presented. An overall IDMS computer security philosophy is reviewed

  20. Information Assurance Security in the Information Environment

    CERN Document Server

    Blyth, Andrew

    2006-01-01

    Intended for IT managers and assets protection professionals, this work aims to bridge the gap between information security, information systems security and information warfare. It covers topics such as the role of the corporate security officer; Corporate cybercrime; Electronic commerce and the global marketplace; Cryptography; and, more.

  1. Design and Implementation of Wiki Services in a Multilevel Secure Environment

    National Research Council Canada - National Science Library

    Ong, Kar L

    2007-01-01

    The Monterey Security Architecture (MYSEA) provides a distributed multilevel secure networking environment where authenticated users can securely access data and services at different security classification levels...

  2. 6th Annual Homeland Security and Defense Education Summit, Developing an Adaptive Homeland Security Environment

    OpenAIRE

    2013-01-01

    6th Annual Homeland Security and Defense Education Summit Developing an Adaptive Homeland Security Environment, Burlington, MA, September 26-28, 2013 2013 Summit Agenda Naval Postgraduate School Center for Homeland Defense and Security In Partnership With Northeastern University, Department of Homeland Security, Federal Emergency Management Agency, National Guard Homeland Security Institute, National Homeland Defense Foundation Naval Postgraduate School Center for Homeland Defense and S...

  3. Population, environment and security: a new trinity.

    Science.gov (United States)

    Hartmann, B

    1998-10-01

    This paper critically examines the literature on the interaction between population, the environment, and development. It posits that population pressure and resource scarcities are unfairly blamed for internal conflicts in Africa, Asia, and Latin America. Internal conflicts are, in fact, affected by underlying economic and political causes (international companies, development assistance agencies, and military). This reasoning implies that the national security threats are environmental groups, poor women, and social change groups, which in fact should be integrated within solutions to poverty, environmental destruction, and violence. The US military's focus on "neutralizing environmental consequences that could lead to instability" and promoting sustainable development is misspecified and falls within the domain of civilian agencies. Use of military satellites by the US Central Intelligence Agency in environmental surveillance raises questions about the management of secret archives. The scarcity-conflict model has an indirect role in misshaping public opinion, legitimizes population control as a top priority, neglects gender issues, and dehumanizes refugees. Evidence indicates that the conflicts in Rwanda were the result of institutional failure and ethnic divisions. Homer-Dixon's model fails due to weak definitions of scarcity, ignorance of the role of colonial history and economic inequities, idealized views of the state, and neglect of external factors. The scarcity-conflict model is popular due to opportunism and political pragmatism. For the military, it provides new rationales for a huge budget.

  4. Managing security in an e-business environment

    OpenAIRE

    Davcev, Ljupco

    2009-01-01

    Technological developments over the past few years have made significant contributions to securing the Internet for e-business. Ensuring security for e-business information exchange is essential as it entails exchange of sensitive information. E-business transactions entail transfer of funds with buyers, sellers and business partners. Vulnerabilities and security incidents in the digital environment require an understanding of technology issues and security challenges for privacy and trust...

  5. Evaluation of Data Security Measures in a Network Environment Towards Developing Cooperate Data Security Guidelines

    OpenAIRE

    Ayub Hussein Shirandula; Dr. G. Wanyembi; Mr. Maina karume

    2012-01-01

    Data security in a networked environment is a topic that has become significant in organizations. As companies and organizations rely more on technology to run their businesses, connecting system to each other in different departments for efficiency data security is the concern for administrators. This research assessed the data security measures put in place at Mumias Sugar Company and the effort it was using to protect its data. The researcher also highlighted major security issues that wer...

  6. Security in cloud computing and virtual environments

    OpenAIRE

    Aarseth, Raymond

    2015-01-01

    Cloud computing is a big buzzwords today. Just watch the commercials on TV and I can promise that you will hear the word cloud service at least once. With the growth of cloud technology steadily rising, and everything from cellphones to cars connected to the cloud, how secure is cloud technology? What are the caveats of using cloud technology? And how does it all work? This thesis will discuss cloud security and the underlying technology called Virtualization to ...

  7. Urban environment and health: food security.

    Science.gov (United States)

    Galal, Osman; Corroon, Meghan; Tirado, Cristina

    2010-07-01

    The authors examine the impact of urbanization on food security and human health in the Middle East. Within-urban-population disparities in food security represent one of the most dramatic indicators of economic and health disparities. These disparities are reflected in a double burden of health outcomes: increasing levels of chronic disease as well as growing numbers of undernourished among the urban poor. These require further comprehensive solutions. Some of the factors leading to food insecurity are an overdependence on purchased food commodities, lack of sufficient livelihoods, rapid reductions in peripheral agricultural land, and adverse impacts of climate change. The Food and Agriculture Organization of the United Nations (FAO) Food Security Framework is used to examine and compare 2 cities in the Middle East: Amman, Jordan, and Manama, Bahrain.

  8. 400-MWe Consolidated Nuclear Steam System (CNSS). 1200-MWt Phase 2A interim studies

    International Nuclear Information System (INIS)

    1978-09-01

    The Phase 2A interim studies of the Consolidated Nuclear Steam System (CNSS) consisted of a number of separate task studies addressing the design concepts developed during the Phase 1 study reported in BAW--1445. The purpose of the interim studies was to better establish overall concept feasibility from both a hardware and economic standpoint, to make modification and additions to the design where appropriate, and to understand and reduce the technical risks in critical areas of the design. The work on these task studies included input from Barberton, Mt. Vernon, and the Alliance Research Center as well as United Engineers and Constructors (UE and C). The UE and C work was carried out under a separate DOE contract

  9. 400-MWe consolidated nuclear steam system (CNSS): 1200-MWt/conceptual design

    International Nuclear Information System (INIS)

    1977-06-01

    A 1200-MWt consolidated nuclear steam system (CNSS) conceptual design is described. The concept, derived from nuclear merchant ship propulsion steam systems but distinctly different from those systems in detail, incorporates the steam generators within the reactor pressure vessel. This configuration eliminates primary coolant circulating piping external to the reactor pressure vessel since the primary coolant circulating pumps are mounted in the pressure vessel head. So arranged, the maximum piping break that must be assumed is that of the pressurizer surge line, which is substantially smaller than a primary coolant circulating line. A fracture of the pressurizer surge line would result in substantially lower mass and energy release rates of the primary coolant during the assumed loss-of-coolant accident. This in turn makes practical a pressure-suppression containment rather than the ''dry'' containment commonly used for pressurized water reactors

  10. 400-MWe Consolidated Nuclear Steam System (CNSS). 1200-MWt Phase 2A interim studies. [PWR

    Energy Technology Data Exchange (ETDEWEB)

    1978-09-01

    The Phase 2A interim studies of the Consolidated Nuclear Steam System (CNSS) consisted of a number of separate task studies addressing the design concepts developed during the Phase 1 study reported in BAW--1445. The purpose of the interim studies was to better establish overall concept feasibility from both a hardware and economic standpoint, to make modification and additions to the design where appropriate, and to understand and reduce the technical risks in critical areas of the design. The work on these task studies included input from Barberton, Mt. Vernon, and the Alliance Research Center as well as United Engineers and Constructors (UE and C). The UE and C work was carried out under a separate DOE contract.

  11. Secure Web System in a Cloud Environment

    OpenAIRE

    Pokherl, Bibesh

    2013-01-01

    Advent of cloud computing has brought a lot of benefits for users based on its essential characteristics. Users are attracted by its costs per use service and rapidly deploy their applications in the cloud and scale by using virtualization technology without investing in their own IT infrastructure. These applications can be accessed through web based technology, such as web browsers or mobile apps. However, security becomes a major challenge when user’s data and applications are stored in a ...

  12. Secure Enclaves: An Isolation-centric Approach for Creating Secure High Performance Computing Environments

    Energy Technology Data Exchange (ETDEWEB)

    Aderholdt, Ferrol [Tennessee Technological Univ., Cookeville, TN (United States); Caldwell, Blake A. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Hicks, Susan Elaine [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Koch, Scott M. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Naughton, III, Thomas J. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Pelfrey, Daniel S. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Pogge, James R [Tennessee Technological Univ., Cookeville, TN (United States); Scott, Stephen L [Tennessee Technological Univ., Cookeville, TN (United States); Shipman, Galen M. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Sorrillo, Lawrence [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States)

    2017-01-01

    High performance computing environments are often used for a wide variety of workloads ranging from simulation, data transformation and analysis, and complex workflows to name just a few. These systems may process data at various security levels but in so doing are often enclaved at the highest security posture. This approach places significant restrictions on the users of the system even when processing data at a lower security level and exposes data at higher levels of confidentiality to a much broader population than otherwise necessary. The traditional approach of isolation, while effective in establishing security enclaves poses significant challenges for the use of shared infrastructure in HPC environments. This report details current state-of-the-art in virtualization, reconfigurable network enclaving via Software Defined Networking (SDN), and storage architectures and bridging techniques for creating secure enclaves in HPC environments.

  13. Web Syndication in a Multilevel Security Environment

    Science.gov (United States)

    2012-03-01

    Group LAMP Linux, Apache, MySQL and PHP LAN Local Area Network MAC Mandatory Access Control MILS Multiple Independent Levels of Security MLS Multilevel...Reader [35] Section 1.4.3 – X X X X X FeedShow [36] Section 1.4.3 – X X X X feed on feeds [37] Section 1.4.3 GPL PHP 4.3.2+, MySQL – X X / Tiny Tiny RSS...38] Section 1.4.3 GPL PHP 5+, MySQL /Postgres – X X X X – zFeeder [39] Section 1.4.3 GPL PHP 4.2+ – X X – / lylina [40] Section 1.4.3 GPL PHP 5.2

  14. Environment and homeland security in France

    International Nuclear Information System (INIS)

    Taithe, Alexandre

    2011-01-01

    The author comments the impact of extreme events related to global warming and climate change on the French homeland security. He comments the evolution of temperature during the last century, the various transformations notably predicted by IPCC reports, and the various climate evolutions. Then, he discusses impacts of climate change on different economic sectors. He notably addresses the impact on coast lines (risks of submersion and erosion, more particularly for overseas territories), the impact extreme events may have on soft water (a temperature rise would impact the operation of nuclear plants; sewage and water networks will be threatened by more intense rainfalls), the positive and negative impacts on forests (high productivity but loss of diversity, development of parasites, risks of forest fires), and the impacts on various economic activities (agriculture, food supply, tourism, insurance) and on health

  15. IMIRSEL: a secure music retrieval testing environment

    Science.gov (United States)

    Downie, John S.

    2004-10-01

    The Music Information Retrieval (MIR) and Music Digital Library (MDL) research communities have long noted the need for formal evaluation mechanisms. Issues concerning the unavailability of freely-available music materials have greatly hindered the creation of standardized test collections with which these communities could scientifically assess the strengths and weaknesses of their various music retrieval techniques. The International Music Information Retrieval Systems Evaluation Laboratory (IMIRSEL) is being developed at the University of Illinois at Urbana-Champaign (UIUC) specifically to overcome this hindrance to the scientific evaluation of MIR/MDL systems. Together with its subsidiary Human Use of Music Information Retrieval Systems (HUMIRS) project, IMIRSEL will allow MIR/MDL researchers access to the standardized large-scale collection of copyright-sensitive music materials and standardized test queries being housed at UIUC's National Center for Supercomputing Applications (NCSA). Virtual Research Labs (VRL), based upon NCSA's Data-to-Knowledge (D2K) tool set, are being developed through which MIR/MDL researchers will interact with the music materials under a "trusted code" security model.

  16. A Secure Authenticate Framework for Cloud Computing Environment

    OpenAIRE

    Nitin Nagar; Pradeep k. Jatav

    2014-01-01

    Cloud computing has an important aspect for the companies to build and deploy their infrastructure and application. Data Storage service in the cloud computing is easy as compare to the other data storage services. At the same time, cloud security in the cloud environment is challenging task. Security issues ranging from missing system configuration, lack of proper updates, or unwise user actions from remote data storage. It can expose user’s private data and information to unwanted access. i...

  17. Shift work in a security environment

    International Nuclear Information System (INIS)

    Longhouser, G.A. Jr.

    1993-01-01

    Human beings are diurnal species, normally active by day and asleep by night. Yet over thirty million Americans struggle with work schedules that include an off-normal work effort. The railroads, law enforcement, health services, Department of Defense, factory workers, chemical plants and public services, communications and utility workers must provide some form of around-the-clock effort. Shift work has been around since the advent of recorded history. There has always been a need for some type of off-normal service and assistance. The impact of shift work is replete with tales and factual evidence of an increased personnel error rate; disorders, both personal and family, and of course, increased accident events. In recent memory, the Three Mile Island Nuclear Plant incident, Union Carbide's explosion in Bhopal, and the Chernobyl Nuclear Plant catastrophe all occurred during off-normal working hours. Yet management overall has done little to correct the production-driven twelve hour, seven day week shift mentality of the nineteenth century. Most schedules in use today are nothing more than cosmetic variations of the old production schedules. This could be driven by a management consideration of the worker's response to change coupled with a reluctant buy-in of responsibility for the effects of change. Florida Power Corporation has developed for its nuclear security force, a unique work schedule which attempts to employ the sound principles of circadian rhythms coupled with a comprehensive training program to counter the problems associated with shift work. The results over the last four years have seen a marked reduction in the generic problems of personnel errors, absenteeism, unscheduled overtime and turnover rates. Utilization and understanding of this scheduling process for rotational shift work needs to be assessed to determine if the benefits are site specific or provide an expected response to the problems of shift work

  18. Deterrence and the New Global Security Environment - Lecture note

    International Nuclear Information System (INIS)

    Sitt, Bernard

    2006-01-01

    This lecture note makes an analysis of a collective publication entitled 'Deterrence and the New Global Security Environment', edited by Ian Kenyon and John Simpson (Routledge, New York, 2006). This collection of papers rigorously examines the current place of deterrence in international security relations, delivering the best of contemporary thinking. This is a special issue of the leading journal 'Contemporary Security Policy'. The present Lecture note emphasises a particular deterrence situation mentioned in this publication which is the one involving terrorist actors

  19. Security risks associated with radio frequency identification in medical environments.

    Science.gov (United States)

    Hawrylak, Peter J; Schimke, Nakeisha; Hale, John; Papa, Mauricio

    2012-12-01

    Radio frequency identification (RFID) is a form of wireless communication that is used to identify assets and people. RFID has significant benefits to the medical environment. However, serious security threats are present in RFID systems that must be addressed in a medical environment. Of particular interest are threats to patient privacy and safety based on interception of messages, interruption of communication, modification of data, and fabrication of messages and devices. This paper presents an overview of these security threats present in RFID systems in a medical environment and provides guidance on potential solutions to these threats. This paper provides a roadmap for researchers and implementers to address the security issues facing RFID in the medical space.

  20. A secure medical data exchange protocol based on cloud environment.

    Science.gov (United States)

    Chen, Chin-Ling; Yang, Tsai-Tung; Shih, Tzay-Farn

    2014-09-01

    In recent years, health care technologies already became matured such as electronic medical records that can be easily stored. However, how to get medical resources more convenient is currently concern issue. In spite of many literatures discussed about medical systems, but these literatures should face many security challenges. The most important issue is patients' privacy. Therefore, we propose a secure medical data exchange protocol based on cloud environment. In our scheme, we use mobile device's characteristics, allowing peoples use medical resources on the cloud environment to seek medical advice conveniently.

  1. Latvian Security and Defense Policy within the Twenty-First Century Security Environment

    Directory of Open Access Journals (Sweden)

    Rublovskis Raimonds

    2014-12-01

    Full Text Available The aim of this paper is to analyze fundamental factors which form and profoundly shape security and defense policy of the Republic of Latvia. One can argue that historical background, geographical location, common institutional history within the former Soviet Union, the Russia factor, the relative smallness of the territory of state and the population, the ethnic composition of the population, the low density of the population and rather limited financial and manpower resources available for the defense of the Republic of Latvia are the key factors of influence on the state security and defense policy. The core principles of the security and defense policy of Latvia are the membership in powerful global military alliance of NATO and bilateral strategic partnership with the United States. However, security and defense cooperation among the three Baltic States as well as enhanced cooperation within the Baltic-Nordic framework is seen as an important supplementary factor for the increased security of the Republic of Latvia. Latvia has developed a sustainable legal and institutional framework in order to contribute to state security and defense; however, security challenges and significant changes within the global security environment of the twenty-first century will further challenge the ability of the Republic of Latvia to sustain its current legal framework, and more importantly, current institutional structure of Latvian security and defense architecture. Significant internal and external challenges will impact the fundamental pillars of Latvian security and defense policy, such as American strategic shift to the Pacific, and lack of political will to increase defense budgets in European part of NATO. It has to be clear that very independence, security and defense of the Republic of Latvia depend on the ability of NATO to remain an effective organization with timely and efficient decision-making, and the ability of the United States to remain

  2. Еcological security of environment in Zhytomyr region

    Directory of Open Access Journals (Sweden)

    I.М. Kovalevska

    2016-03-01

    Full Text Available The article is aiming at the study of environmental hazards in Zhytomir region. Its main objective is to identify the set of adverse factors affecting the state of danger and compose a necessary starting material for the prediction of possible negative consequences, their nature and extent. The matter of special importance for the study of the phenomenon of security is the security classification. First of all, the forms (system of security in relation to the forces and processes of natural, social and technical character should be distinguished. They can be defined as systems of geo-bio-physical, social and technical security. The classification of security can be determined in many ways, for example, in relation to the object of security; in relation to the subject of security; according to the problem indication; according to the functional indication. Security is a distinctive characteristic and prerequisite of life, progressive development and viability of real-world objects. The methodology of its evaluation is based on the states of the essence of natural and anthropogenic environmental pollution, the standard requirements for the quality of environmental objects and standards of acceptable contamination. The assessment of ecological security of the environment is the quantitative measure of parameters of environmental pollution dangers, threats and risks of natural character as well as the state of anthropogenic security. This assessment is carried out according to the methods and ways to measure environmental parameters. For this purpose it is important to know the factors of danger and the system of indicators that characterizes all natural and environmental phenomena and processes of geo-ecological dangers, natural environmental conditions, ecological condition. The system of natural and industrial environmental indicators consists of the indicators which characterize all phenomena and processes of geo-ecological dangers of natural

  3. Trust Model to Enhance Security and Interoperability of Cloud Environment

    Science.gov (United States)

    Li, Wenjuan; Ping, Lingdi

    Trust is one of the most important means to improve security and enable interoperability of current heterogeneous independent cloud platforms. This paper first analyzed several trust models used in large and distributed environment and then introduced a novel cloud trust model to solve security issues in cross-clouds environment in which cloud customer can choose different providers' services and resources in heterogeneous domains can cooperate. The model is domain-based. It divides one cloud provider's resource nodes into the same domain and sets trust agent. It distinguishes two different roles cloud customer and cloud server and designs different strategies for them. In our model, trust recommendation is treated as one type of cloud services just like computation or storage. The model achieves both identity authentication and behavior authentication. The results of emulation experiments show that the proposed model can efficiently and safely construct trust relationship in cross-clouds environment.

  4. A Practice of Secure Development and Operational Environment Plan

    International Nuclear Information System (INIS)

    Park, Jaekwan; Seo, Sangmun; Suh, Yongsukl; Park, Cheol

    2017-01-01

    This paper suggests a practice of plan for SDOE establishment in a nuclear I and C. First, it is necessary to perform a requirements analysis to define key regulatory issues and determine the target systems. The analysis includes a survey to find out the applicable measures credited internationally. Based on the analysis results, this paper proposes an implementation plan including a process harmonizing security activities with legacy software activities and applicable technical, operational, and management measures for target systems. Recently, nuclear I and C has been faced with two security issues, cyber security (CS) and secure development and operational environment (SDOE). Unlike cyber security, few studies on planning SDOE have been presented. This paper suggests a plan for establishing an SDOE in a nuclear I and C. This paper defines three key considerations to comply with the regulatory position of RG. 1.152(R3) and proposes a process harmonizing the security activities with legacy software activities. In addition, this paper proposes technical, operational, and management measures applicable for SDOE.

  5. Precision Security: Integrating Video Surveillance with Surrounding Environment Changes

    Directory of Open Access Journals (Sweden)

    Wenfeng Wang

    2018-01-01

    Full Text Available Video surveillance plays a vital role in maintaining the social security although, until now, large uncertainty still exists in danger understanding and recognition, which can be partly attributed to intractable environment changes in the backgrounds. This article presents a brain-inspired computing of attention value of surrounding environment changes (EC with a processes-based cognition model by introducing a ratio value λ of EC-implications within considered periods. Theoretical models for computation of warning level of EC-implications to the universal video recognition efficiency (quantified as time cost of implication-ratio variations from λk to λk+1, k=1,2,… are further established. Imbedding proposed models into the online algorithms is suggested as a future research priority towards precision security for critical applications and, furthermore, schemes for a practical implementation of such integration are also preliminarily discussed.

  6. PLANNING INTELLIGENCE ACTIVITIES IN A DYNAMIC SECURITY ENVIRONMENT

    Directory of Open Access Journals (Sweden)

    Anca Pavel

    2016-10-01

    Full Text Available The hypothesis introduced by this article is that, in order to perform intelligence missions and to obtain valuable intelligence for the consumers it is necessary to implement processes and tools to support planning activities. Today's challenges consist rather in the ability of intelligence organizations to identify and initiate new connections, processes and communication flows with other partners operating in the security environment than to plan in their own name secret operations. From this point of view, planning activities should focus on new procedures, at a much more extensive level in order to align institutional efforts beyond the boundaries of their own organization and the national community of information. Also, in order to coordinate intelligence activities, strategic planning must be anchored into a complex analysis of the potential impact of existing and possible future global phenomena that shape the security environment and thus identify better ways of improving results.

  7. Research on Influence of Cloud Environment on Traditional Network Security

    Science.gov (United States)

    Ming, Xiaobo; Guo, Jinhua

    2018-02-01

    Cloud computing is a symbol of the progress of modern information network, cloud computing provides a lot of convenience to the Internet users, but it also brings a lot of risk to the Internet users. Second, one of the main reasons for Internet users to choose cloud computing is that the network security performance is great, it also is the cornerstone of cloud computing applications. This paper briefly explores the impact on cloud environment on traditional cybersecurity, and puts forward corresponding solutions.

  8. Security in Distributed Collaborative Environments: Limitations and Solutions

    Science.gov (United States)

    Saadi, Rachid; Pierson, Jean-Marc; Brunie, Lionel

    The main goal of establishing collaboration between heterogeneous environment is to create such as Pervasive context which provide nomadic users with ubiquitous access to digital information and surrounding resources. However, the constraints of mobility and heterogeneity arise a number of crucial issues related to security, especially authentication access control and privacy. First of all, in this chapter we explore the trust paradigm, specially the transitive capability to enable a trust peer to peer collaboration. In this manner, when each organization sets its own security policy to recognize (authenticate) users members of a trusted community and provide them a local access (access control), the trust transitivity between peers will allows users to gain a broad, larger and controlled access inside the pervasive environment. Next, we study the problem of user's privacy. In fact in pervasive and ubiquitous environments, nomadic users gather and exchange certificates or credential which providing them rights to access by transitivity unknown and trusted environments. These signed documents embeds increasing number of attribute that require to be filtered according to such contextual situation. In this chapter, we propose a new morph signature enabling each certificate owner to preserve his privacy by discloses or blinds some sensitive attributes according to faced situation.

  9. Building Psychological Contracts in Security-Risk Environments

    DEFF Research Database (Denmark)

    Ramirez, Jacobo; Madero, Sergio; Vélez-Zapata, Claudia

    2015-01-01

    This paper examines the reciprocal obligations between employers and employees that are framed as psychological contracts in security-risk environments. A total of 30 interviews based on psychological contract frameworks, duty-of-care strategies in terms of human resource management (HRM) systems...... and the impacts of narcoterrorism on firms were conducted with human resources (HR) personnel, line managers and subordinates at eight national and multinational corporations (MNCs) with subsidiaries in Colombia and Mexico. Our findings generally support the existence of a relational psychological contract in our...... sample. Duty-of-care strategies based on both HRM systems and the sensitivities of HR personnel and line managers to the narcoterrorism context, in combination with both explicit and implicit security policies, tend to be the sources of the content of psychological contracts. We propose a psychological...

  10. Security environment and nuclear proliferation problems in East Asia

    International Nuclear Information System (INIS)

    Suh, Mark Byung-Moon

    1997-01-01

    East Asia was and still is divided into two conflicting ideological blocs. Because of the Cold War between these two blocs, two international wars were fought and tensions limited interactions among these countries. Despite these political constraints, in recent years East Asia has become economically one of the most dynamic regions in the world. Now that the Cold War between the USA and the Soviet Union is over, the danger of global nuclear war involving the nuclear powers in the region has been practically eliminated. Nonetheless, security has become more complex and demands a whole new set of arrangements. Yet the region lacks a cohesive multilateral framework for conflict resolution, and only recently have various attempts been made to create a political forum for the countries in the region. The problem and the danger of nuclear proliferation was vividly shown by the North Korean nuclear crisis in the last years. This issue not only halted the fragile process of normalization between the two Koreas, which started in 1988, but almost led to a new military conflict on the peninsula involving the two Koreas and the USA. It was defused only after the USA proved willing to offer security guarantees to North Korea. This problem still needs to be resolved, and it demands radical changes in the overall political environment in the region. Needless to say, proliferation in North Korea would have entailed grave consequences for the security of the region as well as for the international non-proliferation regime. This paper reviews the issue of nuclear proliferation of the three non-nuclear states in the region and deals with the non-introduction of nuclear weapons in the region by the nuclear powers. It discusses the prospects for a nuclear-weapon-free zone on the Korean peninsula. Perspectives of a sustainable security environment in East Asia will be briefly discussed

  11. Enhancing energy security in Malayia: the challenges towards sustainable environment

    International Nuclear Information System (INIS)

    Sahid, E J M; Peng, L Y; Siang, C Ch

    2013-01-01

    Energy is known as one of the essential ingredients for economic development and security of energy supply is crucial in ensuring continuous economic development of a country. Malaysia's proven domestic oil reserves are estimated to last for another 25 years, while that of gas for another 39 years as of 2011. Despite the depleting indigenous energy resources, the primary energy demand has continued to grow robustly, at an annual rate of 6.3 percent per year from 1990 to 2010, while the primary energy import has grown 7.2% per year and the primary energy export has grown at a slower rate of 1.9% per year. This worrying trend is further compounded by the faster rate of primary oil import averaging 10.5% per year while the primary energy export has shrink at a rate of 1.4% per year. This paper has identified two main concerns namely overdependence on fossil fuel and increasing energy import dependency in creating a precarious position towards energy self-sufficiency. The study will analyse the energy security of the country and explore possible options and challenges in enhancing the energy supply security toward sustainable environment.

  12. Causes of improvement in the security environment of Iraq, 2006-2009

    OpenAIRE

    Wheeler, Seth A.

    2009-01-01

    Approved for public release, distribution unlimited Popular consensus exists that the 2007 surge of U.S. forces in Iraq led to an improved security environment. The surge was designed to reduce violence and improve security by protecting the Iraqi population - a change in strategy. According to the consensus, the security environment improved due to the surge, measured by the decreasing number of attacks. For this thesis, the security environment consists of the number of attacks and t...

  13. An Analysis of Security System for Intrusion in Smartphone Environment

    Directory of Open Access Journals (Sweden)

    Maya Louk

    2014-01-01

    Full Text Available There are many malware applications in Smartphone. Smartphone’s users may become unaware if their data has been recorded and stolen by intruders via malware. Smartphone—whether for business or personal use—may not be protected from malwares. Thus, monitoring, detecting, tracking, and notification (MDTN have become the main purpose of the writing of this paper. MDTN is meant to enable Smartphone to prevent and reduce the number of cybercrimes. The methods are shown to be effective in protecting Smartphone and isolating malware and sending warning in the form of notification to the user about the danger in progress. In particular, (a MDTN process is possible and will be enabled for Smartphone environment. (b The methods are shown to be an advanced security for private sensitive data of the Smartphone user.

  14. An analysis of security system for intrusion in Smartphone environment.

    Science.gov (United States)

    Louk, Maya; Lim, Hyotaek; Lee, HoonJae

    2014-01-01

    There are many malware applications in Smartphone. Smartphone's users may become unaware if their data has been recorded and stolen by intruders via malware. Smartphone--whether for business or personal use--may not be protected from malwares. Thus, monitoring, detecting, tracking, and notification (MDTN) have become the main purpose of the writing of this paper. MDTN is meant to enable Smartphone to prevent and reduce the number of cybercrimes. The methods are shown to be effective in protecting Smartphone and isolating malware and sending warning in the form of notification to the user about the danger in progress. In particular, (a) MDTN process is possible and will be enabled for Smartphone environment. (b) The methods are shown to be an advanced security for private sensitive data of the Smartphone user.

  15. A cooperative model for IS security risk management in distributed environment.

    Science.gov (United States)

    Feng, Nan; Zheng, Chundong

    2014-01-01

    Given the increasing cooperation between organizations, the flexible exchange of security information across the allied organizations is critical to effectively manage information systems (IS) security in a distributed environment. In this paper, we develop a cooperative model for IS security risk management in a distributed environment. In the proposed model, the exchange of security information among the interconnected IS under distributed environment is supported by Bayesian networks (BNs). In addition, for an organization's IS, a BN is utilized to represent its security environment and dynamically predict its security risk level, by which the security manager can select an optimal action to safeguard the firm's information resources. The actual case studied illustrates the cooperative model presented in this paper and how it can be exploited to manage the distributed IS security risk effectively.

  16. The adoption of IT security standards in a healthcare environment.

    Science.gov (United States)

    Gomes, Rui; Lapão, Luís Velez

    2008-01-01

    Security is a vital part of daily life to Hospitals that need to ensure that the information is adequately secured. In Portugal, more CIOs are seeking that their hospital IS departments are properly protecting information assets from security threats. It is imperative to take necessary measures to ensure risk management and business continuity. Security management certification provides just such a guarantee, increasing patient and partner confidence. This paper introduces one best practice for implementing four security controls in a hospital datacenter infrastructure (ISO27002), and describes the security assessment for implementing such controls.

  17. Mastering wireless penetration testing for highly secured environments

    CERN Document Server

    Johns, Aaron

    2015-01-01

    This book is intended for security professionals who want to enhance their wireless penetration testing skills and knowledge. Since this book covers advanced techniques, you will need some previous experience in computer security and networking.

  18. Methodology for considering environments and culture in developing information security systems

    OpenAIRE

    Mwakalinga, G Jeffy; Kowalski, Stewart; Yngström, Louise

    2009-01-01

    In this paper, we describe a methodology for considering culture of users and environments when developing information security systems. We discuss the problem of how researchers and developers of security for information systems have had difficulties in considering culture of users and environments when they develop information security systems. This has created environments where people serve technology instead of technology serving people. Users have been considered just as any other compo...

  19. Operating Nuclear Power Stations in a Regulated Cyber Security Environment

    Energy Technology Data Exchange (ETDEWEB)

    Dorman, E.

    2014-07-01

    The United States Nuclear Regulatory Commission (NRC) issued 10CFR73.54 to implement a regulated Cyber Security Program at each operating nuclear reactor facility. Milestones were implemented December 31, 2012 to mitigate the attack vectors for the most critical digital assets acknowledged by the industry and the NR C. The NRC inspections have begun. The nuclear Cyber Security Plan, implemented by the site Cyber Security Program (Program), is an element of the operating license at each facility. (Author)

  20. Operating Nuclear Power Stations in a Regulated Cyber Security Environment

    International Nuclear Information System (INIS)

    Dorman, E.

    2014-01-01

    The United States Nuclear Regulatory Commission (NRC) issued 10CFR73.54 to implement a regulated Cyber Security Program at each operating nuclear reactor facility. Milestones were implemented December 31, 2012 to mitigate the attack vectors for the most critical digital assets acknowledged by the industry and the NR C. The NRC inspections have begun. The nuclear Cyber Security Plan, implemented by the site Cyber Security Program (Program), is an element of the operating license at each facility. (Author)

  1. Securing Resources in Collaborative Environments: A Peer-to-peerApproach

    Energy Technology Data Exchange (ETDEWEB)

    Berket, Karlo; Essiari, Abdelilah; Thompson, Mary R.

    2005-09-19

    We have developed a security model that facilitates control of resources by autonomous peers who act on behalf of collaborating users. This model allows a gradual build-up of trust. It enables secure interactions among users that do not necessarily know each other and allows them to build trust over the course of their collaboration. This paper describes various aspects of our security model and describes an architecture that implements this model to provide security in pure peer-to-peer environments.

  2. Family Food Security and Children’s Environment: A Comprehensive Analysis with Structural Equation Modeling

    OpenAIRE

    Che Wan Jasimah bt Wan Mohamed Radzi; Huang Hui; Nur Anisah Binti Mohamed @ A. Rahman; Hashem Salarzadeh Jenatabadi

    2017-01-01

    Structural Equation Modeling (SEM) has been used extensively in sustainability studies to model relationships among latent and manifest variables. This paper provides a tutorial exposition of the SEM approach in food security studies and introduces a basic framework based on family food security and children’s environment sustainability. This framework includes family food security and three main concepts representing children’s environment, including children’s BMI, health, and school perfor...

  3. A study of institutional environment and household food security at ...

    African Journals Online (AJOL)

    The study looked into the current scenario of food security in Rwanda. After analysing the national level institutional and food security scenarios by using available secondary data, the researchers used primary data that have been collected from a random sample of 200 households spreading over six sectors of the Huye ...

  4. Towards an automated security awareness system in a virtualized environment

    CSIR Research Space (South Africa)

    Labuschagne, WA

    2012-07-01

    Full Text Available resources. This is an efficient solution to access the Internet. However users might not be aware of the security threats that exist on using shared resources. Many companies provide security solutions to automatically protect resources on the network...

  5. Security Isolation Strategy Mechanism for Lightweight Virtualization Environment

    Directory of Open Access Journals (Sweden)

    Liu Qian

    2017-01-01

    Full Text Available For cloud service providers, lightweight virtualization is a more economical way of virtualization. While the user is worried about the safety of applications and data of the container, due to the container sharing the underlying interface and the kernel, therefore the security and trusted degree of lightweight virtualization container isolation mechanism is critical for the promotion of lightweight virtualization service. Because the user cannot directly participate in the process of the construction and management of container isolation mechanism, it is difficult for them to establish confidence in the security and trusted degree of container isolation mechanism. Based on the research and analysis of system credible and virtualization isolation mechanism, this paper puts forward a set of lightweight virtualization security isolation strategy mechanism, divides lightweight virtualization container storage address space into several parts, puts forward the definition of lightweight virtualization security isolation, gives the formal description and proof of container security isolation strategy, and combines with related technology to verify the feasibility of lightweight virtualization security isolation strategy mechanism. The mechanism has important guiding significance for cloud services providers to deploy container security isolation.

  6. Security Analysis in the Migration to Cloud Environments

    Directory of Open Access Journals (Sweden)

    Eduardo Fernández-Medina

    2012-05-01

    Full Text Available Cloud computing is a new paradigm that combines several computing concepts and technologies of the Internet creating a platform for more agile and cost-effective business applications and IT infrastructure. The adoption of Cloud computing has been increasing for some time and the maturity of the market is steadily growing. Security is the question most consistently raised as consumers look to move their data and applications to the cloud. We justify the importance and motivation of security in the migration of legacy systems and we carry out an analysis of different approaches related to security in migration processes to cloud with the aim of finding the needs, concerns, requirements, aspects, opportunities and benefits of security in the migration process of legacy systems.

  7. Recommendations on Future Operational Environments Command Control and Cyber Security

    OpenAIRE

    Goztepe, Kerim

    2015-01-01

    It is a well-known fact that today a nation's telecommunication networks, critical infrastructure, and information systems are vulnerable to growing number of attacks in cyberspace. Cyber space contains very different problems involving various sets of threats, targets and costs. Cyber security is not only problem of banking, communication or transportation. It also threatens core systems of army as command control. Some significant recommendations on command control (C2) and cyber security h...

  8. Secure environment for real-time tele-collaboration on virtual simulation of radiation treatment planning.

    Science.gov (United States)

    Ntasis, Efthymios; Maniatis, Theofanis A; Nikita, Konstantina S

    2003-01-01

    A secure framework is described for real-time tele-collaboration on Virtual Simulation procedure of Radiation Treatment Planning. An integrated approach is followed clustering the security issues faced by the system into organizational issues, security issues over the LAN and security issues over the LAN-to-LAN connection. The design and the implementation of the security services are performed according to the identified security requirements, along with the need for real time communication between the collaborating health care professionals. A detailed description of the implementation is given, presenting a solution, which can directly be tailored to other tele-collaboration services in the field of health care. The pilot study of the proposed security components proves the feasibility of the secure environment, and the consistency with the high performance demands of the application.

  9. Integrity and security in an Ada runtime environment

    Science.gov (United States)

    Bown, Rodney L.

    1991-01-01

    A review is provided of the Formal Methods group discussions. It was stated that integrity is not a pure mathematical dual of security. The input data is part of the integrity domain. The group provided a roadmap for research. One item of the roadmap and the final position statement are closely related to the space shuttle and space station. The group's position is to use a safe subset of Ada. Examples of safe sets include the Army Secure Operating System and the Penelope Ada verification tool. It is recommended that a conservative attitude is required when writing Ada code for life and property critical systems.

  10. Applying the National Industrial Security Program (NISP) in the laboratory environment

    International Nuclear Information System (INIS)

    Bruckner, D.G.

    1995-01-01

    With continuing changes in the world safeguards and security environment the effectiveness of many laboratory operations depends on correctly assessing the risk to its programs and developing protection technologies, research and concepts of operations being employed by the scientific community. This paper explores the opportunities afforded by the National Industrial Security Program (NISP) to uniformly and simply protect Laboratory security assets, sensitive and classified information and matter, during all aspects of a laboratory program. The developments in information systems, program security, physical security and access controls suggest an industrial security approach. This paper's overall objective is to indicate that the Laboratory environment is particularly well suited to take advantage being pursued by NISP and the performance objectives of the new DOE orders

  11. European Security Organizations in the Post-Cold-War Security Environment. The New Frame of European Security

    National Research Council Canada - National Science Library

    Bugai, Veaceslav

    2006-01-01

    .... In particular, it gives an over view of the transformations that occurred within NATO and OSCE in the post-Cold War period, which have created and developed new security mechanisms and policies for dealing with crises...

  12. Securing the Data Storage and Processing in Cloud Computing Environment

    Science.gov (United States)

    Owens, Rodney

    2013-01-01

    Organizations increasingly utilize cloud computing architectures to reduce costs and energy consumption both in the data warehouse and on mobile devices by better utilizing the computing resources available. However, the security and privacy issues with publicly available cloud computing infrastructures have not been studied to a sufficient depth…

  13. Teaching Network Security in a Virtual Learning Environment

    Science.gov (United States)

    Bergstrom, Laura; Grahn, Kaj J.; Karlstrom, Krister; Pulkkis, Goran; Astrom, Peik

    2004-01-01

    This article presents a virtual course with the topic network security. The course has been produced by Arcada Polytechnic as a part of the production team Computer Networks, Telecommunication and Telecommunication Systems in the Finnish Virtual Polytechnic. The article begins with an introduction to the evolution of the information security…

  14. Economic Security Environment and Implementation of Planning, Programming, Budgeting, Execution (PPBE) System in Georgia

    Science.gov (United States)

    2004-06-01

    Roy J. What Determines Economic Growth? Economic Review – Second Quarter 1993 [References: Barro (1991); Mankiw , Romer, and Well (1992); De Long...NAVAL POSTGRADUATE SCHOOL MONTEREY, CALIFORNIA THESIS Approved for public release: distribution unlimited ECONOMIC SECURITY...DATES COVERED Master’s Thesis 4. TITLE AND SUBTITLE: Economic Security Environment and Implementation of Planning, Programming, Budgeting, Execution

  15. Service-Oriented Security Framework for Remote Medical Services in the Internet of Things Environment.

    Science.gov (United States)

    Lee, Jae Dong; Yoon, Tae Sik; Chung, Seung Hyun; Cha, Hyo Soung

    2015-10-01

    Remote medical services have been expanding globally, and this is expansion is steadily increasing. It has had many positive effects, including medical access convenience, timeliness of service, and cost reduction. The speed of research and development in remote medical technology has been gradually accelerating. Therefore, it is expected to expand to enable various high-tech information and communications technology (ICT)-based remote medical services. However, the current state lacks an appropriate security framework that can resolve security issues centered on the Internet of things (IoT) environment that will be utilized significantly in telemedicine. This study developed a medical service-oriented frame work for secure remote medical services, possessing flexibility regarding new service and security elements through its service-oriented structure. First, the common architecture of remote medical services is defined. Next medical-oriented secu rity threats and requirements within the IoT environment are identified. Finally, we propose a "service-oriented security frame work for remote medical services" based on previous work and requirements for secure remote medical services in the IoT. The proposed framework is a secure framework based on service-oriented cases in the medical environment. A com parative analysis focusing on the security elements (confidentiality, integrity, availability, privacy) was conducted, and the analysis results demonstrate the security of the proposed framework for remote medical services with IoT. The proposed framework is service-oriented structure. It can support dynamic security elements in accordance with demands related to new remote medical services which will be diversely generated in the IoT environment. We anticipate that it will enable secure services to be provided that can guarantee confidentiality, integrity, and availability for all, including patients, non-patients, and medical staff.

  16. Service-Oriented Security Framework for Remote Medical Services in the Internet of Things Environment

    Science.gov (United States)

    Lee, Jae Dong; Yoon, Tae Sik; Chung, Seung Hyun

    2015-01-01

    Objectives Remote medical services have been expanding globally, and this is expansion is steadily increasing. It has had many positive effects, including medical access convenience, timeliness of service, and cost reduction. The speed of research and development in remote medical technology has been gradually accelerating. Therefore, it is expected to expand to enable various high-tech information and communications technology (ICT)-based remote medical services. However, the current state lacks an appropriate security framework that can resolve security issues centered on the Internet of things (IoT) environment that will be utilized significantly in telemedicine. Methods This study developed a medical service-oriented frame work for secure remote medical services, possessing flexibility regarding new service and security elements through its service-oriented structure. First, the common architecture of remote medical services is defined. Next medical-oriented secu rity threats and requirements within the IoT environment are identified. Finally, we propose a "service-oriented security frame work for remote medical services" based on previous work and requirements for secure remote medical services in the IoT. Results The proposed framework is a secure framework based on service-oriented cases in the medical environment. A com parative analysis focusing on the security elements (confidentiality, integrity, availability, privacy) was conducted, and the analysis results demonstrate the security of the proposed framework for remote medical services with IoT. Conclusions The proposed framework is service-oriented structure. It can support dynamic security elements in accordance with demands related to new remote medical services which will be diversely generated in the IoT environment. We anticipate that it will enable secure services to be provided that can guarantee confidentiality, integrity, and availability for all, including patients, non-patients, and medical

  17. A Secure Protocol Based on a Sedentary Agent for Mobile Agent Environments

    OpenAIRE

    Abdelmorhit E. Rhazi; Samuel Pierre; Hanifa Boucheneb

    2007-01-01

    The main challenge when deploying mobile agent environments pertains to security issues concerning mobile agents and their executive platform. This paper proposes a secure protocol which protects mobile agents against attacks from malicious hosts in these environments. Protection is based on the perfect cooperation of a sedentary agent running inside a trusted third host. Results show that the protocol detects several attacks, such as denial of service, incorrect execution and re-execution of...

  18. ESPOON$_{{ERBAC}}$: Enforcing Security Policies In Outsourced Environments

    OpenAIRE

    Asghar, Muhammad Rizwan; Ion, Mihaela; Russello, Giovanni; Crispo, Bruno

    2013-01-01

    Data outsourcing is a growing business model offering services to individuals and enterprises for processing and storing a huge amount of data. It is not only economical but also promises higher availability, scalability, and more effective quality of service than in-house solutions. Despite all its benefits, data outsourcing raises serious security concerns for preserving data confidentiality. There are solutions for preserving confidentiality of data while supporting search on the data stor...

  19. The New Pacific Security Environment: Challenges and Opportunities

    Science.gov (United States)

    1993-01-01

    ECONOMIC COOPERATION 45 Malaysian Prime Minister Mahathir in December 1990. The pro- posed grouping was to be restricted to Asian countries, thus ex...caused the a in the Diet and then was torpedoed by the US Department of State, which did not want a settle- ment and warned that Okinawa may remain...not convene a special session of the National Security Council, but finally, in October 1990, did submit a bill to the Diet calling for the creation

  20. Security issues of cloud computing environment in possible military applications

    OpenAIRE

    Samčović, Andreja B.

    2013-01-01

    The evolution of cloud computing over the past few years is potentially one of major advances in the history of computing and telecommunications. Although there are many benefits of adopting cloud computing, there are also some significant barriers to adoption, security issues being the most important of them. This paper introduces the concept of cloud computing; looks at relevant technologies in cloud computing; takes into account cloud deployment models and some military applications. Addit...

  1. Securing MDSplus in a Multi-organization Environment

    Energy Technology Data Exchange (ETDEWEB)

    Castro, R.; Vega, J.; Pereira, A.; Portas, A. [Asociation Euratom/CIEMAT para Fusion, Madrid (Spain); Fredian, T. [MIT Plasma Science and Fusion Center, Littleton, NH (United States); Purahoo, K. [EURATOM/UKAEA Fusion Association, Abingdon (United Kingdom)

    2009-07-01

    MDSplus has become a real standard de facto data access method in the fusion community. Based on this, it was a priority for EFDA-Federation to integrate this technology as a new service for federated users, providing secure access mechanisms to MDSplus compatible applications. To achieve this, it has been necessary to upgrade MDSplus and make it compatible with PAPI technology, which is currently used as security infrastructure in the EFDA-Federation. Additionally, the included modifications are useful for future integrations in other federation technologies such as Shibboleth. The integration of MDSplus into a federated structure has several benefits. From the service management point of view, there is a simplification of the installation of new MDSplus services in fusion community and its corresponding security management. From the user point of view, the integration of MDSplus into a federated structure has several advantages. The first one is user mobility, which is the possibility of accessing data independently of his client IP address. The second one is a multi-organisation infrastructure, so the user can access data from different organisations that implement MDSplus interface. Finally, single sign on PAPI feature enables users to access to different MDSplus data sources, and other federated services, with just one authentication. This document is composed of a poster and its abstract. (authors)

  2. Securing MDSplus in a multi-organisation environment

    Energy Technology Data Exchange (ETDEWEB)

    Castro, R., E-mail: rodrigo.castro@ciemat.e [Asociacion EURATOM/CIEMAT para Fusion, Avda. Complutense, 22, 28040 Madrid (Spain); Vega, J. [Asociacion EURATOM/CIEMAT para Fusion, Avda. Complutense, 22, 28040 Madrid (Spain); Fredian, T. [MIT Plasma Science and Fusion Center, Massachusetts Institute of Technology, NW17-268, 175 Albany Street, Cambridge, MA 02494 (United States); Purahoo, K. [EURATOM/UKAEA Fusion Association, Culham Science Centre, Abingdon OX14 3DB (United Kingdom); Pereira, A.; Portas, A. [Asociacion EURATOM/CIEMAT para Fusion, Avda. Complutense, 22, 28040 Madrid (Spain)

    2010-07-15

    MDSplus has become the de facto standard data access method in the fusion community. Based on this, it was a priority for EFDA Federation to integrate this technology as a new service for federated users, providing secure access mechanisms to MDSplus compatible applications. To achieve this, it has been necessary to upgrade MDSplus and make it compatible with PAPI technology, which is currently used as security infrastructure in the EFDA Federation. Additionally, the included modifications are useful for future integrations in other federation technologies such as Shibboleth . The integration of MDSplus into a federated structure has several benefits. From the service management point of view, there is a simplification of the installation of new MDSplus services in fusion community and its corresponding security management. From the user point of view, the integration of MDSplus into a federated structure has several advantages. The first one is user mobility, which is the possibility of accessing data independently of his client IP address. The second one is a multi-organisation infrastructure, so the user can access data from different organisations that implement MDSplus interface. Finally, single sign on PAPI feature enables users to access to different MDSplus data sources, and other federated services, with just one authentication.

  3. Research review of nongovernmental organizations' security policies for humanitarian programs in war, conflict, and postconflict environments.

    Science.gov (United States)

    Rowley, Elizabeth; Burns, Lauren; Burnham, Gilbert

    2013-06-01

    To identify the most and least commonly cited security management messages that nongovernmental organizations (NGOs) are communicating to their field staff, to determine the types of documentation that NGOs most often use to communicate key security messages, and to distinguish the points of commonality and divergence across organizations in the content of key security messages. The authors undertook a systematic review of available security policies, manuals, and training materials from 20 international humanitarian NGOs using the InterAction Minimum Operating Security Standards as the basis for a review framework. The most commonly cited standards include analytical security issues such as threat and risk assessment processes and guidance on acceptance, protection, and deterrence approaches. Among the least commonly cited standards were considering security threats to national staff during staffing decision processes, incorporating security awareness into job descriptions, and ensuring that national staff security issues are addressed in trainings. NGO staff receive security-related messages through multiple document types, but only 12 of the 20 organizations have a distinct security policy document. Points of convergence across organizations in the content of commonly cited standards were found in many areas, but differences in security risk and threat assessment guidance may undermine communication between aid workers about changes in local security environments. Although the humanitarian community has experienced significant progress in the development of practical staff security guidance during the past 10 years, gaps remain that can hinder efforts to garner needed resources, clarify security responsibilities, and ensure that the distinct needs of national staff are recognized and addressed.

  4. EVALUATION OF ECOLOGICAL ENVIRONMENT SECURITY IN CONTIGUOUS POVERTY ALLEVIATION AREA OF SICHUAN PROVINCE

    Directory of Open Access Journals (Sweden)

    W. Xian

    2018-04-01

    Full Text Available According to the overall requirements of ecological construction and environmental protection, rely on the national key ecological engineering, strengthen ecological environmental restoration and protection, improve forest cover, control soil erosion, construct important ecological security barrier in poor areas, inhibit poverty alleviation through ecological security in this area from environmental damage to the vicious cycle of poverty. Obviously, the dynamic monitoring of ecological security in contiguous destitute areas of Sichuan province has a policy sense of urgency and practical significance. This paper adopts RS technology and GIS technology to select the Luhe region of Jinchuan county and Ganzi prefecture as the research area, combined with the characteristics of ecological environment in poor areas, the impact factors of ecological environment are determined as land use type, terrain slope, vegetation cover, surface water, soil moisture and other factors. Using the ecological environmental safety assessment model, the ecological environment safety index is calculated. According to the index, the ecological environment safety of the research area is divided into four levels. The ecological environment safety classification map of 1990 in 2009 is obtained. It can be seen that with the human modern life and improve their economic level, the surrounding environment will be destroyed, because the research area ecological environment is now in good, the ecological environment generally tends to be stable. We should keep its ecological security good and improve local economic income. The relationship between ecological environmental security and economic coordinated development in poor areas has very important strategic significance.

  5. Evaluation of Ecological Environment Security in Contiguous Poverty Alleviation Area of Sichuan Province

    Science.gov (United States)

    Xian, W.; Chen, Y.; Chen, J.; Luo, X.; Shao, H.

    2018-04-01

    According to the overall requirements of ecological construction and environmental protection, rely on the national key ecological engineering, strengthen ecological environmental restoration and protection, improve forest cover, control soil erosion, construct important ecological security barrier in poor areas, inhibit poverty alleviation through ecological security in this area from environmental damage to the vicious cycle of poverty. Obviously, the dynamic monitoring of ecological security in contiguous destitute areas of Sichuan province has a policy sense of urgency and practical significance. This paper adopts RS technology and GIS technology to select the Luhe region of Jinchuan county and Ganzi prefecture as the research area, combined with the characteristics of ecological environment in poor areas, the impact factors of ecological environment are determined as land use type, terrain slope, vegetation cover, surface water, soil moisture and other factors. Using the ecological environmental safety assessment model, the ecological environment safety index is calculated. According to the index, the ecological environment safety of the research area is divided into four levels. The ecological environment safety classification map of 1990 in 2009 is obtained. It can be seen that with the human modern life and improve their economic level, the surrounding environment will be destroyed, because the research area ecological environment is now in good, the ecological environment generally tends to be stable. We should keep its ecological security good and improve local economic income. The relationship between ecological environmental security and economic coordinated development in poor areas has very important strategic significance.

  6. Information security management: a proposal to improve the effectiveness of information security in the scientific research environment

    International Nuclear Information System (INIS)

    Alexandria, Joao Carlos Soares de

    2009-01-01

    The increase of the connectivity in the business environment, combined with the growing dependency of information systems, has become the information security management an important governance tool. Information security has as main goal to protect the business transactions in order to work normally. In this way, It will be safeguarding the business continuity. The threats of information come from hackers' attacks, electronic frauds and spying, as well as fire, electrical energy interruption and humans fault. Information security is made by implementation of a set of controls, including of the others politics, processes, procedures, organizational structures, software and hardware, which require a continuous management and a well established structure to be able to face such challenges. This work tried to search the reasons why the organizations have difficulties to make a practice of information security management. Many of them just limit to adopt points measures, sometimes they are not consistent with their realities. The market counts on enough quantity of standards and regulations related to information security issues, for example, ISO/IEC 27002, American Sarbanes-Oxley act, Basel capital accord, regulations from regulatory agency (such as the Brazilians ones ANATEL, ANVISA and CVM). The market researches have showed that the information security implementation is concentrated on a well-defined group of organization mainly formed by large companies and from specifics sectors of economy, for example, financial and telecommunication. However, information security must be done by all organizations that use information systems to carry out their activities, independently of its size or economic area that it belongs. The situation of information security in the governmental sector of Brazil, and inside its research institutions, is considered worrying by the Brazilian Court of Accounts (TCU). This research work presents an assessment and diagnostic proposal of

  7. A secure RFID mutual authentication protocol for healthcare environments using elliptic curve cryptography.

    Science.gov (United States)

    Jin, Chunhua; Xu, Chunxiang; Zhang, Xiaojun; Zhao, Jining

    2015-03-01

    Radio Frequency Identification(RFID) is an automatic identification technology, which can be widely used in healthcare environments to locate and track staff, equipment and patients. However, potential security and privacy problems in RFID system remain a challenge. In this paper, we design a mutual authentication protocol for RFID based on elliptic curve cryptography(ECC). We use pre-computing method within tag's communication, so that our protocol can get better efficiency. In terms of security, our protocol can achieve confidentiality, unforgeability, mutual authentication, tag's anonymity, availability and forward security. Our protocol also can overcome the weakness in the existing protocols. Therefore, our protocol is suitable for healthcare environments.

  8. Energy policy seesaw between security and protecting the environment

    International Nuclear Information System (INIS)

    Finon, D.

    1994-01-01

    It is just the price of oil that causes the energy policies of importing countries to vacillate. Changing perceptions of energy supply factors has had as much to do with transfiguring government action modes since 1973 as has the idea of the legitimacy of that action. The present paper thus draws a parallel between the goal of energy security twenty years ago and that of global environmental protection today, which explains the critical reversion to a view of minimum government action in the energy field - a view that marked the eighties. (author). 20 refs

  9. Survey of Collaboration Technologies in Multi-level Security Environments

    Science.gov (United States)

    2014-04-28

    urban area. It evaluates how municipal fire service, law enforcement, emergency management, and public health organizations have used federal government...heterogeneous operational environments. Mercado , A. (2008) Exploring Data Sharing Between Geographically Distributed Mobile and Fixed Nodes Supporting

  10. A Cluster-Based Framework for the Security of Medical Sensor Environments

    Science.gov (United States)

    Klaoudatou, Eleni; Konstantinou, Elisavet; Kambourakis, Georgios; Gritzalis, Stefanos

    The adoption of Wireless Sensor Networks (WSNs) in the healthcare sector poses many security issues, mainly because medical information is considered particularly sensitive. The security mechanisms employed are expected to be more efficient in terms of energy consumption and scalability in order to cope with the constrained capabilities of WSNs and patients’ mobility. Towards this goal, cluster-based medical WSNs can substantially improve efficiency and scalability. In this context, we have proposed a general framework for cluster-based medical environments on top of which security mechanisms can rely. This framework fully covers the varying needs of both in-hospital environments and environments formed ad hoc for medical emergencies. In this paper, we further elaborate on the security of our proposed solution. We specifically focus on key establishment mechanisms and investigate the group key agreement protocols that can best fit in our framework.

  11. A secure online image trading system for untrusted cloud environments.

    Science.gov (United States)

    Munadi, Khairul; Arnia, Fitri; Syaryadhi, Mohd; Fujiyoshi, Masaaki; Kiya, Hitoshi

    2015-01-01

    In conventional image trading systems, images are usually stored unprotected on a server, rendering them vulnerable to untrusted server providers and malicious intruders. This paper proposes a conceptual image trading framework that enables secure storage and retrieval over Internet services. The process involves three parties: an image publisher, a server provider, and an image buyer. The aim is to facilitate secure storage and retrieval of original images for commercial transactions, while preventing untrusted server providers and unauthorized users from gaining access to true contents. The framework exploits the Discrete Cosine Transform (DCT) coefficients and the moment invariants of images. Original images are visually protected in the DCT domain, and stored on a repository server. Small representation of the original images, called thumbnails, are generated and made publicly accessible for browsing. When a buyer is interested in a thumbnail, he/she sends a query to retrieve the visually protected image. The thumbnails and protected images are matched using the DC component of the DCT coefficients and the moment invariant feature. After the matching process, the server returns the corresponding protected image to the buyer. However, the image remains visually protected unless a key is granted. Our target application is the online market, where publishers sell their stock images over the Internet using public cloud servers.

  12. Secure Virtualization Environment Based on Advanced Memory Introspection

    Directory of Open Access Journals (Sweden)

    Shuhui Zhang

    2018-01-01

    Full Text Available Most existing virtual machine introspection (VMI technologies analyze the status of a target virtual machine under the assumption that the operating system (OS version and kernel structure information are known at the hypervisor level. In this paper, we propose a model of virtual machine (VM security monitoring based on memory introspection. Using a hardware-based approach to acquire the physical memory of the host machine in real time, the security of the host machine and VM can be diagnosed. Furthermore, a novel approach for VM memory forensics based on the virtual machine control structure (VMCS is put forward. By analyzing the memory of the host machine, the running VMs can be detected and their high-level semantic information can be reconstructed. Then, malicious activity in the VMs can be identified in a timely manner. Moreover, by mutually analyzing the memory content of the host machine and VMs, VM escape may be detected. Compared with previous memory introspection technologies, our solution can automatically reconstruct the comprehensive running state of a target VM without any prior knowledge and is strongly resistant to attacks with high reliability. We developed a prototype system called the VEDefender. Experimental results indicate that our system can handle the VMs of mainstream Linux and Windows OS versions with high efficiency and does not influence the performance of the host machine and VMs.

  13. Aspects regarding the security environment in South Caucasus

    Directory of Open Access Journals (Sweden)

    Lavinia Lupu

    2012-08-01

    Full Text Available Transitions from Soviet authoritarianism and planned economies to democracy and market economies have not been successfully completed in any of the three states from South Caucasus. This region continues to be characterized by high instability and insecurity due the absence of solutions to the protracted or „frozen” conflicts between Armenia and Azerbaijan – over the territory of Nagorno-Karabakh – and between Georgia and Russia – over the breakaway regions of South Ossetia and Abkhazia. Finding common ground upon which all parties can agree has proven to be an impossible task. Protracted or „frozen” conflicts present a challenge for the stability and security of South Caucasus.

  14. Secure Cooperative Data Access in Multi-Cloud Environment

    Science.gov (United States)

    Le, Meixing

    2013-01-01

    In this dissertation, we discuss the problem of enabling cooperative query execution in a multi-cloud environment where the data is owned and managed by multiple enterprises. Each enterprise maintains its own relational database using a private cloud. In order to implement desired business services, parties need to share selected portion of their…

  15. The Reality Of The Homeland Security Enterprise Information Sharing Environment

    Science.gov (United States)

    2017-12-01

    Related Information to Protect the Homeland (GAO 15- 290) (Washington, DC: U.S. Government Accountability Office, 2015), http://www.gao.gov/ assets...Government Accountability Office [GAO], Information Sharing Environment Better Road Map Needed to Guide Implementation and Investments (GAO-11-455...and its ISE PM would have clearer accountability for information sharing lapses and a faster ability to reform or develop domestic information -sharing

  16. Secure Hardware Performance Analysis in Virtualized Cloud Environment

    Directory of Open Access Journals (Sweden)

    Chee-Heng Tan

    2013-01-01

    Full Text Available The main obstacle in mass adoption of cloud computing for database operations is the data security issue. In this paper, it is shown that IT services particularly in hardware performance evaluation in virtual machine can be accomplished effectively without IT personnel gaining access to real data for diagnostic and remediation purposes. The proposed mechanisms utilized TPC-H benchmark to achieve 2 objectives. First, the underlying hardware performance and consistency is supervised via a control system, which is constructed using a combination of TPC-H queries, linear regression, and machine learning techniques. Second, linear programming techniques are employed to provide input to the algorithms that construct stress-testing scenarios in the virtual machine, using the combination of TPC-H queries. These stress-testing scenarios serve 2 purposes. They provide the boundary resource threshold verification to the first control system, so that periodic training of the synthetic data sets for performance evaluation is not constrained by hardware inadequacy, particularly when the resources in the virtual machine are scaled up or down which results in the change of the utilization threshold. Secondly, they provide a platform for response time verification on critical transactions, so that the expected Quality of Service (QoS from these transactions is assured.

  17. IoT Privacy and Security Challenges for Smart Home Environments

    OpenAIRE

    Huichen Lin; Neil W. Bergmann

    2016-01-01

    Often the Internet of Things (IoT) is considered as a single problem domain, with proposed solutions intended to be applied across a wide range of applications. However, the privacy and security needs of critical engineering infrastructure or sensitive commercial operations are very different to the needs of a domestic Smart Home environment. Additionally, the financial and human resources available to implement security and privacy vary greatly between application domains. In domestic enviro...

  18. The Transformation of Security Environment at the beginning of XXIst Century

    Directory of Open Access Journals (Sweden)

    Florin Iftode

    2009-06-01

    Full Text Available The current security environment is characterized by a high degree of instability andunpredictability, by the manifestation of new risks and threats, by redefining relations between thegreat powers and increased freedom of action of regional factors. The evolution of global security inthe last decade, has confirmed that the success of actions and the stability can only be the result of amultidimensional cooperation of the international community, through emphasizing the dialogue in aninstitutional framework and activating the decisive role that the great international organizations playin defining the state of security of the world.

  19. Secure Software Configuration Management Processes for nuclear safety software development environment

    International Nuclear Information System (INIS)

    Chou, I.-Hsin

    2011-01-01

    Highlights: → The proposed method emphasizes platform-independent security processes. → A hybrid process based on the nuclear SCM and security regulations is proposed. → Detailed descriptions and Process Flow Diagram are useful for software developers. - Abstract: The main difference between nuclear and generic software is that the risk factor is infinitely greater in nuclear software - if there is a malfunction in the safety system, it can result in significant economic loss, physical damage or threat to human life. However, secure software development environment have often been ignored in the nuclear industry. In response to the terrorist attacks on September 11, 2001, the US Nuclear Regulatory Commission (USNRC) revised the Regulatory Guide (RG 1.152-2006) 'Criteria for use of computers in safety systems of nuclear power plants' to provide specific security guidance throughout the software development life cycle. Software Configuration Management (SCM) is an essential discipline in the software development environment. SCM involves identifying configuration items, controlling changes to those items, and maintaining integrity and traceability of them. For securing the nuclear safety software, this paper proposes a Secure SCM Processes (S 2 CMP) which infuses regulatory security requirements into proposed SCM processes. Furthermore, a Process Flow Diagram (PFD) is adopted to describe S 2 CMP, which is intended to enhance the communication between regulators and developers.

  20. Operating Security System Support for Run-Time Security with a Trusted Execution Environment

    DEFF Research Database (Denmark)

    Gonzalez, Javier

    Software services have become an integral part of our daily life. Cyber-attacks have thus become a problem of increasing importance not only for the IT industry, but for society at large. A way to contain cyber-attacks is to guarantee the integrity of IT systems at run-time. Put differently......, it is safe to assume that any complex software is compromised. The problem is then to monitor and contain it when it executes in order to protect sensitive data and other sensitive assets. To really have an impact, any solution to this problem should be integrated in commodity operating systems...... sensitive assets at run-time that we denote split-enforcement, and provide an implementation for ARM-powered devices using ARM TrustZone security extensions. We design, build, and evaluate a prototype Trusted Cell that provides trusted services. We also present the first generic TrustZone driver...

  1. An Adaptive Multilevel Security Framework for the Data Stored in Cloud Environment

    Directory of Open Access Journals (Sweden)

    Sudha Devi Dorairaj

    2015-01-01

    Full Text Available Cloud computing is renowned for delivering information technology services based on internet. Nowadays, organizations are interested in moving their massive data and computations into cloud to reap their significant benefits of on demand service, resource pooling, and rapid elasticity that helps to satisfy the dynamically changing infrastructure demand without the burden of owning, managing, and maintaining it. Since the data needs to be secured throughout its life cycle, security of the data in cloud is a major challenge to be concentrated on because the data is in third party’s premises. Any uniform simple or high level security method for all the data either compromises the sensitive data or proves to be too costly with increased overhead. Any common multiple method for all data becomes vulnerable when the common security pattern is identified at the event of successful attack on any information and also encourages more attacks on all other data. This paper suggests an adaptive multilevel security framework based on cryptography techniques that provide adequate security for the classified data stored in cloud. The proposed security system acclimates well for cloud environment and is also customizable and more reliant to meet the required level of security of data with different sensitivity that changes with business needs and commercial conditions.

  2. An Adaptive Multilevel Security Framework for the Data Stored in Cloud Environment

    Science.gov (United States)

    Dorairaj, Sudha Devi; Kaliannan, Thilagavathy

    2015-01-01

    Cloud computing is renowned for delivering information technology services based on internet. Nowadays, organizations are interested in moving their massive data and computations into cloud to reap their significant benefits of on demand service, resource pooling, and rapid elasticity that helps to satisfy the dynamically changing infrastructure demand without the burden of owning, managing, and maintaining it. Since the data needs to be secured throughout its life cycle, security of the data in cloud is a major challenge to be concentrated on because the data is in third party's premises. Any uniform simple or high level security method for all the data either compromises the sensitive data or proves to be too costly with increased overhead. Any common multiple method for all data becomes vulnerable when the common security pattern is identified at the event of successful attack on any information and also encourages more attacks on all other data. This paper suggests an adaptive multilevel security framework based on cryptography techniques that provide adequate security for the classified data stored in cloud. The proposed security system acclimates well for cloud environment and is also customizable and more reliant to meet the required level of security of data with different sensitivity that changes with business needs and commercial conditions. PMID:26258165

  3. An Adaptive Multilevel Security Framework for the Data Stored in Cloud Environment.

    Science.gov (United States)

    Dorairaj, Sudha Devi; Kaliannan, Thilagavathy

    2015-01-01

    Cloud computing is renowned for delivering information technology services based on internet. Nowadays, organizations are interested in moving their massive data and computations into cloud to reap their significant benefits of on demand service, resource pooling, and rapid elasticity that helps to satisfy the dynamically changing infrastructure demand without the burden of owning, managing, and maintaining it. Since the data needs to be secured throughout its life cycle, security of the data in cloud is a major challenge to be concentrated on because the data is in third party's premises. Any uniform simple or high level security method for all the data either compromises the sensitive data or proves to be too costly with increased overhead. Any common multiple method for all data becomes vulnerable when the common security pattern is identified at the event of successful attack on any information and also encourages more attacks on all other data. This paper suggests an adaptive multilevel security framework based on cryptography techniques that provide adequate security for the classified data stored in cloud. The proposed security system acclimates well for cloud environment and is also customizable and more reliant to meet the required level of security of data with different sensitivity that changes with business needs and commercial conditions.

  4. Ensuring the Security of the Educational Environment: Cases of US, Russia and Europe

    Directory of Open Access Journals (Sweden)

    Vitaly V. Kabernik

    2015-01-01

    Full Text Available The article deals with security, including informational, educational environment. The article considers experience of the United States and Europe, including specific examples. Given a classification of the major threats and they are allocated on the basis of foreign and domestic experience. The article also determines the range of problems actually facing educational institutions and regularly described in special reports on the subject. Provides an overview of a set of measures designed to regulate access to inappropriate content, with special attention given to the phenomenon of social networks that put new challenges in ensuring security of the educational environment.

  5. Operating nuclear power stations in a regulated cyber security environment: a roadmap for success

    Energy Technology Data Exchange (ETDEWEB)

    Dorman, E., E-mail: Erik.Dorman@areva.com [AREVA Inc., Cyber Security Solutions, Charlotte, NC (United States)

    2015-07-01

    The United States Nuclear Regulatory Commission (NRC) issued 10CFR73.54 to implement a regulated Cyber Security Program at each operating nuclear reactor facility. Milestones were implemented December 31, 2012 to mitigate the attack vectors for the most critical digital assets acknowledged by the industry and the NRC. The NRC inspections have begun. The nuclear Cyber Security Plan, implemented by the site Cyber Security Program (Program), is an element of the operating license at each facility. The Program is designed to protect critical digital assets (CDAs) by applying and maintaining defense-in depth protective strategies to ensure the capability to detect, respond to, and recover from cyber-attacks. The Program references NEI 08-09 R. 6, the Nuclear Energy Institute Template that provides guidance for applying Cyber Security controls derived from NIST 800-53/82 and slightly modified to fit the nuclear environment. Many mature processes are in place at nuclear facilities in response to numerous regulations implemented over the past 30 years. Many of these processes such as the Physical Security Program offer protections that are leveraged to protect the functions of critical digital assets from unauthorized physical access. Other processes and technology such as engineering design control, work management and pre-job briefs, control of portable media and mobile devices, and deterministically segregated networks protect critical digital assets. By leveraging the regulated nuclear environment, integrating NIST type Cyber Security controls, and prudently deploying technology the Cyber Security posture of operating nuclear facilities supports on-demand base load electricity 24/7 with capacity factors exceeding 85%. This paper is designed to provide a glimpse into Cyber Security Programs that support safe operation and reliability in the regulated nuclear environment while supporting the on-demand base load electricity production 24/7. (author)

  6. Operating nuclear power stations in a regulated cyber security environment: a roadmap for success

    International Nuclear Information System (INIS)

    Dorman, E.

    2015-01-01

    The United States Nuclear Regulatory Commission (NRC) issued 10CFR73.54 to implement a regulated Cyber Security Program at each operating nuclear reactor facility. Milestones were implemented December 31, 2012 to mitigate the attack vectors for the most critical digital assets acknowledged by the industry and the NRC. The NRC inspections have begun. The nuclear Cyber Security Plan, implemented by the site Cyber Security Program (Program), is an element of the operating license at each facility. The Program is designed to protect critical digital assets (CDAs) by applying and maintaining defense-in depth protective strategies to ensure the capability to detect, respond to, and recover from cyber-attacks. The Program references NEI 08-09 R. 6, the Nuclear Energy Institute Template that provides guidance for applying Cyber Security controls derived from NIST 800-53/82 and slightly modified to fit the nuclear environment. Many mature processes are in place at nuclear facilities in response to numerous regulations implemented over the past 30 years. Many of these processes such as the Physical Security Program offer protections that are leveraged to protect the functions of critical digital assets from unauthorized physical access. Other processes and technology such as engineering design control, work management and pre-job briefs, control of portable media and mobile devices, and deterministically segregated networks protect critical digital assets. By leveraging the regulated nuclear environment, integrating NIST type Cyber Security controls, and prudently deploying technology the Cyber Security posture of operating nuclear facilities supports on-demand base load electricity 24/7 with capacity factors exceeding 85%. This paper is designed to provide a glimpse into Cyber Security Programs that support safe operation and reliability in the regulated nuclear environment while supporting the on-demand base load electricity production 24/7. (author)

  7. Designing a Secure Exam Management System (SEMS) for M-Learning Environments

    Science.gov (United States)

    Kaiiali, Mustafa; Ozkaya, Armagan; Altun, Halis; Haddad, Hatem; Alier, Marc

    2016-01-01

    M-learning has enhanced the e-learning by making the learning process learner-centered. However, enforcing exam security in open environments where each student has his/her own mobile/tablet device connected to a Wi-Fi network through which it is further connected to the Internet can be one of the most challenging tasks. In such environments,…

  8. Enhancing Security by System-Level Virtualization in Cloud Computing Environments

    Science.gov (United States)

    Sun, Dawei; Chang, Guiran; Tan, Chunguang; Wang, Xingwei

    Many trends are opening up the era of cloud computing, which will reshape the IT industry. Virtualization techniques have become an indispensable ingredient for almost all cloud computing system. By the virtual environments, cloud provider is able to run varieties of operating systems as needed by each cloud user. Virtualization can improve reliability, security, and availability of applications by using consolidation, isolation, and fault tolerance. In addition, it is possible to balance the workloads by using live migration techniques. In this paper, the definition of cloud computing is given; and then the service and deployment models are introduced. An analysis of security issues and challenges in implementation of cloud computing is identified. Moreover, a system-level virtualization case is established to enhance the security of cloud computing environments.

  9. Policies and measures for economic efficiency, energy security and environment protection in India

    International Nuclear Information System (INIS)

    Venkaiah, M.; Kaushik, S.C.; Dewangan, M.L.

    2007-01-01

    India needs to sustain 8-10% economic growth to meet energy needs of people below poverty line. India would, at least, need to grow its primary energy supply (3-4 times) of present consumption to deliver a sustained growth of 8% by 2031. This paper discusses India's policies and measures for economic efficiency, environment protection and energy security (3-E). (author)

  10. A Method for Evaluating Information Security Governance (ISG) Components in Banking Environment

    Science.gov (United States)

    Ula, M.; Ula, M.; Fuadi, W.

    2017-02-01

    As modern banking increasingly relies on the internet and computer technologies to operate their businesses and market interactions, the threats and security breaches have highly increased in recent years. Insider and outsider attacks have caused global businesses lost trillions of Dollars a year. Therefore, that is a need for a proper framework to govern the information security in the banking system. The aim of this research is to propose and design an enhanced method to evaluate information security governance (ISG) implementation in banking environment. This research examines and compares the elements from the commonly used information security governance frameworks, standards and best practices. Their strength and weakness are considered in its approaches. The initial framework for governing the information security in banking system was constructed from document review. The framework was categorized into three levels which are Governance level, Managerial level, and technical level. The study further conducts an online survey for banking security professionals to get their professional judgment about the ISG most critical components and the importance for each ISG component that should be implemented in banking environment. Data from the survey was used to construct a mathematical model for ISG evaluation, component importance data used as weighting coefficient for the related component in the mathematical model. The research further develops a method for evaluating ISG implementation in banking based on the mathematical model. The proposed method was tested through real bank case study in an Indonesian local bank. The study evidently proves that the proposed method has sufficient coverage of ISG in banking environment and effectively evaluates the ISG implementation in banking environment.

  11. Secure and Efficient User Authentication Scheme Based on Password and Smart Card for Multiserver Environment

    Directory of Open Access Journals (Sweden)

    Yan Zhao

    2018-01-01

    Full Text Available The rapid development of information and network technologies motivates the emergence of various new computing paradigms, such as distributed computing, cloud computing, and edge computing. This also enables more and more network enterprises to provide multiple different services simultaneously. To ensure these services can only be accessed conveniently by authorized users, many password and smart card based authentication schemes for multiserver architecture have been proposed. Recently, Truong et al. introduced an identity based user authentication scheme on elliptic curve cryptography in multiserver environment and claimed that their scheme is secure against popular attacks. However, in this paper, we point out that their scheme suffers from offline password guessing and impersonation attack and fails to achieve security requirements of this kind of authentication scheme. Moreover, we put forward a new scheme to conquer security pitfalls in the above scheme. Security analysis indicates that the proposed scheme can be free from well-known attacks. Performance discussion demonstrates that our scheme has advantages in terms of both security property and computation efficiency and thus is more desirable for practical applications in multiserver environment.

  12. IoT Privacy and Security Challenges for Smart Home Environments

    Directory of Open Access Journals (Sweden)

    Huichen Lin

    2016-07-01

    Full Text Available Often the Internet of Things (IoT is considered as a single problem domain, with proposed solutions intended to be applied across a wide range of applications. However, the privacy and security needs of critical engineering infrastructure or sensitive commercial operations are very different to the needs of a domestic Smart Home environment. Additionally, the financial and human resources available to implement security and privacy vary greatly between application domains. In domestic environments, human issues may be as important as technical issues. After surveying existing solutions for enhancing IoT security, the paper identifies key future requirements for trusted Smart Home systems. A gateway architecture is selected as the most appropriate for resource-constrained devices, and for high system availability. Two key technologies to assist system auto-management are identified. Firstly, support for system auto-configuration will enhance system security. Secondly, the automatic update of system software and firmware is needed to maintain ongoing secure system operation.

  13. An Efficient Secure Scheme Based on Hierarchical Topology in the Smart Home Environment

    Directory of Open Access Journals (Sweden)

    Mansik Kim

    2017-08-01

    Full Text Available As the Internet of Things (IoT has developed, the emerging sensor network (ESN that integrates emerging technologies, such as autonomous driving, cyber-physical systems, mobile nodes, and existing sensor networks has been in the limelight. Smart homes have been researched and developed by various companies and organizations. Emerging sensor networks have some issues of providing secure service according to a new environment, such as a smart home, and the problems of low power and low-computing capacity for the sensor that previous sensor networks were equipped with. This study classifies various sensors used in smart homes into three classes and contains the hierarchical topology for efficient communication. In addition, a scheme for establishing secure communication among sensors based on physical unclonable functions (PUFs that cannot be physically cloned is suggested in regard to the sensor’s low performance. In addition, we analyzed this scheme by conducting security and performance evaluations proving to constitute secure channels while consuming fewer resources. We believe that our scheme can provide secure communication by using fewer resources in a smart home environment in the future.

  14. Psychological factors of the readiness of teachers to ensure social security in the educational environment.

    Directory of Open Access Journals (Sweden)

    Shmeleva E.A.

    2015-03-01

    Full Text Available The negative sociocultural transformations that are taking place in modern society and the resulting psychological transformation of personality and mode of life strongly require searching for ways of providing social safety to the next generation, with teachers being the implementers of this process. Teachers’ professionalism is determined by their willingness to solve personal and socially relevant problems, including the willingness to provide social security for other people, to thwart social risks, and to build constructive interpersonal relationships. The aim of our research was to reveal and to analyze the psychological factors affecting the readiness of teachers to ensure social security in educational environments. The environmental factors of social risk have been theoretically characterized. It has been shown that the essential factor in ensuring students’ social security is providing a safe social environment in educational institutions; such an environment provides the learners and the teachers with sociopsychological security and psychosocial well-being. The empirical part of our study was devoted to identifying negative social phenomena in the schools in the Ivanovo region (with the help of a questionnaire administered to 700 students and to identifying the personally and professionally important qualities of the teachers and the subjective psychological factors of their readiness to ensure social security in the educational environment (through interviewing 300 teachers; the administration of the questionnaires and the interviewing were followed by an assessment of their significance (with the help of a questionnaire administered to 140 teachers. Using factor analysis we identified the relevant indicators and grouped them into six factors of the readiness of teachers to ensure a safe educational environment. Relevant personal and professional qualities of teachers were revealed; these are the subjective factors of the

  15. Global Military Operating Environments (GMOE) Phase I: Linking Natural Environments, International Security, and Military Operations

    Science.gov (United States)

    2013-01-30

    diverse range of natural environments and will require that U.S. forces adapt to a wide range of terrain, climate, and associated hazards within these...Synthetic Environment Core Area), baseline terrain information, and application of remote‐sensing technologies for Warfighter and Chameleon . The

  16. The Feasibility of Wearables in an Enterprise Environment and Their Impact on IT Security

    Science.gov (United States)

    Scotti, Vincent, Jr.

    2015-01-01

    This paper is intended to explore the usability and feasibility of wearables in an enterprise environment and their impact on IT Security. In this day and age, with the advent of the Internet of Things, we must explore all the new technology emerging from the minds of the new inventors. This means exploring the use of wearables in regards to their benefits, limitations, and the new challenges they pose to securing computer networks in the Federal environment. We will explore the design of the wearables, the interfaces needed to connect them, and what it will take to connect personal devices in the Federal enterprise network environment. We will provide an overview of the wearable design, concerns of ensuring the confidentiality, integrity, and availability of information and the challenges faced by those doing so. We will also review the implications and limitations of the policies governing wearable technology and the physical efforts to enforce them.

  17. Securing the virtual environment how to defend the enterprise against attack

    CERN Document Server

    Ottenheimer, Davi

    2012-01-01

    A step-by-step guide to identifying and defending against attacks on the virtual environment As more and more data is moved into virtual environments the need to secure them becomes increasingly important. Useful for service providers as well as enterprise and small business IT professionals the book offers a broad look across virtualization used in various industries as well as a narrow view of vulnerabilities unique to virtual environments. A companion DVD is included with recipes and testing scripts. Examines the difference in a virtual model versus traditional computing models an

  18. An approach for investigation of secure access processes at a combined e-learning environment

    Science.gov (United States)

    Romansky, Radi; Noninska, Irina

    2017-12-01

    The article discuses an approach to investigate processes for regulation the security and privacy control at a heterogenous e-learning environment realized as a combination of traditional and cloud means and tools. Authors' proposal for combined architecture of e-learning system is presented and main subsystems and procedures are discussed. A formalization of the processes for using different types resources (public, private internal and private external) is proposed. The apparatus of Markovian chains (MC) is used for modeling and analytical investigation of the secure access to the resources is used and some assessments are presented.

  19. One of the Approaches to Creation of Hybrid Cloud Secure Environment

    Directory of Open Access Journals (Sweden)

    Andrey Konstantinovich Kachko

    2014-02-01

    Full Text Available In response to the ever growing needs in the storage and processing of data the main position are occupied by informational-telecommunication systems, operating on the basis of cloud computing. In this case, the key point in the use of cloud computing is the problem of information security. This article is primarily intended to cover the main information safety issues that occur in cloud environments and ways of their solutions in the construction of an integrated information security management system on the cloud architecture.

  20. Analysis of Security Mechanisms Based on Clusters IoT Environments

    Directory of Open Access Journals (Sweden)

    Paulo Gaona-García

    2017-03-01

    Full Text Available Internet of things is based on sensors, communication networks and intelligence that manages the entire process and the generated data. Sensors are the senses of systems, because of this, they can be used in large quantities. Sensors must have low power consumption and cost, small size and great flexibility for its use in all circumstances. Therefore, the security of these network devices, data sensors and other devices, is a major concern as it grows rapidly in terms of nodes interconnected via sensor data. This paper presents an analysis from a systematic review point of view of articles on Internet of Things (IoT, security aspects specifically at privacy level and control access in this type of environment. Finally, it presents an analysis of security issues that must be addressed, from different clusters and identified areas within the fields of application of this technology.

  1. PRINCIPLE OF THE ELECTRONIC EDUCATIONAL ENVIRONMENT SECURITY IN THE PROFESSIONAL TRAINING OF UNIVERSITY STUDENTS

    Directory of Open Access Journals (Sweden)

    Valery G. Tylets

    2017-12-01

    Full Text Available The article considers the problem of professional training of students in e-learning environment in accordance with the principle of security. The authors offer the essay technology of multiple difficulty levels. In the article the description of each level of technology proves its conformity to the positions of principle of security. The main methods of measurement performance were made by expert assessment and subjective scaling. The analysis of results of approbation of essay technology of multiple difficulty levels in the experimental sample showed an increase of objective and subjective indicators. Positive methodological and personal effects of the introduction of technology into the process of university education were identified, corresponding to the positions of principle of security. Methodical recommendations of application of technology were formulated.

  2. Security Analysis of Measurement-Device-Independent Quantum Key Distribution in Collective-Rotation Noisy Environment

    Science.gov (United States)

    Li, Na; Zhang, Yu; Wen, Shuang; Li, Lei-lei; Li, Jian

    2018-01-01

    Noise is a problem that communication channels cannot avoid. It is, thus, beneficial to analyze the security of MDI-QKD in noisy environment. An analysis model for collective-rotation noise is introduced, and the information theory methods are used to analyze the security of the protocol. The maximum amount of information that Eve can eavesdrop is 50%, and the eavesdropping can always be detected if the noise level ɛ ≤ 0.68. Therefore, MDI-QKD protocol is secure as quantum key distribution protocol. The maximum probability that the relay outputs successful results is 16% when existing eavesdropping. Moreover, the probability that the relay outputs successful results when existing eavesdropping is higher than the situation without eavesdropping. The paper validates that MDI-QKD protocol has better robustness.

  3. IT-security challenges in IoT environments and autonomous systems

    Science.gov (United States)

    Heun, Ulrich

    2017-05-01

    Internet of Things will open the digital world for future services working across company borders. Together with autonomous systems intelligent things will communicate and work together without direct influence of human technicians or service managers. IT-security will become one of the most important challenges to ensure a stable service performance and to provide a trustful environment to let people use such service without any concerns regarding data privacy and eligibility of the outcomes.

  4. NATO Advanced Study Institute on Optical Waveguide Sensing and Imaging in Medicine, Environment, Security and Defence

    CERN Document Server

    Bock, Wojtek J; Tanev, Stoyan

    2008-01-01

    The book explores various aspects of existing and emerging fiber and waveguide optics sensing and imaging technologies including recent advances in nanobiophotonics. The focus is both on fundamental and applied research as well as on applications in civil engineering, biomedical sciences, environment, security and defence. The main goal of the multi-disciplinarry team of Editors was to provide an useful reference of state-of-the-art overviews covering a variety of complementary topics on the interface of engineering and biomedical sciences.

  5. A secure RFID authentication protocol for healthcare environments using elliptic curve cryptosystem.

    Science.gov (United States)

    Zhao, Zhenguo

    2014-05-01

    With the fast advancement of the wireless communication technology and the widespread use of medical systems, the radio frequency identification (RFID) technology has been widely used in healthcare environments. As the first important protocol for ensuring secure communication in healthcare environment, the RFID authentication protocols derive more and more attentions. Most of RFID authentication protocols are based on hash function or symmetric cryptography. To get more security properties, elliptic curve cryptosystem (ECC) has been used in the design of RFID authentication protocol. Recently, Liao and Hsiao proposed a new RFID authentication protocol using ECC and claimed their protocol could withstand various attacks. In this paper, we will show that their protocol suffers from the key compromise problem, i.e. an adversary could get the private key stored in the tag. To enhance the security, we propose a new RFID authentication protocol using ECC. Detailed analysis shows the proposed protocol not only could overcome weaknesses in Liao and Hsiao's protocol but also has the same performance. Therefore, it is more suitable for healthcare environments.

  6. Flexible, Secure, and Reliable Data Sharing Service Based on Collaboration in Multicloud Environment

    Directory of Open Access Journals (Sweden)

    Qiang Wei

    2018-01-01

    Full Text Available Due to the abundant storage resources and high reliability data service of cloud computing, more individuals and enterprises are motivated to outsource their data to public cloud platform and enable legal data users to search and download what they need in the outsourced dataset. However, in “Paid Data Sharing” model, some valuable data should be encrypted before outsourcing for protecting owner’s economic benefits, which is an obstacle for flexible application. Specifically, if the owner does not know who (user will download which data files in advance and even does not know the attributes of user, he/she has to either remain online all the time or import a trusted third party (TTP to distribute the file decryption key to data user. Obviously, making the owner always remain online is too inflexible, and wholly depending on the security of TTP is a potential risk. In this paper, we propose a flexible, secure, and reliable data sharing scheme based on collaboration in multicloud environment. For securely and instantly providing data sharing service even if the owner is offline and without TTP, we distribute all encrypted split data/key blocks together to multiple cloud service providers (CSPs, respectively. An elaborate cryptographic protocol we designed helps the owner verify the correctness of data exchange bills, which is directly related to the owner’s economic benefits. Besides, in order to support reliable data service, the erasure-correcting code technic is exploited for tolerating multiple failures among CSPs, and we offer a secure keyword search mechanism that makes the system more close to reality. Extensive security analyses and experiments on real-world data show that our scheme is secure and efficient.

  7. A Secure and Anonymous Two-Factor Authentication Protocol in Multiserver Environment

    Directory of Open Access Journals (Sweden)

    Chenyu Wang

    2018-01-01

    Full Text Available With the great development of network technology, the multiserver system gets widely used in providing various of services. And the two-factor authentication protocols in multiserver system attract more and more attention. Recently, there are two new schemes for multiserver environment which claimed to be secure against the known attacks. However, after a scrutinization of these two schemes, we found that (1 their description of the adversary’s abilities is inaccurate; (2 their schemes suffer from many attacks. Thus, firstly, we corrected their description on the adversary capacities to introduce a widely accepted adversary model and then summarized fourteen security requirements of multiserver based on the works of pioneer contributors. Secondly, we revealed that one of the two schemes fails to preserve forward secrecy and user anonymity and cannot resist stolen-verifier attack and off-line dictionary attack and so forth and also demonstrated that another scheme fails to preserve forward secrecy and user anonymity and is not secure to insider attack and off-line dictionary attack, and so forth. Finally, we designed an enhanced scheme to overcome these identified weaknesses, proved its security via BAN logic and heuristic analysis, and then compared it with other relevant schemes. The comparison results showed the superiority of our scheme.

  8. Security Flaws in an Efficient Pseudo-Random Number Generator for Low-Power Environments

    Science.gov (United States)

    Peris-Lopez, Pedro; Hernandez-Castro, Julio C.; Tapiador, Juan M. E.; Millán, Enrique San; van der Lubbe, Jan C. A.

    In 2004, Settharam and Rhee tackled the design of a lightweight Pseudo-Random Number Generator (PRNG) suitable for low-power environments (e.g. sensor networks, low-cost RFID tags). First, they explicitly fixed a set of requirements for this primitive. Then, they proposed a PRNG conforming to these requirements and using a free-running timer [9]. We analyze this primitive discovering important security faults. The proposed algorithm fails to pass even relatively non-stringent batteries of randomness such as ENT (i.e. a pseudorandom number sequence test program). We prove that their recommended PRNG has a very short period due to the flawed design of its core. The internal state can be easily revealed, compromising its backward and forward security. Additionally, the rekeying algorithm is defectively designed mainly related to the unpractical value proposed for this purpose.

  9. A collaborative virtual environment for training of security agents in nuclear emergencies

    International Nuclear Information System (INIS)

    Fernandes, Sara I.; Passos, Cláudio A.; Silva, Marcio H.; Carvalho, Paulo Victor R.; Legey, Ana Paula; Mol, Antonio Carlos; Machado, Daniel M.; Cotelli, André; Rocha, Tiago L.

    2017-01-01

    In face the recently observed security menaces related to terrorist actions and natural disasters, there is a need for a major qualification and training of the agents responsible for avoid any problems regarding to abnormal conditions. In the conventional training procedures, however, field simulations are associated to logistical and operational constraints regarded to the execution of the tests which can expose the user to risk. On the other hand, the use of virtual simulations provides an alternative to such limitations besides of promote the qualifying of professionals with a great reliability. For this reason, this paper proposes the development of a collaborative virtual environment that will be used to prepare the security agents on identifying individuals suspected of carrying radioactive materials. The development of the virtual environment consisted on modeling using Autodesk 3ds Max, where the scene itself and the scene objects were modeled besides the terrain creation and basic features programming using the Game Engine Unity 3D. In the Engine Game were included radiation detectors and avatars. The security agents were able to communicate to each other by means of auxiliary external tools like a headset software that makes possible the communication, coordination and cooperation required for an effective collaboration. Experimental tests of the virtual simulations were performed with the participation of CNEN radiological protection agents and collaborators. The tests have shown that the proposed method can contribute to improve the training results of the basic collaborative skills required for a CNEN agent in an emergency situation without the need to expose him to any kind of risk. In face of that, we hope that it can contribute to minimize the demand for qualified security professionals. (author)

  10. A collaborative virtual environment for training of security agents in nuclear emergencies

    Energy Technology Data Exchange (ETDEWEB)

    Fernandes, Sara I.; Passos, Cláudio A.; Silva, Marcio H.; Carvalho, Paulo Victor R.; Legey, Ana Paula; Mol, Antonio Carlos; Machado, Daniel M.; Cotelli, André; Rocha, Tiago L., E-mail: mol@ien.gov.br [Instituto de Engenharia Nuclear (IEN/CNEN-RJ), Rio de Janeiro, RJ (Brazil). Departamento de Realidade Virtual

    2017-07-01

    In face the recently observed security menaces related to terrorist actions and natural disasters, there is a need for a major qualification and training of the agents responsible for avoid any problems regarding to abnormal conditions. In the conventional training procedures, however, field simulations are associated to logistical and operational constraints regarded to the execution of the tests which can expose the user to risk. On the other hand, the use of virtual simulations provides an alternative to such limitations besides of promote the qualifying of professionals with a great reliability. For this reason, this paper proposes the development of a collaborative virtual environment that will be used to prepare the security agents on identifying individuals suspected of carrying radioactive materials. The development of the virtual environment consisted on modeling using Autodesk 3ds Max, where the scene itself and the scene objects were modeled besides the terrain creation and basic features programming using the Game Engine Unity 3D. In the Engine Game were included radiation detectors and avatars. The security agents were able to communicate to each other by means of auxiliary external tools like a headset software that makes possible the communication, coordination and cooperation required for an effective collaboration. Experimental tests of the virtual simulations were performed with the participation of CNEN radiological protection agents and collaborators. The tests have shown that the proposed method can contribute to improve the training results of the basic collaborative skills required for a CNEN agent in an emergency situation without the need to expose him to any kind of risk. In face of that, we hope that it can contribute to minimize the demand for qualified security professionals. (author)

  11. Security Assistance in Nigeria: Shaping the International Environment to Meet U.S. National Security Objectives in the Global Era

    National Research Council Canada - National Science Library

    Prendergast, Kenneth

    2003-01-01

    .... While American interests in Sub-Saharan Africa are significant and growing, there are also important transnational security threats, infectious diseases, organized international criminal activities...

  12. Secure Scientific Applications Scheduling Technique for Cloud Computing Environment Using Global League Championship Algorithm

    Science.gov (United States)

    Abdulhamid, Shafi’i Muhammad; Abd Latiff, Muhammad Shafie; Abdul-Salaam, Gaddafi; Hussain Madni, Syed Hamid

    2016-01-01

    Cloud computing system is a huge cluster of interconnected servers residing in a datacenter and dynamically provisioned to clients on-demand via a front-end interface. Scientific applications scheduling in the cloud computing environment is identified as NP-hard problem due to the dynamic nature of heterogeneous resources. Recently, a number of metaheuristics optimization schemes have been applied to address the challenges of applications scheduling in the cloud system, without much emphasis on the issue of secure global scheduling. In this paper, scientific applications scheduling techniques using the Global League Championship Algorithm (GBLCA) optimization technique is first presented for global task scheduling in the cloud environment. The experiment is carried out using CloudSim simulator. The experimental results show that, the proposed GBLCA technique produced remarkable performance improvement rate on the makespan that ranges between 14.44% to 46.41%. It also shows significant reduction in the time taken to securely schedule applications as parametrically measured in terms of the response time. In view of the experimental results, the proposed technique provides better-quality scheduling solution that is suitable for scientific applications task execution in the Cloud Computing environment than the MinMin, MaxMin, Genetic Algorithm (GA) and Ant Colony Optimization (ACO) scheduling techniques. PMID:27384239

  13. METHODOLOGICAL APPROACHES TO THE ANALYSIS OF ЕCONOMIC SECURITY MARKET ENVIRONMENT

    Directory of Open Access Journals (Sweden)

    V. P. Voronin

    2014-01-01

    Full Text Available Summary The market environment is not only important for the good functioning of enterprises and organizations, but also an indicator of the attractiveness for business. In this regard, on the first place of its economic analysis of the state and dynamics, not only the definition of capacity and market, but also its innovation, investment and institutional components, as well as economic security for businesses and organizations. Economic security for businesses and organizations associated with the identification of factors affecting the state of criminal and corrupt elements. Globalization of world economic relations led to the spread of corruption market environment from local to global markets. Increasingly close involvement of Russia into the world economy was accompanied by negative phenomena of this nature. This was facilitated by liberalization of public relations; sharp stratification of society in terms of income, inefficient system of income redistribution: the weakness and backwardness of civil institutions, all lower income level communication with the humanistic and patriotic values. As a result, generated problems and threats: market institutions there, ethical values and justice, sustainable normal course of business. Simultaneously, it contributes to the establishment and complication of the linkages between corruption and economic crime, the spread of illicit acquisition of personal wealth. Needless business community can and should take an active part in monitoring and economic analysis of the marketing environment of enterprises and organizations, making it more transparent and accessible information across a wide range of its customers.

  14. Secure Scientific Applications Scheduling Technique for Cloud Computing Environment Using Global League Championship Algorithm.

    Science.gov (United States)

    Abdulhamid, Shafi'i Muhammad; Abd Latiff, Muhammad Shafie; Abdul-Salaam, Gaddafi; Hussain Madni, Syed Hamid

    2016-01-01

    Cloud computing system is a huge cluster of interconnected servers residing in a datacenter and dynamically provisioned to clients on-demand via a front-end interface. Scientific applications scheduling in the cloud computing environment is identified as NP-hard problem due to the dynamic nature of heterogeneous resources. Recently, a number of metaheuristics optimization schemes have been applied to address the challenges of applications scheduling in the cloud system, without much emphasis on the issue of secure global scheduling. In this paper, scientific applications scheduling techniques using the Global League Championship Algorithm (GBLCA) optimization technique is first presented for global task scheduling in the cloud environment. The experiment is carried out using CloudSim simulator. The experimental results show that, the proposed GBLCA technique produced remarkable performance improvement rate on the makespan that ranges between 14.44% to 46.41%. It also shows significant reduction in the time taken to securely schedule applications as parametrically measured in terms of the response time. In view of the experimental results, the proposed technique provides better-quality scheduling solution that is suitable for scientific applications task execution in the Cloud Computing environment than the MinMin, MaxMin, Genetic Algorithm (GA) and Ant Colony Optimization (ACO) scheduling techniques.

  15. Enhanced Survey and Proposal to secure the data in Cloud Computing Environment

    OpenAIRE

    MR.S.SUBBIAH; DR.S.SELVA MUTHUKUMARAN; DR.T.RAMKUMAR

    2013-01-01

    Cloud computing have the power to eliminate the cost of setting high end computing infrastructure. It is a promising area or design to give very flexible architecture, accessible through the internet. In the cloud computing environment the data will be reside at any of the data centers. Due to that, some data center may leak the data stored on there, beyond the reach and control of the users. For this kind of misbehaving data centers, the service providers should take care of the security and...

  16. Secure encapsulation and publication of biological services in the cloud computing environment.

    Science.gov (United States)

    Zhang, Weizhe; Wang, Xuehui; Lu, Bo; Kim, Tai-hoon

    2013-01-01

    Secure encapsulation and publication for bioinformatics software products based on web service are presented, and the basic function of biological information is realized in the cloud computing environment. In the encapsulation phase, the workflow and function of bioinformatics software are conducted, the encapsulation interfaces are designed, and the runtime interaction between users and computers is simulated. In the publication phase, the execution and management mechanisms and principles of the GRAM components are analyzed. The functions such as remote user job submission and job status query are implemented by using the GRAM components. The services of bioinformatics software are published to remote users. Finally the basic prototype system of the biological cloud is achieved.

  17. Enhancing the Security of Customer Data in Cloud Environments Using a Novel Digital Fingerprinting Technique

    Directory of Open Access Journals (Sweden)

    Nithya Chidambaram

    2016-01-01

    Full Text Available With the rapid rise of the Internet and electronics in people’s life, the data related to it has also undergone a mammoth increase in magnitude. The data which is stored in the cloud can be sensitive and at times needs a proper file storage system with a tough security algorithm. Whereas cloud is an open shareable elastic environment, it needs impenetrable and airtight security. This paper deals with furnishing a secure storage system for the above-mentioned purpose in the cloud. To become eligible to store data a user has to register with the cloud database. This prevents unauthorized access. The files stored in the cloud are encrypted with RSA algorithm and digital fingerprint for the same has been generated through MD5 message digest before storage. The RSA provides unreadability of data to anyone without the private key. MD5 makes it impossible for any changes on data to go unnoticed. After the application of RSA and MD5 before storage, the data becomes resistant to access or modifications by any third party and to intruders of cloud storage system. This application is tested in Amazon Elastic Compute Cloud Web Services.

  18. Managing information security in a process industrial environment; Gestao de seguranca da informacao em processos industriais

    Energy Technology Data Exchange (ETDEWEB)

    Pereira, Raphael Gomes; Aguiar, Leandro Pfleger de [Siemens Company (Brazil)

    2008-07-01

    With the recently globalization expansion (growth), the exploration of energetic resources is crossing over countries boundaries, resulting in worldwide companies exploring Oil and Gas fields available in any place of the world. To the government's bodies, this information about those fields should be treated as a national security interest subject by bringing an adequate management and protection to all the important and critical information and assets, and making possible, at the same time, the freedom and transparency in concurrence processes. This create a complex security context to be managed, where information disruption might, for instance, imply in broke of integrity in public auctions processes as a result of privileged information usage. Furthermore, with the terrorism problem, the process itself becomes an attractive target for different kinds of attacks, motivated by the opportunism to explore the known incapacity of the big industries in well manage their large and complex environments. With all transformations that are happening in productive processes, as the growing TCP/IP protocol usage, the Windows operating systems adoption in SCADA systems and the integration of industrial with business network, are factors that contribute to an eminent landscape of problems. This landscape demonstrates the need from the organizations and countries that are operating in energetic resources exploration, for renew their risk management areas, establishing a unique and integrated process to protect information security infrastructure. This work presents a study of the challenges to be faced by the organizations while rebuilding their internal processes to integrate the risk management and information security areas, as long as a set of essential steps to establish an affective corporative governance of risk management and compliance aspects. Moreover, the work presents the necessary points of the government involvement to improve all the regulatory aspects

  19. The role of food-security solutions in the protection of natural resources and environment of developing countries.

    Science.gov (United States)

    Lashgarara, Farhad; Mirdamadi, Seyyed Mehdi; Hosseini, Seyyed Jamal Farajollah; Chizari, Mohammad

    2008-10-01

    The majority of the countries of the world, especially developing countries, face environmental problems. Limitations of basic resources (water and soil) and population growth have been the cause of these environmental problems that countries are confronted with. Developing countries have numerous problems, including destruction of forests, vegetable and animal species, and pollution of the environment. Damage to natural resources and the environment can influence the food-security situation. One of the main millennium development goals (MDGs) is protection of the environment and people's health. This cannot obtained unless there is ensured food security. Food security has been defined as a situation when all people, at all times, have physical and economic access to sufficient, safe, and nutritious food needed to maintain a healthy and active life. At the same time, with ensured food security, we can hope to protect the natural resources and environment. The methodology used is descriptive-analytical, and its main purpose is determining the importance and role of food-security solutions in the reduction of environmental hazards and improvement of natural resources and the environmental situation in developing countries. Therefore, some of the most important food-security solutions that can play an important role in this relation were discussed, including conventional research-based technology, biotechnology, information and communication technologies (ICTs), alternative energy sources, and food irradiation.

  20. Securing classification and regulatory approval for deepwater projects: management challenges in a global environment

    Energy Technology Data Exchange (ETDEWEB)

    Feijo, Luiz P.; Burton, Gareth C. [American Bureau of Shipping (ABS), Rio de Janeiro, RJ (Brazil)

    2008-07-01

    As the offshore industry continues to develop and move into increasingly deeper waters, technological boundaries are being pushed to new limits. Along with these advances, the design, fabrication and installation of deepwater oil and gas projects has become an increasingly global endeavor. After providing an overview of the history and role of Classification Societies, this paper reviews the challenges of securing classification and regulatory approval in a global environment. Operational, procedural and technological changes which one Classification Society; the American Bureau of Shipping, known as ABS, has implemented to address these challenges are presented. The result of the changes has been a more customized service aiming at faster and more streamlined classification approval process. (author)

  1. NATO Advanced Study Institute on Laser Control & Monitoring in New Materials, Biomedicine, Environment, Security & Defense

    CERN Document Server

    Hall, Trevor J; Paredes, Sofia A; Extreme Photonics & Applications

    2010-01-01

    "Extreme Photonics & Applications" arises from the 2008 NATO Advanced Study Institute in Laser Control & Monitoring in New Materials, Biomedicine, Environment, Security and Defense. Leading experts in the manipulation of light offered by recent advances in laser physics and nanoscience were invited to give lectures in their fields of expertise and participate in discussions on current research, applications and new directions. The sum of their contributions to this book is a primer for the state of scientific knowledge and the issues within the subject of photonics taken to the extreme frontiers: molding light at the ultra-finest scales, which represents the beginning of the end to limitations in optical science for the benefit of 21st Century technological societies. Laser light is an exquisite tool for physical and chemical research. Physicists have recently developed pulsed lasers with such short durations that one laser shot takes the time of one molecular vibration or one electron rotation in an ...

  2. Secure Encapsulation and Publication of Biological Services in the Cloud Computing Environment

    Science.gov (United States)

    Zhang, Weizhe; Wang, Xuehui; Lu, Bo; Kim, Tai-hoon

    2013-01-01

    Secure encapsulation and publication for bioinformatics software products based on web service are presented, and the basic function of biological information is realized in the cloud computing environment. In the encapsulation phase, the workflow and function of bioinformatics software are conducted, the encapsulation interfaces are designed, and the runtime interaction between users and computers is simulated. In the publication phase, the execution and management mechanisms and principles of the GRAM components are analyzed. The functions such as remote user job submission and job status query are implemented by using the GRAM components. The services of bioinformatics software are published to remote users. Finally the basic prototype system of the biological cloud is achieved. PMID:24078906

  3. Secure Encapsulation and Publication of Biological Services in the Cloud Computing Environment

    Directory of Open Access Journals (Sweden)

    Weizhe Zhang

    2013-01-01

    Full Text Available Secure encapsulation and publication for bioinformatics software products based on web service are presented, and the basic function of biological information is realized in the cloud computing environment. In the encapsulation phase, the workflow and function of bioinformatics software are conducted, the encapsulation interfaces are designed, and the runtime interaction between users and computers is simulated. In the publication phase, the execution and management mechanisms and principles of the GRAM components are analyzed. The functions such as remote user job submission and job status query are implemented by using the GRAM components. The services of bioinformatics software are published to remote users. Finally the basic prototype system of the biological cloud is achieved.

  4. Final Report: 03-LW-005 Space-Time Secure Communications for Hostile Environments

    Energy Technology Data Exchange (ETDEWEB)

    Candy, J V; Poggio, A J; Chambers, D H; Guidry, B L; Robbins, C L; Hertzog, C A; Dowla, F; Burke, G; Kane, R

    2005-10-31

    The development of communications for highly reverberative environments is a major concern for both the private and military sectors whether the application is aimed at the securing a stock order or stalking hostile in a tunnel or cave. Other such environments can range from a hostile urban setting populated with a multitude of buildings and vehicles to the simple complexity of a large number of sound sources that are common in the stock exchange, or military operations in an environment with a topographic features hills, valleys, mountains or even a maze of buried water pipes attempting to transmit information about any chemical anomalies in the water system servicing a city or town. These inherent obstructions cause transmitted signals to reflect, refract and disperse in a multitude of directions distorting both their shape and arrival times at network receiver locations. Imagine troops attempting to communicate on missions in underground caves consisting of a maze of chambers causing multiple echoes with the platoon leader trying to issue timely commands to neutralize terrorists. This is the problem with transmitting information in a complex environment. Waves are susceptible to multiple paths and distortions created by a variety of possible obstructions, which may exist in the particular propagation medium. This is precisely the communications problem we solve using the physics of wave propagation to not only mitigate the noxious effects created by the hostile medium, but also to utilize it in a constructive manner enabling a huge benefit in communications. We employ time-reversal (T/R) communications to accomplish this task. This project is concerned with the development of secure communications techniques that can operate even in the most extreme conditions while maintaining a secure link between host and client stations. We developed an approach based on the concept of time-reversal (T/R) signal processing. In fact, the development of T/R communication

  5. Sowing the Seeds of Strategic Success Across West Africa: Propagating the State Partnership Program to Shape the Security Environment

    Science.gov (United States)

    2017-06-09

    region’s continued growth in economics , population, influence, and the correlating 17 increase in risks to stability from radicalization and...environment and stem the tide of regional instability . The National Guard’s State Partnership Program is a security cooperation tool that Geographic... instability . The National Guard’s State Partnership Program is a security cooperation tool that Geographic Combatant Commanders can leverage to enhance the

  6. Use Trust Management Framework to Achieve Effective Security Mechanisms in Cloud Environment

    Directory of Open Access Journals (Sweden)

    Hicham Toumi

    2017-03-01

    Full Text Available Cloud Computing is an Internet based Computing where virtual shared servers provide software, infrastructure, platform and other resources to the customer on pay-as-you-use basis. Cloud Computing is increasingly becoming popular as many enterprise applications and data are moving into cloud platforms. However, with the enormous use of Cloud, the probability of occurring intrusion also increases. There is a major need of bringing security, transparency and reliability in cloud model for client satisfaction. One of the security issues is how to reduce the impact of any type of intrusion in this environment. To address this issue, a security solution is proposed in this paper. We provide a collaborative framework between our Hybrid Intrusion Detection System (Hy-IDS based on Mobile Agents and virtual firewalls. Therefore, our hybrid intrusion detection system consists of three types of IDS namely IDS-C, IDS-Cr and IDS-M, which are dispatched over three layer of cloud computing. In the first layer, we use IDS-C over our framework to collect, analyze and detect malicious data using Mobile Agents. In case of attack, we collect at the level of the second layer all the malicious data detected in the first layer for the generation of new signatures using IDS-Cr, which is based on a Signature Generation Algorithm (SGA and network intrusion detection system (NIDS. Finally, through an IDS-M placed in the third layer, the new signatures will be used to update the database NIDS belonging to IDS-Cr, then the database to NIDS belonging of IDS-Cr the cluster neighboring and also their IDS-C. Hardware firewall is unable to control communication between virtual machines on the same hypervisor. Moreover, they are blind to virtual traffic. Mostly, they are deployed at Virtual Machine Monitor- level (VMM under Cloud provider’s control. Equally, the mobile agents play an important role in this collaboration. They are used in our framework for investigation of hosts

  7. Physics of societal issues calculations on national security, environment, and energy

    CERN Document Server

    Hafemeister, David

    2007-01-01

    Why this book on the Physics of Societal Issues? The subdivisions of physics - nuclear physics, particle physics, condensed-matter physics, biophysics - have their textbooks, while the subdivision of physics and society lacks an equation-oriented text on the physics of arms, energy and the environment. Physics of Societal Issues is intended for undergraduate and doctoral students who may work on applied topics, or who simply want to know why things are the way they are. Decisions guiding policies on nuclear arms, energy and the environment often seem mysterious and contradictory. What is the science behind the deployment of MIRVed ICBMs, the quest for space-based beam weapons, the fear of powerline EM fields, the wholesale acceptance of SUVs, the issues of climactic change, and the failure of the pre-embargo market to produce buildings and appliances that now save over 50 power plants? Physics of Societal Issues is three "mini-texts" in one: National Security (5 chapters): Weapons, offense, defense, verificat...

  8. An Analysis of Cloud Model-Based Security for Computing Secure Cloud Bursting and Aggregation in Real Environment

    OpenAIRE

    Pritesh Jain; Vaishali Chourey; Dheeraj Rane

    2011-01-01

    Cloud Computing has emerged as a major information and communications technology trend and has been proved as a key technology for market development and analysis for the users of several field. The practice of computing across two or more data centers separated by the Internet is growing in popularity due to an explosion in scalable computing demands. However, one of the major challenges that faces the cloud computing is how to secure and protect the data and processes the data of the user. ...

  9. The Dynamic VPN Controller. Secure Information Sharing in a Coalition Environment

    Science.gov (United States)

    2005-03-01

    coalitionName=" COALA "> <Security>Class A</Security> <Site siteName="SITE1"> <Remote> <Hostname>dvc.site1.com</Hostname> <IPAddress...34 COALA "> <Security>Class A</Security> <Site siteName="SITE1"> <Remote> <Hostname>dvc.site1.com</Hostname> <IPAddress>10.1.1.1

  10. Hardware security and trust design and deployment of integrated circuits in a threatened environment

    CERN Document Server

    Chaves, Ricardo; Natale, Giorgio; Regazzoni, Francesco

    2017-01-01

    This book provides a comprehensive introduction to hardware security, from specification to implementation. Applications discussed include embedded systems ranging from small RFID tags to satellites orbiting the earth. The authors describe a design and synthesis flow, which will transform a given circuit into a secure design incorporating counter-measures against fault attacks. In order to address the conflict between testability and security, the authors describe innovative design-for-testability (DFT) computer-aided design (CAD) tools that support security challenges, engineered for compliance with existing, commercial tools. Secure protocols are discussed, which protect access to necessary test infrastructures and enable the design of secure access controllers. Covers all aspects of hardware security including design, manufacturing, testing, reliability, validation and utilization; Describes new methods and algorithms for the identification/detection of hardware trojans; Defines new architectures capable o...

  11. Protecting America's economy, environment, health, and security against invasive species requires a strong federal program in systematic biology

    Science.gov (United States)

    Hilda Diaz-Soltero; Amy Y. Rossman

    2011-01-01

    Systematics is the science that identifies and groups organisms by understanding their origins, relationships, and distributions. It is fundamental to understanding life on earth, our crops, wildlife, and diseases, and it provides the scientific foundation to recognize and manage invasive species. Protecting America's economy, environment, health, and security...

  12. Remote sensing evaluation of fire hazard : Towards operational tools for improving the security of citizens and protecting the environment

    NARCIS (Netherlands)

    Maffei, C.; Gambardella, C.; Menenti, M.

    2015-01-01

    Forest fires are a threat for both the environment and the security of citizens. This is particularly relevant in the Mediterranean, where the population density is high, and long dry summers drive vegetation into fireprone conditions. Policy makers underline the key role of prevention over damage

  13. Nonproliferation, arms control and disarmament and extended deterrence in the new security environment

    Energy Technology Data Exchange (ETDEWEB)

    Pilat, Joseph F [Los Alamos National Laboratory

    2009-01-01

    With the end of the Cold War, in a dramatically changed security environment, the advances in nonnuclear strategic capabilities along with reduced numbers and roles for nuclear forces has altered the calculus of deterrence and defense, at least for the United States. For many, this opened up a realistic possibility of a nuclear-free world. It soon became clear that the initial post-Cold War hopes were exaggerated. The world did change fundamentally, but it did not become more secure and stable. In place of the old Soviet threat, there has been growing concern about proliferation and terrorism involving nuclear and other weapons of mass destruction (WMD), regional conflicts, global instability and increasingly serious new and emerging threats, including cyber attacks and attacks on satellites. For the United States at least, in this emerging environment, the political rationales for nuclear weapons, from deterrence to reassurance to alliance management, are changing and less central than during the Cold War to the security of the United States, its friends and allies. Nuclear weapons remain important for the US, but for a far more limited set of roles and missions. As the Perry-Schlesinger Commission report reveals, there is a domestic US consensus on nuclear policy and posture at the highest level and for the near term, including the continued role of nuclear arms in deterring WMD use and in reassuring allies. Although the value of nuclear weapons has declined for the United States, the value of these weapons for Russia, China and so-called 'rogue' states is seen to be rising. The nuclear logic of NATO during Cold War - the need for nuclear weapons to counter vastly superior conventional capabilities of the Soviet Union and the Warsaw Pact - is today heard from Russians and even some proliferants. Moreover, these weapons present a way for rogues to achieve regional hegemony and possibly to deter interventions by the United States or others. While the

  14. Nonproliferation, arms control and disarmament and extended deterrence in the new security environment

    International Nuclear Information System (INIS)

    Pilat, Joseph F.

    2009-01-01

    With the end of the Cold War, in a dramatically changed security environment, the advances in nonnuclear strategic capabilities along with reduced numbers and roles for nuclear forces has altered the calculus of deterrence and defense, at least for the United States. For many, this opened up a realistic possibility of a nuclear-free world. It soon became clear that the initial post-Cold War hopes were exaggerated. The world did change fundamentally, but it did not become more secure and stable. In place of the old Soviet threat, there has been growing concern about proliferation and terrorism involving nuclear and other weapons of mass destruction (WMD), regional conflicts, global instability and increasingly serious new and emerging threats, including cyber attacks and attacks on satellites. For the United States at least, in this emerging environment, the political rationales for nuclear weapons, from deterrence to reassurance to alliance management, are changing and less central than during the Cold War to the security of the United States, its friends and allies. Nuclear weapons remain important for the US, but for a far more limited set of roles and missions. As the Perry-Schlesinger Commission report reveals, there is a domestic US consensus on nuclear policy and posture at the highest level and for the near term, including the continued role of nuclear arms in deterring WMD use and in reassuring allies. Although the value of nuclear weapons has declined for the United States, the value of these weapons for Russia, China and so-called 'rogue' states is seen to be rising. The nuclear logic of NATO during Cold War - the need for nuclear weapons to counter vastly superior conventional capabilities of the Soviet Union and the Warsaw Pact - is today heard from Russians and even some proliferants. Moreover, these weapons present a way for rogues to achieve regional hegemony and possibly to deter interventions by the United States or others. While the vision of a

  15. A Secure and Robust User Authenticated Key Agreement Scheme for Hierarchical Multi-medical Server Environment in TMIS.

    Science.gov (United States)

    Das, Ashok Kumar; Odelu, Vanga; Goswami, Adrijit

    2015-09-01

    The telecare medicine information system (TMIS) helps the patients to gain the health monitoring facility at home and access medical services over the Internet of mobile networks. Recently, Amin and Biswas presented a smart card based user authentication and key agreement security protocol usable for TMIS system using the cryptographic one-way hash function and biohashing function, and claimed that their scheme is secure against all possible attacks. Though their scheme is efficient due to usage of one-way hash function, we show that their scheme has several security pitfalls and design flaws, such as (1) it fails to protect privileged-insider attack, (2) it fails to protect strong replay attack, (3) it fails to protect strong man-in-the-middle attack, (4) it has design flaw in user registration phase, (5) it has design flaw in login phase, (6) it has design flaw in password change phase, (7) it lacks of supporting biometric update phase, and (8) it has flaws in formal security analysis. In order to withstand these security pitfalls and design flaws, we aim to propose a secure and robust user authenticated key agreement scheme for the hierarchical multi-server environment suitable in TMIS using the cryptographic one-way hash function and fuzzy extractor. Through the rigorous security analysis including the formal security analysis using the widely-accepted Burrows-Abadi-Needham (BAN) logic, the formal security analysis under the random oracle model and the informal security analysis, we show that our scheme is secure against possible known attacks. Furthermore, we simulate our scheme using the most-widely accepted and used Automated Validation of Internet Security Protocols and Applications (AVISPA) tool. The simulation results show that our scheme is also secure. Our scheme is more efficient in computation and communication as compared to Amin-Biswas's scheme and other related schemes. In addition, our scheme supports extra functionality features as compared to

  16. Radiation effects on man health, environment, safety, security. Global Chernobyl mapping

    International Nuclear Information System (INIS)

    Bebeshko, V.; Bazyka, D.; Volovik, S.; Loganovsky, K.; Sushko, V.; Siedow, J.; Cohen, H.; Ginsburg, G.; Chao, N.; Chute, J.

    2007-01-01

    Complete text of publication follows. Objectives: Ionizing radiation is a primordial terrestrial and extraterrestrial background and archetypal environmental stress-factor for life origin, evolution, and existence. We all live in radiation world inevitably involving nuclear energy production, nuclear weapon, nuclear navy, radioactive waste, pertinent medical diagnostics and treatment, etc with connected certain probability of relevant accidents and terrorist attack, space and jet travels, high natural background radiation, etc - actual and potential sources of radiation exposures and effects. State-of- the art integral fundamental research on radiation effects on man health, environment, safety, and security (REMHESS) is nowadays paramount necessity and challenge. Methods and results: In given generalized conceptual framework unique 20 years Chernobyl multidimensional research and databases for radiation effects on man's all organism systems represent invaluable original basis and resources for mapping Chernobyl data and REMHESS challenge. Granted by DOE brand new Chernobyl Research and Service Project based on 'Sarcophagus-II' (Object 'Shelter') workers only one in radiation history baseline cohort, corresponding biorepository prospective dynamic data, integrated conceptual database system, and 'state of the art' 'omics' (genomics, proteomics, metabolomics) analysis is designed specifically for coherent addressing global REMHESS problems. In this connection 'Sarcophagus-II' is only one unique universal model. Conclusions: The fundamental goals of novel strategic Project and global Chernobyl mapping are to determine specific 'omics' signatures of radiation for man depending of exposure peculiarity to understand ultimate molecular mechanisms of radiation effects, gene environment interactions, etiology of organisms systems disorders and diseases, and to develop new biomarkers and countermeasures to protect man health in the framework of global REMHESS challenge

  17. Physics of societal issues calculations on national security, environment, and energy

    CERN Document Server

    Hafemeister, David

    2014-01-01

    This book provides the reader with essential tools needed to analyze complex societal issues and demonstrates the transition from physics to modern-day laws and treaties. This second edition features new equation-oriented material and extensive data sets drawing upon current information from experts in their fields. Problems to challenge the reader and extend discussion are presented on three timely issues:   •        National Security: Weapons, Offense, Defense, Verification, Nuclear Proliferation, Terrorism •        Environment: Air/Water, Nuclear, Climate Change, EM Fields/Epidemiology •        Energy: Current Energy Situation, Buildings, Solar Buildings, Renewable  Energy, Enhanced End-Use Efficiency, Transportation, Economics   Praise for the first edition: "This insight is needed in Congress and the Executive Branch. Hafemeister, a former Congressional fellow with wide Washington experience, has written a book for physicists, chemists and engineers who want to learn science...

  18. Key Based Mutual Authentication (KBMA Mechanism for Secured Access in MobiCloud Environment

    Directory of Open Access Journals (Sweden)

    Donald A. Cecil

    2016-01-01

    Full Text Available Mobile Cloud Computing (MCC fuels innovation in Mobile Computing and opens new pathways between mobile devices and infrastructures. There are several issues in MCC environment as it integrates various technologies. Among all issues, security lies on the top where many users are not willing to adopt the cloud services. This paper focuses on the authentication. The objective of this paper is to provide a mechanism for authenticating all the entities involved in accessing the cloud services. A mechanism called Key Based Mutual Authentication (KBMA is proposed which is divided into two processes namely registration and authentication. Registration is a one-time process where the users are registered for accessing the cloud services by giving the desired unique information. Authentication process is carried out mutually to verify the identities of Device and Cloud Service Provider (CSP. Scyther tool is used for analysing the vulnerability in terms of attacks. The result claims show that the proposed mechanism is resilient against various attacks.

  19. Security Investigation Database (SID)

    Data.gov (United States)

    US Agency for International Development — Security Investigation & Personnel Security Clearance - COTS personnel security application in a USAID virtualized environement that can support USAID's business...

  20. The evolution of central securities depositaries in Europe: stable functions in a changing environment

    OpenAIRE

    Dominique Chabert; Gisèle Chanel-Reynaud

    2006-01-01

    National audience; Settlement-delivery (S&D) operations of CSDs or ICSDs are the second last stage of the securities treatment procedure, the last stage being the delivery of securities into the accounts of the final holders by their account managers/custodians. As for national transfers, the organisation is fairly simple since regional depositors are directly connected to the central securities depositary which fulfils two overriding functions on their behalf:- ensuring the final custody of ...

  1. Shotgun Wedding: Interagency Transformation for the 21st Century Security Environment

    National Research Council Canada - National Science Library

    Gibler, Michael L

    2008-01-01

    .... Equally present are the numerous statements and studies by governmental bodies, military leadership, non-partisan think tanks, academia and political elites who believe the current National Security...

  2. EVALUATION OF ECOLOGICAL ENVIRONMENT SECURITY IN CONTIGUOUS POVERTY ALLEVIATION AREA OF SICHUAN PROVINCE

    OpenAIRE

    W. Xian; Y. Chen; J. Chen; X. Luo; H. Shao

    2018-01-01

    According to the overall requirements of ecological construction and environmental protection, rely on the national key ecological engineering, strengthen ecological environmental restoration and protection, improve forest cover, control soil erosion, construct important ecological security barrier in poor areas, inhibit poverty alleviation through ecological security in this area from environmental damage to the vicious cycle of poverty. Obviously, the dynamic monitoring of ecological securi...

  3. Towards adaptive security for convergent wireless sensor networks in beyond 3G environments

    DEFF Research Database (Denmark)

    Mitseva, Anelia; Aivaloglou, Efthimia; Marchitti, Maria-Antonietta

    2010-01-01

    The integration of wireless sensor networks with different network systems gives rise to many research challenges to ensure security, privacy and trust in the overall architecture. The main contribution of this paper is a generic security, privacy and trust framework providing context-aware adapt...

  4. Survey on Security Issues in File Management in Cloud Computing Environment

    Science.gov (United States)

    Gupta, Udit

    2015-06-01

    Cloud computing has pervaded through every aspect of Information technology in past decade. It has become easier to process plethora of data, generated by various devices in real time, with the advent of cloud networks. The privacy of users data is maintained by data centers around the world and hence it has become feasible to operate on that data from lightweight portable devices. But with ease of processing comes the security aspect of the data. One such security aspect is secure file transfer either internally within cloud or externally from one cloud network to another. File management is central to cloud computing and it is paramount to address the security concerns which arise out of it. This survey paper aims to elucidate the various protocols which can be used for secure file transfer and analyze the ramifications of using each protocol.

  5. Interworking between IP security and NAT-PT under IPv4/IPv6 co-existent environments

    Science.gov (United States)

    Ye, Run-Guo; Yu, Shu-Yao; Yang, Hong-Wei; Song, Chuck

    2005-02-01

    Similar to conventional NAT gateways, NAT-PT gateways break traditional TCP/IP"s end-to-end argument property; hence, any IP-based applications protected by IPSec protocol cannot traverse NAT-PT gateways properly. The interworking issues between IPSec and NAT-PT gateways under IPv4/IPv6 co-existent environments were studied: this paper first pointed out the deficiency of current NAT-Traversal scheme when interworking with NAT-PT gateways and proposed an enhanced scheme, which enabled interworking between IPSec and NAT-PT gateways and served the following three scenarios: 1) secure communication between IPv6 hosts and IPv4 hosts; 2) secure communication between IPv6 subnets and IPv4 subnets; 3) secure communication between remote IPv6 hosts and legacy IPv4 subnets.

  6. Security an introduction

    CERN Document Server

    Purpura, Philip P

    2011-01-01

    Section I The History and Profession of SecurityDefinition, Role, and History of Security Security Defined The Contexts of Security The Roles of Security The History of Security Security in an Environment of Threats, Terrorism, and All-Hazards Threats and Hazards Terrorism National Strategies The Profession and Business of Security The Business of Security Professionalism and Security Associations Ethics Regulation of the Security Industry Security Training Higher Education Careers Section II Protecting People and AssetsSecurity Methodology Methodology Defined Security Business Proposals Secur

  7. Coordination and organization of security software process for power information application environment

    Science.gov (United States)

    Wang, Qiang

    2017-09-01

    As an important part of software engineering, the software process decides the success or failure of software product. The design and development feature of security software process is discussed, so is the necessity and the present significance of using such process. Coordinating the function software, the process for security software and its testing are deeply discussed. The process includes requirement analysis, design, coding, debug and testing, submission and maintenance. In each process, the paper proposed the subprocesses to support software security. As an example, the paper introduces the above process into the power information platform.

  8. The Future Security Environment: Why the U.S. Army Must Differentiate and Grow Millennial Officer Talent

    Science.gov (United States)

    2015-09-01

    and M. Epstein, “ Millennials and the World of Work: An Organizational and Management Perspective,” Journal of Business and Psychology, Vol. 25, 2010...Why the U.S. Army Must Differentiate and Grow Millennial Officer Talent FOR THIS AND OTHER PUBLICATIONS, VISIT US AT http://www.carlisle.army.mil...SUBTITLE The Future Security Environment: Why the U.S. Army Must Differentiate and Grow Millennial Officer Talent 5a. CONTRACT NUMBER 5b. GRANT NUMBER 5c

  9. Nonmilitary Peacekeeping Tasks in Africa's Security Environment: Can the African Crisis Response Initiative Adapt?

    National Research Council Canada - National Science Library

    Medders, Sherry

    1999-01-01

    .... The US National Security Strategy's approach calls for fostering regional efforts to promote peace, particularly in areas where US national interests are marginal and the causes of conflict are deep rooted and complex...

  10. Risk management and security services interaction--a must in today's health care environment.

    Science.gov (United States)

    Stultz, M S

    1990-01-01

    The author shows why risk managers and security directors are natural partners in the effort of a hospital to reduce risks from such occurrences as baby kidnappings, serial killers, thefts, and rapes/sexual assaults.

  11. An Elliptic Curve Based Schnorr Cloud Security Model in Distributed Environment

    Directory of Open Access Journals (Sweden)

    Vinothkumar Muthurajan

    2016-01-01

    Full Text Available Cloud computing requires the security upgrade in data transmission approaches. In general, key-based encryption/decryption (symmetric and asymmetric mechanisms ensure the secure data transfer between the devices. The symmetric key mechanisms (pseudorandom function provide minimum protection level compared to asymmetric key (RSA, AES, and ECC schemes. The presence of expired content and the irrelevant resources cause unauthorized data access adversely. This paper investigates how the integrity and secure data transfer are improved based on the Elliptic Curve based Schnorr scheme. This paper proposes a virtual machine based cloud model with Hybrid Cloud Security Algorithm (HCSA to remove the expired content. The HCSA-based auditing improves the malicious activity prediction during the data transfer. The duplication in the cloud server degrades the performance of EC-Schnorr based encryption schemes. This paper utilizes the blooming filter concept to avoid the cloud server duplication. The combination of EC-Schnorr and blooming filter efficiently improves the security performance. The comparative analysis between proposed HCSA and the existing Distributed Hash Table (DHT regarding execution time, computational overhead, and auditing time with auditing requests and servers confirms the effectiveness of HCSA in the cloud security model creation.

  12. Design of Secure and Lightweight Authentication Protocol for Wearable Devices Environment.

    Science.gov (United States)

    Das, Ashok Kumar; Wazid, Mohammad; Kumar, Neeraj; Khan, Muhammad Khurram; Choo, Kim-Kwang Raymond; Park, YoungHo

    2017-09-18

    Wearable devices are used in various applications to collect information including step information, sleeping cycles, workout statistics, and health related information. Due to the nature and richness of the data collected by such devices, it is important to ensure the security of the collected data. This paper presents a new lightweight authentication scheme suitable for wearable device deployment. The scheme allows a user to mutually authenticate his/her wearable device(s) and the mobile terminal (e.g., Android and iOS device) and establish a session key among these devices (worn and carried by the same user) for secure communication between the wearable device and the mobile terminal. The security of the proposed scheme is then demonstrated through the broadly-accepted Real-Or-Random model, as well as using the popular formal security verification tool, known as the Automated Validation of Internet Security Protocols and Applications (AVISPA). Finally, we present a comparative summary of the proposed scheme in terms of the overheads such as computation and communication costs, security and functionality features of the proposed scheme and related schemes, and also the evaluation findings from the NS2 simulation.

  13. An Elliptic Curve Based Schnorr Cloud Security Model in Distributed Environment.

    Science.gov (United States)

    Muthurajan, Vinothkumar; Narayanasamy, Balaji

    2016-01-01

    Cloud computing requires the security upgrade in data transmission approaches. In general, key-based encryption/decryption (symmetric and asymmetric) mechanisms ensure the secure data transfer between the devices. The symmetric key mechanisms (pseudorandom function) provide minimum protection level compared to asymmetric key (RSA, AES, and ECC) schemes. The presence of expired content and the irrelevant resources cause unauthorized data access adversely. This paper investigates how the integrity and secure data transfer are improved based on the Elliptic Curve based Schnorr scheme. This paper proposes a virtual machine based cloud model with Hybrid Cloud Security Algorithm (HCSA) to remove the expired content. The HCSA-based auditing improves the malicious activity prediction during the data transfer. The duplication in the cloud server degrades the performance of EC-Schnorr based encryption schemes. This paper utilizes the blooming filter concept to avoid the cloud server duplication. The combination of EC-Schnorr and blooming filter efficiently improves the security performance. The comparative analysis between proposed HCSA and the existing Distributed Hash Table (DHT) regarding execution time, computational overhead, and auditing time with auditing requests and servers confirms the effectiveness of HCSA in the cloud security model creation.

  14. Public views on multiple dimensions of security: nuclear weapons, terrorism, energy, and the environment: 2007

    International Nuclear Information System (INIS)

    Herron, Kerry Gale; Jenkins-Smith, Hank C.

    2008-01-01

    We analyze and compare findings from identical national surveys of the US general public on nuclear security and terrorism administered by telephone and Internet in mid-2007. Key areas of investigation include assessments of threats to US security; valuations of US nuclear weapons and nuclear deterrence; perspectives on nuclear proliferation, including the specific cases of North Korea and Iran; and support for investments in nuclear weapons capabilities. Our analysis of public views on terrorism include assessments of the current threat, progress in the struggle against terrorism, preferences for responding to terrorist attacks at different levels of assumed casualties, and support for domestic policies intended to reduce the threat of terrorism. Also we report findings from an Internet survey conducted in mid 2007 that investigates public views of US energy security, to include: energy supplies and reliability; energy vulnerabilities and threats, and relationships among security, costs, energy dependence, alternative sources, and research and investment priorities. We analyze public assessments of nuclear energy risks and benefits, nuclear materials management issues, and preferences for the future of nuclear energy in the US. Additionally, we investigate environmental issues as they relate to energy security, to include expected implications of global climate change, and relationships among environmental issues and potential policy options.

  15. Public views on multiple dimensions of security : nuclear waepons, terrorism, energy, and the environment : 2007.

    Energy Technology Data Exchange (ETDEWEB)

    Herron, Kerry Gale (University of Oklahoma, Norman, OK); Jenkins-Smith, Hank C. (University of Oklahoma, Norman, OK)

    2008-01-01

    We analyze and compare findings from identical national surveys of the US general public on nuclear security and terrorism administered by telephone and Internet in mid-2007. Key areas of investigation include assessments of threats to US security; valuations of US nuclear weapons and nuclear deterrence; perspectives on nuclear proliferation, including the specific cases of North Korea and Iran; and support for investments in nuclear weapons capabilities. Our analysis of public views on terrorism include assessments of the current threat, progress in the struggle against terrorism, preferences for responding to terrorist attacks at different levels of assumed casualties, and support for domestic policies intended to reduce the threat of terrorism. Also we report findings from an Internet survey conducted in mid 2007 that investigates public views of US energy security, to include: energy supplies and reliability; energy vulnerabilities and threats, and relationships among security, costs, energy dependence, alternative sources, and research and investment priorities. We analyze public assessments of nuclear energy risks and benefits, nuclear materials management issues, and preferences for the future of nuclear energy in the US. Additionally, we investigate environmental issues as they relate to energy security, to include expected implications of global climate change, and relationships among environmental issues and potential policy options.

  16. Shale Gas, the Environment and Energy Security : A New Framework For Energy Regulation

    NARCIS (Netherlands)

    Fleming, Ruven

    2017-01-01

    `This pioneering and in-depth study into the regulation of shale gas extraction examines how changes in the constitutional set-ups of EU Member States over the last 25 years have substantially altered the legal leverage of environmental protection and energy security as state objectives. As well as

  17. American security perspectives: public views on energy, environment, nuclear weapons and terrorism: 2008

    International Nuclear Information System (INIS)

    Herron, Kerry Gale; Jenkins-Smith, Hank C.

    2008-01-01

    We analyze and compare findings from matching national surveys of the US general public on US energy and environmental security administered by telephone and Internet in mid-2008. Key areas of investigation include: energy supplies and reliability; energy vulnerabilities and threats, and relationships among security, costs, energy dependence, alter-native sources, and research and investment priorities. We analyze public assessments of nuclear energy risks and benefits, nuclear materials management issues, and preferences for the future of nuclear energy in the US. Additionally, we investigate environmental issues as they relate to energy security, to include evolving perspectives on global climate change and relationships among environmental issues and potential policy options. We also report findings from an Internet survey of the general public conducted in mid-2008 that investigates assessments of threats to US security; valuations of US nuclear weapons and nuclear deterrence; perspectives on nuclear proliferation; and support for investments in nuclear weapons capabilities. Our analysis of public views on terrorism include assessments of the current threat, progress in the struggle against terrorism, preferences for responding to terrorist attacks at different levels of assumed casualties, and support for domestic policies intended to reduce the threat of terrorism.

  18. Spatio-temporal dynamics of security investments in an interdependent risk environment

    Science.gov (United States)

    Shafi, Kamran; Bender, Axel; Zhong, Weicai; Abbass, Hussein A.

    2012-10-01

    In a globalised world where risks spread through contagion, the decision of an entity to invest in securing its premises from stochastic risks no longer depends solely on its own actions but also on the actions of other interacting entities in the system. This phenomenon is commonly seen in many domains including airline, logistics and computer security and is referred to as Interdependent Security (IDS). An IDS game models this decision problem from a game-theoretic perspective and deals with the behavioural dynamics of risk-reduction investments in such settings. This paper enhances this model and investigates the spatio-temporal aspects of the IDS games. The spatio-temporal dynamics are studied using simple replicator dynamics on a variety of network structures and for various security cost tradeoffs that lead to different Nash equilibria in an IDS game. The simulation results show that the neighbourhood configuration has a greater effect on the IDS game dynamics than network structure. An in-depth empirical analysis of game dynamics is carried out on regular graphs, which leads to the articulation of necessary and sufficient conditions for dominance in IDS games under spatial constraints.

  19. Relationship between Trustworthiness, Transparency, and Security in Cloud Computing Environments: A Regression Analysis

    Science.gov (United States)

    Ibrahim, Sara

    2017-01-01

    The insider security threat causes new and dangerous dimensions in cloud computing. Those internal threats are originated from contractors or the business partners' input that have access to the systems. A study of trustworthiness and transparency might assist the organizations to monitor employees' activity more cautiously on cloud technologies…

  20. Higher Stakes--The Hidden Risks of School Security Fences for Children's Learning Environments

    Science.gov (United States)

    Rooney, Tonya

    2015-01-01

    In a move away from the open or low-fenced grounds that have traditionally been a feature of Australian school design, the last decade has seen a growth in the installation of high-security fences around schools. These structures, far from being passive and neutral, act to redefine the possibilities for movement and connectivity in the local…

  1. Cyber-physical security of Wide-Area Monitoring, Protection and Control in a smart grid environment.

    Science.gov (United States)

    Ashok, Aditya; Hahn, Adam; Govindarasu, Manimaran

    2014-07-01

    Smart grid initiatives will produce a grid that is increasingly dependent on its cyber infrastructure in order to support the numerous power applications necessary to provide improved grid monitoring and control capabilities. However, recent findings documented in government reports and other literature, indicate the growing threat of cyber-based attacks in numbers and sophistication targeting the nation's electric grid and other critical infrastructures. Specifically, this paper discusses cyber-physical security of Wide-Area Monitoring, Protection and Control (WAMPAC) from a coordinated cyber attack perspective and introduces a game-theoretic approach to address the issue. Finally, the paper briefly describes how cyber-physical testbeds can be used to evaluate the security research and perform realistic attack-defense studies for smart grid type environments.

  2. Cyber-physical security of Wide-Area Monitoring, Protection and Control in a smart grid environment

    Science.gov (United States)

    Ashok, Aditya; Hahn, Adam; Govindarasu, Manimaran

    2013-01-01

    Smart grid initiatives will produce a grid that is increasingly dependent on its cyber infrastructure in order to support the numerous power applications necessary to provide improved grid monitoring and control capabilities. However, recent findings documented in government reports and other literature, indicate the growing threat of cyber-based attacks in numbers and sophistication targeting the nation’s electric grid and other critical infrastructures. Specifically, this paper discusses cyber-physical security of Wide-Area Monitoring, Protection and Control (WAMPAC) from a coordinated cyber attack perspective and introduces a game-theoretic approach to address the issue. Finally, the paper briefly describes how cyber-physical testbeds can be used to evaluate the security research and perform realistic attack-defense studies for smart grid type environments. PMID:25685516

  3. Climate Change Impact on the Southeastern Europe Security Environment and the Increasing Role of the Bulgarian Army as the World Warms

    Science.gov (United States)

    2016-06-10

    CLIMATE CHANGE IMPACT ON THE SOUTHEASTERN EUROPE SECURITY ENVIRONMENT AND THE INCREASING ROLE OF THE BULGARIAN ARMY AS THE WORLD WARMS...DD-MM-YYYY) 10-06-2016 2. REPORT TYPE Master’s Thesis 3. DATES COVERED (From - To) AUG 2015 – JUN 2016 4. TITLE AND SUBTITLE Climate Change ...14. ABSTRACT Climate change impacts on the security environment are real and have the potential to create unprecedented levels of risk through

  4. A survey of energy policy priorities in the United States: Energy supply security, economics, and the environment

    International Nuclear Information System (INIS)

    Manley, Dawn K.; Hines, Valerie A.; Jordan, Matthew W.; Stoltz, Ronald E.

    2013-01-01

    Security, environment, and economic concerns are commonly identified as three major objectives of energy policy. State and federal governments have set aggressive targets for carbon emissions reductions and for alternative fuel use and increased vehicle efficiency to reduce petroleum consumption. Moreover, jobs creation and GDP growth are often cited as key drivers for energy policies. Previous studies on energy policy decision-making have examined the process for developing and evaluating options using multi-criteria decision analysis tools. In addition, energy opinion polls have either elicited preferences between two goals or whether the public supports a specific policy action. In this article, we report results from a survey of 884 members of professional membership organizations on how the U.S. should prioritize energy policy across the goals of energy supply security, environment and climate, and economics and job creation. The majority favor policymaking that is balanced across all three. Security and economic concerns increase with age for male respondents, whereas environment is the highest priority for females regardless of age. Unlike previous surveys that target the general public and focus on a particular objective or technology, these results provide an example of eliciting a portfolio allocation across multiple energy policy goals from targeted constituents. - Highlights: • We surveyed 884 members of professional membership organizations on how the U.S. should prioritize energy policy. • The paper addresses direct elicitation of energy policy goal portfolio allocation for a large set of energy stakeholders. • The majority of respondents favor policymaking balanced across multiple goals. • We observed differences in priorities based on age and gender. • Respondents expressed a tension in allocating across goals that are interrelated

  5. Private Security Infrastructure Abroad: Criminal-Terrorist Agendas and the Operational Environment

    Science.gov (United States)

    2007-11-01

    for the legal or gray market acquisition of weapons—sometimes in huge quantities—and including far more than the side arms sometimes specified in...passing interest only—but reflecting the reputation for “gray market ,” legally questionable, or downright illegal private security initiatives in...these groups, some Licorne soldiers [deployed French “ Unicorn Force” peacekeep- ers], once their four-month commission is up, come knock- ing at their

  6. Use Trust Management Framework to Achieve Effective Security Mechanisms in Cloud Environment

    OpenAIRE

    Hicham Toumi; Bouchra Marzak; Amal Talea; Ahmed Eddaoui; Mohamed Talea

    2017-01-01

    Cloud Computing is an Internet based Computing where virtual shared servers provide software, infrastructure, platform and other resources to the customer on pay-as-you-use basis. Cloud Computing is increasingly becoming popular as many enterprise applications and data are moving into cloud platforms. However, with the enormous use of Cloud, the probability of occurring intrusion also increases. There is a major need of bringing security, transparency and reliability in cloud model for client...

  7. Price, environment and security: Exploring multi-modal motivation in voluntary residential peak demand response

    International Nuclear Information System (INIS)

    Gyamfi, Samuel; Krumdieck, Susan

    2011-01-01

    Peak demand on electricity grids is a growing problem that increases costs and risks to supply security. Residential sector loads often contribute significantly to seasonal and daily peak demand. Demand response projects aim to manage peak demand by applying price signals and automated load shedding technologies. This research investigates voluntary load shedding in response to information about the security of supply, the emission profile and the cost of meeting critical peak demand in the customers' network. Customer willingness to change behaviour in response to this information was explored through mail-back survey. The diversified demand modelling method was used along with energy audit data to estimate the potential peak load reduction resulting from the voluntary demand response. A case study was conducted in a suburb of Christchurch, New Zealand, where electricity is the main source for water and space heating. On this network, all water heating cylinders have ripple-control technology and about 50% of the households subscribe to differential day/night pricing plan. The survey results show that the sensitivity to supply security is on par with price, with the emission sensitivity being slightly weaker. The modelling results show potential 10% reduction in critical peak load for aggregate voluntary demand response. - Highlights: → Multiple-factor behaviour intervention is necessarily for effective residential demand response. → Security signals can achieve result comparable to price. → The modelling results show potential 10% reduction in critical peak load for aggregate voluntary demand response. → New Zealand's energy policy should include innovation and development of VDR programmes and technologies.

  8. Improving Security in Bring Your Own Device (BYOD) Environment by Controlling Access

    OpenAIRE

    Muhammad, M.A.; Zadeh, P.B.; Ayesh, Aladdin, 1972-

    2017-01-01

    With the rapid increase in smartphones and tablets, Bring Your Own Devices (BYOD) has simplified computing by introducing the use of personally owned devices. These devices can be utilised in accessing business enterprise contents and networks. The effectiveness of BYOD offers several business benefits like employee job satisfaction, increased job efficiency and flexibility. However, allowing employees to bring their own devices could lead to a plethora of security issues; like data theft, un...

  9. The Challenge of Small Satellite Systems to the Space Security Environment

    Science.gov (United States)

    2012-03-01

    Space, 1945–1995, (New York: Dodd, Mead & Company, Inc . 1984), 142. 40 Moltz, The Politics of Space Security, 93. 41William E. Burrows, Deep Black...Experimental World Circling Spaceship,” Report No. SE: 11827, Douglas Aircraft Company, Inc ., Santa Monica Plant Engineering Division, Contract WBB-038... Nike Zeus nuclear missile as a means to track and intercept targeted adversarial satellites. The commonality of antiballistic missile (ABM) and ASAT

  10. Analytical Approach for Analyzing Trusted Security System for Data Sharing in Cloud Environment

    OpenAIRE

    Anand Srivastava; Surendra Mishra; Pankaj Kawadkar

    2011-01-01

    Cheap, seemingly unlimited computing resources that can be allocated almost instantaneously and pay-as-you-go pricing schemes are some of the reasons for the success of Cloud computing .In this paper we discuss few aspects of cloud computing and also there area. Cloud computing has been acknowledged as one of the prevailing models for providing IT capacities. The computing paradigm that comes with cloud computing has incurred great concerns on the security of data, especially the integrity an...

  11. Conditions of Poland’s foreign and security policy within the EU and NATO environment

    Directory of Open Access Journals (Sweden)

    Antczak- Barzan Anna

    2014-01-01

    Full Text Available The article is an attempt to answer the question about the state of Poland’s security after the first decade of the twenty-first century, what are its determinants, what kind of challenges Poland faces and which of them may turn into a threat and which into an opportunity, or what Polish potential is and which of its components determine its position on the international arena. It is achieved through a detailed analysis of actions undertaken by Poland in the international arena to strengthen its international position as well as the level of its security. Thus, the aim is to identify those determinants which may contribute to establishing a stronger position and which can create problems and become a formidable challenge in the context of various aspects of security, and even develop into a threat. Unfortunately, the picture which comes out of the above mentioned analysis is not optimistic and the impression is that Poland did not use the chance it was given after the accession to the NATO and the EU.

  12. Secure Service Invocation in a Peer-to-Peer Environment Using JXTA-SOAP

    Science.gov (United States)

    Laghi, Maria Chiara; Amoretti, Michele; Conte, Gianni

    The effective convergence of service-oriented architectures (SOA) and peer-to-peer (P2P) is an urgent task, with many important applications ranging from e-business to ambient intelligence. A considerable standardization effort is being carried out from both SOA and P2P communities, but a complete platform for the development of secure, distributed applications is still missing. In this context, the result of our research and development activity is JXTA-SOAP, an official extension for JXTA enabling Web Service sharing in peer-to-peer networks. Recently we focused on security aspects, providing JXTA-SOAP with a general security management system, and specialized policies that target both J2SE and J2ME versions of the component. Among others, we implemented a policy based on Multimedia Internet KEYing (MIKEY), which can be used to create a key pair and all the required parameters for encryption and decryption of service messages in consumer and provider peers running on resource-constrained devices.

  13. Fruit-80: A Secure Ultra-Lightweight Stream Cipher for Constrained Environments

    Directory of Open Access Journals (Sweden)

    Vahid Amin Ghafari

    2018-03-01

    Full Text Available In Fast Software Encryption (FSE 2015, while presenting a new idea (i.e., the design of stream ciphers with the small internal state by using a secret key, not only in the initialization but also in the keystream generation, Sprout was proposed. Sprout was insecure and an improved version of Sprout was presented in FSE 2017. We introduced Fruit stream cipher informally in 2016 on the web page of IACR (eprint and few cryptanalysis were published on it. Fortunately, the main structure of Fruit was resistant. Now, Fruit-80 is presented as a final version which is easier to implement and is secure. The size of LFSR and NFSR in Fruit-80 is only 80 bits (for 80-bit security level, while for resistance to the classical time-memory-data tradeoff (TMDTO attacks, the internal state size should be at least twice that of the security level. To satisfy this rule and to design a concrete cipher, we used some new design ideas. It seems that the bottleneck of designing an ultra-lightweight stream cipher is TMDTO distinguishing attacks. A countermeasure was suggested, and another countermeasure is proposed here. Fruit-80 is better than other small-state stream ciphers in terms of the initialization speed and area size in hardware. It is possible to redesign many of the stream ciphers and achieve significantly smaller area size by using the new idea.

  14. Character of the mutual perception of the political system and the environment as a criterion of the political security

    Directory of Open Access Journals (Sweden)

    I. V. Ishchenko

    2017-01-01

    Full Text Available Political security is connected with the lack of external and internal threats, or the reduction of their severity. The maintenance of the internal public security should start from the explanation of the nature of the relationship between the political and institutional structures and most active social groups. The author suggests using a mental construct as an indicator of conflict/harmony in this sphere. It has been proposed to implement this idea by comparing the mental constructs of political institutions and social environment. One of the methods to implement this idea has been revealed in the article. This method is based on the search of leading values which are characterizing basic political and institutional structures and social environment. Two components have been described in the mental constructor: rational and irrational. Moreover, the formula, that makes it possible to compare and evaluate the congruence of mental constructs of political and institutional structures and the environment on the basis of the detected values, has been suggested. The advantage of this formula is its flexibility. Consequently, it can describe the features of social and political interaction in all political systems. The regularity has four components. The first component describes the level of implementation of the social environment’s values being a result of certain internal and external policies. It contains a self-assessment of individuals - representatives of the social environment level of its own value system’s implementation. Moreover, the author takes into account the assessment of the political and institutional structures that is given by these individuals. Individuals assess these structures in connection to the actions and decisions aimed at the implementation of public interests and values. The second component of the formula describes the level of implementation and the congruence of values of basic political and institutional

  15. Combining Trust and Behavioral Analysis to Detect Security Threats in Open Environments

    Science.gov (United States)

    2010-11-01

    behavioral feature values. This would provide a baseline notional object trust and is formally defined as follows: TO(1)[0, 1] = ∑ 0,n:νbt wtP (S) (8...TO(2)[0, 1] = ∑ wtP (S) · identity(O,P ) (9) 28- 12 RTO-MP-IST-091 Combining Trust and Behavioral Analysis to Detect Security Threats in Open...respectively. The wtP weight function determines the significance of a particular behavioral feature in the final trust calculation. Note that the weight

  16. Privacy in confidential administrative micro data: implementing statistical disclosure control in a secure computing environment.

    Science.gov (United States)

    Hochfellner, Daniela; Müller, Dana; Schmucker, Alexandra

    2014-12-01

    The demand for comprehensive and innovative data is constantly growing in social science. In particular, micro data from various social security agencies become more and more attractive. In contrast to survey data, administrative data offer a census with highly reliable information but are restricted in their usage. To make them accessible for researchers, data or research output either have to be anonymized or released after disclosure review procedures have been used. This article discusses the trade-off between maintaining a high capability of research potential while protecting private information, by exploiting the data disclosure portfolio and the adopted disclosure strategies of the Research Data Center of the German Federal Employment Agency. © The Author(s) 2014.

  17. Keeping the security and the relief in the environment where radioactive materials exist all the times

    International Nuclear Information System (INIS)

    Murata, Takashi

    2014-01-01

    Three-Eleven was a turning point after which we have recognized that are surrounded by the radioactive materials all the times. On the other hand, “getting a claim to edit by any individual” became possible owing to the spread of advanced ICT equipment, and now he can get necessary information for him to decide and act as he want. It is important for keeping security and rejecting anxiety against radiation to record and evaluate personal irradiation information utilizing the results of ICT. The results should be timely returned to the concerned person. At the same time, it necessary to establish the system by which the data are compiled as a big data and are opened for public use. For establishing such system, the promotion of interdisciplinary collaboration is expected. (J.P.N.)

  18. Field measurements and guidelines for the application of wireless sensor networks to the environment and security.

    Science.gov (United States)

    Gil Jiménez, Víctor P; Armada, Ana García

    2009-01-01

    Frequently, Wireless Sensor Networks (WSN) are designed focusing on applications and omitting transmission problems in these wireless networks. In this paper, we present a measurement campaign that has been carried out using one of the most commonly used WSN platforms, the micaZ from Crossbow(©). Based on these measurements, some guidelines to deploy a robust and reliable WSN are provided. The results are focused on security and environmental applications but can also be extrapolated to other scenarios. A main conclusion that can be extracted is that, from the transmission point of view, a dense WSN is one of the best choices to overcome many of the transmission problems such as the existence of a transitional region, redundance, forwarding, obstructions or interference with other systems.

  19. An Analysis of China's Fertilizer Policies: Impacts on the Industry, Food Security, and the Environment.

    Science.gov (United States)

    Li, Yuxuan; Zhang, Weifeng; Ma, Lin; Huang, Gaoqiang; Oenema, Oene; Zhang, Fusuo; Dou, Zhengxia

    2013-07-01

    China has made remarkable strides in recent decades to grow enough food to feed 20% of the world's population with only 9% of the world's arable land. Meanwhile, the nation is experiencing exacerbated air and water pollution problems. Agricultural growth and the pollution aggravation are closely linked with policies affecting fertilizer production and use. Essentially nonexistent in 1950, China's fertilizer industry is now a robust conglomerate producing fertilizers in amounts that not only meet domestic demand but also contribute to international trade. The industry's growth stemmed from a series of policy progressions, featuring (i) a total control system with state ownership and central planning (1949-1984), (ii) a dual system of central planning and market adjustment (1985-1997), (iii) a market-driven system with government-mandated price caps (1998-2009), and (iv) a complete market-oriented system (since 2009). In conjunction with the policy changes were massive subsidy programs totaling more than $18 billion in 2010. The support policies and subsidies helped grow the industry and safeguard an adequate supply of fertilizers at affordable costs to farmers, but the artificially low-priced fertilizers also contributed to a nationwide trend of fertilizer overuse, leading to nutrient pollution. China needs innovative policies and programs to address food security and sustainability challenges. In this study, we review and analyze policies and programs related to China's fertilizer production and use in a 60-yr span (1950-2010) and discuss its impact on the development of the industry, food security, and pressing environmental issues. Finally, our study analyzes long-term trends in fertilizer use in China and offers some key viewpoints to stimulate debates among all stakeholders. Copyright © by the American Society of Agronomy, Crop Science Society of America, and Soil Science Society of America, Inc.

  20. Proof of Concept Integration of a Single-Level Service-Oriented Architecture into a Multi-Domain Secure Environment

    National Research Council Canada - National Science Library

    Gilkey, Craig M

    2008-01-01

    .... Such web services operating across multiple security domains would provide additional advantages, including improved intelligence aggregation, and real-time collaboration between users in different security domains...

  1. A PKI Approach for Deploying Modern Secure Distributed E-Learning and M-Learning Environments

    Science.gov (United States)

    Kambourakis, Georgios; Kontoni, Denise-Penelope N.; Rouskas, Angelos; Gritzalis, Stefanos

    2007-01-01

    While public key cryptography is continuously evolving and its installed base is growing significantly, recent research works examine its potential use in e-learning or m-learning environments. Public key infrastructure (PKI) and attribute certificates (ACs) can provide the appropriate framework to effectively support authentication and…

  2. A Survey of Security Tools for the Industrial Control System Environment

    Energy Technology Data Exchange (ETDEWEB)

    Hurd, Carl M. [Idaho National Lab. (INL), Idaho Falls, ID (United States); McCarty, Michael V. [Idaho National Lab. (INL), Idaho Falls, ID (United States)

    2017-06-12

    This report details the results of a survey conducted by Idaho National Laboratory (INL) to identify existing tools which could be used to prevent, detect, mitigate, or investigate a cyber-attack in an industrial control system (ICS) environment. This report compiles a list of potentially applicable tools and shows the coverage of the tools in an ICS architecture.

  3. A Survey of Security Tools for the Industrial Control System Environment

    International Nuclear Information System (INIS)

    Hurd, Carl M.; McCarty, Michael V.

    2017-01-01

    This report details the results of a survey conducted by Idaho National Laboratory (INL) to identify existing tools which could be used to prevent, detect, mitigate, or investigate a cyber-attack in an industrial control system (ICS) environment. This report compiles a list of potentially applicable tools and shows the coverage of the tools in an ICS architecture.

  4. The quality of children's home environment and attachment security in Indonesia

    NARCIS (Netherlands)

    Zevalkink, D.J.; Riksen-Walraven, J Marianne; Bradley, Robert H

    The authors examined the relation of the Home Observation for Measurement of the Environment (HOME) Inventory (B. M. Caldwell & R. H. Bradley, 1984) for 0- to 6-year-old Sundanese Indonesian children with the quality of the mother-child attachment relationship (n=44) and attachment-related behaviors

  5. Security Engineering Lessons Learned for Migrating Independent LANs to an Enterprise Environment

    Science.gov (United States)

    Marchant, Robert L.; Bonneau, Thomas

    2013-01-01

    Transition from small, independent LANs into larger enterprise managed infrastructures is becoming more prominent in academia, business and government. Consolidation of IT resources into larger, more disciplined, and more professionally managed environments has significant advantages however they do bring their own unique issues to solve in order…

  6. An Approach to Secure Resource Sharing Algorithm (SRSA) for Multi Cloud Environment

    OpenAIRE

    Er. Parul Indoria; Prof. Abhishek Didel

    2013-01-01

    Cloud computing is an idea intended to deliver computing and storage resources to a community of users. In a cloud computing environment a user can use applications without installing, and accessing personal files of any other user in the network. The cloud computing technology allows efficient computation by centralizing storage, memory and processing. The practice of computing in two or more data centers separated by the Internet in popularity due to an explosion in scalable ...

  7. Working in a demanding environment: employee wellbeing in secure forensic settings

    OpenAIRE

    Cooper, Amelia

    2016-01-01

    Introduction: Care professionals suffering with poor wellbeing is a phenomenon that has been found to have a damaging effect upon individual employees, service users and organisations. Employees working in forensic settings are believed to be at increased risk of damaged wellbeing due to the unique demands of their working environment, including exposure to violence and aggression. This issue was addressed in two ways. Firstly, a systematic review of the literature on the ef...

  8. American perspectives on security : energy, environment, nuclear weapons, and terrorism : 2010.

    Energy Technology Data Exchange (ETDEWEB)

    Herron, Kerry Gale (University of Oklahoma, Norman, OK); Jenkins-Smith, Hank C. (University of Oklahoma, Norman, OK); Silva, Carol L. (University of Oklahoma, Norman, OK)

    2011-03-01

    We report findings from an Internet survey and a subset of questions administered by telephone among the American public in mid-2010 on US energy and environmental security. Key areas of investigation include public perceptions shaping the context for debate about a comprehensive national energy policy, and what levels of importance are assigned to various prospective energy technologies. Additionally, we investigate how public views on global climate change are evolving, how the public assesses the risks and benefits of nuclear energy, preferences for managing used nuclear fuel, and public trust in sources of scientific and technical information. We also report findings from a national Internet survey and a subset of questions administered by telephone in mid-2010 on public views of the relevance of US nuclear weapons today, support for strategic arms control, and assessments of the potential for nuclear abolition. Additionally, we analyze evolving public views of the threat of terrorism, assessments of progress in the struggle against terrorism, and tolerance for intrusive antiterror policies. Where possible, findings from each survey are compared with previous surveys in this series for analyses of trends.

  9. American perspectives on security: energy, environment, nuclear weapons, and terrorism: 2010

    International Nuclear Information System (INIS)

    Herron, Kerry Gale; Jenkins-Smith, Hank C.; Silva, Carol L.

    2011-01-01

    We report findings from an Internet survey and a subset of questions administered by telephone among the American public in mid-2010 on US energy and environmental security. Key areas of investigation include public perceptions shaping the context for debate about a comprehensive national energy policy, and what levels of importance are assigned to various prospective energy technologies. Additionally, we investigate how public views on global climate change are evolving, how the public assesses the risks and benefits of nuclear energy, preferences for managing used nuclear fuel, and public trust in sources of scientific and technical information. We also report findings from a national Internet survey and a subset of questions administered by telephone in mid-2010 on public views of the relevance of US nuclear weapons today, support for strategic arms control, and assessments of the potential for nuclear abolition. Additionally, we analyze evolving public views of the threat of terrorism, assessments of progress in the struggle against terrorism, and tolerance for intrusive antiterror policies. Where possible, findings from each survey are compared with previous surveys in this series for analyses of trends.

  10. Multi-Criteria Evaluation of Irrigated Agriculture Suitability to Achieve Food Security in an Arid Environment

    Directory of Open Access Journals (Sweden)

    Amal Aldababseh

    2018-03-01

    Full Text Available This research aims at assessing land suitability for large-scale agriculture using multiple spatial datasets which include climate conditions, water potential, soil capabilities, topography and land management. The study case is in the Emirate of Abu Dhabi, in the UAE. The aridity of climate in the region requires accounting for non-renewable sources like desalination and treated sewage effluent (TSE for an accurate and realistic assessment of irrigated agriculture suitability. All datasets were systematically aggregated using an analytical hierarchical process (AHP in a GIS model. A hierarchal structure is built and pairwise comparisons matrices are used to calculate weights of the criteria. All spatial processes were integrated to model land suitability and different types of crops are considered in the analysis. Results show that jojoba and sorghum show the best capabilities to survive under the current conditions, followed by date palm, fruits and forage. Vegetables and cereals proved to be the least preferable options. Introducing desalinated water and TSE enhanced land suitability for irrigated agriculture. These findings have positive implications for national planning, the decision-making process of land alteration for agricultural use and addressing sustainable land management and food security issues.

  11. Food security, agricultural subsidies, energy, and the environment: a process of 'glocalization' in Sri Lanka

    Energy Technology Data Exchange (ETDEWEB)

    Mendis, P.

    2001-07-01

    This paper analyzes the interplay of policy dilemma in the areas of food security, agricultural subsidies, energy consumption, and the environment in the 'glocalization' process of Sri Lanka. It demonstrates that the domestic agricultural and food sector is intricately interconnected with the global economy and world market forces. While this paper gives a primary focus on domestic rice production and wheat import policies, it further examines the environmental consequences and public health issues that are associated with the process of 'glocalization' as part of globalization. This 'glocalization' has led to a series of intended and unintended externalities for Sri Lanka whose economic integration is irreversibly linked to agricultural and subsidy policies of other food exporting and producing countries of Asia and the United States. (author)

  12. Implementing Iris in the Railway Control Office Application for Secure Saas in Cloud Environment

    OpenAIRE

    Dr. K. Meena; Dr. M. Manimekalai

    2015-01-01

    Technology plays a vital role in each and every part of the world. In particular ―Cloud‖ computing - a moderately recent term, characterizes the path to develop the advancement in the world of computer science. Further, Cloud provides an affordable environment for its users through different forms of services such as SaaS (Software as a service), PaaS (Platform as a service), and IaaS (Infrastructure as a Service). Cloud computing is also an Internet-based computing where a large ...

  13. Natural gas market review 2008 - optimising investments and ensuring security in a high-priced environment

    Energy Technology Data Exchange (ETDEWEB)

    NONE

    2008-09-18

    Over the last 18 months, natural gas prices have continued to rise steadily in all IEA markets. What are the causes of this steady upward trend? Unprecedented oil and coal prices which have encouraged power generators to switch to gas, together with tight supplies, demand for gas in new markets and delayed investments all played a role. Investment uncertainties, cost increases and delays remain major concerns in most gas markets and are continuing to constitute a threat to long-term security of supply. A massive expansion in LNG production is expected in the short term to 2012, but the lag in LNG investment beyond 2012 is a concern for all gas users in both IEA and non-IEA markets. Despite this tight market context, regional markets continue on their way to globalisation. This tendency seems irreversible, and it impacts even the most independent markets. Price linkages and other interactions between markets are becoming more pronounced. This publication addresses these major developments, assessing investment in natural gas projects (LNG, pipelines, upstream), escalating costs, the activities of international oil and gas companies, and gas demand in the power sector. In addition, the publication includes data and forecasts on OECD and non-OECD regions to 2015 and in-depth reviews of five OECD countries and regions including the European Union. It also provides analysis of 34 non-OECD countries in South America, the Middle East, Africa, and Asia, including a detailed assessment of the outlook for gas in Russia, as well as insights on new technologies to deliver gas to markets.

  14. Programming secure mobile agents in healthcare environments using role-based permissions.

    Science.gov (United States)

    Georgiadis, C K; Baltatzis, J; Pangalos, G I

    2003-01-01

    The healthcare environment consists of vast amounts of dynamic and unstructured information, distributed over a large number of information systems. Mobile agent technology is having an ever-growing impact on the delivery of medical information. It supports acquiring and manipulating information distributed in a large number of information systems. Moreover is suitable for the computer untrained medical stuff. But the introduction of mobile agents generates advanced threads to the sensitive healthcare information, unless the proper countermeasures are taken. By applying the role-based approach to the authorization problem, we ease the sharing of information between hospital information systems and we reduce the administering part. The different initiative of the agent's migration method, results in different methods of assigning roles to the agent.

  15. Security for grids

    Energy Technology Data Exchange (ETDEWEB)

    Humphrey, Marty; Thompson, Mary R.; Jackson, Keith R.

    2005-08-14

    Securing a Grid environment presents a distinctive set of challenges. This paper groups the activities that need to be secured into four categories: naming and authentication; secure communication; trust, policy, and authorization; and enforcement of access control. It examines the current state of the art in securing these processes and introduces new technologies that promise to meet the security requirements of Grids more completely.

  16. Securing Sub-Saharan Africa’s Maritime Environment: Lessons Learned from the Caribbean and Southeast Asia

    Science.gov (United States)

    2009-06-01

    Worst of Times: Maritime Security in the Asia-Pacific eds. Joshua Ho and Catherine Zara Raymond (Singapore: Institute of Defense and Strategic Studies...Security Outlook for Southeast Asia,” in The Best of Times, the Worst of Times: Maritime Security in the Asia-Pacific eds. Joshua Ho and Catherine Zara

  17. Enabling a Secure Environment for Vehicle-to-Vehicle (V2V) and Vehicle-to-Infrastructure (V2I) Transactions : April 2012 Public Workshop Proceedings

    Science.gov (United States)

    2012-06-08

    This report provides a summary and overview of the Public Workshop entitled, Enabling a Secure Environment for Vehicle-to-Vehicle and Vehicle-to-Infrastructure Transactions, presented by USDOT. The workshop took place on April 19-20, 2012 at th...

  18. Economic and agricultural transformation through large-scale farming : impacts of large-scale farming on local economic development, household food security and the environment in Ethiopia

    NARCIS (Netherlands)

    Bekele, M.S.

    2016-01-01

    This study examined impacts of large-scale farming in Ethiopia on local economic development, household food security, incomes, employment, and the environment. The study adopted a mixed research approach in which both qualitative and quantitative data were generated from secondary and primary

  19. Information security management: a proposal to improve the effectiveness of information security in the scientific research environment; Gestao da seguranca da informacao: uma proposta para potencializar a efetividade da seguranca da informacao em ambiente de pesquisa cientifica

    Energy Technology Data Exchange (ETDEWEB)

    Alexandria, Joao Carlos Soares de

    2009-07-01

    The increase of the connectivity in the business environment, combined with the growing dependency of information systems, has become the information security management an important governance tool. Information security has as main goal to protect the business transactions in order to work normally. In this way, It will be safeguarding the business continuity. The threats of information come from hackers' attacks, electronic frauds and spying, as well as fire, electrical energy interruption and humans fault. Information security is made by implementation of a set of controls, including of the others politics, processes, procedures, organizational structures, software and hardware, which require a continuous management and a well established structure to be able to face such challenges. This work tried to search the reasons why the organizations have difficulties to make a practice of information security management. Many of them just limit to adopt points measures, sometimes they are not consistent with their realities. The market counts on enough quantity of standards and regulations related to information security issues, for example, ISO/IEC 27002, American Sarbanes-Oxley act, Basel capital accord, regulations from regulatory agency (such as the Brazilians ones ANATEL, ANVISA and CVM). The market researches have showed that the information security implementation is concentrated on a well-defined group of organization mainly formed by large companies and from specifics sectors of economy, for example, financial and telecommunication. However, information security must be done by all organizations that use information systems to carry out their activities, independently of its size or economic area that it belongs. The situation of information security in the governmental sector of Brazil, and inside its research institutions, is considered worrying by the Brazilian Court of Accounts (TCU). This research work presents an assessment and diagnostic proposal

  20. Virtual Private Networks for mobile environments. Development of protocol for mobile security and algorithms for location update.

    OpenAIRE

    Tzvetkov, Vesselin Dimitrov

    2010-01-01

    The classical networks for broadcast, telephony and data are converging to services on the Next Generation Networks (NGN), which are introduced by all major Service Providers (SP). Major requirements on the future IP network are security and mobility, which are reflection of the Internet’s importance and wide use of portable smart devices. Secure IP mobility is the focus of this thesis, i.e. how the user can move through different access networks whilst maintaining uninterrupted and secure IP...

  1. "Back to the Future:" The UH-1Y Utility Helicopter; A Multi-Role Solution for a Changing Security Environment

    National Research Council Canada - National Science Library

    Smith, Tres C

    2008-01-01

    .... The transition of upgraded type model series aircraft within the existing force structure coupled with the constraints of a bureaucratic acquisitions process and the security challenges associated...

  2. Data Security

    OpenAIRE

    Lopez, Diego

    2013-01-01

    Training specialists in the field of data security and security administrators for the information systems represents a significant priority demanded by both governmental environments and the central and local administrations, as well as by the private sector - companies, banks. They are responsible for implementing information services and systems, but they are also their beneficiaries, with applicability in fields such as: e government, e-administration, e-banking, e-commerce, e-payment, wh...

  3. Environment

    DEFF Research Database (Denmark)

    Valentini, Chiara

    2017-01-01

    The term environment refers to the internal and external context in which organizations operate. For some scholars, environment is defined as an arrangement of political, economic, social and cultural factors existing in a given context that have an impact on organizational processes and structures....... For others, environment is a generic term describing a large variety of stakeholders and how these interact and act upon organizations. Organizations and their environment are mutually interdependent and organizational communications are highly affected by the environment. This entry examines the origin...... and development of organization-environment interdependence, the nature of the concept of environment and its relevance for communication scholarships and activities....

  4. Reducing the Threat of Terrorism through Knowledge Sharing in a Virtual Environment Between Law Enforcement and the Private Security Industry

    National Research Council Canada - National Science Library

    Gallagher, Jerry P

    2008-01-01

    Each day approximately 6,800 members of the private security workforce are deployed across Kansas City to provide protection services at venues, many of which have been identified as being critical...

  5. Reducing the Threat of Terrorism through Knowledge Sharing in a Virtual Environment Between Law Enforcement and the Private Security Industry

    National Research Council Canada - National Science Library

    Gallagher, Jerry P

    2008-01-01

    ... between private security and the KCPD. To empower this resource as a terrorism prevention force multiplier the development of a web based virtual knowledge sharing initiative was explored in this study as a solution to provide "one stop...

  6. International symposium on uranium production and raw materials for the nuclear fuel cycle - Supply and demand, economics, the environment and energy security. Extended synopses

    Energy Technology Data Exchange (ETDEWEB)

    NONE

    2005-07-01

    The IAEA periodically organizes nical meetings and international symposia on all areas of the uranium production cycle. This publication contains 160 extended synopses related to the 2005 international symposium on 'Uranium Production and Raw Materials for the Nuclear Fuel Cycle - Supply and Demand, Economics, the Environment and Energy Security'. They cover all areas of natural uranium resources and production cycle including uranium supply and demand; uranium geology and deposit; uranium exploration; uranium mining and milling; waste management; and environment and regulation. Each synopsis was indexed individually.

  7. A Policy-Based Framework for Preserving Confidentiality in BYOD Environments: A Review of Information Security Perspectives

    Directory of Open Access Journals (Sweden)

    Chalee Vorakulpipat

    2017-01-01

    Full Text Available Today, many organizations allow their employees to bring their own smartphones or tablets to work and to access the corporate network, which is known as a bring your own device (BYOD. However, many such companies overlook potential security risks concerning privacy and confidentiality. This paper provides a review of existing literature concerning the preservation of privacy and confidentiality, with a focus on recent trends in the use of BYOD. This review spans a large spectrum of information security research, ranging from management (risk and policy to technical aspects of privacy and confidentiality in BYOD. Furthermore, this study proposes a policy-based framework for preserving data confidentiality in BYOD. This framework considers a number of aspects of information security and corresponding techniques, such as policy, location privacy, centralized control, cryptography, and operating system level security, which have been omitted in previous studies. The main contribution is to investigate recent trends concerning the preservation of confidentiality in BYOD from the perspective of information security and to analyze the critical and comprehensive factors needed to strengthen data privacy in BYOD. Finally, this paper provides a foundation for developing the concept of preserving confidentiality in BYOD and describes the key technical and organizational challenges faced by BYOD-friendly organizations.

  8. Secure Threat Information Exchange across the Internet of Things for Cyber Defense in a Fog Computing Environment

    Directory of Open Access Journals (Sweden)

    Mihai-Gabriel IONITA

    2016-01-01

    Full Text Available Threat information exchange is a critical part of any security system. Decisions regarding security are taken with more confidence and with more results when the whole security context is known. The fog computing paradigm enhances the use cases of the already used cloud computing systems by bringing all the needed resources to the end-users towards the edge of the network. While fog decentralizes the cloud, it is very important to correlate security events which happen in branch offices around the globe for correct and timely decisions. In this article, we propose an infrastructure based on custom locally installed OSSEC agents which communicate with a central AlienVault deployment for event correlation. The agents are based on a neural network which takes actions based on risk assessment inspired by the human immune system. All of the threat information is defined by STIX expressions and a TAXII server can share this information with foreign organizations. The proposed implementation can successfully be implemented in an IoT scenario, with added security for the “brownfiled” devices.

  9. The joint European TEMPUS project 'Human Security (environment, quality of food, public health, and society) on territories contaminated by radioactive agents'

    International Nuclear Information System (INIS)

    Goncharova, N.; Butchenkow, I.; Maestri, E.

    2016-01-01

    Full text: The Joint European TEMPUS Project 'Human Security (environment, quality of food, public health, and society) on Territories Contaminated by Radioactive Agents', started in 2012. The EU project participants are the following: University of Cordoba (Spain) - Project Coordinator, University of Parma (Italy), University of Florence (Italy), Swedish University of Agricultural Sciences (Sweden) and Riga Technical University (Latvia). The project involves three partner countries - Belarus, Russia, Ukraine, represented by the following institutions: Belarusian State University, International Sakharov Environmental University, Grodno State Medical University, Grodno State Agrarian University, Voronezh State University, Tyumen State Medical Academy, Ural Federal University (Yekaterinburg), Chelyabinsk State University, Nuclear Cities Information-Education Centre, Vinnitsa National Medical University, Zhytomyr State Technological University, Kyiv International University, Sevastopol National University of Nuclear Energy and Industry, Polissya branch of G.M. Vysotsky Ukrainian Research Institute of Forestry and Forest Melioration. The main objectives of the project are: to develop interdisciplinary Master and Doctoral (PhD) programs in the field of Human Security of people living in areas affected by accidents at nuclear power plants / plant for processing nuclear fuel within the following specialties: Ecology and Environment Sciences - 'Human Security and Environment'; Food quality control - 'Human Security and Quality of Food'; Medicine - 'Human Security and Public Health'; Political and Social Sciences - 'Human Security and Society'. These programs will be implemented at 12 universities, 4 from each partner country. During the project implementation it is expected to achieve the following main results: modified interdisciplinary Master and Doctoral (PhD) programs taking into account the studied European experience and practice; joint system of upgrade of

  10. The corporate security professional

    DEFF Research Database (Denmark)

    Petersen, Karen Lund

    2013-01-01

    In our age of globalization and complex threat environments, every business is called upon to manage security. This tendency is reflected in the fact that a wide range of businesses increasingly think about security in broad terms and strive to translate national security concerns into corporate...... speech. This article argues that the profession of the security manager has become central for understanding how the relationship between national and corporate security is currently negotiated. The national security background of most private sector security managers makes the corporate security...... professional inside the company a powerful hybrid agent. By zooming in on the profession and the practice of national security inside companies, the article raises questions about where to draw the line between corporate security and national security along with the political consequences of the constitution...

  11. A Systems Engineering Framework for Implementing a Security and Critical Patch Management Process in Diverse Environments (Academic Departments' Workstations)

    Science.gov (United States)

    Mohammadi, Hadi

    2014-01-01

    Use of the Patch Vulnerability Management (PVM) process should be seriously considered for any networked computing system. The PVM process prevents the operating system (OS) and software applications from being attacked due to security vulnerabilities, which lead to system failures and critical data leakage. The purpose of this research is to…

  12. 77 FR 12355 - Enabling a Secure Environment for Vehicle-to-Vehicle and Vehicle-to-Infrastructure Transactions...

    Science.gov (United States)

    2012-02-29

    ... provide input into research being conducted on potential organizational and business models for supporting... business models for supporting such a network, to attract users and revenue to finance such a system? What... approach to security involving the exchange of digital certificates among legitimate trusted vehicles and...

  13. Why the Gulf War still matters: Foreign perspectives on the war and the future of international security. Report No. 16

    Energy Technology Data Exchange (ETDEWEB)

    Garrity, P.J.

    1993-07-01

    This report summarizes the main findings of a Center for National Security Studies (CNSS) project that examined how a number of nations other than the United States have reacted to the course and outcome of the Persian Gulf War of 1991. The project was built around studies of key countries on which the Gulf War might reasonably be expected to have had a significant impact: Argentina, the ASEAN states, Brazil, China, Cuba, Egypt, France, Germany, India, Iran, Iraq, Israel, Italy, Japan, Jordan, Libya, North Korea, Russia, Saudi Arabia, South Korea, Spain, Syria, Taiwan, the United Kingdom, Vietnam, and the states of the former Yugoslavia. These country studies were written by well-recognized independent experts following a common set of guidelines provided by CNSS. When the country studies were completed, they were reviewed and supplemented through a series of peer assessments and workshops. The report represents a synthesis of material generated through this process, and is intended to stimulate thought and further analysis on the critical topics discussed herein.

  14. Improving ward environments and developing skills for discharge with the implementation of self-catering on a low secure forensic unit.

    Science.gov (United States)

    O'Reilly, Alison

    2016-01-01

    The opportunities for service users to develop skills for more independent living and take control of their environments are limited in secure mental health units. This paper will outline a quality improvement project that changed how the catering services were delivered in a low secure unit in East London NHS Foundation Trust (ELFT). A Quality Improvement methodology was adopted incorporating the Plan, Do, Study, Act (PDSA) cycle which included the trial of service users preparing their own meals on a daily basis. The participation rates were measured and functional daily living skills were recorded. Following success of the trial, long-term implementation of self-catering was agreed, with service users being supported to prepare a shared evening meal every day on the ward with an average of 60% participation. Functional living skills indicated an improvement in the area of process skills. The project aligned with ELFT's aims of service users working in collaboration with staff to implement changes in service delivery.

  15. State Councillor of the Republic and Canton of Geneva in charge of the Department of Security, Police and Environment I Rochat signing the guest book with CERN Director-General R. Heuer on 25th January 2010.

    CERN Multimedia

    Maximilien Brice; Glass Box

    2010-01-01

    State Councillor of the Republic and Canton of Geneva in charge of the Department of Security, Police and Environment I Rochat signing the guest book with CERN Director-General R. Heuer on 25th January 2010.

  16. Building an Amphibious Capability for New Zealand in the 21st Century: Essential in an Uncertain Security Environment

    Science.gov (United States)

    2013-04-04

    Solomon Islands. Fiji has had five military coups in the past twenty-seven years21. In addition, natural disasters (predominantly cyclones) necessitate...to assist with development and relief packages within the Pacific Islands, particularly emergency response to natural disasters . This is where the...secured Apia4. From this genesis, New Zealand and the NZDF have continued to conduct military operations in the South Pacific; from disaster relief

  17. Removing the Rose Colored Glasses: Exploring Modern Security Environment’s Effect on the Army Assignment Policy for Women

    Science.gov (United States)

    2009-06-12

    hostage for some of the detainees in Abu Ghraib, and they refused. Coffins will be arriving to you one after the other, slaughtered just like this...Operating Bases (FOBs), Joint Security Stations (JSS), and combat outposts ( COP ). GWOT triggered the Army to reexamine sustainment and platforms...combat outposts ( COP ). After JSS are created, troops radiate into the more dangerous areas using COPs . 154 The outposts: are located in towns and

  18. Microsoft Azure security

    CERN Document Server

    Freato, Roberto

    2015-01-01

    This book is intended for Azure administrators who want to understand the application of security principles in distributed environments and how to use Azure to its full capability to reduce the risks of security breaches. Only basic knowledge of the security processes and services of Microsoft Azure is required.

  19. 3VSR: Three Valued Secure Routing for Vehicular Ad Hoc Networks using Sensing Logic in Adversarial Environment

    Directory of Open Access Journals (Sweden)

    Muhammad Sohail

    2018-03-01

    Full Text Available Today IoT integrate thousands of inter networks and sensing devices e.g., vehicular networks, which are considered to be challenging due to its high speed and network dynamics. The goal of future vehicular networks is to improve road safety, promote commercial or infotainment products and to reduce the traffic accidents. All these applications are based on the information exchange among nodes, so not only reliable data delivery but also the authenticity and credibility of the data itself are prerequisite. To cope with the aforementioned problem, trust management come up as promising candidate to conduct node’s transaction and interaction management, which requires distributed mobile nodes cooperation for achieving design goals. In this paper, we propose a trust-based routing protocol i.e., 3VSR (Three Valued Secure Routing, which extends the widely used AODV (Ad hoc On-demand Distance Vector routing protocol and employs the idea of Sensing Logic-based trust model to enhance the security solution of VANET (Vehicular Ad-Hoc Network. The existing routing protocol are mostly based on key or signature-based schemes, which off course increases computation overhead. In our proposed 3VSR, trust among entities is updated frequently by means of opinion derived from sensing logic due to vehicles random topologies. In 3VSR the theoretical capabilities are based on Dirichlet distribution by considering prior and posterior uncertainty of the said event. Also by using trust recommendation message exchange, nodes are able to reduce computation and routing overhead. The simulated results shows that the proposed scheme is secure and practical.

  20. 3VSR: Three Valued Secure Routing for Vehicular Ad Hoc Networks using Sensing Logic in Adversarial Environment.

    Science.gov (United States)

    Sohail, Muhammad; Wang, Liangmin

    2018-03-14

    Today IoT integrate thousands of inter networks and sensing devices e.g., vehicular networks, which are considered to be challenging due to its high speed and network dynamics. The goal of future vehicular networks is to improve road safety, promote commercial or infotainment products and to reduce the traffic accidents. All these applications are based on the information exchange among nodes, so not only reliable data delivery but also the authenticity and credibility of the data itself are prerequisite. To cope with the aforementioned problem, trust management come up as promising candidate to conduct node's transaction and interaction management, which requires distributed mobile nodes cooperation for achieving design goals. In this paper, we propose a trust-based routing protocol i.e., 3VSR (Three Valued Secure Routing), which extends the widely used AODV (Ad hoc On-demand Distance Vector) routing protocol and employs the idea of Sensing Logic-based trust model to enhance the security solution of VANET (Vehicular Ad-Hoc Network). The existing routing protocol are mostly based on key or signature-based schemes, which off course increases computation overhead. In our proposed 3VSR, trust among entities is updated frequently by means of opinion derived from sensing logic due to vehicles random topologies. In 3VSR the theoretical capabilities are based on Dirichlet distribution by considering prior and posterior uncertainty of the said event. Also by using trust recommendation message exchange, nodes are able to reduce computation and routing overhead. The simulated results shows that the proposed scheme is secure and practical.

  1. Securing 'supportive environments' for health in the face of ecosystem collapse: meeting the triple threat with a sociology of creative transformation.

    Science.gov (United States)

    Poland, Blake; Dooris, Mark; Haluza-Delay, Randolph

    2011-12-01

    In this paper, we reflect on and explore what remains to be done to make the concept of supportive environments--one of the Ottawa Charter's five core action areas--a reality in the context of growing uncertainty about the future and accelerated pace of change. We pay particular attention to the physical environment, while underscoring the inextricable links between physical and social environments, and particularly the need to link social and environmental justice. The paper begins with a brief orientation to three emerging threats to health equity, namely ecological degradation, climate change, and peak oil, and their connection to economic instability, food security, energy security and other key determinants of health. We then present three contrasting perspectives on the nature of social change and how change is catalyzed, arguing for an examination of the conditions under which cultural change on the scale required to realize the vision of 'supportive environments for all' might be catalyzed, and the contribution that health promotion as a field could play in this process. Drawing on sociological theory, and specifically practice theory and the work of Pierre Bourdieu, we advocate rethinking education for social change by attending more adequately to the social conditions of transformative learning and cultural change. We conclude with an explication of three key implications for health promotion practice: a more explicit alignment with those seeking to curtail environmental destruction and promote environmental justice, strengthening engagement with local or settings-focused 'communities of practice' (such as the Transition Town movement), and finding new ways to creatively 'engage emergence', a significant departure from the current dominant focus on 'risk management'.

  2. Securing a better future for all: Nuclear techniques for global development and environmental protection. NA factsheet on environment laboratories: Protecting the environment

    International Nuclear Information System (INIS)

    2012-01-01

    According to the Millennium Development Goals, managing the environment is considered an integral part of the global development process. The main purpose of the IAEA's environment laboratories is to provide Member States with reliable information on environmental issues and facilitate decision making on protection of the environment. An increasingly important feature of this work is to assess the impact of climate change on environmental sustainability and natural resources. The IAEA's environment laboratories use nuclear techniques, radionuclides, isotopic tracers and stable isotopes to gain a better understanding of the various marine processes, including locating the sources of pollutants and their fate, their transport pathways and their ultimate accumulation in sediments. Radioisotopes are also used to study bioaccumulation in organisms and the food chain, as well as to track signals of climate change throughout history. Natural and artificial radionuclides are used to track ocean currents in key regions. They are also used to validate models designed to predict the future impact of climate change and ocean acidification. The laboratories study the fate and impact of contamination on a variety of ecosystems in order to provide effective preventative diagnostic and remediation strategies. They enhance the capability of Member States to use nuclear techniques to understand and assess changes in their own terrestrial and atmospheric environments, and adopt suitable and sustainable remediation measures when needed. Since 1995, the IAEA environment laboratories have coordinated the international network of Analytical Laboratories for the Measurement of Environmental Radioactivity, providing accurate analysis in the event of an accident or an intentional release of radioactivity. In addition, the laboratories work alongside other organizations, such as UNESCO, the IOC, UNEP and the EC. The laboratories collaborate with Member States through direct involvement with

  3. Energy policy in the European Community: conflicts between the objectives of the unified single market, supply security and a clean environment

    International Nuclear Information System (INIS)

    Surrey, J.

    1992-01-01

    Policies for energy and the environment in Europe were previously the preserve of national governments, but the Commission of the European Community has gained a role in both policy areas in the past few years. This was due to the 1987 Single European Act which, in effect, extends the writ of competition law throughout the energy and other previously excluded sectors, expresses the desire to reduce acid rain and greenhouse gas emissions, and reaffirms Europe's renewed concern for long-term oil and gas supply security after the Gulf War and the disintegration of the USSR. The Commission's proposals for the unified internal energy market were driven by concern for competition and free market forces, and seemed to exclude any scope for long-term policy considerations. This paper argues that the implementation of those proposals will be uneven and protracted, and that the Commission's more recent proposals for reducing CO 2 emissions and the European Energy Charter appear to mark positive steps towards a long-term strategy for a clean environment, energy efficiency, and oil and gas supply security. 27 refs., 4 tabs

  4. Medical Information Security

    OpenAIRE

    William C. Figg, Ph.D.; Hwee Joo Kam, M.S.

    2011-01-01

    Modern medicine is facing a complex environment, not from medical technology but rather government regulations and information vulnerability. HIPPA is the government’s attempt to protect patient’s information yet this only addresses traditional record handling. The main threat is from the evolving security issues. Many medical offices and facilities have multiple areas of information security concerns. Physical security is often weak, office personnel are not always aware of security needs an...

  5. Health care workers in danger zones: a special report on safety and security in a changing environment.

    Science.gov (United States)

    Redwood-Campbell, Lynda J; Sekhar, Sharonya N; Persaud, Christine R

    2014-10-01

    Violence against humanitarian health care workers and facilities in situations of armed conflict is a serious humanitarian problem. Targeting health care workers and destroying or looting medical facilities directly or indirectly impacts the delivery of emergency and life-saving medical assistance, often at a time when it is most needed. Attacks may be intentional or unintentional and can take a range of forms from road blockades and check points which delay or block transport, to the direct targeting of hospitals, attacks against medical personnel, suppliers, patients, and armed entry into health facilities. Lack of access to vital health care services weakens the entire health system and exacerbates existing vulnerabilities, particularly among communities of women, children, the elderly, and the disabled, or anyone else in need of urgent or chronic care. Health care workers, especially local workers, are often the target. This report reviews the work being spearheaded by the Red Cross and Red Crescent Movement on the Health Care in Danger initiative, which aims to strengthen the protections for health care workers and facilities in armed conflicts and ensure safe access for patients. This includes a review of internal reports generated from the expert workshops on a number of topics as well as a number of public sources documenting innovative coping mechanisms adopted by National Red Cross and Red Crescent Societies. The work of other organizations is also briefly examined. This is followed by a review of security mechanisms within the humanitarian sector to ensure the safety and security of health care personnel operating in armed conflicts. From the existing literature, a number of gaps have been identified with current security frameworks that need to be addressed to improve the safety of health care workers and ensure the protection and access of vulnerable populations requiring assistance. A way forward for policy, research, and practice is proposed for

  6. Safe Environment Training: Effects on Catholic Schoolteachers' and Administrators' School Security and Satisfaction

    Science.gov (United States)

    Teague, James Brian

    2013-01-01

    In 2002, in light of the sexual abuse crisis in the Catholic church, The United States Conference of Catholic Bishops established "The charter for the Protection of Children and Young People" that mandated safe environment training for clergy personnel, and volunteers working in the Catholic church. In this study, under the auspices of a…

  7. vPELS: An E-Learning Social Environment for VLSI Design with Content Security Using DRM

    Science.gov (United States)

    Dewan, Jahangir; Chowdhury, Morshed; Batten, Lynn

    2014-01-01

    This article provides a proposal for personal e-learning system (vPELS [where "v" stands for VLSI: very large scale integrated circuit])) architecture in the context of social network environment for VLSI Design. The main objective of vPELS is to develop individual skills on a specific subject--say, VLSI--and share resources with peers.…

  8. Social Mobilization, Influence, and Political Warfare: Unconventional Warfare Strategies for Shaping the 21st Century Security Environment

    Science.gov (United States)

    2012-06-08

    political environments.39 An interesting and unique case study, it was created as an integrated marketing campaign and not as a traditional social movement...important reason than it was created as an integrated marketing campaign and not as a traditional social movement. By evaluating “Lead India” the study

  9. Addressing the main challenges of energy security in the twenty-first century – Contributions of the conferences on Sustainable Development of Energy, Water and Environment Systems

    International Nuclear Information System (INIS)

    Markovska, Natasa; Duić, Neven; Mathiesen, Brian Vad; Guzović, Zvonimir; Piacentino, Antonio; Schlör, Holger; Lund, Henrik

    2016-01-01

    Climate change and fossil fuel reserve depletion both pose challenges for energy security and for wellbeing in general. The top ten among them include: Decarbonising the world economy; Enhancing the energy efficiency and energy savings in buildings; Advancing the energy technologies; Moving towards energy systems based on variable renewables; Electrifying the transport and some industrial processes; Liberalizing and extending the energy markets; Integrating energy sectors to Smart Energy Systems; Making the cities and communities smart; Diversifying the energy sources; and Building more biorefineries. Presenting the contributions of selected conference papers published in the special issues of leading scientific journals (including all the papers from the current Energy special issue), this review demonstrates the capacity of the Conferences on Sustainable Development of Energy, Water and Environment Systems for generation of knowledge which could serve as the centrepiece of a pertinent response to those challenges. - Highlights: • Top ten challenges of energy security in the twenty-first century identified. • Selected SDEWES contributions analysed against the identified challenges. • The role of SDEWES as knowledge generator towards addressing the identified challenges credibly demonstrated.

  10. Alternative security

    International Nuclear Information System (INIS)

    Weston, B.H.

    1990-01-01

    This book contains the following chapters: The Military and Alternative Security: New Missions for Stable Conventional Security; Technology and Alternative Security: A Cherished Myth Expires; Law and Alternative Security: Toward a Just World Peace; Politics and Alternative Security: Toward a More Democratic, Therefore More Peaceful, World; Economics and Alternative Security: Toward a Peacekeeping International Economy; Psychology and Alternative Security: Needs, Perceptions, and Misperceptions; Religion and Alternative Security: A Prophetic Vision; and Toward Post-Nuclear Global Security: An Overview

  11. The Personal Information Security Assistant

    NARCIS (Netherlands)

    Kegel, Roeland Hendrik,Pieter

    The human element is often found to be the weakest link in the information security chain. The Personal Information Security Assistant project aims to address this by improving the privacy and security awareness of end-users and by aligning the user's personal IT environment to the user's security

  12. Considerations for Cloud Security Operations

    OpenAIRE

    Cusick, James

    2016-01-01

    Information Security in Cloud Computing environments is explored. Cloud Computing is presented, security needs are discussed, and mitigation approaches are listed. Topics covered include Information Security, Cloud Computing, Private Cloud, Public Cloud, SaaS, PaaS, IaaS, ISO 27001, OWASP, Secure SDLC.

  13. Homeland Security

    Science.gov (United States)

    Provides an overview of EPA's homeland security roles and responsibilities, and links to specific homeland security issues: water security, research, emergency response, recovery, and waste management.

  14. Environment

    International Nuclear Information System (INIS)

    McIntyre, A.D.; Turnbull, R.G.H.

    1992-01-01

    The development of the hydrocarbon resources of the North Sea has resulted in both offshore and onshore environmental repercussions, involving the existing physical attributes of the sea and seabed, the coastline and adjoining land. The social and economic repercussions of the industry were equally widespread. The dramatic and speedy impact of the exploration and exploitation of the northern North Sea resources in the early 1970s, on the physical resources of Scotland was quickly realised together with the concern that any environmental and social damage to the physical and social fabric should be kept to a minimum. To this end, a wide range of research and other activities by central and local government, and other interested agencies was undertaken to extend existing knowledge on the marine and terrestrial environments that might be affected by the oil and gas industry. The outcome of these activities is summarized in this paper. The topics covered include a survey of the marine ecosystems of the North Sea, the fishing industry, the impact of oil pollution on seabirds and fish stocks, the ecology of the Scottish coastline and the impact of the petroleum industry on a selection of particular sites. (author)

  15. Android security cookbook

    CERN Document Server

    Makan, Keith

    2013-01-01

    Android Security Cookbook' breaks down and enumerates the processes used to exploit and remediate Android app security vulnerabilities in the form of detailed recipes and walkthroughs.""Android Security Cookbook"" is aimed at anyone who is curious about Android app security and wants to be able to take the necessary practical measures to protect themselves; this means that Android application developers, security researchers and analysts, penetration testers, and generally any CIO, CTO, or IT managers facing the impeding onslaught of mobile devices in the business environment will benefit from

  16. Security Dilemma

    DEFF Research Database (Denmark)

    Wivel, Anders

    2011-01-01

    What is a security dilemma? What are the consequences of security dilemmas in international politics?......What is a security dilemma? What are the consequences of security dilemmas in international politics?...

  17. Security of pipeline facilities

    Energy Technology Data Exchange (ETDEWEB)

    Lee, S.C. [Alberta Energy and Utilities Board, Calgary, AB (Canada); Van Egmond, C.; Duquette, L. [National Energy Board, Calgary, AB (Canada); Revie, W. [Canada Centre for Mineral and Energy Technology, Ottawa, ON (Canada)

    2005-07-01

    This working group provided an update on provincial, federal and industry directions regarding the security of pipeline facilities. The decision to include security issues in the NEB Act was discussed as well as the Pipeline Security Management Assessment Project, which was created to establish a better understanding of existing security management programs as well as to assist the NEB in the development and implementation of security management regulations and initiatives. Amendments to the NEB were also discussed. Areas of pipeline security management assessment include physical safety management; cyber and information security management; and personnel security. Security management regulations were discussed, as well as implementation policies. Details of the Enbridge Liquids Pipelines Security Plan were examined. It was noted that the plan incorporates flexibility for operations and is integrated with Emergency Response and Crisis Management. Asset characterization and vulnerability assessments were discussed, as well as security and terrorist threats. It was noted that corporate security threat assessment and auditing are based on threat information from the United States intelligence community. It was concluded that the oil and gas industry is a leader in security in North America. The Trans Alaska Pipeline Incident was discussed as a reminder of how costly accidents can be. Issues of concern for the future included geographic and climate issues. It was concluded that limited resources are an ongoing concern, and that the regulatory environment is becoming increasingly prescriptive. Other concerns included the threat of not taking international terrorism seriously, and open media reporting of vulnerability of critical assets, including maps. tabs., figs.

  18. Water security evaluation in Yellow River basin

    Science.gov (United States)

    Jiang, Guiqin; He, Liyuan; Jing, Juan

    2018-03-01

    Water security is an important basis for making water security protection strategy, which concerns regional economic and social sustainable development. In this paper, watershed water security evaluation index system including 3 levels of 5 criterion layers (water resources security, water ecological security and water environment security, water disasters prevention and control security and social economic security) and 24 indicators were constructed. The entropy weight method was used to determine the weights of the indexes in the system. The water security index of 2000, 2005, 2010 and 2015 in Yellow River basin were calculated by linear weighting method based on the relative data. Results show that the water security conditions continue to improve in Yellow River basin but still in a basic security state. There is still a long way to enhance the water security in Yellow River basin, especially the water prevention and control security, the water ecological security and water environment security need to be promoted vigorously.

  19. The strategic security officer.

    Science.gov (United States)

    Hodges, Charles

    2014-01-01

    This article discusses the concept of the strategic security officer, and the potential that it brings to the healthcare security operational environment. The author believes that training and development, along with strict hiring practices, can enable a security department to reach a new level of professionalism, proficiency and efficiency. The strategic officer for healthcare security is adapted from the "strategic corporal" concept of US Marine Corps General Charles C. Krulak which focuses on understanding the total force implications of the decisions made by the lowest level leaders within the Corps (Krulak, 1999). This article focuses on the strategic organizational implications of every security officer's decisions in the constantly changing and increasingly volatile operational environment of healthcare security.

  20. Cloud Infrastructure Security

    OpenAIRE

    Velev , Dimiter; Zlateva , Plamena

    2010-01-01

    Part 4: Security for Clouds; International audience; Cloud computing can help companies accomplish more by eliminating the physical bonds between an IT infrastructure and its users. Users can purchase services from a cloud environment that could allow them to save money and focus on their core business. At the same time certain concerns have emerged as potential barriers to rapid adoption of cloud services such as security, privacy and reliability. Usually the information security professiona...

  1. Information security management principles

    CERN Document Server

    Taylor, Andy; Finch, Amanda; Sutton, David; Taylor, Andy

    2013-01-01

    In today's technology-driven environment, there is an ever-increasing demand for information delivery. A compromise has to be struck between security and availability. This book is a pragmatic guide to information assurance for both business professionals and technical experts. This second edition includes the security of cloud-based resources.

  2. VMware view security essentials

    CERN Document Server

    Langenhan, Daniel

    2013-01-01

    A practical and fast-paced guide that gives you all the information you need to secure your virtual environment.This book is a ""how-to"" for the novice, a ""reference guide"" for the advanced user, and a ""go to"" for the experienced user in all the aspects of VMware View desktop virtualization security.

  3. Systems Security Engineering

    Science.gov (United States)

    2010-08-22

    environment that contains network- borne cybersecurity threats, an argument may be made that the firewall increases overall system functionality by reserving...the number of administered devices. This approach to security analysis is at once old and new. In the early days of eCommerce , security

  4. Security planning an applied approach

    CERN Document Server

    Lincke, Susan

    2015-01-01

    This book guides readers through building an IT security plan. Offering a template, it helps readers to prioritize risks, conform to regulation, plan their defense and secure proprietary/confidential information. The process is documented in the supplemental online security workbook. Security Planning is designed for the busy IT practitioner, who does not have time to become a security expert, but needs a security plan now. It also serves to educate the reader of a broader set of concepts related to the security environment through the Introductory Concepts and Advanced sections. The book serv

  5. Security vs. Safety.

    Science.gov (United States)

    Sturgeon, Julie

    1999-01-01

    Provides administrative advice on how some safety experts have made college campuses safer and friendlier without breaking the budget. Tips on security and advice on safety management that encompasses the whole environment are highlighted. (GR)

  6. VMware vsphere security cookbook

    CERN Document Server

    Greer, Mike

    2014-01-01

    This book is intended for virtualization professionals who are experienced with the setup and configuration of VMware vSphere, but didn't get the opportunity to learn how to secure the environment properly.

  7. Security Evolution.

    Science.gov (United States)

    De Patta, Joe

    2003-01-01

    Examines how to evaluate school security, begin making schools safe, secure schools without turning them into fortresses, and secure schools easily and affordably; the evolution of security systems into information technology systems; using schools' high-speed network lines; how one specific security system was developed; pros and cons of the…

  8. Securing virtual and cloud environments

    CSIR Research Space (South Africa)

    Carroll, M

    2012-01-01

    Full Text Available targets such as reduced costs, scalability, flexibility, capacity utilisation, higher efficiencies and mobility. Many of these benefits are achieved through the utilisation of technologies such as cloud computing and virtualisation. In many instances cloud...

  9. Overview of security culture

    International Nuclear Information System (INIS)

    Matulanya, M. A.

    2014-04-01

    Nuclear Security culture concept has been aggressively promoted over the past several years as a tool to improve the physical protection of the nuclear and radioactive materials due to growing threats of catastrophic terrorism and other new security challenges. It is obvious that, the scope of nuclear security and the associated cultures need to be extended beyond the traditional task of protecting weapons-usable materials. The role of IAEA is to strengthen the nuclear security framework globally and in leading the coordination of international activities in this field. Therefore all governments should work closely with the IAEA to take stronger measures to ensure the physical protection, the safety and security of the nuclear and radioactive materials. In the effort to reflect this new realities and concerns, the IAEA in 2008 came up with the document, the Nuclear Security Culture, Nuclear Security Series No. 7, Implementing Guide to the member states which urged every member state to take appropriate measures to promote security culture with respect to nuclear and radioactive materials. The document depicted this cultural approach as the way to protect individual, society and the environment. Among other things, the document defined nuclear security culture as characteristics and attitudes in organizations and of individuals which establishes that, nuclear security issues receives attention warranted by their significance. (au)

  10. Assessing Psycho-Social Resilience in Diplomatic, Civilian & Military Personnel Serving in a High-Threat Security Environment during Counter-Insurgency and Counter-Terrorism Operations in Iraq

    Directory of Open Access Journals (Sweden)

    Anne Speckhard

    2012-08-01

    Full Text Available Currently thousands of military, diplomatic and civilian personnel are deployed under NATO, UN, and other multi-national, as well as national auspices in high-threat security environments, including active conflict zones such as Iraq and Afghanistan.  Soldiers are generally well trained and prepared psychologically to face armed conflict. Civilian contractors and diplomats, on the other hand, often are not.  Moreover in today’s high-threat security environments terrorists, insurgents and even child soldiers may be the opposing force, creating a more uncertain and anxiety provoking environment and more difficult to identify security threat. These facts have serious implications for the psycho-social resilience of diplomatic, civilian and military personnel deployed in such environments.  This article investigates psycho-social resilience in a small exploratory sample of US embassy staff, contractors and US forces serving in Iraq during 2007, a time when Improvised Explosive Devices (IEDs, roadside bombings, mortar attacks, kidnappings, murders and sniper fire were an everyday occurrence in Iraq.

  11. Type and extent of trans-disciplinary co-operation to improve food security, health and household environment in low and middle income countries: systematic review

    Directory of Open Access Journals (Sweden)

    Santosh Gaihre

    2016-10-01

    Full Text Available Abstract Background Although linkages have been found between agricultural interventions and nutritional health, and the development of clean fuels and improved solid fuel stoves in reducing household air pollution and adverse health effects, the extent of the potential of combined household interventions to improve health, nutrition and the environment has not been investigated. A systematic review was conducted to identify the extent and type of community-based agricultural and household interventions aimed at improving food security, health and the household environment in low and middle income countries. Methods A systematic search of Ovid MEDLINE, PUBMED, EMBASE and SCOPUS databases was performed. Key search words were generated reflecting the “participants, interventions, comparators, outcomes and study design” approach and a comprehensive search strategy was developed following “Preferred Reporting Items for Systematic Reviews and Meta-Analyses” recommendations. Any community-based agricultural and/or household interventions were eligible for inclusion if the focus was to improve at least one of the outcome measures of interest. All relevant study designs employing any of these interventions (alone/in combination were included if conducted in Low and middle income countries. Review articles, and clinical and occupational studies were excluded. Results A total of 123 studies were included and grouped into four intervention domains; agricultural (n = 27, air quality (n = 34, water quality (n = 32, and nutritional (n = 30. Most studies were conducted in Asia (39.2 % or Africa (34.6 % with the remaining 26.1 % in Latin America. Very few studies (n = 11 combined interventions across more than one domain. The majority of agricultural and nutritional studies were conducted in Africa and Asia, whereas the majority of interventions to improve household air quality were conducted in Latin America. Conclusions It is

  12. Financial security

    NARCIS (Netherlands)

    de Goede, M.; Burgess, J.P.

    2010-01-01

    1. Introduction J. Peter Burgess Part 1: New Security Concepts 2. Civilizational Security Brett Bowden 3. Risk Oliver Kessler 4. Small Arms Keith Krause 5. Critical Human Security Taylor Owen 6. Critical Geopolitics Simon Dalby Part 2: New Security Subjects 7. Biopolitics Michael Dillon 8. Gendered

  13. Cyber security

    CERN Document Server

    Voeller, John G

    2014-01-01

    Cyber Security features articles from the Wiley Handbook of Science and Technology for Homeland Security covering topics related to cyber security metrics and measure  and related technologies that meet security needs. Specific applications to web services, the banking and the finance sector, and industrial process control systems are discussed.

  14. Coping with Security in Programming

    OpenAIRE

    Frank Schindler

    2006-01-01

    This article deals with importance of security issues in computer programming.Secure software can only be designed with security as a primary goal. To achieve that wewould have to redesign our computer systems with security in our mind including entirecomputer environment, e.g. hardware, programming languages and, of course, operatingsystems. In software development process the quality of resulting computer code should bethe most important aspect during the whole program development process. ...

  15. Security negotiation

    OpenAIRE

    Mitrović, Miroslav M.; Ivaniš, Željko

    2013-01-01

    Contemporary security challenges, risks and threats represent a resultant of the achieved level of interaction between various entities within the paradigm of global security relations. Asymmetry and nonlinearity are main features of contemporary challenges in the field of global security. Negotiation in the area of security, namely the security negotiation, thus goes beyond just the domain of negotiation in conflicts and takes into consideration particularly asymmetric forms of possible sour...

  16. Planning security for supply security

    International Nuclear Information System (INIS)

    Spies von Buellesheim.

    1994-01-01

    The situation of the hardcoal mining industry is still difficult, however better than last year. Due to better economic trends in the steel industry, though on a lower level, sales in 1994 have stabilised. Stocks are being significantly reduced. As to the production, we have nearly reached a level which has been politically agreed upon in the long run. Due to the determined action of the coalmining companies, a joint action of management and labour, the strong pressure has been mitigated. On the energy policy sector essential targets have been achieved: First of all the ECSC decision on state aid which will be in force up to the year 2002 and which will contribute to accomplish the results of the 1991 Coal Round. Furthermore, the 1994 Act on ensuring combustion of hardcoal in electricity production up to the year 2005. The hardcoal mining industry is grateful to all political decision makers for the achievements. The industry demands, however, that all questions still left open, including the procurement of financial means after 1996, should be settled soon on the basis of the new act and in accordance with the 1991 Coal Round and the energy concept of the Federal Government. German hardcoal is an indispensable factor within a balanced energy mix which guarantees the security of our energy supply, the security of the price structure and the respect of the environment. (orig.) [de

  17. Environment | Argonne National Laboratory

    Science.gov (United States)

    Skip to main content Argonne National Laboratory Toggle Navigation Toggle Search Energy Environment Laboratory About Safety News Careers Education Community Diversity Directory Energy Environment National Security User Facilities Science Work with Us Environment Atmospheric and Climate Science Ecological

  18. The Johnson Space Center Management Information Systems (JSCMIS). 1: Requirements Definition and Design Specifications for Versions 2.1 and 2.1.1. 2: Documented Test Scenario Environments. 3: Security Design and Specifications

    Science.gov (United States)

    1986-01-01

    The Johnson Space Center Management Information System (JSCMIS) is an interface to computer data bases at NASA Johnson which allows an authorized user to browse and retrieve information from a variety of sources with minimum effort. This issue gives requirements definition and design specifications for versions 2.1 and 2.1.1, along with documented test scenario environments, and security object design and specifications.

  19. Security Expertise

    DEFF Research Database (Denmark)

    systematic study of security expertise and opens up a productive dialogue between science and technology studies and security studies to investigate the character and consequences of this expertise. In security theory, the study of expertise is crucial to understanding whose knowledge informs security making......This volume brings together scholars from different fields to explore the power, consequences and everyday practices of security expertise. Expertise mediates between different forms of knowledge: scientific and technological, legal, economic and political knowledge. This book offers the first...... and to reflect on the impact and responsibility of security analysis. In science and technology studies, the study of security politics adds a challenging new case to the agenda of research on expertise and policy. The contributors investigate cases such as academic security studies, security think tanks...

  20. Moving towards Cloud Security

    Directory of Open Access Journals (Sweden)

    Edit Szilvia Rubóczki

    2015-01-01

    Full Text Available Cloud computing hosts and delivers many different services via Internet. There are a lot of reasons why people opt for using cloud resources. Cloud development is increasing fast while a lot of related services drop behind, for example the mass awareness of cloud security. However the new generation upload videos and pictures without reason to a cloud storage, but only few know about data privacy, data management and the proprietary of stored data in the cloud. In an enterprise environment the users have to know the rule of cloud usage, however they have little knowledge about traditional IT security. It is important to measure the level of their knowledge, and evolve the training system to develop the security awareness. The article proves the importance of suggesting new metrics and algorithms for measuring security awareness of corporate users and employees to include the requirements of emerging cloud security.

  1. The secure heating reactor

    International Nuclear Information System (INIS)

    Pind, C.

    1987-01-01

    The SECURE heating reactor was designed by ASEA-ATOM as a realistic alternative for district heating in urban areas and for supplying heat to process industries. SECURE has unique safety characteristics, that are based on fundamental laws of physics. The safety does not depend on active components or operator intervention for shutdown and cooling of the reactor. The inherent safety characteristics of the plant cannot be affected by operator errors. Due to its very low environment impact, it can be sited close to heat consumers. The SECURE heating reactor has been shown to be competitive in comparison with other alternatives for heating Helsinki and Seoul. The SECURE heating reactor forms a basis for the power-producing SECURE-P reactor known as PIUS (Process Inherent Ultimate Safety), which is based on the same inherent safety principles. The thermohydraulic function and transient response have been demonstrated in a large electrically heated loop at the ASEA-ATOM laboratories

  2. Energy security in Yemen

    International Nuclear Information System (INIS)

    Torosyan, Emil

    2009-09-01

    Yemen, situated in the Arab world, has considerable energy resources. However, its history of repeated revolts, civil wars and terrorism and also the presence of the Wahabi movement and al Qaeda in the country constitute security issues for the energy industry and its infrastructure. The aim of this paper is to assess the impact level on the security of the energy sector in Yemen and the effect that the threats to that sector could have on global energy security. Analyses of the political environment, the security threats and the measures taken to respond to these threats have been carried out. Results showed that Yemen's resources are depleting and that the government is having trouble containing the escalation of conflicts; this situation could lead to Yemen's political collapse which could have an important impact on global energy security.

  3. International Nuclear Security

    Energy Technology Data Exchange (ETDEWEB)

    Doyle, James E. [Los Alamos National Laboratory

    2012-08-14

    This presentation discusses: (1) Definitions of international nuclear security; (2) What degree of security do we have now; (3) Limitations of a nuclear security strategy focused on national lock-downs of fissile materials and weapons; (4) What do current trends say about the future; and (5) How can nuclear security be strengthened? Nuclear security can be strengthened by: (1) More accurate baseline inventories; (2) Better physical protection, control and accounting; (3) Effective personnel reliability programs; (4) Minimize weapons-usable materials and consolidate to fewer locations; (5) Consider local threat environment when siting facilities; (6) Implement pledges made in the NSS process; and (7) More robust interdiction, emergency response and special operations capabilities. International cooperation is desirable, but not always possible.

  4. Security culture for nuclear facilities

    Science.gov (United States)

    Gupta, Deeksha; Bajramovic, Edita

    2017-01-01

    Natural radioactive elements are part of our environment and radioactivity is a natural phenomenon. There are numerous beneficial applications of radioactive elements (radioisotopes) and radiation, starting from power generation to usages in medical, industrial and agriculture applications. But the risk of radiation exposure is always attached to operational workers, the public and the environment. Hence, this risk has to be assessed and controlled. The main goal of safety and security measures is to protect human life, health, and the environment. Currently, nuclear security considerations became essential along with nuclear safety as nuclear facilities are facing rapidly increase in cybersecurity risks. Therefore, prevention and adequate protection of nuclear facilities from cyberattacks is the major task. Historically, nuclear safety is well defined by IAEA guidelines while nuclear security is just gradually being addressed by some new guidance, especially the IAEA Nuclear Security Series (NSS), IEC 62645 and some national regulations. At the overall level, IAEA NSS 7 describes nuclear security as deterrence and detection of, and response to, theft, sabotage, unauthorized access, illegal transfer or other malicious acts involving nuclear, other radioactive substances and their associated facilities. Nuclear security should be included throughout nuclear facilities. Proper implementation of a nuclear security culture leads to staff vigilance and a high level of security posture. Nuclear security also depends on policy makers, regulators, managers, individual employees and members of public. Therefore, proper education and security awareness are essential in keeping nuclear facilities safe and secure.

  5. Privacy vs security

    CERN Document Server

    Stalla-Bourdillon, Sophie; Ryan, Mark D

    2014-01-01

    Securing privacy in the current environment is one of the great challenges of today's democracies. Privacy vs. Security explores the issues of privacy and security and their complicated interplay, from a legal and a technical point of view. Sophie Stalla-Bourdillon provides a thorough account of the legal underpinnings of the European approach to privacy and examines their implementation through privacy, data protection and data retention laws. Joshua Philips and Mark D. Ryan focus on the technological aspects of privacy, in particular, on today's attacks on privacy by the simple use of today'

  6. Watermarking security

    CERN Document Server

    Bas, Patrick; Cayre, François; Doërr, Gwenaël; Mathon, Benjamin

    2016-01-01

    This book explains how to measure the security of a watermarking scheme, how to design secure schemes but also how to attack popular watermarking schemes. This book gathers the most recent achievements in the field of watermarking security by considering both parts of this cat and mouse game. This book is useful to industrial practitioners who would like to increase the security of their watermarking applications and for academics to quickly master this fascinating domain.

  7. Security Locks

    Science.gov (United States)

    Hart, Kevin

    2010-01-01

    According to a 2008 "Year in Review" report by Educational Security Incidents, an online repository that collects data on higher education security issues, the total number of security incidents reported at universities and colleges worldwide rose to 173 in 2008, a 24.5 percent increase over 2007. The number of institutions…

  8. Smart grid security

    Energy Technology Data Exchange (ETDEWEB)

    Cuellar, Jorge (ed.) [Siemens AG, Muenchen (Germany). Corporate Technology

    2013-11-01

    The engineering, deployment and security of the future smart grid will be an enormous project requiring the consensus of many stakeholders with different views on the security and privacy requirements, not to mention methods and solutions. The fragmentation of research agendas and proposed approaches or solutions for securing the future smart grid becomes apparent observing the results from different projects, standards, committees, etc, in different countries. The different approaches and views of the papers in this collection also witness this fragmentation. This book contains the following papers: 1. IT Security Architecture Approaches for Smart Metering and Smart Grid. 2. Smart Grid Information Exchange - Securing the Smart Grid from the Ground. 3. A Tool Set for the Evaluation of Security and Reliability in Smart Grids. 4. A Holistic View of Security and Privacy Issues in Smart Grids. 5. Hardware Security for Device Authentication in the Smart Grid. 6. Maintaining Privacy in Data Rich Demand Response Applications. 7. Data Protection in a Cloud-Enabled Smart Grid. 8. Formal Analysis of a Privacy-Preserving Billing Protocol. 9. Privacy in Smart Metering Ecosystems. 10. Energy rate at home Leveraging ZigBee to Enable Smart Grid in Residential Environment.

  9. Emerging trends in ICT security

    CERN Document Server

    Akhgar, Babak

    2013-01-01

    Emerging Trends in ICT Security, an edited volume, discusses the foundations and theoretical aspects of ICT security; covers trends, analytics, assessments and frameworks necessary for performance analysis and evaluation; and gives you the state-of-the-art knowledge needed for successful deployment of security solutions in many environments. Application scenarios provide you with an insider's look at security solutions deployed in real-life scenarios, including but limited to smart devices, biometrics, social media, big data security, and crowd sourcing. Provides a multidisciplinary approach

  10. An Exploration of the Legal and Regulatory Environment of Privacy and Security through Active Research, Guided Study, Blog Creation, and Discussion

    Science.gov (United States)

    Peslak, Alan R.

    2010-01-01

    One of the most important topics for today's information technology professional is the study of legal and regulatory issues as they relate to privacy and security of personal and business data and identification. This manuscript describes the topics and approach taken by the instructors that focuses on independent research of source documents and…

  11. Information security architecture an integrated approach to security in the organization

    CERN Document Server

    Killmeyer, Jan

    2000-01-01

    An information security architecture is made up of several components. Each component in the architecture focuses on establishing acceptable levels of control. These controls are then applied to the operating environment of an organization. Functionally, information security architecture combines technical, practical, and cost-effective solutions to provide an adequate and appropriate level of security.Information Security Architecture: An Integrated Approach to Security in the Organization details the five key components of an information security architecture. It provides C-level executives

  12. Measuring Stability and Security in Iraq

    National Research Council Canada - National Science Library

    2005-01-01

    .... The initial section of the report, "Stability and Security in Iraq," describes trends and progress towards meeting goals for political stability, economic progress, and achieving a stable security environment in Iraq...

  13. Measuring Stability and Security in Iraq

    National Research Council Canada - National Science Library

    2006-01-01

    ... of the report, "Stability and Security in Iraq," describes trends and progress towards meeting goals for political stability, strengthening economic activity, and achieving a stable security environment in Iraq...

  14. Security Sector Reform in Albania

    OpenAIRE

    Abazi, Enika; Bumci, Aldo; Hide, Enri; Rakipi, Albert

    2009-01-01

    International audience; This paper analyses security sector reform (SSR) in Albania. In all its enterprises in reforming the security sector,Albania is assisted by different initiatives and projects that provide expertise and financial support. To assesswhether reforms improved the overall security environment (national and human) of the country, it is necessaryto measure the effectiveness of the various initiatives and projects. This is gauged by how well the initiatives andprojects achieved...

  15. Addressing the main challenges of energy security in the twenty-first century – Contributions of the conferences on Sustainable Development of Energy, Water and Environment Systems

    DEFF Research Database (Denmark)

    Markovska, Natasa; Duić, Neven; Mathiesen, Brian Vad

    2016-01-01

    Climate change and fossil fuel reserve depletion both pose challenges for energy security and for wellbeing in general. The top ten among them include: Decarbonising the world economy; Enhancing the energy efficiency and energy savings in buildings; Advancing the energy technologies; Moving towards...... energy systems based on variable renewables; Electrifying the transport and some industrial processes; Liberalizing and extending the energy markets; Integrating energy sectors to Smart Energy Systems; Making the cities and communities smart; Diversifying the energy sources; and Building more...

  16. Use Cases for Dynamic Secure Wireless Networking in Coalition Environments (Cas d utilisation de r seau sans fil dynamique et s curis dans des environnements de coalition)

    Science.gov (United States)

    2015-05-01

    Provider Willingness 15 and Degree of Exposure STO-TR-IST-109 v vi STO-TR-IST-109 List of Acronyms CC Coloured Cloud CoI Community of...could be applied to the MANET connectivity scenario. In PCN terminology [4]2, an E-node3 advertises guarantees of bandwidth and other services of...its Coloured Cloud4 (CC). It will be equipped with Service-Level Agreement (SLA) management functions, including support for security and risk. In

  17. Securing Hadoop

    CERN Document Server

    Narayanan, Sudheesh

    2013-01-01

    This book is a step-by-step tutorial filled with practical examples which will focus mainly on the key security tools and implementation techniques of Hadoop security.This book is great for Hadoop practitioners (solution architects, Hadoop administrators, developers, and Hadoop project managers) who are looking to get a good grounding in what Kerberos is all about and who wish to learn how to implement end-to-end Hadoop security within an enterprise setup. It's assumed that you will have some basic understanding of Hadoop as well as be familiar with some basic security concepts.

  18. Grid Security

    CERN Multimedia

    CERN. Geneva

    2004-01-01

    The aim of Grid computing is to enable the easy and open sharing of resources between large and highly distributed communities of scientists and institutes across many independent administrative domains. Convincing site security officers and computer centre managers to allow this to happen in view of today's ever-increasing Internet security problems is a major challenge. Convincing users and application developers to take security seriously is equally difficult. This paper will describe the main Grid security issues, both in terms of technology and policy, that have been tackled over recent years in LCG and related Grid projects. Achievements to date will be described and opportunities for future improvements will be addressed.

  19. Changing Homeland Security: Ten Essential Homeland Security Books

    National Research Council Canada - National Science Library

    Bellavita, Christopher

    2007-01-01

    .... The list is personal and provisional. The discipline is too new to have a canon. We need to continuously examine what is signal and what is background noise in homeland security's academic environment...

  20. Learning with Security

    Science.gov (United States)

    Jokela, Paivi; Karlsudd, Peter

    2007-01-01

    The current higher education, both distance education and traditional campus courses, relies more and more on modern information and communication technologies (ICT). The use of computer systems and networks results in a wide range of security issues that must be dealt with in order to create a safe learning environment. In this work, we study the…

  1. Social Security.

    Science.gov (United States)

    Social and Labour Bulletin, 1983

    1983-01-01

    This group of articles discusses a variety of studies related to social security and retirement benefits. These studies are related to both developing and developed nations and are also concerned with studying work conditions and government role in administering a democratic social security system. (SSH)

  2. Security management

    International Nuclear Information System (INIS)

    Adams, H.W.

    1990-01-01

    Technical progress is moving more and more quickly and the systems thus produced are so complex and have become so unclear to the individual that he can no longer estimate the consequences: Faith in progress has given way to deep mistrust. Companies have adjusted to this change in consciousness. An interesting tendency can be identified: technical security is already available - now the organization of security has become an important objective for companies. The key message of the book is: If outworn technical systems are no longer adequate, the organization must be thoroughly overhauled. Five chapters deal with the following themes: organization as an aspect of society; risk control; aspects of security; is there security in ADP; the broader concept of security. (orig./HP) [de

  3. Computers, business, and security the new role for security

    CERN Document Server

    Schweitzer, James A

    1987-01-01

    Computers, Business, and Security: The New Role for Security addresses the professional security manager's responsibility to protect all business resources, with operating environments and high technology in mind. This book discusses the technological aspects of the total security programs.Organized into three parts encompassing 10 chapters, this book begins with an overview of how the developing information age is affecting business management, operations, and organization. This text then examines a number of vulnerabilities that arise in the process of using business computing and communicat

  4. Environment and security in the South China Sea region : the role of experts, non-governmental actors and governments in regime building processes

    OpenAIRE

    Næss, Tom

    1999-01-01

    Background: The Spratly islands in the South China Sea are today the focal point of a territorial dispute that represents a serious threat to the regional security in Southeast Asia. Six governments - China, Vietnam, Taiwan, the Philippines, Malaysia and Brunei - have laid claims to all or some of the more than 230 islets, reefs and shoals in the Spratly area. The Peoples Republic of China (PRC) is a key player in the South China Sea conflict. However, the South China Sea is not jus...

  5. INFORMATION SYSTEM SECURITY (CYBER SECURITY

    Directory of Open Access Journals (Sweden)

    Muhammad Siddique Ansari

    2016-03-01

    Full Text Available Abstract - Business Organizations and Government unequivocally relies on upon data to deal with their business operations. The most unfavorable impact on association is disappointment of friendship, goodness, trustworthiness, legitimacy and probability of data and administrations. There is an approach to ensure data and to deal with the IT framework's Security inside association. Each time the new innovation is made, it presents some new difficulties for the insurance of information and data. To secure the information and data in association is imperative on the grounds that association nowadays inside and remotely joined with systems of IT frameworks. IT structures are inclined to dissatisfaction and security infringement because of slips and vulnerabilities. These slips and vulnerabilities can be brought on by different variables, for example, quickly creating headway, human slip, poor key particulars, poor movement schedules or censuring the threat. Likewise, framework changes, new deserts and new strikes are a huge piece of the time displayed, which helpers augmented vulnerabilities, disappointments and security infringement all through the IT structure life cycle. The business went to the confirmation that it is essentially difficult to ensure a slip free, risk free and secure IT structure in perspective of the disfigurement of the disavowing security parts, human pass or oversight, and part or supplies frustration. Totally secure IT frameworks don't exist; just those in which the holders may have changing degrees of certainty that security needs of a framework are fulfilled do. The key viewpoints identified with security of data outlining are examined in this paper. From the start, the paper recommends pertinent legitimate structure and their duties including open association obligation, and afterward it returns to present and future time, system limits, structure security in business division. At long last, two key inadequacy markers

  6. Information security management handbook

    CERN Document Server

    Tipton, Harold F

    2006-01-01

    Access Control Systems and Methodology. Telecommunications and Network Security. Security Management Practices. Application Program Security. Cryptography. Computer, System, and Security Architecture. Operations Security. Business Continuity Planning and Disaster Recovery Planning. Law, Investigation and Ethics. Physical Security.

  7. Risky health environments: women sex workers' struggles to find safe, secure and non-exploitative housing in Canada's poorest postal code.

    Science.gov (United States)

    Lazarus, L; Chettiar, J; Deering, K; Nabess, R; Shannon, K

    2011-12-01

    This study explored low-income and transitional housing environments of women sex workers and their role in shaping agency and power in negotiating safety and sexual risk reduction in Vancouver, Canada. A series of 12 focus group discussions were conducted with 73 women currently involved in street-based sex work. These women were purposively sampled for a range of experiences living in low-income housing environments, including homeless shelters, transitional housing, and co-ed and women-only single-room occupancy (SRO) hotels. Drawing on the risk environment framework and theoretical constructs of gender, agency and power, analyses demonstrate that women continue to be vulnerable to violence and sexual and economic exploitation and have reduced ability to negotiate risk reduction resulting from the physical, structural and social environments of current dominant male-centred housing models. Within the physical environment, women described inhabitable housing conditions in SROs with infestations of bedbugs and rats, leading women to even more transitional housing options such as shelters and couch-surfing. In many cases, this resulted in their economic exploitation and increased sexual risk. Within the structural environment, enforcement of curfews and guest policies forced women to accept risky clients to meet curfew, or work outdoors where their ability to negotiate safety and condom use were limited. Certain policies promoted women's agency and mitigated their ability to reduce risks when selling sex. These included flexible curfews and being able to bring clients home. The social environments of co-ed single-room occupancy hotels resulted in repeated violence by male residents and discrimination by male building staff. Women-only shelters and SROs facilitated 'enabling environments' where women developed support systems with other working women that resulted in safer work practices. The narratives expressed in this study reveal the critical need for public

  8. The association of household food security, household characteristics and school environment with obesity status among off-reserve First Nations and Métis children and youth in Canada: results from the 2012 Aboriginal Peoples Survey.

    Science.gov (United States)

    Bhawra, Jasmin; Cooke, Martin J; Guo, Yanling; Wilk, Piotr

    2017-03-01

    Indigenous children are twice as likely to be classified as obese and three times as likely to experience household food insecurity when compared with non- Indigenous Canadian children. The purpose of this study was to explore the relationship between food insecurity and weight status among Métis and off-reserve First Nations children and youth across Canada. We obtained data on children and youth aged 6 to 17 years (n = 6900) from the 2012 Aboriginal Peoples Survey. We tested bivariate relationships using Pearson chi-square tests and used nested binary logistic regressions to examine the food insecurity-weight status relationship, after controlling for geography, household and school characteristics and cultural factors. Approximately 22% of Métis and First Nations children and youth were overweight, and 15% were classified as obese. Over 80% of the sample was reported as food secure, 9% experienced low food security and 7% were severely food insecure. Off-reserve Indigenous children and youth from households with very low food security were at higher risk of overweight or obese status; however, this excess risk was not independent of household socioeconomic status, and was reduced by controlling for household income, adjusted for household size. Negative school environment was also a significant predictor of obesity risk, independent of demographic, household and geographic factors. Both food insecurity and obesity were prevalent among the Indigenous groups studied, and our results suggest that a large proportion of children and youth who are food insecure are also overweight or obese. This study reinforces the importance of including social determinants of health, such as income, school environment and geography, in programs or policies targeting child obesity.

  9. Strategic information security

    CERN Document Server

    Wylder, John

    2003-01-01

    Introduction to Strategic Information SecurityWhat Does It Mean to Be Strategic? Information Security Defined The Security Professional's View of Information Security The Business View of Information SecurityChanges Affecting Business and Risk Management Strategic Security Strategic Security or Security Strategy?Monitoring and MeasurementMoving Forward ORGANIZATIONAL ISSUESThe Life Cycles of Security ManagersIntroductionThe Information Security Manager's Responsibilities The Evolution of Data Security to Information SecurityThe Repository Concept Changing Job Requirements Business Life Cycles

  10. Security Bingo

    CERN Multimedia

    Computer Security Team

    2011-01-01

    Want to check your security awareness and win one of three marvellous books on computer security? Just print out this page, mark which of the 25 good practices below you already follow, and send the sheet back to us by 31 October 2011 at either Computer.Security@cern.ch or P.O. Box G19710.   Winners[1] must show that they fulfil at least five good practices in a continuous vertical, horizontal or diagonal row. For details on CERN Computer Security, please consult http://cern.ch/security. I personally…   …am concerned about computer security. …run my computer with an anti-virus software and up-to-date signature files. …lock my computer screen whenever I leave my office. …have chosen a reasonably complex password. …have restricted access to all my files and data. …am aware of the security risks and threats to CERN’s computing facilities. &hell...

  11. The Water Security Hydra

    Science.gov (United States)

    Lall, U.

    2017-12-01

    As the editor of a new journal on water security, I have been pondering what it can mean theoretically and practically. At one level, it is pretty aobvious that it refers to the ability to affordably and reliably access water of appropriate quality, and to be protected from the water related ravages of nature, such as floods, droughts and water borne disease. The concept of water security can apply to a family, a company, a state or globally. Of course, since we value the environment, water security embraces the needs of the environment. Where, we consider economic development or energy production, water security also emerges as a critical factor. So, in short it touches almost all things about water that pertain to our lives. New stresses are created by a changing climate, growing populations and an ever changing society, economic activity and environment. Thus, if assuring water security is a goal at any of the scales of interest, many factors need to be considered, and what can really be assured, where and for how long emerges as an interesting question. Local (place, time, individuals, politics) as well as global (climate, economics, hydrology) factors interact to determine outcomes, not all of which are readily mapped in our mathematical or cognitive models to a functional notion of what constitutes security in the face of changing conditions and actors. Further, assurance implies going beyond characterization to developing actions, responses to stressors and risk mitigation strategies. How these perform in the short and long run, and what are the outcomes and strategies for impact mitigation in the event of failure then determines water security. Recognizing that providing assurance of water security has always been the goal of water management, regulation and development, perhaps the challenge is to understand what this means from the perspective of not just the "water managers" but the individuals who are the unwitting beneficiaries, or the instruments for

  12. RISKY HEALTH ENVIRONMENTS:WOMEN SEX WORKERS’ STRUGGLES TO FIND SAFE, SECURE AND NON-EXPLOITATIVE HOUSING IN CANADA’S POOREST POSTAL CODE

    Science.gov (United States)

    Lazarus, L; Chettiar, J; Deering, K; Nabess, R; Shannon, K

    2011-01-01

    This study explored low-income and transitional housing environments of women sex workers and their role in shaping agency and power in negotiating safety and sexual risk reduction in Vancouver, Canada. A series of 12 focus group discussions were conducted with 73 women currently involved in street-based sex work. These women were purposively sampled for a range of experiences living in low-income housing environments, including homeless shelters, transitional housing, and co-ed and women-only single room occupancy (SRO) hotels. Drawing on the risk environment framework and theoretical constructs of gender, agency and power, analyses demonstrate that women continue to be vulnerable to violence and sexual and economic exploitation and have reduced ability to negotiate risk reduction resulting from the physical, structural and social environments of current dominant male-centred housing models. Within the physical environment, women described inhabitable housing conditions in SROs with infestations of bedbugs and rats, leading women to even more transitional housing options such as shelters and couch-surfing. In many cases, this resulted in their economic exploitation and increased sexual risk. Within the structural environment, enforcement of curfews and guest policies forced women to accept risky clients to meet curfew, or work outdoors where their ability to negotiate safety and condom use were limited. Certain policies promoted women’s agency and mitigated their ability to reduce risks when selling sex. These included flexible curfews and being able to bring clients home. The social environments of co-ed single-room occupancy hotels resulted in repeated violence by male residents and discrimination by male building staff. Women-only shelters and SROs facilitated ‘enabling environments’ where women developed support systems with other working women that resulted in safer work practices. The narratives expressed in this study reveal the critical need for

  13. Securing Distributed Research

    CERN Multimedia

    CERN. Geneva

    2018-01-01

    Global science calls for global infrastructure. A typical large-scale research group will use a suite of international services and involve hundreds of collaborating institutes and users from around the world. How can these users access those services securely? How can their digital identities be established, verified and maintained? We will explore the motivation for distributed authentication and the ways in which research communities are addressing the challenges. We will discuss security incident response in distributed environments - a particular challenge for the operators of these infrastructures. Through this course you should gain an overview of federated identity technologies and protocols, including x509 certificates, SAML and OIDC.

  14. Nuclear security officer training

    International Nuclear Information System (INIS)

    Harrington, W.F.

    1981-01-01

    Training has become complex and precise in today's world of critical review and responsibility. Entrusted to a security officer is the success or demise of large business. In more critical environments the security officer is entrusted with the monitoring and protection of life sensitive systems and devices. The awareness of this high visibility training requirement has been addressed by a limited few. Those involved in the nuclear power industry through dedication and commitment to the American public have without a doubt become leading pioneers in demanding training excellence

  15. Computer security

    CERN Document Server

    Gollmann, Dieter

    2011-01-01

    A completely up-to-date resource on computer security Assuming no previous experience in the field of computer security, this must-have book walks you through the many essential aspects of this vast topic, from the newest advances in software and technology to the most recent information on Web applications security. This new edition includes sections on Windows NT, CORBA, and Java and discusses cross-site scripting and JavaScript hacking as well as SQL injection. Serving as a helpful introduction, this self-study guide is a wonderful starting point for examining the variety of competing sec

  16. Secure PVM

    Energy Technology Data Exchange (ETDEWEB)

    Dunigan, T.H.; Venugopal, N.

    1996-09-01

    This research investigates techniques for providing privacy, authentication, and data integrity to PVM (Parallel Virtual Machine). PVM is extended to provide secure message passing with no changes to the user`s PVM application, or, optionally, security can be provided on a message-by message basis. Diffe-Hellman is used for key distribution of a single session key for n-party communication. Keyed MD5 is used for message authentication, and the user may select from various secret-key encryption algorithms for message privacy. The modifications to PVM are described, and the performance of secure PVM is evaluated.

  17. Junos Security

    CERN Document Server

    Cameron, Rob; Giecco, Patricio; Eberhard, Timothy; Quinn, James

    2010-01-01

    Junos® Security is the complete and authorized introduction to the new Juniper Networks SRX hardware series. This book not only provides a practical, hands-on field guide to deploying, configuring, and operating SRX, it also serves as a reference to help you prepare for any of the Junos Security Certification examinations offered by Juniper Networks. Network administrators and security professionals will learn how to use SRX Junos services gateways to address an array of enterprise data network requirements -- including IP routing, intrusion detection, attack mitigation, unified threat manag

  18. Collective Security

    DEFF Research Database (Denmark)

    Galster, Kjeld

    in worldwide market conditions left perceptible ripples in Danish economy, budget discussions grew in importance over this period. The pacifist stance entailed disinclination to accept that the collective security concept and international treaties and accords signed by Denmark should necessitate credible...... and other international treaties provided arguments for adjusting the foreign and security policy ambitions, and since the general flux in worldwide market conditions left perceptible ripples in Danish economy, budget discussions grew in importance over this period. The pacifist stance entailed......Collective Security: National Egotism (Abstract) In Danish pre-World War I defence debate the notion of collective security is missing. During the early years of the 19th century, the political work is influenced by a pervasive feeling of rising tension and danger on the continent of Europe...

  19. Security Transformation

    National Research Council Canada - National Science Library

    Metz, Steven

    2003-01-01

    ... adjustment. With American military forces engaged around the world in both combat and stabilization operations, the need for rigorous and critical analysis of security transformation has never been greater...

  20. Security: A Catalyst for Sustainable Development | Solomon | African ...

    African Journals Online (AJOL)

    This paper explores intricate nexus between security, and the challenges of promoting sustainable development in a volatile environment. It conceptualises security, sustainable development, and volatile environment. The paper argues that the volatile environment in the country has led to security breaches and slowed ...

  1. European Security

    DEFF Research Database (Denmark)

    Møller, Bjørn

    Theoretical chapters on "Security", "Organisations" and "Regions," Historical Chapters on "Europe and Its Distinguishing Features" and on "The United Nations," "NATO," "The CSCE/OSCE and the Council of Europe" and "The European Union"......Theoretical chapters on "Security", "Organisations" and "Regions," Historical Chapters on "Europe and Its Distinguishing Features" and on "The United Nations," "NATO," "The CSCE/OSCE and the Council of Europe" and "The European Union"...

  2. 40 CFR 264.14 - Security.

    Science.gov (United States)

    2010-07-01

    ... 40 Protection of Environment 25 2010-07-01 2010-07-01 false Security. 264.14 Section 264.14... Standards § 264.14 Security. (a) The owner or operator must prevent the unknowing entry, and minimize the...) for discussion of security requirements at disposal facilities during the post-closure care period...

  3. 40 CFR 265.14 - Security.

    Science.gov (United States)

    2010-07-01

    ... 40 Protection of Environment 25 2010-07-01 2010-07-01 false Security. 265.14 Section 265.14... Facility Standards § 265.14 Security. (a) The owner or operator must prevent the unknowing entry, and...) for discussion of security requirements at disposal facilities during the post-closure care period...

  4. Two-stage Security Controls Selection

    NARCIS (Netherlands)

    Yevseyeva, I.; Basto, Fernandes V.; Moorsel, van A.; Janicke, H.; Michael, Emmerich T. M.

    2016-01-01

    To protect a system from potential cyber security breaches and attacks, one needs to select efficient security controls, taking into account technical and institutional goals and constraints, such as available budget, enterprise activity, internal and external environment. Here we model the security

  5. Computer-Based Testing: Test Site Security.

    Science.gov (United States)

    Rosen, Gerald A.

    Computer-based testing places great burdens on all involved parties to ensure test security. A task analysis of test site security might identify the areas of protecting the test, protecting the data, and protecting the environment as essential issues in test security. Protecting the test involves transmission of the examinations, identifying the…

  6. Nuclear security

    International Nuclear Information System (INIS)

    1991-12-01

    This paper reports that despite their crucial importance to national security, safeguards at the Department of Energy's (DOE) weapons facilities may be falling short. DOE security inspections have identified many weaknesses, including poor performance by members of DOE's security force, poor accountability for quantities of nuclear materials, and the inability of personnel to locate documents containing classified information. About 13 percent of the 2,100 identified weakness resulted in DOE inspectors giving out unsatisfactory security ratings; another 38 percent led to marginal ratings. In addition, DOE's centralized safeguards and security information tracking system lacks current data on whether DOE field offices have corrected the identified weaknesses. Without reliable information, DOE has no way of knowing whether timely action was taken to correct problems, nor can it determine whether weaknesses are systematic. DOE has tried to minimize the impact of these security weaknesses at its facilities by establishing multiple layers of protection measures and instituting interim and compensatory measures for identified weaknesses. DOE is planning enhancements to the centralized tracking system that should improve its reliability and increase its effectiveness

  7. FOOD SECURITY

    Directory of Open Access Journals (Sweden)

    Dorina Ardelean

    2013-12-01

    Full Text Available The assurance of food security at the individual level doesn’t implicitly provide for the one at family level as the concepts of hunger, malnutrition and food insecurity are the steps of the same process of access restricted to a sufficient supply of food. In order to achieve food security at the individual level the following is necessary: ensuring food availability (production, reserve stocks; redistribution of food availability within the country or out through international exchanges; effective access of the population to purchase food consumer goods, by ensuring its effective demand as required. Food security of families (FFS is required for assuring individual food security (IFS, but it is not sufficient because the food available may be unevenly distributed between family members. National food security (NFS corresponds to the possibilities that different countries have to ensure both FFS and IFS without sacrificing other important objectives. Under the name of GAS is defined the global food security which represents permanent access for the entire population of the globe to the necessary food for a healthy and active life.

  8. About Security Solutions in Fog Computing

    Directory of Open Access Journals (Sweden)

    Eugen Petac

    2016-01-01

    Full Text Available The key for improving a system's performance, its security and reliability is to have the dataprocessed locally in remote data centers. Fog computing extends cloud computing through itsservices to devices and users at the edge of the network. Through this paper it is explored the fogcomputing environment. Security issues in this area are also described. Fog computing providesthe improved quality of services to the user by complementing shortages of cloud in IoT (Internet ofThings environment. Our proposal, named Adaptive Fog Computing Node Security Profile(AFCNSP, which is based security Linux solutions, will get an improved security of fog node withrich feature sets.

  9. Vehicular ad hoc network security and privacy

    CERN Document Server

    Lin, X

    2015-01-01

    Unlike any other book in this area, this book provides innovative solutions to security issues, making this book a must read for anyone working with or studying security measures. Vehicular Ad Hoc Network Security and Privacy mainly focuses on security and privacy issues related to vehicular communication systems. It begins with a comprehensive introduction to vehicular ad hoc network and its unique security threats and privacy concerns and then illustrates how to address those challenges in highly dynamic and large size wireless network environments from multiple perspectives. This book is richly illustrated with detailed designs and results for approaching security and privacy threats.

  10. MELTER: A model of the thermal response of cargos transported in the Safe-Secure Trailer subject to fire environments for risk assessment applications

    International Nuclear Information System (INIS)

    Larsen, M.E.

    1994-08-01

    MELTER is an analysis of cargo responses inside a fire-threatened Safe-Secure Trailer (SST) developed for the Defense Program Transportation Risk Assessment (DPTRA). Many simplifying assumptions are required to make the subject problem tractable. MELTER incorporates modeling which balances the competing requirements of execution speed, generality, completeness of essential physics, and robustness. Input parameters affecting the analysis include those defining the fire scenario, those defining the cargo loaded in the SST, and those defining properties of the SST. For a specified fire, SST, and cargo geometry MELTER predicts the critical fire duration that will lead to a failure. The principal features of the analysis include: (a) Geometric considerations to interpret fire-scenario descriptors in terms of a thermal radiation boundary condition, (b) a simple model of the SST's wall combining the diffusion model for radiation through optically-thick media with an endothermic reaction front to describe the charring of dimensional, rigid foam in the SST wall, (c) a transient radiation enclosure model, (d) a one-dimensional, spherical idealization of the shipped cargos providing modularity so that cargos of interest can be inserted into the model, and (e) associated numerical methods to integrate coupled, differential equations and find roots

  11. Description and evaluation of a serious game intervention to engage low secure service users with serious mental illness in the design and refurbishment of their environment.

    Science.gov (United States)

    Fitzgerald, M M; Kirk, G D; Bristow, C A

    2011-05-01

    Service user involvement in all levels of healthcare provision is the expectation of UK government policy. Involvement should not only include participation in the planning and delivery of health care but also the exercise of choice and opinions about that care. In practice, however, service user engagement is most often tokenistic, involving post hoc consultation over plans already committed to by services. This paper explores an Occupational Therapy-led initiative to use the Serious Game format to engage low secure service users with serious mental illness in the design, layout and refurbishment of their unit. Among other things how medication was to be dispensed on the new unit was explored by this game and led to significant replanning in response to service user involvement. The game format was found to be a useful tool in facilitating communication between professionals and a traditionally marginalized and powerless client group. It enabled service users to have a voice, it provided a format for that voice to be heard and made possible service-led change in the planning process. © 2010 Blackwell Publishing.

  12. Multi-Level Secure Local Area Network

    OpenAIRE

    Naval Postgraduate School (U.S.); Center for Information Systems Studies Security and Research (CISR)

    2011-01-01

    Multi-Level Secure Local Area Network is a cost effective, multi-level, easy to use office environment leveraging existing high assurance technology. The Department of Defense and U.S. Government have an identified need to securely share information classified at differing security levels. Because there exist no commercial solutions to this problem, NPS is developing a MLS LAN. The MLS LAN extends high assurance capabilities of an evaluated multi-level secure system to commercial personal com...

  13. DIRAC Security

    CERN Document Server

    Casajús Ramo, A

    2006-01-01

    DIRAC is the LHCb Workload and Data Management System. Based on a service-oriented architecture, it enables generic distributed computing with lightweight Agents and Clients for job execution and data transfers. DIRAC implements a client-server architecture exposing server methods through XML Remote Procedure Call (XML-RPC) protocol. DIRAC is mostly coded in python. DIRAC security infrastructure has been designed to be a completely generic XML-RPC transport over a SSL tunnel. This new security layer is able to handle standard X509 certificates as well as grid-proxies to authenticate both sides of the connection. Serve and client authentication relies over OpenSSL and py-Open SSL, but to be able to handle grid proxies some modifications have been added to those libraries. DIRAC security infrastructure handles authorization and authorization as well as provides extended capabilities like secure connection tunneling and file transfer. Using this new security infrastructure all LHCb users can safely make use o...

  14. About Security in Contemporary World

    Directory of Open Access Journals (Sweden)

    Ladislav Hofreiter

    2015-06-01

    Full Text Available The task to ensure security in contemporary world is a complicated political, scientific-technological and socio-economic problem. As the security itself is complicated, multifactor and hierarchized phenomen also its investigation has to be of an interdisciplinary character. The character of security environment, the character of security risks and threats and also the character of tools for their elimination are essentially changing. The basis to security of social subject consisted in arrangement of the conditions for their existence, to surviving in the present time and advancement into the future. Assurance of this condition means it provided ability to the social subjects to eliminated threats that are defined. In situations of asymmetrical security, the threats are not always clearly defined. They often consist of their own structure systems, in relationships and status the subjects of internationals relations. Asymmetrical of security, by our opinion, presents a discrepancy, unbalance, non-parity between subjects of the international security environment. The unbalance, discrepancy, non-parity has political, military, economic, law, social and societal dimensions.

  15. The new strategic balance and cooperative security

    International Nuclear Information System (INIS)

    Simpson, J.

    1995-01-01

    The new strategic balance and cooperative security in the world now is discussed including the following issues: strategic balances and the features of the old strategic environment; the main characteristics of the new political and security environment; the future role of nuclear weapons; the role of arms limitation agreements

  16. Securing wireless communications at the physical layer

    CERN Document Server

    Liu, Ruoheng

    2009-01-01

    Throughout this book there is an underlying theme that the rich multipath environment that is typical of wireless scenarios supports the establishment of new security services at the physical layer, including new mechanisms that establish cryptographic keys, that support communication with assured confidentiality, and that can authenticate transmitters in mobile environments. The book takes a holistic approach to covering topics related to physical layer security solutions, with contributions ranging from the theoretical underpinnings behind secure communications to practical systems validatio

  17. Moving towards Cloud Security

    OpenAIRE

    Edit Szilvia Rubóczki; Zoltán Rajnai

    2015-01-01

    Cloud computing hosts and delivers many different services via Internet. There are a lot of reasons why people opt for using cloud resources. Cloud development is increasing fast while a lot of related services drop behind, for example the mass awareness of cloud security. However the new generation upload videos and pictures without reason to a cloud storage, but only few know about data privacy, data management and the proprietary of stored data in the cloud. In an enterprise environment th...

  18. Privatising Security

    Directory of Open Access Journals (Sweden)

    Irina Mindova-Docheva

    2016-06-01

    Full Text Available The article proposes an analysis of the different approaches towards employing the international legal framework in the regulation and oversight of private military and security companies’ operation in armed conflicts and in peace time security systems. It proposes a partnership-based approach for public and private actors aiming at creating and sharing common values under the principles of solidarity, protection of human rights and rule of law. A focus of further research should be the process of shaping those common values.

  19. Artificial neural networks contribution to the operational security of embedded systems. Artificial neural networks contribution to fault tolerance of on-board functions in space environment

    International Nuclear Information System (INIS)

    Vintenat, Lionel

    1999-01-01

    A good quality often attributed to artificial neural networks is fault tolerance. In general presentation works, this property is almost always introduced as 'natural', i.e. being obtained without any specific precaution during learning. Besides, space environment is known to be aggressive towards on-board hardware, inducing various abnormal operations. Particularly, digital components suffer from upset phenomenon, i.e. misplaced switches of memory flip-flops. These two observations lead to the question: would neural chips constitute an interesting and robust solution to implement some board functions of spacecrafts? First, the various aspects of the problem are detailed: artificial neural networks and their fault tolerance, neural chips, space environment and resulting failures. Further to this presentation, a particular technique to carry out neural chips is selected because of its simplicity, and especially because it requires few memory flip-flops: random pulse streams. An original method for star recognition inside a field-of-view is then proposed for the board function 'attitude computation'. This method relies on a winner-takes-all competition network, and on a Kohonen self-organized map. An hardware implementation of those two neural models is then proposed using random pulse streams. Thanks to this realization, on one hand difficulties related to that particular implementation technique can be highlighted, and on the other hand a first evaluation of its practical fault tolerance can be carried out. (author) [fr

  20. OpenLabs Security Laboratory - The Online Security Experiment Platform

    OpenAIRE

    Johan Zackrisson; Charlie Svahnberg

    2008-01-01

    For experiments to be reproducible, it is important to have a known and controlled environment. This requires isolation from the surroundings. For security experiments, e.g. with hostile software, this is even more important as the experiment can affect the environment in adverse ways. In a normal campus laboratory, isolation can be achieved by network separation. For an online environment, where remote control is essential, separation and isolation are still needed, and therefore the securit...

  1. Information Security Issues in a Digital Library Environment: A Literature Review = Dijital Kütüphane Ortamında Bilgi Güvenliği Sorunları: Literatür Değerlendirmesi

    Directory of Open Access Journals (Sweden)

    Anday, Audrey

    2012-01-01

    Full Text Available This paper aimed to explore the literature on security issues that digital libraries should consider in managing digital resources. Books on information security and network security were consulted as well as several databases such as ERIC, Ebrary, LISA, Science Direct, EbscoHost, ISI, Google Scholar, ProQuest, Emerald Insight, ACM were searched to understand what particular aspect of information security and privacy in digital libraries exist from 2000 - 2010. Security in digital libraries is an issue of the most important, and should be considered carefully in creating policies and strategic plans of institutions wanting to set up a digital library. This paper focused on the four main streams that concerns security in the digital environment, namely: infrastructure, digital content, users and standards and legal issues. This literature review also built upon previous literature reviews, and is one of the few of its kind in the topic. / Bu çalışma dijital kütüphanelerin kaynakların yönetiminde göz önünde bulundurmasıgereken güvenlik sorunlarına ilişkin literatürü ortaya koymayı amaçlamaktadır. Bilgi Güvenliği, Ağ Güvenliği, Kişisel Gizlilik konuları üzerine 2000 - 2010 yıl aralığını kapsayan kitaplar ve makaleler ERIC, Ebrary, LISA, Science Direct, EbscoHost, ISI, Google Akademik, ProQuest, Emerald Insight ve ACM gibi çeşitli veri tabanlarından taranmıştır. İncelenen literatürden elde edilen sonuçlara göre,bilgi güvenliği dijital kütüphaneler için son derece önemli bir konudur ve dijitalleşme sürecinde bir kütüphane, güvenlik politikalarını ve stratejik planlarını dikkatle göz önünde bulundurmalıdır. Bu araştırmada dijital ortamda güvenliği ilgilendiren Altyapı, Dijital İçerik, Kullanıcılar, Standartlar ve Hukuki Konular olmak üzere dört ana madde üzerinde durulmuştur. Bu çalışma ayrıca daha önceki literatür taramalarını da kapsamaktadır.

  2. Information Security

    NARCIS (Netherlands)

    Hartel, Pieter H.; Suryana Herman, Nanna; Leukfeldt, E.R.; Stol, W.Ph.

    2012-01-01

    Information security is all about the protection of digital assets, such as digital content, personal health records, state secrets etc. These assets can be handled by a party who is authorised to access and control the asset or a party who is not authorised to do so. Authorisation determines who is

  3. Food security

    NARCIS (Netherlands)

    Ridder, M. de

    2011-01-01

    Food security is back on the agenda as a top priority for policy makers. In January 2011, record high food prices resulted in protests in Tunisia, which subsequently led to the spread of the revolutions in other North African and Middle Eastern countries. Although experts have asserted that no

  4. The Connotation and Extension of Agricultural Water Resources Security

    Institute of Scientific and Technical Information of China (English)

    LIU Bu-chun; MEI Xu-rong; LI Yu-zhong; YANG You-lu

    2007-01-01

    The objective of this study is to define agricultural water resources security and its connotation and extension. The definitions of water security, water resources security, and water environment security were summarized, and their relationship was differentiated and analyzed. Based on these, the elements of the conception of agricultural water resources security were hashed and the conception was defined. Agricultural water resources security is the provision of water resource that ensures protection of agriculture against threat, hazards, destruction, and loss. Moreover, the connotation and extension of agricultural water resources security were ascertained. In detail, the connotation of the definition has natural attributes, socioeconomic attributes, and cultural attributes. The extensions of agricultural water resources security include both broad and narrow ones, as well as, food security, agroenvironmental security, agroeconomic security, rural society security, etc. The definition will serve as the frame of reference for developing the researches, limiting the frame of the theory, and founding a appraising system for agricultural water resources security.

  5. Security Architecture of Cloud Computing

    OpenAIRE

    V.KRISHNA REDDY; Dr. L.S.S.REDDY

    2011-01-01

    The Cloud Computing offers service over internet with dynamically scalable resources. Cloud Computing services provides benefits to the users in terms of cost and ease of use. Cloud Computing services need to address the security during the transmission of sensitive data and critical applications to shared and public cloud environments. The cloud environments are scaling large for data processing and storage needs. Cloud computing environment have various advantages as well as disadvantages o...

  6. Security Problems in Cloud Computing

    Directory of Open Access Journals (Sweden)

    Rola Motawie

    2016-12-01

    Full Text Available Cloud is a pool of computing resources which are distributed among cloud users. Cloud computing has many benefits like scalability, flexibility, cost savings, reliability, maintenance and mobile accessibility. Since cloud-computing technology is growing day by day, it comes with many security problems. Securing the data in the cloud environment is most critical challenges which act as a barrier when implementing the cloud. There are many new concepts that cloud introduces, such as resource sharing, multi-tenancy, and outsourcing, create new challenges for the security community. In this work, we provide a comparable study of cloud computing privacy and security concerns. We identify and classify known security threats, cloud vulnerabilities, and attacks.

  7. Secure computing on reconfigurable systems

    OpenAIRE

    Fernandes Chaves, R.J.

    2007-01-01

    This thesis proposes a Secure Computing Module (SCM) for reconfigurable computing systems. SC provides a protected and reliable computational environment, where data security and protection against malicious attacks to the system is assured. SC is strongly based on encryption algorithms and on the attestation of the executed functions. The use of SC on reconfigurable devices has the advantage of being highly adaptable to the application and the user requirements, while providing high performa...

  8. AUTOMATING THE DATA SECURITY PROCESS

    OpenAIRE

    Florin Ogigau-Neamtiu

    2017-01-01

    Contemporary organizations face big data security challenges in the cyber environment due to modern threats and actual business working model which relies heavily on collaboration, data sharing, tool integration, increased mobility, etc. The nowadays data classification and data obfuscation selection processes (encryption, masking or tokenization) suffer because of the human implication in the process. Organizations need to shirk data security domain by classifying information based on its...

  9. Resilient Infrastructure and Building Security

    DEFF Research Database (Denmark)

    Ingwar, Mads Ingerslew

    inference. Persistent authentication offers an effective integrated protection measure that is distributed directly in the facility and is non-intrusive to the public and affordable to the facility owners. Persistent authentication is suitable for security sensitive applications and can help protect...... to authentication that combines traditional access control systems with the sensing technologies and tracking capabilities offered by smart environments. Our approach is called Persistent Authentication for Location-based Services. Persistent authentication enables the secure provision of location-based services...

  10. Simple & Secure: Attitude and behaviour towards security and usability in internet products and services at home

    NARCIS (Netherlands)

    Wolthuis, R.; Broenink, E.G.; Fransen, F.; Schultz, S.; Vries, A. de

    2010-01-01

    This paper is the result of research on the security perception of users in ICT services and equipment. We analyze the rationale of users to have an interest in security and to decide to change security parameters of equipment and services. We focus on the home environment, where more and more

  11. Security challenges for virtualization in cloud

    International Nuclear Information System (INIS)

    Tayab, A.

    2015-01-01

    Virtualization is a model that is vastly growing in IT industry. Virtualization provides more than one logical resource in one single physical machine. Infrastructure use cloud services and on behalf of virtualization, cloud computing is also a rapidly growing model of IT industry. Cloud provider and cloud user, both remain ignorant of each other's security. Since virtualization and cloud computing are rapidly expanding and becoming more and more complex in infrastructure, more security is required to protect them from potential attacks and security threats. Virtualization provides various benefits in terms of hardware utilization, resources protection, remote access and other resources. This paper intends to discuss the common exploits of security uses in the virtualized environment and focuses on the security threats from the attacker's perspective. This paper discuss the major areas of virtualized model environment and also address the security concerns. And finally presents a solution for secure valorization in IT infrastructure and to protect inter communication of virtual machines. (author)

  12. Transboundary natural area protection: Broadening the definition of national security

    Science.gov (United States)

    Haven B. Cook

    2007-01-01

    This paper looks at the definition and concept of national security, and examines how the environment is linked with national security. The traditional, state view of national security that guides most foreign policy includes the concepts of military power, sovereignty and geopolitical stability. This paper advocates broadening the definition of security to include...

  13. Computer Security: the security marathon

    CERN Multimedia

    Computer Security Team

    2014-01-01

    If you believe that “security” is a sprint, that a quick hack is invulnerable, that quick bug fixing is sufficient, that plugging security measures on top of existing structures is good, that once you are secure your life will be easy... then let me convince you otherwise.   An excellent example of this is when the summer students join us at CERN. As the summer period is short, software projects must be accomplished quickly, like a sprint. Rush, rush! But often, this sprint ends with aching muscles. Regularly, these summer students approach us to have their project or web server made visible to the Internet. Regularly, quick security reviews of those web servers diagnose severe underperformance with regards to security: the web applications are flawed or use insecure protocols; the employed software tools, databases or web frameworks are sub-optimal and not adequately chosen for that project; the operating system is non-standard and has never been brought up-to-date; and ...

  14. Security Administration Reports Application

    Data.gov (United States)

    Social Security Administration — Contains SSA Security Reports that allow Information Security Officers (ISOs) to access, review and take appropriate action based on the information contained in the...

  15. Mobile code security

    Science.gov (United States)

    Ramalingam, Srikumar

    2001-11-01

    A highly secure mobile agent system is very important for a mobile computing environment. The security issues in mobile agent system comprise protecting mobile hosts from malicious agents, protecting agents from other malicious agents, protecting hosts from other malicious hosts and protecting agents from malicious hosts. Using traditional security mechanisms the first three security problems can be solved. Apart from using trusted hardware, very few approaches exist to protect mobile code from malicious hosts. Some of the approaches to solve this problem are the use of trusted computing, computing with encrypted function, steganography, cryptographic traces, Seal Calculas, etc. This paper focuses on the simulation of some of these existing techniques in the designed mobile language. Some new approaches to solve malicious network problem and agent tampering problem are developed using public key encryption system and steganographic concepts. The approaches are based on encrypting and hiding the partial solutions of the mobile agents. The partial results are stored and the address of the storage is destroyed as the agent moves from one host to another host. This allows only the originator to make use of the partial results. Through these approaches some of the existing problems are solved.

  16. Nuclear security

    International Nuclear Information System (INIS)

    1991-07-01

    This paper reports that despite an Executive Order limiting the authority to make original classification decisions to government officials, DOE has delegated this authority to a number of contractor employees. Although the number of original classification decisions made by these contractors is small, this neither negates nor diminishes the significance of the improper delegation of authority. If misclassification were to occur, particularly at the Top Secret level, U.S. national security interests could potentially be seriously affected and threatened. DOE's argument that the delegation of such authority is a long-standing policy and done on a selective basis does not legitimize the practice and does not relieve DOE of its responsibility to meet the requirements of the Executive Order. DOE needs to independently assess all original classification determinations made by contractors; otherwise, it cannot be sure that U.S. national security interests have been or are being adequately protected

  17. Security seal

    Science.gov (United States)

    Gobeli, Garth W.

    1985-01-01

    Security for a package or verifying seal in plastic material is provided by a print seal with unique thermally produced imprints in the plastic. If tampering is attempted, the material is irreparably damaged and thus detectable. The pattern of the imprints, similar to "fingerprints" are recorded as a positive identification for the seal, and corresponding recordings made to allow comparison. The integrity of the seal is proved by the comparison of imprint identification records made by laser beam projection.

  18. Security system

    Science.gov (United States)

    Baumann, Mark J.; Kuca, Michal; Aragon, Mona L.

    2016-02-02

    A security system includes a structure having a structural surface. The structure is sized to contain an asset therein and configured to provide a forceful breaching delay. The structure has an opening formed therein to permit predetermined access to the asset contained within the structure. The structure includes intrusion detection features within or associated with the structure that are activated in response to at least a partial breach of the structure.

  19. Control system security in nuclear power plant

    International Nuclear Information System (INIS)

    Li Jianghai; Huang Xiaojin

    2012-01-01

    The digitalization and networking of control systems in nuclear power plants has brought significant improvements in system control, operation and maintenance. However, the highly digitalized control system also introduces additional security vulnerabilities. Moreover, the replacement of conventional proprietary systems with common protocols, software and devices makes these vulnerabilities easy to be exploited. Through the interaction between control systems and the physical world, security issues in control systems impose high risks on health, safety and environment. These security issues may even cause damages of critical infrastructures and threaten national security. The importance of control system security by reviewing several control system security incidents that happened in nuclear power plants was showed in recent years. Several key difficulties in addressing these security issues were described. Finally, existing researches on control system security and propose several promising research directions were reviewed. (authors)

  20. Information Security and Integrity Systems

    Science.gov (United States)

    1990-01-01

    Viewgraphs from the Information Security and Integrity Systems seminar held at the University of Houston-Clear Lake on May 15-16, 1990 are presented. A tutorial on computer security is presented. The goals of this tutorial are the following: to review security requirements imposed by government and by common sense; to examine risk analysis methods to help keep sight of forest while in trees; to discuss the current hot topic of viruses (which will stay hot); to examine network security, now and in the next year to 30 years; to give a brief overview of encryption; to review protection methods in operating systems; to review database security problems; to review the Trusted Computer System Evaluation Criteria (Orange Book); to comment on formal verification methods; to consider new approaches (like intrusion detection and biometrics); to review the old, low tech, and still good solutions; and to give pointers to the literature and to where to get help. Other topics covered include security in software applications and development; risk management; trust: formal methods and associated techniques; secure distributed operating system and verification; trusted Ada; a conceptual model for supporting a B3+ dynamic multilevel security and integrity in the Ada runtime environment; and information intelligence sciences.

  1. Potential risks and threats to international security

    Directory of Open Access Journals (Sweden)

    Iurie RICHICINSCHI

    2016-12-01

    Full Text Available Today we can ascertain with certainty that in the early part of the 21st century, the challenges addressed to the current security environment tend to become increasingly diffuse, less predictable and multidimensional, being both a feature of external security, as well as an internal one and, of course, becoming an indispensable part of security policies and strategies. Therefore, the need for international cooperation as a foundation for the stability of the security environment has increased. It should provide a sense of trust and peace by ensuring the absence of danger both for the individual and for the community to which he belongs.

  2. Security studies

    International Nuclear Information System (INIS)

    Venot, R.

    2001-01-01

    Full text: Security studies constitute one of the major tools for evaluating the provisions implemented at facilities to protect and control Nuclear Material against unauthorized removal. Operators use security studies to demonstrate that they are complying with objectives set by the Competent Authority to counter internal or external acts aimed at unauthorized removal of NM. The paper presents the context of security studies carried out in France. The philosophy of these studies is based on a postulated unauthorized removal of NM and the study of the behavior of the systems implemented to control and protect NM in a facility. The potential unauthorized removal of NM usually may take place in two stages. The first stage involves the sequence leading to handling of the NM. It occurs inside the physical barriers of a facility and may include action involving the documents corresponding to Material Control and Accounting systems. At this stage it is possible to limit the risk of unauthorized removal of NM by means of detection capabilities of the MC and A systems. The second stage is more specific to theft and involves removing the NM out of the physical barriers of a facility in which they are being held, notably by affecting the Physical Protection System. Operators have to study, from a quantity and time lapse point of view, the ability of the installed systems to detect unauthorized removal, as well as the possibility of tampering with the systems to mask unlawful operations. Operators have also to analyze the sequences during which NM are accessed, removed from their containment and further removed from the facility in which they are stored. At each stage in the process, the probability of detection and the time taken to carry out the above actions have to be estimated. Of course, these two types of studies complement each other. Security studies have begun, in France, for more than fifteen years. Up to now more than fifty security studies are available in the

  3. National Cyber Security Policy

    Indian Academy of Sciences (India)

    National Cyber Security Policy. Salient Features: Caters to ... Creating a secure cyber ecosystem. Creating an assurance framework. Encouraging Open Standards. Strengthening the Regulatory framework. Creating mechanisms for security threat early warning, vulnerability management and response to security threats.

  4. Statistical security for Social Security.

    Science.gov (United States)

    Soneji, Samir; King, Gary

    2012-08-01

    The financial viability of Social Security, the single largest U.S. government program, depends on accurate forecasts of the solvency of its intergenerational trust fund. We begin by detailing information necessary for replicating the Social Security Administration's (SSA's) forecasting procedures, which until now has been unavailable in the public domain. We then offer a way to improve the quality of these procedures via age- and sex-specific mortality forecasts. The most recent SSA mortality forecasts were based on the best available technology at the time, which was a combination of linear extrapolation and qualitative judgments. Unfortunately, linear extrapolation excludes known risk factors and is inconsistent with long-standing demographic patterns, such as the smoothness of age profiles. Modern statistical methods typically outperform even the best qualitative judgments in these contexts. We show how to use such methods, enabling researchers to forecast using far more information, such as the known risk factors of smoking and obesity and known demographic patterns. Including this extra information makes a substantial difference. For example, by improving only mortality forecasting methods, we predict three fewer years of net surplus, $730 billion less in Social Security Trust Funds, and program costs that are 0.66% greater for projected taxable payroll by 2031 compared with SSA projections. More important than specific numerical estimates are the advantages of transparency, replicability, reduction of uncertainty, and what may be the resulting lower vulnerability to the politicization of program forecasts. In addition, by offering with this article software and detailed replication information, we hope to marshal the efforts of the research community to include ever more informative inputs and to continue to reduce uncertainties in Social Security forecasts.

  5. Network security

    CERN Document Server

    Perez, André

    2014-01-01

    This book introduces the security mechanisms deployed in Ethernet, Wireless-Fidelity (Wi-Fi), Internet Protocol (IP) and MultiProtocol Label Switching (MPLS) networks. These mechanisms are grouped throughout the book according to the following four functions: data protection, access control, network isolation, and data monitoring. Data protection is supplied by data confidentiality and integrity control services. Access control is provided by a third-party authentication service. Network isolation is supplied by the Virtual Private Network (VPN) service. Data monitoring consists of applying

  6. Information Security

    OpenAIRE

    2005-01-01

    Information security is all about the protection of digital assets, such as digital content, personal health records, state secrets etc. These assets can be handled by a party who is authorised to access and control the asset or a party who is not authorised to do so. Authorisation determines who is trusted to actually handle an asset. Two concepts complement authorisation. Authentication deter-mines who makes a request to handle an asset. To decide who is authorised, a system needs to au-the...

  7. Understanding the security management practices of humanitarian organizations.

    Science.gov (United States)

    Bollettino, Vincenzo

    2008-06-01

    Humanitarian organisations operate in increasingly hostile environments. Although authoritative statistics are scarce, anecdotal evidence suggests that aid workers face life-threatening risks that are exacerbated by the growing number of humanitarian organisations operating in the field, the diversity of their mandates, the lack of common professional security standards, and limited success in inter-agency security coordination. Despite broad acceptance of the need for better security management and coordination, many humanitarian organisations remain ambivalent about devoting increased resources to security management and security coordination. A critical lack of basic empirical knowledge of the field security environment hampers efforts to enhance security management practices. The absence of a systematic means of sharing incident data undermines the capacity of the humanitarian community to address proactively security threats. In discussions about humanitarian staff safety and security, the least common denominator remains cumulative anecdotal evidence provided by the many security personnel working for humanitarian organisations in the feld.

  8. Privacy and security in teleradiology

    International Nuclear Information System (INIS)

    Ruotsalainen, Pekka

    2010-01-01

    Teleradiology is probably the most successful eHealth service available today. Its business model is based on the remote transmission of radiological images (e.g. X-ray and CT-images) over electronic networks, and on the interpretation of the transmitted images for diagnostic purpose. Two basic service models are commonly used teleradiology today. The most common approach is based on the message paradigm (off-line model), but more developed teleradiology systems are based on the interactive use of PACS/RIS systems. Modern teleradiology is also more and more cross-organisational or even cross-border service between service providers having different jurisdictions and security policies. This paper defines the requirements needed to make different teleradiology models trusted. Those requirements include a common security policy that covers all partners and entities, common security and privacy protection principles and requirements, controlled contracts between partners, and the use of security controls and tools that supporting the common security policy. The security and privacy protection of any teleradiology system must be planned in advance, and the necessary security and privacy enhancing tools should be selected (e.g. strong authentication, data encryption, non-repudiation services and audit-logs) based on the risk analysis and requirements set by the legislation. In any case the teleradiology system should fulfil ethical and regulatory requirements. Certification of the whole teleradiology service system including security and privacy is also proposed. In the future, teleradiology services will be an integrated part of pervasive eHealth. Security requirements for this environment including dynamic and context aware security services are also discussed in this paper.

  9. Privacy and security in teleradiology

    Energy Technology Data Exchange (ETDEWEB)

    Ruotsalainen, Pekka [National Institute for Health and Welfare, Helsinki (Finland)], E-mail: pekka.ruotsalainen@THL.fi

    2010-01-15

    Teleradiology is probably the most successful eHealth service available today. Its business model is based on the remote transmission of radiological images (e.g. X-ray and CT-images) over electronic networks, and on the interpretation of the transmitted images for diagnostic purpose. Two basic service models are commonly used teleradiology today. The most common approach is based on the message paradigm (off-line model), but more developed teleradiology systems are based on the interactive use of PACS/RIS systems. Modern teleradiology is also more and more cross-organisational or even cross-border service between service providers having different jurisdictions and security policies. This paper defines the requirements needed to make different teleradiology models trusted. Those requirements include a common security policy that covers all partners and entities, common security and privacy protection principles and requirements, controlled contracts between partners, and the use of security controls and tools that supporting the common security policy. The security and privacy protection of any teleradiology system must be planned in advance, and the necessary security and privacy enhancing tools should be selected (e.g. strong authentication, data encryption, non-repudiation services and audit-logs) based on the risk analysis and requirements set by the legislation. In any case the teleradiology system should fulfil ethical and regulatory requirements. Certification of the whole teleradiology service system including security and privacy is also proposed. In the future, teleradiology services will be an integrated part of pervasive eHealth. Security requirements for this environment including dynamic and context aware security services are also discussed in this paper.

  10. Privacy and security in teleradiology.

    Science.gov (United States)

    Ruotsalainen, Pekka

    2010-01-01

    Teleradiology is probably the most successful eHealth service available today. Its business model is based on the remote transmission of radiological images (e.g. X-ray and CT-images) over electronic networks, and on the interpretation of the transmitted images for diagnostic purpose. Two basic service models are commonly used teleradiology today. The most common approach is based on the message paradigm (off-line model), but more developed teleradiology systems are based on the interactive use of PACS/RIS systems. Modern teleradiology is also more and more cross-organisational or even cross-border service between service providers having different jurisdictions and security policies. This paper defines the requirements needed to make different teleradiology models trusted. Those requirements include a common security policy that covers all partners and entities, common security and privacy protection principles and requirements, controlled contracts between partners, and the use of security controls and tools that supporting the common security policy. The security and privacy protection of any teleradiology system must be planned in advance, and the necessary security and privacy enhancing tools should be selected (e.g. strong authentication, data encryption, non-repudiation services and audit-logs) based on the risk analysis and requirements set by the legislation. In any case the teleradiology system should fulfil ethical and regulatory requirements. Certification of the whole teleradiology service system including security and privacy is also proposed. In the future, teleradiology services will be an integrated part of pervasive eHealth. Security requirements for this environment including dynamic and context aware security services are also discussed in this paper. Copyright (c) 2009 Elsevier Ireland Ltd. All rights reserved.

  11. China's energy security and strategic choices

    International Nuclear Information System (INIS)

    Pellistrandi, J.

    2010-01-01

    Considering the present day international political and economical situation, China's energy security covers five important aspects: energy supplies security, energy prices security, environment security with respect to energy consumption, energy transport security, R and D security in the domain of energy resources exploration, exploitation and utilisation. Considering the above-mentioned aspects, China's strategic choices should include five major goals: counting on its own energy resources and giving priority to energy saving, participating to the international competition and implementing a national strategic reserves system, readjusting the energy consumption structure and promoting environment protection by developing nuclear energy, harmonizing China's relations with some countries and avoiding political and military conflicts, increasing investment in energy R and D, in particular in clean coal, nuclear, automotive, renewable energy and energy saving technologies. (J.S.)

  12. Information Security Behavioral Model: Towards Employees' Knowledge and Attitude

    OpenAIRE

    Mishra, Saurabh; Snehlata, Snehlata; Srivastava, Anjali

    2014-01-01

    Information Security has become a significant concern for today's organizations. The internal security threats acts as the most curtail type of security threat within an organization. These internal security threats are a result of poor conduct of security behavior by the employees within an organization. If not deal properly, it may hamper the auditing of organization. Auditing plays an important role in the business environment. Before conducting auditing it is essential to examine the beha...

  13. RFID Based Security Access Control System with GSM Technology

    OpenAIRE

    Peter Adole; Joseph M. Môm; Gabriel A. Igwue

    2016-01-01

    The security challenges being encountered in many places today require electronic means of controlling access to secured premises in addition to the available security personnel. Various technologies were used in different forms to solve these challenges. The Radio Frequency Identification (RFID) Based Access Control Security system with GSM technology presented in this work helps to prevent unauthorized access to controlled environments (secured premises). This is achieved mainly...

  14. Compatibility of safety and security

    International Nuclear Information System (INIS)

    Jalouneix, J.

    2013-01-01

    Nuclear safety means the achievement of proper operating conditions, prevention of accidents or mitigation of accident consequences, resulting in protection of workers, the public and the environment from undue radiation hazards while nuclear security means the prevention and detection of, and response to, theft, sabotage, unauthorized access, illegal transfer or other malicious acts involving nuclear material. Nuclear safety and nuclear security present large similarities in their aim as in their methods and are mutually complementary in the field of protection with regard to the risk of sabotage. However they show specific attributes in certain areas which leads to differences in their implementation. For instance security culture must integrate deterrence and confidentiality while safety culture implies transparency and open dialogue. Two important design principles apply identically for safety and security: the graded approach and the defense in depth. There are also strong similarities in operating provisions: -) a same need to check the availability of the equipment, -) a same need to treat the experience feedback, or -) a same need to update the basic rules. There are also strong similarities in emergency management, for instance the elaboration of emergency plans and the performance of periodic exercises. Activities related to safety of security of an installation must be managed by a quality management system. For all types of nuclear activities and facilities, a well shared safety culture and security culture is the guarantee of a safe and secure operation. The slides of the presentation have been added at the end of the paper

  15. Introduction to network security

    CERN Document Server

    Jacobson, Douglas

    2008-01-01

    … Students can easily understand how things work thanks to the different figures/definitions … students can see the different steps taken to build a secure environment and avoid most of the usual mistakes. … A website (http://www.dougj.net/textbook) is provided to support the book, where the reader can find additional content, like instructor materials, slides to support the book, on-line tutorials, help to start the programming parts. It is not mandatory at all to understand the book, but it is a really nice addition. … the book is really well written, and easily understandable without lackin

  16. Security infrastructures: towards the INDECT system security

    OpenAIRE

    Stoianov, Nikolai; Urueña, Manuel; Niemiec, Marcin; Machník, Petr; Maestro, Gema

    2012-01-01

    This paper provides an overview of the security infrastructures being deployed inside the INDECT project. These security infrastructures can be organized in five main areas: Public Key Infrastructure, Communication security, Cryptography security, Application security and Access control, based on certificates and smartcards. This paper presents the new ideas and deployed testbeds for these five areas. In particular, it explains the hierarchical architecture of the INDECT PKI...

  17. Internet Banking Security Strategy: Securing Customer Trust

    OpenAIRE

    Frimpong Twum; Kwaku Ahenkora

    2012-01-01

    Internet banking strategies should enhance customers¡¯ online experiences which are affected by trust and security issues. This study provides perspectives of users and nonusers on internet banking security with a view to understanding trust and security factors in relation to adoption and continuous usage. Perception of internet banking security influenced usage intentions. Nonusers viewed internet banking to be insecure but users perceived it to be secure with perceived ease of use influenc...

  18. Food Security Strategy Based on Computer Innovation

    OpenAIRE

    Ruihui Mu

    2015-01-01

    Case analysis to identify innovative strategies for food security occurred in the Oriental Hotel, voluntarily implement food safety control. Food security strategy investigation and the reasons for their use of multiple data sources, including accommodation and catering industry to implement and document interviews with key decision makers in the hotel performed to observe the business environment were examined. This finding suggests that addressing food security, not only is the food control...

  19. Data Security and Privacy in Cloud Computing

    OpenAIRE

    Yunchuan Sun; Junsheng Zhang; Yongping Xiong; Guangyu Zhu

    2014-01-01

    Data security has consistently been a major issue in information technology. In the cloud computing environment, it becomes particularly serious because the data is located in different places even in all the globe. Data security and privacy protection are the two main factors of user’s concerns about the cloud technology. Though many techniques on the topics in cloud computing have been investigated in both academics and industries, data security and privacy protection are becoming more impo...

  20. Secure Authentication of Cloud Data Mining API

    OpenAIRE

    Bhadauria, Rohit; Borgohain, Rajdeep; Biswas, Abirlal; Sanyal, Sugata

    2013-01-01

    Cloud computing is a revolutionary concept that has brought a paradigm shift in the IT world. This has made it possible to manage and run businesses without even setting up an IT infrastructure. It offers multi-fold benefits to the users moving to a cloud, while posing unknown security and privacy issues. User authentication is one such growing concern and is greatly needed in order to ensure privacy and security in a cloud computing environment. This paper discusses the security at different...

  1. Food sustainability, food security and the environment

    NARCIS (Netherlands)

    Helms, M.

    2004-01-01

    Sustainable development requires a deliberate choice in the direction of societal transition, but the options are narrowed down by the obligation to feed a growing world population. At present sufficient food is produced, but large differences exist in per capita supply. Poverty prevents many people

  2. China Debates the Future Security Environment

    Science.gov (United States)

    2000-01-01

    Bike, Zhot~uo da qushi (China megatrends )( Belling: Hualing chubanshe, 1996). For warnings on the need to conceal increasing national power, see Ma...became Japan’s prime minister in 1957. Troop 731, which had engaged in biological warfare experiments, was exempted from trial. In March 1950, all...gongye chubanshe, 1998. Lu Hui. He hua sheng wuqi de h’shi yu weilai CFhe history and future of nuclear, chemical, and biological weapons). Beijing

  3. Evolution of the International Security Environment

    OpenAIRE

    Shea, Jamie

    2015-01-01

    I have to start with a confession, distinguished Commandant, Generals, Excellencies, ladies and gentlemen.  This is my first speech for a long time. So I am a little bit rusty. The reason is that I retired from public speaking last year. I was in London, giving a talk next to the Houses of Parliament. When I finished, a man in the audience, who looked like the American detective Colombo, you remember with the hand woven hat and dirty raincoat, came up on to the stage and said ‘—Dr.Shea, Thank...

  4. Demographics and the Changing National Security Environment

    National Research Council Canada - National Science Library

    2000-01-01

    .... Long- term fertility trends, urbanization, migration, and changes in the ethnic composition and age profile of populations can influence the likelihood and nature of conflict among and within nations...

  5. Biofuels. Environment, technology and food security

    International Nuclear Information System (INIS)

    Escobar, Jose C.; Lora, Electo S.; Venturini, Osvaldo J.; Yanez, Edgar E.; Castillo, Edgar F.; Almazan, Oscar

    2009-01-01

    The imminent decline of the world's oil production, its high market prices and environmental impacts have made the production of biofuels to reach unprecedent volumes over the last 10 years. This is why there have been intense debates among international organizations and political leaders in order to discuss the impacts of the biofuel use intensification. Besides assessing the causes of the rise in the demand and production of biofuels, this paper also shows the state of the art of their world's current production. It is also discussed different vegetable raw materials sources and technological paths to produce biofuels, as well as issues regarding production cost and the relation of their economic feasibility with oil international prices. The environmental impacts of programs that encourage biofuel production, farmland land requirements and the impacts on food production are also discussed, considering the life cycle analysis (LCA) as a tool. It is concluded that the rise in the use of biofuels is inevitable and that international cooperation, regulations and certification mechanisms must be established regarding the use of land, the mitigation of environmental and social impacts caused by biofuel production. It is also mandatory to establish appropriate working conditions and decent remuneration for workers of the biofuels production chain. (author)

  6. Security and the Environment in Pakistan

    Science.gov (United States)

    2010-08-03

    Specialist in Agricultural Policy August 3, 2010 Congressional Research Service 7-5700 www.crs.gov R41358 Report Documentation Page Form...Specialist in Natural Resources Policy ncarter@crs.loc.gov, 7-0854 Renée Johnson Specialist in Agricultural Policy rjohnson@crs.loc.gov, 7-9588

  7. Information security fundamentals

    CERN Document Server

    Peltier, Thomas R

    2013-01-01

    Developing an information security program that adheres to the principle of security as a business enabler must be the first step in an enterprise's effort to build an effective security program. Following in the footsteps of its bestselling predecessor, Information Security Fundamentals, Second Edition provides information security professionals with a clear understanding of the fundamentals of security required to address the range of issues they will experience in the field.The book examines the elements of computer security, employee roles and r

  8. ORACLE DATABASE SECURITY

    OpenAIRE

    Cristina-Maria Titrade

    2011-01-01

    This paper presents some security issues, namely security database system level, data level security, user-level security, user management, resource management and password management. Security is a constant concern in the design and database development. Usually, there are no concerns about the existence of security, but rather how large it should be. A typically DBMS has several levels of security, in addition to those offered by the operating system or network. Typically, a DBMS has user a...

  9. High Assurance Models for Secure Systems

    Science.gov (United States)

    Almohri, Hussain M. J.

    2013-01-01

    Despite the recent advances in systems and network security, attacks on large enterprise networks consistently impose serious challenges to maintaining data privacy and software service integrity. We identify two main problems that contribute to increasing the security risk in a networked environment: (i) vulnerable servers, workstations, and…

  10. 78 FR 68784 - Cargo Securing Manuals

    Science.gov (United States)

    2013-11-15

    .../Circ.) 1352 (``Cargo Stowage and Securing (CSS Code) Annex 14 Guidance on Providing Safe Working... Providing Safe Working Conditions for the Securing of Containers'') of the IMO 2010 CSS Code. A cargo safe.... Indian Tribal Governments K. Energy Effects L. Technical Standards M. Environment I. Public Participation...

  11. ADP Security Plan, Math Building, Room 1139

    Energy Technology Data Exchange (ETDEWEB)

    Melton, R.

    1985-08-27

    This document provides the draft copy of an updated (ADP) Security Plan for an IBM Personal Computer to be used in the Math Building at PNL for classified data base management. Using the equipment specified in this document and implementing the administrative and physical procedures as outlined will provide the secure environment necessary for this work to proceed.

  12. On Secure Workflow Decentralisation on the Internet

    Directory of Open Access Journals (Sweden)

    Petteri Kaskenpalo

    2010-06-01

    Full Text Available Decentralised workflow management systems are a new research area, where most work to-date has focused on the system's overall architecture. As little attention has been given to the security aspects in such systems, we follow a security driven approach, and consider, from the perspective of available security building blocks, how security can be implemented and what new opportunities are presented when empowering the decentralised environment with modern distributed security protocols. Our research is motivated by a more general question of how to combine the positive enablers that email exchange enjoys, with the general benefits of workflow systems, and more specifically with the benefits that can be introduced in a decentralised environment. This aims to equip email users with a set of tools to manage the semantics of a message exchange, contents, participants and their roles in the exchange in an environment that provides inherent assurances of security and privacy. This work is based on a survey of contemporary distributed security protocols, and considers how these protocols could be used in implementing a distributed workflow management system with decentralised control . We review a set of these protocols, focusing on the required message sequences in reviewing the protocols, and discuss how these security protocols provide the foundations for implementing core control-flow, data, and resource patterns in a distributed workflow environment.

  13. Computer Security: the security marathon, part 2

    CERN Multimedia

    Computer Security Team

    2014-01-01

    Do you recall our latest article on the “Security Marathon” (see here) and why it’s wrong to believe that computer security is a sprint, that a quick hack is invulnerable, that quick bug-fixing is sufficient, that plugging security measures on top of existing structures is a good idea, that once you are secure, your life is cosy?   In fact, security is a marathon for us too. Again and again, we have felt comfortable with the security situation at CERN, with dedicated protections deployed on individual hosts, with the security measures deployed by individual service managers, with the attentiveness and vigilance of our users, and with the responsiveness of the Management. Again and again, however, we subsequently detect or receive reports that this is wrong, that protections are incomplete, that security measures are incomplete, that security awareness has dropped. Thus, unfortunately, we often have to go back to square one and address similar issues over and over...

  14. Security Guards for the Future Web

    National Research Council Canada - National Science Library

    Reed, Nancy; Bryson, Dave; Garriss, James; Gosnell, Steve; Heaton, Brook; Huber, Gary; Jacobs, David; Pulvermacher, Mary; Semy, Salim; Smith, Chad; Standard, John

    2004-01-01

    .... Guard technology needs to keep pace with the evolving Web environment. The authors conjectured that a family of security guard services would be needed to provide the full range of functionality necessary to support the future Web...

  15. Library and Archival Security: Policies and Procedures To Protect Holdings from Theft and Damage.

    Science.gov (United States)

    Trinkaus-Randall, Gregor

    1998-01-01

    Firm policies and procedures that address the environment, patron/staff behavior, general attitude, and care and handling of materials need to be at the core of the library/archival security program. Discussion includes evaluating a repository's security needs, collections security, security in non-public areas, security in the reading room,…

  16. Using the safety/security interface to the security manager's advantage

    International Nuclear Information System (INIS)

    Stapleton, B.W.

    1993-01-01

    Two aspects of the safety/security interface are discussed: (1) the personal safety of nuclear security officers; and (2) how the security manager can effectively deal with the safety/security interface in solving today's requirements yet supporting the overall mission of the facility. The basis of this presentation is the result of interviews, document analyses, and observations. The conclusion is that proper planning and communication between the players involved in the security/safety interface can benefit the two programs and help achieve overall system integration, ultimately contributing to the bottom line. This is especially important in today's cost conscious environment

  17. Information Systems Security Audit

    OpenAIRE

    Gheorghe Popescu; Veronica Adriana Popescu; Cristina Raluca Popescu

    2007-01-01

    The article covers:Defining an information system; benefits obtained by introducing new information technologies; IT management;Defining prerequisites, analysis, design, implementation of IS; Information security management system; aspects regarding IS security policy; Conceptual model of a security system; Auditing information security systems and network infrastructure security.

  18. Developing Iraq's Security Sector: The Coalition Provisional Authority's Experience

    National Research Council Canada - National Science Library

    Rathmell, Andrew; Oliker, Olga; Kelly, Terrence K; Brannan, David; Crane, Keith

    2005-01-01

    .... The environment was not benign -- it was deteriorating. Iraqi security forces had largely disintegrated, and those that remained were incapable of responding to rising criminality and political violence...

  19. Competition, Speculative Risks, and IT Security Outsourcing

    Science.gov (United States)

    Cezar, Asunur; Cavusoglu, Huseyin; Raghunathan, Srinivasan

    Information security management is becoming a more critical and, simultaneously, a challenging function for many firms. Even though many security managers are skeptical about outsourcing of IT security, others have cited reasons that are used for outsourcing of traditional IT functions for why security outsourcing is likely to increase. Our research offers a novel explanation, based on competitive externalities associated with IT security, for firms' decisions to outsource IT security. We show that if competitive externalities are ignored, then a firm will outsource security if and only if the MSSP offers a quality (or a cost) advantage over in-house operations, which is consistent with the traditional explanation for security outsourcing. However, a higher quality is neither a prerequisite nor a guarantee for a firm to outsource security. The competitive risk environment and the nature of the security function outsourced, in addition to quality, determine firms' outsourcing decisions. If the reward from the competitor's breach is higher than the loss from own breach, then even if the likelihood of a breach is higher under the MSSP the expected benefit from the competitive demand externality may offset the loss from the higher likelihood of breaches, resulting in one or both firms outsourcing security. The incentive to outsource security monitoring is higher than that of infrastructure management because the MSSP can reduce the likelihood of breach on both firms and thus enhance the demand externality effect. The incentive to outsource security monitoring (infrastructure management) is higher (lower) if either the likelihood of breach on both firms is lower (higher) when security is outsourced or the benefit (relative to loss) from the externality is higher (lower). The benefit from the demand externality arising out of a security breach is higher when more of the customers that leave the breached firm switch to the non-breached firm.

  20. Methods of Organizational Information Security

    Science.gov (United States)

    Martins, José; Dos Santos, Henrique

    The principle objective of this article is to present a literature review for the methods used in the security of information at the level of organizations. Some of the principle problems are identified and a first group of relevant dimensions is presented for an efficient management of information security. The study is based on the literature review made, using some of the more relevant certified articles of this theme, in international reports and in the principle norms of management of information security. From the readings that were done, we identified some of the methods oriented for risk management, norms of certification and good practice of security of information. Some of the norms are oriented for the certification of the product or system and others oriented to the processes of the business. There are also studies with the proposal of Frameworks that suggest the integration of different approaches with the foundation of norms focused on technologies, in processes and taking into consideration the organizational and human environment of the organizations. In our perspective, the biggest contribute to the security of information is the development of a method of security of information for an organization in a conflicting environment. This should make available the security of information, against the possible dimensions of attack that the threats could exploit, through the vulnerability of the organizational actives. This method should support the new concepts of "Network centric warfare", "Information superiority" and "Information warfare" especially developed in this last decade, where information is seen simultaneously as a weapon and as a target.

  1. Quality of Security Service: Adaptive Security

    National Research Council Canada - National Science Library

    Levin, Timothy E; Irvine, Cynthia E; Spyropoulou, Evdoxia

    2004-01-01

    The premise of Quality of Security Service is that system and network management functions can be more effective if variable levels of security services and requirements can be presented to users or network tasks...

  2. Understanding the security situation in Colombia

    Energy Technology Data Exchange (ETDEWEB)

    Escobar, C.O. [Colombia Central Bank (Colombia)

    1997-11-01

    The following aspects influencing Colombia are considered: the causes of security problems, including social, political and criminal violence; the political and economic crises produced by financing of the presidential campaign; coal`s social, economic and cultural environment in Guajira and Cesar; a description of the security situation in the carboniferous region focusing on guerrilla, crime and paramilitary threats; and three possible scenarios in the region`s security future. The government`s strategy of assuring restricted security to carboniferous and petroleum plants has proven expensive for the state and country. A competitive regional economy would bring social and economic benefits in the medium and long terms. 1 tab.

  3. Securing social media in the enterprise

    CERN Document Server

    Dalziel, Henry

    2015-01-01

    Securing Social Media in the Enterprise is a concise overview of the security threats posed by the use of social media sites and apps in enterprise network environments. Social media sites and apps are now a ubiquitous presence within enterprise systems and networks, and are vulnerable to a wide range of digital systems attacks. This brief volume provides security professionals and network systems administrators a much-needed dive into the most current threats, detection techniques, and defenses for these attacks, and provides a roadmap for best practices to secure and manage social media wi

  4. Social Security Bulletin

    Data.gov (United States)

    Social Security Administration — The Social Security Bulletin (ISSN 1937-4666) is published quarterly by the Social Security Administration. The Bulletin is prepared in the Office of Retirement and...

  5. Transportation Security Administration

    Science.gov (United States)

    ... content Official website of the Department of Homeland Security Transportation Security Administration A - Z Index Blog What Can I ... Search form Search the Site Main menu Travel Security Screening Special Procedures TSA Pre✓® Passenger Support Travel ...

  6. Security, Fraud Detection

    Indian Academy of Sciences (India)

    First page Back Continue Last page Overview Graphics. Secure. Secure. Server – Intruder prevention/detection; Network – Encryption, PKI; Client - Secure. Fraud detection based on audit trails. Automatic alerts like credit-card alerts based on suspicious patterns.

  7. Computer security engineering management

    International Nuclear Information System (INIS)

    McDonald, G.W.

    1988-01-01

    For best results, computer security should be engineered into a system during its development rather than being appended later on. This paper addresses the implementation of computer security in eight stages through the life cycle of the system; starting with the definition of security policies and ending with continuing support for the security aspects of the system throughout its operational life cycle. Security policy is addressed relative to successive decomposition of security objectives (through policy, standard, and control stages) into system security requirements. This is followed by a discussion of computer security organization and responsibilities. Next the paper directs itself to analysis and management of security-related risks, followed by discussion of design and development of the system itself. Discussion of security test and evaluation preparations, and approval to operate (certification and accreditation), is followed by discussion of computer security training for users is followed by coverage of life cycle support for the security of the system

  8. USCG Security Plan Review

    Data.gov (United States)

    Department of Homeland Security — The Security Plan Review module is intended for vessel and facility operators to check on the status of their security plans submitted to the US Coast Guard. A MISLE...

  9. International security and arms control

    International Nuclear Information System (INIS)

    Ekeus, R.

    2000-01-01

    The end of the cold war also ended the focus on the bilateral approach to arms control and disarmament. Key concepts of security needed to be revisited, along with their implications for the disarmament and arms control agenda. Though there is currently a unipolar global security environment, there remain important tasks on the multilateral arms control agenda. The major task is that of reducing and eliminating weapons of mass destruction, especially nuclear weapons. The author contends that maintaining reliance on the nuclear-weapons option makes little sense in a time when the major Powers are strengthening their partnerships in economics, trade, peacemaking and building. (author)

  10. Kyrgyzstan's security problems today

    OpenAIRE

    Abduvalieva, Ryskul

    2009-01-01

    Regional stability and security consist of two levels-the external security of each country at the regional level and the internal security of each of them individually. A state's external and internal security are closely interrelated concepts. It stands to reason that ensuring internal security and stability is the primary and most important task. But the external aspect also requires attention. This article takes a look at the most important problems of ensuring Kyrgyzstan's security.

  11. Information Security Maturity Model

    OpenAIRE

    Information Security Maturity Model

    2011-01-01

    To ensure security, it is important to build-in security in both the planning and the design phases andadapt a security architecture which makes sure that regular and security related tasks, are deployedcorrectly. Security requirements must be linked to the business goals. We identified four domains thataffect security at an organization namely, organization governance, organizational culture, thearchitecture of the systems, and service management. In order to identify and explore the strengt...

  12. Security By Design

    OpenAIRE

    Tanner, M. James

    2009-01-01

    Securing a computer from unwanted intrusion requires astute planning and effort to effectively minimize the security invasions computers are plagued with today. While all of the efforts to secure a computer are needed, it seems that the underlying issue of what is being secured has been overlooked. The operating system is at the core of the security issue. Many applications and devices have been put into place to add layers of protection to an already weak operating system. Security did not u...

  13. Foundational aspects of security

    DEFF Research Database (Denmark)

    Chatzikokolakis, Konstantinos; Mödersheim, Sebastian Alexander; Palamidessi, Catuscia

    2014-01-01

    This Special Issue of the Journal of Computer Security focuses on foundational aspects of security, which in recent years have helped change much of the way we think about and approach system security.......This Special Issue of the Journal of Computer Security focuses on foundational aspects of security, which in recent years have helped change much of the way we think about and approach system security....

  14. Security guide for subcontractors

    Energy Technology Data Exchange (ETDEWEB)

    Adams, R.C.

    1991-01-01

    This security guide of the Department of Energy covers contractor and subcontractor access to DOE and Mound facilities. The topics of the security guide include responsibilities, physical barriers, personnel identification system, personnel and vehicular access controls, classified document control, protecting classified matter in use, storing classified matter repository combinations, violations, security education clearance terminations, security infractions, classified information nondisclosure agreement, personnel security clearances, visitor control, travel to communist-controlled or sensitive countries, shipment security, and surreptitious listening devices.

  15. Security and privacy issues of personal health.

    Science.gov (United States)

    Blobel, Bernd; Pharow, Peter

    2007-01-01

    While health systems in developed countries and increasingly also in developing countries are moving from organisation-centred to person-centred health service delivery, the supporting communication and information technology is faced with new risks regarding security and privacy of stakeholders involved. The comprehensively distributed environment puts special burden on guaranteeing communication security services, but even more on guaranteeing application security services dealing with privilege management, access control and audit regarding social implication and connected sensitivity of personal information recorded, processed, communicated and stored in an even internationally distributed environment.

  16. Redefining security.

    Science.gov (United States)

    Mathews, J T

    1989-01-01

    The concept of US national security was redefined in the 1970s to include international economics, and lately environmental degradation has also become a factor, as pollution transcends boundaries. By 2100 another 5-6 billion people may be added to the world's population requiring dramatic production and technology transformation with the resultant expanded energy use, emissions, and waste impacting the ecosystem. Climate change through global warming is in the offing. The exponential growth of the population in the developing world poses a crucial challenge for food production, housing, and employment. At a 1% growth rate population doubles in 72 years, while at 3% it doubles in 24 years. Africa's growth rate is almost 3%, it is close to 2% in Latin America, and it is somewhat less in Asia. Renewable resources such as overfished fishing grounds can become nonrenewable, and vanished species can never be resurrected. Deforestation leads to soil erosion, damage to water resources through floods and silting of irrigation networks, and accelerated loss of species. 20% of species could disappear by 2000 thereby losing genetic resources for chemicals, drugs, and food sources. Overcultivation has caused major erosion and decline of agricultural productivity in Haiti, Guatemala, Turkey, and India. Lopsided land ownership in Latin America requires land reform for sustainable agricultural production in the face of the majority of people cultivating plots for bare subsistence. Human practices that have caused environmental damage include concessions granted to logging companies in the Philippines, mismanagement of natural resources in sub-Saharan Africa, the ozone hole, and the greenhouse effect with potential climate changes. Solutions include family planning, efficient energy use, sustainable agroforestry techniques, and environmental accounting of goods and services.

  17. Personnel Security Investigations -

    Data.gov (United States)

    Department of Transportation — This data set contains the types of background investigations, decisions, level of security clearance, date of security clearance training, and credentials issued to...

  18. Security 2020 Reduce Security Risks This Decade

    CERN Document Server

    Howard, Doug; Schneier, Bruce

    2010-01-01

    Identify real security risks and skip the hype After years of focusing on IT security, we find that hackers are as active and effective as ever. This book gives application developers, networking and security professionals, those that create standards, and CIOs a straightforward look at the reality of today's IT security and a sobering forecast of what to expect in the next decade. It debunks the media hype and unnecessary concerns while focusing on the knowledge you need to combat and prioritize the actual risks of today and beyond.IT security needs are constantly evolving; this guide examine

  19. 40 CFR 1042.635 - National security exemption.

    Science.gov (United States)

    2010-07-01

    ... 40 Protection of Environment 32 2010-07-01 2010-07-01 false National security exemption. 1042.635... Compliance Provisions § 1042.635 National security exemption. The standards and requirements of this part and... government responsible for national defense. (b) Manufacturers may request a national security exemption for...

  20. 40 CFR 90.908 - National security exemption.

    Science.gov (United States)

    2010-07-01

    ... 40 Protection of Environment 20 2010-07-01 2010-07-01 false National security exemption. 90.908... Exemption of Nonroad Engines from Regulations § 90.908 National security exemption. (a)(1) Any nonroad... defense, will be considered exempt from this part for purposes of national security. No request for...

  1. 40 CFR 92.908 - National security exemption.

    Science.gov (United States)

    2010-07-01

    ... 40 Protection of Environment 20 2010-07-01 2010-07-01 false National security exemption. 92.908... Provisions § 92.908 National security exemption. A manufacturer or remanufacturer requesting a national security exemption must state the purpose for which the exemption is required and the request must be...

  2. 40 CFR 91.1008 - National security exemption.

    Science.gov (United States)

    2010-07-01

    ... 40 Protection of Environment 20 2010-07-01 2010-07-01 false National security exemption. 91.1008... Engines § 91.1008 National security exemption. (a)(1) Any marine SI engine, otherwise subject to this part... for purposes of national security. No request for exemption is necessary. (2) Manufacturers may...

  3. 40 CFR 205.5-2 - National security exemptions.

    Science.gov (United States)

    2010-07-01

    ... 40 Protection of Environment 24 2010-07-01 2010-07-01 false National security exemptions. 205.5-2... PROGRAMS TRANSPORTATION EQUIPMENT NOISE EMISSION CONTROLS General Provisions § 205.5-2 National security... a national security exemption is required. (c) For purposes of section 11(d) of the Act, any...

  4. 40 CFR 211.110-2 - National security exemptions.

    Science.gov (United States)

    2010-07-01

    ... 40 Protection of Environment 24 2010-07-01 2010-07-01 false National security exemptions. 211.110... ABATEMENT PROGRAMS PRODUCT NOISE LABELING General Provisions § 211.110-2 National security exemptions. (a) A new product which is produced to conform with specifications developed by national security agency...

  5. 40 CFR 94.908 - National security exemption.

    Science.gov (United States)

    2010-07-01

    ... 40 Protection of Environment 20 2010-07-01 2010-07-01 false National security exemption. 94.908... § 94.908 National security exemption. (a)(1) Any marine engine, otherwise subject to this part, that is... regulations in this subpart for reasons of national security. No request for this exemption is necessary. (2...

  6. 40 CFR 85.1708 - National security exemption.

    Science.gov (United States)

    2010-07-01

    ... 40 Protection of Environment 18 2010-07-01 2010-07-01 false National security exemption. 85.1708... Vehicle Engines § 85.1708 National security exemption. A manufacturer requesting a national security... agency of the Federal Government charged with responsibility for national defense. [39 FR 32611, Sept. 10...

  7. 40 CFR 204.5-2 - National security exemptions.

    Science.gov (United States)

    2010-07-01

    ... 40 Protection of Environment 24 2010-07-01 2010-07-01 false National security exemptions. 204.5-2... PROGRAMS NOISE EMISSION STANDARDS FOR CONSTRUCTION EQUIPMENT General Provisions § 204.5-2 National security... for a national security exemption is required. (c) For purposes of section 11(d) of the Act, any...

  8. 40 CFR 89.908 - National security exemption.

    Science.gov (United States)

    2010-07-01

    ... 40 Protection of Environment 20 2010-07-01 2010-07-01 false National security exemption. 89.908... Provisions § 89.908 National security exemption. (a)(1) Any nonroad engine, otherwise subject to this part... regulations for purposes of national security. No request for exemption is necessary. (2) Manufacturers may...

  9. Security guide for subcontractors

    Energy Technology Data Exchange (ETDEWEB)

    Adams, R.C.

    1993-06-01

    This guide is provided to aid in the achievement of security objectives in the Department of Energy (DOE) contractor/subcontractor program. The objectives of security are to protect information that, if released, would endanger the common defense and security of the nation and to safeguard plants and installations of the DOE and its contractors to prevent the interruption of research and production programs. The security objective and means of achieving the objective are described. Specific security measures discussed in this guide include physical barriers, personnel identification systems, personnel and vehicular access control, classified document control, protection of classified matter in use, storing classified matter, and repository combinations. Means of dealing with security violations and security infractions are described. Maintenance of a security education program is discussed. Also discussed are methods of handling clearance terminations, visitor control, travel to sensitive countries, and shipment security. The Technical Surveillance Countermeasures Program (TSCM), the Computer Security Program, and the Operations Security Plan (OPSEC) are examined.

  10. Additional Security Considerations for Grid Management

    Science.gov (United States)

    Eidson, Thomas M.

    2003-01-01

    The use of Grid computing environments is growing in popularity. A Grid computing environment is primarily a wide area network that encompasses multiple local area networks, where some of the local area networks are managed by different organizations. A Grid computing environment also includes common interfaces for distributed computing software so that the heterogeneous set of machines that make up the Grid can be used more easily. The other key feature of a Grid is that the distributed computing software includes appropriate security technology. The focus of most Grid software is on the security involved with application execution, file transfers, and other remote computing procedures. However, there are other important security issues related to the management of a Grid and the users who use that Grid. This note discusses these additional security issues and makes several suggestions as how they can be managed.

  11. MODEL-BASED SECURITY ENGINEERING OF SOA SYSTEM USING SECURITY INTENT DSL

    OpenAIRE

    Muhammad Qaiser Saleem; Jafreezal Jaafar; Mohd Fadzil Hassan

    2011-01-01

    Currently most of the enterprises are using SOA and web services technologies to build their web information system. They are using MDA principles for design and development of WIS and using UML as a modelling language for business process modelling. Along with the increased connectivity in SOA environment, security risks rise exponentially. Security is not defined during the early phases of development and left onto developer. Properly configuring security requirements in SOA applications is...

  12. An evaluation index system of water security in China based on macroeconomic data from 2000 to 2012

    Science.gov (United States)

    Li, X. S.; Peng, Z. Y.; Li, T. T.

    2016-08-01

    This paper establishes an evaluation index system of water security. The index system employs 5 subsystems (water circulation security, water environment security, water ecology security, water society security and water economy security) and has 39 indicators. Using the AHP method, each indicator is given a relative weight to integrate within the whole system. With macroeconomic data from 2000 to 2012, a model of water security evaluation is applied to assess the state of water security in China. The results show an improving trend in the overall state of China's water security. In particular, the cycle of water security is at a high and low fluctuation. Water environment security presents an upward trend on the whole; however, this trend is unsteady and has shown a descending tendency in some years. Yet, water ecology security, water society security, and water economy security are basically on the rise. However, the degree of coordination of China's water security system remains in need of consolidation.

  13. Northern Security and Global Politics

    DEFF Research Database (Denmark)

    This book takes a comprehensive approach to security in the Nordic-Baltic region, studying how this region is affected by developments in the international system. The advent of the new millennium coincided with the return of the High North to the world stage. A number of factors have contributed......-unipolar", indicating a period of flux and of declining US unipolar hegemony. Drawing together contributions from key thinkers in the field, Northern Security and Global Politics explores how this situation has affected the Nordic-Baltic area by addressing two broad sets of questions. First, it examines what impact...... declining unipolarity - with a geopolitical shift to Asia, a reduced role for Europe in United States policy, and a more assertive Russia - will have on regional Nordic-Baltic security. Second, it takes a closer look at how the regional actors respond to these changes in their strategic environment...

  14. OPINIONS ABOUT MILITARY LOGISTICS IN A TURBULENT MEDIUM SECURITY

    Directory of Open Access Journals (Sweden)

    Mircea UDRESCU

    2013-06-01

    Full Text Available In the natural world, turbulence involves violent demonstrations, random appearances, unpredictability. Scientists have developed chaos theory to explain some possible variants of development of events that have a given initial state and a number of deterministic assumptions. In these cases, the initial process can take the exponential expression as a form of incorporation of disturbances. Turbulence, for any social environment, especially for the security environment, means extra risk and uncertainty. Policy makers use the security risks to cover their uncertainties, subordinating national security of an umbrella collective, which makes collective security risks to become national security and safety risks.

  15. Macro Security Methodology for Conducting Facility Security and Sustainability Assessments

    International Nuclear Information System (INIS)

    Herdes, Greg A.; Freier, Keith D.; Wright, Kyle A.

    2007-01-01

    Pacific Northwest National Laboratory (PNNL) has developed a macro security strategy that not only addresses traditional physical protection systems, but also focuses on sustainability as part of the security assessment and management process. This approach is designed to meet the needs of virtually any industry or environment requiring critical asset protection. PNNL has successfully demonstrated the utility of this macro security strategy through its support to the NNSA Office of Global Threat Reduction implementing security upgrades at international facilities possessing high activity radioactive sources that could be used in the assembly of a radiological dispersal device, commonly referred to as a 'dirty bomb'. Traditional vulnerability assessments provide a snap shot in time of the effectiveness of a physical protection system without significant consideration to the sustainability of the component elements that make up the system. This paper describes the approach and tools used to integrate technology, plans and procedures, training, and sustainability into a simple, quick, and easy-to-use security assessment and management tool.

  16. Interdependent Risk and Cyber Security: An Analysis of Security Investment and Cyber Insurance

    Science.gov (United States)

    Shim, Woohyun

    2010-01-01

    An increasing number of firms rely on highly interconnected information networks. In such environments, defense against cyber attacks is complicated by residual risks caused by the interdependence of information security decisions of firms. IT security is affected not only by a firm's own management strategies but also by those of others. This…

  17. Security research roadmap; Security-tutkimuksen roadmap

    Energy Technology Data Exchange (ETDEWEB)

    Naumanen, M.; Rouhiainen, V. (eds.)

    2006-02-15

    Requirements for increasing security have arisen in Europe after highly visible and tragic events in Madrid and in London. While responsibility for security rests largely with the national activities, the EU has also started planning a research area .Space and security. as a part of the 7th Framework Programme. As the justification for this research area it has been presented that technology alone can not assure security, but security can not be assured without the support of technology. Furthermore, the justification highlights that security and military research are becoming ever closer. The old separation between civil and military research is decreasing, because it has been noticed that both areas are nowadays utilising the same knowledge. In Finland, there is already now noteworthy entrepreneurship related to security. Although some of the companies are currently only operating in Finland, others are already international leaders in their area. The importance of the security area is increasing and remarkable potential for new growth business areas can already be identified. This however also requires an increase in research efforts. VTT has a broad range of security research ongoing in many technology areas. The main areas have been concentrating on public safety and security, but VTT is participating also in several research projects related to the defence technology. For identifying and defining in more detail the expertise and research goals, the Security research roadmap was developed. The roadmap identified three particularly significant areas related to security. The assurance of critical infrastructure emphasises the protection of energy networks, information networks, water supply, traffic and transport, and obviously also the citizens. For assuring the activities of entrepreneurship, significant areas include the security of production and services, the security of sites and assets, and information security for embedded systems. The most important

  18. CLOUD COMPUTING SECURITY ISSUES

    Directory of Open Access Journals (Sweden)

    Florin OGIGAU-NEAMTIU

    2012-01-01

    Full Text Available The term “cloud computing” has been in the spotlights of IT specialists the last years because of its potential to transform this industry. The promised benefits have determined companies to invest great sums of money in researching and developing this domain and great steps have been made towards implementing this technology. Managers have traditionally viewed IT as difficult and expensive and the promise of cloud computing leads many to think that IT will now be easy and cheap. The reality is that cloud computing has simplified some technical aspects of building computer systems, but the myriad challenges facing IT environment still remain. Organizations which consider adopting cloud based services must also understand the many major problems of information policy, including issues of privacy, security, reliability, access, and regulation. The goal of this article is to identify the main security issues and to draw the attention of both decision makers and users to the potential risks of moving data into “the cloud”.

  19. Security needs you

    CERN Multimedia

    2010-01-01

    Academic freedom is a valuable thing, but like any kind of freedom, it comes with responsibility. Here at CERN, and in the global particle physics community as a whole, we enjoy an open academic environment, which gives us freedom of choice and freedom of expression. It is a strong tradition at CERN, but it’s not something we can ever take for granted. This is particularly true in the area of IT, where our openness and our global visibility make us an attractive target. Attacks on our IT infrastructure in the past have had a negative impact on our reputation, and have even led to changes in the way we operate computing services. It is the responsibility of all of us, not just the experts in the IT Department, to protect our IT infrastructure while striking the right balance between security, academic freedom and the unfettered operation of our facilities. Everyone using CERN’s IT infrastructure is responsible for the security and protection of the computers they use, the operating...

  20. Safety, security and safeguard

    International Nuclear Information System (INIS)

    Zakariya, Nasiru Imam; Kahn, M.T.E.

    2015-01-01

    Highlights: • The 3S interface in the design of PPS is hereby proposed. • The 3S synergy enhances the reduction in vulnerability and terrorism. • Highlighted were concept of detection, delay and response. - Abstract: A physical protection system (PPS) integrates people, procedures, and equipment for the protection of assets or facilities against theft, sabotage and terrorist attacks. Therefore, this paper proposes the use of a systematic and measurable approach to the design of PPS and its emphases on the concept of detection, delay and response. The proposed performance based PPS has the capability of defeating adversaries thereby achieving its targets. Therefore, timely detection of intrusion – based on the use of sensors, signal lines and alarm systems – is a major principle in the proposed system. Also the need for deterrence such as barriers in form of guards, access control, close circuit television (CCTV), strong policy and procedures, then the security culture amongst the facility workers was appropriately discussed. Since nuclear power is considered the only source that can provide large scale electricity with comparatively minimal impact on the environment, the paper also considered base guidelines for the application of PPS in any nuclear and radioactive facilities, followed with the necessity to incorporate inherent safety, security and safeguard (3S) synergy innovation in the physical protection system design and other characteristics that will enhance to reduce the vulnerability of nuclear facilities and materials to theft sabotage and terrorist attacks

  1. Unix Security Cookbook

    Science.gov (United States)

    Rehan, S. C.

    This document has been written to help Site Managers secure their Unix hosts from being compromised by hackers. I have given brief introductions to the security tools along with downloading, configuring and running information. I have also included a section on my recommendations for installing these security tools starting from an absolute minimum security requirement.

  2. Untangle network security

    CERN Document Server

    El-Bawab, Abd El-Monem A

    2014-01-01

    If you are a security engineer or a system administrator and want to secure your server infrastructure with the feature-rich Untangle, this book is for you. For individuals who want to start their career in the network security field, this book would serve as a perfect companion to learn the basics of network security and how to implement it using Untangle NGFW.

  3. Arguing Against Security Communitarianism

    DEFF Research Database (Denmark)

    Bilgin, Pinar

    2016-01-01

    Anthony Burke’s ‘security cosmopolitanism’ is a fresh and thought-provoking contribution to critical theorizing about security. In this discussion piece, I would like to join Burke’s call for ‘security cosmopolitanism’ by way of arguing against ‘security communitarianism’. I understand the latter...

  4. Security research roadmap

    Energy Technology Data Exchange (ETDEWEB)

    Rouhiainen, V. (ed.)

    2007-02-15

    VTT has a broad range of security research ongoing in many areas of technology. The main areas have been concentrating on public safety and security, but VTT is also participating in several research projects related to defence technology. To identify and define expertise and research goals in more detail, the Security research roadmap was developed. The roadmap identified three particularly significant areas related to security. The assurance of a critical infrastructure emphasises the protection of energy networks, information networks, water supply, traffic and transport, and obviously also the citizens. For assuring the activities of entrepreneurship, significant areas include the security of production and services, the security of sites and assets, and information security for embedded systems. The most important security products and technologies needed are, for example, management of total security, detection, identification, localisation and communication, protection of information networks and systems, as well as physical protection. In the EU's Security programme, which aims at ensuring the security of society and its vital functions, it is stated that. Technology alone can not assure security, but security can not be assured without the support of technology. VTT is conducting security research in all its areas of expertise and clusters. The area has a significant research potential. The development of products and systems designed for the improvement of security has just started. There is still room for innovation. This report presents knowledge and development needs in more detail, as well as future development potential seen in the area of security. (orig.)

  5. IAEA nuclear security program

    Energy Technology Data Exchange (ETDEWEB)

    Ek, D. [International Atomic Energy Agency, Vienna (Austria)

    2006-07-01

    Although nuclear security is a State responsibility, it is nevertheless an international concern, as the consequences of a nuclear security incident would have worldwide impact. These concerns have resulted in the development of numerous international instruments on nuclear security since the terrorist events in the USA on September 11, 2001. The IAEA Office of Nuclear Security has been charged to assist Member States to improvement their nuclear security and to meet the intent of these international obligations in order to ensure a cohesive thread of nuclear security protects the global community. The programs underway and planned by the Office of Nuclear Security will be discussed in this paper. (author)

  6. IAEA nuclear security program

    International Nuclear Information System (INIS)

    Ek, D.

    2006-01-01

    Although nuclear security is a State responsibility, it is nevertheless an international concern, as the consequences of a nuclear security incident would have worldwide impact. These concerns have resulted in the development of numerous international instruments on nuclear security since the terrorist events in the USA on September 11, 2001. The IAEA Office of Nuclear Security has been charged to assist Member States to improvement their nuclear security and to meet the intent of these international obligations in order to ensure a cohesive thread of nuclear security protects the global community. The programs underway and planned by the Office of Nuclear Security will be discussed in this paper. (author)

  7. Professional Cocoa Application Security

    CERN Document Server

    Lee, Graham J

    2010-01-01

    The first comprehensive security resource for Mac and iPhone developers. The Mac platform is legendary for security, but consequently, Apple developers have little appropriate security information available to help them assure that their applications are equally secure. This Wrox guide provides the first comprehensive go-to resource for Apple developers on the available frameworks and features that support secure application development.: While Macs are noted for security, developers still need to design applications for the Mac and the iPhone with security in mind; this guide offers the first

  8. Lecture 2: Software Security

    CERN Multimedia

    CERN. Geneva

    2013-01-01

    Computer security has been an increasing concern for IT professionals for a number of years, yet despite all the efforts, computer systems and networks remain highly vulnerable to attacks of different kinds. Design flaws and security bugs in the underlying software are among the main reasons for this. This lecture addresses the following question: how to create secure software? The lecture starts with a definition of computer security and an explanation of why it is so difficult to achieve. It then introduces the main security principles (like least-privilege, or defense-in-depth) and discusses security in different phases of the software development cycle. The emphasis is put on the implementation part: most common pitfalls and security bugs are listed, followed by advice on best practice for security development, testing and deployment. Sebastian Lopienski is CERN’s deputy Computer Security Officer. He works on security strategy and policies; offers internal consultancy and audit services; develops and ...

  9. Securing the Application Layer in eCommerce

    OpenAIRE

    Bala Musa S; Norita Md Norwawi; Mohd Hasan Selamat

    2012-01-01

    As e-commerce transaction is evolving, security is becoming a paramount issue since a great deal of credit cards, fund transfer, web shopping and public retirements are involved. Therefore, an appropriate development process is necessary for such security critical application. Also, handling security issues at early stage of software development is paramount to avoiding vulnerabilities from scaling through production environment unnoticed. This paper proposes a comprehensive security requirem...

  10. A Framework for Adaptive Information Security Systems : A Holistic Investigation

    OpenAIRE

    Mwakalinga, Jeffy

    2011-01-01

    This research proposes a framework for adaptive information security systems that considers both the technical and social aspects of information systems security. Initial development of information systems security focused on computer technology and communication protocols. Researchers and designers did not consider culture, traditions, ethics, and other social issues of the people using the systems when designing and developing information security systems. They also seemed to ignore environ...

  11. E-learning stakeholders information security vulnerability model

    OpenAIRE

    Mohd Alwi, Najwa Hayaati

    2012-01-01

    The motivation to conduct this research has come from awareness that the Internet exposes the e-learning environment to information security threats and vulnerabilities. Information security management as practised as a top down approach in many organisations tend to detach of people’s responsibility in ensuring the security of e-learning. Literature has pointed out that people’s behaviour required to be addressed to control the information security threats. This research proposes an ISM huma...

  12. Transparent Data Encryption -- Solution for Security of Database Contents

    OpenAIRE

    Deshmukh, Dr. Anwar Pasha; Qureshi, Dr. Riyazuddin

    2013-01-01

    The present study deals with Transparent Data Encryption which is a technology used to solve the problems of security of data. Transparent Data Encryption means encrypting databases on hard disk and on any backup media. Present day global business environment presents numerous security threats and compliance challenges. To protect against data thefts and frauds we require security solutions that are transparent by design. Transparent Data Encryption provides transparent, standards-based secur...

  13. Implementing healthcare information security: standards can help.

    Science.gov (United States)

    Orel, Andrej; Bernik, Igor

    2013-01-01

    Using widely spread common approaches to systems security in health dedicated controlled environments, a level of awareness, confidence and acceptance of relevant standardisation is evaluated. Patients' information is sensitive, so putting appropriate organisational techniques as well as modern technology in place to secure health information is of paramount importance. Mobile devices are becoming the top priorities in advanced information security planning with healthcare environments being no exception. There are less and less application areas in healthcare without having a need for a mobile functionality which represents an even greater information security challenge. This is also true in emergency treatments, rehabilitation and homecare just to mention a few areas outside hospital controlled environments. Unfortunately quite often traditional unsecured communications principles are still in routine use for communicating sensitive health related information. The security awareness level with users, patients and care professionals is not high enough so potential threats and risks may not be addressed and the respective information security management is therefore weak. Standards like ISO/IEC 27000 ISMS family, the ISO/IEC 27799 information security guidelines in health are often not well known, but together with legislation principles such as HIPAA, they can help.

  14. A Holistic and Immune System inspired Security Framework

    OpenAIRE

    Mwakalinga, G. Jeffy; Yngström, Louise; Kowalski, Stewart

    2009-01-01

    This paper presents a Framework for adaptive information security systems for securing information systems. Information systems today are vulnerable and not adaptive to the dynamic environments because initial development of these systems focused on computer technology and communications protocol only. Most research in information security does not consider culture of users, system environments and does not pay enough attention to the enemies of information systems. As a result, users serve t...

  15. Security For Wireless Sensor Network

    OpenAIRE

    Saurabh Singh,; Dr. Harsh Kumar Verma

    2011-01-01

    Wireless sensor network is highly vulnerable to attacks because it consists of various resourceconstrained devices with their low battery power, less memory, and associated low energy. Sensor nodescommunicate among themselves via wireless links. However, there are still a lot of unresolved issues in wireless sensor networks of which security is one of the hottest research issues. Sensor networks aredeployed in hostile environments. Environmental conditions along with resource-constraints give...

  16. Database security in the cloud

    OpenAIRE

    Sakhi, Imal

    2012-01-01

    The aim of the thesis is to get an overview of the database services available in cloud computing environment, investigate the security risks associated with it and propose the possible countermeasures to minimize the risks. The thesis also analyzes two cloud database service providers namely; Amazon RDS and Xeround. The reason behind choosing these two providers is because they are currently amongst the leading cloud database providers and both provide relational cloud databases which makes ...

  17. Security Management and Safeguards Office

    Science.gov (United States)

    Bewley, Nathaniel M.

    2004-01-01

    The Security Management and Safeguards Office at NASA is here to keep the people working in a safe environment. They also are here to protect the buildings and documents from sabotage, espionage, and theft. During the summer of 2004, I worked with Richard Soppet in Physical Security. While I was working here I helped out with updating the map that we currently use at NASA Glenn Research Center, attended meetings for homeland security, worked with the security guards and the locksmith. The meetings that I attended for homeland security talked about how to protect ourselves before something happened, they told us to always be on the guard and look for anything suspicious, and the different ways that terrorist groups operate. When I was with the security guards I was taught how to check someone into the base, showed how to use a radar gun, observed a security guard make a traffic stop for training and was with them while they patrolled NASA Glenn Research Center to make sure things were running smooth and no one was in danger. When I was with the lock smith I was taught how to make keys and locks for the employees here at NASA. The lock smith also showed me that he had inventory cabinets of files that show how many keys were out to people and who currently has access to the rooms that they keys were made for. I also helped out the open house at NASA Glenn Research Center. I helped out by showing the Army Reserves, and Brook Park's SWAT team where all the main events were going to take place a week before the open house was going to begin. Then during the open house I helped out by making sure people had there IDS, checked through there bags, and handed out a map to them that showed where the different activities were going to take place. So the main job here at NASA Glenn Research Center for the Security Management and Safeguards Office is to make sure that nothing is stolen, sabotaged, and espionaged. Also most importantly make sure all the employees here at NASA are

  18. Distributed security framework for modern workforce

    Energy Technology Data Exchange (ETDEWEB)

    Balatsky, G.; Scherer, C. P., E-mail: gbalatsky@lanl.gov, E-mail: scherer@lanl.gov [Los Alamos National Laboratory, Los Alamos, NM (United States)

    2014-07-01

    Safe and sustainable nuclear power production depends on strict adherence to nuclear security as a necessary prerequisite for nuclear power. This paper considers the current challenges for nuclear security, and proposes a conceptual framework to address those challenges. We identify several emerging factors that affect nuclear security: 1. Relatively high turnover rates in the nuclear workforce compared to the earlier years of the nuclear industry, when nuclear workers were more likely to have secure employment, a lifelong career at one company, and retirement on a pension plan. 2. Vulnerabilities stemming from the ubiquitous presence of modern electronics and their patterns of use by the younger workforce. 3. Modern management practices, including outsourcing and short-term contracting (which relates to number 1 above). In such a dynamic and complex environment, nuclear security personnel alone cannot effectively guarantee adequate security. We propose that one solution to this emerging situation is a distributed security model in which the components of nuclear security become the responsibility of each and every worker at a nuclear facility. To implement this model, there needs to be a refurbishment of current workforce training and mentoring practices. The paper will present an example of distributed security framework model, and how it may look in practice. (author)

  19. Distributed security framework for modern workforce

    International Nuclear Information System (INIS)

    Balatsky, G.; Scherer, C. P.

    2014-01-01

    Safe and sustainable nuclear power production depends on strict adherence to nuclear security as a necessary prerequisite for nuclear power. This paper considers the current challenges for nuclear security, and proposes a conceptual framework to address those challenges. We identify several emerging factors that affect nuclear security: 1. Relatively high turnover rates in the nuclear workforce compared to the earlier years of the nuclear industry, when nuclear workers were more likely to have secure employment, a lifelong career at one company, and retirement on a pension plan. 2. Vulnerabilities stemming from the ubiquitous presence of modern electronics and their patterns of use by the younger workforce. 3. Modern management practices, including outsourcing and short-term contracting (which relates to number 1 above). In such a dynamic and complex environment, nuclear security personnel alone cannot effectively guarantee adequate security. We propose that one solution to this emerging situation is a distributed security model in which the components of nuclear security become the responsibility of each and every worker at a nuclear facility. To implement this model, there needs to be a refurbishment of current workforce training and mentoring practices. The paper will present an example of distributed security framework model, and how it may look in practice. (author)

  20. A European Perspective on Security Research

    Science.gov (United States)

    Liem, Khoen; Hiller, Daniel; Castex, Christoph

    Tackling the complexity and interdependence of today's security environment in the globalized world of the 21st century is an everlasting challenge. Whereas the end of the Cold War presented a caesura of global dimension for the political and economic architecture and a realignment of power distribution and international relations between former adversaries, September 11th of 2001 may be seen as another caesura. Since then, specifically among countries of the Western hemisphere, traditional security paradigms and theories have been critically questioned and the different security cultures and perceptions have resulted in diverse security and defence policies as well as in security research efforts of individual countries. Consensus, it seems, exists on the question of what the threats are that our modern interconnected societies are facing. Whether looking at international terrorism, organized crime, climate change, the illegal trafficking of goods and people or naturally caused catastrophes, these phenomena all have in common that they are in most cases of transnational nature. Formerly existing dividing lines between internal and external security continue to fade, presenting an enormous challenge for those in charge of designing security policy and even more so for the various institutions safeguarding European security. That is why dissent often revolves around the question on how to get hold of these complex problems. Geographic location, cultural background, ethical make-up of society as well as relations with neighbouring countries are all important aspects to be considered when assessing the security culture and policy of individual countries.

  1. Use of WebDAV to Support a Virtual File System in a Coalition Environment

    National Research Council Canada - National Science Library

    Bradney, Jeremiah A

    2006-01-01

    The Monterey Security Architecture (MYSEA) combines untrusted commercial-off-the-shelf components with specialized high-assurance trusted components to provide a trusted multilevel secure environment...

  2. Defining Information Security.

    Science.gov (United States)

    Lundgren, Björn; Möller, Niklas

    2017-11-15

    This article proposes a new definition of information security, the 'Appropriate Access' definition. Apart from providing the basic criteria for a definition-correct demarcation and meaning concerning the state of security-it also aims at being a definition suitable for any information security perspective. As such, it bridges the conceptual divide between so-called 'soft issues' of information security (those including, e.g., humans, organizations, culture, ethics, policies, and law) and more technical issues. Because of this it is also suitable for various analytical purposes, such as analysing possible security breaches, or for studying conflicting attitudes on security in an organization. The need for a new definition is demonstrated by pointing to a number of problems for the standard definition type of information security-the so-called CIA definition. Besides being too broad as well as too narrow, it cannot properly handle the soft issues of information security, nor recognize the contextual and normative nature of security.

  3. Managing Cisco network security

    CERN Document Server

    Knipp, Eric

    2002-01-01

    An in-depth knowledge of how to configure Cisco IP network security is a MUST for anyone working in today''s internetworked world"There''s no question that attacks on enterprise networks are increasing in frequency and sophistication..."-Mike Fuhrman, Cisco Systems Manager, Security ConsultingManaging Cisco Network Security, Second Edition offers updated and revised information covering many of Cisco''s security products that provide protection from threats, detection of network security incidents, measurement of vulnerability and policy compliance and management of security policy across an extended organization. These are the tools that network administrators have to mount defenses against threats. Chapters also cover the improved functionality and ease of the Cisco Secure Policy Manger software used by thousands of small-to-midsized businesses and a special section on the Cisco Aironet Wireless Security Solutions.Security from a real-world perspectiveKey coverage of the new technologies offered by the Cisc...

  4. Digital security technology simplified.

    Science.gov (United States)

    Scaglione, Bernard J

    2007-01-01

    Digital security technology is making great strides in replacing analog and other traditional security systems including CCTV card access, personal identification and alarm monitoring applications. Like any new technology, the author says, it is important to understand its benefits and limitations before purchasing and installing, to ensure its proper operation and effectiveness. This article is a primer for security directors on how digital technology works. It provides an understanding of the key components which make up the foundation for digital security systems, focusing on three key aspects of the digital security world: the security network, IP cameras and IP recorders.

  5. ICT security management

    OpenAIRE

    SCHREURS, Jeanne; MOREAU, Rachel

    2007-01-01

    Security becomes more and more important and companies are aware that it has become a management problem. It’s critical to know what are the critical resources and processes of the company and their weaknesses. A security audit can be a handy solution. We have developed BEVA, a method to critically analyse the company and to uncover the weak spots in the security system. BEVA results also in a general security score and security scores for each security factor. These will be used in the risk ...

  6. Android apps security

    CERN Document Server

    Gunasekera, Sheran

    2012-01-01

    Android Apps Security provides guiding principles for how to best design and develop Android apps with security in mind. It explores concepts that can be used to secure apps and how developers can use and incorporate these security features into their apps. This book will provide developers with the information they need to design useful, high-performing, and secure apps that expose end-users to as little risk as possible.  Overview of Android OS versions, features, architecture and security.  Detailed examination of areas where attacks on applications can take place and what controls should b

  7. Smart security proven practices

    CERN Document Server

    Quilter, J David

    2014-01-01

    Smart Security: Understanding and Contributing to the Business is a video presentation. Length: 68 minutes. In Smart Security: Understanding and Contributing to the Business, presenter J. David Quilter demonstrates the benefits of how a fully integrated security program increases business profits and delivers smart security practices at the same time. The presentation does away with the misconception that security is only an expense. In fact, a well-integrated security program can protect business interests, thereby enhancing productivity and net income. Quilter covers cost analysis and secu

  8. Nation State as Security Provider in Human Security Issue

    OpenAIRE

    Maya Padmi, Made Fitri

    2015-01-01

    Human Security notion is emphasizing on human as the central of security studies, challenging the position of state as the core of security. Some studies are tried to separate the state security and human security, however there are strong connection between these two notions. State has important role in establishing and maintaining the security of its own citizens. Through social contract and social security protection, state are oblige to set the security of its own people as their security...

  9. Intelligent Model for Video Survillance Security System

    Directory of Open Access Journals (Sweden)

    J. Vidhya

    2013-12-01

    Full Text Available Video surveillance system senses and trails out all the threatening issues in the real time environment. It prevents from security threats with the help of visual devices which gather the information related to videos like CCTV’S and IP (Internet Protocol cameras. Video surveillance system has become a key for addressing problems in the public security. They are mostly deployed on the IP based network. So, all the possible security threats exist in the IP based application might also be the threats available for the reliable application which is available for video surveillance. In result, it may increase cybercrime, illegal video access, mishandling videos and so on. Hence, in this paper an intelligent model is used to propose security for video surveillance system which ensures safety and it provides secured access on video.

  10. Mathematical and Statistical Opportunities in Cyber Security

    Energy Technology Data Exchange (ETDEWEB)

    Meza, Juan; Campbell, Scott; Bailey, David

    2009-03-23

    The role of mathematics in a complex system such as the Internet has yet to be deeply explored. In this paper, we summarize some of the important and pressing problems in cyber security from the viewpoint of open science environments. We start by posing the question 'What fundamental problems exist within cyber security research that can be helped by advanced mathematics and statistics'? Our first and most important assumption is that access to real-world data is necessary to understand large and complex systems like the Internet. Our second assumption is that many proposed cyber security solutions could critically damage both the openness and the productivity of scientific research. After examining a range of cyber security problems, we come to the conclusion that the field of cyber security poses a rich set of new and exciting research opportunities for the mathematical and statistical sciences.

  11. Modelling security and trust with Secure Tropos

    NARCIS (Netherlands)

    Giorgini, P.; Mouratidis, H.; Zannone, N.; Mouratidis, H.; Giorgini, P.

    2006-01-01

    Although the concepts of security and trust play an important issue in the development of information systems, they have been mainly neglected by software engineering methodologies. In this chapter we present an approach that considers security and trust throughout the software development process.

  12. Securing abundance : The politics of energy security

    NARCIS (Netherlands)

    Kester, Johannes

    2016-01-01

    Energy Security is a concept that is known in the literature for its ‘slippery’ nature and subsequent wide range of definitions. Instead of another attempt at grasping the essence of this concept, Securing Abundance reformulates the problem and moves away from a definitional problem to a theoretical

  13. Embedded Java security security for mobile devices

    CERN Document Server

    Debbabi, Mourad; Talhi, Chamseddine

    2007-01-01

    Java brings more functionality and versatility to the world of mobile devices, but it also introduces new security threats. This book contains a presentation of embedded Java security and presents the main components of embedded Java. It gives an idea of the platform architecture and is useful for researchers and practitioners.

  14. Secure Data Service Outsourcing with Untrusted Cloud

    OpenAIRE

    Xiong, Huijun

    2013-01-01

    Outsourcing data services to the cloud is a nature fit for cloud usage. However, increasing security and privacy concerns from both enterprises and individuals on their outsourced data inhibit this trend. In this dissertation, we introduce service-centric solutions to address two types of security threats existing in the current cloud environments: semi-honest cloud providers and malicious cloud customers. Our solution aims not only to provide confidentiality and access controllability of out...

  15. webinos project deliverable: Phase 1 Security Framework

    OpenAIRE

    webinos consortium

    2011-01-01

    The webinos project aims to deliver a cross-device web application runtime environment, providing a unified development platform and standardized inter-device communication and interaction. This document contains the first iteration of the technical security and privacy framework designed for the webinos project. It accompanies two other documents - D3.1 System Specification and D3.2 API Specifications - and refers to concepts developed in them. The security and privacy architecture aims to p...

  16. Design Methodologies for Secure Embedded Systems

    CERN Document Server

    Biedermann, Alexander

    2011-01-01

    Embedded systems have been almost invisibly pervading our daily lives for several decades. They facilitate smooth operations in avionics, automotive electronics, or telecommunication. New problems arise by the increasing employment, interconnection, and communication of embedded systems in heterogeneous environments: How secure are these embedded systems against attacks or breakdowns? Therefore, how can embedded systems be designed to be more secure? And how can embedded systems autonomically react to threats? Facing these questions, Sorin A. Huss is significantly involved in the exploration o

  17. The Land Component Role in Maritime Security

    Science.gov (United States)

    2016-12-31

    nations for resources. They must also confront maritime threats, which include piracy , armed robbery, damage to the marine environment (i.e. pollution...such as an armed attack from a military vessel. Most definitions also usually include security from crimes at sea, such as piracy , armed robbery...security through stability operations, one must accept that any effective government must focus on basic governmental functions – providing for the

  18. Problems of environment pollution in energy production

    International Nuclear Information System (INIS)

    Soyberk, Oe.

    2000-01-01

    This publication relates to nuclear fuel cycle and environment, nuclear accidents, risk analysis, test of nuclear weapon, security problems of nuclear power plants, advantages and disadvantages of energy sources, climate variation due to environment pollution

  19. Secure and Efficient Routable Control Systems

    Energy Technology Data Exchange (ETDEWEB)

    Edgar, Thomas W.; Hadley, Mark D.; Manz, David O.; Winn, Jennifer D.

    2010-05-01

    This document provides the methods to secure routable control system communication in the electric sector. The approach of this document yields a long-term vision for a future of secure communication, while also providing near term steps and a roadmap. The requirements for the future secure control system environment were spelled out to provide a final target. Additionally a survey and evaluation of current protocols was used to determine if any existing technology could achieve this goal. In the end a four-step path was described that brought about increasing requirement completion and culminates in the realization of the long term vision.

  20. NOSArmor: Building a Secure Network Operating System

    Directory of Open Access Journals (Sweden)

    Hyeonseong Jo

    2018-01-01

    Full Text Available Software-Defined Networking (SDN, controlling underlying network devices (i.e., data plane in a logically centralized manner, is now actively adopted in many real world networking environments. It is clear that a network administrator can easily understand and manage his networking environments with the help of SDN. In SDN, a network operating system (NOS, also known as an SDN controller, is the most critical component because it should be involved in all transactions for controlling network devices, and thus the security of NOS cannot be highly exaggerated. However, in spite of its importance, no previous works have thoroughly investigated the security of NOS. In this work, to address this problem, we present the NOSArmor, which integrates several security mechanisms, named as security building block (SBB, into a consolidated SDN controller. NOSArmor consists of eight SBBs and each of them addresses different security principles of network assets. For example, while role-based authorization focuses on securing confidentiality of internal storage from malicious applications, OpenFlow protocol verifier protects availability of core service in the controller from malformed control messages received from switches. In addition, NOSArmor shows competitive performance compared to existing other controllers (i.e., ONOS, Floodlight with secureness of network assets.

  1. Security Protocols in a Nutshell

    OpenAIRE

    Toorani, Mohsen

    2016-01-01

    Security protocols are building blocks in secure communications. They deploy some security mechanisms to provide certain security services. Security protocols are considered abstract when analyzed, but they can have extra vulnerabilities when implemented. This manuscript provides a holistic study on security protocols. It reviews foundations of security protocols, taxonomy of attacks on security protocols and their implementations, and different methods and models for security analysis of pro...

  2. Institutionalizing Security Force Assistance

    National Research Council Canada - National Science Library

    Binetti, Michael R

    2008-01-01

    .... It looks at the manner in which security assistance guidance is developed and executed. An examination of national level policy and the guidance from senior military and civilian leaders highlights the important role of Security Force Assistance...

  3. Security of Dependable Systems

    DEFF Research Database (Denmark)

    Ahmed, Naveed; Jensen, Christian D.

    2011-01-01

    Security and dependability are crucial for designing trustworthy systems. The approach “security as an add-on” is not satisfactory, yet the integration of security in the development process is still an open problem. Especially, a common framework for specifying dependability and security is very...... much needed. There are many pressing challenges however; here, we address some of them. Firstly, security for dependable systems is a broad concept and traditional view of security, e.g., in terms of confidentiality, integrity and availability, does not suffice. Secondly, a clear definition of security...... in the dependability context is not agreed upon. Thirdly, security attacks cannot be modeled as a stochastic process, because the adversary’s strategy is often carefully planned. In this chapter, we explore these challenges and provide some directions toward their solutions....

  4. Security in Computer Applications

    CERN Multimedia

    CERN. Geneva

    2004-01-01

    Computer security has been an increasing concern for IT professionals for a number of years, yet despite all the efforts, computer systems and networks remain highly vulnerable to attacks of different kinds. Design flaws and security bugs in the underlying software are among the main reasons for this. This lecture addresses the following question: how to create secure software? The lecture starts with a definition of computer security and an explanation of why it is so difficult to achieve. It then introduces the main security principles (like least-privilege, or defense-in-depth) and discusses security in different phases of the software development cycle. The emphasis is put on the implementation part: most common pitfalls and security bugs are listed, followed by advice on best practice for security development. The last part of the lecture covers some miscellaneous issues like the use of cryptography, rules for networking applications, and social engineering threats. This lecture was first given on Thursd...

  5. Wireshark network security

    CERN Document Server

    Verma, Piyush

    2015-01-01

    If you are network administrator or a security analyst with an interest in using Wireshark for security analysis, then this is the book for you. Basic familiarity with common network and application services terms and technologies is assumed.

  6. Control System Applicable Use Assessment of the Secure Computing Corporation - Secure Firewall (Sidewinder)

    Energy Technology Data Exchange (ETDEWEB)

    Hadley, Mark D.; Clements, Samuel L.

    2009-01-01

    Battelle’s National Security & Defense objective is, “applying unmatched expertise and unique facilities to deliver homeland security solutions. From detection and protection against weapons of mass destruction to emergency preparedness/response and protection of critical infrastructure, we are working with industry and government to integrate policy, operational, technological, and logistical parameters that will secure a safe future”. In an ongoing effort to meet this mission, engagements with industry that are intended to improve operational and technical attributes of commercial solutions that are related to national security initiatives are necessary. This necessity will ensure that capabilities for protecting critical infrastructure assets are considered by commercial entities in their development, design, and deployment lifecycles thus addressing the alignment of identified deficiencies and improvements needed to support national cyber security initiatives. The Secure Firewall (Sidewinder) appliance by Secure Computing was assessed for applicable use in critical infrastructure control system environments, such as electric power, nuclear and other facilities containing critical systems that require augmented protection from cyber threat. The testing was performed in the Pacific Northwest National Laboratory’s (PNNL) Electric Infrastructure Operations Center (EIOC). The Secure Firewall was tested in a network configuration that emulates a typical control center network and then evaluated. A number of observations and recommendations are included in this report relating to features currently included in the Secure Firewall that support critical infrastructure security needs.

  7. Windows Security patch required

    CERN Multimedia

    3004-01-01

    This concerns Windows PCs (XP, 2000, NT) which are NOT centrally managed at CERN for security patches, e.g. home PCs, experiment PCs, portables,... A security hole which can give full privileges on Windows systems needs to be URGENTLY patched. Details of the security hole and hotfix are at: http://cern.ch/it-div/news/hotfix-MS03-026.asp http://www.microsoft.com/technet/security/bulletin/MS03-026.asp

  8. Cloud security mechanisms

    OpenAIRE

    2014-01-01

    Cloud computing has brought great benefits in cost and flexibility for provisioning services. The greatest challenge of cloud computing remains however the question of security. The current standard tools in access control mechanisms and cryptography can only partly solve the security challenges of cloud infrastructures. In the recent years of research in security and cryptography, novel mechanisms, protocols and algorithms have emerged that offer new ways to create secure services atop cloud...

  9. Security system signal supervision

    International Nuclear Information System (INIS)

    Chritton, M.R.; Matter, J.C.

    1991-09-01

    This purpose of this NUREG is to present technical information that should be useful to NRC licensees for understanding and applying line supervision techniques to security communication links. A review of security communication links is followed by detailed discussions of link physical protection and DC/AC static supervision and dynamic supervision techniques. Material is also presented on security for atmospheric transmission and video line supervision. A glossary of security communication line supervision terms is appended. 16 figs

  10. Android application security essentials

    CERN Document Server

    Rai, Pragati

    2013-01-01

    Android Application Security Essentials is packed with examples, screenshots, illustrations, and real world use cases to secure your apps the right way.If you are looking for guidance and detailed instructions on how to secure app data, then this book is for you. Developers, architects, managers, and technologists who wish to enhance their knowledge of Android security will find this book interesting. Some prior knowledge of development on the Android stack is desirable but not required.

  11. Finance/security/life.

    OpenAIRE

    Langley, P.

    2017-01-01

    What is the contemporary relation between finance and security? This essay encourages further research into the securitization of finance by developing the notion of ‘finance/security/life’. A focus on the intersections of finance/security/life will be shown to prompt a broadened range of critical, cross-disciplinary concerns with the various ways in which financial markets are positioned as vital to securing wealth, welfare and wellbeing.

  12. Electronic healthcare information security

    CERN Document Server

    Dube, Kudakwashe; Shoniregun, Charles A

    2010-01-01

    The ever-increasing healthcare expenditure and pressing demand for improved quality and efficiency of patient care services are driving innovation in healthcare information management. The domain of healthcare has become a challenging testing ground for information security due to the complex nature of healthcare information and individual privacy. ""Electronic Healthcare Information Security"" explores the challenges of e-healthcare information and security policy technologies. It evaluates the effectiveness of security and privacy implementation systems for anonymization methods and techniqu

  13. Hybrid Security Policies

    Directory of Open Access Journals (Sweden)

    Radu CONSTANTINESCU

    2006-01-01

    Full Text Available Policy is defined as the rules and regulations set by the organization. They are laid down by management in compliance with industry regulations, law and internal decisions. Policies are mandatory. Security policies rules how the information is protected against security vulnerabilities and they are the basis for security awareness, training and vital for security audits. Policies are focused on desired results. The means of achieving the goals are defined on controls, standards and procedures.

  14. Mobile platform security

    CERN Document Server

    Asokan, N; Dmitrienko, Alexandra

    2013-01-01

    Recently, mobile security has garnered considerable interest in both the research community and industry due to the popularity of smartphones. The current smartphone platforms are open systems that allow application development, also for malicious parties. To protect the mobile device, its user, and other mobile ecosystem stakeholders such as network operators, application execution is controlled by a platform security architecture. This book explores how such mobile platform security architectures work. We present a generic model for mobile platform security architectures: the model illustrat

  15. Development of Cyber Security Scheme for Nuclear Power Plant

    Energy Technology Data Exchange (ETDEWEB)

    Hong, S. B.; Choi, Y. S.; Cho, J. W. (and others)

    2009-12-15

    Nuclear I and C system is considered to be safe on the cyber threat because of the use of exclusive communication network and operating system. But the trend of open architecture and standardization on the equipment of I and C system, it is not safe on the cyber threat such as hacking and cyber terror. It is needed to protect nuclear I and C systems by the cyber attack, Countermeasures of the cyber security is required a lot of time and endeavors because there are many factors on the environment of cyber security and cyber attack. For the nuclear cyber security, we should make structural framework and eliminate cyber vulnerabilities by the analysis of cyber environment. The framework for the cyber security includes planning, embodiment of security technologies, security audit, security management and security maintenance. In this report, we examined IT security technology and the trend of standard in the industrial I and C system, and proposed a method to construct cyber security for the nuclear power plant. We analysed the threat of cyber security, vulnerability and cyber risk, then we present a method for the cyber security structure and the countermeasures.

  16. Development of Cyber Security Scheme for Nuclear Power Plant

    International Nuclear Information System (INIS)

    Hong, S. B.; Choi, Y. S.; Cho, J. W.

    2009-12-01

    Nuclear I and C system is considered to be safe on the cyber threat because of the use of exclusive communication network and operating system. But the trend of open architecture and standardization on the equipment of I and C system, it is not safe on the cyber threat such as hacking and cyber terror. It is needed to protect nuclear I and C systems by the cyber attack, Countermeasures of the cyber security is required a lot of time and endeavors because there are many factors on the environment of cyber security and cyber attack. For the nuclear cyber security, we should make structural framework and eliminate cyber vulnerabilities by the analysis of cyber environment. The framework for the cyber security includes planning, embodiment of security technologies, security audit, security management and security maintenance. In this report, we examined IT security technology and the trend of standard in the industrial I and C system, and proposed a method to construct cyber security for the nuclear power plant. We analysed the threat of cyber security, vulnerability and cyber risk, then we present a method for the cyber security structure and the countermeasures

  17. Security of material

    International Nuclear Information System (INIS)

    Nilsson, A.

    2001-01-01

    Full text: From the early days of discovery and experimentation with nuclear science, nuclear and radioactive materials have held extraordinary potential for being of great benefit to humankind, as well as for causing significant harm. For the past forty years, the IAEA has played an important role in ensuring that nuclear technologies and materials are used only for peaceful purposes. The Agency's safeguards programme has been providing assurances that States honour their undertakings to use nuclear facilities and materials for peaceful purposes only. The potential of nuclear materials and other radioactive materials being used in subversive activities, such as theft, illicit trafficking, sabotage and threats thereof, has been recognized by the international community. The tragic events in New York have given new light to and increased concern for this potential. No target may be considered immune from terrorism. Since 1993, States have confirmed over 370 cases of illicit trafficking. Information is also available on potential attempts of and actual acts of sabotage. For any State, the first step in ensuring the security of their materials is an effective national system. Such a system must contain multiple elements, including physical protection measures, material accountability arrangements, reliable detection capabilities, and plans for rapid and effective response when material is found to be lost, stolen or otherwise not under proper control. The system must also cover illegal waste dumping and other activities that would result in the release of radioactive material into the environment. All these measures should be based on well founded legal and regulatory structures. In many cases, the responsibility for these various elements lies with different bodies, and co-operation between them is vital to the success of the national system. The Agency's programme Security of Material aims at being of service to States in their efforts to upgrade their security

  18. EMI Security Architecture

    CERN Document Server

    White, J.; Schuller, B.; Qiang, W.; Groep, D.; Koeroo, O.; Salle, M.; Sustr, Z.; Kouril, D.; Millar, P.; Benedyczak, K.; Ceccanti, A.; Leinen, S.; Tschopp, V.; Fuhrmann, P.; Heyman, E.; Konstantinov, A.

    2013-01-01

    This document describes the various architectures of the three middlewares that comprise the EMI software stack. It also outlines the common efforts in the security area that allow interoperability between these middlewares. The assessment of the EMI Security presented in this document was performed internally by members of the Security Area of the EMI project.

  19. Secure pairing with biometrics

    NARCIS (Netherlands)

    Buhan, I.R.; Boom, B.J.; Doumen, J.M.; Hartel, Pieter H.; Veldhuis, Raymond N.J.

    Secure pairing enables two devices that share no prior context with each other to agree upon a security association, which they can use to protect their subsequent communication. Secure pairing offers guarantees of the association partner identity and it should be resistant to eavesdropping and to a

  20. Selecting Security Technology Providers

    Science.gov (United States)

    Schneider, Tod

    2009-01-01

    The world of security technology holds great promise, but it is fraught with opportunities for expensive missteps and misapplications. The quality of the security technology consultants and system integrators one uses will have a direct bearing on how well his school masters this complex subject. Security technology consultants help determine…