Punishment in School: The Role of School Security Measures

Directory of Open Access Journals (Sweden)

Thomas J Mowen

2014-09-01

Full Text Available Although investigation of school security measures and their relationships to various outcomes including school crime rates (Gottfredson, 2001, perpetuation of social inequality (Ferguson, 2001; Nolan, 2011; Welch & Payne, 2010, and the impact on childhood experiences has seen significant growth within the last 20 years (Newman, 2004; Kupchik, 2010, few studies have sought to explore the impacts of these measures on suspension rates. Using data from the Educational Longitudinal Study (2002, I explore the relationship between security measures and in-school, out-of-school, and overall suspension rates. Results indicate schools with a security officer experience higher rates of in-school suspensions but have no difference in rates of out-of-school or overall suspensions compared to schools without a security officer. No other measure of security was related to higher suspension rates. As prior literature suggests, schools with greater proportions of black students experienced significantly higher rates of all suspension types. Finally, different types of parental involvement correlated with both higher and lower suspension rates.

Validity Evidence for the Security Scale as a Measure of Perceived Attachment Security in Adolescence

Science.gov (United States)

Van Ryzin, Mark J.; Leve, Leslie D.

2012-01-01

In this study, the validity of a self-report measure of children's perceived attachment security (the Kerns Security Scale) was tested using adolescents. With regards to predictive validity, the Security Scale was significantly associated with (1) observed mother-adolescent interactions during conflict and (2) parent- and teacher-rated social…

The strategic measures for the industrial security of small and medium business.

Science.gov (United States)

Lee, Chang-Moo

2014-01-01

The competitiveness of companies increasingly depends upon whether they possess the cutting-edge or core technology. The technology should be protected from industrial espionage or leakage. A special attention needs to be given to SMB (small and medium business), furthermore, because SMB occupies most of the companies but has serious problems in terms of industrial security. The technology leakages of SMB would account for more than 2/3 of total leakages during last five years. The purpose of this study is, therefore, to analyze the problems of SMB in terms of industrial security and suggest the strategic solutions for SMB in South Korea. The low security awareness and financial difficulties, however, make it difficult for SMB to build the effective security management system which would protect the company from industrial espionage and leakage of its technology. The growing dependence of SMB on network such as internet, in addition, puts the SMB at risk of leaking its technology through hacking or similar ways. It requires new measures to confront and control such a risk. Online security control services and technology deposit system are suggested for such measures.

The Strategic Measures for the Industrial Security of Small and Medium Business

Directory of Open Access Journals (Sweden)

Chang-Moo Lee

2014-01-01

Full Text Available The competitiveness of companies increasingly depends upon whether they possess the cutting-edge or core technology. The technology should be protected from industrial espionage or leakage. A special attention needs to be given to SMB (small and medium business, furthermore, because SMB occupies most of the companies but has serious problems in terms of industrial security. The technology leakages of SMB would account for more than 2/3 of total leakages during last five years. The purpose of this study is, therefore, to analyze the problems of SMB in terms of industrial security and suggest the strategic solutions for SMB in South Korea. The low security awareness and financial difficulties, however, make it difficult for SMB to build the effective security management system which would protect the company from industrial espionage and leakage of its technology. The growing dependence of SMB on network such as internet, in addition, puts the SMB at risk of leaking its technology through hacking or similar ways. It requires new measures to confront and control such a risk. Online security control services and technology deposit system are suggested for such measures.

Validation of the "Security Needs Assessment Profile" for measuring the profiles of security needs of Chinese forensic psychiatric inpatients.

Science.gov (United States)

Siu, B W M; Au-Yeung, C C Y; Chan, A W L; Chan, L S Y; Yuen, K K; Leung, H W; Yan, C K; Ng, K K; Lai, A C H; Davies, S; Collins, M

Mapping forensic psychiatric services with the security needs of patients is a salient step in service planning, audit and review. A valid and reliable instrument for measuring the security needs of Chinese forensic psychiatric inpatients was not yet available. This study aimed to develop and validate the Chinese version of the Security Needs Assessment Profile for measuring the profiles of security needs of Chinese forensic psychiatric inpatients. The Security Needs Assessment Profile by Davis was translated into Chinese. Its face validity, content validity, construct validity and internal consistency reliability were assessed by measuring the security needs of 98 Chinese forensic psychiatric inpatients. Principal factor analysis for construct validity provided a six-factor security needs model explaining 68.7% of the variance. Based on the Cronbach's alpha coefficient, the internal consistency reliability was rated as acceptable for procedural security (0.73), and fair for both physical security (0.62) and relational security (0.58). A significant sex difference (p=0.002) in total security score was found. The Chinese version of the Security Needs Assessment Profile is a valid and reliable instrument for assessing the security needs of Chinese forensic psychiatric inpatients. Copyright © 2017 Elsevier Ltd. All rights reserved.

Measuring Stability and Security in Iraq

National Research Council Canada - National Science Library

2007-01-01

... 1308 of Public Law 110-28. The report includes specific performance indicators and measures of progress toward political, economic, and security stability in Iraq, as directed in that legislation...

Cost-effectiveness of Security Measures: A model-based Framework

DEFF Research Database (Denmark)

Pieters, Wolter; Probst, Christian W.; Lukszo, Zofia

2014-01-01

Recently, cyber security has become an important topic on the agenda of many organisations. It is already widely acknowledged that attacks do happen, and decision makers face the problem of how to respond. As it is almost impossible to secure a complex system completely, it is important to have...... an adequate estimate of the effectiveness of security measures when making investment decisions. Risk concepts are known in principle, but estimating the effectiveness of countermeasure proves to be difficult and cannot be achieved by qualitative approaches only. In this chapter, the authors consider...... the question of how to guarantee cost-effectiveness of security measures. They investigate the possibility of using existing frameworks and tools, the challenges in a security context as opposed to a safety context, and directions for future research....

Development and initial validation of a measure of attachment security in late adulthood.

Science.gov (United States)

Lopez, Frederick G; Ramos, Katherine; Kim, Mijin

2018-05-10

Attachment theory-guided studies of older adults have generally relied on self-report measures that were validated on young adult samples and that focus on fears of rejection by romantic partners and on experiences of chronic discomfort with romantic intimacy as the key indicators of adult attachment security. These assessment characteristics raise important questions as to whether these measures are appropriate for use with older adults. Unlike their younger adult counterparts, older adults may face distinctive life stage-related threats to their attachment security such as declining health and autonomy, spousal loss, and increased dependence on younger family members for instrumental and emotional support. In response to these concerns, we conducted two independent studies aimed at developing and validating a novel measure of attachment security in older adults-the Late Adulthood Attachment Scale (LAAS). In study one (N = 287), exploratory structural equation modeling (ESEM) methods were used to identify and support a 2-factor structure (Fearful Avoidance, Secure Engagement) underlying LAAS scores. In study two (N = 417), ESEM and regression analyses confirmed the 2-factor structure and demonstrated the ability of LAAS scores to predict participants' well-being over a 3-month interval (n = 93). Findings from both studies support the psychometric adequacy of the LAAS as an alternative measure of attachment security for use with older adult samples. (PsycINFO Database Record (c) 2018 APA, all rights reserved).

Evaluation of Data Security Measures in a Network Environment Towards Developing Cooperate Data Security Guidelines

OpenAIRE

Ayub Hussein Shirandula; Dr. G. Wanyembi; Mr. Maina karume

2012-01-01

Data security in a networked environment is a topic that has become significant in organizations. As companies and organizations rely more on technology to run their businesses, connecting system to each other in different departments for efficiency data security is the concern for administrators. This research assessed the data security measures put in place at Mumias Sugar Company and the effort it was using to protect its data. The researcher also highlighted major security issues that wer...

Vague Sets Security Measure for Steganographic System Based on High-Order Markov Model

Directory of Open Access Journals (Sweden)

Chun-Juan Ouyang

2017-01-01

Full Text Available Security measure is of great importance in both steganography and steganalysis. Considering that statistical feature perturbations caused by steganography in an image are always nondeterministic and that an image is considered nonstationary, in this paper, the steganography is regarded as a fuzzy process. Here a steganographic security measure is proposed. This security measure evaluates the similarity between two vague sets of cover images and stego images in terms of n-order Markov chain to capture the interpixel correlation. The new security measure has proven to have the properties of boundedness, commutativity, and unity. Furthermore, the security measures of zero order, first order, second order, third order, and so forth are obtained by adjusting the order value of n-order Markov chain. Experimental results indicate that the larger n is, the better the measuring ability of the proposed security measure will be. The proposed security measure is more sensitive than other security measures defined under a deterministic distribution model, when the embedding is low. It is expected to provide a helpful guidance for designing secure steganographic algorithms or reliable steganalytic methods.

Measuring Stability and Security in Iraq

National Research Council Canada - National Science Library

2007-01-01

This report to Congress, Measuring Stability and Security in Iraq, is submitted pursuant to Section 9010 of the Department of Defense Appropriations Act 2007, Public Law 109-289 as amended by Section...

Security Measurement for Unknown Threats Based on Attack Preferences

Directory of Open Access Journals (Sweden)

Lihua Yin

2018-01-01

Full Text Available Security measurement matters to every stakeholder in network security. It provides security practitioners the exact security awareness. However, most of the works are not applicable to the unknown threat. What is more, existing efforts on security metric mainly focus on the ease of certain attack from a theoretical point of view, ignoring the “likelihood of exploitation.” To help administrator have a better understanding, we analyze the behavior of attackers who exploit the zero-day vulnerabilities and predict their attack timing. Based on the prediction, we propose a method of security measurement. In detail, we compute the optimal attack timing from the perspective of attacker, using a long-term game to estimate the risk of being found and then choose the optimal timing based on the risk and profit. We design a learning strategy to model the information sharing mechanism among multiattackers and use spatial structure to model the long-term process. After calculating the Nash equilibrium for each subgame, we consider the likelihood of being attacked for each node as the security metric result. The experiment results show the efficiency of our approach.

Measuring the security of energy exports demand in OPEC economies

International Nuclear Information System (INIS)

Dike, Jude Chukwudi

2013-01-01

One of the objectives of OPEC is the security of demand for the crude oil exports of its members. Achieving this objective is imperative with the projected decline in OECD countries' crude oil demand among other crude oil demand shocks. This paper focuses on determining the external crude oil demand security risks of OPEC member states. In assessing these risks, this study introduces two indexes. The first index, Risky Energy Exports Demand (REED), indicates the level of energy export demand security risks for OPEC members. It combines measures of export dependence, economic dependence, monopsony risk and transportation risk. The second index, Contribution to OPEC Risk Exposure (CORE), indicates the individual contribution of the OPEC members to OPEC's risk exposure. This study utilises the disaggregated index approach in measuring energy demand security risks for crude oil and natural gas and involves a country level analysis. With the disaggregated approach, the study shows that OPEC's energy export demand security risks differ across countries and energy types. - Highlights: • REED and CORE indexes are suitable measures for energy exports demand security risk. • The indexes show that energy demand security risk is different for each OPEC country. • The countries contribution to OPEC's energy demand security risk is also different. • The outcome is necessary for OPEC's common energy and climate change policies. • The outcome makes a case for oil demand security as a topical issue in the literature

Measuring Stability and Security in Iraq

National Research Council Canada - National Science Library

2008-01-01

... 1308 of Public Law 110-28 and Section 1224 of Public Law 110-181.1 The report includes specific performance indicators and measures of progress toward political, economic, and security stability in Iraq, as directed in that legislation...

Security measures in transport of radiation source in Jordan

Energy Technology Data Exchange (ETDEWEB)

Mohammad, Alslman [Korea Advanced Institute of Science and Technology, Kaist Daejeon (Korea, Republic of); Choi, Kwang Sik [Korea Institute of Nuclear Safety, Daejeon (Korea, Republic of)

2011-05-15

Radioactive materials are used in Jordan for peaceful applications in medicine, industry, agriculture, environmental science, education and research and military applications. Most of these radioactive sources used are imported, therefore trans-boundary movement is a significant factor in consideration of security measures during movement of these sources. After 11/9 2001 event, IAEA efforts began to focus and concentrate on security in transport of radioactive materials, after the emergence of risks of using these sources in terrorist activities. In 2002, Efforts were initiated by the IAEA to provide additional guidance for security in the transport of radioactive materials, based upon the new security requirements in the Recommendations on the Transport of Dangerous Goods. This paper reviews some of the measures relating to the transport of radioactive materials in Jordan

Measuring Stability and Security in Iraq

National Research Council Canada - National Science Library

2008-01-01

... by Section 1308 of Public Law 110-28 and Section 1224 of Public Law 110-181. The report includes specific performance indicators and measures of progress toward political, economic, and security stability in Iraq, as directed in that legislation...

MEASURING CHILDREN'S FOOD SECURITY IN U.S. HOUSEHOLDS, 1995-99

OpenAIRE

Nord, Mark; Bickel, Gary

2002-01-01

The capacity to accurately measure the food security status of children in household surveys is an essential tool for monitoring food insecurity and hunger at the most severe levels in U.S. households and for assessing programs designed to prevent or ameliorate these conditions. USDA has developed a children's food security scale to meet this measurement need. The scale is calculated from 8 questions in the 18-item food security survey module that ask specifically about food-related experienc...

Increasing Security for Cloud Computing By Steganography in Image Edges

Directory of Open Access Journals (Sweden)

Hassan Hadi Saleh

2017-03-01

Full Text Available The security of data storage in “cloud” is big challenge because the data keep within resources that may be accessed by particular machines. The managing of these data and services may not be high reliable. Therefore, the security of data is highly challenging. To increase the security of data in data center of cloud, we have introduced good method to ensure data security in “cloud computing” by methods of data hiding using color images which is called steganography. The fundamental objective of this paper is to prevent "Data Access” by unauthorized or opponent users. This scheme stores data at data centers within edges of color images and retrieves data from it when it is wanted.

Challenges to regional security and disarmament measures

International Nuclear Information System (INIS)

Clements, K.P.

1993-01-01

The new agenda for peace is providing an extremely useful road map for current international and regional discussions about new ways and means of securing and maintaining peace and security. It underlines the central role of the United nations Security Council in relation to international conflicts and the maintenance of the peace, but it underlines an increasingly important role of the regional organisations as well. In all, there is a recognition that the end of the cold war has generated possibilities for peace-building that have not existed before. To take advantage of these opportunities requires an enhancement of consultation and dialogue at national, regional and global levels so that all nations and all peoples feel and know that they have a stake in the new peace and security architecture that will govern international relations into the twenty first century

Measuring Short-term Energy Security

Energy Technology Data Exchange (ETDEWEB)

NONE

2011-07-01

Ensuring energy security has been at the centre of the IEA mission since its inception, following the oil crises of the early 1970s. While the security of oil supplies remains important, contemporary energy security policies must address all energy sources and cover a comprehensive range of natural, economic and political risks that affect energy sources, infrastructures and services. In response to this challenge, the IEA is currently developing a Model Of Short-term Energy Security (MOSES) to evaluate the energy security risks and resilience capacities of its member countries. The current version of MOSES covers short-term security of supply for primary energy sources and secondary fuels among IEA countries. It also lays the foundation for analysis of vulnerabilities of electricity and end-use energy sectors. MOSES contains a novel approach to analysing energy security, which can be used to identify energy security priorities, as a starting point for national energy security assessments and to track the evolution of a country's energy security profile. By grouping together countries with similar 'energy security profiles', MOSES depicts the energy security landscape of IEA countries. By extending the MOSES methodology to electricity security and energy services in the future, the IEA aims to develop a comprehensive policy-relevant perspective on global energy security. This Brochure provides and overview of the analysis and results. Readers interested in an in-depth discussion of methodology are referred to the MOSES Working Paper.

Developing measures of food and nutrition security within an Australian context.

Science.gov (United States)

Archer, Claire; Gallegos, Danielle; McKechnie, Rebecca

2017-10-01

To develop a measure of food and nutrition security for use among an Australian population that measures all pillars of food security and to establish its content validity. The study consisted of two phases. Phase 1 involved focus groups with experts working in the area of food security. Data were assessed using content analysis and results informed the development of a draft tool. Phase 2 consisted of a series of three online surveys using the Delphi technique. Findings from each survey were used to establish content validity and progressively modify the tool until consensus was reached for all items. Australia. Phase 1 focus groups involved twenty-five experts working in the field of food security, who were attending the Dietitians Association of Australia National Conference, 2013. Phase 2 included twenty-five experts working in food security, who were recruited via email. Findings from Phase 1 supported the need for an Australian-specific tool and highlighted the failure of current tools to measure across all pillars of food security. Participants encouraged the inclusion of items to measure barriers to food acquisition and the previous single item to enable comparisons with previous data. Phase 2 findings informed the selection and modification of items for inclusion in the final tool. The results led to the development of a draft tool to measure food and nutrition security, and supported its content validity. Further research is needed to validate the tool among the Australian population and to establish inter- and intra-rater reliability.

Assessment of Performance Measures for Security of the Maritime Transportation Network. Port Security Metrics: Proposed Measurement of Deterrence Capability

National Research Council Canada - National Science Library

Hoaglund, Robert; Gazda, Walter

2007-01-01

The goal of this analysis is to provide ASCO and its customers with a comprehensive approach to the development of quantitative performance measures to assess security improvements to the port system...

Enhancing China’s energy security: Determining influential factors and effective strategic measures

International Nuclear Information System (INIS)

Ren, Jingzheng; Sovacool, Benjamin K.

2014-01-01

Highlights: • The most influential factors affecting China’s energy security are identified. • Fuzzy AHP is used to quantify the importance of influential factors. • Strategic measures for enhancing China’s energy security are prioritized. • Fuzzy AHP is used to determine the priorities of the strategic measures. - Abstract: This study investigates the most influential factors affecting China’s energy security. It also identifies the most effective strategic measures for enhancing it. Fuzzy AHP has been used to determine weights for ranking the importance of Chinese energy security factors, and it has also been used to determine the priorities of the strategic measures with respect to enhancing those same factors. The study argues that a low proportion of renewable energy penetration is the most severe factor threatening China’s energy security, and that conducting research and development on energy technologies and improving energy efficiency is the most salient, positive, and necessary strategic measure

School Security Measures and Longitudinal Trends in Adolescents' Experiences of Victimization.

Science.gov (United States)

Fisher, Benjamin W; Mowen, Thomas J; Boman, John H

2018-06-01

Although school security measures have become a common fixture in public schools across the United States, research on the relationship between security and adolescent victimization is mixed, with very few studies examining trends in adolescent victimization across time. Using two waves of data from the Educational Longitudinal Study 2002 (N = 7659; 50.6% female; 56.7% White, 13.3% Black, 13.5% Hispanic, 11.3% Asian American, 5.4% other race), results from a series of multi-level models demonstrate that adolescents in schools with more security measures report higher odds of being threatened with harm, and no difference in odds of being in a physical altercation or having something stolen over time. Although prior research has established racial disparities in using school security measures, results demonstrate inconsistent patterns in the extent to which adolescents' race conditions the relationship between security and victimization. The findings are discussed in light of existing theoretical and empirical work, and implications for both research and practice are offered.

Pitfalls and Security Measures for the Mobile EMR System in Medical Facilities.

Science.gov (United States)

Yeo, Kiho; Lee, Keehyuck; Kim, Jong-Min; Kim, Tae-Hun; Choi, Yong-Hoon; Jeong, Woo-Jin; Hwang, Hee; Baek, Rong Min; Yoo, Sooyoung

2012-06-01

The goal of this paper is to examine the security measures that should be reviewed by medical facilities that are trying to implement mobile Electronic Medical Record (EMR) systems designed for hospitals. The study of the security requirements for a mobile EMR system is divided into legal considerations and sectional security investigations. Legal considerations were examined with regard to remote medical services, patients' personal information and EMR, medical devices, the establishment of mobile systems, and mobile applications. For the 4 sectional security investigations, the mobile security level SL-3 from the Smartphone Security Standards of the National Intelligence Service (NIS) was used. From a compliance perspective, legal considerations for various laws and guidelines of mobile EMR were executed according to the model of the legal considerations. To correspond to the SL-3, separation of DMZ and wireless network is needed. Mobile access servers must be located in only the smartphone DMZ. Furthermore, security measures like 24-hour security control, WIPS, VPN, MDM, and ISMS for each section are needed to establish a secure mobile EMR system. This paper suggested a direction for applying regulatory measures to strengthen the security of a mobile EMR system in accordance with the standard security requirements presented by the Smartphone Security Guideline of the NIS. A future study on the materialization of these suggestions after their application at actual medical facilities can be used as an illustrative case to determine the degree to which theory and reality correspond with one another.

Watermarking security

CERN Document Server

Bas, Patrick; Cayre, François; Doërr, Gwenaël; Mathon, Benjamin

2016-01-01

This book explains how to measure the security of a watermarking scheme, how to design secure schemes but also how to attack popular watermarking schemes. This book gathers the most recent achievements in the field of watermarking security by considering both parts of this cat and mouse game. This book is useful to industrial practitioners who would like to increase the security of their watermarking applications and for academics to quickly master this fascinating domain.

Visible School Security Measures and Student Academic Performance, Attendance, and Postsecondary Aspirations.

Science.gov (United States)

Tanner-Smith, Emily E; Fisher, Benjamin W

2016-01-01

Many U.S. schools use visible security measures (security cameras, metal detectors, security personnel) in an effort to keep schools safe and promote adolescents' academic success. This study examined how different patterns of visible security utilization were associated with U.S. middle and high school students' academic performance, attendance, and postsecondary educational aspirations. The data for this study came from two large national surveys--the School Crime Supplement to the National Crime Victimization Survey (N = 38,707 students; 51% male, 77% White, MAge = 14.72) and the School Survey on Crime and Safety (N = 10,340 schools; average student composition of 50% male, 57% White). The results provided no evidence that visible security measures had consistent beneficial effects on adolescents' academic outcomes; some security utilization patterns had modest detrimental effects on adolescents' academic outcomes, particularly the heavy surveillance patterns observed in a small subset of high schools serving predominantly low socioeconomic students. The findings of this study provide no evidence that visible security measures have any sizeable effects on academic performance, attendance, or postsecondary aspirations among U.S. middle and high school students.

Detection of Total Knee Arthroplasties at Airport Security Checkpoints: How Do Updated Security Measures Affect Patients?

Science.gov (United States)

Issa, Kimona; Pierce, Todd P; Gwam, Chukwuweieke; Goljan, Peter; Festa, Anthony; Scillia, Anthony J; Mont, Michael A

2017-07-01

Airport security measures continue to be updated with the incorporation of the new body scanners and automatic target recognition software. The purpose of this study was analyze the incidence of: (1) triggering the security alarm; (2) extra security searches; (3) perceived inconvenience; and (4) presence of other surgical hardware in those who underwent total knee arthroplasty (TKA) and passed through airport security. A questionnaire was given to 125 consecutive patients with a TKA. Those who passed through airport security after January 2014 were considered for inclusion. A questionnaire was administered that addressed the number of encounters with airport security, metal detector activation, additional screening procedures, and perceived inconvenience. Out of the 125 patients, 53 met inclusion criteria. Out of the 53 patients, 20 (38%) reported that their prosthesis triggered a metal detector. Out of the 20 patients, 8 (40%) who reported triggering of metal detectors also reported the presence of surgical hardware elsewhere in the body. Eighteen of the 53 patients (34%) believed having a TKA was inconvenient for airplane travel. Compared with the historical cohort, alarms were triggered in 70 of 97 patients ( p  = 0.0001) and 50 of 97 reported inconvenience when traveling ( n  = 50 of 97 patients; p  = 0.04). The incidences of those who underwent TKA triggering alarms and perceiving inconvenience when passing through airport security have decreased from previously published studies. This is most likely due to the recent updates and modifications to screening. As these security measures are modified and implant designs continue to evolve, this is an area of investigation that should continue. Thieme Medical Publishers 333 Seventh Avenue, New York, NY 10001, USA.

Pitfalls and Security Measures for the Mobile EMR System in Medical Facilities

Science.gov (United States)

Yeo, Kiho; Lee, Keehyuck; Kim, Jong-Min; Kim, Tae-Hun; Choi, Yong-Hoon; Jeong, Woo-Jin; Hwang, Hee; Baek, Rong Min

2012-01-01

Objectives The goal of this paper is to examine the security measures that should be reviewed by medical facilities that are trying to implement mobile Electronic Medical Record (EMR) systems designed for hospitals. Methods The study of the security requirements for a mobile EMR system is divided into legal considerations and sectional security investigations. Legal considerations were examined with regard to remote medical services, patients' personal information and EMR, medical devices, the establishment of mobile systems, and mobile applications. For the 4 sectional security investigations, the mobile security level SL-3 from the Smartphone Security Standards of the National Intelligence Service (NIS) was used. Results From a compliance perspective, legal considerations for various laws and guidelines of mobile EMR were executed according to the model of the legal considerations. To correspond to the SL-3, separation of DMZ and wireless network is needed. Mobile access servers must be located in only the smartphone DMZ. Furthermore, security measures like 24-hour security control, WIPS, VPN, MDM, and ISMS for each section are needed to establish a secure mobile EMR system. Conclusions This paper suggested a direction for applying regulatory measures to strengthen the security of a mobile EMR system in accordance with the standard security requirements presented by the Smartphone Security Guideline of the NIS. A future study on the materialization of these suggestions after their application at actual medical facilities can be used as an illustrative case to determine the degree to which theory and reality correspond with one another. PMID:22844648

Measuring Human Performance within Computer Security Incident Response Teams

Energy Technology Data Exchange (ETDEWEB)

McClain, Jonathan T. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Silva, Austin Ray [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Avina, Glory Emmanuel [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Forsythe, James C. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

2015-09-01

Human performance has become a pertinen t issue within cyber security. However, this research has been stymied by the limited availability of expert cyber security professionals. This is partly attributable to the ongoing workload faced by cyber security professionals, which is compound ed by the limited number of qualified personnel and turnover of p ersonnel across organizations. Additionally, it is difficult to conduct research, and particularly, openly published research, due to the sensitivity inherent to cyber ope rations at most orga nizations. As an alternative, the current research has focused on data collection during cyb er security training exercises. These events draw individuals with a range of knowledge and experience extending from seasoned professionals to recent college gradu ates to college students. The current paper describes research involving data collection at two separate cyber security exercises. This data collection involved multiple measures which included behavioral performance based on human - machine transactions and questionnaire - based assessments of cyber security experience.

Measuring the energy security implications of fossil fuel resource concentration

International Nuclear Information System (INIS)

Lefevre, Nicolas

2010-01-01

Economic assessments of the welfare effects of energy insecurity are typically uncertain and fail to provide clear guidance to policy makers. As a result, governments have had little analytical support to complement expert judgment in the assessment of energy security. This is likely to be inadequate when considering multiple policy goals, and in particular the intersections between energy security and climate change mitigation policies. This paper presents an alternative approach which focuses on gauging the causes of energy insecurity as a way to assist policy making. The paper focuses on the energy security implications of fossil fuel resource concentration and distinguishes between the price and physical availability components of energy insecurity. It defines two separate indexes: the energy security price index (ESPI), based on the measure of market concentration in competitive fossil fuel markets, and the energy security physical availability index (ESPAI), based on the measure of supply flexibility in regulated markets. The paper illustrates the application of ESPI and ESPAI with two case studies-France and the United Kingdom-looking at the evolution of both indexes to 2030.

Measuring the energy security implications of fossil fuel resource concentration

Energy Technology Data Exchange (ETDEWEB)

Lefevre, Nicolas [Woodrow Wilson School of Public and International Affairs, Princeton University, New Jersey (United States)

2010-04-15

Economic assessments of the welfare effects of energy insecurity are typically uncertain and fail to provide clear guidance to policy makers. As a result, governments have had little analytical support to complement expert judgment in the assessment of energy security. This is likely to be inadequate when considering multiple policy goals, and in particular the intersections between energy security and climate change mitigation policies. This paper presents an alternative approach which focuses on gauging the causes of energy insecurity as a way to assist policy making. The paper focuses on the energy security implications of fossil fuel resource concentration and distinguishes between the price and physical availability components of energy insecurity. It defines two separate indexes: the energy security price index (ESPI), based on the measure of market concentration in competitive fossil fuel markets, and the energy security physical availability index (ESPAI), based on the measure of supply flexibility in regulated markets. The paper illustrates the application of ESPI and ESPAI with two case studies - France and the United Kingdom - looking at the evolution of both indexes to 2030. (author)

Conceptualizing and measuring energy security: A synthesized approach

International Nuclear Information System (INIS)

Sovacool, Benjamin K.; Mukherjee, Ishani

2011-01-01

This article provides a synthesized, workable framework for analyzing national energy security policies and performance. Drawn from research interviews, survey results, a focused workshop, and an extensive literature review, this article proposes that energy security ought to be comprised of five dimensions related to availability, affordability, technology development, sustainability, and regulation. We then break these five dimensions down into 20 components related to security of supply and production, dependency, and diversification for availability; price stability, access and equity, decentralization, and low prices for affordability; innovation and research, safety and reliability, resilience, energy efficiency, and investment for technology development; land use, water, climate change, and air pollution for sustainability; and governance, trade, competition, and knowledge for sound regulation. Further still, our synthesis lists 320 simple indicators and 52 complex indicators that policymakers and scholars can use to analyze, measure, track, and compare national performance on energy security. The article concludes by offering implications for energy policy more broadly. -- Highlights: → Energy security should consist of five dimensions related to availability, affordability, technology development, sustainability, and regulation. → The dimensions of energy security can be broken down into 20 components. → These components can be distilled into 320 simple indicators and 52 complex indicators.

33 CFR 106.270 - Security measures for delivery of stores and industrial supplies.

Science.gov (United States)

2010-07-01

... stores and industrial supplies. (a) General. The OCS facility owner or operator must ensure that security...). These additional security measures may include: (1) Intensifying inspection of the stores or industrial... 33 Navigation and Navigable Waters 1 2010-07-01 2010-07-01 false Security measures for delivery of...

Detection of total hip arthroplasties at airport security checkpoints - how do updated security measures affect patients?

Science.gov (United States)

Issa, Kimona; Pierce, Todd P; Gwam, Chukwuweieke; Festa, Anthony; Scillia, Anthony J; Mont, Michael A

2018-03-01

There have been historical reports on the experiences of patients with total hip arthroplasty (THA) passing through standard metal detectors at airports. The purpose of this study was to analyse those who had recently passed through airport security and the incidence of: (i) triggering of the alarm; (ii) extra security searches; and (iii) perceived inconvenience. A questionnaire was given to 125 patients with a THA during a follow-up appointment. Those who had passed through airport security after January 2014 met inclusion criteria. A survey was administered that addressed the number of encounters with airport security, frequency of metal detector activation, additional screening procedures utilised, whether security officials required prosthesis documentation, and perceived inconvenience. 51 patients met inclusion criteria. 10 patients (20%) reported triggered security scanners. 4 of the 10 patients stated they had surgical hardware elsewhere in the body. 13 of the 51 patients (25%) believed that having their THA increased the inconvenience of traveling. This is different from the historical cohort with standard metal detectors which patients reported a greater incidence of alarm triggering (n = 120 of 143; p = 0.0001) and perceived inconvenience (n = 99 of 143; p = 0.0001). The percentage of patients who have THA triggering security alarms has decreased. Furthermore, the number of patients who feel that their prosthesis caused traveling inconvenience has decreased. We feel that this decrease in alarms triggered and improved perceptions about inconvenience are related to the increased usage of new technology.

Security of Energy Supply - Indicators for Measuring Vulnerability and Risk

International Nuclear Information System (INIS)

Heinrich, C.

2010-01-01

In an era of increasing globalization, secure and affordable energy supplies are an essential requirement for economies to work, much less develop and grow in the long term. The present study, Energy security of supply - indicators for measuring vulnerability and risk, develops a broad methodical assessment concept to raise awareness among policy makers and the public regarding the vulnerability of energy supplies to potential energy crises. It explores the different aspects of vulnerability, from the primary energy level to energy infrastructure (storage, networks, power plant parks) to the efficiency and cost of energy consumption for end users. The individual characteristics of the formal concept were quantitatively evaluated for several OECD regions (Germany, UK, Sweden, Poland, Italy, France and the US) using a comprehensive empirical database and reduced to a single indicator for assessing energy supply vulnerability. Part of the database comprises historical observations for the period between 1978 and 2007.(author).

Energy supply security in Europe: principles and measures

International Nuclear Information System (INIS)

Keppler, J.H.

2007-01-01

After having recalled a dozen of reasons for some worries about energy supply security in Europe during the past months (oil price increase, intentional interruption of gas and oil deliveries by Russia respectively to Ukraine and Belarus, creation of a new CO 2 trading scheme, tensions on the European electricity markets, and so on), the author distinguishes and discusses those which are actually a threat to energy supply and those which are not. Then, he proposes a classification of these threats in relationship with the reasons for delivery interruption, production capacity limitation, or price increase. These reasons can be political situations and decisions, technical problems, commercial reasons. Then, the author examines what European policy makers can do to manage these risks and ensure energy supply security. This needs economic as well as political responses, coherence between domestic energy policies and energy supply security, and an efficient foreign policy based on a multilateral approach

Measuring Information Security Performance with 10 by 10 Model for Holistic State Evaluation.

Directory of Open Access Journals (Sweden)

Igor Bernik

Full Text Available Organizations should measure their information security performance if they wish to take the right decisions and develop it in line with their security needs. Since the measurement of information security is generally underdeveloped in practice and many organizations find the existing recommendations too complex, the paper presents a solution in the form of a 10 by 10 information security performance measurement model. The model-ISP 10×10M is composed of ten critical success factors, 100 key performance indicators and 6 performance levels. Its content was devised on the basis of findings presented in the current research studies and standards, while its structure results from an empirical research conducted among information security professionals from Slovenia. Results of the study show that a high level of information security performance is mostly dependent on measures aimed at managing information risks, employees and information sources, while formal and environmental factors have a lesser impact. Experts believe that information security should evolve systematically, where it's recommended that beginning steps include technical, logical and physical security controls, while advanced activities should relate predominantly strategic management activities. By applying the proposed model, organizations are able to determine the actual level of information security performance based on the weighted indexing technique. In this manner they identify the measures they ought to develop in order to improve the current situation. The ISP 10×10M is a useful tool for conducting internal system evaluations and decision-making. It may also be applied to a larger sample of organizations in order to determine the general state-of-play for research purposes.

Measuring Information Security Performance with 10 by 10 Model for Holistic State Evaluation.

Science.gov (United States)

Bernik, Igor; Prislan, Kaja

Organizations should measure their information security performance if they wish to take the right decisions and develop it in line with their security needs. Since the measurement of information security is generally underdeveloped in practice and many organizations find the existing recommendations too complex, the paper presents a solution in the form of a 10 by 10 information security performance measurement model. The model-ISP 10×10M is composed of ten critical success factors, 100 key performance indicators and 6 performance levels. Its content was devised on the basis of findings presented in the current research studies and standards, while its structure results from an empirical research conducted among information security professionals from Slovenia. Results of the study show that a high level of information security performance is mostly dependent on measures aimed at managing information risks, employees and information sources, while formal and environmental factors have a lesser impact. Experts believe that information security should evolve systematically, where it's recommended that beginning steps include technical, logical and physical security controls, while advanced activities should relate predominantly strategic management activities. By applying the proposed model, organizations are able to determine the actual level of information security performance based on the weighted indexing technique. In this manner they identify the measures they ought to develop in order to improve the current situation. The ISP 10×10M is a useful tool for conducting internal system evaluations and decision-making. It may also be applied to a larger sample of organizations in order to determine the general state-of-play for research purposes.

Measuring food security in the Republic of Serbia

Directory of Open Access Journals (Sweden)

Papić-Brankov Tatjana

2015-01-01

Full Text Available The overall goal of this paper is analysis of Serbian food security system across a set of indicators, with special emphasis to 2012 Global Food Security Index (GFSI. The results generally provided two major weakness of the Serbian food system: Gross domestic product (GDP per capita based on purchasing power parity and Corruption. Paper points out the need to improve the current food security system and proposed a number of measures for its improvement. Among other things appropriate nutritional standards and strategies will have to be adopted; investors' confidence must be strengthened and must be dealt with in a serious fight against corruption in the agriculture and food sector. The development of rural areas, reducing regional disparities and stabilization of agricultural production will certainly contribute to the tough battle against poverty.

Perceived Safety at Work in the Wake of Terror: The Importance of Security Measures and Emergency Preparedness.

Science.gov (United States)

Nissen, Alexander; Heir, Trond

2016-12-01

We aimed to explore how perceived safety after terrorism is connected to views on security measures and emergency preparedness in a workplace setting. Using a questionnaire-based, cross-sectional study of ministerial employees in Norway who were targeted in a terrorist attack in 2011 (n=3344), we investigated how employees' perceived safety at work 9 to 10 months after the attack was associated with their perceptions of whether security measures were sufficiently prioritized at work, whether there had been sufficient escape and evacuation training, and whether they were confident with evacuation procedures. We found strong evidence of increasing perceived safety at work the more employees believed security measures were sufficiently prioritized at work (partially confounded by post-traumatic stress disorder), and the better their knowledge of evacuation procedures (modified by gender and education). The present study suggests that employers may enhance perceived safety at work for terror-exposed employees by showing a commitment to security measures and by ensuring employees know evacuation procedures well. More research is needed to investigate causality patterns behind the associations found in this cross-sectional study. (Disaster Med Public Health Preparedness. 2016;10:805-811).

Increasing Distributed IT&C Application Security

Directory of Open Access Journals (Sweden)

Ion IVAN

2013-01-01

Full Text Available The development of distributed IT & C applications – DIA is presented alongside their main characteristics and the actors involved in activities through-out their lifecycle are identified in the before-mentioned scope. Aspects pertaining security risks, as well as methods of enhancing security, are detailed by DIA architectural features. The analysis includes risk elements, vulnerabilities, means of enhancing the behavior of the system, as well as a hierarchical feature dependency model based on a qualitative assessment of DIA security features, obtained through an inquiry in the common means of protection used by Romanian professionals, as well as their prioritization in the context of limited resources. A graph-based model of feature interactions is built. The last section deals with the ways of improving risk detection methods, as derived from the answers and features presented.

On methods to increase the security of the Linux kernel

International Nuclear Information System (INIS)

Matvejchikov, I.V.

2014-01-01

Methods to increase the security of the Linux kernel for the implementation of imposed protection tools have been examined. The methods of incorporation into various subsystems of the kernel on the x86 architecture have been described [ru

Increasing Awareness of Insider Information Security Threats in Human Resource Department

OpenAIRE

Burcin Cetin Karabat; Cagatay Karabat

2012-01-01

An insider threat for companies is defined as a threat caused by malicious user who is an employee company. In recent years, there are number of work on insider threats in information security technologies. These works shows that companies should increasingly and seriously should take into account these threats. Human factors in companies constitute one of the weakest links in information security technology and its products used in human resource (HR) management departments. In the literatur...

Selected Methods For Increases Reliability The Of Electronic Systems Security

Directory of Open Access Journals (Sweden)

Paś Jacek

2015-11-01

Full Text Available The article presents the issues related to the different methods to increase the reliability of electronic security systems (ESS for example, a fire alarm system (SSP. Reliability of the SSP in the descriptive sense is a property preservation capacity to implement the preset function (e.g. protection: fire airport, the port, logistics base, etc., at a certain time and under certain conditions, e.g. Environmental, despite the possible non-compliance by a specific subset of elements this system. Analyzing the available literature on the ESS-SSP is not available studies on methods to increase the reliability (several works similar topics but moving with respect to the burglary and robbery (Intrusion. Based on the analysis of the set of all paths in the system suitability of the SSP for the scenario mentioned elements fire events (device critical because of security.

Internal Interface Diversification as a Security Measure in Sensor Networks

Directory of Open Access Journals (Sweden)

Sampsa Rauti

2018-03-01

Full Text Available More actuator and sensor devices are connected to the Internet of Things (IoT every day, and the network keeps growing, while software security of the devices is often incomplete. Sensor networks and the IoT in general currently cover a large number of devices with an identical internal interface structure. By diversifying the internal interfaces, the interfaces on each node of the network are made unique, and it is possible to break the software monoculture of easily exploitable identical systems. This paper proposes internal interface diversification as a security measure for sensor networks. We conduct a study on diversifiable internal interfaces in 20 IoT operating systems. We also present two proof-of-concept implementations and perform experiments to gauge the feasibility in the IoT environment. Internal interface diversification has practical limitations, and not all IoT operating systems have that many diversifiable interfaces. However, because of low resource requirements, compatibility with other security measures and wide applicability to several interfaces, we believe internal interface diversification is a promising and effective approach for securing nodes in sensor networks.

Evaluation the Role of Securities Market in Increasing the Regional Budget Revenues

Directory of Open Access Journals (Sweden)

Aleksandr Yemelyanovich Miller

2015-09-01

Full Text Available In the article, the relevant problem of increasing the regional budget revenues is investigated. The subject matter of the research is the securities market as a mechanism for the redistribution of financial resources. The purpose of the research is justification of the effective scheme feasible in the current environment of the interaction of the securities market and the regional budget. In the study of the above-mentioned subject, the hypothesis of a close relationship between state and non-state finance system was taken as a basis. The theoretical principle of the research supports the theory of the stock market; to achieve the purpose, the institutionally-functional approach to the study of state finances is applied. As the result of the research, possible common grounds of the securities market and the regional financial system are identified; the reserve of improving efficiency of the securities market in the Western Siberia regions are revealed; the model reflecting the dependence of tax revenues from the pace of regional economic development is constructed; promising areas for development of the securities market for the benefit of the regional economy and regional financial system are formulated; the possible effect from the development of regional securities market on regional budget revenues is estimated. The results mentioned above are recommended to be apllied when developing regional financial policies and programmes of region socio-economic development. A long-term stimulation of the growth in incomes of regional budgets is a very complex process, but with the proper elaboration of organizational issues, the implementation of the proposed scheme for interaction of the securities market and the regional financial system is capable to provide a steady increase in tax revenue in the short term and alleviate the problem of financing costs of the regional budget.

Nuclear security

International Nuclear Information System (INIS)

1991-12-01

This paper reports that despite their crucial importance to national security, safeguards at the Department of Energy's (DOE) weapons facilities may be falling short. DOE security inspections have identified many weaknesses, including poor performance by members of DOE's security force, poor accountability for quantities of nuclear materials, and the inability of personnel to locate documents containing classified information. About 13 percent of the 2,100 identified weakness resulted in DOE inspectors giving out unsatisfactory security ratings; another 38 percent led to marginal ratings. In addition, DOE's centralized safeguards and security information tracking system lacks current data on whether DOE field offices have corrected the identified weaknesses. Without reliable information, DOE has no way of knowing whether timely action was taken to correct problems, nor can it determine whether weaknesses are systematic. DOE has tried to minimize the impact of these security weaknesses at its facilities by establishing multiple layers of protection measures and instituting interim and compensatory measures for identified weaknesses. DOE is planning enhancements to the centralized tracking system that should improve its reliability and increase its effectiveness

Strategy of Increasing Food Security based on Macro and Micro Aspects

Directory of Open Access Journals (Sweden)

Neni Widayaningsih

2016-06-01

Full Text Available The preliminary studies that have been conducted show that the food availability in 27 districts in Banyumas Regency on average is still low. The purpose of this research is to formulate of a strategy to improve the food security by synergizing the macro and micro aspects. The method used is the tabulation analysis, IFE and EFE Matrix, and also IE Matrix. The IE matrix shows the food security based on the macro and micro aspects that are in the first cell, which means that the food security conditions are experiencing the growing and buliding. The strategies of improving the food security from the micro and macro aspects are first, to develop the food production in accordance with the potential and comodities of the excellent food in accordance with the specializations of regions (districts. Second, it requires a partnership and a cooperation of distributing the excellent food production. Third, the investment is required to improve the diversification of food. Fourth, it requires the cooperation between the farmers and the government agencies concerned with the development, supply and service of excellent means of agricultural production with supervision and increased credit services. Fifth, the off-farm activities should be developed by forming the cooperatives or the small and household businesses on the basis of farming activities. Besides, in order to meet the consumption of food that is safe, qualified, and nutritious, it is necessary to increase the knowledge and awareness about the food security at the household level by empowering the cooperatives or small and household businesses by utilizing Dasa Wisma group, PKK, Majelis Ta'lim, and other non-governmental groups.

Measurable Control System Security through Ideal Driven Technical Metrics

Energy Technology Data Exchange (ETDEWEB)

Miles McQueen; Wayne Boyer; Sean McBride; Marie Farrar; Zachary Tudor

2008-01-01

The Department of Homeland Security National Cyber Security Division supported development of a small set of security ideals as a framework to establish measurable control systems security. Based on these ideals, a draft set of proposed technical metrics was developed to allow control systems owner-operators to track improvements or degradations in their individual control systems security posture. The technical metrics development effort included review and evaluation of over thirty metrics-related documents. On the bases of complexity, ambiguity, or misleading and distorting effects the metrics identified during the reviews were determined to be weaker than necessary to aid defense against the myriad threats posed by cyber-terrorism to human safety, as well as to economic prosperity. Using the results of our metrics review and the set of security ideals as a starting point for metrics development, we identified thirteen potential technical metrics - with at least one metric supporting each ideal. Two case study applications of the ideals and thirteen metrics to control systems were then performed to establish potential difficulties in applying both the ideals and the metrics. The case studies resulted in no changes to the ideals, and only a few deletions and refinements to the thirteen potential metrics. This led to a final proposed set of ten core technical metrics. To further validate the security ideals, the modifications made to the original thirteen potential metrics, and the final proposed set of ten core metrics, seven separate control systems security assessments performed over the past three years were reviewed for findings and recommended mitigations. These findings and mitigations were then mapped to the security ideals and metrics to assess gaps in their coverage. The mappings indicated that there are no gaps in the security ideals and that the ten core technical metrics provide significant coverage of standard security issues with 87% coverage. Based

Enhancing China’s Energy Security: Determining Influential Factors and Effective Strategic Measures

DEFF Research Database (Denmark)

Ren, Jingzheng; Sovacool, Benjamin

2014-01-01

This study investigates the most influential factors affecting China’s energy security. It also identifies the most effective strategic measures for enhancing it. Fuzzy AHP has been used to determine weights for ranking the importance of Chinese energy security factors, and it has also been used...... to determine the priorities of the strategic measures with respect to enhancing those same factors. The study argues that a low proportion of renewable energy penetration is the most severe factor threatening China’s energy security, and that conducting research and development on energy technologies...

Secure it now or secure it later: the benefits of addressing cyber-security from the outset

Science.gov (United States)

Olama, Mohammed M.; Nutaro, James

2013-05-01

The majority of funding for research and development (R&D) in cyber-security is focused on the end of the software lifecycle where systems have been deployed or are nearing deployment. Recruiting of cyber-security personnel is similarly focused on end-of-life expertise. By emphasizing cyber-security at these late stages, security problems are found and corrected when it is most expensive to do so, thus increasing the cost of owning and operating complex software systems. Worse, expenditures on expensive security measures often mean less money for innovative developments. These unwanted increases in cost and potential slowing of innovation are unavoidable consequences of an approach to security that finds and remediate faults after software has been implemented. We argue that software security can be improved and the total cost of a software system can be substantially reduced by an appropriate allocation of resources to the early stages of a software project. By adopting a similar allocation of R&D funds to the early stages of the software lifecycle, we propose that the costs of cyber-security can be better controlled and, consequently, the positive effects of this R&D on industry will be much more pronounced.

The Non-Proliferation Treaty increases security

International Nuclear Information System (INIS)

Kahiluoto, K.

1995-01-01

Extension of the Nuclear Non-Proliferation Treaty indefinitely was a historic decision. The Treaty is the most extensive international agreement on security policy to date; now its obligations have become a permanent part of international justice. Moreover, the NPT represents a political and moral obligation. Through the NPT, the international community has made a permanent commitment to restrict the proliferation of nuclear weapons. Increasing pressures will be applied to the few countries still outside the NPT, making it more likely that these countries will eventually change their views. The likelihood of regional bans on nuclear weapons in the Middle East and in Asia, too, will increase. The Treaty promotes the establishment of new nuclear-free zones. The nuclear-free zone in Latin America - the countries covered by the Tlatelolco Treaty - is already very close to its full implementation. Finland is firmly committed to the obligations of the Non-Proliferation Treaty. The NPT Conference of 1995 was among the first international meetings in which Finland participated, and took an active role, as a Member State of the European Union. (orig.)

Regional Radiological Security Partnership in Southeast Asia - Increasing the Sustainability of Security Systems at the Site-Level by Using a Model Facility Approach

International Nuclear Information System (INIS)

Chamberlain, Travis L.; Dickerson, Sarah; Ravenhill, Scott D.; Murray, Allan; Morris, Frederic A.; Herdes, Gregory A.

2009-01-01

In 2004, Australia, through the Australian Nuclear Science and Technology Organisation (ANSTO), created the Regional Security of Radioactive Sources (RSRS) project and partnered with the U.S. Department of Energy's Global Threat Reduction Initiative (GTRI) and the International Atomic Energy Agency (IAEA) to form the Southeast Asian Regional Radiological Security Partnership (RRSP). The intent of the RRSP is to cooperate with countries in Southeast Asia to improve the security of their radioactive sources. This Southeast Asian Partnership supports objectives to improve the security of high risk radioactive sources by raising awareness of the need and developing national programs to protect and control such materials, improve the security of such materials, and recover and condition the materials no longer in use. The RRSP has utilized many tools to meet those objectives including: provision of physical protection upgrades, awareness training, physical protection training, regulatory development, locating and recovering orphan sources, and most recently - development of model security procedures at a model facility. This paper discusses the benefits of establishing a model facility, the methods employed by the RRSP, and three of the expected outcomes of the Model Facility approach. The first expected outcome is to increase compliance with source security guidance materials and national regulations by adding context to those materials, and illustrating their impact on a facility. Second, the effectiveness of each of the tools above is increased by making them part of an integrated system. Third, the methods used to develop the model procedures establishes a sustainable process that can ultimately be transferred to all facilities beyond the model. Overall, the RRSP has utilized the Model Facility approach as an important tool to increase the security of radioactive sources, and to position facilities and countries for the long term secure management of those sources.

A Secure System Architecture for Measuring Instruments in Legal Metrology

Directory of Open Access Journals (Sweden)

Daniel Peters

2015-03-01

Full Text Available Embedded systems show the tendency of becoming more and more connected. This fact combined with the trend towards the Internet of Things, from which measuring instruments are not immune (e.g., smart meters, lets one assume that security in measuring instruments will inevitably play an important role soon. Additionally, measuring instruments have adopted general-purpose operating systems to offer the user a broader functionality that is not necessarily restricted towards measurement alone. In this paper, a flexible software system architecture is presented that addresses these challenges within the framework of essential requirements laid down in the Measuring Instruments Directive of the European Union. This system architecture tries to eliminate the risks general-purpose operating systems have by wrapping them, together with dedicated applications, in secure sandboxes, while supervising the communication between the essential parts and the outside world.

A Reliable Measure of Information Security Awareness and the Identification of Bias in Responses

Directory of Open Access Journals (Sweden)

Agata McCormac

2017-11-01

Full Text Available The Human Aspects of Information Security Questionnaire (HAIS-Q is designed to measure Information Security Awareness. More specifically, the tool measures an individual’s knowledge, attitude, and self-reported behaviour relating to information security in the workplace. This paper reports on the reliability of the HAIS-Q, including test-retest reliability and internal consistency. The paper also assesses the reliability of three preliminary over-claiming items, designed specifically to complement the HAIS-Q, and identify those individuals who provide socially desirable responses. A total of 197 working Australians completed two iterations of the HAIS-Q and the over-claiming items, approximately 4 weeks apart. Results of the analysis showed that the HAIS-Q was externally reliable and internally consistent. Therefore, the HAIS-Q can be used to reliably measure information security awareness. Reliability testing on the preliminary over-claiming items was not as robust and further development is required and recommended. The implications of these findings mean that organisations can confidently use the HAIS-Q to not only measure the current state of employee information security awareness within their organisation, but they can also measure the effectiveness and impacts of training interventions, information security awareness programs and campaigns. The influence of cultural changes and the effect of security incidents can also be assessed.

A Security Risk Measurement for the RAdAC Model

National Research Council Canada - National Science Library

Britton, David W; Brown, Ian A

2007-01-01

.... The intent is to quantify the risk involved in a single information transaction. Additionally, this thesis will attempt to identify the risk factors involved when calculating the total security risk measurement...

Impacts of security dimensions on awareness measurement in ...

African Journals Online (AJOL)

A big challenge facing Social Networks (SNs) and other organisations has been what to measure when determining the adequacy and effectiveness of awareness programmes. This study defines security dimension as Knowledge, Attitude and Behaviour, and identifies them as the main influencing factors to consider in ...

Quality of protection evaluation of security mechanisms.

Science.gov (United States)

Ksiezopolski, Bogdan; Zurek, Tomasz; Mokkas, Michail

2014-01-01

Recent research indicates that during the design of teleinformatic system the tradeoff between the systems performance and the system protection should be made. The traditional approach assumes that the best way is to apply the strongest possible security measures. Unfortunately, the overestimation of security measures can lead to the unreasonable increase of system load. This is especially important in multimedia systems where the performance has critical character. In many cases determination of the required level of protection and adjustment of some security measures to these requirements increase system efficiency. Such an approach is achieved by means of the quality of protection models where the security measures are evaluated according to their influence on the system security. In the paper, we propose a model for QoP evaluation of security mechanisms. Owing to this model, one can quantify the influence of particular security mechanisms on ensuring security attributes. The methodology of our model preparation is described and based on it the case study analysis is presented. We support our method by the tool where the models can be defined and QoP evaluation can be performed. Finally, we have modelled TLS cryptographic protocol and presented the QoP security mechanisms evaluation for the selected versions of this protocol.

Quality of Protection Evaluation of Security Mechanisms

Science.gov (United States)

Ksiezopolski, Bogdan; Zurek, Tomasz; Mokkas, Michail

2014-01-01

Recent research indicates that during the design of teleinformatic system the tradeoff between the systems performance and the system protection should be made. The traditional approach assumes that the best way is to apply the strongest possible security measures. Unfortunately, the overestimation of security measures can lead to the unreasonable increase of system load. This is especially important in multimedia systems where the performance has critical character. In many cases determination of the required level of protection and adjustment of some security measures to these requirements increase system efficiency. Such an approach is achieved by means of the quality of protection models where the security measures are evaluated according to their influence on the system security. In the paper, we propose a model for QoP evaluation of security mechanisms. Owing to this model, one can quantify the influence of particular security mechanisms on ensuring security attributes. The methodology of our model preparation is described and based on it the case study analysis is presented. We support our method by the tool where the models can be defined and QoP evaluation can be performed. Finally, we have modelled TLS cryptographic protocol and presented the QoP security mechanisms evaluation for the selected versions of this protocol. PMID:25136683

Nuclear Security Systems and Measures for Major Public Events. Implementing Guide

International Nuclear Information System (INIS)

2012-01-01

Terrorism remains a threat to international stability and security. High profile international and national major public events occur regularly, capturing great public interest and receiving intense media coverage. It is widely acknowledged that there is a substantial threat of a terrorist attack on major public events such as high profile political or economic summit meetings or major sporting contests. The threat of nuclear and radiological terrorism remains on the international security agenda. Nevertheless, to reduce this risk, the international community has made great progress in securing nuclear and other radioactive material that could otherwise be used in a terrorist act. This progress is contingent on the efforts of all States to adopt strong nuclear security systems and measures. There are large quantities of diverse radioactive material in existence, which are used in areas such as health, the environment, agriculture and industry. The hazards of this material vary according to composition and intensity. Additionally, the use of explosives in combination with this material can drastically enhance the impact of a criminal or terrorist act. If a criminal or terrorist group managed to detonate a so-called 'dirty' bomb in an urban area, the result could be mass panic, widespread radioactive contamination and major economic and social disruption. Major public events are seldom held in the same State or at the same location or even at the same venue. At the national level, the hosting of major public events with proper nuclear security arrangements can provide a foundation on which to build an enduring national framework for nuclear security; one that can exist long after the event. The organization of a major public event in which large numbers of people congregate presents complex security challenges for the State hosting such an event. Criminal or terrorist acts involving nuclear or other radioactive material at any major public event could result in

Measures for regional security and arms control in the South-East Asian area

International Nuclear Information System (INIS)

Uren, R.T.

1992-01-01

The subject of regional security and arms control in the South-East Asia raises some new and difficult issues. No approach to ensuring regional security could be complete without military dimension including the following categories: regional arms control; global arms control measure; confidence building measures that are designed to enhance the transparency of defense policies; confidence building measures that encourage cooperation among the military forces in the region

Nuclear Security Systems and Measures for Major Public Events. Implementing Guide (French Edition)

International Nuclear Information System (INIS)

2017-01-01

This publication provides an overview, based on practical experience and lessons learned, for establishing nuclear security systems and measures for major public events. It covers technical and administrative nuclear security measures for developing the necessary organizational structure, developing plans, strategies and concepts of operations, and making arrangements for implementing the developed plans, strategies and concepts.

Towards improving security measures in Nigeria University Libraries ...

African Journals Online (AJOL)

A questionnaire designed by the researchers titled “Towards Improving Security Measures in Nigerian University Libraries (TISMINUL)” was used to collect the needed data. The questionnaire was designed in two parts. Part one was to gather information on the size of collection, frequency of stock taking and book loss.

Measuring the Return on Investment of Nuclear Security Training: The Case of the WINS Academy Professional Society

International Nuclear Information System (INIS)

Battistella, B.; Howsley, R.; Johnson, D.

2015-01-01

The challenges inherent in managing nuclear and radiological materials are complex and growing; ensuring that such materials remain secure requires competent management supported by ongoing training. The nuclear industry is increasingly becoming aware of the need for nuclear security: numerous dedicated training centres have been established worldwide and the IAEA holds approximately 60 international nuclear security training events annually. International training programmes have been conducted in various fields over decades but assessing their value and having the assurance that these training have had a sustainable impact remain difficult. In the field of nuclear security training, no assessment is being made of the degree to which the investment made is making a difference in building sustainable capacity and capability. This paper aims to discuss a methodology to assess the return on investment of nuclear security training. WINS has established a new professional society called the WINS Academy Alumni, for those individuals who have achieved certification through the WINS Academy. This platform proposes a structure, based on established competency frameworks, through which to measure the return on investment and performance improvement of nuclear security training. The objectives of the WINS Academy society are to stay engaged with certified Alumni, track their continued professional development progress, provide them with additional opportunities, and encourage their continued security competence through recertification. We envision that these certified practitioners will in turn promote certification and continual professional development among their peers to help build a network of security-trained professionals that will lead to meaningful and sustainable changes to security culture worldwide. In the long run (5–10 years), we envision that this group will be at the forefront of new professional requirements for nuclear security competence, with

MISTRAL: A game-theoretical model to allocate security measures in a multi-modal chemical transportation network with adaptive adversaries

International Nuclear Information System (INIS)

Talarico, Luca; Reniers, Genserik; Sörensen, Kenneth; Springael, Johan

2015-01-01

In this paper we present a multi-modal security-transportation model to allocate security resources within a chemical supply chain which is characterized by the use of different transport modes, each having their own security features. We consider security-related risks so as to take measures against terrorist acts which could target critical transportation systems. The idea of addressing security-related issues, by supporting decisions for preventing or mitigating intentional acts on transportation infrastructure, has gained attention in academic research only recently. The decision model presented in this paper is based on game theory and it can be employed to organize intelligence capabilities aimed at securing chemical supply chains. It enables detection and warning against impending attacks on transportation infrastructures and the subsequent adoption of security countermeasures. This is of extreme importance for preventing terrorist attacks and for avoiding (possibly huge) human and economic losses. In our work we also provide data sources and numerical simulations by applying the proposed model to a illustrative multi-modal chemical supply chain. - Highlights: • A model to increase the security in a multimodal chemical supply chain is proposed. • The model considers adaptive opponents having multi-attribute utility functions. • The model is based on game theory using an attacker–defender schema. • The model provides recommendations about where to allocate security measures. • Numerical simulations on a sample multimodal chemical supply chain are shown

Android Applications Security

Directory of Open Access Journals (Sweden)

Paul POCATILU

2011-01-01

Full Text Available The use of smartphones worldwide is growing very fast and also the malicious attacks have increased. The mobile security applications development keeps the pace with this trend. The paper presents the vulnerabilities of mobile applications. The Android applications and devices are analyzed through the security perspective. The usage of restricted API is also presented. The paper also focuses on how users can prevent these malicious attacks and propose some prevention measures, including the architecture of a mobile security system for Android devices.

Computer Security: the security marathon, part 2

CERN Multimedia

Computer Security Team

2014-01-01

Do you recall our latest article on the “Security Marathon” (see here) and why it’s wrong to believe that computer security is a sprint, that a quick hack is invulnerable, that quick bug-fixing is sufficient, that plugging security measures on top of existing structures is a good idea, that once you are secure, your life is cosy?   In fact, security is a marathon for us too. Again and again, we have felt comfortable with the security situation at CERN, with dedicated protections deployed on individual hosts, with the security measures deployed by individual service managers, with the attentiveness and vigilance of our users, and with the responsiveness of the Management. Again and again, however, we subsequently detect or receive reports that this is wrong, that protections are incomplete, that security measures are incomplete, that security awareness has dropped. Thus, unfortunately, we often have to go back to square one and address similar issues over and over...

Using Common Sense to Effectively Integrate Security Technologies within a School's Security Strategy

Energy Technology Data Exchange (ETDEWEB)

Gree, M.W.

1998-11-03

Security technologies are not the answer to all school security problems. However, they can be an excellent tool for school administrators and security personnel when incorporated into a total security strategy involving personnel, procedures, and facility layout. Unfortunately, very few of the tougher security problems in schools have solutions that are affordable, effective, and acceptable. Like any other type of facility, a school's security staff must understand the strengths and limitations of the security measures they are csecurity practices, which will rarely increase new building costs if included in the initial planning.

Measuring the Perception of Travel Security – Comparative Analysis of Students in Two Different Fields: Tourism and Security

Directory of Open Access Journals (Sweden)

Sebastjan Repnik

2015-01-01

Full Text Available The aim of the research was to determine how students/respondents perceive security on their travels in Europe. The respondents belong to two different study programmes, one focusing on the field of security (Faculty of Criminal Justice and Security, University of Maribor and the other on the field of tourism (Higher Vocational School for Catering and Tourism. Our main presumption was that students of the two institutions developed a different attitude towards travel security since their studies focus on two substantively different academic-professional fields. We examined their attitude towards security factors such as: security climate, self-protection and collective security. In our research we included a sample of 100 students/respondents. We used an instrument in the form of a questionnaire for the quantitative measurement of responses on a 5-point Likert scale. To portray the results of the research we also used various statistical indicators in the computer programme SPSS such as: arithmetic mean, Man-Whitney test, frequency distribution of responses, where independent variables are displayed. The findings suggest that the students/respondents attitude towards safety and their expectations on individual elements of all three security factors differ in the two target groups. The expectations of students/respondents of FCJS regarding the implementation and provision of security are higher compared to students/respondents of HVC. Respondents have different experience with security on their travels, as the number of travels varies quite substantially between students. Both institutions can use the results of the research in the evaluation processes of their study programmes. On the basis of the results of the research it is substantiated that the field and content of study have an impact on the students’ attitude to elements of security while travelling. The findings are intended to all researchers in the field of security and tourism, as

Moving towards Cloud Security

Directory of Open Access Journals (Sweden)

Edit Szilvia Rubóczki

2015-01-01

Full Text Available Cloud computing hosts and delivers many different services via Internet. There are a lot of reasons why people opt for using cloud resources. Cloud development is increasing fast while a lot of related services drop behind, for example the mass awareness of cloud security. However the new generation upload videos and pictures without reason to a cloud storage, but only few know about data privacy, data management and the proprietary of stored data in the cloud. In an enterprise environment the users have to know the rule of cloud usage, however they have little knowledge about traditional IT security. It is important to measure the level of their knowledge, and evolve the training system to develop the security awareness. The article proves the importance of suggesting new metrics and algorithms for measuring security awareness of corporate users and employees to include the requirements of emerging cloud security.

Social Security Measures for Elderly Population in Delhi, India: Awareness, Utilization and Barriers.

Science.gov (United States)

Kohli, Charu; Gupta, Kalika; Banerjee, Bratati; Ingle, Gopal Krishna

2017-05-01

World population of elderly is increasing at a fast pace. The number of elderly in India has increased by 54.77% in the last 15 years. A number of social security measures have been taken by Indian government. To assess awareness, utilization and barriers faced while utilizing social security schemes by elderly in a secondary care hospital situated in a rural area in Delhi, India. A cross-sectional study was conducted among 360 individuals aged 60 years and above in a secondary care hospital situated in a rural area in Delhi. A pre-tested, semi-structured schedule prepared in local language was used. Data was analysed using SPSS software (version 17.0). Chi-square test was used to observe any statistical association between categorical variables. The results were considered statistically significant if p-value was less than 0.05. A majority of study subjects were females (54.2%), Hindu (89.7%), married (60.3%) and were not engaged in any occupation (82.8%). Awareness about Indira Gandhi National Old Age Pension Scheme (IGNOAPS) was present among 286 (79.4%) and Annapurna scheme in 193 (53.6%) subjects. Among 223 subjects who were below poverty line, 179 (80.3%) were aware of IGNOAPS; while, 112 (50.2%) were utilizing the scheme. There was no association of awareness with education status, occupation, religion, family type, marital status and caste (p>0.05). Corruption and tedious administrative formalities were major barriers reported. Awareness generation, provision of information on how to approach the concerned authority for utilizing the scheme and ease of administrative procedures should be an integral part of any social security scheme or measure. In the present study, about 79.4% of elderly were aware and 45% of the eligible subjects were utilizing pension scheme. Major barriers reported in utilization of schemes were corruption and tedious administrative procedures.

78 FR 9768 - Bureau of International Security and Nonproliferation Imposition of Nonproliferation Measures...

Science.gov (United States)

2013-02-11

... DEPARTMENT OF STATE [Public Notice 8184] Bureau of International Security and Nonproliferation Imposition of Nonproliferation Measures Against Foreign Persons, Including a Ban on U.S. Government Procurement AGENCY: Bureau of International Security and Nonproliferation, Department of State. ACTION: Notice...

Implementation of computer security at nuclear facilities in Germany

Energy Technology Data Exchange (ETDEWEB)

Lochthofen, Andre; Sommer, Dagmar [Gesellschaft fuer Anlagen- und Reaktorsicherheit mbH (GRS), Koeln (Germany)

2013-07-01

In recent years, electrical and I and C components in nuclear power plants (NPPs) were replaced by software-based components. Due to the increased number of software-based systems also the threat of malevolent interferences and cyber-attacks on NPPs has increased. In order to maintain nuclear security, conventional physical protection measures and protection measures in the field of computer security have to be implemented. Therefore, the existing security management process of the NPPs has to be expanded to computer security aspects. In this paper, we give an overview of computer security requirements for German NPPs. Furthermore, some examples for the implementation of computer security projects based on a GRS-best-practice-approach are shown. (orig.)

Implementation of computer security at nuclear facilities in Germany

International Nuclear Information System (INIS)

Lochthofen, Andre; Sommer, Dagmar

2013-01-01

In recent years, electrical and I and C components in nuclear power plants (NPPs) were replaced by software-based components. Due to the increased number of software-based systems also the threat of malevolent interferences and cyber-attacks on NPPs has increased. In order to maintain nuclear security, conventional physical protection measures and protection measures in the field of computer security have to be implemented. Therefore, the existing security management process of the NPPs has to be expanded to computer security aspects. In this paper, we give an overview of computer security requirements for German NPPs. Furthermore, some examples for the implementation of computer security projects based on a GRS-best-practice-approach are shown. (orig.)

Wide Area Measurement Based Security Assessment & Monitoring of Modern Power System: A Danish Power System Case Study

DEFF Research Database (Denmark)

Rather, Zakir Hussain; Chen, Zhe; Thøgersen, Paul

2013-01-01

Power System security has become a major concern across the global power system community. This paper presents wide area measurement system (WAMS) based security assessment and monitoring of modern power system. A new three dimensional security index (TDSI) has been proposed for online security...... monitoring of modern power system with large scale renewable energy penetration. Phasor measurement unit (PMU) based WAMS has been implemented in western Danish Power System to realize online security monitoring and assessment in power system control center. The proposed security monitoring system has been...

Measuring Stability and Security in Iraq

National Research Council Canada - National Science Library

2006-01-01

... of the report, "Stability and Security in Iraq," describes trends and progress towards meeting goals for political stability, strengthening economic activity, and achieving a stable security environment in Iraq...

Punishment in School: The Role of School Security Measures

Science.gov (United States)

Mowen, Thomas J.

2014-01-01

Although investigation of school security measures and their relationships to various outcomes including school crime rates (Gottfredson, 2001), perpetuation of social inequality (Ferguson, 2001; Nolan, 2011; Welch & Payne, 2010), and the impact on childhood experiences has seen significant growth within the last 20 years (Newman, 2004;…

Measuring Stability and Security in Iraq

National Research Council Canada - National Science Library

2005-01-01

.... The initial section of the report, "Stability and Security in Iraq," describes trends and progress towards meeting goals for political stability, economic progress, and achieving a stable security environment in Iraq...

Muon Fluence Measurements for Homeland Security Applications

Energy Technology Data Exchange (ETDEWEB)

Ankney, Austin S.; Berguson, Timothy J.; Borgardt, James D.; Kouzes, Richard T.

2010-08-10

This report focuses on work conducted at Pacific Northwest National Laboratory to better characterize aspects of backgrounds in RPMs deployed for homeland security purposes. Two polyvinyl toluene scintillators were utilized with supporting NIM electronics to measure the muon coincidence rate. Muon spallation is one mechanism by which background neutrons are produced. The measurements performed concentrated on a broad investigation of the dependence of the muon flux on a) variations in solid angle subtended by the detector; b) the detector inclination with the horizontal; c) depth underground; and d) diurnal effects. These tests were conducted inside at Building 318/133, outdoors at Building 331G, and underground at Building 3425 at Pacific Northwest National Laboratory.

Using Biometric Characteristics to Increase ITS Security

Directory of Open Access Journals (Sweden)

Miroslav Bača

2007-11-01

Full Text Available Terrorist attacks in New York City and Washington, Districtof Columbia on the morning of September 11, 2001 havechanged our lives. The secwity problem became very importantregarding all spheres of human activities. Tracking persons(employees, customers etc. in ITS (Intelligent Transport Systemis a huge problem. Biometrics offers a very good solutionfor this problem and is today maybe one of the most promisingtechniques for person's secure verification and authentication;biometric system also features some advantages when comparedto other security systems. When using a biometric systemone has to be careful because the functionality of a biometricapplication can be dramatically aggravated if inappropriatebiometric features are selected. Classification of biometric featureson contact and contactless, or distinction between"strong" and "soft" biometric features gives a framework for usingbiometric features, but it does not ensure that biometric featŁtres are implemented at a satisfactory level. The usage ofmultimodal or unimodal biometric system can significantly increasethe system security but it also opens plenty of questionslike privacy etc. This paper describes the implementation ofbiometric features which can be used in ITS, and delineates anew model of usage.

Quantifying, Measuring, and Strategizing Energy Security: Determining the Most Meaningful Dimensions and Metrics

DEFF Research Database (Denmark)

Ren, Jingzheng; Sovacool, Benjamin

2014-01-01

subjective concepts of energy security into more objective criteria, to investigate the cause-effect relationships among these different metrics, and to provide some recommendations for the stakeholders to draft efficacious measures for enhancing energy security. To accomplish this feat, the study utilizes...

Managing Cisco network security

CERN Document Server

Knipp, Eric

2002-01-01

An in-depth knowledge of how to configure Cisco IP network security is a MUST for anyone working in today''s internetworked world"There''s no question that attacks on enterprise networks are increasing in frequency and sophistication..."-Mike Fuhrman, Cisco Systems Manager, Security ConsultingManaging Cisco Network Security, Second Edition offers updated and revised information covering many of Cisco''s security products that provide protection from threats, detection of network security incidents, measurement of vulnerability and policy compliance and management of security policy across an extended organization. These are the tools that network administrators have to mount defenses against threats. Chapters also cover the improved functionality and ease of the Cisco Secure Policy Manger software used by thousands of small-to-midsized businesses and a special section on the Cisco Aironet Wireless Security Solutions.Security from a real-world perspectiveKey coverage of the new technologies offered by the Cisc...

A coherency-based method to increase dynamic security in power systems

Energy Technology Data Exchange (ETDEWEB)

De Tuglie, E. [Dipartimento di Ingegneria dell' Ambiente e per lo Sviluppo Sostenibile - DIASS, Politecnico di Bari, Viale del Turismo 8, 74100 Taranto (Italy); Iannone, S.M.; Torelli, F. [Dipartimento di Elettrotecnica ed Elettronica - DEE, Politecnico di Bari, Via Re David 200, 70125 Bari (Italy)

2008-08-15

Dynamic security analysis is the evaluation of the ability of a system to withstand contingencies by surviving transient conditions to acceptable steady-state operative states. When potential instability due to contingency is detected, preventive action may be desired to improve the system security. This is very important in the on-line operation of a power system, especially when the system is stability-limited. The method proposed in this paper is based on the idea that increasing coherency between generators in the transient behaviour following a system perturbation gives rise to a more stable system. In this paper, we suggest the use of the ''input-output feedback-linearization'' with a reference trajectory obtained using a system dynamic equivalent based on the centre of inertia. To quantify coherency levels a new coherency indicator has been assumed for the given reference trajectory. The result is an increasing level in coherency, critical clearing time and system stability. The method is tested on the IEEE 30 bus test system. (author)

Android Applications Security

OpenAIRE

Paul POCATILU

2011-01-01

The use of smartphones worldwide is growing very fast and also the malicious attacks have increased. The mobile security applications development keeps the pace with this trend. The paper presents the vulnerabilities of mobile applications. The Android applications and devices are analyzed through the security perspective. The usage of restricted API is also presented. The paper also focuses on how users can prevent these malicious attacks and propose some prevention measures, including the a...

Sustainable Phosphorus Measures: Strategies and Technologies for Achieving Phosphorus Security

Directory of Open Access Journals (Sweden)

Stuart White

2013-01-01

Full Text Available Phosphorus underpins the world’s food systems by ensuring soil fertility, maximising crop yields, supporting farmer livelihoods and ultimately food security. Yet increasing concerns around long-term availability and accessibility of the world’s main source of phosphorus—phosphate rock, means there is a need to investigate sustainable measures to buffer the world’s food systems against the long and short-term impacts of global phosphorus scarcity. While the timeline of phosphorus scarcity is contested, there is consensus that more efficient use and recycling of phosphorus is required. While the agricultural sector will be crucial in achieving this, sustainable phosphorus measures in sectors upstream and downstream of agriculture from mine to fork will also need to be addressed. This paper presents a comprehensive classification of all potential phosphorus supply- and demand-side measures to meet long-term phosphorus needs for food production. Examples range from increasing efficiency in the agricultural and mining sector, to technologies for recovering phosphorus from urine and food waste. Such measures are often undertaken in isolation from one another rather than linked in an integrated strategy. This integrated approach will enable scientists and policy-makers to take a systematic approach when identifying potential sustainable phosphorus measures. If a systematic approach is not taken, there is a risk of inappropriate investment in research and implementation of technologies and that will not ultimately ensure sufficient access to phosphorus to produce food in the future. The paper concludes by introducing a framework to assess and compare sustainable phosphorus measures and to determine the least cost options in a given context.

Three Perspectives on DSEEP and Security : Training Goals, Use Cases and the Selection of Security Measures

NARCIS (Netherlands)

Möller, B.; Croom-Johnson, S.; Huiskamp, W.

2013-01-01

As joint, combined and Civil-Military exercises are becoming increasingly common, the need for security in collective mission simulation is growing. SISO has developed the Distributed Simulation Engineering and Execution Process (DSEEP) standard that provides a recommended process for development,

A randomized controlled trial comparing Circle of Security Intervention and treatment as usual as interventions to increase attachment security in infants of mentally ill mothers: Study Protocol.

Science.gov (United States)

Ramsauer, Brigitte; Lotzin, Annett; Mühlhan, Christine; Romer, Georg; Nolte, Tobias; Fonagy, Peter; Powell, Bert

2014-01-30

Psychopathology in women after childbirth represents a significant risk factor for parenting and infant mental health. Regarding child development, these infants are at increased risk for developing unfavorable attachment strategies to their mothers and for subsequent behavioral, emotional and cognitive impairments throughout childhood. To date, the specific efficacy of an early attachment-based parenting group intervention under standard clinical outpatient conditions, and the moderators and mediators that promote attachment security in infants of mentally ill mothers, have been poorly evaluated. This randomized controlled clinical trial tests whether promoting attachment security in infancy with the Circle of Security (COS) Intervention will result in a higher rate of securely attached children compared to treatment as usual (TAU). Furthermore, we will determine whether the distributions of securely attached children are moderated or mediated by variations in maternal sensitivity, mentalizing, attachment representations, and psychopathology obtained at baseline and at follow-up. We plan to recruit 80 mother-infant dyads when infants are aged 4-9 months with 40 dyads being randomized to each treatment arm. Infants and mothers will be reassessed when the children are 16-18 months of age. Methodological aspects of the study are systematic recruitment and randomization, explicit inclusion and exclusion criteria, research assessors and coders blinded to treatment allocation, advanced statistical analysis, manualized treatment protocols and assessments of treatment adherence and integrity. The aim of this clinical trial is to determine whether there are specific effects of an attachment-based intervention that promotes attachment security in infants. Additionally, we anticipate being able to utilize data on maternal and child outcome measures to obtain preliminary indications about potential moderators of the intervention and inform hypotheses about which intervention

The International Legal Framework for Nuclear Security

International Nuclear Information System (INIS)

2011-01-01

The term 'nuclear security' is generally accepted to mean 'the prevention and detection of, and response to, theft, sabotage, unauthorized access, illegal transfer or other malicious acts involving nuclear material, other radioactive substances or their associated facilities.' While the ultimate responsibility for nuclear security within a State rests entirely with that State, the need for regional and international cooperation has become increasingly evident with the growing recognition that the ability to prevent, detect and respond to the threats to nuclear security within one State is affected by the adequacy and effectiveness of nuclear security measures taken by other States, particularly when nuclear material is transported across national frontiers. Since the early 1970s, the IAEA has been called upon to play an ever increasing role in assisting States, upon request, to strengthen their national legal infrastructures and physical protection systems, as well as to facilitate regional and international efforts to enhance nuclear security, including measures to protect against nuclear terrorism. This publication brings together the legally binding primary international instruments and the internationally accepted non-binding instruments that constitute the international legal framework for nuclear security. It does not discuss the safety and safeguards related instruments, which also form a part of the broader legal framework for nuclear security. By setting out the legislative bases for the mandate of the IAEA in the area of nuclear security, it is hoped that this publication will increase awareness of the IAEA's role in facilitating national, regional and international efforts to enhance nuclear security , including measures to protect against nuclear terrorism. It is also intended to serve as a guide in carrying out the IAEA's nuclear security mandate and functions assigned to it under these instruments, including in the elaboration of nuclear security

78 FR 9769 - Bureau of International Security and Nonproliferation Imposition of Nonproliferation Measures on...

Science.gov (United States)

2013-02-11

... DEPARTMENT OF STATE [Public Notice 8182] Bureau of International Security and Nonproliferation Imposition of Nonproliferation Measures on Chinese and Iranian Foreign Persons AGENCY: Bureau of International Security and Nonproliferation, Department of State. ACTION: Notice. SUMMARY: The U.S. Government...

Security camera resolution measurements: Horizontal TV lines versus modulation transfer function measurements.

Energy Technology Data Exchange (ETDEWEB)

Birch, Gabriel Carisle [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Griffin, John Clark [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

2015-01-01

The horizontal television lines (HTVL) metric has been the primary quantity used by division 6000 related to camera resolution for high consequence security systems. This document shows HTVL measurements are fundamen- tally insufficient as a metric to determine camera resolution, and propose a quantitative, standards based methodology by measuring the camera system modulation transfer function (MTF), the most common and accepted metric of res- olution in the optical science community. Because HTVL calculations are easily misinterpreted or poorly defined, we present several scenarios in which HTVL is frequently reported, and discuss their problems. The MTF metric is discussed, and scenarios are presented with calculations showing the application of such a metric.

Device independent quantum key distribution secure against coherent attacks with memoryless measurement devices

International Nuclear Information System (INIS)

McKague, Matthew

2009-01-01

Device independent quantum key distribution (QKD) aims to provide a higher degree of security than traditional QKD schemes by reducing the number of assumptions that need to be made about the physical devices used. The previous proof of security by Pironio et al (2009 New J. Phys. 11 045021) applies only to collective attacks where the state is identical and independent and the measurement devices operate identically for each trial in the protocol. We extend this result to a more general class of attacks where the state is arbitrary and the measurement devices have no memory. We accomplish this by a reduction of arbitrary adversary strategies to qubit strategies and a proof of security for qubit strategies based on the previous proof by Pironio et al and techniques adapted from Renner.

Materials for the information security education

International Nuclear Information System (INIS)

Yashiro, Shigeo; Aoki, Kazuhisa; Sato, Tomohiko; Tanji, Kazuhiro

2014-01-01

With the rapid progress of the utilization of Information Technology (IT), IT infrastructure (network environment and information system) became crucial as a lifeline for promoting business. At the same time, changes in the circumstances surrounding the IT infrastructure globalize the threat of cyber attacks and increase the risk of the information security such as unlawful access to an information system, viral infection, an alteration of a website, disclosure of subtlety information, destruction of an information system and so on. Information security measure is an important issue in Japan Atomic Energy Agency (JAEA). In order to protect the information property of JAEA from the threat, Center for Computational Science and e-Systems (CCSE) has been taking triadic measures for information security: (1) to lay down a set of information security rules, (2) to introduce security equipments to backbone network and (3) to provide information security education. This report is a summary of the contents of the information security education by e-learning. (author)

Breach Risk Magnitude: A Quantitative Measure of Database Security.

Science.gov (United States)

Yasnoff, William A

2016-01-01

A quantitative methodology is described that provides objective evaluation of the potential for health record system breaches. It assumes that breach risk increases with the number of potential records that could be exposed, while it decreases when more authentication steps are required for access. The breach risk magnitude (BRM) is the maximum value for any system user of the common logarithm of the number of accessible database records divided by the number of authentication steps needed to achieve such access. For a one million record relational database, the BRM varies from 5.52 to 6 depending on authentication protocols. For an alternative data architecture designed specifically to increase security by separately storing and encrypting each patient record, the BRM ranges from 1.3 to 2.6. While the BRM only provides a limited quantitative assessment of breach risk, it may be useful to objectively evaluate the security implications of alternative database organization approaches.

Quantum Secure Communication Scheme with W State

International Nuclear Information System (INIS)

Wang Jian; Zhang Quan; Tang Chaojng

2007-01-01

We present a quantum secure communication scheme using three-qubit W state. It is unnecessary for the present scheme to use alternative measurement or Bell basis measurement. Compared with the quantum secure direct communication scheme proposed by Cao et al. [H.J. Cao and H.S. Song, Chin. Phys. Lett. 23 (2006) 290], in our scheme, the detection probability for an eavesdropper's attack increases from 8.3% to 25%. We also show that our scheme is secure for a noise quantum channel.

Computer Security: Computer security threats, vulnerabilities and attacks (3/4)

CERN Document Server

CERN. Geneva

2012-01-01

Antonio Perez Perez works in the Computer Security Team doing software development, sysadmin tasks and operations. He is also involved on grid security and does 1st line security support at CERN on ROTA. With the prevalence of modern information technologies and its increasing integration into our daily live, digital systems become more and more playground for evil people. While in the past, attacks were driven by fame& kudos, nowadays money is the motivating factor. Just the recent months have shown several successful attacks against e.g. Sony, PBS, UNESCO, RSAsecurity, Citibank, and others. Credit card information of hundreds of thousands of people got exposed. Affected companies not only lost their assets and data, also their reputation has suffered. Thus, proper computer security measures are essential. Without question, security must even more become an inherent ingredient when developing, deploying, and operating applications, web sites, and computing services. These lectures shall give an ove...

Nuclear Security Systems and Measures for Major Public Events. Implementing Guide (Russian Edition)

International Nuclear Information System (INIS)

2014-01-01

Terrorism remains a threat to international stability and security. High profile international and national major public events occur regularly, capturing great public interest and receiving intense media coverage. It is widely acknowledged that there is a substantial threat of a terrorist attack on major public events such as high profile political or economic summit meetings or major sporting contests. The threat of nuclear and radiological terrorism remains on the international security agenda. Nevertheless, to reduce this risk, the international community has made great progress in securing nuclear and other radioactive material that could otherwise be used in a terrorist act. This progress is contingent on the efforts of all States to adopt strong nuclear security systems and measures. There are large quantities of diverse radioactive material in existence, which are used in areas such as health, the environment, agriculture and industry. The hazards of this material vary according to composition and intensity. Additionally, the use of explosives in combination with this material can drastically enhance the impact of a criminal or terrorist act. If a criminal or terrorist group managed to detonate a so-called 'dirty' bomb in an urban area, the result could be mass panic, widespread radioactive contamination and major economic and social disruption. Major public events are seldom held in the same State or at the same location or even at the same venue. At the national level, the hosting of major public events with proper nuclear security arrangements can provide a foundation on which to build an enduring national framework for nuclear security; one that can exist long after the event. The organization of a major public event in which large numbers of people congregate presents complex security challenges for the State hosting such an event. Criminal or terrorist acts involving nuclear or other radioactive material at any major public event could result in

Measuring Security Effectiveness and Efficiency at U.S. Commercial Airports

Science.gov (United States)

2013-03-01

general management, public administration, and performance measurement principles. The main objective is to discover patterns or trends in the writings ...security programs. Some of the writing is critical of administrative policy before and after 9/11, and takes exception to an apparent lack of unity...measurement tools. The diverse group should not be turned loose to freelance ; but should be held accountable with formal direction, based on stakeholder

Security research roadmap; Security-tutkimuksen roadmap

Energy Technology Data Exchange (ETDEWEB)

Naumanen, M.; Rouhiainen, V. (eds.)

2006-02-15

Requirements for increasing security have arisen in Europe after highly visible and tragic events in Madrid and in London. While responsibility for security rests largely with the national activities, the EU has also started planning a research area .Space and security. as a part of the 7th Framework Programme. As the justification for this research area it has been presented that technology alone can not assure security, but security can not be assured without the support of technology. Furthermore, the justification highlights that security and military research are becoming ever closer. The old separation between civil and military research is decreasing, because it has been noticed that both areas are nowadays utilising the same knowledge. In Finland, there is already now noteworthy entrepreneurship related to security. Although some of the companies are currently only operating in Finland, others are already international leaders in their area. The importance of the security area is increasing and remarkable potential for new growth business areas can already be identified. This however also requires an increase in research efforts. VTT has a broad range of security research ongoing in many technology areas. The main areas have been concentrating on public safety and security, but VTT is participating also in several research projects related to the defence technology. For identifying and defining in more detail the expertise and research goals, the Security research roadmap was developed. The roadmap identified three particularly significant areas related to security. The assurance of critical infrastructure emphasises the protection of energy networks, information networks, water supply, traffic and transport, and obviously also the citizens. For assuring the activities of entrepreneurship, significant areas include the security of production and services, the security of sites and assets, and information security for embedded systems. The most important

An evaluation of security measures implemented to address physical threats to water infrastructure in the state of Mississippi.

Science.gov (United States)

Barrett, Jason R; French, P Edward

2013-01-01

The events of September 11, 2001, increased and intensified domestic preparedness efforts in the United States against terrorism and other threats. The heightened focus on protecting this nation's critical infrastructure included legislation requiring implementation of extensive new security measures to better defend water supply systems against physical, chemical/biological, and cyber attacks. In response, municipal officials have implemented numerous safeguards to reduce the vulnerability of these systems to purposeful intrusions including ongoing vulnerability assessments, extensive personnel training, and highly detailed emergency response and communication plans. This study evaluates fiscal year 2010 annual compliance assessments of public water systems with security measures that were implemented by Mississippi's Department of Health as a response to federal requirements to address these potential terrorist threats to water distribution systems. The results show that 20 percent of the water systems in this state had at least one security violation on their 2010 Capacity Development Assessment, and continued perseverance from local governments is needed to enhance the resiliency and robustness of these systems against physical threats.

Wolf Attack Probability: A Theoretical Security Measure in Biometric Authentication Systems

Science.gov (United States)

Une, Masashi; Otsuka, Akira; Imai, Hideki

This paper will propose a wolf attack probability (WAP) as a new measure for evaluating security of biometric authentication systems. The wolf attack is an attempt to impersonate a victim by feeding “wolves” into the system to be attacked. The “wolf” means an input value which can be falsely accepted as a match with multiple templates. WAP is defined as a maximum success probability of the wolf attack with one wolf sample. In this paper, we give a rigorous definition of the new security measure which gives strength estimation of an individual biometric authentication system against impersonation attacks. We show that if one reestimates using our WAP measure, a typical fingerprint algorithm turns out to be much weaker than theoretically estimated by Ratha et al. Moreover, we apply the wolf attack to a finger-vein-pattern based algorithm. Surprisingly, we show that there exists an extremely strong wolf which falsely matches all templates for any threshold value.

[Are the flight security measures good for the patients? The "sickurity" problem].

Science.gov (United States)

Felkai, Péter

2010-10-10

Due to the stiffening requirements of security measures at the airports, prevention of air-travel related illnesses have become more difficult. The backlash effects of restrictions (e.g. fluid and movement restrictions) can trigger or even improve pathophysiological processes. The most advanced security check methods, the full body scan, besides ethical and moral considerations, may induce yet unknown pathological processes. We face the similar problem with the traveller, who becomes ill or injured during the trip. In this case, repatriation is often required, which is usually accomplished by commercial airlines. If patient should be transported by stretcher, it is also available on regular flight, but in this case he/she must be accompanied by a medical professional. This solution raises much more security problem: not only the sick person and the medical team, but even their medical equipments and medicines have to be checked. Due to the lack of standardised regulations the security staff solves the problem by various attempts from emphatic approach till refusal. For these reasons, a clear and exact regulation is needed, which must be based upon medical experts' opinion, and should deal not only with the flight security but with the patient's security, as well. This regulation can cease the patients and their medical accompanied persons' to be defencelessness against local authorities and security services. The same is true for handicapped persons. Author suggests solutions for the problem, balancing between flight security and the patient's "sickurity".

Audit for Information Systems Security

Directory of Open Access Journals (Sweden)

Ana-Maria SUDUC

2010-01-01

Full Text Available The information and communication technologies advances made available enormous and vast amounts of information. This availability generates also significant risks to computer systems, information and to the critical operations and infrastructures they support. In spite of significant advances in the information security area many information systems are still vulnerable to inside or outside attacks. The existence of an internal audit for information system security increases the probability of adopting adequate security measures and preventing these attacks or lowering the negative consequences. The paper presents an exploratory study on informatics audit for information systems security.

BERN railway station: security assessment under a speed increase of trains from 30 to 40 km h-1

International Nuclear Information System (INIS)

Ribaux, C.; Capron, M.

1994-01-01

In the frame of the ''Rail 2000'' project, the CFF (Swiss Railways) would like to increase the speed of trains arriving in Bern station. On the eastern head, this speed would be raised from 30 to 40kmh -1 . The superstructure is formed by a three-storey building which rests on 450mm diameter steel columns.The aim of the present study was: - to determine the security loss of the station superstructure under a train impact on the columns at 40kmh -1 rather than at 30kmh -1 - to propose measures in order to get at 40kmh -1 the same security as at 30kmh -1 Four approaches are dealt with: (1)on the base of accidents statistics and of their cost; (2)review of possible dynamical approaches; (3)equivalent static load (from European railways codes); (4)energy in which, starting from its initial speed, the train loses energy on different obstacles (ballast, platform, protection devices, walls, train's own deformation) and the remaining energy is compared with the maximum energy that the column can dissipate by deformation.The conclusions are presented as a 'security plan' and the proposed protection costs are evaluated. ((orig.))

Measuring Library Vendor Cyber Security: Seven Easy Questions Every Librarian Can Ask

Directory of Open Access Journals (Sweden)

Alex Caro

2016-04-01

Full Text Available This article is based on an independent cyber security risk management audit for a public library system completed by the authors in early 2015 and based on a research paper by the same group at Clark University in 2014. We stress that while cyber security must include raising public knowledge in regard to cyber security issues and resources, and libraries are indeed the perfect place to disseminate this knowledge, librarians are also in a unique position as the gatekeepers of information services provided to the public and should conduct internal audits to ensure our content partners and IT vendors take cyber security as seriously as the library and its staff. One way to do this is through periodic reviews of existing vendor relationships. To this end, the authors created a simple grading rubric you can adopt or modify to help take this first step towards securing your library data. It is intended to be used by both technical and non-technical staff as a simple measurement of what vendor agreements currently exist and how they rank, while at the same time providing a roadmap for which security features or policy statements the library can or should require moving forward.

A Case Study on E - Banking Security – When Security Becomes Too Sophisticated for the User to Access Their Information

OpenAIRE

Aaron M. French

2012-01-01

While eBanking security continues to increase in sophistication to protect against threats, the usability of the eBanking decreases resulting in poor security behaviors by the users. The current research evaluates se curity risks and measures taken for eBanking solutions. A case study is presented describing how increased complexity decreases vulnerabilities online but increases vulnerabilities from internal threats and eBanking users

Human Factors in Coast Guard Computer Security - An Analysis of Current Awareness and Potential Techniques to Improve Security Program Viability

National Research Council Canada - National Science Library

Whalen, Timothy

2001-01-01

.... As such, our ability to ensure the security of those systems is also increasing in import. Traditional information security measures tend to be system-oriented and often fail to address the human element that is critical to system success...

Long-term energy services security: What is it and how can it be measured and valued?

International Nuclear Information System (INIS)

Jansen, Jaap C.; Seebregts, Ad J.

2010-01-01

The paper reviews some recent approaches towards measuring the extent of long-term energy security and security externality valuation. It starts out to discuss the contextual connotations of notions of 'energy security' in medium to long-term time frames and reviews some indicators that have been proposed to quantify it. Special attention is paid to two of these approaches, which the authors helped to develop, i.e. diversity-based indices and the Supply/Demand Index. The paper takes issue with conventional welfare economic approaches that neglect: (i) the scope on the demand side for raising security and (ii) negative feedback mechanisms of socio-political impacts of international rent transfers in fossil fuels exporting countries. The concept of energy services security is proposed with a demand-side focus. This enables application of an integrated approach to gauge the resilience of a society to meet the needs of its population for energy services over longer timescales ahead from various interrelated perspectives. Propositions are made on the attribution of security externalities to the use of fossil fuels, policies, and suggestions for further improvements of measures for energy services security.

Enhancing QKD security with weak measurements

Science.gov (United States)

Farinholt, Jacob M.; Troupe, James E.

2016-10-01

Publisher's Note: This paper, originally published on 10/24/2016, was replaced with a corrected/revised version on 11/8/2016. If you downloaded the original PDF but are unable to access the revision, please contact SPIE Digital Library Customer Service for assistance. In the late 1980s, Aharonov and colleagues developed the notion of a weak measurement of a quantum observable that does not appreciably disturb the system.1, 2 The measurement results are conditioned on both the pre-selected and post-selected state of the quantum system. While any one measurement reveals very little information, by making the same measurement on a large ensemble of identically prepared pre- and post-selected (PPS) states and averaging the results, one may obtain what is known as the weak value of the observable with respect to that PPS ensemble. Recently, weak measurements have been proposed as a method of assessing the security of QKD in the well-known BB84 protocol.3 This weak value augmented QKD protocol (WV-QKD) works by additionally requiring the receiver, Bob, to make a weak measurement of a particular observable prior to his strong measurement. For the subset of measurement results in which Alice and Bob's measurement bases do not agree, the weak measurement results can be used to detect any attempt by an eavesdropper, Eve, to correlate her measurement results with Bob's. Furthermore, the well-known detector blinding attacks, which are known to perfectly correlate Eve's results with Bob's without being caught by conventional BB84 implementations, actually make the eavesdropper more visible in the new WV-QKD protocol. In this paper, we will introduce the WV-QKD protocol and discuss its generalization to the 6-state single qubit protocol. We will discuss the types of weak measurements that are optimal for this protocol, and compare the predicted performance of the 6- and 4-state WV-QKD protocols.

Increasing Android Security using a Lightweight OVAL-based Vulnerability Assessment Framework

OpenAIRE

Barrère , Martín; Hurel , Gaëtan; Badonnel , Rémi; Festor , Olivier

2012-01-01

International audience; Mobile computing devices and the services offered by them are utilized by millions of users on a daily basis. However, they operate in hostile environments getting exposed to a wide variety of threats. Accordingly, vulnerability management mechanisms are highly required. We present in this paper a novel approach for increasing the security of mobile devices by efficiently detecting vulnerable configurations. In that context, we propose a modeling for performing vulnera...

Decision Model for U.S.- Mexico Border Security Measures

Science.gov (United States)

2017-09-01

missions that the I&A focuses on is, “border security, including narcotics smuggling, alien and human smuggling, and money laundering ...and money assigned to border security investments. 14. SUBJECT TERMS Department of Homeland Security (DHS), border security, U.S.–Mexico border...and money assigned to border security investments. vi THIS PAGE INTENTIONALLY LEFT BLANK vii TABLE OF CONTENTS I. INTRODUCTION

Measuring Efficacy of Information Security Policies : A Case Study of UAE based company

OpenAIRE

Qureshi, Muhammad Sohail

2012-01-01

Nowadays information security policies are operative in many organizations. Currently few organizations take the pain of verifying the efficacy of these policies. Different standards and procedures exist about methods of measuring efficacy of information security policies. Choosing and implementing them depends mainly on the key performance indicators (KPIs) and key risk indicators (KRIs) of any particular organization. This thesis is a case study of an organization in United Arab Emirates (U...

Strategic information security

CERN Document Server

Wylder, John

2003-01-01

Introduction to Strategic Information SecurityWhat Does It Mean to Be Strategic? Information Security Defined The Security Professional's View of Information Security The Business View of Information SecurityChanges Affecting Business and Risk Management Strategic Security Strategic Security or Security Strategy?Monitoring and MeasurementMoving Forward ORGANIZATIONAL ISSUESThe Life Cycles of Security ManagersIntroductionThe Information Security Manager's Responsibilities The Evolution of Data Security to Information SecurityThe Repository Concept Changing Job Requirements Business Life Cycles

Autonomic computing meets SCADA security

OpenAIRE

Nazir, S; Patel, S; Patel, D

2017-01-01

© 2017 IEEE. National assets such as transportation networks, large manufacturing, business and health facilities, power generation, and distribution networks are critical infrastructures. The cyber threats to these infrastructures have increasingly become more sophisticated, extensive and numerous. Cyber security conventional measures have proved useful in the past but increasing sophistication of attacks dictates the need for newer measures. The autonomic computing paradigm mimics the auton...

Security Injections 2.0: Increasing Engagement and Faculty Adoption Using Enhanced Secure Coding Modules for Lower-Level Programming Courses

OpenAIRE

Raina , Sagar; Taylor , Blair; Kaza , Siddharth

2015-01-01

Part 2: Software Security Education; International audience; Learning interventions based on modules are common in computer science education. Traditional learning modules that present a large amount of content in a linear format can lead to students skimming and skipping content resulting in lower student engagement and effectiveness. In this paper, we present theoretical support for increasing engagement and effectiveness of learning modules, describe a system that implements these principl...

Pragmatic security metrics applying metametrics to information security

CERN Document Server

Brotby, W Krag

2013-01-01

Other books on information security metrics discuss number theory and statistics in academic terms. Light on mathematics and heavy on utility, PRAGMATIC Security Metrics: Applying Metametrics to Information Security breaks the mold. This is the ultimate how-to-do-it guide for security metrics.Packed with time-saving tips, the book offers easy-to-follow guidance for those struggling with security metrics. Step by step, it clearly explains how to specify, develop, use, and maintain an information security measurement system (a comprehensive suite of metrics) to

Bio-security measures employed by poultry farmers in Enugu State ...

African Journals Online (AJOL)

Major bio-security measures used by farmers include: inspection of flock daily to pick mortalities (x̄ =3.7), isolation and quarantine of sick birds (x̄ =3.7), vaccination of birds (x̄ =3.6), as well as adequate cleaning of feeding and drinking troughs (x̄ =3.6). The standardized coefficients for age (0.327), farming experience ...

Securing Major Events

International Nuclear Information System (INIS)

Loeoef, Susanna

2013-01-01

When asked why the IAEA should provide nuclear security support to countries that organize large public events, Nuclear Security Officer Sophia Miaw answers quickly and without hesitation. ''Imagine any major public event such as the Olympics, a football championship, or an Expo. If a dirty bomb were to be exploded at a site where tens of thousands of people congregate, the radioactive contamination would worsen the effects of the bomb, increase the number of casualties, impede a rapid emergency response, and cause long term disruption in the vicinity,'' she said. Avoiding such nightmarish scenarios is the driving purpose behind the assistance the IAEA offers States that host major sporting or other public events. The support can range from a single training course to a comprehensive programme that includes threat assessment, training, loaned equipment and exercises. The type and scope of assistance depends on the host country's needs. ''We incorporate nuclear security measures into their security plan. We don't create anything new,'' Miaw said

Radioactive Waste SECURITY

International Nuclear Information System (INIS)

Brodowski, R.; Drapalik, M.; Gepp, C.; Gufler, K.; Sholly, S.

2010-01-01

The purpose of this work is to investigate the safety requirements for a radioactive waste repository, the fundamental problems involved and the legislative rules and arrangements for doing so. As the title already makes clear, the focus of this work is on aspects that can be assigned to the security sector - ie the security against the influence of third parties - and are to be distinguished from safety measures for the improvement of the technical safety aspects. In this context, mention is made of events such as human intrusion into guarded facilities, whereas e.g. a geological analysis on seismic safety is not discussed. For a variety of reasons, the consideration of security nuclear waste repositories in public discussions is increasingly taking a back seat, as ia. Terrorist threats can be considered as negligible risk or well calculable. Depending on the type of storage, different security aspects still have to be considered. (roessner)

Cyber security

CERN Document Server

Voeller, John G

2014-01-01

Cyber Security features articles from the Wiley Handbook of Science and Technology for Homeland Security covering topics related to cyber security metrics and measure  and related technologies that meet security needs. Specific applications to web services, the banking and the finance sector, and industrial process control systems are discussed.

Measuring the security of external energy supply in the European Union

DEFF Research Database (Denmark)

Le Coq, Chloe; Paltseva, Elena

2009-01-01

The security of energy supply is one of the main objectives of EU energy policy. In this paper, we introduce an index designed to evaluate the short-term risks associated with the external supply of energy to the EU Member States. It combines measures of energy import diversification, political...

Multimedia and security: Workshop at ACM Multimedia '98, Bristol, U.K., September 12 - 13, 1998

OpenAIRE

Dittmann, J.; Wohlmacher, P.; Horster, P.; Steinmetz, R.

1998-01-01

In this paper we describe the most important security requirements, which must be fulfilled by today's IT-systems, and the security measures used to satisfy these requirements. These security measures are based on modern cryptographic mechanisms as well as on security infrastructures. Regarding data security and communication security in particular in the field of multimedia, the requirements on security increase. If and in which way the discussed security mechanisms can be applied to multime...

Measuring Global Water Security Towards Sustainable Development Goals

Science.gov (United States)

Gain, Animesh K.; Giupponi, Carlo; Wada, Yoshihide

2016-01-01

Water plays an important role in underpinning equitable, stable and productive societies and ecosystems. Hence, United Nations recognized ensuring water security as one (Goal 6) of the seventeen sustainable development goals (SDGs). Many international river basins are likely to experience 'low water security' over the coming decades. Water security is rooted not only in the physical availability of freshwater resources relative to water demand, but also on social and economic factors (e.g. sound water planning and management approaches, institutional capacity to provide water services, sustainable economic policies). Until recently, advanced tools and methods are available for the assessment of water scarcity. However, quantitative and integrated-physical and socio-economic-approaches for spatial analysis of water security at global level are not available yet. In this study, we present a spatial multi-criteria analysis framework to provide a global assessment of water security. The selected indicators are based on Goal 6 of SDGs. The term 'security' is conceptualized as a function of 'availability', 'accessibility to services', 'safety and quality', and 'management'. The proposed global water security index (GWSI) is calculated by aggregating indicator values on a pixel-by-pixel basis, using the ordered weighted average method, which allows for the exploration of the sensitivity of final maps to different attitudes of hypothetical policy makers. Our assessment suggests that countries of Africa, South Asia and Middle East experience very low water security. Other areas of high water scarcity, such as some parts of United States, Australia and Southern Europe, show better GWSI values, due to good performance of management, safety and quality, and accessibility. The GWSI maps show the areas of the world in which integrated strategies are needed to achieve water related targets of the SDGs particularly in the African and Asian continents.

Door locking and exit security measures on acute psychiatric admission wards

NARCIS (Netherlands)

Nijman, H.L.I.; Bowers, L.; Haglund, K.; Muir-Cochrane, E.; Simpson, A.; Merwe, M. van der

2011-01-01

Locking the exit doors of psychiatric wards is believed to reduce the risk of patients absconding. The aims of the study were to investigate both the prevalence of door locking and other exit security measures on UK admission wards, as well as whether door locking appears to be effective in keeping

Green Secure Processors: Towards Power-Efficient Secure Processor Design

Science.gov (United States)

Chhabra, Siddhartha; Solihin, Yan

With the increasing wealth of digital information stored on computer systems today, security issues have become increasingly important. In addition to attacks targeting the software stack of a system, hardware attacks have become equally likely. Researchers have proposed Secure Processor Architectures which utilize hardware mechanisms for memory encryption and integrity verification to protect the confidentiality and integrity of data and computation, even from sophisticated hardware attacks. While there have been many works addressing performance and other system level issues in secure processor design, power issues have largely been ignored. In this paper, we first analyze the sources of power (energy) increase in different secure processor architectures. We then present a power analysis of various secure processor architectures in terms of their increase in power consumption over a base system with no protection and then provide recommendations for designs that offer the best balance between performance and power without compromising security. We extend our study to the embedded domain as well. We also outline the design of a novel hybrid cryptographic engine that can be used to minimize the power consumption for a secure processor. We believe that if secure processors are to be adopted in future systems (general purpose or embedded), it is critically important that power issues are considered in addition to performance and other system level issues. To the best of our knowledge, this is the first work to examine the power implications of providing hardware mechanisms for security.

Mobile Device Security: Perspectives of Future Healthcare Workers.

Science.gov (United States)

Hewitt, Barbara; Dolezel, Diane; McLeod, Alexander

2017-01-01

Healthcare data breaches on mobile devices continue to increase, yet the healthcare industry has not adopted mobile device security standards. This increase is disturbing because individuals are often accessing patients' protected health information on personal mobile devices, which could lead to a data breach. This deficiency led the researchers to explore the perceptions of future healthcare workers regarding mobile device security. To determine healthcare students' perspectives on mobile device security, the investigators designed and distributed a survey based on the Technology Threat Avoidance Theory. Three hundred thirty-five students participated in the survey. The data were analyzed to determine participants' perceptions about security threats, effectiveness and costs of safeguards, self-efficacy, susceptibility, severity, and their motivation and actions to secure their mobile devices. Awareness of interventions to protect mobile devices was also examined. Results indicate that while future healthcare professionals perceive the severity of threats to their mobile data, they do not feel personally susceptible. Additionally, participants were knowledgeable about security safeguards, but their knowledge of costs and problems related to the adoption of these measures was mixed. These findings indicate that increasing security awareness of healthcare professionals should be a priority.

Measuring energy security. Can the United States achieve oil independence?

International Nuclear Information System (INIS)

Greene, David L.

2010-01-01

Stochastic simulation of the direct economic costs of oil dependence in an uncertain future is proposed as a useful metric of oil dependence. The market failure from which these costs arise is imperfect competition in the world oil market, chiefly as a consequence of the use of market power by the Organization of the Petroleum Exporting Countries (OPEC) cartel. Oil dependence costs can be substantial. It is estimated that oil dependence costs to the US economy in 2008 will exceed $500 billion. Other costs, such as military expenditures or foreign policy constraints are deemed to be largely derivative of the actual or potential economic costs of oil dependence. The use of quantifiable economic costs as a security metric leads to a measurable definition of oil independence, or oil security, which can be used to test the ability of specific policies to achieve oil independence in an uncertain future. (author)

Food safety security: a new concept for enhancing food safety measures.

Science.gov (United States)

Iyengar, Venkatesh; Elmadfa, Ibrahim

2012-06-01

The food safety security (FSS) concept is perceived as an early warning system for minimizing food safety (FS) breaches, and it functions in conjunction with existing FS measures. Essentially, the function of FS and FSS measures can be visualized in two parts: (i) the FS preventive measures as actions taken at the stem level, and (ii) the FSS interventions as actions taken at the root level, to enhance the impact of the implemented safety steps. In practice, along with FS, FSS also draws its support from (i) legislative directives and regulatory measures for enforcing verifiable, timely, and effective compliance; (ii) measurement systems in place for sustained quality assurance; and (iii) shared responsibility to ensure cohesion among all the stakeholders namely, policy makers, regulators, food producers, processors and distributors, and consumers. However, the functional framework of FSS differs from that of FS by way of: (i) retooling the vulnerable segments of the preventive features of existing FS measures; (ii) fine-tuning response systems to efficiently preempt the FS breaches; (iii) building a long-term nutrient and toxicant surveillance network based on validated measurement systems functioning in real time; (iv) focusing on crisp, clear, and correct communication that resonates among all the stakeholders; and (v) developing inter-disciplinary human resources to meet ever-increasing FS challenges. Important determinants of FSS include: (i) strengthening international dialogue for refining regulatory reforms and addressing emerging risks; (ii) developing innovative and strategic action points for intervention {in addition to Hazard Analysis and Critical Control Points (HACCP) procedures]; and (iii) introducing additional science-based tools such as metrology-based measurement systems.

A Research Agenda for Security Engineering

Directory of Open Access Journals (Sweden)

Rich Goyette

2013-08-01

Full Text Available Despite nearly 30 years of research and application, the practice of information system security engineering has not yet begun to exhibit the traits of a rigorous scientific discipline. As cyberadversaries have become more mature, sophisticated, and disciplined in their tradecraft, the science of security engineering has not kept pace. The evidence of the erosion of our digital security – upon which society is increasingly dependent – appears in the news almost daily. In this article, we outline a research agenda designed to begin addressing this deficit and to move information system security engineering toward a mature engineering discipline. Our experience suggests that there are two key areas in which this movement should begin. First, a threat model that is actionable from the perspectives of risk management and security engineering should be developed. Second, a practical and relevant security-measurement framework should be developed to adequately inform security-engineering and risk-management processes. Advances in these areas will particularly benefit business/government risk assessors as well as security engineers performing security design work, leading to more accurate, meaningful, and quantitative risk analyses and more consistent and coherent security design decisions. Threat modelling and security measurement are challenging activities to get right – especially when they need to be applied in a general context. However, these are decisive starting points because they constitute the foundation of a scientific security-engineering practice. Addressing these challenges will require stronger and more coherent integration between the sub-disciplines of risk assessment and security engineering, including new tools to facilitate that integration. More generally, changes will be required in the way security engineering is both taught and practiced to take into account the holistic approach necessary from a mature, scientific

The adoption of IT security standards in a healthcare environment.

Science.gov (United States)

Gomes, Rui; Lapão, Luís Velez

2008-01-01

Security is a vital part of daily life to Hospitals that need to ensure that the information is adequately secured. In Portugal, more CIOs are seeking that their hospital IS departments are properly protecting information assets from security threats. It is imperative to take necessary measures to ensure risk management and business continuity. Security management certification provides just such a guarantee, increasing patient and partner confidence. This paper introduces one best practice for implementing four security controls in a hospital datacenter infrastructure (ISO27002), and describes the security assessment for implementing such controls.

Measuring energy security: Trends in the diversification of oil and natural gas supplies

International Nuclear Information System (INIS)

Cohen, Gail; Joutz, Frederick; Loungani, Prakash

2011-01-01

We present evidence on one facet of energy security in OECD economies-the extent of diversification in sources of oil and natural gas supplies. Viewed from the perspective of the energy-importing countries as a whole, there has not been much change in diversification in oil supplies over the last decade, but diversification in sources of natural gas supplies has increased steadily. We document the considerable cross-country heterogeneity in the extent of diversification. We also show how the extent of diversification changes if account is taken of the political risk attached to suppliers; the size of the importing country; and transportation risk. - Highlights: → Global diversification is constant but large differences exist among countries. → Political risk and distance have large impacts on diversity measures. → Size has little impact on diversity measures. → France, US, and UK show low vulnerability for both fuels. → Smaller European countries show high vulnerability for both fuels.

Molecules for security measures: from keypad locks to advanced communication protocols.

Science.gov (United States)

Andréasson, J; Pischel, U

2018-04-03

The idea of using molecules in the context of information security has sparked the interest of researchers from many scientific disciplines. This is clearly manifested in the diversity of the molecular platforms and the analytical techniques used for this purpose, some of which we highlight in this Tutorial Review. Moreover, those molecular systems can be used to emulate a broad spectrum of security measures. For a long time, molecular keypad locks enjoyed a clear preference and the review starts off with a description of how these devices developed. In the last few years, however, the field has evolved into something larger. Examples include more complex authentication protocols (multi-factor authentication and one-time passwords), the recognition of erroneous procedures in data transmission (parity devices), as well as steganographic and cryptographic protection.

Strategic planning and security analysis

International Nuclear Information System (INIS)

DePasquale, S.

1991-01-01

Nuclear security master planning is a deliberative process, founded on the premise that the broad scope of security must be analyzed before any meaningful determinations may be reached on an individual security aspect. This paper examines the analytical process required in developing a Security Master Plan. It defines a four stage process concluding with the selection of security measures encompassing physical security, policy and procedure considerations and guard force deployment. The final product orchestrates each security measure in a complementary and supportive configuration

Measuring Stability and Security in Iraq

National Research Council Canada - National Science Library

2006-01-01

.... The first section of the report, Stability and Security in Iraq, describes trends and progress towards meeting goals for political stability, strengthening economic activity, and achieving a stable...

ASPECTS OF POLICIES AND STRATEGIES FOR CYBER SECURITY IN THE EUROPEAN UNION

Directory of Open Access Journals (Sweden)

Ilina ARMENCHEVA

2015-10-01

Full Text Available Freedom and prosperity of mankind greatly depend on an innovative, safe and reliable Internet that, of course, will keep evolving. Cyber space must be protected from incidents, misuse and abuse. Handling the increasing number of threats to cyber security is a challenge that national security and the trend in the international environment face. This makes taking fast and adequate measures at national, European and international level a must. Changing national security strategies and adopting new cyber security strategies are a part of these measures.

Significance of the institute of appeals under the conditions of increasing threats to national security

Directory of Open Access Journals (Sweden)

A. V. Kapulovskyi

2015-03-01

Full Text Available The article deals with the regulatory and scientific foundation for the development of the institute of citizens’ treatments in terms of obvious internal and external threats to national security. An attempt to construct an applicable model of management of public processes in terms of threats to national security, in which public opinion plays a key value. The fact that a successful resolution of problem of public participation in the preparation and acceptance of political decisions requires not only the presence of the constitutionally enshrined rights and duties and political institutions formed democratically, but also a variety of forms and ways of influencing in the activities of public authorities. At the same time, in a not declared, the so-called »hybrid» war, in which warfare are conducted locally - in some parts of the state and all other public and private institutions function in usual mode, tracking of possible threats to national security and factors that give rise to such threats should be carried out by means of both cleanly military, and civil means and methods. Thus, one of the most effective civil means of tracking such threats are the reception of citizens’ treatments, their processing and the adoption of appropriate response measures, in my opinion. Keywords: national security, public safety, human rights, public authorities, public interest.

Data-driven security analysis, visualization and dashboards

CERN Document Server

Jacobs, Jay

2014-01-01

Uncover hidden patterns of data and respond with countermeasures Security professionals need all the tools at their disposal to increase their visibility in order to prevent security breaches and attacks. This careful guide explores two of the most powerful ? data analysis and visualization. You'll soon understand how to harness and wield data, from collection and storage to management and analysis as well as visualization and presentation. Using a hands-on approach with real-world examples, this book shows you how to gather feedback, measure the effectiveness of your security methods, and ma

[Planning a Health Residence for Prison Security Measures, Tuscany (Italy)].

Science.gov (United States)

Porfido, Eugenio; Colombai, Renato; Scarpa, Franco; Totaro, Michele; Tani, Luca; Baldini, Claudio; Baggiani, Angelo

2016-01-01

Health Residences for Prison Security Measures are facilities hosting psychotic persons who have committed crimes and providing them with personalized rehabilitation and treatment plans to promote their reinstatement in society. The aim of this study was to describe the criteria for planning and designing a prison health residence in the Tuscany region (Italy), to be managed by the regional healthcare service, in line with current regulations, with dedicated staff for providing specific treatment plans and programmes.

Empowerment and BYOx: Towards Improved IS Security Compliance

DEFF Research Database (Denmark)

Welck, Maximilian von; Trenz, Manuel; Jensen, Tina Blegind

2017-01-01

Non-compliant employees continue to pose a serious threat to information systems security. Most attempts to increase compliant behavior rely on measures that reduce employees’ latitude. However, recent studies suggest that this indeed eventuates in less compliance due to adverse behaviors...... outline how this novel approach to improve IS security compliance can be developed and investigated further....

A game theoretic framework for evaluation of the impacts of hackers diversity on security measures

International Nuclear Information System (INIS)

Zare Moayedi, Behzad; Azgomi, Mohammad Abdollahi

2012-01-01

Game theoretical methods offer new insights into quantitative evaluation of dependability and security. Currently, there is a wide range of useful game theoretic approaches to model the behaviour of intelligent agents. However, it is necessary to revise these approaches if there is a community of hackers with significant diversity in their behaviours. In this paper, we introduce a novel approach to extend the basic ideas of applying game theory in stochastic modelling. The proposed method classifies the community of hackers based on two main criteria used widely in hacker classifications, which are motivation and skill. We use Markov chains to model the system and compute the transition rates between the states based on the preferences and the skill distributions of hacker classes. The resulting Markov chains can be solved to obtain the desired security measures. We also present the results of an illustrative example using the proposed approach, which examines the relation between the attributes of the community of hackers and the security measures.

Process Control Systems in the Chemical Industry: Safety vs. Security

Energy Technology Data Exchange (ETDEWEB)

Jeffrey Hahn; Thomas Anderson

2005-04-01

Traditionally, the primary focus of the chemical industry has been safety and productivity. However, recent threats to our nation’s critical infrastructure have prompted a tightening of security measures across many different industry sectors. Reducing vulnerabilities of control systems against physical and cyber attack is necessary to ensure the safety, security and effective functioning of these systems. The U.S. Department of Homeland Security has developed a strategy to secure these vulnerabilities. Crucial to this strategy is the Control Systems Security and Test Center (CSSTC) established to test and analyze control systems equipment. In addition, the CSSTC promotes a proactive, collaborative approach to increase industry's awareness of standards, products and processes that can enhance the security of control systems. This paper outlines measures that can be taken to enhance the cybersecurity of process control systems in the chemical sector.

Increasing the resilience and security of the United States' power infrastructure

Energy Technology Data Exchange (ETDEWEB)

Happenny, Sean F. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States)

2015-08-01

The United States' power infrastructure is aging, underfunded, and vulnerable to cyber attack. Emerging smart grid technologies may take some of the burden off of existing systems and make the grid as a whole more efficient, reliable, and secure. The Pacific Northwest National Laboratory (PNNL) is funding research into several aspects of smart grid technology and grid security, creating a software simulation tool that will allow researchers to test power infrastructure control and distribution paradigms by utilizing different smart grid technologies to determine how the grid and these technologies react under different circumstances. Understanding how these systems behave in real-world conditions will lead to new ways to make our power infrastructure more resilient and secure. Demonstrating security in embedded systems is another research area PNNL is tackling. Many of the systems controlling the U.S. critical infrastructure, such as the power grid, lack integrated security and the aging networks protecting them are becoming easier to attack.

Securing Chinese nuclear power development: further strengthening nuclear security

International Nuclear Information System (INIS)

Zhang Hui

2014-01-01

Chinese President Xi Jinping addresses China's new concept of nuclear security with four 'equal emphasis' at the third Nuclear Security Summit, and makes four commitments to strengthen nuclear security in the future. To convert President Xi's political commitments into practical, sustainable reality, China should take further steps to install a complete, reliable, and effective security system to ensure that all its nuclear materials and nuclear facilities are effectively protected against the full spectrum of plausible terrorist and criminal threats. This paper suggests the following measures be taken to improve China's existing nuclear security system, including updating and clarifying the requirements for a national level DBT; updating and enforcing existing regulations; further promoting nuclear security culture; balancing the costs of nuclear security, and further strengthening international cooperation on nuclear security. (author)

Nuclear Security Systems and Measures for the Detection of Nuclear and Other Radioactive Material out of Regulatory Control. Implementing Guide (Arabic Edition)

International Nuclear Information System (INIS)

2015-01-01

This publication provides guidance to Member States for the development, or improvement of nuclear security systems and measures for the detection of criminal or unauthorized acts with nuclear security implications involving nuclear and other radioactive material out of regulatory control. It describes the elements of an effective nuclear security detection architecture which is composed of an integrated set of nuclear security systems and measures, and is based on an appropriate legal and regulatory framework for the implementation of the national detection strategy. The publication is an implementing guide within the IAEA Nuclear Security Series and is intended for use by national policy makers, legislative bodies, competent authorities, institutions, and individuals involved in the establishment, implementation, maintenance or sustainability of nuclear security systems and measures for the detection of nuclear and other radioactive material out of regulatory control

Data Security Measures in the IT Service Industry: A Balance between Knowledge & Action

Directory of Open Access Journals (Sweden)

N. Mlitwa

2008-12-01

Full Text Available That knowledge is power is fast becoming a cliche within the intelligentsia. Such power however, depends largely on how knowledge itself is exchanged and used, which says a lot about the tools of its transmission, exchange, and storage. Information and communication technology (ICT plays a significant role in this respect. As a networked tool, it enables efficient exchanges of video, audio and text data beyond geographical and time constraints. Since this data is exchanged over the worldwide web (www, it can be accessible by anyone in the world using the internet. The risk of unauthorised access, interception, modification, or even theft of confidential information, leading to financial losses in information dependant competitive institutions is therefore high. Improving efficiencies through ICT therefore, comes with security responsibilities. The problem however is that most organizations tend to focus on task-enhancing efficiencies and neglect security. Possibly due to limited awareness about security, underestimating the problem, concerns about security costs, or through plain negligence. The activity theory of Engestrm and the activity analysis development framework of Mursu et al are used as analytical lenses to the cybercrime challenge in this paper. A practical case study of Company X, an IT service provider in Malawi is then used to understand the extent to which organisations that offer electronic data solutions prioritise security in their operations. It is found that even better informed organisations fall short in taking adequate data security measures. A recommendation for all organisations is that they should not only have a clear policy, but also ensure that it is routinely and consistently implemented throughout the operations if information capital is to be secured. A framework towards a holistic approach to thinking about, and in addressing cybercrime is suggested, and recommended in the paper.

A Study Of Cyber Security Challenges And Its Emerging Trends On Latest Technologies

OpenAIRE

Reddy, G. Nikhita; Reddy, G. J. Ugander

2014-01-01

Cyber Security plays an important role in the field of information technology .Securing the information have become one of the biggest challenges in the present day. When ever we think about the cyber security the first thing that comes to our mind is cyber crimes which are increasing immensely day by day. Various Governments and companies are taking many measures in order to prevent these cyber crimes. Besides various measures cyber security is still a very big concern to many. This paper ma...

Security culture for nuclear facilities

Science.gov (United States)

Gupta, Deeksha; Bajramovic, Edita

2017-01-01

Natural radioactive elements are part of our environment and radioactivity is a natural phenomenon. There are numerous beneficial applications of radioactive elements (radioisotopes) and radiation, starting from power generation to usages in medical, industrial and agriculture applications. But the risk of radiation exposure is always attached to operational workers, the public and the environment. Hence, this risk has to be assessed and controlled. The main goal of safety and security measures is to protect human life, health, and the environment. Currently, nuclear security considerations became essential along with nuclear safety as nuclear facilities are facing rapidly increase in cybersecurity risks. Therefore, prevention and adequate protection of nuclear facilities from cyberattacks is the major task. Historically, nuclear safety is well defined by IAEA guidelines while nuclear security is just gradually being addressed by some new guidance, especially the IAEA Nuclear Security Series (NSS), IEC 62645 and some national regulations. At the overall level, IAEA NSS 7 describes nuclear security as deterrence and detection of, and response to, theft, sabotage, unauthorized access, illegal transfer or other malicious acts involving nuclear, other radioactive substances and their associated facilities. Nuclear security should be included throughout nuclear facilities. Proper implementation of a nuclear security culture leads to staff vigilance and a high level of security posture. Nuclear security also depends on policy makers, regulators, managers, individual employees and members of public. Therefore, proper education and security awareness are essential in keeping nuclear facilities safe and secure.

PeerFlow: Secure Load Balancing in Tor

Directory of Open Access Journals (Sweden)

Johnson Aaron

2017-04-01

Full Text Available We present PeerFlow, a system to securely load balance client traffic in Tor. Security in Tor requires that no adversary handle too much traffic. However, Tor relays are run by volunteers who cannot be trusted to report the relay bandwidths, which Tor clients use for load balancing. We show that existing methods to determine the bandwidths of Tor relays allow an adversary with little bandwidth to attack large amounts of client traffic. These methods include Tor’s current bandwidth-scanning system, TorFlow, and the peer-measurement system EigenSpeed. We present an improved design called PeerFlow that uses a peer-measurement process both to limit an adversary’s ability to increase his measured bandwidth and to improve accuracy. We show our system to be secure, fast, and efficient. We implement PeerFlow in Tor and demonstrate its speed and accuracy in large-scale network simulations.

Conceptual proposals for measuring the impact of international regimes on energy security

International Nuclear Information System (INIS)

Sander, Michael

2013-01-01

The paper proposes two concepts to assess the effect of international regimes on energy security. Existing indicators focus mainly on state-level factors, excluding international influences. International relation scholars on the other hand see a clear connection between international regimes and stable energy relations. International regimes stabilise energy relations by providing frameworks for negotiations, defining, controlling and sanctioning compliance and allowing the actors to engage in package deals. The researcher needs to include these factors in a complete assessment of political energy security risks. As first step, the paper uses the effectiveness of control mechanisms as basis for such consideration. It refers specifically to international arbitration as the most important control mechanism in international energy relations. The simplest measurement option is the share of a county's energy imports covered by a certain regime. The paper applies the Oslo-Potsdam-Solution to account for outcome effectiveness. It applies a variant of the International Regimes Data Base protocol to account for effective regime structures. In a last section, the paper proposes some possible paths for future research. - Highlights: • International regimes mitigate political risks for energy supply and must be considered. • The paper proposes two concepts to measure energy regime effectiveness. • The OPS-variant measures output, the IRDB-variant measures structure effectiveness. • The paper offers a preliminary feasibility test for the concepts. • Finally, it suggests further roads for research

Measuring global water security towards sustainable development goals

Science.gov (United States)

Gain, Animesh K.; Giupponi, Carlo; Wada, Yoshihide

2016-12-01

Water plays an important role in underpinning equitable, stable and productive societies and ecosystems. Hence, United Nations recognized ensuring water security as one (Goal 6) of the seventeen sustainable development goals (SDGs). Many international river basins are likely to experience ‘low water security’ over the coming decades. Water security is rooted not only in the physical availability of freshwater resources relative to water demand, but also on social and economic factors (e.g. sound water planning and management approaches, institutional capacity to provide water services, sustainable economic policies). Until recently, advanced tools and methods are available for the assessment of water scarcity. However, quantitative and integrated—physical and socio-economic—approaches for spatial analysis of water security at global level are not available yet. In this study, we present a spatial multi-criteria analysis framework to provide a global assessment of water security. The selected indicators are based on Goal 6 of SDGs. The term ‘security’ is conceptualized as a function of ‘availability’, ‘accessibility to services’, ‘safety and quality’, and ‘management’. The proposed global water security index (GWSI) is calculated by aggregating indicator values on a pixel-by-pixel basis, using the ordered weighted average method, which allows for the exploration of the sensitivity of final maps to different attitudes of hypothetical policy makers. Our assessment suggests that countries of Africa, South Asia and Middle East experience very low water security. Other areas of high water scarcity, such as some parts of United States, Australia and Southern Europe, show better GWSI values, due to good performance of management, safety and quality, and accessibility. The GWSI maps show the areas of the world in which integrated strategies are needed to achieve water related targets of the SDGs particularly in the African and Asian continents.

76 FR 30986 - Bureau of International Security and Nonproliferation; Imposition of Nonproliferation Measures...

Science.gov (United States)

2011-05-27

... DEPARTMENT OF STATE [Public Notice 7485] Bureau of International Security and Nonproliferation; Imposition of Nonproliferation Measures Against Foreign Persons, Including a Ban on U.S. Government... of foreign entities and one foreign person have engaged in activities that warrant the imposition of...

Technologies to counter aviation security threats

Science.gov (United States)

Karoly, Steve

2017-11-01

The Aviation and Transportation Security Act (ATSA) makes TSA responsible for security in all modes of transportation, and requires that TSA assess threats to transportation, enforce security-related regulations and requirements, and ensure the adequacy of security measures at airports and other transportation facilities. Today, TSA faces a significant challenge and must address a wide range of commercial, military grade, and homemade explosives and these can be presented in an infinite number of configurations and from multiple vectors. TSA screens 2 million passengers and crew, and screens almost 5 million carry-on items and 1.2 million checked bags daily. As TSA explores new technologies for improving efficiency and security, those on the forefront of research and development can help identify unique and advanced methods to combat terrorism. Research and Development (R&D) drives the development of future technology investments that can address an evolving adversary and aviation threat. The goal is to rethink the aviation security regime in its entirety, and rather than focusing security at particular points in the enterprise, distribute security from the time a reservation is made to the time a passenger boards the aircraft. The ultimate objective is to reengineer aviation security from top to bottom with a continued focus on increasing security throughout the system.

Security patterns in practice designing secure architectures using software patterns

CERN Document Server

Fernandez-Buglioni, Eduardo

2013-01-01

Learn to combine security theory and code to produce secure systems Security is clearly a crucial issue to consider during the design and implementation of any distributed software architecture. Security patterns are increasingly being used by developers who take security into serious consideration from the creation of their work. Written by the authority on security patterns, this unique book examines the structure and purpose of security patterns, illustrating their use with the help of detailed implementation advice, numerous code samples, and descriptions in UML. Provides

Security of supply and regulation of energy networks

International Nuclear Information System (INIS)

Jamasb, Tooraj; Pollitt, Michael

2008-01-01

In recent years, the security of energy supplies has re-emerged as a central issue in the energy policy arena in the UK and elsewhere. This re-emergence takes place against a backdrop of increased liberalisation of the energy markets, so that security of supply needs to be revisited within this context. Security of supply is multifaceted, but is often discussed in terms of physical availability of energy sources and their commodity price risk. This paper discusses the relationship between security of supply and network regulation - that is, how the energy networks, and appropriate regulation of them, can contribute to security of supply in liberalised energy sectors. Energy networks are predominantly natural monopolies and as a result are generally subject to regulatory oversight. We discuss a range of issues and trends that pose challenges and opportunities to network regulation and which call for new and innovative measures. The paper identifies a number of areas where network regulation can play a significant role in increasing the security of supply of future energy systems. (author)

Learning Puppet security

CERN Document Server

Slagle, Jason

2015-01-01

If you are a security professional whose workload is increasing, or a Puppet professional looking to increase your knowledge of security, or even an experienced systems administrator, then this book is for you. This book will take you to the next level of security automation using Puppet. The book requires no prior knowledge of Puppet to get started.

Comprehensive legal aid to the participants in criminal proceedings when applying security measures

Directory of Open Access Journals (Sweden)

Fadeev P.V.

2014-12-01

Full Text Available Legal assistance to the participants in criminal procedure is represented as a complex phenomenon, including the features of international legal assistance, qualified legal assistance, as well as the activities of public authorities in criminal proceedings and professional lawyers (attorneys, advocates, representatives to assist physical and legal persons to protect, safeguard and realize their rights and interests. Legal assistance in case of threat to life, health, rights of participants in criminal proceedings is considered. The activity of certain subjects of criminal proceedings aimed at explaining the rights of crime victims is analyzed. The grounds for applying security measures are determined. Proposals for improving part 3 of article 11 of the RF Criminal Procedure Code are made: “3. In case there is a threat of causing physical, property, moral damage or other harm prohibited by criminal law to rights and legitimate interests of the victim, witness or other participants in criminal proceedings as well as their close relatives, relatives or close persons, the court (judge, the prosecutor, the head of the investigative agency, the investigator, the preliminary investigation agency take security measures, provided by part 9 of article 166, part 2 of article 186, part 8 of article 193, paragraph 4 of part 2 of article 241 and part 5 of article 278 of this Code as well as other security measures provided by the RF legislation, in respect of those persons within twenty-four hours on the basis of these persons’ written (oral statement or on their own initiative within their competence”.

Risk Informed Approach for Nuclear Security Measures for Nuclear and Other Radioactive Material out of Regulatory Control. Implementing Guide

International Nuclear Information System (INIS)

2015-01-01

This publication provides guidance to States for developing a risk informed approach and for conducting threat and risk assessments as the basis for the design and implementation of sustainable nuclear security systems and measures for prevention of, detection of, and response to criminal and intentional unauthorised acts involving nuclear and other radioactive material out of regulatory control. It describes concepts and methodologies for a risk informed approach, including identification and assessment of threats, targets, and potential consequences; threat and risk assessment methodologies, and the use of risk informed approaches as the basis for informing the development and implementation of nuclear security systems and measures. The publication is an Implementing Guide within the IAEA Nuclear Security Series and is intended for use by national policy makers, law enforcement agencies and experts from competent authorities and other relevant organizations involved in the establishment, implementation, maintenance or sustainability of nuclear security systems and measures related to nuclear and other radioactive material out of regulatory control

Security Measures in Automated Assessment System for Programming Courses

Directory of Open Access Journals (Sweden)

Jana Šťastná

2015-12-01

Full Text Available A desirable characteristic of programming code assessment is to provide the learner the most appropriate information regarding the code functionality as well as a chance to improve. This can be hardly achieved in case the number of learners is high (500 or more. In this paper we address the problem of risky code testing and availability of an assessment platform Arena, dealing with potential security risks when providing an automated assessment for a large set of source code. Looking at students’ programs as if they were potentially malicious inspired us to investigate separated execution environments, used by security experts for secure software analysis. The results also show that availability issues of our assessment platform can be conveniently resolved with task queues. A special attention is paid to Docker, a virtual container ensuring no risky code can affect the assessment system security. The assessment platform Arena enables to regularly, effectively and securely assess students' source code in various programming courses. In addition to that it is a motivating factor and helps students to engage in the educational process.

Security Locks

Science.gov (United States)

Hart, Kevin

2010-01-01

According to a 2008 "Year in Review" report by Educational Security Incidents, an online repository that collects data on higher education security issues, the total number of security incidents reported at universities and colleges worldwide rose to 173 in 2008, a 24.5 percent increase over 2007. The number of institutions…

Basic security measures for IEEE 802.11 wireless networks

Directory of Open Access Journals (Sweden)

Oscar P. Sarmiento

2008-05-01

Full Text Available This article presents a tutorial/discussion of three commonly-used IEEE 802.11 wireless network security standards: WEP, WPA and WPA2. A detailed analysis of the RC4 algorithm supporting WEP is presented, including its vulnera-bilities. The WPA and WPA2 encryption protocols’ most relevant aspects and technical characteristics are reviewed for a comparative analysis of the three standards in terms of the security they provide. Special attention has been paid to WEP encryption by using an educational simulation tool written in C++ Builder for facilitating the unders-tanding of this protocol at academic level. Two practical cases of wireless security configurations using Cisco net-working equipment are also presented: configuring and enabling WPA-Personal and WPA2-Personal (these being security options used by TKIP and AES, respectively.

Risk assessment for sustainable food security in China according to integrated food security--taking Dongting Lake area for example.

Science.gov (United States)

Qi, Xiaoxing; Liu, Liming; Liu, Yabin; Yao, Lan

2013-06-01

Integrated food security covers three aspects: food quantity security, food quality security, and sustainable food security. Because sustainable food security requires that food security must be compatible with sustainable development, the risk assessment of sustainable food security is becoming one of the most important issues. This paper mainly focuses on the characteristics of sustainable food security problems in the major grain-producing areas in China. We establish an index system based on land resources and eco-environmental conditions and apply a dynamic assessment method based on status assessments and trend analysis models to overcome the shortcomings of the static evaluation method. Using fuzzy mathematics, the risks are categorized into four grades: negligible risk, low risk, medium risk, and high risk. A case study was conducted in one of China's major grain-producing areas: Dongting Lake area. The results predict that the status of the sustainable food security in the Dongting Lake area is unsatisfactory for the foreseeable future. The number of districts at the medium-risk range will increase from six to ten by 2015 due to increasing population pressure, a decrease in the cultivated area, and a decrease in the effective irrigation area. Therefore, appropriate policies and measures should be put forward to improve it. The results could also provide direct support for an early warning system-which could be used to monitor food security trends or nutritional status so to inform policy makers of impending food shortages-to prevent sustainable food security risk based on some classical systematic methods. This is the first research of sustainable food security in terms of risk assessment, from the perspective of resources and the environment, at the regional scale.

Face recognition in securing optical telecom network equipment

International Nuclear Information System (INIS)

Ali, N.M.

2015-01-01

In this paper, face recognition is used with a microcontroller based hardware module to secure the telecommunication equipments like ONU (optical network units) or any other telecommunication equipment. The face recognition classifier value optimization adaption is deployed and in this scheme by increasing or decreasing the number of images in the database will automatically generate and adopt the classifier value for recognition of known and unknown persons. On recognizing and unknown persons. On recognizing an unknown person, the hardware module will send an SMS to the concerned security personnel for security preventive measures. (author)

Measuring energy security. A conceptual note

Energy Technology Data Exchange (ETDEWEB)

Frondel, Manuel; Schmidt, Christoph M.

2008-11-06

Along with the oil price, concerns about the security of energy supply have soared once again in recent years.Yet, more than 30 years after the OPEC oil embargo in 1973, energy security still remains a diffuse concept. This paper conceives a statistical indicator that aims at characterizing the energy supply risk of nations that are heavily dependent on energy imports. Our indicator condenses the bulk of empirical information on the imports of fossil fuels originating from a multitude of export countries as well as data on the indigenous contribution to the domestic energy supply into a single parameter. Applying the proposed concept to empirical energy data on Germany and the U.S. (1980-2004), we find that there is a large gap in the energy supply risks between both countries, with Germany suffering much more from a tensed energy supply situation today than the U.S. (orig.)

Gross anatomy of network security

Science.gov (United States)

Siu, Thomas J.

2002-01-01

Information security involves many branches of effort, including information assurance, host level security, physical security, and network security. Computer network security methods and implementations are given a top-down description to permit a medically focused audience to anchor this information to their daily practice. The depth of detail of network functionality and security measures, like that of the study of human anatomy, can be highly involved. Presented at the level of major gross anatomical systems, this paper will focus on network backbone implementation and perimeter defenses, then diagnostic tools, and finally the user practices (the human element). Physical security measures, though significant, have been defined as beyond the scope of this presentation.

Improving Control System Cyber-State Awareness using Known Secure Sensor Measurements

Energy Technology Data Exchange (ETDEWEB)

Ondrej Linda; Milos Manic; Miles McQueen

2012-09-01

Abstract—This paper presents design and simulation of a low cost and low false alarm rate method for improved cyber-state awareness of critical control systems - the Known Secure Sensor Measurements (KSSM) method. The KSSM concept relies on physical measurements to detect malicious falsification of the control systems state. The KSSM method can be incrementally integrated with already installed control systems for enhanced resilience. This paper reviews the previously developed theoretical KSSM concept and then describes a simulation of the KSSM system. A simulated control system network is integrated with the KSSM components. The effectiveness of detection of various intrusion scenarios is demonstrated on several control system network topologies.

Nuclear Security Systems and Measures for the Detection of Nuclear and Other Radioactive Material out of Regulatory Control. Implementing Guide

International Nuclear Information System (INIS)

2013-01-01

Nuclear terrorism and the illicit trafficking of nuclear and other radioactive material threaten the security of all States. There are large quantities of diverse radioactive material in existence, which are used in areas such as health, the environment, agriculture and industry. The possibility that nuclear and other radioactive material may be used for terrorist acts cannot be ruled out in the current global situation. States have responded to this risk by engaging in a collective commitment to strengthen the protection and control of such material, and to establish capabilities for detection and response to nuclear and other radioactive material out of regulatory control. Through its nuclear security programme, the IAEA supports States to establish, maintain and sustain an effective nuclear security regime. The IAEA has adopted a comprehensive approach to nuclear security. This approach recognizes that an effective national nuclear security regime builds on: the implementation of relevant international legal instruments; information protection; physical protection; material accounting and control; detection of and response to trafficking in nuclear and other radioactive material; national response plans; and contingency measures. Within its nuclear security programme, the IAEA aims to assist States in implementing and sustaining such a regime in a coherent and integrated manner. Each State carries the full responsibility for nuclear security, specifically: to provide for the security of nuclear and other radioactive material and associated facilities and activities; to ensure the security of such material in use, storage or in transport; to combat illicit trafficking; and to detect and respond to nuclear security events. This is an Implementing Guide on nuclear security systems and measures for the detection of nuclear and other radioactive material out of regulatory control. The objective of the publication is to provide guidance to Member States for the

Computer Security: the security marathon

CERN Multimedia

Computer Security Team

2014-01-01

If you believe that “security” is a sprint, that a quick hack is invulnerable, that quick bug fixing is sufficient, that plugging security measures on top of existing structures is good, that once you are secure your life will be easy... then let me convince you otherwise.   An excellent example of this is when the summer students join us at CERN. As the summer period is short, software projects must be accomplished quickly, like a sprint. Rush, rush! But often, this sprint ends with aching muscles. Regularly, these summer students approach us to have their project or web server made visible to the Internet. Regularly, quick security reviews of those web servers diagnose severe underperformance with regards to security: the web applications are flawed or use insecure protocols; the employed software tools, databases or web frameworks are sub-optimal and not adequately chosen for that project; the operating system is non-standard and has never been brought up-to-date; and ...

Modeling Security Aspects of Network

Science.gov (United States)

Schoch, Elmar

With more and more widespread usage of computer systems and networks, dependability becomes a paramount requirement. Dependability typically denotes tolerance or protection against all kinds of failures, errors and faults. Sources of failures can basically be accidental, e.g., in case of hardware errors or software bugs, or intentional due to some kind of malicious behavior. These intentional, malicious actions are subject of security. A more complete overview on the relations between dependability and security can be found in [31]. In parallel to the increased use of technology, misuse also has grown significantly, requiring measures to deal with it.

The Role of the Press in Public Security

Directory of Open Access Journals (Sweden)

Robson Sávio Reis Souza

2007-06-01

Full Text Available The sensational increase in violent criminality in recent years has placed the question of public security on the social agenda. Formerly a matter restricted to a few actors, now the topic of public security has become the center of discussion in an affl icted society in the midst of a notorious increase in violence and criminality. The result of the referendum on the prohibition of the sale of fi rearms and ammunition amplifi ed an obvious popular clamor demanding consistent, lasting and clear measures in the combating and prevention of crime. The media, perceiving the importance of this historic moment (and mainly the power to vocalize this demand of the middle class – their major consumer – has deepened the discussion on this issue, organizing in an increasingly more constant way coverage of public security.

A Crowd-Based Intelligence Approach for Measurable Security, Privacy, and Dependability in Internet of Automated Vehicles with Vehicular Fog

Directory of Open Access Journals (Sweden)

Ashish Rauniyar

2018-01-01

Full Text Available With the advent of Internet of things (IoT and cloud computing technologies, we are in the era of automation, device-to-device (D2D and machine-to-machine (M2M communications. Automated vehicles have recently gained a huge attention worldwide, and it has created a new wave of revolution in automobile industries. However, in order to fully establish automated vehicles and their connectivity to the surroundings, security, privacy, and dependability always remain a crucial issue. One cannot deny the fact that such automatic vehicles are highly vulnerable to different kinds of security attacks. Also, today’s such systems are built from generic components. Prior analysis of different attack trends and vulnerabilities enables us to deploy security solutions effectively. Moreover, scientific research has shown that a “group” can perform better than individuals in making decisions and predictions. Therefore, this paper deals with the measurable security, privacy, and dependability of automated vehicles through the crowd-based intelligence approach that is inspired from swarm intelligence. We have studied three use case scenarios of automated vehicles and systems with vehicular fog and have analyzed the security, privacy, and dependability metrics of such systems. Our systematic approaches to measuring efficient system configuration, security, privacy, and dependability of automated vehicles are essential for getting the overall picture of the system such as design patterns, best practices for configuration of system, metrics, and measurements.

Pro PHP Security From Application Security Principles to the Implementation of XSS Defenses

CERN Document Server

Snyder, Chris; Southwell, Michael

2010-01-01

PHP security, just like PHP itself, has advanced. Updated for PHP 5.3, the second edition of this authoritative PHP security book covers foundational PHP security topics like SQL injection, XSS, user authentication, and secure PHP development. Chris Snyder and Tom Myer also dive into recent developments like mobile security, the impact of Javascript, and the advantages of recent PHP hardening efforts. Pro PHP Security, Second Edition will serve as your complete guide for taking defensive and proactive security measures within your PHP applications. Beginners in secure programming will find a l

Android security cookbook

CERN Document Server

Makan, Keith

2013-01-01

Android Security Cookbook' breaks down and enumerates the processes used to exploit and remediate Android app security vulnerabilities in the form of detailed recipes and walkthroughs.""Android Security Cookbook"" is aimed at anyone who is curious about Android app security and wants to be able to take the necessary practical measures to protect themselves; this means that Android application developers, security researchers and analysts, penetration testers, and generally any CIO, CTO, or IT managers facing the impeding onslaught of mobile devices in the business environment will benefit from

Securing public transportation systems an integrated decision analysis framework for the prevention of terrorist attacks as example

CERN Document Server

Brauner, Florian

2017-01-01

Florian Brauner addresses the risk reduction effects of security measures (SecMe) as well as economic and social effects using terrorist threats in public transportation as use case. SecMe increase the level of security but cause interferences and restrictions for customers (e.g. privacy). This study identifies the interferences and analyzes the acceptance with an empirical survey of customers. A composite indicator for the acceptance of different SecMe is developed and integrated into a risk management framework for multi-criteria decision analysis achieving the right balance of risk reduction, costs, and social acceptance. Contents Assessment of Security Measures for Risk Management Measurement of Objective Effectiveness of Security Measures Against Terrorist Attacks Determination of Subjective Effects of Security Measures (Customer Acceptance Analysis) Cost Analysis of Security Measures Multi-Criteria Decision Support Systems Target Groups Scientists with Interest in Civil Security Research Providers and S...

Measuring energy security performance within China: Toward an inter-provincial prospective

International Nuclear Information System (INIS)

Zhang, Long; Yu, Jing; Sovacool, Benjamin K.; Ren, Jingzheng

2017-01-01

China has been the world's largest energy consumer and producer for many years, yet while myriad studies have investigated Chinese performance on energy metrics compared to other countries, few to none have looked internally at Chinese provinces. This paper firstly develops a five-dimensional evaluation system centered on the energy security dimensions of availability and diversity, affordability and equality, technology and efficiency, environmental sustainability, and governance and innovation. It then correlates these dimensions to 20 distinct energy security metrics that are used to assess the energy security performance of 30 Chinese provinces, divided into eight regions. Our results reveal both trends in energy policy and practice as well as provincial status of comparative energy security for the year 2013. We find, for instance, that there is no province which performs well in all five of the energy security dimensions, and that all provinces confronted threats related to energy availability and diversity. We also demonstrate that in comparative terms, the Middle Reaches of Yellow River and the Northwest were the most energy-secure, while the Middle Reaches of Yangtze River and the Northeast were least energy-secure. - Highlights: • We assessed energy security for 30 Chinese provinces across five dimensions. • Fuzzy AHP, PROMETHEE and Sensitivity Analysis are used to investigate. • Western provinces perform better performance than eastern provinces in 2013. • Energy availability and diversity is the most severe threat facing China's energy security. • Developing renewable energy will help improve China's Provincial energy security significantly.

CLOUD SECURITY AND COMPLIANCE - A SEMANTIC APPROACH IN END TO END SECURITY

OpenAIRE

Kalaiprasath, R.; Elankavi, R.; Udayakumar, R.

2017-01-01

The Cloud services are becoming an essential part of many organizations. Cloud providers have to adhere to security and privacy policies to ensure their users' data remains confidential and secure. Though there are some ongoing efforts on developing cloud security standards, most cloud providers are implementing a mish-mash of security and privacy controls. This has led to confusion among cloud consumers as to what security measures they should expect from the cloud services, and whether thes...

Security of Radioactive Waste

International Nuclear Information System (INIS)

Goldammer, W.

2003-01-01

Measures to achieve radioactive waste security are discussed. Categorization of waste in order to implement adequate and consistent security measures based on potential consequences is made. The measures include appropriate treatment/storage/disposal of waste to minimize the potential and consequences of malicious acts; management of waste only within an authorised, regulated, legal framework; management of the security of personnel and information; measures to minimize the acquisition of radioactive waste by those with malicious intent. The specific measures are: deter unauthorized access to the waste; detect any such attempt or any loss or theft of waste; delay unauthorized access; provide timely response to counter any attempt to gain unauthorised access; measures to minimize acts of sabotage; efforts to recover any lost or stolen waste; mitigation and emergency plans in case of release of radioactivity. An approach to develop guidance, starting with the categorisation of sources and identification of dangerous sources, is presented. Dosimetric criteria for internal and external irradiation are set. Different exposure scenarios are considered. Waste categories and security categories based on the IAEA INFCIRC/225/Rev.4 are presented

Generic System for Remote Testing and Calibration of Measuring Instruments: Security Architecture

Science.gov (United States)

Jurčević, M.; Hegeduš, H.; Golub, M.

2010-01-01

Testing and calibration of laboratory instruments and reference standards is a routine activity and is a resource and time consuming process. Since many of the modern instruments include some communication interfaces, it is possible to create a remote calibration system. This approach addresses a wide range of possible applications and permits to drive a number of different devices. On the other hand, remote calibration process involves a number of security issues due to recommendations specified in standard ISO/IEC 17025, since it is not under total control of the calibration laboratory personnel who will sign the calibration certificate. This approach implies that the traceability and integrity of the calibration process directly depends on the collected measurement data. The reliable and secure remote control and monitoring of instruments is a crucial aspect of internet-enabled calibration procedure.

Secure and Authenticated Data Communication in Wireless Sensor Networks

Directory of Open Access Journals (Sweden)

Omar Alfandi

2015-08-01

Full Text Available Securing communications in wireless sensor networks is increasingly important as the diversity of applications increases. However, even today, it is equally important for the measures employed to be energy efficient. For this reason, this publication analyzes the suitability of various cryptographic primitives for use in WSNs according to various criteria and, finally, describes a modular, PKI-based framework for confidential, authenticated, secure communications in which most suitable primitives can be employed. Due to the limited capabilities of common WSN motes, criteria for the selection of primitives are security, power efficiency and memory requirements. The implementation of the framework and the singular components have been tested and benchmarked in our testbed of IRISmotes.

Cost-effectiveness of Security Measures: A model-based Framework

NARCIS (Netherlands)

Pieters, Wolter; Probst, Christian W.; Lukszo, Zofia; Montoya, L.; Tsiakis, Theodosios; Kargidis, Theodorus; Katsaros, Panagiotis

Recently, cyber security has become an important topic on the agenda of many organisations. It is already widely acknowledged that attacks do happen, and decision makers face the problem of how to respond. As it is almost impossible to secure a complex system completely, it is important to have an

ANTI-CORRUPTION MEASURES FOR CORPORATE SECURITY

Directory of Open Access Journals (Sweden)

Natasha Georgieva Hadji Krsteski

2017-04-01

Full Text Available Corporate security should commit to ethical management and raising the quality of companies and markets through improving cooperation and transparency by applying anticorruption measures such as accepting a code of ethics; respect and follow international business principles for dealing with bribery; improve their transparency - via access to information; involvement in politics to protect persons who disclose corruption cases; and improving corporate governance - through active mutual discussions on adjustment of legal regulations. Research methods used in the paper are: qualitative analysis of secondary data obtained from relevant institutions. Results obtained from the survey include fighting corruption in corporations must find a unique solution that is long-term strategy developed transparent society crucial criteria and principles to meet the political criteria by the fulfillment of anti-corruption standards; it requires continuous cooperation of public and private sector, NGOs and the general corpus of all stakeholders in the country against corruption; the lack of a legal framework or platform for establishing public and private partnerships, is an important factor for anti-corruption measures to improve corporate governance; mechanisms for cooperation does not seem sufficiently developed between the public, private, political and civil society; the most important factor to tackle corruption is to adopt a law on public prosecutors and determination of higher norms and standards. Conclusions drawn from the survey: in the area of pre-trial procedure requires shifting responsibilities of Interior Ministry body training in the area of the judicial system; it is necessary to change the Criminal Code and Criminal Procedure Code by changing certain legal provisions which refer to the Agency for money laundering SCCP, a financial police and overall legislation.

Mutual Payments in Increase of the Level of Economic Security of Energy Generating Enterprises

Directory of Open Access Journals (Sweden)

Ruzhytskyi Andrіy V

2013-12-01

Full Text Available The article presents main approaches to the essence of the economic security of an enterprise notion, namely, approach of counter-action to threats, approach of successful market activity and approach of achievement of certain development goals; it identifies the role of economic security of energy generating enterprises in economic security of other subjects and the country in general; it offers definition of the economic security of an enterprise notion as a complex characteristic of the state of the enterprise that reflects the level of the enterprise possibility to ensure functioning and development; it marks out functional components of economic security, which are connected with mutual payments, namely, financial, personnel, technical and technological, political and legal, informational and interface ones; it presents connection of mutual payments with the level of financial component of economic security of enterprises, which envisages financial flow from or to the enterprise for changing the obligation status or its quantitative characteristics.

Cyber Security Scenarios and Control for Small and Medium Enterprises

Directory of Open Access Journals (Sweden)

Nilaykumar Kiran SANGANI

2012-01-01

Full Text Available As the world advances towards the computing era, security threats keeps on increasing in the form of malware, viruses, internet attack, theft of IS assets / technology and a lot more. This is a major concern for any form of business. Loss in company’s status / liability / reputation is a huge downfall for a running business. We have witnessed the attacks getting carried out; large firm’s data getting breached / government bodies’ sites getting phished / attacked. These huge entities have technology expertise to safeguard their company’s interest against such attacks through investing huge amounts of capital in manpower and secure tools. But what about SMEs? SMEs enrich a huge part of the country’s economy. Big organizations have their own security measures policy which ideally is not applied when it comes to a SME. The aim of this paper is to come out with an Information Security Assurance Cyber Control for SMEs (ISACC against common cyber security threats implemented at a cost effective measure.

Freedom or security - the unsolvable dilemma of atomic energy

International Nuclear Information System (INIS)

Rossnagel, A.

1989-01-01

The threat of a non-peaceful use of atomic energy is not a fixed quantity. The hazard may increase depending on the social situation and the insentity of social crises emerging. In view of the damage potential involved with atomic energy, the principle of 'dynamic protection of civil rights' requires security measures to be intensified according to growing threat. The restrictions of freedom connected with enhanced security measures are to be felt already today. The pressure for security of nuclear installations or material creates a dilemma: any security step-up will be done at the expense of freedom, and conserving freedom will mean reducing security. The pressure for security which is achieved by the instruments of balancing the objects of legal protection and following the principle of reasonablenesse, will eventually lead to a de facto decline of the civil rights by way of a clandestine and gradual change of legal terms and definitions. We even then would be living in a constitutional state. But what will freedom then mean? The civil rights would still be incorporated in our Basic Law, but protection in practical life will have been decreased. (orig./HSCH) [de

Impact of Security Awareness Programs on End-User Security Behavior: A Quantitative Study of Federal Workers

Science.gov (United States)

Smith, Gwendolynn T.

2012-01-01

The increasing dependence on technology presented more vulnerability to security breaches of information and the need to assess security awareness levels in federal organizations, as well as other organizations. Increased headlines of security breaches of federal employees' security actions prompted this study. The research study reviewed the…

Factor structure of the Essen Climate Evaluation Schema measure of social climate in a UK medium-security setting.

Science.gov (United States)

Milsom, Sophia A; Freestone, Mark; Duller, Rachel; Bouman, Marisa; Taylor, Celia

2014-04-01

Social climate has an influence on a number of treatment-related factors, including service users' behaviour, staff morale and treatment outcomes. Reliable assessment of social climate is, therefore, beneficial within forensic mental health settings. The Essen Climate Evaluation Schema (EssenCES) has been validated in forensic mental health services in the UK and Germany. Preliminary normative data have been produced for UK high-security national health services and German medium-security and high-security services. We aim to validate the use of the EssenCES scale (English version) and provide preliminary normative data in UK medium-security hospital settings. The EssenCES scale was completed in a medium-security mental health service as part of a service-wide audit. A total of 89 patients and 112 staff completed the EssenCES. The three-factor structure of the EssenCES and its internal construct validity were maintained within the sample. Scores from this medium-security hospital sample were significantly higher than those from earlier high-security hospital data, with three exceptions--'patient cohesion' according to the patients and 'therapeutic hold' according to staff and patients. Our data support the use of the EssenCES scale as a valid measure for assessing social climate within medium-security hospital settings. Significant differences between the means of high-security and medium-security service samples imply that degree of security is a relevant factor affecting the ward climate and that in monitoring quality of secure services, it is likely to be important to apply different scores to reflect standards. Copyright © 2013 John Wiley & Sons, Ltd.

Measuring the Effectiveness of Information Security Training: A Comparative Analysis of Computer-Based Training and Instructor-Based Training

Science.gov (United States)

Kim, Philip

2010-01-01

Financial institutions are increasingly finding difficulty defending against information security risks and threats, as they are often the number one target for information thieves. An effective information security training and awareness program can be a critical component of protecting an organization's information assets. Many financial…

Overview of security culture

International Nuclear Information System (INIS)

Matulanya, M. A.

2014-04-01

Nuclear Security culture concept has been aggressively promoted over the past several years as a tool to improve the physical protection of the nuclear and radioactive materials due to growing threats of catastrophic terrorism and other new security challenges. It is obvious that, the scope of nuclear security and the associated cultures need to be extended beyond the traditional task of protecting weapons-usable materials. The role of IAEA is to strengthen the nuclear security framework globally and in leading the coordination of international activities in this field. Therefore all governments should work closely with the IAEA to take stronger measures to ensure the physical protection, the safety and security of the nuclear and radioactive materials. In the effort to reflect this new realities and concerns, the IAEA in 2008 came up with the document, the Nuclear Security Culture, Nuclear Security Series No. 7, Implementing Guide to the member states which urged every member state to take appropriate measures to promote security culture with respect to nuclear and radioactive materials. The document depicted this cultural approach as the way to protect individual, society and the environment. Among other things, the document defined nuclear security culture as characteristics and attitudes in organizations and of individuals which establishes that, nuclear security issues receives attention warranted by their significance. (au)

Nuclear Security Education Program at the Pennsylvania State University

International Nuclear Information System (INIS)

Uenlue, Kenan; Jovanovic, Igor

2015-01-01

The availability of trained and qualified nuclear and radiation security experts worldwide has decreased as those with hands-on experience have retired while the demand for these experts and skills have increased. The U.S. Department of Energy's National Nuclear Security Administration's (NNSA) Global Threat Reduction Initiative (GTRI) has responded to the continued loss of technical and policy expertise amongst personnel and students in the security field by initiating the establishment of a Nuclear Security Education Initiative, in partnership with Pennsylvania State University (PSU), Texas A and M (TAMU), and Massachusetts Institute of Technology (MIT). This collaborative, multi-year initiative forms the basis of specific education programs designed to educate the next generation of personnel who plan on careers in the nonproliferation and security fields with both domestic and international focus. The three universities worked collaboratively to develop five core courses consistent with the GTRI mission, policies, and practices. These courses are the following: Global Nuclear Security Policies, Detectors and Source Technologies, Applications of Detectors/Sensors/Sources for Radiation Detection and Measurements Nuclear Security Laboratory, Threat Analysis and Assessment, and Design and Analysis of Security Systems for Nuclear and Radiological Facilities. The Pennsylvania State University (PSU) Nuclear Engineering Program is a leader in undergraduate and graduate-level nuclear engineering education in the USA. The PSU offers undergraduate and graduate programs in nuclear engineering. The PSU undergraduate program in nuclear engineering is the largest nuclear engineering programs in the USA. The PSU Radiation Science and Engineering Center (RSEC) facilities are being used for most of the nuclear security education program activities. Laboratory space and equipment was made available for this purpose. The RSEC facilities include the Penn State Breazeale

Nuclear Security Education Program at the Pennsylvania State University

Energy Technology Data Exchange (ETDEWEB)

Uenlue, Kenan [The Pennsylvania State University, Radiation Science and Engineering Center, University Park, PA 16802-2304 (United States); The Pennsylvania State University, Department of Mechanical and Nuclear Engineering, University Park, PA 16802-2304 (United States); Jovanovic, Igor [The Pennsylvania State University, Department of Mechanical and Nuclear Engineering, University Park, PA 16802-2304 (United States)

2015-07-01

The availability of trained and qualified nuclear and radiation security experts worldwide has decreased as those with hands-on experience have retired while the demand for these experts and skills have increased. The U.S. Department of Energy's National Nuclear Security Administration's (NNSA) Global Threat Reduction Initiative (GTRI) has responded to the continued loss of technical and policy expertise amongst personnel and students in the security field by initiating the establishment of a Nuclear Security Education Initiative, in partnership with Pennsylvania State University (PSU), Texas A and M (TAMU), and Massachusetts Institute of Technology (MIT). This collaborative, multi-year initiative forms the basis of specific education programs designed to educate the next generation of personnel who plan on careers in the nonproliferation and security fields with both domestic and international focus. The three universities worked collaboratively to develop five core courses consistent with the GTRI mission, policies, and practices. These courses are the following: Global Nuclear Security Policies, Detectors and Source Technologies, Applications of Detectors/Sensors/Sources for Radiation Detection and Measurements Nuclear Security Laboratory, Threat Analysis and Assessment, and Design and Analysis of Security Systems for Nuclear and Radiological Facilities. The Pennsylvania State University (PSU) Nuclear Engineering Program is a leader in undergraduate and graduate-level nuclear engineering education in the USA. The PSU offers undergraduate and graduate programs in nuclear engineering. The PSU undergraduate program in nuclear engineering is the largest nuclear engineering programs in the USA. The PSU Radiation Science and Engineering Center (RSEC) facilities are being used for most of the nuclear security education program activities. Laboratory space and equipment was made available for this purpose. The RSEC facilities include the Penn State Breazeale

FINANCIAL STABILITY AS A FACTOR ECONOMIC SECURITY

Directory of Open Access Journals (Sweden)

A. V. Endovitskaya

2015-01-01

Full Text Available Summary. The article examines the linkages between financial stability and the level of its economic security. Considered the content of financial stability, represented by its own definition, we studied the basic conditions to achieve it. The logic diagram showing the location of financial stability and financial security to ensure the economic security of the business entity. A system of internal and external factors affecting the financial stability and endanger financial stability and financial security company. It has been established that it is the internal factors such as the availability of financial resources and financial position, capital structure, the company's ability to generate profits determine the level of economic security and its ability to withstand the negative impact of external and internal threats. The necessity of improving the financial sustainability in order to improve the economic security of the enterprise. On the basis of the research proposed matrix of risks affecting the financial stability and economic security, which allows to determine the probability of their occurrence and impact. It presents the economic, social, human, financial, organizational, economic, innovative and productive tools to increase the stability and financial security of an economic entity. List considered standard measures will make a plan of action to minimize the adverse impacts and enhance financial stability and security. Therefore, a prerequisite for the economic security of the enterprise is the attainment of financial stability.

Interface for safety and security of radioactive sources

International Nuclear Information System (INIS)

Seggane, Richard

2016-04-01

In facilities and activities involving use of radiation sources, safety and security measures have in common the aim of protecting human life and health and the environment. In addition, safety and security measures must be designed and implemented in an integrated manner, so that security measures do not compromise safety and safety measures do not compromise security measures. This work reviewed issues related to establishing a clear interface between safety and security of radiation sources. The Government, the Regulatory Authority and licensee/registrants and other relevant stakeholders should work together and contribute to ensure that safety and security of sources is ensured and well interfaced. A Radiotherapy facility has been used as a case study. (au)

Contemporary security management

CERN Document Server

Fay, John

2010-01-01

Contemporary Security Management, 3rd Edition teaches security professionals how to operate an efficient security department and how to integrate smoothly with other groups inside and outside their own organizations. Fay demonstrates the specifics of security management: * how to organize, plan, develop and manage a security operation. * how to identify vulnerabilities. * how to determine the protective resources required to offset threats. * how to implement all necessary physical and IT security measures. Security professionals share the responsibility for mitigating damage, serving as a resource to an Emergency Tactical Center, assisting the return of business continuity, and liaising with local response agencies such as police and fire departments, emergency medical responders, and emergency warning centers. At the organizational level, the book addresses budgeting, employee performance, counseling, hiring and termination, employee theft and other misconduct, and offers sound advice on building constructi...

Electromigration early resistance increase measurements

NARCIS (Netherlands)

Niehof, J.; Flinn, P.A.; Maloney, T.J.

1993-01-01

An early resistance change measurement set-up, using an AC bridge technique, has been developed, and measurements have been performed. Large sample-to-sample variations occur. The characteristic time for the resistance change curve is shorter for resistance increase (under current stress) than for

Policies and measures for economic efficiency, energy security and environment protection in India

International Nuclear Information System (INIS)

Venkaiah, M.; Kaushik, S.C.; Dewangan, M.L.

2007-01-01

India needs to sustain 8-10% economic growth to meet energy needs of people below poverty line. India would, at least, need to grow its primary energy supply (3-4 times) of present consumption to deliver a sustained growth of 8% by 2031. This paper discusses India's policies and measures for economic efficiency, environment protection and energy security (3-E). (author)

The Challenges of Balancing Safety and Security in Implantable Medical Devices.

Science.gov (United States)

Katzis, Konstantinos; Jones, Richard W; Despotou, George

2016-01-01

Modern Implantable Medical Devices (IMDs), implement capabilities that have contributed significantly to patient outcomes, as well as quality of life. The ever increasing connectivity of IMD's does raise security concerns though there are instances where implemented security measures might impact on patient safety. The paper discusses challenges of addressing both of these attributes in parallel.

Preventing School Bullying: Should Schools Prioritize an Authoritative School Discipline Approach over Security Measures?

Science.gov (United States)

Gerlinger, Julie; Wo, James C.

2016-01-01

A common response to school violence features the use of security measures to deter serious and violent incidents. However, a second approach, based on school climate theory, suggests that schools exhibiting authoritative school discipline (i.e., high structure and support) might more effectively reduce school disorder. We tested these approaches…

​Improving potato production for increased food security of ...

International Development Research Centre (IDRC) Digital Library (Canada)

The challenge. In Colombia, food security is a national concern, and indigenous communities of Nariño are among the most food insecure in the country. Potato is the staple food crop and main source of family income for the region's smallholder farms — many of which are headed by women. One of the biggest threats to ...

Reasons in Support of Data Security and Data Security Management as Two Independent Concepts: A New Model

Science.gov (United States)

Moghaddasi, Hamid; Kamkarhaghighi, Mehran

2016-01-01

Introduction: Any information which is generated and saved needs to be protected against accidental or intentional losses and manipulations if it is to be used by the intended users in due time. As such, information managers have adopted numerous measures to achieve data security within data storage systems, along with the spread of information technology. Background: The “data security models” presented thus far have unanimously highlighted the significance of data security management. For further clarification, the current study first introduces the “needs and improvement” cycle; the study will then present some independent definitions, together with a support umbrella, in an attempt to shed light on the data security management. Findings: Data security focuses on three features or attributes known as integrity, identity of sender(s) and identity of receiver(s). Management in data security follows an endless evolutionary process, to keep up with new developments in information technology and communication. In this process management develops new characteristics with greater capabilities to achieve better data security. The characteristics, continuously increasing in number, with a special focus on control, are as follows: private zone, confidentiality, availability, non-repudiation, possession, accountability, authenticity, authentication and auditability. Conclusion: Data security management steadily progresses, resulting in more sophisticated features. The developments are in line with new developments in information and communication technology and novel advances in intrusion detection systems (IDS). Attention to differences between data security and data security management by international organizations such as the International Standard Organization (ISO), and International Telecommunication Union (ITU) is necessary if information quality is to be enhanced. PMID:27857823

Reasons in Support of Data Security and Data Security Management as Two Independent Concepts: A New Model.

Science.gov (United States)

Moghaddasi, Hamid; Sajjadi, Samad; Kamkarhaghighi, Mehran

2016-01-01

Any information which is generated and saved needs to be protected against accidental or intentional losses and manipulations if it is to be used by the intended users in due time. As such, information managers have adopted numerous measures to achieve data security within data storage systems, along with the spread of information technology. The "data security models" presented thus far have unanimously highlighted the significance of data security management. For further clarification, the current study first introduces the "needs and improvement" cycle; the study will then present some independent definitions, together with a support umbrella, in an attempt to shed light on the data security management. Data security focuses on three features or attributes known as integrity, identity of sender(s) and identity of receiver(s). Management in data security follows an endless evolutionary process, to keep up with new developments in information technology and communication. In this process management develops new characteristics with greater capabilities to achieve better data security. The characteristics, continuously increasing in number, with a special focus on control, are as follows: private zone, confidentiality, availability, non-repudiation, possession, accountability, authenticity, authentication and auditability. Data security management steadily progresses, resulting in more sophisticated features. The developments are in line with new developments in information and communication technology and novel advances in intrusion detection systems (IDS). Attention to differences between data security and data security management by international organizations such as the International Standard Organization (ISO), and International Telecommunication Union (ITU) is necessary if information quality is to be enhanced.

Guidelines for computer security in general practice.

Science.gov (United States)

Schattner, Peter; Pleteshner, Catherine; Bhend, Heinz; Brouns, Johan

2007-01-01

As general practice becomes increasingly computerised, data security becomes increasingly important for both patient health and the efficient operation of the practice. To develop guidelines for computer security in general practice based on a literature review, an analysis of available information on current practice and a series of key stakeholder interviews. While the guideline was produced in the context of Australian general practice, we have developed a template that is also relevant for other countries. Current data on computer security measures was sought from Australian divisions of general practice. Semi-structured interviews were conducted with general practitioners (GPs), the medical software industry, senior managers within government responsible for health IT (information technology) initiatives, technical IT experts, divisions of general practice and a member of a health information consumer group. The respondents were asked to assess both the likelihood and the consequences of potential risks in computer security being breached. The study suggested that the most important computer security issues in general practice were: the need for a nominated IT security coordinator; having written IT policies, including a practice disaster recovery plan; controlling access to different levels of electronic data; doing and testing backups; protecting against viruses and other malicious codes; installing firewalls; undertaking routine maintenance of hardware and software; and securing electronic communication, for example via encryption. This information led to the production of computer security guidelines, including a one-page summary checklist, which were subsequently distributed to all GPs in Australia. This paper maps out a process for developing computer security guidelines for general practice. The specific content will vary in different countries according to their levels of adoption of IT, and cultural, technical and other health service factors. Making

Measuring the Foundation of Homeland Security

Science.gov (United States)

2007-03-01

Pirak Kevin Eack Susan Pyle Chuck Eaneff Joseph Saitta Susan Fernandez Shelly Schechter Helen Fitzpatrick Rick Schwein Jay...multiple disciplines. The scope of this literature review is to cast a broad net and then narrow to specific literature related to Homeland Security...Suez Canal. His successes as a planner, diplomat and promoter made him the most celebrated man in Europe. Because of these successes, De Lesseps

Scripting Quality of Security Service (QoSS) Safeguard Measures for the Suggested INFOCON System

National Research Council Canada - National Science Library

Guild, Jennifer

2004-01-01

.... The focus will be on the security of the DOD information infrastructure and the accomplishment of the mission, as well as the usability and the standardization of the INFOCON warning system. The end result is a prototype that is a set of predefined escalation scripts for the evolved INFOCON system's safeguard measures.

Indicators for energy security

International Nuclear Information System (INIS)

Kruyt, Bert; Van Vuuren, D.P.; De Vries, H.J.M.; Groenenberg, H.

2009-01-01

The concept of energy security is widely used, yet there is no consensus on its precise interpretation. In this research, we have provided an overview of available indicators for long-term security of supply (SOS). We distinguished four dimensions of energy security that relate to the availability, accessibility, affordability and acceptability of energy and classified indicators for energy security according to this taxonomy. There is no one ideal indicator, as the notion of energy security is highly context dependent. Rather, applying multiple indicators leads to a broader understanding. Incorporating these indicators in model-based scenario analysis showed accelerated depletion of currently known fossil resources due to increasing global demand. Coupled with increasing spatial discrepancy between consumption and production, international trade in energy carriers is projected to have increased by 142% in 2050 compared to 2008. Oil production is projected to become increasingly concentrated in a few countries up to 2030, after which production from other regions diversifies the market. Under stringent climate policies, this diversification may not occur due to reduced demand for oil. Possible benefits of climate policy include increased fuel diversity and slower depletion of fossil resources. (author)

Security guide for subcontractors

Energy Technology Data Exchange (ETDEWEB)

Adams, R.C.

1993-06-01

This guide is provided to aid in the achievement of security objectives in the Department of Energy (DOE) contractor/subcontractor program. The objectives of security are to protect information that, if released, would endanger the common defense and security of the nation and to safeguard plants and installations of the DOE and its contractors to prevent the interruption of research and production programs. The security objective and means of achieving the objective are described. Specific security measures discussed in this guide include physical barriers, personnel identification systems, personnel and vehicular access control, classified document control, protection of classified matter in use, storing classified matter, and repository combinations. Means of dealing with security violations and security infractions are described. Maintenance of a security education program is discussed. Also discussed are methods of handling clearance terminations, visitor control, travel to sensitive countries, and shipment security. The Technical Surveillance Countermeasures Program (TSCM), the Computer Security Program, and the Operations Security Plan (OPSEC) are examined.

Grid Security

CERN Multimedia

CERN. Geneva

2004-01-01

The aim of Grid computing is to enable the easy and open sharing of resources between large and highly distributed communities of scientists and institutes across many independent administrative domains. Convincing site security officers and computer centre managers to allow this to happen in view of today's ever-increasing Internet security problems is a major challenge. Convincing users and application developers to take security seriously is equally difficult. This paper will describe the main Grid security issues, both in terms of technology and policy, that have been tackled over recent years in LCG and related Grid projects. Achievements to date will be described and opportunities for future improvements will be addressed.

Finding Security Patterns to Countermeasure Software Vulnerabilities

OpenAIRE

Borstad, Ole Gunnar

2008-01-01

Software security is an increasingly important part of software development as the risk from attackers is constantly evolving through increased exposure, threats and economic impact of security breaches. Emerging security literature describes expert knowledge such as secure development best practices. This knowledge is often not applied by software developers because they lack security awareness, security training and secure development methods and tools. Existing methods and tools require to...

The corporate security professional

DEFF Research Database (Denmark)

Petersen, Karen Lund

2013-01-01

In our age of globalization and complex threat environments, every business is called upon to manage security. This tendency is reflected in the fact that a wide range of businesses increasingly think about security in broad terms and strive to translate national security concerns into corporate...... speech. This article argues that the profession of the security manager has become central for understanding how the relationship between national and corporate security is currently negotiated. The national security background of most private sector security managers makes the corporate security...... professional inside the company a powerful hybrid agent. By zooming in on the profession and the practice of national security inside companies, the article raises questions about where to draw the line between corporate security and national security along with the political consequences of the constitution...

Smart security proven practices

CERN Document Server

Quilter, J David

2014-01-01

Smart Security: Understanding and Contributing to the Business is a video presentation. Length: 68 minutes. In Smart Security: Understanding and Contributing to the Business, presenter J. David Quilter demonstrates the benefits of how a fully integrated security program increases business profits and delivers smart security practices at the same time. The presentation does away with the misconception that security is only an expense. In fact, a well-integrated security program can protect business interests, thereby enhancing productivity and net income. Quilter covers cost analysis and secu

Secure E-Commerce Protocol

OpenAIRE

Khalid Haseeb, Muhammad Arshad, Shoukat Ali, Shazia Yasin

2011-01-01

E-commerce has presented a new way of doing business all over the world using internet.Organizations have changed their way of doing business from a traditional approach to embrace ecommerceprocesses. As individuals and businesses increase information sharing, a concernregarding the exchange of money securely and conveniently over the internet increases. Therefore,security is a necessity in an e-commerce transaction. The purpose of this paper is to present atoken based Secure E-commerce Proto...

Characterizing the IPv6 Security Landscape by Large-Scale Measurements

NARCIS (Netherlands)

Hendriks, Luuk; Sperotto, Anna; Pras, Aiko

2015-01-01

Networks are transitioning from IP version 4 to the new version 6. Fundamental differences in the protocols introduce new security challenges with varying levels of evidence. As enabling IPv6 in an existing network is often already challenging on the functional level, security aspects are

Method to control the persons permitted to enter plants with increased security requirements and personnel lock for such plants

International Nuclear Information System (INIS)

Blaser, E.; Eickhoff, H.; Tretschoks, W.

1978-01-01

The personnel lock for a plant with increased security requirements, e.g. a nuclear power plant, has got two lock gates. Only persons whose right to enter has been established by the control equipment will be admitted to the lock chamber. For this purpose an identification recess is built in front of the first access to the lock chamber, where size, weight and the contours of the persons wanting to enter are roughly measured and compared with a code card carried along. The weight is established by a balance forming part of the base of the recess. By means of contact surfaces in the region of knees, upper thigh, chest and shoulder an upright position of the person is guaranteed. Scanning of the physical dimensions is performed with laser, infrared and light barriers. (DG) [de

Conceptualizing energy security

International Nuclear Information System (INIS)

Winzer, Christian

2012-01-01

Energy security is one of the main targets of energy policy. However, the term has not been clearly defined, which makes it hard to measure and difficult to balance against other policy objectives. We review the multitude of definitions of energy security. They can be characterized according to the sources of risk, the scope of the impacts, and the severity filters in the form of the speed, size, sustention, spread, singularity and sureness of impacts. Using a stylized case study for three European countries, we illustrate how the selection of conceptual boundaries along these dimensions determines the outcome. This can be avoided by more clearly separating between security of supply and other policy objectives. This leads us to the definition of energy security as the continuity of energy supplies relative to demand. - Highlights: ► The widest energy security concept includes all risks that are caused by or have an impact on the energy supply chain. ► Authors narrow this down by choosing different risk sources, impact measures and subjective severity filters in their definitions. ► The selection of conceptual boundaries determines outcome of quantitative studies.

Reconciling privacy and security

NARCIS (Netherlands)

Lieshout, M.J. van; Friedewald, M.; Wright, D.; Gutwirth, S.

2013-01-01

This paper considers the relationship between privacy and security and, in particular, the traditional "trade-off" paradigm. The issue is this: how, in a democracy, can one reconcile the trend towards increasing security (for example, as manifested by increasing surveillance) with the fundamental

Secure Data Transfer Guidance for Industrial Control and SCADA Systems

Energy Technology Data Exchange (ETDEWEB)

Mahan, Robert E.; Fluckiger, Jerry D.; Clements, Samuel L.; Tews, Cody W.; Burnette, John R.; Goranson, Craig A.; Kirkham, Harold

2011-09-01

This document was developed to provide guidance for the implementation of secure data transfer in a complex computational infrastructure representative of the electric power and oil and natural gas enterprises and the control systems they implement. For the past 20 years the cyber security community has focused on preventative measures intended to keep systems secure by providing a hard outer shell that is difficult to penetrate. Over time, the hard exterior, soft interior focus changed to focus on defense-in-depth adding multiple layers of protection, introducing intrusion detection systems, more effective incident response and cleanup, and many other security measures. Despite much larger expenditures and more layers of defense, successful attacks have only increased in number and severity. Consequently, it is time to re-focus the conventional approach to cyber security. While it is still important to implement measures to keep intruders out, a new protection paradigm is warranted that is aimed at discovering attempted or real compromises as early as possible. Put simply, organizations should take as fact that they have been, are now, or will be compromised. These compromises may be intended to steal information for financial gain as in the theft of intellectual property or credentials that lead to the theft of financial resources, or to lie silent until instructed to cause physical or electronic damage and/or denial of services. This change in outlook has been recently confirmed by the National Security Agency [19]. The discovery of attempted and actual compromises requires an increased focus on monitoring events by manual and/or automated log monitoring, detecting unauthorized changes to a system's hardware and/or software, detecting intrusions, and/or discovering the exfiltration of sensitive information and/or attempts to send inappropriate commands to ICS/SCADA (Industrial Control System/Supervisory Control And Data Acquisition) systems.

Fluctuations of Internal Transmittance in Security of Measurement-Device-Independent Quantum Key Distribution with an Untrusted Source*

International Nuclear Information System (INIS)

Wang Yang; Bao Wan-Su; Chen Rui-Ke; Zhou Chun; Jiang Mu-Sheng; Li Hong-Wei

2017-01-01

Measurement-device-independent quantum key distribution (MDI-QKD) is immune to detector side channel attacks, which is a crucial security loophole problem in traditional QKD. In order to relax a key assumption that the sources are trusted in MDI-QKD, an MDI-QKD protocol with an untrusted source has been proposed. For the security of MDI-QKD with an untrusted source, imperfections in the practical experiment should also be taken into account. In this paper, we analyze the effects of fluctuations of internal transmittance on the security of a decoy-state MDI-QKD protocol with an untrusted source. Our numerical results show that both the secret key rate and the maximum secure transmission distance decrease when taken fluctuations of internal transmittance into consideration. Especially, they are more sensitive when Charlie’s mean photon number per pulse is smaller. Our results emphasize that the stability of correlative optical devices is important for practical implementations . (paper)

Flexicurity as a measuring leakage protection of workers: between "social pollution" and "total security".

Directory of Open Access Journals (Sweden)

Calogero Massimo Cammalleri

2012-01-01

Full Text Available Was not the labour problem the same everywhere? The paper at­tempts to answer this question by proposing a re-interpretation of flexicurity through the comparison with the economic concepts of externalities and distortion of competition. After a methodological and epistemological premise, based on a multidisciplinary literature, the paper - crit­ically addresses the origins of flexicurity and argues that it lacks an archetypical definition, especially in the formulation of the EU Commission. Hence, the paper considers flexicurity as any balance between flexibility and security and, therefore, pro­poses ordering any set of contracts, providing the same balance and with the same regulatory framework, in “communities”. It is assumed, therefore, that communities can differ either in terms of a “protective” trade­-off, where the differential is not a surrogate measure of security, or in terms of an economic trade-off, where it is met by the provision of social insurance or security. One of these sets is called community 0 and it corresponds to undeclared work, not only illegal, but also completely devoid of security and fully flexible. After identifying from ILO, EU and constitutional sources the foundation of the “incompressibility” of rights which guarantee decent work, the paper likens decent work to a public good of general interest, in the same way as laws generally recognize the natural environment. On the basis of this comparative axiom, the paper proposes considering the dispersion of security produced by undeclared work as “un-decent” work and, therefore, as a form of “pollution”. The paper proposes, conversely, to define as a “total secure” environment one where there is no loss of se­curity and, therefore, a non-polluted environment. Because an environment can be little or very polluted, the paper proposes considering as social pollution any form, even legal, of security leakage - such as that induced by the

Soil Security Assessment of Tasmania

Science.gov (United States)

Field, Damien; Kidd, Darren; McBratney, Alex

2017-04-01

The concept of soil security aligns well with the aspirational and marketing policies of the Tasmanian Government, where increased agricultural expansion through new irrigation schemes and multiple-use State managed production forests co-exists beside pristine World Heritage conservation land, a major drawcard of the economically important tourism industry . Regarding the Sustainable Development Gaols (SDG's) this could be seen as a exemplar of the emerging tool for quantification of spatial soil security to effectively protect our soil resource in terms of food (SDG 2.4, 3.9) and water security (SDG 6.4, 6.6), biodiversity maintenance and safeguarding fragile ecosystems (SDG 15.3, 15.9). The recent development and application of Digital Soil Mapping and Assessment capacities in Tasmania to stimulate agricultural production and better target appropriate soil resources has formed the foundational systems that can enable the first efforts in quantifying and mapping Tasmanian Soil Security, in particular the five Soil Security dimensions (Capability, Condition, Capital, Codification and Connectivity). However, to provide a measure of overall soil security, it was necessary to separately assess the State's three major soil uses; Agriculture, Conservation and Forestry. These products will provide an indication of where different activities are sustainable or at risk, where more soil data is needed, and provide a tool to better plan for a State requiring optimal food and fibre production, without depleting its natural soil resources and impacting on the fragile ecosystems supporting environmental benefits and the tourism industry.

Basic security measures for IEEE 802.11 wireless networks

OpenAIRE

Sarmiento, Oscar P.; Guerrero, Fabio G.; Rey Argote, David

2008-01-01

This article presents a tutorial/discussion of three commonly-used IEEE 802.11 wireless network security standards: WEP, WPA and WPA2. A detailed analysis of the RC4 algorithm supporting WEP is presented, including its vulnerabilities. The WPA and WPA2 encryption protocols’ most relevant aspects and technical characteristics are reviewed for a comparative analysis of the three standards in terms of the security they provide. Special attention has been paid to WEP encryption by using an educat...

A Security Audit Framework to Manage Information System Security

Science.gov (United States)

Pereira, Teresa; Santos, Henrique

The widespread adoption of information and communication technology have promoted an increase dependency of organizations in the performance of their Information Systems. As a result, adequate security procedures to properly manage information security must be established by the organizations, in order to protect their valued or critical resources from accidental or intentional attacks, and ensure their normal activity. A conceptual security framework to manage and audit Information System Security is proposed and discussed. The proposed framework intends to assist organizations firstly to understand what they precisely need to protect assets and what are their weaknesses (vulnerabilities), enabling to perform an adequate security management. Secondly, enabling a security audit framework to support the organization to assess the efficiency of the controls and policy adopted to prevent or mitigate attacks, threats and vulnerabilities, promoted by the advances of new technologies and new Internet-enabled services, that the organizations are subject of. The presented framework is based on a conceptual model approach, which contains the semantic description of the concepts defined in information security domain, based on the ISO/IEC_JCT1 standards.

International pooling of operators' funds: an option to increase the amount of financial security to cover nuclear liability?

International Nuclear Information System (INIS)

Pelzer, N.

2007-01-01

This paper aims at answering the question whether international pooling of operators funds could open a viable avenue to complement financial security provided by insurance and thus to either fill gaps in insurance coverage or increase amount of compensation for nuclear damage. (author)

PRIVATE SECURITY IN SPORT

Directory of Open Access Journals (Sweden)

Dragan Vukasović

2011-09-01

Full Text Available Given the importance of sport for international integration, affirmation, a sense of belonging and other values of general interest, in order to maintain and open new prospects of development, it is necessary to form the private security system along with state security system, with a view to creating conditions for development sports athletes to achieve better results both in domestic and international competitions. Private security is only one element of an integrated security system which, with its efficient organization with the use of adequate means and measures should provide answers to new challenges, risks and threats. Private security in line with the new understanding of the concept of security has an important role in providing athletes.

HITACHI security concept for industrial control systems

International Nuclear Information System (INIS)

Endoh, H.; Yamada, T.; Okubo, S.; Nakano, T.

2012-01-01

Security is a necessary factor for the safe and efficient operation of today's control systems. To ensure safe operation of control systems throughout their lifetime, security measures must be carefully planned in the development phase and then maintained continuously during the operation phase and other following phases. To ensure operation within the system's safe states, Hitachi proposes security concept processes (1) to derive security measures rationally and (2) to maintain the security model over the system life cycle. Hitachi also proposes security development programs which support the integration of standards-compliant systems and development of robust control equipment. (author)

The 'virtual' national securities commission

International Nuclear Information System (INIS)

Campbell, G.A.; Benham, B.J.

1998-01-01

This paper describes the mandate of the Canadian Securities Administrators (CSA), a body established to ensure that Canada has an efficient and effective securities regulatory system to protect investors and a fair and efficient securities market. The CSA was created in 1937 and is comprised of the twelve provincial and territorial securities regulatory authorities. Some of the measures that the CSA has taken to improve regulatory efficiency are discussed. Among the measures highlighted are the creation of a task force on operational efficiencies in the administration of securities regulation, the development of a mutual reliance review system and a system for electronic document analysis and retrieval (SEDAR) to electronically file information to a central computer database. The CSA also adopted a system to expedite the review and receipt of short form prospectuses

Computer Security: SAHARA - Security As High As Reasonably Achievable

CERN Multimedia

Stefan Lueders, Computer Security Team

2015-01-01

History has shown us time and again that our computer systems, computing services and control systems have digital security deficiencies. Too often we deploy stop-gap solutions and improvised hacks, or we just accept that it is too late to change things.    In my opinion, this blatantly contradicts the professionalism we show in our daily work. Other priorities and time pressure force us to ignore security or to consider it too late to do anything… but we can do better. Just look at how “safety” is dealt with at CERN! “ALARA” (As Low As Reasonably Achievable) is the objective set by the CERN HSE group when considering our individual radiological exposure. Following this paradigm, and shifting it from CERN safety to CERN computer security, would give us “SAHARA”: “Security As High As Reasonably Achievable”. In other words, all possible computer security measures must be applied, so long as ...

A process framework for information security management

Directory of Open Access Journals (Sweden)

Knut Haufe

2016-01-01

Full Text Available Securing sensitive organizational data has become increasingly vital to organizations. An Information Security Management System (ISMS is a systematic approach for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an organization's information security. Key elements of the operation of an ISMS are ISMS processes. However, and in spite of its importance, an ISMS process framework with a description of ISMS processes and their interaction as well as the interaction with other management processes is not available in the literature. Cost benefit analysis of information security investments regarding single measures protecting information and ISMS processes are not in the focus of current research, mostly focused on economics. This article aims to fill this research gap by proposing such an ISMS process framework as the main contribution. Based on a set of agreed upon ISMS processes in existing standards like ISO 27000 series, COBIT and ITIL. Within the framework, identified processes are described and their interaction and interfaces are specified. This framework helps to focus on the operation of the ISMS, instead of focusing on measures and controls. By this, as a main finding, the systemic character of the ISMS consisting of processes and the perception of relevant roles of the ISMS is strengthened.

Climate Change Impact on the Southeastern Europe Security Environment and the Increasing Role of the Bulgarian Army as the World Warms

Science.gov (United States)

2016-06-10

CLIMATE CHANGE IMPACT ON THE SOUTHEASTERN EUROPE SECURITY ENVIRONMENT AND THE INCREASING ROLE OF THE BULGARIAN ARMY AS THE WORLD WARMS...DD-MM-YYYY) 10-06-2016 2. REPORT TYPE Master’s Thesis 3. DATES COVERED (From - To) AUG 2015 – JUN 2016 4. TITLE AND SUBTITLE Climate Change ...14. ABSTRACT Climate change impacts on the security environment are real and have the potential to create unprecedented levels of risk through

From performance to performativity: The legitimization of US security contracting and its consequences.

Science.gov (United States)

Krahmann, Elke

2017-12-01

Discussions about the legitimacy of private security companies (PSCs) in multilateral military interventions abound. This article looks at how the United States has sought to legitimize the outsourcing of security services to PSCs through performance-based contracting and performance assessments. Both mechanisms aim to demonstrate the effective provision of publicly desirable outcomes. However, the immaterial and socially constructed nature of security presents major problems for performance assessments in terms of observable and measurable outcomes. Performance has therefore given way to performativity - that is, the repetitive enactment of particular forms of behaviour and capabilities that are simply equated with security as an outcome. The implications of this development for the ways in which security has been conceptualized, implemented and experienced within US interventions have been profound. Ironically, the concern with performance has not encouraged PSCs to pay increased attention to their impacts on security environments and civilian populations, but has fostered a preoccupation with activities and measurable capabilities that can be easily assessed by government auditors.

A Novel Multiparty Quantum Secret Sharing Scheme of Secure Direct Communication Based on Bell States and Bell Measurements

International Nuclear Information System (INIS)

Shi Run-Hua; Huang Liu-Sheng; Yang Wei; Zhong Hong

2011-01-01

We present a novel quantum secret sharing scheme of secure direct communication and analyze its security. This scheme takes Einstein—Podolsky—Rosen (EPR) pairs in Bell states as quantum resources. In order to obtain the direct communication message, all agents only need to perform Bell measurements, not to perform any local unitary operation. The total efficiency in this scheme approaches 100% as the classical information exchanged is unnecessary except for the eavesdropping checks. (general)

A Secure Routing Protocol for Wireless Sensor Networks Considering Secure Data Aggregation

Directory of Open Access Journals (Sweden)

Triana Mugia Rahayu

2015-06-01

Full Text Available The commonly unattended and hostile deployments of WSNs and their resource-constrained sensor devices have led to an increasing demand for secure energy-efficient protocols. Routing and data aggregation receive the most attention since they are among the daily network routines. With the awareness of such demand, we found that so far there has been no work that lays out a secure routing protocol as the foundation for a secure data aggregation protocol. We argue that the secure routing role would be rendered useless if the data aggregation scheme built on it is not secure. Conversely, the secure data aggregation protocol needs a secure underlying routing protocol as its foundation in order to be effectively optimal. As an attempt for the solution, we devise an energy-aware protocol based on LEACH and ESPDA that combines secure routing protocol and secure data aggregation protocol. We then evaluate its security effectiveness and its energy-efficiency aspects, knowing that there are always trade-off between both.

Security of radioactive sources. The evolving new international dimensions

International Nuclear Information System (INIS)

Gonzalez, Abel J.

2001-01-01

Security of radioactive sources has become an issue of serious public concern after the devastating terrorist attacks of 11 September 2001. Yet it is worth asking how serious the the problem actually is, given the fact that hundreds of dangerous chemicals and biological agents pose perhaps greater terrorist threats that need to be urgently reduced. Radioactive sources do not contain the type of nuclear materials that would allow someone to build a nuclear bomb and trigger a major catastrophe. Though radioactive sources can be potentially dangerous for anyone coming into close contact with them, they are safely used in everyday life for medical care and treatment, among other applications in fields of industry, agriculture, and science. However, there is increasing apprehension that radioactive sources could be turned into a terrorist tool what the media call a 'dirty bomb'. To increase the protection of radiation sources, the IAEA proposes a number of measures to strengthen regulatory control and to update its standards and expanding programmes in respect to terrorism threats. The proposals include: introducing a peer review service to appraise State regulatory infrastructures for the security of radioactive sources, including protection during transport; examining the feasibility of helping States to locate large orphan sources to bring them under regulatory control; reviewing and eventually revising the Code of Conduct on the Safety and Security of Radioactive Sources to make it more comprehensive in relation to security and to determine how compliance might be monitored; reviewing the requirements on the security of radioactive sources contained in the International Basic Safety Standards for Protection against Ionizing Radiation and for the Safety of Radioactive Sources on and updating other relevant documents; exploring the practicability of an international marking system for large significant sources and of establishing a norm for a more secure physical form

Rethinking energy security in Asia. A non-traditional view of human security

Energy Technology Data Exchange (ETDEWEB)

Caballero-Anthony, Mely [Nanyang Technological Univ., Singapore (SG). Centre for Non-Traditional Security (NTS) Studies; Chang, Youngho [Nanyang Technological Univ., Singapore (Singapore). Division of Economics; Putra, Nur Azha (eds.) [National Univ. of Singapore (Singapore). Energy Security Division

2012-07-01

Traditional notions of security are premised on the primacy of state security. In relation to energy security, traditional policy thinking has focused on ensuring supply without much emphasis on socioeconomic and environmental impacts. Non-traditional security (NTS) scholars argue that threats to human security have become increasingly prominent since the end of the Cold War, and that it is thus critical to adopt a holistic and multidisciplinary approach in addressing rising energy needs. This volume represents the perspectives of scholars from across Asia, looking at diverse aspects of energy security through a non-traditional security lens. The issues covered include environmental and socioeconomic impacts, the role of the market, the role of civil society, energy sustainability and policy trends in the ASEAN region.

A Novel Computer Virus Propagation Model under Security Classification

Directory of Open Access Journals (Sweden)

Qingyi Zhu

2017-01-01

Full Text Available In reality, some computers have specific security classification. For the sake of safety and cost, the security level of computers will be upgraded with increasing of threats in networks. Here we assume that there exists a threshold value which determines when countermeasures should be taken to level up the security of a fraction of computers with low security level. And in some specific realistic environments the propagation network can be regarded as fully interconnected. Inspired by these facts, this paper presents a novel computer virus dynamics model considering the impact brought by security classification in full interconnection network. By using the theory of dynamic stability, the existence of equilibria and stability conditions is analysed and proved. And the above optimal threshold value is given analytically. Then, some numerical experiments are made to justify the model. Besides, some discussions and antivirus measures are given.

Security of water treatment facilities

Energy Technology Data Exchange (ETDEWEB)

Forsha, C.A. [Univ. of Pittsburgh at Johnstown, Johnstowne, PA (United States)

2002-06-15

The safety of the nation's water supply is at risk. Although harm may or may not be done to water sources, the fear is definitely a factor. No matter what size system supplies water, the community will expect increased security. Decisions must be made as to how much will be spent on security and what measures will be taken with the money. Small systems often have a difficult time in finding a direction to focus on. Physical and electronic protection is less involved because of the scale of service. Biological contamination is difficult to prevent if the assailants are determined. Small-scale water storage and low magnitudes of flow increase a contamination threat. Large systems have a size advantage when dealing with biological contamination because of the dilution factor, but physical and electronic protection is more involved. Large-scale systems are more likely to overlook components. A balance is maintained through anything dealing with the public. Having greater assurance that water quality will be maintained comes at the cost of knowing less about how water is protected and treated, and being banned from public land within watersheds that supply drinking water. Whether good or bad ideas are being implemented, security of water treatment facilities is changing. (author)

Security of water treatment facilities

International Nuclear Information System (INIS)

Forsha, C.A.

2002-01-01

The safety of the nation's water supply is at risk. Although harm may or may not be done to water sources, the fear is definitely a factor. No matter what size system supplies water, the community will expect increased security. Decisions must be made as to how much will be spent on security and what measures will be taken with the money. Small systems often have a difficult time in finding a direction to focus on. Physical and electronic protection is less involved because of the scale of service. Biological contamination is difficult to prevent if the assailants are determined. Small-scale water storage and low magnitudes of flow increase a contamination threat. Large systems have a size advantage when dealing with biological contamination because of the dilution factor, but physical and electronic protection is more involved. Large-scale systems are more likely to overlook components. A balance is maintained through anything dealing with the public. Having greater assurance that water quality will be maintained comes at the cost of knowing less about how water is protected and treated, and being banned from public land within watersheds that supply drinking water. Whether good or bad ideas are being implemented, security of water treatment facilities is changing. (author)

Shipment security update - 2003

International Nuclear Information System (INIS)

Patterson, John; Anne, Catherine

2003-01-01

At the 2002 RERTR, NAC reported on the interim measures taken by the U.S. Nuclear Regulatory Commission to enhance the security afforded to shipments of spent nuclear fuel. Since that time, there have been a number of additional actions focused on shipment security including training programs sponsored by the U.S. Department of Transportation and the Electric Power Research Council, investigation by the Government Accounting Office, and individual measures taken by shippers and transportation agents. The paper will present a status update regarding this dynamic set of events and provide an objective assessment of the cost, schedule and technical implications of the changing security landscape. (author)

Information Governance: A Model for Security in Medical Practice

Directory of Open Access Journals (Sweden)

Patricia A.H. Williams

2007-03-01

Full Text Available Information governance is becoming an important aspect of organisational accountability. In consideration that information is an integral asset of most organisations, the protection of this asset will increasingly rely on organisational capabilities in security.  In the medical arena this information is primarily sensitive patient-based information. Previous research has shown that application of security measures is a low priority for primary care medical practice and that awareness of the risks are seriously underestimated. Consequently, information security governance will be a key issue for medical practice in the future. Information security governance is a relatively new term and there is little existing research into how to meet governance requirements. The limited research that exists describes information security governance frameworks at a strategic level. However, since medical practice is already lagging in the implementation of appropriate security, such definition may not be practical although it is obviously desirable. This paper describes an on-going action research project undertaken in the area of medical information security, and presents a tactical approach model aimed at addressing information security governance and the protection of medical data. 

BASIC CONCEPTS OF TAX SECURITY AS PART OF THE FINANCIAL SECURITY OF UKRAINE

Directory of Open Access Journals (Sweden)

Sergiy Golikov

2016-11-01

Full Text Available The purpose of the paper is to examine the essence of the term «tax security», its fundamental characteristics, such as threats, risks, interests and protection, defined how the state could provide them. The paper analyses economic, social and legal nature of the term. Key indicators of tax security of Ukraine identified and analyzed. In addition, the paper studies an integrated approach of tax security threats. In case of a big amount of threats, they divided to four main sources of threats: the state of the national economy, the state of the public finances, social features of the society and institutional environment. For each source, there have been identified and analyzed the most important factors of threats of tax security of Ukraine. Methodology. The survey based on an analysis of existing studies of Ukrainian and foreign scientists about the essence and nature of "tax security" for the last 10 years. In addition, to determine the essence and the concept, goals and objectives, methods and principles of the economic nature of the tax security, main risks, threats, expectations and results of efficient tax security identified. To build an integrated approach it is necessary to analyse all existing and potential factors of threats. There data used from reports of the State Statistics Service of Ukraine, Ministry of Economic Development and Trade of Ukraine, PWC and World Bank. Results of the survey showed that tax security is such a condition of tax security, when the process of harmonization of taxation provided under effective management of risks and threats that arise in tax area, by taking the necessary measures by the executive bodies to meet the interests of the state, society and taxpayers (business entities, organizations, people. Integrated approach of threats analysis of tax security shows that the most dangerous threats are those that are associated with poor economic development, considerable socio-economic stratification of

Improving DNS security : a measurement-based approach

NARCIS (Netherlands)

van Rijswijk-Deij, Roland

2017-01-01

The Domain Name System (DNS) is a vital part of the core infrastructure of the Internet. It maps human readable names (such as www.example.com) to machine readable information (such as 93.184.216.34). This thesis studies two aspects of the DNS. First, it studies problems in the DNS Security

reCAPTCHA: human-based character recognition via Web security measures.

Science.gov (United States)

von Ahn, Luis; Maurer, Benjamin; McMillen, Colin; Abraham, David; Blum, Manuel

2008-09-12

CAPTCHAs (Completely Automated Public Turing test to tell Computers and Humans Apart) are widespread security measures on the World Wide Web that prevent automated programs from abusing online services. They do so by asking humans to perform a task that computers cannot yet perform, such as deciphering distorted characters. Our research explored whether such human effort can be channeled into a useful purpose: helping to digitize old printed material by asking users to decipher scanned words from books that computerized optical character recognition failed to recognize. We showed that this method can transcribe text with a word accuracy exceeding 99%, matching the guarantee of professional human transcribers. Our apparatus is deployed in more than 40,000 Web sites and has transcribed over 440 million words.

Database Security: A Historical Perspective

OpenAIRE

Lesov, Paul

2010-01-01

The importance of security in database research has greatly increased over the years as most of critical functionality of the business and military enterprises became digitized. Database is an integral part of any information system and they often hold sensitive data. The security of the data depends on physical security, OS security and DBMS security. Database security can be compromised by obtaining sensitive data, changing data or degrading availability of the database. Over the last 30 ye...

12 CFR 568.3 - Security program.

Science.gov (United States)

2010-01-01

... opening and closing for business and for the safekeeping of all currency, negotiable securities, and... law enforcement officers; (iv) The cost of the security devices; (v) Other security measures in effect... 12 Banks and Banking 5 2010-01-01 2010-01-01 false Security program. 568.3 Section 568.3 Banks and...

12 CFR 326.3 - Security program.

Science.gov (United States)

2010-01-01

... for opening and closing for business and for the safekeeping of all currency, negotiable securities... enforcement officers; (iv) The cost of the security devices; (v) Other security measures in effect at the... 12 Banks and Banking 4 2010-01-01 2010-01-01 false Security program. 326.3 Section 326.3 Banks and...

Development programs of cutting-edge technologies for measurement and detection of nuclear material for safeguards and security

International Nuclear Information System (INIS)

Seya, Michio; Wakabayashi, Shuji; Naoi, Yosuke; Ohkubo, Michiaki; Senzaki, Masao

2011-01-01

The Integrated Support Center for Nuclear Nonproliferation and Nuclear Security ('ISCN', hereafter) of Japan Atomic Energy Agency (JAEA) has development programs of cutting-edge technologies for measurement and detection of nuclear materials for nuclear safeguards and security, under the sponsorship of Japanese government (MEXT: Ministry of Education, Culture, Sports, Science and Technology). ISCN started development programs of the following technologies this year. (1) NRF (Nuclear Resonance Fluorescence) NDA technology using laser Compton scattering (LCS) gamma-rays, (2) Alternative to 3 He neutron detection technology using inorganic solid scintillator. ISCN is also going to conduct a demonstration test of a spent fuel Pu-NDA system that is to be developed by LANL (Los Alamos National Laboratory) using very sophisticated neutron measurement technologies, under JAEA/USDOE cooperation agreement. This presentation shows the above programs of ISCN. (author)

Present state and problems of the measures for securing stable supply of uranium resources

International Nuclear Information System (INIS)

Yoneda, Fumishige

1982-01-01

The long-term stable supply of uranium resources must be secured in order to accelerate the development and utilization of nuclear power in Japan. All uranium required in Japan is imported from foreign countries, and depends on small number of suppliers. On the use of uranium, various restrictions have been imposed by bilateral agreements from the viewpoint of nuclear non-proliferation policy. At present, the demand-supply relation in uranium market is not stringent, but in the latter half of 1980s, it is feared that it will be stringent. The prospect of the demand and supply of uranium resources, the state of securing uranium resources, the present policy on uranium resources, the necessity of establishing the new policy, and the active promotion of uranium resource measures are described. The measures to be taken are the promotion of exploration and development of mines, the participation in the management of such foreign projects, the promotion of diversifying the supply sources, the establishment of the structure to accept uranium resources, the promotion of the storage of uranium, and the rearrangement of general coordination and promotion functions for uranium resource procurement. (Kako, I.)

Automated security management

CERN Document Server

Al-Shaer, Ehab; Xie, Geoffrey

2013-01-01

In this contributed volume, leading international researchers explore configuration modeling and checking, vulnerability and risk assessment, configuration analysis, and diagnostics and discovery. The authors equip readers to understand automated security management systems and techniques that increase overall network assurability and usability. These constantly changing networks defend against cyber attacks by integrating hundreds of security devices such as firewalls, IPSec gateways, IDS/IPS, authentication servers, authorization/RBAC servers, and crypto systems. Automated Security Managemen

Do Job Security Guarantees Work?

OpenAIRE

Alex Bryson; Lorenzo Cappellari; Claudio Lucifora

2004-01-01

We investigate the effect of employer job security guarantees on employee perceptions of job security. Using linked employer-employee data from the 1998 British Workplace Employee Relations Survey, we find job security guarantees reduce employee perceptions of job insecurity. This finding is robust to endogenous selection of job security guarantees by employers engaging in organisational change and workforce reductions. Furthermore, there is no evidence that increased job security through job...

Systems Security Engineering

Science.gov (United States)

2010-08-22

environment that contains network- borne cybersecurity threats, an argument may be made that the firewall increases overall system functionality by reserving...the number of administered devices. This approach to security analysis is at once old and new. In the early days of eCommerce , security

Lecture 2: Software Security

CERN Multimedia

CERN. Geneva

2013-01-01

Computer security has been an increasing concern for IT professionals for a number of years, yet despite all the efforts, computer systems and networks remain highly vulnerable to attacks of different kinds. Design flaws and security bugs in the underlying software are among the main reasons for this. This lecture addresses the following question: how to create secure software? The lecture starts with a definition of computer security and an explanation of why it is so difficult to achieve. It then introduces the main security principles (like least-privilege, or defense-in-depth) and discusses security in different phases of the software development cycle. The emphasis is put on the implementation part: most common pitfalls and security bugs are listed, followed by advice on best practice for security development, testing and deployment. Sebastian Lopienski is CERN’s deputy Computer Security Officer. He works on security strategy and policies; offers internal consultancy and audit services; develops and ...

Evaluating Factors of Security Policy on Information Security Effectiveness in Developing Nations: A Case of Nigeria

Science.gov (United States)

Okolo, Nkiru Benjamin

2016-01-01

Information systems of today face more potential security infringement than ever before. The regular susceptibility of data to breaches is a function of systems users' disinclination to follow appropriate security measures. A well-secured system maintains integrity, confidentiality, and availability, while providing appropriate and consistent…

Future consumer mobile phone security : a case study using the data centric security model

NARCIS (Netherlands)

van Cleeff, A.

2008-01-01

In the interconnected world that we live in, traditional security barriers are broken down. Developments such as outsourcing, increased usage of mobile devices and wireless networks each cause new security problems. To address the new security threats, a number of solutions have been suggested,

Public perspectives on nuclear security. US national security surveys, 1993--1997

Energy Technology Data Exchange (ETDEWEB)

Herron, K.G.; Jenkins-Smith, H.C. [Univ. of New Mexico, Albuquerque, NM (United States). UNM Inst. for Public Policy

1998-08-01

This is the third report in a series of studies to examine how US attitudes about nuclear security are evolving in the post-Cold War era and to identify trends in public perceptions and preferences relevant to the evolution of US nuclear security policy. It presents findings from three surveys: a nationwide telephone survey of randomly selected members of the US general public; a written survey of randomly selected members of American Men and Women of Science; and a written survey of randomly selected state legislators from all fifty US states. Key areas of investigation included nuclear security, cooperation between US and Russian scientists about nuclear issues, vulnerabilities of critical US infrastructures and responsibilities for their protection, and broad areas of US national science policy. While international and US national security were seen to be slowly improving, the primary nuclear threat to the US was perceived to have shifted from Russia to China. Support was found for nuclear arms control measures, including mutual reductions in stockpiles. However, respondents were pessimistic about eliminating nuclear armaments, and nuclear deterrence continued to be highly values. Participants favored decreasing funding f/or developing and testing new nuclear weapons, but supported increased investments in nuclear weapons infrastructure. Strong concerns were expressed about nuclear proliferation and the potential for nuclear terrorism. Support was evident for US scientific cooperation with Russia to strengthen security of Russian nuclear assets. Elite and general public perceptions of external and domestic nuclear weapons risks and external and domestic nuclear weapons benefits were statistically significantly related to nuclear weapons policy options and investment preferences. Demographic variables and individual belief systems were systematically related both to risk and benefit perceptions and to policy and spending preferences.

Nuclear security measures at the XV Pan American Games: Rio de Janeiro 2007

International Nuclear Information System (INIS)

2009-03-01

The objective of this report is to describe the nuclear security arrangements established and implemented for the Rio 2007 Games. (Nuclear security is taken to mean the prevention, detection and interdiction of malicious acts involving nuclear or other radioactive material and the response to such acts should they occur.) These arrangements may serve as an example of the arrangements that need to be made for Member States hosting major public events in the future. The information is intended for use by national authorities such as counter terrorism agencies, national radiation measurement and assessment institutions, bomb squad, police and other relevant law enforcement agencies. Section 1 comprises an introduction about the report's background, objective, scope and structure. Section 2 provides a description of the arrangements made during the preparatory phase: the overall security concept; the evaluation of the threat; the policy decisions taken; the organizational arrangements; the nuclear security plan; and the cooperation with the IAEA. Section 3 describes the concept of operations: the strategy for choosing the targets to be protected; the different lines of defence; the coordination and management of activities; and the actions to be taken to prevent, detect, interdict and respond to malicious acts and other unauthorized acts involving nuclear or other radioactive material. Section 4 covers the logistics including the radiation detection instruments used, their deployment, testing and maintenance and training in their use. Section 5 presents the results of the surveys undertaken prior to the Rio 2007 Games and of the access controls of the venues during the Rio 2007 Games. Section 6 provides the conclusions that may be drawn from the work undertaken. Section 7 gives recommendations to other national authorities facing similar challenge in the future

SECURITY AWARENESS – MAJOR PIECE IN THE PUZZLE OF INFORMATION SECURITY

OpenAIRE

MARIUS PETRESCU; NICOLETA SÎRBU; ANCA-GABRIELA PETRESCU; MIOARA BRABOVEANU

2011-01-01

Information security has come to be recognized as increasingly important because global communication and information systems allow a potentially large number of unauthorized users to access and possibly alter information from around the world. As the dependence on information systems grows, so the security of information networks becomes ever more critical to any entity, no matter if it is a company or a public institution. Information security involves both technology and people. Any securi...

MODEL-BASED SECURITY ENGINEERING OF SOA SYSTEM USING SECURITY INTENT DSL

OpenAIRE

Muhammad Qaiser Saleem; Jafreezal Jaafar; Mohd Fadzil Hassan

2011-01-01

Currently most of the enterprises are using SOA and web services technologies to build their web information system. They are using MDA principles for design and development of WIS and using UML as a modelling language for business process modelling. Along with the increased connectivity in SOA environment, security risks rise exponentially. Security is not defined during the early phases of development and left onto developer. Properly configuring security requirements in SOA applications is...

Electronic healthcare information security

CERN Document Server

Dube, Kudakwashe; Shoniregun, Charles A

2010-01-01

The ever-increasing healthcare expenditure and pressing demand for improved quality and efficiency of patient care services are driving innovation in healthcare information management. The domain of healthcare has become a challenging testing ground for information security due to the complex nature of healthcare information and individual privacy. ""Electronic Healthcare Information Security"" explores the challenges of e-healthcare information and security policy technologies. It evaluates the effectiveness of security and privacy implementation systems for anonymization methods and techniqu

Austerity, Discipline and Social Security

Directory of Open Access Journals (Sweden)

Asja Hrvatin

2013-03-01

Full Text Available One of the manifestations of the global crisis of financial capitalism and the policies arising from it was the imposition of austerity measures, which not only resulted in privatization of the commons and general expropriation of the people, but also managed to introduce new mechanisms of discipline and punishment. Debt, being the fundament of relations in society, forced itself into the system of social security: new legislation, regulating welfare benefits, has now shifted to a method for the criminalization of poverty, deepening class differences and transforming social workers (and the system of social security as a whole into a moralizing, bureaucratic machine for disciplining the population. The new legislation also shows a lack of reflection on the changes that need to be made to the welfare state in order to create social services that meet the needs and desires of individuals. Instead of improvements that provide decent living conditions and a new system of social rights (to deal with the problems resulting from precarious working conditions, people are faced with depersonalization, humiliation and increased hate speech and other fascist practices. The effect of austerity measures on the social security system does not end with the devastation of service users’ lives and their communities, which are slowly becoming exhausted, individualized and devoid of solidarity. It also means a big step backwards for the core ethics and principles of social work. Social workers are increasingly alienated from their clients and the communities they live in. They function more in the service of the government and its policies rather than as advocates of people’s rights.

Improved Asymmetric Cipher Based on Matrix Power Function with Provable Security

Directory of Open Access Journals (Sweden)

Eligijus Sakalauskas

2017-01-01

Full Text Available The improved version of the author’s previously declared asymmetric cipher protocol based on matrix power function (MPF is presented. Proposed modification avoids discrete logarithm attack (DLA which could be applied to the previously declared protocol. This attack allows us to transform the initial system of MPF equations to so-called matrix multivariate quadratic (MMQ system of equations, which is a system representing a subclass of multivariate quadratic (MQ systems of equations. We are making a conjecture that avoidance of DLA in protocol, presented here, should increase its security, since an attempt to solve the initial system of MPF equations would appear to be no less complex than solving the system of MMQ equations. No algorithms are known to solve such a system of equations. Security parameters and their secure values are defined. Security analysis against chosen plaintext attack (CPA and chosen ciphertext attack (CCA is presented. Measures taken to prevent DLA attack increase the security of this protocol with respect to the previously declated protocol.

Between security and military identities: The case of Israeli security experts

NARCIS (Netherlands)

Grassiani, E.

2018-01-01

The relationship between private security professionals and the military in Israel is complex. While there is growing attention to the fact that security and military actors and their activities are becoming increasingly blurred, the Israeli case shows something different. In this ground-up analysis

Key Exchange Trust Evaluation in Peer-to-Peer Sensor Networks With Unconditionally Secure Key Exchange

Science.gov (United States)

Gonzalez, Elias; Kish, Laszlo B.

2016-03-01

As the utilization of sensor networks continue to increase, the importance of security becomes more profound. Many industries depend on sensor networks for critical tasks, and a malicious entity can potentially cause catastrophic damage. We propose a new key exchange trust evaluation for peer-to-peer sensor networks, where part of the network has unconditionally secure key exchange. For a given sensor, the higher the portion of channels with unconditionally secure key exchange the higher the trust value. We give a brief introduction to unconditionally secured key exchange concepts and mention current trust measures in sensor networks. We demonstrate the new key exchange trust measure on a hypothetical sensor network using both wired and wireless communication channels.

Challenges and countermeasures of China’s energy security

International Nuclear Information System (INIS)

Cao, Wensheng; Bluth, Christoph

2013-01-01

China is now a major consumer and importer of energy, and its choices and policies will increasingly affect the rest of the world. This paper analyses the key features of China’s energy policy as it faces the prospect of possible challenges to its energy security given the increasing reliance on fuel imports and the need to transform its energy to meet the requirements of a modern, fast-growing economy. The paper examines whether the current energy mix is appropriate and sustainable, and considers the China’s policymakers new emphasis on energy efficiency, conservation, renewable energy and the shift to natural gas the primary energy source. It examines the internal and external constraints on China’s energy policy and considers the strategic dilemmas arising from China’s increasing involvement in international energy markets. It concludes that both the domestic and international implications of China’s search for energy security will confront policymakers with hard choices that will affect not only energy policy, but also China’s geopolitical grand strategy. - Highlights: ► Conception of energy security and energy policy in China’s grand strategy are expatiated. ► Challenges China is facing are analyzed from 4 aspects. ► New strategic thoughts of China including 6 capability enhancements are raised. ► Major tasks of safeguarding energy security contain 3 measures of improvement.

Social Security Contribution to Productivity and Wages in Labour Organization Perspective

Science.gov (United States)

Supriadi, Y. N.

2017-03-01

This research is investigating the discrepancy fulfilment of the right to social security and decent wages to increase labour productivity in the perspective of labour organizations, in which the company provides social security, and wages have not been able to meet the needs of workers, on the other hand, the workers are always required to increase productivity. Therefore, this study aims to identify the social security and wages that affect labour productivity. So this research will provide input to the company to undertake effective measures and efficient for the company’s sustainability. This research was conducted using a survey method approach and quantitative data analysis techniques that are causal comparative sample of 223 respondents from 504 study population includes all labour organization’s District and municipal in Banten Province. The results showed the significant influence of social security and wages to increase labour productivity. Therefore, companies are required to act strategically in maintaining prohibitionists labour through re-design of the work environment, increase workers’ participation, intervention, and satisfy the needs of workers whose impact will be realized understanding between workers and companies in maintaining the company’s business.

The strategic security officer.

Science.gov (United States)

Hodges, Charles

2014-01-01

This article discusses the concept of the strategic security officer, and the potential that it brings to the healthcare security operational environment. The author believes that training and development, along with strict hiring practices, can enable a security department to reach a new level of professionalism, proficiency and efficiency. The strategic officer for healthcare security is adapted from the "strategic corporal" concept of US Marine Corps General Charles C. Krulak which focuses on understanding the total force implications of the decisions made by the lowest level leaders within the Corps (Krulak, 1999). This article focuses on the strategic organizational implications of every security officer's decisions in the constantly changing and increasingly volatile operational environment of healthcare security.

Security engineering: systems engineering of security through the adaptation and application of risk management

Science.gov (United States)

Gilliam, David P.; Feather, Martin S.

2004-01-01

Information Technology (IT) Security Risk Management is a critical task in the organization, which must protect its resources and data against the loss of confidentiality, integrity, and availability. As systems become more complex and diverse, and more vulnerabilities are discovered while attacks from intrusions and malicious content increase, it is becoming increasingly difficult to manage IT security. This paper describes an approach to address IT security risk through risk management and mitigation in both the institution and in the project life cycle.

Future consumer mobile phone security: A case study using the data-centric security model

NARCIS (Netherlands)

van Cleeff, A.

Consumer mobile phone security requires more attention, now that their data storage capacity is increasing. At the same time, much effort is spent on data-centric security for large enterprises. In this article we try to apply data-centric security to consumer mobile phones. We show a maturity model

Energy security and sustainability in Northeast Asia

International Nuclear Information System (INIS)

Hippel, David von; Suzuki, Tatsujiro; Williams, James H.; Savage, Timothy; Hayes, Peter

2011-01-01

'Energy Security' has typically, to those involved in making energy policy, meant mostly securing access to oil and other fossil fuels. With increasingly global, diverse energy markets, however, and increasingly transnational problems resulting from energy transformation and use, old energy security rationales are less salient, and other issues, including climate change and other environmental, economic, and international considerations are becoming increasingly important. As a consequence, a more comprehensive operating definition of 'Energy Security' is needed, along with a workable framework for analysis of which future energy paths or scenarios are likely to yield greater Energy Security in a broader, more comprehensive sense. Work done as a part of the Nautilus Institute's 'Pacific Asia Regional Energy Security' (PARES) project developed a broader definition of Energy Security, and described an analytical framework designed to help to compare the energy security characteristics - both positive and negative - of different quantitative energy paths as developed using software tools such as the LEAP (Long-range Energy Alternatives Planning) system.

Latvian Security and Defense Policy within the Twenty-First Century Security Environment

Directory of Open Access Journals (Sweden)

Rublovskis Raimonds

2014-12-01

Full Text Available The aim of this paper is to analyze fundamental factors which form and profoundly shape security and defense policy of the Republic of Latvia. One can argue that historical background, geographical location, common institutional history within the former Soviet Union, the Russia factor, the relative smallness of the territory of state and the population, the ethnic composition of the population, the low density of the population and rather limited financial and manpower resources available for the defense of the Republic of Latvia are the key factors of influence on the state security and defense policy. The core principles of the security and defense policy of Latvia are the membership in powerful global military alliance of NATO and bilateral strategic partnership with the United States. However, security and defense cooperation among the three Baltic States as well as enhanced cooperation within the Baltic-Nordic framework is seen as an important supplementary factor for the increased security of the Republic of Latvia. Latvia has developed a sustainable legal and institutional framework in order to contribute to state security and defense; however, security challenges and significant changes within the global security environment of the twenty-first century will further challenge the ability of the Republic of Latvia to sustain its current legal framework, and more importantly, current institutional structure of Latvian security and defense architecture. Significant internal and external challenges will impact the fundamental pillars of Latvian security and defense policy, such as American strategic shift to the Pacific, and lack of political will to increase defense budgets in European part of NATO. It has to be clear that very independence, security and defense of the Republic of Latvia depend on the ability of NATO to remain an effective organization with timely and efficient decision-making, and the ability of the United States to remain

No energy security without climate security

International Nuclear Information System (INIS)

Hiller, M.

2006-06-01

WWF urges the G8 nations to embark on a serious global 'Climate and Energy Security Plan' akin in dimension to the Marshall plan after the Second World War. The plan would aim at dramatically augmenting energy efficiency measures and renewable energy sources within the next five years

Rasch Analyses of Very Low Food Security among Households and Children in the Three City Study.

Science.gov (United States)

Moffitt, Robert A; Ribar, David C

2016-04-01

The longitudinal Three City Study of low-income families with children measures food hardships using fewer questions and some different questions from the standard U.S. instrument for measuring food security, the Household Food Security Survey Module (HFSSM) in the Current Population Survey (CPS). We utilize a Rasch measurement model to identify thresholds of very low food security among households and very low food security among children in the Three City Study that are comparable to thresholds from the HFSSM. We also use the Three City Study to empirically investigate the determinants of food insecurity and of these specific food insecurity outcomes, estimating a multivariate behavioral Rasch model that is adapted to address longitudinal data. The estimation results indicate that participation in the Supplemental Nutrition Assistance Program and the Temporary Assistance for Needy Families program reduce food insecurity, while poverty and disability among caregivers increase it. Besides its longitudinal structure, the Three City Study measures many more characteristics about households than the CPS. Our estimates reveal that financial assistance through social networks and a household's own financial assets reduce food insecurity, while its outstanding loans increase insecurity.

Rasch Analyses of Very Low Food Security among Households and Children in the Three City Study*

Science.gov (United States)

Moffitt, Robert A.; Ribar, David C.

2017-01-01

The longitudinal Three City Study of low-income families with children measures food hardships using fewer questions and some different questions from the standard U.S. instrument for measuring food security, the Household Food Security Survey Module (HFSSM) in the Current Population Survey (CPS). We utilize a Rasch measurement model to identify thresholds of very low food security among households and very low food security among children in the Three City Study that are comparable to thresholds from the HFSSM. We also use the Three City Study to empirically investigate the determinants of food insecurity and of these specific food insecurity outcomes, estimating a multivariate behavioral Rasch model that is adapted to address longitudinal data. The estimation results indicate that participation in the Supplemental Nutrition Assistance Program and the Temporary Assistance for Needy Families program reduce food insecurity, while poverty and disability among caregivers increase it. Besides its longitudinal structure, the Three City Study measures many more characteristics about households than the CPS. Our estimates reveal that financial assistance through social networks and a household's own financial assets reduce food insecurity, while its outstanding loans increase insecurity. PMID:29187764

Report of the international forum on nuclear energy, nuclear non-proliferation and nuclear security. Measures to ensure nuclear non-proliferation and nuclear security for the back end of nuclear fuel cycle and regional cooperation in Asia

International Nuclear Information System (INIS)

Tazaki, Makiko; Yamamura, Tsukasa; Suzuki, Mitsutoshi; Kuno, Yusuke; Mochiji, Toshiro

2013-03-01

The Japan Atomic Energy Agency (JAEA) held 'International Forum on Nuclear Energy, Nuclear Non-proliferation and Nuclear Security - Measures to ensure nuclear non-proliferation and nuclear security for the back end of nuclear fuel cycle and regional cooperation in Asia-' on 12 and 13 December 2012, co-hosted by the Japan Institute of International Affairs (JIIA) and School of Engineering, The University of Tokyo. In the forum, keynote speakers from Japan, International Atomic Energy Agency (IAEA), the U.S., France and Republic of Korea (ROK), respectively explained their efforts regarding peaceful use of nuclear energy and nuclear non-proliferation. In two panel discussions, entitled 'Measures to ensure nuclear non-proliferation and nuclear security of nuclear fuel cycle back end' and 'Measures to ensure nuclear non-proliferation and nuclear security for nuclear energy use in the Asian region and a multilateral cooperative framework', active discussions were made among panelists from Japan, IAEA, the U.S., France, ROK, Russia and Kazakhstan. This report includes abstracts of keynote speeches, summaries of two panel discussions and materials of the presentations in the forum. The editors take full responsibility for the wording and content of this report except presentation materials. (author)

Supporting Applications Development and Operation Using IT Security and Audit Measures

Directory of Open Access Journals (Sweden)

Katalin Szenes

2012-01-01

Full Text Available The market success of the enterprises depends on the ability to support their business processes. This involves the requirement of a seamless, well-ordered operation of the whole company. Operation is greatly affected by the quality of its IT support. The information should be available, handled confidentially, preserving its integrity, have to be processed in a reliable, efficient, effective way, in compliance with the requirements of supervisory authorities. Extending the scope of these information criteria to criteria determining operations quality and adding two business-level requirements to them makes possible to find preventive, detective andcorrective, originally information security control measures, raised to the level of operational quality, that support the market success of the institutions.

Study on the concentration of energy security

International Nuclear Information System (INIS)

Irie, Kazutomo

2002-01-01

'Energy Security' concept has played the central role in Japan's energy policy. However, the definition of the concept is not clear. If energy security will remain a principal policy target, its concept should be clearly defined as a precondition. This dissertation analyzes historical changes in energy security concept and considers their relationship with the development of national security concept in international relations studies. Following an introduction in the first chapter, the second chapter reveals that energy security concept has changed in accord with energy situation and policymakers' concern of the times. As a result, several different definitions of the concept now coexist. The third chapter deals with the relationship between energy security concept and national security concepts in international relations. Three major definitions of energy security concepts correspond to definitions of security concepts by three schools in security theory - realism, liberalism, and globalism. In the fourth chapter, energy security is conceptualized and its policy measures are systematized by addressing the issues appeared in its historical changes and referring to security theory in international relations studies. The fifth chapter discusses the contribution by nuclear energy to Japan's energy security, applying a theoretical framework presented in previous chapters. Characteristics of nuclear energy which enhance energy security are identified, and policy measures for improving those characteristics are proposed. (author)

Attachment Security Balances Perspectives: Effects of Security Priming on Highly Optimistic and Pessimistic Explanatory Styles.

Science.gov (United States)

Deng, Yanhe; Yan, Mengge; Chen, Henry; Sun, Xin; Zhang, Peng; Zeng, Xianglong; Liu, Xiangping; Lye, Yue

2016-01-01

Highly optimistic explanatory style (HOES) and highly pessimistic explanatory style (HPES) are two maladaptive ways to explain the world and may have roots in attachment insecurity. The current study aims to explore the effects of security priming - activating supportive representations of attachment security - on ameliorating these maladaptive explanatory styles. 57 participants with HOES and 57 participants with HPES were randomized into security priming and control conditions. Their scores of overall optimistic attribution were measured before and after priming. Security priming had a moderating effect: the security primed HOES group exhibited lower optimistic attribution, while the security primed HPES group evinced higher scores of optimistic attribution. Furthermore, the security primed HOES group attributed positive outcomes more externally, while the security primed HPES group attributed successful results more internally. The results support the application of security priming interventions on maladaptive explanatory styles. Its potential mechanism and directions for future study are also discussed.

Outcomes and Suggestions of the Nuclear Security Summit

International Nuclear Information System (INIS)

Kim, Jae San; Jung, Myung Tak

2014-01-01

Through The third Nuclear Security Summit (NSS), the measurement for the nuclear security has become more strengthening and participating countries could recognize the importance of nuclear security than before. From the NSS sessions, the leaders of participating countries and international organizations (IAEA, UN, EU and INTERPOL) had an in-depth discussion about the seriousness of the nuclear terrorism, the urgency issues for strengthening the nuclear security, etc. What issues was discussed in NSS processes since 2010 and which facts become more important than ever for nuclear security? The purpose of this paper is to provide the substantive outcomes from the 1st to 3rd NSS and suggestions for consolidating the next NSS. The summit process has helped strengthen the nuclear security measures. In the following two years before 4th NSS, there will be various follow-up activities for making an effort to implementing national commitments, joint statement, continuous outreach with IAEA/UN and agreed measures in Hague. It should produce the substantial measures for enhancing the nuclear security that are aimed to the each country. And preemptively, it is necessary to understand the each nuclear security level by using the concrete questionnaire sheets substitute for the national progress report

Outcomes and Suggestions of the Nuclear Security Summit

Energy Technology Data Exchange (ETDEWEB)

Kim, Jae San; Jung, Myung Tak [Korea Institute of Nuclear Nonproliferation and Control Daejeon (Korea, Republic of)

2014-10-15

Through The third Nuclear Security Summit (NSS), the measurement for the nuclear security has become more strengthening and participating countries could recognize the importance of nuclear security than before. From the NSS sessions, the leaders of participating countries and international organizations (IAEA, UN, EU and INTERPOL) had an in-depth discussion about the seriousness of the nuclear terrorism, the urgency issues for strengthening the nuclear security, etc. What issues was discussed in NSS processes since 2010 and which facts become more important than ever for nuclear security? The purpose of this paper is to provide the substantive outcomes from the 1st to 3rd NSS and suggestions for consolidating the next NSS. The summit process has helped strengthen the nuclear security measures. In the following two years before 4th NSS, there will be various follow-up activities for making an effort to implementing national commitments, joint statement, continuous outreach with IAEA/UN and agreed measures in Hague. It should produce the substantial measures for enhancing the nuclear security that are aimed to the each country. And preemptively, it is necessary to understand the each nuclear security level by using the concrete questionnaire sheets substitute for the national progress report.

Interrelationship between nuclear safety, safeguards and nuclear security

International Nuclear Information System (INIS)

Irie, Kazutomo

2007-01-01

As preventive activities against danger within nuclear systems, three major areas exist; nuclear safety, safeguards and nuclear security. Considering the purpose of these activities, to prevent non-peaceful use is common in nuclear security in general and safeguards. At the same time, measures against sabotage, one of the subcategory in nuclear security, is similar to nuclear safety in aiming at preventing nuclear accidents. When taking into account the insider issues in nuclear security, the distinction between measures against sabotage and nuclear safety becomes ambiguous. Similarly, the distinction between measures against theft, another subcategory in nuclear security, and safeguards also becomes vague. These distinctions are influenced by psychological conditions of members in nuclear systems. Members who have the intention to make nuclear systems dangerous to human society shall be the 'enemy' to nuclear systems and thus be the target for nuclear security. (author)

Measuring global water security towards sustainable development goals

NARCIS (Netherlands)

Wada, Y.|info:eu-repo/dai/nl/341387819; Gain, A.K.; Giupponi, C.

2016-01-01

Water plays an important role in underpinning equitable, stable and productive societies and ecosystems. Hence, United Nations recognized ensuring water security as one (Goal 6) of the seventeen sustainable development goals(SDGs). Many international river basins are likely to experience ‘low water

Increase of internal energy due to measurement

International Nuclear Information System (INIS)

Daboul, J.

1991-01-01

We argue that the internal energy E=(H) of a macroscopic system in thermal equilibrium must increase, if we measure an observable A which does not commute with the Hamiltonian H. We derive an expression for calculating a lower bound for this increase in E. We then generalize the above result, and show that under certain conditions the expectation value (C) of an observable C should increase by the measurement of another observable A, if A and C do not commute. (author)

Increased greenhouse effect substantiated through measurements

International Nuclear Information System (INIS)

Skartveit, Arvid

2001-01-01

The article presents studies on the greenhouse effect which substantiates the results from satellite measurements during the period 1970 - 1997. These show an increased effect due to increase in the concentration of the climatic gases CO 2 , methane, CFC-11 and CFC-12 in the atmosphere

Network Security Is Manageable

Science.gov (United States)

Roberts, Gary

2006-01-01

An effective systems librarian must understand security vulnerabilities and be proactive in preventing problems. Specifics of future attacks or security challenges cannot possibly be anticipated, but this paper suggests some simple measures that can be taken to make attacks less likely to occur: program the operating system to get automatic…

Managing information technology security risk

Science.gov (United States)

Gilliam, David

2003-01-01

Information Technology (IT) Security Risk Management is a critical task for the organization to protect against the loss of confidentiality, integrity and availability of IT resources. As systems bgecome more complex and diverse and and attacks from intrusions and malicious content increase, it is becoming increasingly difficult to manage IT security risk. This paper describes a two-pronged approach in addressing IT security risk and risk management in the organization: 1) an institutional enterprise appraoch, and 2) a project life cycle approach.

Security in Computer Applications

CERN Multimedia

CERN. Geneva

2004-01-01

Computer security has been an increasing concern for IT professionals for a number of years, yet despite all the efforts, computer systems and networks remain highly vulnerable to attacks of different kinds. Design flaws and security bugs in the underlying software are among the main reasons for this. This lecture addresses the following question: how to create secure software? The lecture starts with a definition of computer security and an explanation of why it is so difficult to achieve. It then introduces the main security principles (like least-privilege, or defense-in-depth) and discusses security in different phases of the software development cycle. The emphasis is put on the implementation part: most common pitfalls and security bugs are listed, followed by advice on best practice for security development. The last part of the lecture covers some miscellaneous issues like the use of cryptography, rules for networking applications, and social engineering threats. This lecture was first given on Thursd...

Cyber Security Analysis of Turkey

OpenAIRE

Senturk, Hakan; Çil, Zaim; Sağıroğlu, Şeref

2016-01-01

Considering the criticality of the cyber security threat in the 21st century, it is presumed that the nations are busy with series of activities in order to protect their security in the cyber space domain. In this paper, in light of the recent developments in the cyber security field, Turkey’s cyber security analysis is performed using a macro analysis model. We researched for the measures taken in Turkey with respect to those in the other countries, reviewed the posture, the activities and ...

Security of supply in electricity markets: Improving cost efficiency of supplying security and possible welfare gains

DEFF Research Database (Denmark)

Klinge Jacobsen, Henrik; Grenaa Jensen, Stine

2012-01-01

In liberalised markets the ability to maintain security of electricity supply is questioned because security is characterised as a public good. We discuss if this property can be modified with changing technology. Furthermore, we examine if construction of markets for security can be justified...... by possible welfare gains. From a welfare perspective it is possible that security levels are too high and obtained with too high costs. Adjusting the effort so that marginal cost for securing supply is at similar levels in generation capacity and in network maintenance could increase welfare even without...... the need to construct markets. Secondarily, a consumer defined average level of security might improve welfare. Finally, different willingness to pay among customers and construction of advanced markets might increase welfare further. We argue that several cost and welfare improvements can be achieved...

33 CFR 101.405 - Maritime Security (MARSEC) Directives.

Science.gov (United States)

2010-07-01

... 33 Navigation and Navigable Waters 1 2010-07-01 2010-07-01 false Maritime Security (MARSEC... SECURITY MARITIME SECURITY MARITIME SECURITY: GENERAL Control Measures for Security § 101.405 Maritime... necessary to respond to a threat assessment or to a specific threat against the maritime elements of the...

Global Security Program Management Plan

Energy Technology Data Exchange (ETDEWEB)

Bretzke, John C. [Los Alamos National Lab. (LANL), Los Alamos, NM (United States)

2014-03-25

The Global Security Directorate mission is to protect against proliferant and unconventional nuclear threats –regardless of origin - and emerging new threats. This mission is accomplished as the Los Alamos National Laboratory staff completes projects for our numerous sponsors. The purpose of this Program Management Plan is to establish and clearly describe the GS program management requirements including instructions that are essential for the successful management of projects in accordance with our sponsor requirements. The detailed information provided in this document applies to all LANL staff and their subcontractors that are performing GS portfolio work. GS management is committed to a culture that ensures effective planning, execution, and achievement of measurable results in accordance with the GS mission. Outcomes of such a culture result in better communication, delegated authority, accountability, and increased emphasis on safely and securely achieving GS objectives.

Information security principles and practice

CERN Document Server

Stamp, Mark

2011-01-01

Now updated-your expert guide to twenty-first century information security Information security is a rapidly evolving field. As businesses and consumers become increasingly dependent on complex multinational information systems, it is more imperative than ever to protect the confidentiality and integrity of data. Featuring a wide array of new information on the most current security issues, this fully updated and revised edition of Information Security: Principles and Practice provides the skills and knowledge readers need to tackle any information security challenge. Taking a pract

Biomedical devices and systems security.

Science.gov (United States)

Arney, David; Venkatasubramanian, Krishna K; Sokolsky, Oleg; Lee, Insup

2011-01-01

Medical devices have been changing in revolutionary ways in recent years. One is in their form-factor. Increasing miniaturization of medical devices has made them wearable, light-weight, and ubiquitous; they are available for continuous care and not restricted to clinical settings. Further, devices are increasingly becoming connected to external entities through both wired and wireless channels. These two developments have tremendous potential to make healthcare accessible to everyone and reduce costs. However, they also provide increased opportunity for technology savvy criminals to exploit them for fun and profit. Consequently, it is essential to consider medical device security issues. In this paper, we focused on the challenges involved in securing networked medical devices. We provide an overview of a generic networked medical device system model, a comprehensive attack and adversary model, and describe some of the challenges present in building security solutions to manage the attacks. Finally, we provide an overview of two areas of research that we believe will be crucial for making medical device system security solutions more viable in the long run: forensic data logging, and building security assurance cases.

The analysis of security cost for different energy sources

International Nuclear Information System (INIS)

Jun, Eunju; Kim, Wonjoon; Chang, Soon Heung

2009-01-01

Global concerns for the security of energy have steadily been on the increase and are expected to become a major issue over the next few decades. Urgent policy response is thus essential. However, little attempt has been made at defining both energy security and energy metrics. In this study, we provide such metrics and apply them to four major energy sources in the Korean electricity market: coal, oil, liquefied natural gas, and nuclear. In our approach, we measure the cost of energy security in terms of supply disruption and price volatility, and we consider the degree of concentration in energy supply and demand using the Hirschman-Herfindahl index (HHI). Due to its balanced fuel supply and demand, relatively stable price, and high abundance, we find nuclear energy to be the most competitive energy source in terms of energy security in the Korean electricity market. LNG, on the other hand, was found to have the highest cost in term of energy security due to its high concentration in supply and demand, and its high price volatility. In addition, in terms of cost, we find that economic security dominates supply security, and as such, it is the main factor in the total security cost. Within the confines of concern for global energy security, our study both broadens our understanding of energy security and enables a strategic approach in the portfolio management of energy consumption.

Children's very low food security is associated with increased dietary intakes in energy, fat, and added sugar among Mexican-origin children (6-11 y) in Texas border Colonias.

Science.gov (United States)

Sharkey, Joseph R; Nalty, Courtney; Johnson, Cassandra M; Dean, Wesley R

2012-02-20

Food insecurity among Mexican-origin and Hispanic households is a critical nutritional health issue of national importance. At the same time, nutrition-related health conditions, such as obesity and type 2 diabetes, are increasing in Mexican-origin youth. Risk factors for obesity and type 2 diabetes are more common in Mexican-origin children and include increased intakes of energy-dense and nutrient-poor foods. This study assessed the relationship between children's experience of food insecurity and nutrient intake from food and beverages among Mexican-origin children (age 6-11 y) who resided in Texas border colonias. Baseline data from 50 Mexican-origin children were collected in the home by trained promotora-researchers. All survey (demographics and nine-item child food security measure) and 24-hour dietary recall data were collected in Spanish. Dietary data were collected in person on three occasions using a multiple-pass approach; nutrient intakes were calculated with NDS-R software. Separate multiple regression models were individually fitted for total energy, protein, dietary fiber, calcium, vitamin D, potassium, sodium, Vitamin C, and percentage of calories from fat and added sugars. Thirty-two children (64%) reported low or very low food security. Few children met the recommendations for calcium, dietary fiber, and sodium; and none for potassium or vitamin D. Weekend intake was lower than weekday for calcium, vitamin D, potassium, and vitamin C; and higher for percent of calories from fat. Three-day average dietary intakes of total calories, protein, and percent of calories from added sugars increased with declining food security status. Very low food security was associated with greater intakes of total energy, calcium, and percentage of calories from fat and added sugar. This paper not only emphasizes the alarming rates of food insecurity for this Hispanic subgroup, but describes the associations for food insecurity and diet among this sample of Mexican

Children's very low food security is associated with increased dietary intakes in energy, fat, and added sugar among Mexican-origin children (6-11 y in Texas border Colonias

Directory of Open Access Journals (Sweden)

Sharkey Joseph R

2012-02-01

Full Text Available Abstract Background Food insecurity among Mexican-origin and Hispanic households is a critical nutritional health issue of national importance. At the same time, nutrition-related health conditions, such as obesity and type 2 diabetes, are increasing in Mexican-origin youth. Risk factors for obesity and type 2 diabetes are more common in Mexican-origin children and include increased intakes of energy-dense and nutrient-poor foods. This study assessed the relationship between children's experience of food insecurity and nutrient intake from food and beverages among Mexican-origin children (age 6-11 y who resided in Texas border colonias. Methods Baseline data from 50 Mexican-origin children were collected in the home by trained promotora-researchers. All survey (demographics and nine-item child food security measure and 24-hour dietary recall data were collected in Spanish. Dietary data were collected in person on three occasions using a multiple-pass approach; nutrient intakes were calculated with NDS-R software. Separate multiple regression models were individually fitted for total energy, protein, dietary fiber, calcium, vitamin D, potassium, sodium, Vitamin C, and percentage of calories from fat and added sugars. Results Thirty-two children (64% reported low or very low food security. Few children met the recommendations for calcium, dietary fiber, and sodium; and none for potassium or vitamin D. Weekend intake was lower than weekday for calcium, vitamin D, potassium, and vitamin C; and higher for percent of calories from fat. Three-day average dietary intakes of total calories, protein, and percent of calories from added sugars increased with declining food security status. Very low food security was associated with greater intakes of total energy, calcium, and percentage of calories from fat and added sugar. Conclusions This paper not only emphasizes the alarming rates of food insecurity for this Hispanic subgroup, but describes the

Convergence of Corporate and Information Security

OpenAIRE

Syed; Rahman, M.; Donahue, Shannon E.

2010-01-01

As physical and information security boundaries have become increasingly blurry many organizations are experiencing challenges with how to effectively and efficiently manage security within the corporate. There is no current standard or best practice offered by the security community regarding convergence; however many organizations such as the Alliance for Enterprise Security Risk Management (AESRM) offer some excellent suggestions for integrating a converged security program. This paper rep...

Information security management with ITIL V3

CERN Document Server

Cazemier, Jacques A; Peters, Louk

2010-01-01

This groundbreaking new title looks at Information Security from defining what security measures positively support the business, to implementation to maintaining the required level and anticipating required changes. It covers:Fundamentals of information security ? providing readers insight and give background about what is going to be managed. Topics covered include: types of security controls, business benefits and the perspectives of business, customers, partners, service providers, and auditors.Fundamentals of management of information security - explains what information security manageme

The nature of international health security.

Science.gov (United States)

Chiu, Ya-Wen; Weng, Yi-Hao; Su, Yi-Yuan; Huang, Ching-Yi; Chang, Ya-Chen; Kuo, Ken N

2009-01-01

Health issues occasionally intersect security issues. Health security has been viewed as an essential part of human security. Policymakers and health professionals, however, do not share a common definition of health security. This article aims to characterize the notions of health security in order to clarify what constitutes the nexus of health and security. The concept of health security has evolved over time so that it encompasses many entities. Analyzing the health reports of four multilateral organizations (the United Nations, World Health Organization, Asia-Pacific Economic Cooperation, and the European Union) produced eight categories of most significant relevance to contemporary health security, allowing comparison of the definitions. The four categories are: emerging diseases; global infectious disease; deliberate release of chemical and biological materials; violence, conflict, and humanitarian emergencies. Two other categories of common concern are natural disasters and environmental change, as well as chemical and radioactive accidents. The final two categories, food insecurity and poverty, are discussed less frequently. Nevertheless, food security is emerging as an increasingly important issue in public health. Health security is the first line of defence against health emergencies. As globalization brings more complexities, dealing with the increased scale and extent of health security will require greater international effort and political support.

Physical security technologies for weapons complex reconfiguration facilities

International Nuclear Information System (INIS)

Jaeger, C.D.

1994-01-01

Sandia National Laboratories was a member of the Weapons Complex Reconfiguration (WCR) Safeguards and Security (S ampersand S) team providing assistance to the Department of Energy's (DOE) Office of Weapons Complex Reconfiguration. The physical security systems in the new and upgraded facilities being considered for the WCR had to meet DOE orders and other requirements set forth in the WCR Programmatic Design Criteria (PDC), incorporate the latest physical security technologies using proven state-of-the-art systems and meet fundamental security principles. The outcome was to avoid costly retrofits and provide effective and comprehensive protection against current and projected threats with minimal impact on operations, costs and schedule. Physical security requirements for WCR facilities include: (1) reducing S ampersand S life-cycle costs, (2) where feasible automating S ampersand S functions to minimize operational costs, access to critical assets and exposure of people to hazardous environments, (3) increasing the amount of delay to outsider adversary attack, (4) compartmentalizing the facility to minimize the number of personnel requiring access to critical areas and (5) having reliable and maintainable systems. To be most effective against threats physical security must be integrated with facility operations, safety and other S ampersand S activities, such as material control and accountability, nuclear measurements and computer and information security. This paper will discuss the S ampersand S issues, requirements, technology opportunities and needs. Physical security technologies and systems considered in the design effort of the Weapons Complex Reconfiguration facilities will be reviewed

Methodology of the Auditing Measures to Civil Airport Security and Protection

Directory of Open Access Journals (Sweden)

Ján Kolesár

2016-10-01

Full Text Available Airports similarly to other companies are certified in compliance with the International Standardization Organization (ISO standards of products and services (series of ISO 9000 Standards regarding quality management, to coordinate the technical side of standardizatioon and normalization at an international scale. In order for the airports to meet the norms and the certification requirements as by the ISO they are liable to undergo strict audits of quality, as a rule, conducted by an independent auditing organization. Focus of the audits is primarily on airport operation economics and security. The article is an analysis into the methodology of the airport security audit processes and activities. Within the framework of planning, the sequence of steps is described in line with the principles and procedures of the Security Management System (SMS and starndards established by the International Standardization Organization (ISO. The methodology of conducting airport security audit is developed in compliance with the national programme and international legislation standards (Annex 17 applicable to protection of civil aviation against acts of unlawful interference.

Legal significance of the private security sector in Kosovo

Directory of Open Access Journals (Sweden)

Fidair Berisha

2015-11-01

Full Text Available Privatization of the security sector is considered a new phenomenon in the post communist society. The security system has been under a total monopol of the state institutions. Therefore, even the legal adjustment of this system is considered that only state institutions are entitled for provision of the security services, by excluding participation of civic organizations from this activity. Beside this, state enterprises have been obliged to establish its safet structures for property protection and involved employers in enterprises. Immediately after the conflictual period the privatization of the security sector was rapidly increased, including various parts of society. In Kosovo immediately after the conflictual period there was legal gaps, which means that the private security sector has not been adjusted and as a result of this has been uncontrolled and without supervision. Therefore in 2000 the UNMIK administration has undertaken measures and has carried out the first act which has regulated this sector in Kosova. The draft law has undergone significant changes starting from the title. Saying in more common manner, “Draft law for private security” is amended in the LAW no. 04/L-004.2001 for private security services, and this amendment of the private security sector is based in the above mentioned law.

Explore Awareness of Information Security: Insights from Cognitive Neuromechanism.

Science.gov (United States)

Han, Dongmei; Dai, Yonghui; Han, Tianlin; Dai, Xingyun

2015-01-01

With the rapid development of the internet and information technology, the increasingly diversified portable mobile terminals, online shopping, and social media have facilitated information exchange, social communication, and financial payment for people more and more than ever before. In the meantime, information security and privacy protection have been meeting with new severe challenges. Although we have taken a variety of information security measures in both management and technology, the actual effectiveness depends firstly on people's awareness of information security and the cognition of potential risks. In order to explore the new technology for the objective assessment of people's awareness and cognition on information security, this paper takes the online financial payment as example and conducts an experimental study based on the analysis of electrophysiological signals. Results indicate that left hemisphere and beta rhythms of electroencephalogram (EEG) signal are sensitive to the cognitive degree of risks in the awareness of information security, which may be probably considered as the sign to assess people's cognition of potential risks in online financial payment.

Explore Awareness of Information Security: Insights from Cognitive Neuromechanism

Directory of Open Access Journals (Sweden)

Dongmei Han

2015-01-01

Full Text Available With the rapid development of the internet and information technology, the increasingly diversified portable mobile terminals, online shopping, and social media have facilitated information exchange, social communication, and financial payment for people more and more than ever before. In the meantime, information security and privacy protection have been meeting with new severe challenges. Although we have taken a variety of information security measures in both management and technology, the actual effectiveness depends firstly on people’s awareness of information security and the cognition of potential risks. In order to explore the new technology for the objective assessment of people’s awareness and cognition on information security, this paper takes the online financial payment as example and conducts an experimental study based on the analysis of electrophysiological signals. Results indicate that left hemisphere and beta rhythms of electroencephalogram (EEG signal are sensitive to the cognitive degree of risks in the awareness of information security, which may be probably considered as the sign to assess people’s cognition of potential risks in online financial payment.

Energy security in ASEAN: A quantitative approach for sustainable energy policy

International Nuclear Information System (INIS)

Tongsopit, Sopitsuda; Kittner, Noah; Chang, Youngho; Aksornkij, Apinya; Wangjiraniran, Weerin

2016-01-01

We investigate energy security of the Association of Southeast Asian Nations (ASEAN) under the 4-A’s framework. The ASEAN Economic Community (AEC) agreement launched in 2015 renewed a regional focus on energy security and sustainability. We employ an analytic framework to quantitatively assess progress in different categories including availability, acceptability, affordability, and applicability. Key metrics include the documentation of CO_2 emissions, energy access measures, and energy supply reserves from 2005–2010. We identify relevant energy indicators using high quality historical data from the IEA and World Bank. We find that ASEAN made little progress toward establishing energy security in the previous five-year planning period (2005–2010) as it regressed in most categories except applicability. Therefore, we suggest that increased development of renewable energy and energy efficiency technologies would move ASEAN in a positive direction toward achieving energy security and sustainable energy policy goals. - Highlights: • We investigate energy security in ASEAN across four dimensions. • Energy security in ASEAN has mostly regressed from 2005–2010. • Future cooperative agreements will help ASEAN improve energy security.

Beyond Measure: New Approaches to Analyzing Congressional Oversight of Homeland Security

Science.gov (United States)

2015-03-01

published books and peer reviewed journal articles. The Congressional Research Service being the key source on congressional procedure and theory ...Transportation Committee 1 Senate Homeland Security & Governmental Affairs Committee 15 Senate Small Business & Entrepreneurship 1 Senate Special...military contracting procedures in a war zone are not necessarily oversight of national security functions, reviews of FEMA contracting practices

Research on the security of nuclear power equipment

International Nuclear Information System (INIS)

Zhao Jiong; Wu Jinzong

2008-06-01

Recently, the rapidly growing economy in conflict with the lack of power in the whole country become more and more seriously in our country. In other hand, there is also various kind of problems such as greenhouse effect and the oil price rising conditions. It greatly promote our country's development of Nuclear power project. As forecast, the number of Nuclear Power Plant will increase greatly in the future. However, the security of the Nuclear Power Plant is one of the topics that people always pay more attention to. Combining with the practice experience of Nuclear Power Plant in Japanese, the security of Nuclear Power Plant in multi-angles is discussed. It is pointed that the risk assesment and management system of nuclear power plant are effective measure for security of the development of nuclear power. (authors)

Caregiver Sensitivity, Contingent Social Responsiveness, and Secure Infant Attachment

Science.gov (United States)

Dunst, Carl J.; Kassow, Danielle Z.

2008-01-01

Findings from two research syntheses of the relationship between caregiver sensitivity and secure infant attachment and one research synthesis of factors associated with increased caregiver use of a sensitive interactional style are presented. The main focus of analysis was the extent to which different measures of caregiver contingent social…

An Enterprise Security Program and Architecture to Support Business Drivers

Directory of Open Access Journals (Sweden)

Brian Ritchot

2013-08-01

Full Text Available This article presents a business-focused approach to developing and delivering enterprise security architecture that is focused on enabling business objectives while providing a sensible and balanced approach to risk management. A balanced approach to enterprise security architecture can create the important linkages between the goals and objectives of a business, and it provides appropriate measures to protect the most critical assets within an organization while accepting risk where appropriate. Through a discussion of information assurance, this article makes a case for leveraging enterprise security architectures to meet an organizations' need for information assurance. The approach is derived from the Sherwood Applied Business Security Architecture (SABSA methodology, as put into practice by Seccuris Inc., an information assurance integrator. An understanding of Seccuris’ approach will illustrate the importance of aligning security activities with high-level business objectives while creating increased awareness of the duality of risk. This business-driven approach to enterprise security architecture can help organizations change the perception of IT security, positioning it as a tool to enable and assure business success, rather than be perceived as an obstacle to be avoided.

Climate Change and Risks to National Security

Science.gov (United States)

Titley, D.

2017-12-01

Climate change impacts national security in three ways: through changes in the operating environments of the military; by increasing risks to security infrastructure, specifically bases and training ranges; and by exacerbating and accelerating the risks of state collapse and conflict in regions that are already fragile and unstable. Additionally there will be unique security challenges in the Arctic as sea-ice melts out and human activities increase across multiple dimensions. Military forces will also likely see increased demand for Humanitarian Assistance and Disaster Relief resulting from a combination of increased human population, rising sea-level, and potentially stronger and wetter storms. The talk will explore some of the lesser known aspects of these changes, examine selected climate-driven 'wild cards' that have the potential to disrupt regional and global security, and explore how migration in the face of a changing climate may heighten security issues. I will assess the positions U.S. executive and legislative branches with respect to climate & security, and how those positions have evolved since the November 2016 election, sometimes in counter-intuitive ways. The talk will close with some recommended courses of action the security enterprise can take to manage this climate risk.

Security Sector Reform in Albania

OpenAIRE

Abazi, Enika; Bumci, Aldo; Hide, Enri; Rakipi, Albert

2009-01-01

International audience; This paper analyses security sector reform (SSR) in Albania. In all its enterprises in reforming the security sector,Albania is assisted by different initiatives and projects that provide expertise and financial support. To assesswhether reforms improved the overall security environment (national and human) of the country, it is necessaryto measure the effectiveness of the various initiatives and projects. This is gauged by how well the initiatives andprojects achieved...

Dynamic Security Assessment of Western Danish Power System Based on Ensemble Decision Trees

DEFF Research Database (Denmark)

Liu, Leo; Bak, Claus Leth; Chen, Zhe

2014-01-01

With the increasing penetration of renewable energy resources and other forms of dispersed generation, more and more uncertainties will be brought to the dynamic security assessment (DSA) of power systems. This paper proposes an approach that uses ensemble decision trees (EDT) for online DSA. Fed...... with online wide-area measurement data, it is capable of not only predicting the security states of current operating conditions (OC) with high accuracy, but also indicating the confidence of the security states 1 minute ahead of the real time by an outlier identification method. The results of EDT together...

Review of Safety and Security of Radioactive Sources in Africa

International Nuclear Information System (INIS)

Kiti, Shadrack Anthony; Choi, Kwang Sik

2011-01-01

Radioactive materials are used worldwide for peaceful applications in medicine, industry, agriculture, environmental science, education and research and military applications. Most of these radioactive sources used are imported therefore trans-boundary movement is a significant factor in consideration of safety and security measures during movement of these sources. It is estimated that 20 million packages of radioactive materials are transported annually worldwide and this number of shipments is expected to increase due to the renaissance of nuclear power generation. The African continent has shown considerable leadership in its advocacy for the safety and security of radioactive sources. The First Africa Workshop on the Establishment of a Legal Framework governing Radiation Protection, the Safety of Radiation Sources and the Safe Management of Radioactive Waste held in Ethiopia in 2001 called upon the IAEA to form a forum for African countries to consider the Code of Conduct on the Safety and Security of Radioactive Sources and give it a legally binding effect so that the peaceful use of nuclear technology is not compromised. Despite these laudable efforts, Africa still faces considerable challenges in the implementation of safety and security of radioactive sources because of weak regulatory control and lack of infrastructure to properly control, manage and secure radiation sources 1 . The purpose of this paper was therefore, to analyze, review, address and share knowledge and experience with regard to safety and security measures of radioactive materials in Africa. This project will benefit IAEA's African member states in creating nuclear safety and security networking in the region

Security, at what cost? A stated preference approach toward understanding individuals' privacy and civil liberties trade-offs regarding security measures

NARCIS (Netherlands)

Robinson, N.; Potoglou, D.

2010-01-01

In the presently heightened security environment there are a number of examples of policy that must strike a delicate balance between strengthening security without jeopardising public liberties and personal privacy. The introduction of national identity cards and biometric passports, the expansion

Security force effectiveness and technology

International Nuclear Information System (INIS)

Seaton, M.B.

1988-01-01

No one would propose ineffective security forces. Applied technology always has, as its purpose, to increase effectiveness. Evidence exists, however, that poorly conceived or executed technological solutions can actually do more harm than good. The author argues for improved human factor considerations in physical security applied technology -- especially in the area of security console operations

Energy security in Yemen

International Nuclear Information System (INIS)

Torosyan, Emil

2009-09-01

Yemen, situated in the Arab world, has considerable energy resources. However, its history of repeated revolts, civil wars and terrorism and also the presence of the Wahabi movement and al Qaeda in the country constitute security issues for the energy industry and its infrastructure. The aim of this paper is to assess the impact level on the security of the energy sector in Yemen and the effect that the threats to that sector could have on global energy security. Analyses of the political environment, the security threats and the measures taken to respond to these threats have been carried out. Results showed that Yemen's resources are depleting and that the government is having trouble containing the escalation of conflicts; this situation could lead to Yemen's political collapse which could have an important impact on global energy security.

Towards Information Security Awareness

OpenAIRE

Marius Petrescu; Delia Mioara Popescu; Nicoleta Sirbu

2010-01-01

Information security has come to be recognized as increasingly important because global communication and information systems allow a potentially large number of unauthorized users to access and possibly alter information from around the world. As the dependence on information systems grows, so the security of information networks becomes ever more critical to any entity, no matter if it is a company or a public institution. Information security involves both technology and people. Any securi...

Intercorporate Security Event Correlation

Directory of Open Access Journals (Sweden)

D. O. Kovalev

2010-03-01

Full Text Available Security controls are prone to false positives and false negatives which can lead to unwanted reputation losses for the bank. The reputational database within the security operations center (SOC and intercorporate correlation of security events are offered as a solution to increase attack detection fidelity. The theses introduce the definition and structure of the reputation, architectures of reputational exchange and the place of intercorporate correlation in overall SOC correlation analysis.

Implementing an Information Security Program

Energy Technology Data Exchange (ETDEWEB)

Glantz, Clifford S.; Lenaeus, Joseph D.; Landine, Guy P.; O' Neil, Lori Ross; Leitch, Rosalyn; Johnson, Christopher; Lewis, John G.; Rodger, Robert M.

2017-11-01

The threats to information security have dramatically increased with the proliferation of information systems and the internet. Chemical, biological, radiological, nuclear, and explosives (CBRNe) facilities need to address these threats in order to protect themselves from the loss of intellectual property, theft of valuable or hazardous materials, and sabotage. Project 19 of the European Union CBRN Risk Mitigation Centres of Excellence Initiative is designed to help CBRN security managers, information technology/cybersecurity managers, and other decision-makers deal with these threats through the application of cost-effective information security programs. Project 19 has developed three guidance documents that are publically available to cover information security best practices, planning for an information security management system, and implementing security controls for information security.

Information security becoming a priority for utilities

Energy Technology Data Exchange (ETDEWEB)

Nicolaides, S. [Numerex, Atlanta, GA (United States)

2009-10-15

As part of North America's national critical infrastructure, utilities are finding themselves at the forefront of a security issue. In October 2007, a leading security service provider reported a 90 per cent increase in the number of hackers attempting to attack its utility clients in just one year. Utilities are vulnerable to cyber attacks that could disrupt power production and the transmission system. This article discussed the need for intelligent technologies in securely enabling resource management and operational efficiency of the utilities market. It discussed the unique security challenges that utilities face at a time of greater regulatory activity, heightened environmental concerns, tighter data security requirements and an increasing need for remote monitoring and control. A new tool has emerged for cyber security in the form of an international standard that may offer a strong guideline to work toward 11 security domains. These include security policy; organization of information security; asset management; human resources security; physical and environmental security; communications and operations management; access control; information systems acquisition; development and maintenance; information security incident management; business continuity management; and compliance. 2 figs.

Gas markets and security of supply

International Nuclear Information System (INIS)

Gibot, G.

1997-01-01

In the natural gas business, some European states and companies seem to be concerned by security of supply. Security of supply for a governmental organisation is discussed, to share the author's conception and experience. The targets of a security of supply policy and the measures that can be set are described. The possible changes in implementing this policy are considered, according to recent developments in the field of gas security. The specificity of European gas markets justify the concern in security of supply, as concluded the Commission and the IEA. The integration of national gas markets in Europe will give new opportunities for managing this security of supply. (R.P.)

Study of Security Attributes of Smart Grid Systems- Current Cyber Security Issues

Energy Technology Data Exchange (ETDEWEB)

Wayne F. Boyer; Scott A. McBride

2009-04-01

This document provides information for a report to congress on Smart Grid security as required by Section 1309 of Title XIII of the Energy Independence and Security Act of 2007. The security of any future Smart Grid is dependent on successfully addressing the cyber security issues associated with the nation’s current power grid. Smart Grid will utilize numerous legacy systems and technologies that are currently installed. Therefore, known vulnerabilities in these legacy systems must be remediated and associated risks mitigated in order to increase the security and success of the Smart Grid. The implementation of Smart Grid will include the deployment of many new technologies and multiple communication infrastructures. This report describes the main technologies that support Smart Grid and summarizes the status of implementation into the existing U.S. electrical infrastructure.

An integrated approach to validation of safeguards and security program performance

International Nuclear Information System (INIS)

Altman, W.D.; Hunt, J.S.; Hockert, J.W.

1988-01-01

Department of Energy (DOE) requirements for safeguards and security programs are becoming increasingly performance oriented. Master Safeguards and Security Agreemtns specify performance levels for systems protecting DOE security interests. In order to measure and validate security system performance, Lawrence Livermore National Laboratory (LLNL) has developed cost effective validation tools and a comprehensive validation approach that synthesizes information gained from different activities such as force on force exercises, limited scope performance tests, equipment testing, vulnerability analyses, and computer modeling; into an overall assessment of the performance of the protection system. The analytic approach employs logic diagrams adapted from the fault and event trees used in probabilistic risk assessment. The synthesis of the results from the various validation activities is accomplished using a method developed by LLNL, based upon Bayes' theorem

Security of M-Commerce transactions

OpenAIRE

Ion IVAN; Daniel MILODIN; Alin ZAMFIROIU

2013-01-01

In this material electronic market are defined. How they are structured. Security in E-Commerce applications is very important both at the administrative level and from the user perspective. The new trend in the field is the M-commerce that involves making purchases through mobile devices. And for M-commerce transactions the security is a very important thing. Here’s how to analyze the security of M-commerce transactions and ways to increase security for these transactions taki...

Technology Empowerment: Security Challenges.

Energy Technology Data Exchange (ETDEWEB)

Warren, Drake Edward [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Backus, George A. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Jones, Wendell [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Nelson, Thomas R. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Skocypec, Russell D. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

2017-03-01

“Technology empowerment” means that innovation is increasingly accessible to ordinary people of limited means. As powerful technologies become more affordable and accessible, and as people are increasingly connected around the world, ordinary people are empowered to participate in the process of innovation and share the fruits of collaborative innovation. This annotated briefing describes technology empowerment and focuses on how empowerment may create challenges to U.S. national security. U.S. defense research as a share of global innovation has dwindled in recent years. With technology empowerment, the role of U.S. defense research is likely to shrink even further while technology empowerment will continue to increase the speed of innovation. To avoid falling too far behind potential technology threats to U.S. national security, U.S. national security institutions will need to adopt many of the tools of technology empowerment.

Nuclear energy and the security of energy supply

International Nuclear Information System (INIS)

Bertel, E.

2005-01-01

Security of energy supply was a major concern for OECD governments in the early 1970. Since then, successive oil crises, volatility of hydrocarbon prices, as well as terrorist risks and natural disasters, have brought the issue back to the centre stage of policy agendas. In this paper, the author discusses the problem of energy supply security. Can security of supply be measured? What is the role of government and of nuclear energy? And what are measures for ensuring security of supply? (A.L.B.)

SEADE: Countering the Futility of Network Security

Science.gov (United States)

2015-10-01

guards, and computer cages) and logical security measures (network firewall and intrusion detection). However, no matter how many layers of network...security built-in and with minimal security dependence on network security appliances (e.g., firewalls ). As Secretary of Defense Ashton Carter...based analysis that assumes nothing bad will happen to applications/data if those defenses prevent malware transactions at the entrance. The

Measuring the burden of preventable diabetic hospitalisations in the Mexican Institute of Social Security (IMSS).

Science.gov (United States)

Lugo-Palacios, David G; Cairns, John; Masetto, Cynthia

2016-08-02

The prevalence of diabetes among adults in Mexico has increased markedly from 6.7 % in 1994 to 14.7 % in 2015. Although the main diabetic complications can be prevented or delayed with timely and effective primary care, a high percentage of diabetic patients have developed them imposing an important preventable burden on Mexican society and on the health system. This paper estimates the financial and health burden caused by potentially preventable hospitalisations due to diabetic complications in hospitals operated by the largest social security institution in Latin America, the Mexican Institute of Social Security (IMSS), in the period 2007-2014. Hospitalisations in IMSS hospitals whose main cause was a diabetic complication were identified. The financial burden was estimated using IMSS diagnostic-related groups. To estimate the health burden, DALYs were computed under the assumption that patients would not have experienced complications if they had received timely and effective primary care. A total of 322,977 hospitalisations due to five diabetic complications were identified during the period studied, of which hospitalisations due to kidney failure and diabetic foot represent 78 %. The financial burden increased by 8.4 % in real terms between 2007 and 2014. However, when measured as cost per IMSS affiliate, it decreased by 11.3 %. The health burden had an overall decrease of 13.6 % and the associated DALYs in 2014 reached 103,688. Resources used for the hospital treatment of diabetic complications are then not available for other health care interventions. In order to prevent these hospitalisations more resources might need to be invested in primary care; the first step could be to consider the financial burden of these hospitalisations as a potential target for switching resources from hospital care to primary care services. However, more evidence of the effectiveness of different primary care interventions is needed to know how much of the burden could

12 CFR 208.61 - Bank security procedures.

Science.gov (United States)

2010-01-01

... procedures for opening and closing for business and for the safekeeping of all currency, negotiable...; the cost of the security devices; other security measures in effect at the banking office; and the... directors on the implementation, administration, and effectiveness of the security program. (e) Reserve...

Integrated Safeguards and Security Management Self-Assessment 2004

Energy Technology Data Exchange (ETDEWEB)

Lunford, Dan; Ramsey, Dwayne

2005-04-01

In 2002 Ernest Orlando Lawrence Berkeley National Laboratory deployed the first Integrated Safeguards and Security Management (ISSM) Self-Assessment process, designed to measure the effect of the Laboratory's ISSM efforts. This process was recognized by DOE as a best practice and model program for self-assessment and training. In 2004, the second Self-Assessment was launched. The cornerstone of this process was an employee survey that was designed to meet several objectives: (1) Ensure that Laboratory assets are protected. (2) Provide a measurement of the Laboratory's current security status that can be compared against the 2002 Self-Assessment baseline. (3) Educate all Laboratory staff about security responsibilities, tools, and practices. (4) Provide security staff with feedback on the effectiveness of security programs. (5) Provide line management with the information they need to make informed decisions about security. This 2004 Self Assessment process began in July 2004 with every employee receiving an information packet and instructions for completing the ISSM survey. The Laboratory-wide survey contained questions designed to measure awareness and conformance to policy and best practices. The survey response was excellent--90% of Berkeley Lab employees completed the questionnaire. ISSM liaisons from each division followed up on the initial survey results with individual employees to improve awareness and resolve ambiguities uncovered by the questionnaire. As with the 2002 survey, the Self-Assessment produced immediate positive results for the ISSM program and revealed opportunities for longer-term corrective actions. Results of the questionnaire provided information for organizational profiles and an institutional summary. The overall level of security protection and awareness was very high--often above 90%. Post-survey work by the ISSM liaisons and line management consistently led to improved awareness and metrics, as shown by a comparison of

Applications for cyber security - System and application monitoring

International Nuclear Information System (INIS)

Marron, J. E.

2006-01-01

Standard network security measures are adequate for defense against external attacks. However, many experts agree that the greater threat is from internal sources. Insiders with malicious intentions can change controller instructions, change alarm thresholds, and issue commands to equipment which can damage equipment and compromise control system integrity. In addition to strict physical security the state of the system must be continually monitored. System and application monitoring goes beyond the capabilities of network security appliances. It will include active processes, operating system services, files, network adapters and IP addresses. The generation of alarms is a crucial feature of system and application monitoring. The alarms should be integrated to avoid the burden on operators of checking multiple locations for security violations. Tools for system and application monitoring include commercial software, free software, and ad-hoc tools that can be easily created. System and application monitoring is part of a 'defense-in-depth' approach to a control network security plan. Layered security measures prevent an individual security measure failure from being exploited into a successful security breach. Alarming of individual failures is essential for rapid isolation and correction of single failures. System and application monitoring is the innermost layer of this defense strategy. (authors)

The economic security of power plants

Directory of Open Access Journals (Sweden)

Niedziółka Dorota

2017-01-01

Full Text Available Currently, power plants in Poland have to work in a very uncomfortable situation. Unstable market conditions and frequent changes in the law may have serious adverse consequences for their economic security. Power plants play a very important role in the economy. The effectiveness of their performance affects the activity of all other businesses. Therefore, it is very important to provide a definition of economic security for the power plants’ sector and the factors determining its level. Maintaining economic security will allow energy generation companies to grow in a sustainable way as well as limit operational risk. A precise definition can also be used to create analytical tools for economic security measurement and monitoring. Proper usage of such tools can help energy generation companies sustain their economic security and properly plan their capital expenditures. The article focuses on the definition of economic security in the “micro” context of a separate business unit (enterprise. We also present an analytical model that measures economic security of a company engaged in the production of energy - a company of strategic importance for the national economy. The model uses macroeconomic variables, variables describing prices of raw material and legal / political stability in the country, as well as selected financial indicators. The appliance of conclusions resulting from the model’s implementation will help provide economic security for companies generating energy.

Credit Card Security

OpenAIRE

G.C., Anup

2013-01-01

Author: Anup G.C. Year: 2013 Subject of thesis: Credit Card Security Number of pages: 36+2 Credit Card is a widely used electronic chip for easy transactions. The main purpose of the report was to show the security measures of transaction by credit cards. The purpose was to give information about credit cards and how they were introduced. The thesis reportcontained the types of card theft with examples and sited the various protocols used for online ...

SECURITY SYSTEMS FOR MARITIME HARBOUR

Directory of Open Access Journals (Sweden)

Georgică SLĂMNOIU

2010-11-01

Full Text Available Infrastructure protection objectives are at the top of the agenda of those responsible in the European Union. Currently Romania is one of the countries on its eastern border of the Union and this has special implications in terms of security measures that are required to be implemented. Ships and harbours are important current conflict stage. An integrated system of protection of harbours must be prepared in advance in order to continuously provide information that will increase the overall performance of the intervention forces.

Physical security in multinational nuclear-fuel-cycle operations

International Nuclear Information System (INIS)

Willrich, M.

1977-01-01

Whether or not multinationalization will reduce or increase risks of theft or sabotage will depend on the form and location of the enterprise, the precise nature of the physical security arrangements applied to the enterprise, and the future course of crime and terrorism in the nuclear age. If nuclear operations are multinationalized, the host government is likely to insist on physical security measures that are at least as stringent as those for a national or private enterprise subject to its jurisdiction. At the same time, the other participants will want to be sure the host government, as well as criminal groups, do not steal nuclear material from the facility. If designed to be reasonably effective, the physical security arrangements at a multinational nuclear enterprise seem likely to reduce the risk that any participating government will seek to divert material from the facility for use in a nuclear weapons program. Hence, multinationalization and physical security will both contribute to reducing the risks of nuclear weapons proliferation to additional governments. If economic considerations dominate the timing, scale and location of fuel-cycle facilities, the worldwide nuclear power industry is likely to develop along lines where the problems of physical security will be manageable. If, however, nuclear nationalism prevails, and numerous small-scale facilities become widely dispersed, the problem of security against theft and sabotage may prove to be unmanageable. It is ironic, although true, that in attempting to strengthen its security by pursuing self-sufficiency in nuclear power, a nation may be reducing its internal security against criminal terrorists

49 CFR 1548.19 - Security Directives and Information Circulars.

Science.gov (United States)

2010-10-01

... CARRIER SECURITY § 1548.19 Security Directives and Information Circulars. (a) TSA may issue an Information... aviation, TSA issues a Security Directive setting forth mandatory measures. (1) Each indirect air carrier... Security Directive that TSA issues to it, within the time prescribed in the Security Directive for...

Does the PCEHR mean a new paradigm for information security? Implications for health information management.

Science.gov (United States)

Williams, Patricia A H

Australia is stepping up to the new e-health environment. With this comes new legislation and new demands on information security. The expanded functionality of e-health and the increased legislative requirements, coupled with new uses of technology, means that enhancement of existing security practice will be necessary. This paperanalyses the new operating environment for Australian healthcare and the legislation governing it, and highlights the changes that are required to meet this new context. Individuals are now more responsible for security and organisations should be prompted to review their security measures in light of the new demands of legislative compliance.

7 CFR 772.6 - Subordination of security.

Science.gov (United States)

2010-01-01

... AGRICULTURE SPECIAL PROGRAMS SERVICING MINOR PROGRAM LOANS § 772.6 Subordination of security. (a) Eligibility. The Agency shall grant a subordination of Minor Program loan security when the transaction will... still be adequately secured after the subordination, or the value of the loan security will be increased...

A different paradigm for security planning

International Nuclear Information System (INIS)

Hagengruber, R.

2002-01-01

Full text: Security costs at nuclear facilities have been relatively high for many years. Since the 1970s, these expenditures in the United States have grown much faster than inflation. After the tragedy of September 11, the rate of increase appears to be exponential. Within the National Nuclear Security Administration, the cost of security now is about 10 % of the entire budget. Research and Development (R and D) has played a role in modern security, but the rate of advancement of security technology has not been sufficient to moderate the increasing costs and performance demands. Part of this problem is associated with both an inadequate investment level and the lack of a visionary roadmap for security technology. The other element of the problem is the lack of a strategic framework or architecture that would allow security technology to be effectively placed in an overall context of functionality. A new concept for an architecture for security will be presented. Within this architecture, a different approach to design, use of technology, and evaluation of effectiveness will be offered. Promising areas of technology and design will be illustrated by specific examples and suggestions for advanced R and D will be made. (author)

The Evolving Importance of Banks and Securities Markets

OpenAIRE

Demirguc-Kunt, Asli; Feyen, Erik; Levine, Ross

2011-01-01

The roles of banks and securities markets evolve during the process of economic development. As countries develop economically, (1) the size of both banks and securities markets increases relative to the size of the economy, (2) the association between an increase in economic output and an increase in bank development becomes smaller, and (3) the association between an increase in economic output and an increase in securities market development becomes larger. These findings are consistent wi...

Resilience and (in)security

DEFF Research Database (Denmark)

dunn cavelty, myriam; Kaufmann, Mareile; Kristensen, Kristian Søby

2015-01-01

, and redefine relations of security and insecurity. We show the increased attention – scholarly as well as political – given to resilience in recent times and provide a review of the state of critical security studies literature on resilience. We argue that to advance this discussion, resilience needs...

Energy Security and Sub-Saharan Africa

Directory of Open Access Journals (Sweden)

Emily Meierding

2013-02-01

Full Text Available Published by Palgrave MacmillanOver the last decade the topic of energy security has reappeared on global policy agendas. Most analyses of international energy geopolitics examine the interests and behaviour of powerful energy-importing countries like the US and China. This chapter begins by examining foreign powers’ expanded exploitation of oil and uranium resources in Sub-Saharan Africa. It goes on to examine how energy importers’ efforts to enhance their energy security through Africa are impacting energy security within Africa. It assesses Sub-Saharan states’ attempts to increase consumption of local oil and uranium reserves. Observing the constraints on these efforts, it then outlines some alternative strategies that have been employed to enhance African energy security. It concludes that, while local community-based development projects have improved the well-being of many households, they are not a sufficient guarantor of energy security. Inadequate petroleum access, in particular, remains a development challenge. Foreign powers’ efforts to increase their oil security are undermining the energy security of Sub-Saharan African citizens.

Measuring household food security: the global experience A medida da segurança alimentar: a experiência mundial

Directory of Open Access Journals (Sweden)

Hugo Melgar-Quinonez

2008-08-01

Full Text Available Measuring household food insecurity represents a challenge due to the complexity and wide array of factors associated with this phenomenon. For over one decade, researchers and agencies throughout the world have been using and assessing the validity of variations of the United States Department of Agriculture Household Food Security Supplemental Module. Thanks to numerous studies of diverse design, size, and purpose, the Household Food Security Supplemental Module has shown its suitability to directly evaluate the perceptions of individuals on their food security status. In addition, challenges and limitations are becoming clearer and new research questions are emerging as the process advances. The purpose of this article is to describe the development, validation procedures, and use of the Household Food Security Supplemental Module in very diverse settings. The most common Household Food Security Supplemental Module related studies have been conducted using criterion validity, Rasch modeling and Cronbach-Alpha Coefficient. It is critical that researchers, policy makers, governmental and non-governmental agencies intensify their efforts to further develop tools that provide valid and reliable measures of food security in diverse population groups. Additional work is needed to synthesize a universally applicable tool able to capture the global human phenomenon of food insecurity.Medir a insegurança alimentar domiciliar representa um desafio devido à complexidade e ao vasto número de fatores associados a este fenômeno. Por mais de uma década, pesquisadores e agências em todo o mundo têm usado o Módulo Suplementar da Segurança Alimentar Domiciliar , do Departamento de Agricultura dos Estados Unidos (Household Food Security Supplemental Module, e avaliado suas variações. Graças a numerosos estudos com diversos formatos, extensões e propósitos, a adequação do Household Food Security Supplemental Module para avaliar diretamente a

Defense Logistics Agency Computer-Aided Acquisition and Logistics Support Security Measures

Science.gov (United States)

1989-09-29

sopisit ftre a nduate eiromensweaonsyte dt i vaiou mdi, nfrrngcls- having security features commensurate with today’s weapon system data in various media ...sections, ministrator that has completed an accredited three areas of improvement in security emphasis are APscrt orebfr htst a ecn deemed appropriate...May 1989, been in a hardcopy media and in accordance with Washington, D.C. specific contract clauses and FAR/DFAR. Through CALS, the Government shall

Security of pipeline facilities

Energy Technology Data Exchange (ETDEWEB)

Lee, S.C. [Alberta Energy and Utilities Board, Calgary, AB (Canada); Van Egmond, C.; Duquette, L. [National Energy Board, Calgary, AB (Canada); Revie, W. [Canada Centre for Mineral and Energy Technology, Ottawa, ON (Canada)

2005-07-01

This working group provided an update on provincial, federal and industry directions regarding the security of pipeline facilities. The decision to include security issues in the NEB Act was discussed as well as the Pipeline Security Management Assessment Project, which was created to establish a better understanding of existing security management programs as well as to assist the NEB in the development and implementation of security management regulations and initiatives. Amendments to the NEB were also discussed. Areas of pipeline security management assessment include physical safety management; cyber and information security management; and personnel security. Security management regulations were discussed, as well as implementation policies. Details of the Enbridge Liquids Pipelines Security Plan were examined. It was noted that the plan incorporates flexibility for operations and is integrated with Emergency Response and Crisis Management. Asset characterization and vulnerability assessments were discussed, as well as security and terrorist threats. It was noted that corporate security threat assessment and auditing are based on threat information from the United States intelligence community. It was concluded that the oil and gas industry is a leader in security in North America. The Trans Alaska Pipeline Incident was discussed as a reminder of how costly accidents can be. Issues of concern for the future included geographic and climate issues. It was concluded that limited resources are an ongoing concern, and that the regulatory environment is becoming increasingly prescriptive. Other concerns included the threat of not taking international terrorism seriously, and open media reporting of vulnerability of critical assets, including maps. tabs., figs.

Redefining interrelationship between nuclear safety, nuclear security and safeguards

International Nuclear Information System (INIS)

Irie, Kazutomo

2011-01-01

Since the beginning of this century, the so-called 3Ss (Nuclear Safety, Nuclear Security and Safeguards) have become major regulatory areas for peaceful uses of nuclear energy. The importance of the 3Ss is now emphasized to countries which are newly introducing nuclear power generation. However, as role models for those newcomers, existing nuclear power countries are also required to strengthen their regulatory infrastructure for the 3Ss. In order to rationalize the allocation of regulatory resources, interrelationship of the 3Ss should be investigated. From the viewpoint of the number of the parties concerned in regulation, nuclear security is peculiar with having 'aggressors' as the third party. From the viewpoint of final goal of regulation, nuclear security in general and safeguards share the goal of preventing non-peaceful uses of nuclear energy, though the goal of anti-sabotage within nuclear security is rather similar to nuclear safety. As often recognized, safeguards are representative of various policy tools for nuclear non-proliferation. Strictly speaking, it is not safeguards as a policy tool but nuclear non-proliferation as a policy purpose that should be parallel to other policy purposes (nuclear safety and nuclear security). That suggests 'SSN' which stands for Safety, Security and Non-proliferation is a better abbreviation rather than 3Ss. Safeguards as a policy tool should be enumerated along with nuclear safety regulation, nuclear security measures and trade controls on nuclear-related items. Trade controls have been playing an important role for nuclear non-proliferation. These policy tools can be called 'SSST' in which Trade controls are also emphasized along with Safety regulation, Security measures and Safeguards. Recently, it becomes quite difficult to clearly demarcate these policy tools. As nuclear security concept is expanding, the denotation of nuclear security measures is also expanding. Nuclear security measures are more and more

Europe's thirst for Russian gas increases fears over security of supply

Energy Technology Data Exchange (ETDEWEB)

Shepherd, John [nuclear 24, London (United Kingdom)

2014-10-15

A new report from Russian Gazprom indicates that Europe is becoming increasingly reliant on gas from Russia. In 2013 the volume of Gazprom Group's gas sales to countries beyond the Commonwealth of Independent States amounted to 174.3 billion cubic metres, which accounts for one-third of the total gas consumption in Europe. Europe might normally welcome the increasing free-flow of gas to the continent, but the fact that this rising dependency on Russia comes at a time of even greater political tensions should be a wake-up call to policymakers. Policymakers should focus more on what is practical than what is politically correct. If one nation wants to tilt at windmills and abandon the security of energy supply offered by modern, safe and technological solutions of the future, such as baseload nuclear, it does not mean everyone has to follow suit. Europe's collective political leadership would do well to remember that you do not cast out or effectively demonise tried and tested solutions to keeping nations safe, warm, productive and economically vibrant at a time when very real threats to energy supply loom on the horizon.

Combined optical/digital security devices

Science.gov (United States)

Girnyk, Vladimir I.; Tverdokhleb, Igor V.; Ivanovsky, Andrey A.

2000-04-01

Modern holographic security devices used as emblems against counterfeiting are being more difficult as they should oppress criminal world. 2D, 3D, 3D rainbow holograms or simple diffraction structures protecting documents can not be acceptable against illegal copying of important documents, banknotes or valuable products. Recent developments in technology of Optical variable devices permit world leaders to create more advanced security elements: Kinegrams, Exelgrams, Pixelgrams, Kineforms. These products are used for protecting the most confidential documents and banknotes, but now even their security level can not be enough and besides their automatic identification is vulnerable to factors of instability. We elaborate new visual security devices based on the usage of expensive and advanced technology of combined optical/digital security devices. The technology unites digital and analogue methods of synthesis and recording of visual security devices. The analogue methods include techniques of optical holography - different combinations of 2D/3D, 3D, 2D/3D + 3D structures. Basing on them the design with elements of 3D graphics including security elements and hidden machine- readable images are implemented. The digital methods provide synthesis of optical variable devices including special security elements, computer generated holograms and Kineforms. Using them we create determined and quasi-random machine-readable images. Recordings are carried out using the combined optical and electronic submicrometer technology elaborated by Optronics, Ltd. The results obtained show effectiveness of the combined technology permitting to increase the security level essentially that should increase tamper and counterfeit resistance during many years.

International Efforts for the Nuclear Security

International Nuclear Information System (INIS)

Yoo, Ho Sik; Kwak, Sung Woo; Lee, Ho Jin; Shim, Hye Won; Lee, Jong Uk

2005-01-01

Many concerns have been focused on the nuclear security since the 9.11. With increasing the threat related to nuclear material and nuclear facilities, the demand of strengthening the international physical protection system has been raised. Along with this, the international communities are making their efforts to increase nuclear security. The agreement of revising the 'Convention on Physical Protection of Nuclear Materials'(hereafter, CPPNM), which was held in Vienna on the July of 2005, was one of these efforts. U.N is also preparing the 'International Convention for the Suppression of Acts of Nuclear Terrorism' to show its firm resolution against nuclear terror. It is important to understand what measures should be taken to meet the international standard for establishing national physical protection system. To do this, international trend on the physical protection system such as CPPNM and U.N. convention should be followed. This paper explains about the content of the CPPNM and U.N convention. They will be helpful to consolidate the physical protection system in Korea

Information security management principles

CERN Document Server

Taylor, Andy; Finch, Amanda; Sutton, David; Taylor, Andy

2013-01-01

In today's technology-driven environment, there is an ever-increasing demand for information delivery. A compromise has to be struck between security and availability. This book is a pragmatic guide to information assurance for both business professionals and technical experts. This second edition includes the security of cloud-based resources.

The role of space in the security and defence policy of Turkey. A change in outlook: Security in space versus security from space

OpenAIRE

Ercan, C.; Kale, I.

2017-01-01

Space and security domains are strongly related with each other. Nowadays, space is an indispensable part of security and defence policy, and it is increasingly becoming a critical infrastructure for strategic Command, Control, Communications, Computers, Intelligence, Surveillance and Reconnaissance (C4ISR) systems. However, space is vulnerable itself to the new space threats. This study reviews the current and near future space role in Turkey's security and defence policy and aims to address...

Understanding the security management practices of humanitarian organizations.

Science.gov (United States)

Bollettino, Vincenzo

2008-06-01

Humanitarian organisations operate in increasingly hostile environments. Although authoritative statistics are scarce, anecdotal evidence suggests that aid workers face life-threatening risks that are exacerbated by the growing number of humanitarian organisations operating in the field, the diversity of their mandates, the lack of common professional security standards, and limited success in inter-agency security coordination. Despite broad acceptance of the need for better security management and coordination, many humanitarian organisations remain ambivalent about devoting increased resources to security management and security coordination. A critical lack of basic empirical knowledge of the field security environment hampers efforts to enhance security management practices. The absence of a systematic means of sharing incident data undermines the capacity of the humanitarian community to address proactively security threats. In discussions about humanitarian staff safety and security, the least common denominator remains cumulative anecdotal evidence provided by the many security personnel working for humanitarian organisations in the feld.

No nuclear safety without security

International Nuclear Information System (INIS)

Anon.

2016-01-01

ead of Health and Safety - Nuclear Safety and Corporate Security at ENGIE Benelux, Pierre Doumont has the delicate job of defining and implementing measures, including cybersecurity, to prevent the risk of malevolent acts against tangible and intangible assets. He gives some hints on the contribution of nuclear security to safety.

Parliamentary control of security information agency in terms of security culture: State and problems

Directory of Open Access Journals (Sweden)

Radivojević Nenad

2013-01-01

Full Text Available Even though security services have the same function as before, today they have different tasks and significantly more work than before. Modern security problems of the late 20th and early 21st century require states to reorganize their security services, adapting them to the new changes. The reorganization involves, among other things, giving wider powers of the security services, in order to effectively counter the growing and sophisticated security threats, which may also lead to violations of human rights and freedoms. It is therefore necessary to define the right competence, organization, authority and control of these services. In democratic countries, there are several institutions with different levels of control of security services. Parliament is certainly one of the most important institutions in that control, both in the world and in our country. Powers, finance, the use of special measures and the nature and scope of work of the Security Information Agency are certainly object of the control of the National Assembly. What seems to be the problem is achieving a balance between the need for control of security services and security services to have effective methods for combating modern security problems. This paper presents the legal framework related to the National Assembly control of the Security Intelligence Agency, as well as the practical problems associated with this type of control. We analyzed the role of security culture as one of the factors of that control. In this regard, it provides guidance for the practical work of the members of parliament who control the Security Intelligence Agency, noting in particular the importance of and the need for continuous improvement of security culture representatives.

MOBILE DEVICES AND EFFECTIVE INFORMATION SECURITY

Directory of Open Access Journals (Sweden)

Igor Bernik

2013-05-01

Full Text Available Rapidly increasing numbers of sophisticated mobile devices (smart phones, tab computers, etc. all over the world mean that ensuring information security will only become a more pronounced problem for individuals and organizations. It’s important to effectively protect data stored on or accessed by mobile devices, and also during transmission of data between devices and between device and information system. Technological and other trends show, that the cyber threats are also rapidly developing and spreading. It's crucial to educate users about safe usage and to increase their awareness of security issues. Ideally, users should keep-up with technological trends and be well equipped with knowledge otherwise mobile technology will significantly increase security risks. Most important is that we start educating youth so that our next generations of employees will be part of a culture of data and information security awareness.

Vehicular ad hoc network security and privacy

CERN Document Server

Lin, X

2015-01-01

Unlike any other book in this area, this book provides innovative solutions to security issues, making this book a must read for anyone working with or studying security measures. Vehicular Ad Hoc Network Security and Privacy mainly focuses on security and privacy issues related to vehicular communication systems. It begins with a comprehensive introduction to vehicular ad hoc network and its unique security threats and privacy concerns and then illustrates how to address those challenges in highly dynamic and large size wireless network environments from multiple perspectives. This book is richly illustrated with detailed designs and results for approaching security and privacy threats.

Between security and military identities: The case of Israeli security experts.

Science.gov (United States)

Grassiani, Erella

2018-02-01

The relationship between private security professionals and the military in Israel is complex. While there is growing attention to the fact that security and military actors and their activities are becoming increasingly blurred, the Israeli case shows something different. In this ground-up analysis of the relationship between private security practices and the military, I investigate its constant negotiation by private security professionals through their identification with and differentiation from the military, whereby they reconfigure the meaning of military capital. This identity work should be understood, I propose, within the strongly militarist context of Israeli society, where military capital is highly valued. I argue that actors who exit the military system feel the need to demonstrate the added value of their work in the private sector in order for it to gain value in the light of the symbolic capital given to the military. I analyse these processes as leading to a new kind of militarism, which includes security skills and ideas about professionalism. Such an approach sheds new light on the ways in which security actors can actively reconfigure the workings of military capital in and outside the nation-state and produce a different kind of militarism.

SMS security system for smart home detectors

OpenAIRE

Cekova, Katerina; Gelev, Saso

2016-01-01

Security has always been an important problem everywhere. Home security has been a major issue where crime is increasing and everybody wants home security to protect the home. Safety from theft and flame are the most important requirements of a home security system for people. A remote home security system offers many benefits from keeping homeowners, and their property safe. This paper present controlling of the home security system remotely from Android Application. Owners can turn on or...

Practical Unix and Internet Security

CERN Document Server

Garfinkel, Simson; Spafford, Gene

2003-01-01

When Practical Unix Security was first published more than a decade ago, it became an instant classic. Crammed with information about host security, it saved many a Unix system administrator from disaster. The second edition added much-needed Internet security coverage and doubled the size of the original volume. The third edition is a comprehensive update of this very popular book - a companion for the Unix/Linux system administrator who needs to secure his or her organization's system, networks, and web presence in an increasingly hostile world. Focusing on the four most popular Unix varia

Assessing the internal validity of a household survey-based food security measure adapted for use in Iran

Directory of Open Access Journals (Sweden)

Sadeghizadeh Atefeh

2009-06-01

Full Text Available Abstract Background The prevalence of food insecurity is an indicator of material well-being in an area of basic need. The U.S. Food Security Module has been adapted for use in a wide variety of cultural and linguistic settings around the world. We assessed the internal validity of the adapted U.S. Household Food Security Survey Module to measure adult and child food insecurity in Isfahan, Iran, using statistical methods based on the Rasch measurement model. Methods The U.S. Household Food Security Survey Module was translated into Farsi and after adaptation, administered to a representative sample. Data were provided by 2,004 randomly selected households from all sectors of the population of Isfahan, Iran, during 2005. Results 53.1 percent reported that their food had run out at some time during the previous 12 months and they did not have money to buy more, while 26.7 percent reported that an adult had cut the size of a meal or skipped a meal because there was not enough money for food, and 7.2 percent reported that an adult did not eat for a whole day because there was not enough money for food. The severity of the items in the adult scale, estimated under Rasch-model assumptions, covered a range of 6.65 logistic units, and those in the child scale 11.68 logistic units. Most Item-infit statistics were near unity, and none exceeded 1.20. Conclusion The range of severity of items provides measurement coverage across a wide range of severity of food insecurity for both adults and children. Both scales demonstrated acceptable levels of internal validity, although several items should be improved. The similarity of the response patterns in the Isfahan and the U.S. suggests that food insecurity is experienced, managed, and described similarly in the two countries.

Security of radioactive sources in industrial radiography

International Nuclear Information System (INIS)

Popp, Andrew; Murray, Allan

2010-01-01

This paper describes the need and new requirements to ensure the security of radioactive sources used in the practice of industrial radiography. We describe the discussions and issues arising during the september 2010 regional workshop held in Sydney on the application of security measures to industrial radiography practices. The workshop provided the perspectives of both radiation regulators and industry practitioners, including those from the Philippines. We describe the outputs of the workshop, and how they were developed, and make suggestions for further consideration and applications of security measures in the practice of industrial radiography. (author)

Nuclear Cyber Security Case Study and Analysis

Energy Technology Data Exchange (ETDEWEB)

Park, Sunae [ChungNam National Univ., Daejeon (Korea, Republic of); Kim, Kyung doo [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

2016-10-15

Due to the new trend in cyber attacks, there is an increased security threat towards every country's infrastructure. So, security measures are required now than ever before. Previous cyber attacks normal process consists of paralyzing a server function, data extraction, or data control into the IT system for trespassing. However, nowadays control systems and infrastructures are also targeted and attacking methods have changed a lot. These days, the virus is becoming increasingly serious and hacker attacks are also becoming more frequent. This virus is a computer virus produced for the purpose of destroying the infrastructure, such as power plants, airports, railways June 2010, and it was first discovered in Belarus. Israel, the US, and other countries are believed culprits behind Stuxnet attacks on other nations such as Iran. Recent malware distribution, such as website hacking threat is growing. In surveys today one of the most long-term posing security threats is from North Korea. In particular, North Korea has been caught launching ongoing cyber-attacks after their latest nuclear test. South Korea has identified national trends regarding North Korean nuclear tests and analyzed them in order to catch disclosed confidential information. Especially, many nuclear power plants in the world are found to be vulnerable to cyber-attacks. Industrial facilities should be more wary of the risk of a serious cyber attack in the middle is going to increase the reliance on universal and commercial digital systems (off the shelf) software, civilian nuclear infrastructure. Senior executives’ current risk rate levels are increasing. Digitalization of the perception of risk is lacking in nuclear power plants and workers are creating prevention methods to make them fully aware of the risks of cyber-attacks. It is suggested that it may be inappropriate to assume we are prepared for potential attacks. Due to advances in technology, a warning that the growing sense of crisis

Nuclear Cyber Security Case Study and Analysis

International Nuclear Information System (INIS)

Park, Sunae; Kim, Kyung doo

2016-01-01

Due to the new trend in cyber attacks, there is an increased security threat towards every country's infrastructure. So, security measures are required now than ever before. Previous cyber attacks normal process consists of paralyzing a server function, data extraction, or data control into the IT system for trespassing. However, nowadays control systems and infrastructures are also targeted and attacking methods have changed a lot. These days, the virus is becoming increasingly serious and hacker attacks are also becoming more frequent. This virus is a computer virus produced for the purpose of destroying the infrastructure, such as power plants, airports, railways June 2010, and it was first discovered in Belarus. Israel, the US, and other countries are believed culprits behind Stuxnet attacks on other nations such as Iran. Recent malware distribution, such as website hacking threat is growing. In surveys today one of the most long-term posing security threats is from North Korea. In particular, North Korea has been caught launching ongoing cyber-attacks after their latest nuclear test. South Korea has identified national trends regarding North Korean nuclear tests and analyzed them in order to catch disclosed confidential information. Especially, many nuclear power plants in the world are found to be vulnerable to cyber-attacks. Industrial facilities should be more wary of the risk of a serious cyber attack in the middle is going to increase the reliance on universal and commercial digital systems (off the shelf) software, civilian nuclear infrastructure. Senior executives’ current risk rate levels are increasing. Digitalization of the perception of risk is lacking in nuclear power plants and workers are creating prevention methods to make them fully aware of the risks of cyber-attacks. It is suggested that it may be inappropriate to assume we are prepared for potential attacks. Due to advances in technology, a warning that the growing sense of crisis about

The old age health security in rural China: where to go?

Science.gov (United States)

Dai, Baozhen

2015-11-04

The huge number of rural elders and the deepening health problems (e.g. growing threats of infectious diseases and chronic diseases etc.) place enormous pressure on old age health security in rural China. This study aims to provide information for policy-makers to develop effective measures for promoting rural elders' health care service access by examining the current developments and challenges confronted by the old age health security in rural China. Search resources are electronic databases, web pages of the National Bureau of Statistics of China and the National Health and Family Planning Commission of China on the internet, China Population and Employment Statistics Yearbook, China Civil Affairs' Statistical Yearbook and China Health Statistics Yearbooks etc. Articles were identified from Elsevier, Wiley, EBSCO, EMBASE, PubMed, SCI Expanded, ProQuest, and National Knowledge Infrastructure of China (CNKI) which is the most informative database in Chinese. Search terms were "rural", "China", "health security", "cooperative medical scheme", "social medical assistance", "medical insurance" or "community based medical insurance", "old", or "elder", "elderly", or "aged", "aging". Google scholar was searched with the same combination of keywords. The results showed that old age health security in rural China had expanded to all rural elders and substantially improved health care service utilization among rural elders. Increasing chronic disease prevalence rates, pressing public health issues, inefficient rural health care service provision system and lack of sufficient financing challenged the old age health security in rural China. Increasing funds from the central and regional governments for old age health security in rural China will contribute to reducing urban-rural disparities in provision of old age health security and increasing health equity among rural elders between different regions. Meanwhile, initiating provider payment reform may contribute to

Elements of ESA's policy on space and security

Science.gov (United States)

Giannopapa, Christina; Adriaensen, Maarten; Antoni, Ntorina; Schrogl, Kai-Uwe

2018-06-01

In the past decade Europe has been facing rising security threats, ranging from climate change, migrations, nearby conflicts and crises, to terrorism. The demand to tackle these critical challenges is increasing in Member States. Space is already contributing, and could further contribute with already existing systems and future ones. The increasing need for security in Europe and for safety and security of Europe's space activities has led to a growing number of activities in ESA in various domains. It has also driven new and strengthened partnerships with security stakeholders in Europe. At the European level, ESA is collaborating closely with the main European institutions dealing with space security. In addition, as an organisation ESA has evolved to conduct security-related projects and programmes and to address the threats to its own activities, thereby securing the investments of the Member States. Over the past years the Agency has set up a comprehensive regulatory framework in order to be able to cope with security related requirements. Over the past years, ESA has increased its exchanges with its Member States. The paper presents main elements of the ESA's policy on space and security. It introduces the current European context for space and security, the European goals in this domain and the specific objectives to which the Agency intends to contribute. Space and security in the ESA context is set out under two components: a) security from space and b) security in space, including the security of ESA's own activities (corporate security and the security of ESA's space missions). Subsequently, ESA's activities are elaborated around these two pillars, composed of different activities conducted in the most appropriate frameworks and in coordination with the relevant stakeholders and shareholders.

Security in the nuclear medicine department

International Nuclear Information System (INIS)

Bassingham, S.; Gane, J.; Chan, P.S.; Heenan, S.; Gulliver, N.; McVey, J.

2005-01-01

The current threat from terrorism highlights the need for awareness of adequate security of radioactive sources by health bodies to prevent the opportunistic access to, theft of. or accidental loss of sources, together with stringent security measures in place to prevent the international misuse of radioactive sources as a weapon by unauthorised access. This presentation discusses the processes undertaken to ensure the safety and security of radioactive materials within the nuclear medicine department in line with current regulations and guidelines. These include risk assessments, security systems, audit trails, restricted access and personnel background checks

INFORMATION SYSTEM SECURITY (CYBER SECURITY

Directory of Open Access Journals (Sweden)

Muhammad Siddique Ansari

2016-03-01

Full Text Available Abstract - Business Organizations and Government unequivocally relies on upon data to deal with their business operations. The most unfavorable impact on association is disappointment of friendship, goodness, trustworthiness, legitimacy and probability of data and administrations. There is an approach to ensure data and to deal with the IT framework's Security inside association. Each time the new innovation is made, it presents some new difficulties for the insurance of information and data. To secure the information and data in association is imperative on the grounds that association nowadays inside and remotely joined with systems of IT frameworks. IT structures are inclined to dissatisfaction and security infringement because of slips and vulnerabilities. These slips and vulnerabilities can be brought on by different variables, for example, quickly creating headway, human slip, poor key particulars, poor movement schedules or censuring the threat. Likewise, framework changes, new deserts and new strikes are a huge piece of the time displayed, which helpers augmented vulnerabilities, disappointments and security infringement all through the IT structure life cycle. The business went to the confirmation that it is essentially difficult to ensure a slip free, risk free and secure IT structure in perspective of the disfigurement of the disavowing security parts, human pass or oversight, and part or supplies frustration. Totally secure IT frameworks don't exist; just those in which the holders may have changing degrees of certainty that security needs of a framework are fulfilled do. The key viewpoints identified with security of data outlining are examined in this paper. From the start, the paper recommends pertinent legitimate structure and their duties including open association obligation, and afterward it returns to present and future time, system limits, structure security in business division. At long last, two key inadequacy markers

A Framework for Federated Two-Factor Authentication Enabling Cost-Effective Secure Access to Distributed Cyberinfrastructure

Energy Technology Data Exchange (ETDEWEB)

Ezell, Matthew A [ORNL; Rogers, Gary L [University of Tennessee, Knoxville (UTK); Peterson, Gregory D. [University of Tennessee, Knoxville (UTK)

2012-01-01

As cyber attacks become increasingly sophisticated, the security measures used to mitigate the risks must also increase in sophistication. One time password (OTP) systems provide strong authentication because security credentials are not reusable, thus thwarting credential replay attacks. The credential changes regularly, making brute-force attacks significantly more difficult. In high performance computing, end users may require access to resources housed at several different service provider locations. The ability to share a strong token between multiple computing resources reduces cost and complexity. The National Science Foundation (NSF) Extreme Science and Engineering Discovery Environment (XSEDE) provides access to digital resources, including supercomputers, data resources, and software tools. XSEDE will offer centralized strong authentication for services amongst service providers that leverage their own user databases and security profiles. This work implements a scalable framework built on standards to provide federated secure access to distributed cyberinfrastructure.

Social Security, Intergenerational Transfers, and Endogenous Growth

OpenAIRE

Junsen Zhang; Junxi Zhang

1998-01-01

In this paper, the effects of social security in a simple model of endogenous growth with alternative motives of having children are analyzed. It shows how the effects of social security depend on the size of the social security tax, the motive to have children, and the pattern of intergenerational transfers. The pattern of intergenerational transfers itself, however, is shown to change with the social security tax rate. When the social security tax is not too high, social security increases ...

A SES (sustainable energy security) index for developing countries

International Nuclear Information System (INIS)

Narula, Kapil; Reddy, B. Sudhakara

2016-01-01

Measuring the performance of the energy system of a country is a prerequisite for framing good energy polices. However, the existing indices which claim to measure energy security have limited applicability for developing countries. Energy sustainability is also increasingly gaining importance and countries are keen to measure it to tailor their energy policies. Therefore, the concept of SES (sustainable energy security) has been proposed as the goal for a developing country. This paper presents an analytical framework for the assessment of SES of an energy system and the methodology for constructing an SES index. A hierarchical structure has been proposed and the energy system has been divided into 'supply', 'conversion & distribution' and 'demand' sub-systems. Each subsystem is further divided into its components which are evaluated for four dimensions of SES, Availability, Affordability, Efficiency and (Environmental) Acceptability using quantitative metrics. Energy indices are constructed using 'scores' (objective values), and 'weights' (subjective values representing tradeoffs) which are then aggregated, bottom-up, to obtain an overall SES Index for a country. The proposed SES Index is multidimensional, quantitative, modular, systemic and flexible. Such a SES Index can be used to design policy interventions for transitioning to a sustainable and a secure energy future. - Highlights: • A SES (sustainable energy security) index is proposed for developing countries. • A hierarchical structure includes the entire energy system from supply to end use. • The performance of all energy sources, energy carriers and sectors is assessed. • Availability, affordability, efficiency and acceptability dimensions are evaluated. • The SES index is multidimensional, quantitative, modular, systemic and flexible.

Interdependent Risk and Cyber Security: An Analysis of Security Investment and Cyber Insurance

Science.gov (United States)

Shim, Woohyun

2010-01-01

An increasing number of firms rely on highly interconnected information networks. In such environments, defense against cyber attacks is complicated by residual risks caused by the interdependence of information security decisions of firms. IT security is affected not only by a firm's own management strategies but also by those of others. This…

When to Reset Your Keys: Optimal Timing of Security Updates via Learning

OpenAIRE

Zheng, Zizhan; Shroff, Ness B.; Mohapatra, Prasant

2016-01-01

Cybersecurity is increasingly threatened by advanced and persistent attacks. As these attacks are often designed to disable a system (or a critical resource, e.g., a user account) repeatedly, it is crucial for the defender to keep updating its security measures to strike a balance between the risk of being compromised and the cost of security updates. Moreover, these decisions often need to be made with limited and delayed feedback due to the stealthy nature of advanced attacks. In addition t...

Three Essays on Information Security Policies

Science.gov (United States)

Yang, Yubao

2011-01-01

Information security breaches pose a significant and increasing threat to national security and economic well-being. In the Symantec Internet Security Threat Report (2003), companies surveyed experienced an average of about 30 attacks per week. Anecdotal evidence suggests that losses from cyber-attacks can run into millions of dollars. The CSI-FBI…

Measuring the security of external energy supply in the European Union

Energy Technology Data Exchange (ETDEWEB)

Le Coq, Chloe [SITE, Stockholm School of Economics, P.O. Box 6501, Stockholm 11383 (Sweden); Paltseva, Elena [Department of Economics, Copenhagen University, Oester Farimagsgade 5, Building 26, 1353 Copenhagen (Denmark)

2009-11-15

The security of energy supply is one of the main objectives of EU energy policy. In this paper, we introduce an index designed to evaluate the short-term risks associated with the external supply of energy to the EU Member States. It combines measures of energy import diversification, political risks of the supplying country, risk associated with energy transit, and the economic impact of a supply disruption. We construct separate indexes for three primary energy types, oil, gas and coal, and demonstrate that Member States' levels of supply risk exposure differ across energies. Most other studies of this kind provide aggregate indexes combining different types of energy. Our results suggest that an aggregate approach could be misleading, at least for discussions of the short-term response to risks. We discuss the implications of our findings for the common energy policy. (author)

Measuring the security of external energy supply in the European Union

International Nuclear Information System (INIS)

Le Coq, Chloe; Paltseva, Elena

2009-01-01

The security of energy supply is one of the main objectives of EU energy policy. In this paper, we introduce an index designed to evaluate the short-term risks associated with the external supply of energy to the EU Member States. It combines measures of energy import diversification, political risks of the supplying country, risk associated with energy transit, and the economic impact of a supply disruption. We construct separate indexes for three primary energy types, oil, gas and coal, and demonstrate that Member States' levels of supply risk exposure differ across energies. Most other studies of this kind provide aggregate indexes combining different types of energy. Our results suggest that an aggregate approach could be misleading, at least for discussions of the short-term response to risks. We discuss the implications of our findings for the common energy policy. (author)

Security of radioactive sources. Interim guidance for comment

International Nuclear Information System (INIS)

2003-06-01

In previous IAEA publications, there have been only rather general security requirements for non-nuclear radioactive material. These requirements were primarily directed to such issues as unintentional exposure to radiation, negligence and inadvertent loss. However, it is clear that more guidance is needed to not only try and prevent further events involving orphan sources, but also to prevent the deliberate attempt to acquire radioactive sources for malevolent purposes. Member States have requested guidance on the type and nature of security measures that might be put in place and on the methodology to be used in choosing such measures. These requests were also endorsed in the findings of the international conference on 'Security of Radioactive Sources' held in March 2003. Practical advice on assessing and implementing security measures complements the general commitments in the proposed Revised Code of Conduct on Safety and Security of radioactive Sources. A Safety Guide entitled 'Safety and Security of Radiation Sources' that, amongst other things, discusses these issues is being drafted. However, it is recognized that guidance material is required before this document will be finalized in order to allow Member States opportunity to put in place appropriate actions and planning to address current issues. Hence the purpose of the current document is to provide advice on security approaches and to allow comment on detailed recommendations for levels of security on radioactive sources that may be incorporated within the Safety Guide. This report is primarily addressed to Regulatory Authorities but it is also intended to provide guidance to manufacturers, suppliers and users of sources. Its objective is to assist Member States in deciding which security measures are needed to ensure consistency with the International Basic Safety Standards and the Revised Code of Conduct for the Safety and Security of Radioactive Sources. It is recognized that there must be a

Security and computer forensics in web engineering education

OpenAIRE

Glisson, W.; Welland, R.; Glisson, L.M.

2010-01-01

The integration of security and forensics into Web Engineering curricula is imperative! Poor security in web-based applications is continuing to cost organizations millions and the losses are still increasing annually. Security is frequently taught as a stand-alone course, assuming that security can be 'bolted on' to a web application at some point. Security issues must be integrated into Web Engineering processes right from the beginning to create secure solutions and therefore security shou...

Real Time MODBUS Transmissions and Cryptography Security Designs and Enhancements of Protocol Sensitive Information

Directory of Open Access Journals (Sweden)

Aamir Shahzad

2015-07-01

Full Text Available Information technology (IT security has become a major concern due to the growing demand for information and massive development of client/server applications for various types of applications running on modern IT infrastructure. How has security been taken into account and which paradigms are necessary to minimize security issues while increasing efficiency, reducing the influence on transmissions, ensuring protocol independency and achieving substantial performance? We have found cryptography to be an absolute security mechanism for client/server architectures, and in this study, a new security design was developed with the MODBUS protocol, which is considered to offer phenomenal performance for future development and enhancement of real IT infrastructure. This study is also considered to be a complete development because security is tested in almost all ways of MODBUS communication. The computed measurements are evaluated to validate the overall development, and the results indicate a substantial improvement in security that is differentiated from conventional methods.

Risk assessment techniques for civil aviation security

Energy Technology Data Exchange (ETDEWEB)

Tamasi, Galileo, E-mail: g.tamasi@enac.rupa.i [Ente Nazionale per l' Aviazione Civile-Direzione Progetti, Studi e Ricerche, Via di Villa Ricotti, 42, 00161 Roma (Italy); Demichela, Micaela, E-mail: micaela.demichela@polito.i [SAfeR-Centro Studi su Sicurezza, Affidabilita e Rischi, Dipartimento di Scienza dei Materiali e Ingegneria Chimica, Politecnico di Torino, Corso Duca degli Abruzzi, 24, 10129 Torino (Italy)

2011-08-15

Following the 9/11 terrorists attacks in New York a strong economical effort was made to improve and adapt aviation security, both in infrastructures as in airplanes. National and international guidelines were promptly developed with the objective of creating a security management system able to supervise the identification of risks and the definition and optimization of control measures. Risk assessment techniques are thus crucial in the above process, since an incorrect risk identification and quantification can strongly affect both the security level as the investments needed to reach it. The paper proposes a set of methodologies to qualitatively and quantitatively assess the risk in the security of civil aviation and the risk assessment process based on the threats, criticality and vulnerabilities concepts, highlighting their correlation in determining the level of risk. RAMS techniques are applied to the airport security system in order to analyze the protection equipment for critical facilities located in air-side, allowing also the estimation of the importance of the security improving measures vs. their effectiveness.

Risk assessment techniques for civil aviation security

International Nuclear Information System (INIS)

Tamasi, Galileo; Demichela, Micaela

2011-01-01

Following the 9/11 terrorists attacks in New York a strong economical effort was made to improve and adapt aviation security, both in infrastructures as in airplanes. National and international guidelines were promptly developed with the objective of creating a security management system able to supervise the identification of risks and the definition and optimization of control measures. Risk assessment techniques are thus crucial in the above process, since an incorrect risk identification and quantification can strongly affect both the security level as the investments needed to reach it. The paper proposes a set of methodologies to qualitatively and quantitatively assess the risk in the security of civil aviation and the risk assessment process based on the threats, criticality and vulnerabilities concepts, highlighting their correlation in determining the level of risk. RAMS techniques are applied to the airport security system in order to analyze the protection equipment for critical facilities located in air-side, allowing also the estimation of the importance of the security improving measures vs. their effectiveness.

Developing the security culture at the SEISMED Reference Centres.

Science.gov (United States)

Fowler, J

1996-01-01

The paper gives a brief summary of the SEISMED project and the particular role played by the Reference Centres. Details are given of the hardware and application systems in use in the Royal Hospitals (NHS) Trust (RHT), one of the SEISMED Reference Centres. It proposes, without verification, a definition of a Security Culture based on three criteria. These are suggested to be the "Awareness" the "Acceptance" and the "Actions" of the management and staff to improve Information Systems Security throughout the RHT. The way that "Awareness" was increased is shown by the specific initiatives commenced as a result of a CRAMM Risk Analysis and the management and staff training programmes. The specific initiatives mentioned include, an Information Systems Security Policy, a contingency and disaster recovery plan, improvements in the physical protection of equipment and changes to the method of access control. The "Acceptance" by the staff of these measures is considered and the success or failure of "Developing A Security Culture" examined. The role of SEISMED in this process is assessed.

Target assignment for security officers to K targets (TASK)

International Nuclear Information System (INIS)

Rowland, J.R.; Shelton, K.W.; Stunkel, C.B.

1983-02-01

A probabilistic algorithm is developed to provide an optimal Target Assignment for Security officers to K targets (TASK) using a maximin criterion. Under the assumption of only a limited number (N) of security officers, the TASK computer model determines deployment assignments which maximize the system protection against sabotage by an adversary who may select any link in the system, including the weakest, for the point of attack. Applying the TASK model to a hypothetical nuclear facility containing a nine-level building reveals that aggregate targets covering multiple vital areas should be utilized to reduce the number of possible target assignments to a value equal to or only slightly larger than N. The increased probability that a given aggregate target is covered by one or more security officers offsets the slight decrease in interruption probability due to its occurring earlier in the adversary's path. In brief, the TASK model determines the optimal maximin deployment strategy for limited numbers of security officers and calculates a quantitative measure of the resulting system protection

Airline Security and a Strategy for Change

National Research Council Canada - National Science Library

Welch, Timothy J

2006-01-01

.... Obligated to secure the Homeland the United States Government scrambled to develop measures that would uphold societal values while providing an in-depth defense capable of ensuring a more secure society...

Information security management: a proposal to improve the effectiveness of information security in the scientific research environment

International Nuclear Information System (INIS)

Alexandria, Joao Carlos Soares de

2009-01-01

The increase of the connectivity in the business environment, combined with the growing dependency of information systems, has become the information security management an important governance tool. Information security has as main goal to protect the business transactions in order to work normally. In this way, It will be safeguarding the business continuity. The threats of information come from hackers' attacks, electronic frauds and spying, as well as fire, electrical energy interruption and humans fault. Information security is made by implementation of a set of controls, including of the others politics, processes, procedures, organizational structures, software and hardware, which require a continuous management and a well established structure to be able to face such challenges. This work tried to search the reasons why the organizations have difficulties to make a practice of information security management. Many of them just limit to adopt points measures, sometimes they are not consistent with their realities. The market counts on enough quantity of standards and regulations related to information security issues, for example, ISO/IEC 27002, American Sarbanes-Oxley act, Basel capital accord, regulations from regulatory agency (such as the Brazilians ones ANATEL, ANVISA and CVM). The market researches have showed that the information security implementation is concentrated on a well-defined group of organization mainly formed by large companies and from specifics sectors of economy, for example, financial and telecommunication. However, information security must be done by all organizations that use information systems to carry out their activities, independently of its size or economic area that it belongs. The situation of information security in the governmental sector of Brazil, and inside its research institutions, is considered worrying by the Brazilian Court of Accounts (TCU). This research work presents an assessment and diagnostic proposal of

Handbook of space security policies, applications and programs

CERN Document Server

Hays, Peter; Robinson, Jana; Moura, Denis; Giannopapa, Christina

2015-01-01

Space Security involves the use of space (in particular communication, navigation, earth observation, and electronic intelligence satellites) for military and security purposes on earth and also the maintenance of space (in particular the earth orbits) as safe and secure areas for conducting peaceful activities. The two aspects can be summarized as "space for security on earth" and “the safeguarding of space for peaceful endeavors.” The Handbook will provide a sophisticated, cutting-edge resource on the space security policy portfolio and the associated assets, assisting fellow members of the global space community and other interested policy-making and academic audiences in keeping abreast of the current and future directions of this vital dimension of international space policy. The debate on coordinated space security measures, including relevant 'Transparency and Confidence-Building Measures,' remains at a relatively early stage of development. The book offers a comprehensive description of the variou...

International codes concerning the security of radioisotopes

International Nuclear Information System (INIS)

Kusama, Keiji

2013-01-01

Explained is the title subject with international and Japanese official argument or publications and actions, where the security is defined as protection of sealed and unsealed radioisotopes (RI) from malicious acts. IAEA worked out the Code of Conduct on the Safety and Security of Radioactive Sources in 2004 based on its preceding argument and with the turning point of the terrorism 3.11 (2001), and Nuclear Security Recommendations on radioactive material and associated facilities (2011), for whose prerequisite, Security of radioactive sources: implementing guide (2009) and Security in the transport of radioactive material (2008) had been drawn up. The Code of Conduct indicates the security system to regulate the sealed sources that each nation has to build up through legislation, setup of regulatory agency, registration of the sources, provision of concerned facilities with radiation protection, etc. For attaining this purpose, IAEA defined Guidance on the Import and Export of Radioactive Sources (2005, 2012), Categorization of radioactive sources (2005) and Dangerous quantities of radioactive material (D-VALUES) (2006). For updating the related matters, IAEA holds international conferences somewhere in the world every year. The Nuclear Security Recommendations indicate the nation's responsibility of building up and maintaining the security system above with well-balanced measures between the safe and secure use of RI without the invalid inhibition of their usage. Japan government worked out the concept essential for ensuring the nuclear security in Sep. 2011, in which for RI, defined were the risk and benefit in use and security, and securing role of the present legal systems concerning the safety handling and objective RI involved in their registration system. Securing measures of RI in such usage as medical and industrial aids must be of advanced usefulness and safety in harmony with activities of other countries. (T.T)

Cyber Security in Digital I and C Implementation

Energy Technology Data Exchange (ETDEWEB)

Chow, Ivan; Hsu, Allen; Kim, Jong Min; Luo, William [Doosan HF Controls, Texas (United States)

2011-08-15

During the Nuclear Regulatory Commission (NRC) audit process of Doosan HF Control HFC-6000 safety system 2009, cyber security assessment was a major audit process. The result of the assessment was favorably satisfied. As preventing digital I and C systems from being hijacked by malicious software a major goal for the NRC, audit process of actual digital I and C implementations such as the HFC-6000 safety system which provides already strong cyber security measures is mutually beneficial to both the NRC and the vendor: NRC can enhance their set of cyber security assessments and vendors such as Doosan HFC can also augment their cyber security measures. The NRC Safety Evaluation Report (SER) for the HFC-6000 system was released in April 2011 qualifying the system to be used as safety systems in US nuclear power plants. This paper provides the summary of the cyber security assessment of the complete software life cycle of HFC-6000 Safety System. Lessons learned in each life cycle phase are provided. In addition, alternate measures or recommendations for enhancing the cyber security in each life cycle phase are also described.

Cyber Security in Digital I and C Implementation

International Nuclear Information System (INIS)

Chow, Ivan; Hsu, Allen; Kim, Jong Min; Luo, William

2011-01-01

During the Nuclear Regulatory Commission (NRC) audit process of Doosan HF Control HFC-6000 safety system 2009, cyber security assessment was a major audit process. The result of the assessment was favorably satisfied. As preventing digital I and C systems from being hijacked by malicious software a major goal for the NRC, audit process of actual digital I and C implementations such as the HFC-6000 safety system which provides already strong cyber security measures is mutually beneficial to both the NRC and the vendor: NRC can enhance their set of cyber security assessments and vendors such as Doosan HFC can also augment their cyber security measures. The NRC Safety Evaluation Report (SER) for the HFC-6000 system was released in April 2011 qualifying the system to be used as safety systems in US nuclear power plants. This paper provides the summary of the cyber security assessment of the complete software life cycle of HFC-6000 Safety System. Lessons learned in each life cycle phase are provided. In addition, alternate measures or recommendations for enhancing the cyber security in each life cycle phase are also described

Literature Review on Cyber Security Investment Decisions

OpenAIRE

ŞENTÜRK, Hakan; ÇİL, Celal Zaim; SAĞIROĞLU, Şeref

2016-01-01

Severe financial losses incurred by cyber security attacks with increasing complexity and frequency, as well as booming cyber security sector offering variety of products as investment options have led the focus of the research in the field to the economic dimension of cyber security. The need for determination of methods to be used when making cyber security investment decisions under budget constraints have become prominent. In five sections as the cyber security investment strategies, risk...

Objective and Essential Elements of a State's Nuclear Security Regime. Nuclear Security Fundamentals

International Nuclear Information System (INIS)

2013-01-01

The possibility that nuclear material or other radioactive material could be used for criminal purposes or intentionally used in an unauthorized manner cannot be ruled out in the current global situation. States have responded to this risk by engaging in a collective commitment to strengthen the protection and control of such material and to respond effectively to nuclear security events. States have agreed to strengthen existing instruments and have established new international legal instruments to enhance nuclear security worldwide. Nuclear security is fundamental in the management of nuclear technologies and in applications where nuclear material or other radioactive material is used or transported. Through its nuclear security programme, the IAEA supports States to establish, maintain and sustain an effective nuclear security regime. The IAEA has adopted a comprehensive approach to nuclear security. This recognizes that an effective national nuclear security regime builds on: the implementation of relevant international legal instruments; information protection; physical protection; material accounting and control; detection of and response to trafficking in such material; national response plans; and contingency measures. With its Nuclear Security Series, the IAEA aims to assist States in implementing and sustaining such a regime in a coherent and integrated manner. The IAEA Nuclear Security Series comprises: Nuclear Security Fundamentals, which include the objective and essential elements of a State's nuclear security regime; Recommendations; Implementing Guides; and Technical Guidance. Each State carries the full responsibility for nuclear security. Specifically, each State has the responsibility to provide for the security of nuclear material and other radioactive material and their associated facilities and activities; to ensure the security of such material in use, storage, or in transport; to combat illicit trafficking and the inadvertent movement of

Information risk and security modeling

Science.gov (United States)

Zivic, Predrag

2005-03-01

This research paper presentation will feature current frameworks to addressing risk and security modeling and metrics. The paper will analyze technical level risk and security metrics of Common Criteria/ISO15408, Centre for Internet Security guidelines, NSA configuration guidelines and metrics used at this level. Information IT operational standards view on security metrics such as GMITS/ISO13335, ITIL/ITMS and architectural guidelines such as ISO7498-2 will be explained. Business process level standards such as ISO17799, COSO and CobiT will be presented with their control approach to security metrics. Top level, the maturity standards such as SSE-CMM/ISO21827, NSA Infosec Assessment and CobiT will be explored and reviewed. For each defined level of security metrics the research presentation will explore the appropriate usage of these standards. The paper will discuss standards approaches to conducting the risk and security metrics. The research findings will demonstrate the need for common baseline for both risk and security metrics. This paper will show the relation between the attribute based common baseline and corporate assets and controls for risk and security metrics. IT will be shown that such approach spans over all mentioned standards. The proposed approach 3D visual presentation and development of the Information Security Model will be analyzed and postulated. Presentation will clearly demonstrate the benefits of proposed attributes based approach and defined risk and security space for modeling and measuring.

Security of M-Commerce transactions

Directory of Open Access Journals (Sweden)

Ion IVAN

2013-07-01

Full Text Available In this material electronic market are defined. How they are structured. Security in E-Commerce applications is very important both at the administrative level and from the user perspective. The new trend in the field is the M-commerce that involves making purchases through mobile devices. And for M-commerce transactions the security is a very important thing. Here's how to analyze the security of M-commerce transactions and ways to increase security for these transactions taking into account the organization of M-Commerce applications, software used, hardware used and other important issues in the development of these applications.