WorldWideScience

Sample records for security sankardas roy

  1. Rahul Roy

    Indian Academy of Sciences (India)

    Rahul Roy. Articles written in Resonance – Journal of Science Education. Volume 2 Issue 11 November 1997 pp 36-47 General Article. Ohm's Law, Kirchoff's Law and the Drunkard's Walk Related Electrical Networks · Rahul Roy · More Details Fulltext PDF. Volume 2 Issue 12 December 1997 pp 33-38 General Article.

  2. Debjani Roy

    Indian Academy of Sciences (India)

    Home; Journals; Resonance – Journal of Science Education. Debjani Roy. Articles written in Resonance – Journal of Science Education. Volume 1 Issue 9 September 1996 pp 86-88 Book Review. Take the Frogs Seriously - They are the Earth's Living Barometers A Book for One and All · Debjani Roy · More Details Fulltext ...

  3. Tapas Kumar Roy

    Indian Academy of Sciences (India)

    Home; Journals; Journal of Biosciences. Tapas Kumar Roy. Articles written in Journal of Biosciences. Volume 40 Issue 2 June 2015 pp 375-387 Articles. Do seed VLCFAs trigger spongy tissue formation in Alphonso mango by inducing germination? Seshadri Shivashankar Manoharan Sumathi Tapas Kumar Roy.

  4. Norwegian Security Determinants: Deterrence and Reassurance.

    Science.gov (United States)

    1984-03-01

    September 1979, pp. 20-25; Rear Admiral 104 |eve Roy Breivik , R.N.N., Inspector General, "Assuring the Security of Reinforcements to Norway," NATO’s Fift...2-15; a:zc $ Patrick Wall, "The Third Battle of the Atlantic," i Power, July 1981, pp. 52-57. 11 Richard K. Betts, "Surprise Attack: NATO’s...Force," NATO’s Fifteen Nations, December 1977-January 1978, pp. 81-89. 186 Breivik , Pear Admiral Roy, R.N.N., "Assuring the Security: of Reinforcements

  5. Application of the N/D-method to the Roy equations

    International Nuclear Information System (INIS)

    Heemskerk, A.C.

    1978-01-01

    The subject of this thesis is the study and numerical application of the Roy equations for elastic pion-pion scattering. These equations were introduced by S.M. Roy in 1971 and express the minimal requirements any ππ partial wave amplitude should satisfy, such as analyticity and crossing symmetry. When combined with the unitarity relations for the partial waves a complete system of equations (the Roy system) results valid in the low-energy region. The author has studied the existance and uniqueness question for the Roy system and developed successful strategies to solve the system by means of iteration. Several solutions are presented and discussed. The main ingredients in the present approach are a) the use of the N/D-method to regularize the singular Roy equations and implement unitarity and b) the introduction of various iteration methods which do not need any derivatives to solve the resulting nonlinear system of equations numerically. (Auth.)

  6. Roy Walford and the immunologic theory of aging

    Directory of Open Access Journals (Sweden)

    Effros Rita B

    2005-04-01

    Full Text Available Abstract Roy Walford died on April 27, 2004, at the age of 79. His contributions to gerontological research in such diverse areas as caloric restriction, genetics of lifespan, immunosenescence, DNA repair and replicative senescence were truly remarkable in their depth and innovation. Significantly, most of the areas that he pioneered during his illustrious research career remain the "hot" areas of current gerontological research. In this sense, he has achieved the most important type of immortality. His death was a major personal and professional loss to numerous scientists within the gerontological community. In launching this new journal on Immunity and Ageing, it is highly fitting, therefore, to remember him on the anniversary of his death by briefly reviewing the contributions of Roy Walford to this important facet of gerontology. Indeed, it was Roy who actually first coined the commonly used term "immunosenescence".

  7. Professing English a life of Roy Daniells

    CERN Document Server

    Djwa, Sandra

    2002-01-01

    Roy Daniells (1902-1979), an English professor who finished his career at the University of British Columbia, and an outstanding scholar, teacher and poet, influenced at least four generations of students.

  8. A Biography Between Spaces: M.N. Roy, from Indian nationalism to Mexican communism

    Directory of Open Access Journals (Sweden)

    Michael Goebel

    2013-04-01

    Full Text Available This paper traces the global travels of Indian revolutionary Manabendra Nath Roy (1884-1954, with special attention to the tension between nationalism and communism in his transnational political writings and networks. In particular, the article examines Roy's sojourn in revolutionary Mexico between 1917 and 1920, time during which he approached Marxism and signed as one of the founders of the Mexican Communist Party. The paper is therefore based on Roy's own writings, as well as on German and British diplomatic documents. The example of Roy's trajectory is used here to advance a number of more general arguments of theoretical nature regarding the advantages and problems of a transnational  historiography and its relation to biography as a historiographical genre.

  9. Nursing Approach Based on Roy Adaptation Model in a Patient Undergoing Breast Conserving Surgery for Breast Cancer.

    Science.gov (United States)

    Ursavaş, Figen Erol; Karayurt, Özgül; İşeri, Özge

    2014-07-01

    The use of models in nursing provides nurses to focus on the role of nursing and its applications rather than medical practice. In addition, it helps patient care to be systematic, purposeful, controlled and effective. One of the commonly used models in nursing is Roy Adaptation Model. According to Roy adaptation model, the aim of nursing is to increase compliance and life expectancy. Roy Adaptation Model evaluates the patient in physiologic mode, self-concept mode, role function mode and interdependence mode aiming to provide holistic care. This article describes the use of Roy Adaptation Model in the care of a patient who has been diagnosed with breast cancer and had breast-conserving surgery. Patient data was evaluated in the four modes of Roy adaptation model (physiologic, self-concept, role function, and interdependence modes) and the nursing process was applied.

  10. Mel Ramos ja Roy Lichtenstein Albertinas / Jaan Elken

    Index Scriptorium Estoniae

    Elken, Jaan, 1954-

    2011-01-01

    Mel Ramose retrospektiivnäitus "Mel Ramos : 50 Years of Pop Art" 29. maini 2011 ja Roy Lichtensreini mustvalgete tööde valik "Black & White 1961-1968" 15. maini 2011 Viini Albertinas. Lühidalt näitusest "Power Up - Female Pop Art" Viini Kunstihalles

  11. Savonarola at the stake: the rise and fall of Roy Meadow.

    Science.gov (United States)

    Kaplan, Robert

    2008-06-01

    The aim of this paper is to describe the role of prominent paediatrician Professor Sir Roy Meadow in the controversy surrounding the diagnosis of Munchausen Syndrome by Proxy (MSBP) in mothers accused of murdering their children. The MSBP saga is a further chapter of an era of moral panic that started several decades ago with repressed memory therapy, satanic ritual abuse and multiple personalities. The fall of medieval sage Savonarola is an apt analogy for the fate of Roy Meadow. The history of medicine is rife with figures who become their own authority and rule by force of personality.

  12. A relação entre os modos adaptativos de ROY e a taxonomia de diagnósticos de enfermagem da NANDA La relación entre los modos adaptativos de ROY y la taxonomía de diagnósticos de enfermería de la NANDA The relationship among the adaptation modes of ROY and NANDA taxonomy of nursing diagnoses

    Directory of Open Access Journals (Sweden)

    Marcos Venícios de Oliveira Lopes

    1999-10-01

    Full Text Available Estudo teórico-reflexivo objetivando estabelecer uma correlação entre a taxonomia de diagnósticos da NANDA e os modos adaptativos propostos por Roy. Foram definidas as relações entre os indicadores de adaptação positiva, os problemas comuns de adaptação propostos por Roy e os diagnósticos de enfermagem da NANDA. Os resultados nos permitiram perceber uma forte correspondência entre os conceitos existentes no modelo teórico estudado e a taxonomia de diagnósticos de enfermagem da NANDA. Concluímos que existe a possibilidade de operacionalizar o uso dos diagnósticos de enfermagem da NANDA tendo como base o processo de enfermagem fundamentado na teoria da Adaptação de Roy.Estudio teórico-reflexivo buscando establecer una correlación entre los diagnósticos de enfermería de la NANDA y los modos adaptativos propuestos por Roy. Fueron definidas las relaciones entre los indicadores de adaptación positiva, los problemas comunes de adaptación propuestos por Roy y los diagnósticos de enfermería de la NANDA. Los resultados permitieron ver una correlación fuerte entre los conceptos existentes en el modelo teórico estudiado y la taxonomía de la NANDA de diagnósticos de enfermería. Nosotros concluimos que existe la posibilidad de operacionalizar el uso de los diagnósticos de enfermería de la NANDA teniendo como base el proceso de enfermería basado en la teoría de la Adaptación de Roy.The present study is theoretical-reflexive with the purpose to establish a correlation between NANDA's taxonomy diagnoses and the adaptation modes proposed by Roy. Authors defined the relationships among the indicators of positive adaptation, the common problems of adaptation proposed by Roy and NANDA's nursing diagnoses. Results showed a strong correspondence between the existent concepts in the studied theoretical model and NANDA's taxonomy of nursing diagnoses. Authors concluded that there is a possibility of using NANDA's nursing diagnoses and

  13. Adolescent Girls' Self-Concept and Its Related Factors Based on Roy Adaptation Model

    OpenAIRE

    M. Basiri Moghadam; SH. Khosravan; L. Sadeghmoghadam; N. Ebrahimi Senoo

    2017-01-01

    Aims: One of the most important factors of individual health in the adolescents is the self-concept. As a nursing model, the Roy adaptation model mainly investigates the factor. The aim of the study was to investigate the self-concept and its related factors in the adolescent girls in Gonabad Township, based on the Roy adaptation model. Instrument & Methods: In the descriptive cross-sectional study, 270 adolescent girls were studied in Gonabad Township, Iran, in 2015. The subjects were s...

  14. An Interview with Professor Roy Caldwell

    OpenAIRE

    Chowdhary, Kuntal; Bhat, Prashant; Rosen, Jared; Naughton, Ida; Wang, Jingyan

    2013-01-01

    Envision the underwater world: vibrant coral, swaying seaweed, and lively creatures abound. However, the postcards and National Geographic covers that try to capture the beauty of this picturesque habitat can only represent it at one moment in time -- in reality, the landscape is hardly static, since many of its animals are capable of body modifications to change their shape and color. To understand the coloration and color vision of sea creatures, UC Berkeley Professor Roy L. Caldwell resear...

  15. Resisting the author: JT LeRoy's fictional authorship

    NARCIS (Netherlands)

    Loontjens, J.

    2008-01-01

    In the last decade, the interest in the relation between author and text, author and autobiography, seems to have grown. In my article, I use the story of the author JT LeRoy as a framework to analyse what this growing interest means for our understanding of the word "author." JT LeRoy’s work was

  16. Roy-Steiner equations for πN scattering

    Science.gov (United States)

    de Elvira, J. Ruiz; Ditsche, C.; Hoferichter, M.; Kubis, B.; Meißner, U.-G.

    2015-10-01

    In this talk, we briefly review our ongoing collaboration to precisely determine the low-energy πN scattering amplitude by means of Roy-Steiner equations. After giving a brief overview of this system of dispersive equations and their application to πN scattering, we proceed to solve for the lower partial waves of the s-channel (πN → πN) and the t-channel l( {π π to bar NN} right) sub-problems.

  17. Historical evolution of the concept environment proposed in the Roy adaptation model Evolución histórica del concepto entorno propuesto en el modelo de la adaptación de Roy Evolução histórica do conceito ambiente proposto no modelo da adaptação de Roy

    Directory of Open Access Journals (Sweden)

    Marcos Venícios de Oliveira Lopes

    2006-04-01

    Full Text Available The concern for the development of concepts becomes even more important when we report to its use in Nursing theories, in which some concepts are considered central, such as person, environment, health and nursing. This study aims to discuss the historical evolution of the environment concept used in the Roy Adaptation Model. The method of analysis the study was based on is the evolutionary conceptual analysis of the concept Environment of the Roy Adaptation Model. According to the research results, Environment is introduced as the second major concept in the Roy Adaptation Model. In this theorist's interpretation of the environment, we notice her interest in surpassing the mechanistic point of view upon which the first version of the model was based. The approach of the concept of interaction between people and groups seems to represent an improvement, influenced by the current thoughts that are preeminent in nursing.La preocupación con el desarrollo de conceptos se vuelve más importante cuando nos reportamos para su uso en teorías de Enfermería. En ellas, algunos conceptos son considerados centrales, tales como persona, ambiente, salud y enfermería. Este artículo visa examinar la evolución histórica del concepto de ambiente utilizado en el Modelo de Adaptación de Roy. El método de análisis en que el estudio fue basado es el análisis conceptual evolucionario del concepto Ambiente del Modelo de Adaptación de Roy. De acuerdo con los resultados del estudio, Ambiente es introducido como el segundo concepto más importante en el Modelo de Adaptación de Roy. En la interpretación que la teórica hace del ambiente, notamos su interés en ultrapasar el punto de vista mecanicista en que la primera versión del modelo era basada. La propuesta de interacción del concepto ambiente con personas y grupos parece representar una mejoría, influenciada por los pensamientos corrientes que son predominantes en la enfermería.A preocupação com o

  18. The Roy Adaptation Model and Content Analysis

    OpenAIRE

    Jacqueline Fawcett

    2006-01-01

    El objetivo del presente estudio consiste en explicar de qué manera se puede utilizar el Modelo de Adaptación de Roy para guiar el análisis de contenido cuantitativo y cualitativo de respuestas a preguntas abiertas en una entrevista. Estas respuestas pueden ser catalogadas como adaptativas o inefectivas respecto de los modos de adaptación psicosocial, autoconcepto, función de rol e interdependencia y, entonces, asociadas a un determinado puntaje de adaptación.

  19. The Roy Adaptation Model and Content Analysis

    OpenAIRE

    Fawcett, Jacqueline

    2006-01-01

    The purpose of this paper is to explain how the Roy Adaptation Model can be used to guide a combined qualitative and quantitative content analysis of responses to open-ended interviews questions. Responses can be categorized as adaptive or ineffective within the physiological, self-concept, role function, and interdependence modes of adaptation and then tallied to yield an adaptation score. El objetivo del presente estudio consiste en explicar de qué manera se puede utilizar el Modelo de A...

  20. Economic Security Environment and Implementation of Planning, Programming, Budgeting, Execution (PPBE) System in Georgia

    Science.gov (United States)

    2004-06-01

    Roy J. What Determines Economic Growth? Economic Review – Second Quarter 1993 [References: Barro (1991); Mankiw , Romer, and Well (1992); De Long...NAVAL POSTGRADUATE SCHOOL MONTEREY, CALIFORNIA THESIS Approved for public release: distribution unlimited ECONOMIC SECURITY...DATES COVERED Master’s Thesis 4. TITLE AND SUBTITLE: Economic Security Environment and Implementation of Planning, Programming, Budgeting, Execution

  1. Da pesquisa à prática de enfermagem aplicando o modelo de adaptação de Roy De la investigación a la práctica de enfermería mediante la aplicación del modelo de adaptación de Roy From research to nursing practice applying the Roy adaptation model

    Directory of Open Access Journals (Sweden)

    Sónia Margarida Santos Coelho

    2011-12-01

    Full Text Available Os modelos e as teorias de enfermagem contribuem para o desenvolvimento do conhecimento em enfermagem, guiando as investigações no sentido do desenvolvimento da disciplina e, consequentemente, da prática. De acordo como o Modelo de Adaptação de Roy, a pessoa é vista como um ser adaptável com mecanismos que permitem a adaptação de comportamentos em resposta aos estímulos ambientais. De fato, a pessoa é o enfoque central dos cuidados de enfermagem, visando-se sempre a melhoria dos cuidados prestados baseados em investigação. A metodologia do Modelo de Adaptação de Roy baseia-se na aplicabilidade do processo de enfermagem, facilitando aos enfermeiros a coleta de dados, estabelecimento de objetivos e diagnósticos de enfermagem, a determinação de intervenções de enfermagem e a posterior avaliação do processo. Assim o objetivo desta pesquisa é realizar uma revisão crítica da aplicação do Modelo Adaptação de Roy aplicado à prática e à pesquisa em Enfermagem.Los modelos y teorías de enfermería contribuyen para el desarrollo del conocimiento en Enfermería, guiando las investigaciones para el desarrollo de la disciplina y, consecuentemente, de la práctica. De acuerdo con el Modelo de Adaptación de Roy se ve la persona como un mecanismo de adaptación que permite el ajuste del comportamiento en respuesta a estímulos ambientales. De hecho, la persona es el foco central de la atención de enfermería, buscando siempre el mejoramiento de la atención basada en la investigación. La metodología del Modelo de Adaptación de Roy se basa en la aplicación del proceso de enfermería, lo que facilita a las enfermeras para recopilar datos, establecer metas y diagnósticos de enfermería, la determinación de las intervenciones de enfermería y el proceso de evaluación posterior. Así, el objetivo de esta investigación es una revisión crítica de la aplicación del Modelo de Adaptación de Roy empleado para la práctica y la

  2. Effect of Treatment Education Based on the Roy Adaptation Model on Adjustment of Hemodialysis Patients.

    Science.gov (United States)

    Kacaroglu Vicdan, Ayse; Gulseven Karabacak, Bilgi

    2016-01-01

    The Roy Adaptation Model examines the individual in 4 fields: physiological mode, self-concept mode, role function mode, and interdependence mode. Hemodialysis treatment is associated with the Roy Adaptation Model as it involves fields that might be needed by the individual with chronic renal disease. This research was conducted as randomized controlled experiment with the aim of determining the effect of the education given in accordance with the Roy Adaptation Model on physiological, psychological, and social adaptation of individuals undergoing hemodialysis treatment. This was a random controlled experimental study. The study was conducted at a dialysis center in Konya-Aksehir in Turkey between July 1 and December 31, 2012. The sample was composed of 82 individuals-41 experimental and 41 control. In the second interview, there was a decrease in the systolic blood pressures and body weights of the experimental group, an increase in the scores of functional performance and self-respect, and a decrease in the scores of psychosocial adaptation. In the control group, on the other hand, there was a decrease in the scores of self-respect and an increase in the scores of psychosocial adaptation. The 2 groups were compared in terms of adaptation variables and a difference was determined on behalf of the experimental group. The training that was provided and evaluated for individuals receiving hemodialysis according to 4 modes of the Roy Adaptation Model increased physical, psychological, and social adaptation.

  3. Roy's Adaptation Model-Guided Education and Promoting the Adaptation of Veterans With Lower Extremities Amputation.

    Science.gov (United States)

    Azarmi, Somayeh; Farsi, Zahra

    2015-10-01

    Any defect in extremities of the body can affect different life aspects. The purpose of this study was to investigate the effect of Roy's adaptation model-guided education on promoting the adaptation of veterans with lower extremities amputation. In a randomized clinical trial, 60 veterans with lower extremities amputation referring to Kowsar Orthotics and Prosthetics Center of veterans clinic in Tehran, Iran, were recruited with convenience method and were randomly assigned to intervention and control groups during 2013 - 2014. For data collection, Roy's adaptation model questionnaire was used. After completing the questionnaires in both groups, maladaptive behaviors were determined in the intervention group and an education program based on Roy's adaptation model was implemented. After two months, both groups completed the questionnaires again. Data was analyzed with SPSS software. Independent t-test showed statistically significant differences between the two groups in the post-test stage in terms of the total score of adaptation (P = 0.001) as well as physiologic (P = 0.0001) and role function modes (P = 0.004). The total score of adaptation (139.43 ± 5.45 to 127.54 ± 14.55, P = 0.006) as well as the scores of physiologic (60.26 ± 5.45 to 53.73 ± 7.79, P = 0.001) and role function (20.30 ± 2.42 to 18.13 ± 3.18, P = 0.01) modes in the intervention group significantly increased, whereas the scores of self-concept (42.10 ± 4.71 to 39.40 ± 5.67, P = 0.21) and interdependence (16.76 ± 2.22 to 16.30 ± 2.57, P = 0.44) modes in the two stages did not have a significant difference. Findings of this research indicated that the Roy's adaptation model-guided education promoted the adaptation level of physiologic and role function modes in veterans with lower extremities amputation. However, this intervention could not promote adaptation in self-concept and interdependence modes. More intervention is advised based on Roy's adaptation model for improving the

  4. Adaptación psicosocial de los adolescentes pos-trasplante renal, según la teoría de Roy Adaptação psicossocial do adolescente pós-trasplante renal segundo a teoria de Roy Psicosocial adaptation of post-renal transplanted adolescents according to Roy Theory

    Directory of Open Access Journals (Sweden)

    Ana Luisa Brandão de Carvalho Lirax

    2005-03-01

    Full Text Available El objetivo de este trabajo fue conocer las repercusiones psicosociales del adolescente después del trasplante renal y los mecanismos de adaptación utilizados en su nueva condición de vida. Es un estudio cualitativo, mediante entrevistas estructuradas. Fueron entrevistados diecinueve adolescentes que estaban en acompañamiento en dos hospitales públicos de Ceará-Brasil, después de la aprobación del proyecto por parte del Comité de Ética de las Instituciones y obtención del consentimiento libre e informado. Los resultados fueron analizados conforme a la teoría de la adaptación de Roy. Se identificaron problemas de adaptación, como: limitación física, vergüenza, miedo al rechazo e impotencia. Sin embargo, esos adolescentes pudieron superar tal situación y mejorar la adaptación a su nueva condición. Concluimos que la teoría de Roy permitió un análisis más profundo de los adolescentes, permitiéndoles un tratamiento más eficaz y, consecuentemente, una mejor calidad de vida.É um estudo descritivo, com análise qualitativo. O objetivo deste trabalho foi conhecer as repercussões psicossociais do adolescente após o trasplante renal e os mecanismos adaptativos utilizados por estes na sua nova condição de vida. Foram entrevistados dezenove adolescentes que estavam em acompanhamento ambulatorial em dois hospitais públicos do Ceará-Brasil, após aprovação do projeto pelo Comitê de Ética das Instituições e obtenção do consentimento livre e esclarecido. Os resultados foram analisados conforme a teoria da adaptação de Roy. Foram identificados problemas de adaptação, como: limitação física, vergonha, medo de rejeição e impotência. Contudo, esses adolescentes puderam superar tal situação e melhorar a adaptação à sua nova condição. Concluímos que a teoria de Roy permitiu uma análise mais aprofundada desses adolescentes, permitindo lhes um tratamento mais eficaz e, conseqüentemente, uma melhor qualidade de

  5. Conceivability and De Re Modal Knowledge: A reply to Roca-Royes

    DEFF Research Database (Denmark)

    Steffensen, Asger Bo Skjerning

    In a recent paper, Roca-Royes argues that conceivability cannot be the whole story about our access to de re modal knowledge. Her claim is that conceivability-based epistemologies fails to comply with a principle any epistemology of de re modality must observe. I critically assess Roca...

  6. COMPLEX STAGING : THE HIDDEN DIMENSIONS OF ROY ANDERSSON’S AESTHETICS

    NARCIS (Netherlands)

    Hanich, Julian

    2014-01-01

    In this essay I follow André Bazin and David Bordwell and their discussion of the deep-focus long-take as well as staging in depth. I have three goals. First, I engage with the style of Swedish director Roy Andersson. Andersson – born in 1943 and best known for his films Songs from the Second Floor

  7. Roy Reider (1914-1979) selections from his written and spoken words

    International Nuclear Information System (INIS)

    Paxton, H.C.

    1980-01-01

    Comments by Roy Reider on chemical criticality control, the fundamentals of safety, policy and responsibility, on written procedures, profiting from accidents, safety training, early history of criticality safety, requirements for the possible, the value of enlightened challenge, public acceptance of a new risk, and on prophets of doom are presented

  8. Pessoas com úlceras venosas: estudo do modo psicossocial do modelo adaptativo de Roy Personas con úlceras venosas: estudio de los aspectos psicosociales del modelo de adaptación de Roy People with venous ulcers: a study of the psychosocial aspects of the adaptive model of Roy

    Directory of Open Access Journals (Sweden)

    Isabelle Katherinne Fernandes Costa

    2011-09-01

    Full Text Available Estudo transversal, descritivo, quantitativo, realizado com 50 pessoas com úlcera venosa (UV em um Hospital Universitário, que objetivou verificar o nível de adaptação psicossocial do Modelo de Roy das pessoas com UV. A pesquisa foi aprovada pelo Comitê de Ética da instituição. Os dados foram coletados com formulário estruturado e após a organização dos dados das alterações ocorridas na vida das pessoas com UV classificamos segundo o modo psicossocial de Roy. Verificamos que no modo autoconceito, 36% sentiam-se insatisfeitos com aparência física, 18% apresentavam sentimentos negativos; no modo desempenho de papéis: alteração no papel laboral (52,0%, atividades domésticas (34,0%, conjugal (6,0%, restrições de lazer, dor, social, escolar e locomoção (82,0%; no modo de interdependência: apoio no tratamento (82,0%, discriminação (58,0%. A identificação do modo psicossocial direciona as ações de enfermagem abrangendo a pessoa que recebe o cuidado considerando-a no todo em suas relações com ambiente promovendo melhor nível de adaptação.Estudio transversal, descriptivo, cuantitativo realizado con 50 personas con úlcera venosa (UV en el Hospital Universitario que objetivó conocer nivel de adaptación psicosocial del modelo de Roy de las personas con UV. Estudio aprobado por el Comité de Ética (nº 279/09. Los datos fueron recogidos mediante formulario y después de organizar los datos de los cambios en la vida de las personas con UV, fueron clasificados de acuerdo con los aspectos psicosociales de Roy. Verificamos en el modo de auto-concepto: 36% insatisfacción con apariencia física, 18% sentimientos negativos, desempeño de papel: cambio en el papel de trabajo (52,0%, tareas domésticas (34,0%, estado civil (6,0%, restricción de ocio, dolor, sociales, educativos y transporte (82,0%; modo de interdependencia: apoyo en el tratamiento (82,0%, discriminación (58,0%. La identificación de aspectos psicosociales

  9. The Roy Adaptation Model: A Theoretical Framework for Nurses Providing Care to Individuals With Anorexia Nervosa.

    Science.gov (United States)

    Jennings, Karen M

    Using a nursing theoretical framework to understand, elucidate, and propose nursing research is fundamental to knowledge development. This article presents the Roy Adaptation Model as a theoretical framework to better understand individuals with anorexia nervosa during acute treatment, and the role of nursing assessments and interventions in the promotion of weight restoration. Nursing assessments and interventions situated within the Roy Adaptation Model take into consideration how weight restoration does not occur in isolation but rather reflects an adaptive process within external and internal environments, and has the potential for more holistic care.

  10. PLURALISM, FATWA, AND COURT IN INDONESIA: The Case of Yusman Roy

    Directory of Open Access Journals (Sweden)

    Nadirsyah Hosen

    2012-06-01

    Full Text Available The interrelation between Islam, state and pluralism is an unfinished discussion in Indonesia. This paper examines an issue of promoting individual freedom to practice his/her belief, and at the same time not insulting the majority belief in a plural society. It takes the case of Yusman Roy on performing the salah (prayer in a local language as the subject of analysis in order to identify the fault lines of religion and pluralism, and to consider how best to address them. The paper argues that fatwa and court should not be used as mechanisms to deal with the issue of religion and pluralism. It further argues for an “alternative dispute resolution” in dealing with the plurality of interpretation within Islamic tradition and at the same time maintaining the unity and harmony Islamic communities. It maintains that Roy should have the rights to practice what he believes, but at the same time, a negotiation on how he spreads his ideas outside his schools should take place in order to avoid provocative actions that invite violence.

  11. Estudio de la evidencia del concepto de grupo en el modelo de adaptación de Roy

    OpenAIRE

    Cavalcante Guedes, María Vilaní; Lopes, Marcos Venícios de Oliveira; Araujo, Thelma Leite de

    2005-01-01

    El estudio tiene como objetivo evaluar el concepto de grupo en el Modelo de Adaptación de Roy tomando por parámetro el criterio interno de evidencia del modelo de análisis de teoría propuesto por Barnum (1998). Discutimos el concepto de grupo con base en diferentes autores, y también según descrito por Roy en sus diversos modos de adaptación. Encontramos que la evidencia del concepto grupo, en los modos de adaptación, se quedó perjudicada y que el Modelo Teórico ...

  12. Evolução histórica do conceito ambiente proposto no modelo da adaptação de Roy

    OpenAIRE

    Lopes, Marcos Venícios de Oliveira; Pagliuca, Lorita Marlena Freitag; Araujo, Thelma Leite de

    2006-01-01

    The concern for the development of concepts becomes even more important when we report to its use in Nursing theories, in which some concepts are considered central, such as person, environment, health and nursing. This study aims to discuss the historical evolution of the environment concept used in the Roy Adaptation Model. The method of analysis the study was based on is the evolutionary conceptual analysis of the concept Environment of the Roy Adaptation Model. According to the research r...

  13. Roy-Steiner-equation analysis of pion-nucleon scattering

    Science.gov (United States)

    Meißner, U.-G.; Ruiz de Elvira, J.; Hoferichter, M.; Kubis, B.

    2017-03-01

    Low-energy pion-nucleon scattering is relevant for many areas in nuclear and hadronic physics, ranging from the scalar couplings of the nucleon to the long-range part of two-pion-exchange potentials and three-nucleon forces in Chiral Effective Field Theory. In this talk, we show how the fruitful combination of dispersion-theoretical methods, in particular in the form of Roy-Steiner equations, with modern high-precision data on hadronic atoms allows one to determine the pion-nucleon scattering amplitudes at low energies with unprecedented accuracy. Special attention will be paid to the extraction of the pion-nucleon σ-term, and we discuss in detail the current tension with recent lattice results, as well as the determination of the low-energy constants of chiral perturbation theory.

  14. DIAGNÓSTICOS DE ENFERMAGEM E MODELO TÉORICO DE ROY EM PACIENTES PROSTATECTOMIZADOS

    Directory of Open Access Journals (Sweden)

    Elisandra de Araújo Saldanha

    2013-01-01

    Full Text Available Estudio descriptivo, con objetivo de identificar el perfil de los diagnósticos de enfermería internacional NANDA en pacientes en postoperatorio inmediato de prostatectomía y relacionarlos con los problemas de adaptación del Modelo de Adaptación de Roy. Llevado a cabo en hospital universitario en Nordeste de Brasil, entre noviembre/2010 y abril/2011, con muestra de 50 individuos. Los datos fueron recolectados a través de entrevista y examen físico, con posterior análisis por medio del razonamiento clínico. Fueron encontrados las relaciones: riesgo de caídas y posibles lesiones; alteración de la deambulación y la movilidad a pie y/o coordinación restringida; déficits de autocuidado y pérdida de la capacidad de autocuidado; dolor agudo y dolor agudo; patrones de insomnio/sueño y privación del sueño con discapacidad; estreñimiento y estreñimiento. Por lo tanto, la mayor parte de los diagnósticos de enfermería identificados son similares a los problemas de adaptación de acuerdo con Roy.

  15. Diagnósticos de enfermagem e modelo adaptativo de Roy: análise em pacientes críticos

    Directory of Open Access Journals (Sweden)

    Anna Lívia de Medeiros Dantas

    2017-01-01

    Full Text Available Objetivo: establecer relación de los diagnósticos de enfermería presentes en el dominio seguridad y protección de NANDA Internacional con los problemas adaptativos del modelo de Roy para pacientes en unidad de cuidados intensivos (UCI. Métodos: estudio transversal, llevado a cabo en la UCI de un hospital universitario en una capital del noreste brasileño. La muestra fue de 86 individuos. Los datos, recolectados entre octubre del 2013 y mayo del 2014, mediante formato de entrevista y prueba física, se analizaron por medio de estadística descriptiva e inferencial. Resultados: entre los diagnósticos de enfermería del dominio seguridad y protección, 29 estuvieron presentes con frecuencias variables. En cuanto a los relacionados con los problemas adaptativos propuestos por Roy, se evidenciaron 12 problemas adaptativos en cuanto al modo adaptativo fisiológico, que abarca las categorías de sentidos, protección, oxigenación, actividad y reposo y nutrición. Conclusiones: se encontró relación entre los diagnósticos de enfermería del dominio seguridad y protección y los problemas adaptativos del modelo de Roy para pacientes en cuidados intensivos.

  16. CERN Library | Roy Calne presents: "The Ratchet of Science - Curiosity killed the cat" | 26 October

    CERN Multimedia

    CERN Library

    2015-01-01

    Sir Roy Calne will discuss his most recent book: “The Ratchet of Science - Curiosity killed the cat. Can human nature cope with the rapid and accelerated advances of science?”   Monday, 26 October - 4.30 p.m. CERN Filtration plant, Room 222-R-001 There is a limited number of seats. Please register here. The book’s premise is that huge scientific advances throughout history occur in spurts or “ratchets”. It reflects on the good and the evil consequences of discoveries. Due to the worrying nature of human beings, each ratchet in our knowledge is too often accompanied by dangerous applications. Knowledge, once established by a reliable scientific method, cannot be unlearned. The cat is out of the bag and the curiosity may kill the cat – so to speak. Professor Roy Calne illustrates this with the example of the young physicist known to all at CERN: Lise Meitner, who discovered and named nucle...

  17. [People with venous ulcers: a study of the psychosocial aspects of the Roy Adaptation Model].

    Science.gov (United States)

    Costa, Isabelle Katherinne Fernandes; da Nóbrega, Walkíria Gomes; Costa, Isabel Karolyne Fernandes; Torres, Gilson de Vasconcelos; Lira, Ana Luiza Brandão de Carvalho; Tourinho, Francis Solange Vieira; Enders, Bertha Cruz

    2011-09-01

    A transversal descriptive quantitative study, conducted with 50 people with Venous Ulcer (VU) at an University Hospital, that aimed to ascertain the level of psychosocial adaptation of the Roy Model of people with VU. The study was approved by the Ethics Committee. The data were collected with a structured form. After organizing the data, composed of changes in the lives of people with VU, we classified it according to Roy's psychosocial aspects. We found that in the self-concept mode, 36% felt dissatisfied with physical appearance, and 18% had negative feelings; in the role-function mode: change in the working role (52.0%), housework (34.0%), marital (6.0%), leisure, pain, social, educational and transportation restrictions (82.0%); interdependence mode: support in treatment (82.0%), discrimination (58.0%). The identification of the psychosocial aspects directs nursing actions to consider the whole of the person receiving care in its relations with the environment, thus promoting a better level of adaptation.

  18. Método canguru: práticas investigativas e de cuidado de enfermagem no modelo de adaptação de Roy Método canguro: prácticas de investigación y de atención en enfermería en el modelo de adaptación de Roy Kangaroo method: investigative practices and nursing care in the Roy adaptation model

    Directory of Open Access Journals (Sweden)

    Márcia Borck

    2012-06-01

    Full Text Available Trata-se de uma pesquisa convergente-assistencial, de natureza qualitativa, que teve como objetivos: investigar a experiência no processo de adaptação de seis famílias na terceira etapa do Método Canguru com recém-nascidos pré-termo e/ou de baixo peso, no período de outubro/06 a fevereiro/07; e implementar a consulta de enfermagem dentro dos quatro modos adaptativos da Teoria de Roy. A coleta de dados foi realizada através do processo de cuidar do modelo adaptativo de Roy, utilizando as técnicas de observação e da entrevista semiestruturada. O processo de análise ocorreu por meio da apreensão, síntese, teorização e transferência. Os resultados mostram a necessidade de fortalecer o papel da família na desospitalização e a comunicação entre a equipe interdisciplinar e rever critérios de alta da terceira etapa. Este estudo evidencia a terceira etapa como oportunidade para retroalimentar o sistema de cuidado e apoiar as famílias para sobreporem seus conflitos, preocupações, medos, inseguranças e o próprio comportamento imaturo do bebê.Se trata de una Investigación Convergente y Asistencial, cualitativa. Sus objetivos fueron investigar la experiencia en el proceso de adaptación de seis familias en la tercera etapa del Método Canguro con recién nacidos pre término y/o de bajo peso, en el periodo de Octubre /06 a Febrero /07 e implementar la consulta de enfermería dentro de los cuatro modos adaptativos de la Teoría de Roy. La recolección de los datos fue realizada a través del proceso de cuidar del modelo adaptativo de Roy, utilizando las técnicas de observación y la entrevista parcialmente estructurada. El proceso de análisis se hizo por medio de la aprehensión, síntesis, teorización y transferencia. Los resultados muestran la necesidad de fortalecer el papel de la familia en la deshospitalización, la comunicación entre el equipo disciplinario y rever criterios de alta de la tercera etapa. En este estudio

  19. Roy-Steiner equations for pion-nucleon scattering

    Science.gov (United States)

    Ditsche, C.; Hoferichter, M.; Kubis, B.; Meißner, U.-G.

    2012-06-01

    Starting from hyperbolic dispersion relations, we derive a closed system of Roy-Steiner equations for pion-nucleon scattering that respects analyticity, unitarity, and crossing symmetry. We work out analytically all kernel functions and unitarity relations required for the lowest partial waves. In order to suppress the dependence on the high energy regime we also consider once- and twice-subtracted versions of the equations, where we identify the subtraction constants with subthreshold parameters. Assuming Mandelstam analyticity we determine the maximal range of validity of these equations. As a first step towards the solution of the full system we cast the equations for the π π to overline N N partial waves into the form of a Muskhelishvili-Omnès problem with finite matching point, which we solve numerically in the single-channel approximation. We investigate in detail the role of individual contributions to our solutions and discuss some consequences for the spectral functions of the nucleon electromagnetic form factors.

  20. Roy's safety-first portfolio principle in financial risk management of disastrous events.

    Science.gov (United States)

    Chiu, Mei Choi; Wong, Hoi Ying; Li, Duan

    2012-11-01

    Roy pioneers the concept and practice of risk management of disastrous events via his safety-first principle for portfolio selection. More specifically, his safety-first principle advocates an optimal portfolio strategy generated from minimizing the disaster probability, while subject to the budget constraint and the mean constraint that the expected final wealth is not less than a preselected disaster level. This article studies the dynamic safety-first principle in continuous time and its application in asset and liability management. We reveal that the distortion resulting from dropping the mean constraint, as a common practice to approximate the original Roy's setting, either leads to a trivial case or changes the problem nature completely to a target-reaching problem, which produces a highly leveraged trading strategy. Recognizing the ill-posed nature of the corresponding Lagrangian method when retaining the mean constraint, we invoke a wisdom observed from a limited funding-level regulation of pension funds and modify the original safety-first formulation accordingly by imposing an upper bound on the funding level. This model revision enables us to solve completely the safety-first asset-liability problem by a martingale approach and to derive an optimal policy that follows faithfully the spirit of the safety-first principle and demonstrates a prominent nature of fighting for the best and preventing disaster from happening. © 2012 Society for Risk Analysis.

  1. The Generalized Roy Model and the Cost-Benefit Analysis of Social Programs*

    Science.gov (United States)

    Eisenhauer, Philipp; Heckman, James J.; Vytlacil, Edward

    2015-01-01

    The literature on treatment effects focuses on gross benefits from program participation. We extend this literature by developing conditions under which it is possible to identify parameters measuring the cost and net surplus from program participation. Using the generalized Roy model, we nonparametrically identify the cost, benefit, and net surplus of selection into treatment without requiring the analyst to have direct information on the cost. We apply our methodology to estimate the gross benefit and net surplus of attending college. PMID:26709315

  2. The Generalized Roy Model and the Cost-Benefit Analysis of Social Programs.

    Science.gov (United States)

    Eisenhauer, Philipp; Heckman, James J; Vytlacil, Edward

    2015-04-01

    The literature on treatment effects focuses on gross benefits from program participation. We extend this literature by developing conditions under which it is possible to identify parameters measuring the cost and net surplus from program participation. Using the generalized Roy model, we nonparametrically identify the cost, benefit, and net surplus of selection into treatment without requiring the analyst to have direct information on the cost. We apply our methodology to estimate the gross benefit and net surplus of attending college.

  3. Roy-Steiner equations for {pi}N scattering - The Muskhelishvili-Omnes problem for the t-channel partial waves

    Energy Technology Data Exchange (ETDEWEB)

    Ditsche, Christoph; Hoferichter, Martin; Kubis, Bastian [Helmholtz-Institut fuer Strahlen- und Kernphysik (Theorie), Universitaet Bonn (Germany); Bethe Center for Theoretical Physics, Bonn (Germany); Meissner, Ulf G. [Helmholtz-Institut fuer Strahlen- und Kernphysik (Theorie), Universitaet Bonn (Germany); Institut fuer Kernphysik (Theorie), Institute for Advanced Simulations, and Juelich Center for Hadron Physics, Forschungszentrum Juelich, D-52425 Juelich (Germany); Bethe Center for Theoretical Physics, Bonn (Germany)

    2011-07-01

    Starting from (subtracted) hyperbolic dispersion relations for {pi}N scattering, which are based on the general principles of Lorentz invariance, unitarity, crossing and analyticity as well as isospin symmetry, we propose a closed system of (subtracted) hyperbolic partial wave dispersion relations for the partial waves f{sup I}{sub l{+-}}({radical}(s)) of the s-channel reaction {pi}N{yields}{pi}N and the partial waves f{sup J}{sub {+-}}(t) of the t-channel reaction {pi}{pi}{yields} anti NN in the spirit of Roy and Steiner. A key step to the ultimate goal of solving this Roy-Steiner system is to first solve the corresponding (subtracted) Muskhelishvili-Omnes problem with inelasticities and a finite matching point for the lowest t-channel partial waves f{sup 0}{sub +}(t), f{sup 1}{sub {+-}}(t). The recent status of this ongoing effort is presented.

  4. Effect of a care plan based on Roy adaptation model biological dimension on stroke patients' physiologic adaptation level.

    Science.gov (United States)

    Alimohammadi, Nasrollah; Maleki, Bibi; Shahriari, Mohsen; Chitsaz, Ahmad

    2015-01-01

    Stroke is a stressful event with several functional, physical, psychological, social, and economic problems that affect individuals' different living balances. With coping strategies, patients try to control these problems and return to their natural life. The aim of this study is to investigate the effect of a care plan based on Roy adaptation model biological dimension on stroke patients' physiologic adaptation level. This study is a clinical trial in which 50 patients, affected by brain stroke and being admitted in the neurology ward of Kashani and Alzahra hospitals, were randomly assigned to control and study groups in Isfahan in 2013. Roy adaptation model care plan was administered in biological dimension in the form of four sessions and phone call follow-ups for 1 month. The forms related to Roy adaptation model were completed before and after intervention in the two groups. Chi-square test and t-test were used to analyze the data through SPSS 18. There was a significant difference in mean score of adaptation in physiological dimension in the study group after intervention (P adaptation in the patients affected by brain stroke in the study and control groups showed a significant increase in physiological dimension in the study group by 47.30 after intervention (P adaptation model biological dimension care plan can result in an increase in adaptation in patients with stroke in physiological dimension. Nurses can use this model for increasing patients' adaptation.

  5. Matching Pion-Nucleon Roy-Steiner Equations to Chiral Perturbation Theory

    Science.gov (United States)

    Hoferichter, Martin; Ruiz de Elvira, Jacobo; Kubis, Bastian; Meißner, Ulf-G.

    2015-11-01

    We match the results for the subthreshold parameters of pion-nucleon scattering obtained from a solution of Roy-Steiner equations to chiral perturbation theory up to next-to-next-to-next-to-leading order, to extract the pertinent low-energy constants including a comprehensive analysis of systematic uncertainties and correlations. We study the convergence of the chiral series by investigating the chiral expansion of threshold parameters up to the same order and discuss the role of the Δ (1232 ) resonance in this context. Results for the low-energy constants are also presented in the counting scheme usually applied in chiral nuclear effective field theory, where they serve as crucial input to determine the long-range part of the nucleon-nucleon potential as well as three-nucleon forces.

  6. Pion-nucleon scattering: from chiral perturbation theory to Roy-Steiner equations

    Science.gov (United States)

    Kubis, Bastian; Hoferichter, Martin; de Elvira, Jacobo Ruiz; Meißner, Ulf-G.

    2016-11-01

    Ever since Weinberg's seminal predictions of the pion-nucleon scattering amplitudes at threshold, this process has been of central interest for the study of chiral dynamics involving nucleons. The scattering lengths or the pion-nucleon σ-term are fundamental quantities characterizing the explicit breaking of chiral symmetry by means of the light quark masses. On the other hand, pion-nucleon dynamics also strongly affects the long-range part of nucleon-nucleon potentials, and hence has a far-reaching impact on nuclear physics. We discuss the fruitful combination of dispersion-theoretical methods, in the form of Roy-Steiner equations, with chiral dynamics to determine pion-nucleon scattering amplitudes at low energies with high precision.*

  7. The Impact of the Soviet Military Presence in the Arctic Region on Norwegian Security Policies

    Science.gov (United States)

    1990-01-01

    Admiral Roy Breivik , "Assuring the Security of Reinforcements to Norway", NATO’s Sixteen Nations, Special nr 2, (1982): 67. Former Director General of...34Norway Country Portrait", (1984): 53. 17 Holst, (1982): 27. 18 German, (1982): 61. 19 Bjol, (1983): 25. 20 Breivik , (1982): 68. 21 Interview, Major Kurt...1, (January 1981): 5-7. 137 Vinogradov, N., as translated by Suggs, Robert C., "Let’s Go to Hammerfest", Red Star, (February 1985). Wall, Patrick

  8. Quantitative Vulnerability Assessment of Cyber Security for Distribution Automation Systems

    Directory of Open Access Journals (Sweden)

    Xiaming Ye

    2015-06-01

    Full Text Available The distribution automation system (DAS is vulnerable to cyber-attacks due to the widespread use of terminal devices and standard communication protocols. On account of the cost of defense, it is impossible to ensure the security of every device in the DAS. Given this background, a novel quantitative vulnerability assessment model of cyber security for DAS is developed in this paper. In the assessment model, the potential physical consequences of cyber-attacks are analyzed from two levels: terminal device level and control center server level. Then, the attack process is modeled based on game theory and the relationships among different vulnerabilities are analyzed by introducing a vulnerability adjacency matrix. Finally, the application process of the proposed methodology is illustrated through a case study based on bus 2 of the Roy Billinton Test System (RBTS. The results demonstrate the reasonability and effectiveness of the proposed methodology.

  9. Effect of Roy's Adaptation Model-Guided Education on Coping Strategies of the Veterans with Lower Extremities Amputation: A Double-Blind Randomized Controlled Clinical Trial.

    Science.gov (United States)

    Farsi, Zahra; Azarmi, Somayeh

    2016-04-01

    Any defect in the extremities of the body can affect different life aspects. The purpose of this study was to investigate the effect of Roy's adaptation model-guided education on coping strategies of the veterans with lower extremities amputation. In a double-blind randomized controlled clinical trial, 60 veterans with lower extremities amputation referring to Kowsar Orthotics and Prosthetics Center of Veterans Clinic in Tehran, Iran were recruited using convenience method and randomly assigned to intervention and control groups in 2013-2014. Lazarus and Folkman coping strategies questionnaire was used to collect the data. After completing the questionnaires in both groups, maladaptive behaviours were determined in the intervention group and an education program based on Roy's adaptation model was implemented. After 2 months, both groups completed the questionnaires again. Data were analyzed using SPSS software. Independent T-test showed that the score of the dimensions of coping strategies did not have a statistically significant difference between the intervention and control groups in the pre-intervention stage (P>0.05). This test showed a statistically significant difference between the two groups in the post-intervention stage in terms of the scores of different dimensions of coping strategies (P>0.05), except in dimensions of social support seeking and positive appraisal (P>0.05). The findings of this research indicated that the Roy's adaptation model-guided education improved the majority of coping strategies in veterans with lower extremities amputation. It is recommended that further interventions based on Roy's adaptation model should be performed to improve the coping of the veterans with lower extremities amputation. IRCT2014081118763N1.

  10. The role of strength anisotropy in the development of deep-seated gravitational slope deformation features in schist at Roys Peak, South Island, New Zealand

    Science.gov (United States)

    Brideau, M.

    2013-12-01

    This study looked at the interaction between the rock strength anisotropy and discontinuity orientations on the development of well-expressed deep-seated gravitational slope deformation (DSGSD) features around Roys Peak. The project area is located near the town of Wanaka in the Otago region of New Zealand's South Island. The Roys Peak area has well defined geomorphological features (antislope scarps and split ridges) typically associated with DSGSD over a distance extending almost 4.5 km along the Lake Wanaka Valley. The summit corresponds with the intersection of two prominent ridges running approximately north-south and east-west and has an elevation of 1580 metres above sea level with a local relief of 1250 m. The bedrock geology at Roys Peak consists of Late Paleozoic to Mid Mesozoic pelitic schist having a granitic protolith. The study area has been glaciated several times during the Quaternary Period. Glaciers have strongly influenced the landscape by rounding the spurs in the valley bottom and steepening the lower parts of mountains. Roys Peak is located approximately 75km south from the Alpine Fault (boundary between the Pacific and Australian plates) and as such the project area is not particularly seismically active with only 52 earthquakes with a magnitude greater than 4 within a 50km radius of the project area listed in the New Zealand Historical Earthquake Database. Engineering geological mapping at Roys Peak identified three discontinuity sets and a pervasive schistose fabric in a dip-slope position with the main valley orientation. The rock mass quality was described in the field using the Geological Strength Index (GSI). The observed rock mass quality at Roys Peak had a GSI range between 30-45. This corresponds to a blocky/disturbed/seamy structure with fair quality discontinuity surfaces. The intact rock strength of the schist rock was evaluated using field estimates, Schmidt hammer rebound values, and point load tests. The three methods overlap

  11. Abordagem assistencial ao neonato portador de mielomeningocele segundo o modelo de adaptação de Roy Abordaje asistencial al neonato portador de mielomeningocele según el modelo de adaptación de Roy Care delivery to newborns with myelomeningocele according to Roy's adaptation model

    Directory of Open Access Journals (Sweden)

    Eloah de Paula Pessoa Gurgel

    2010-09-01

    Full Text Available O objetivo deste estudo de caso foi identificar os diagnósticos de Enfermagem de um bebê portador de mielomeningocele, internado na Unidade de Terapia Intensiva Neonatal (UTIN, abordando os aspectos fisiológicos segundo a Teoria de Adaptação de Roy, e elaborar ações de enfermagem pertinentes a estes aspectos. O estudo foi desenvolvido na UTIN da Maternidade Escola Assis Chateaubriand, na cidade de Fortaleza, Ceará, Brasil, nos meses de dezembro de 2007 a março de 2008, quando foi utilizado um roteiro de levantamento de dados. Na análise, reconheceram-se os diagnósticos: padrão respiratório ineficaz; nutrição desequilibrada: menos do que as necessidades corporais; integridade da pele prejudicada; risco para infecção e percepção sensorial perturbada. A utilização desta teoria permitiu reconhecer que o RN pode desencadear respostas positivas ou negativas mediante estímulos, e que as metas e intervenções implementadas foram importantes para a substituição de respostas ineficazes por respostas adaptativas.El objetivo de este estudio de caso fue identificar los diagnósticos de Enfermería, abordando los aspectos fisiológicos según la Teoría de Adaptación de Roy, de un bebé portador de mielomeningocele, internado en la Unidad de Terapia Intensiva Neonatal (UTIN, y elaborar acciones de enfermería pertinentes a tales aspectos. El estudio fue desarrollado en al UTIN de la Maternidad Escuela Assis Chateubriand, en la ciudad de Fortaleza-Ceará-Brasil, en los mese de diciembre de 2007 a marzo de 2008, momento en el cual fue utilizado un cuestionario para la colecta de datos. En el análisis, se reconocieron los diagnósticos: patrón diagnóstico ineficaz, nutrición desequilibrada (inferior a las necesidades corporales, integridad de la piel afectada, riesgo de infección y percepción sensorial perturbada. La utilización de esta teoría permitió reconocer que el RN puede desencadenar respuestas positivas o negativas a

  12. Arundhati Roy, a One-woman Dissident Force against the Instant-Mix Imperial Democracy Arundhati Roy, la force d’une seule femme face à la démocratie impériale prête à l’emploi

    Directory of Open Access Journals (Sweden)

    Geetha Ganapathy-Doré

    2009-10-01

    Full Text Available Mieux connu pour son roman Le Dieu des petits riens qui a ébloui le monde anglophone par son style novateur et choqué les lecteurs indiens en mettant en scène l’amour entre une femme de haute caste et un paria, Arundhati Roy est une écrivaine engagée qui dénonce les dérives pronucléaires et néolibérales du gouvernement indien et mène une lutte contre la mondialisation capitaliste là où elle se manifeste. Les essais polémiques que Roy a écrits après les attentats du 11 septembre s’attaquent de façon virulente à l’impérialisme américain. Elle déconstruit l’Empire en exposant les piliers invisibles de son architecture et en décodant sa rhétorique. Elle en analyse les  présupposés éthiques, les rouages économiques, la pénétration culturelle et les implications juridiques afin de définir les stratégies de résistance pour réaffirmer les valeurs de la dignité humaine, de la justice sociale et de la paix. Dans le projet d’assiéger l’Empire, elle est appuyée par des dissidents célèbres tels que Noam Chomsky, Howard Zinn, Amy Goodman et d’autres.

  13. Roy Ellen, Stephen J. Lycett, Sarah E. Johns, eds., 2013, Understanding Cultural Transmission in Anthropology: A Critical Synthesis New York and Oxford: Berghahn Books

    Directory of Open Access Journals (Sweden)

    Clelia Viecelli

    2015-10-01

    Full Text Available recensione: Roy Ellen, Stephen J. Lycett, Sarah E. Johns, eds., 2013, Understanding Cultural Transmission in Anthropology: A Critical Synthesis New York and Oxford: Berghahn Books di Clelia Viecelli

  14. Obituary: Roy Henry Garstang (1925-2009)

    Science.gov (United States)

    Malville, J.

    2011-12-01

    Roy Henry Garstang 84 passed away on November 1, 2009 in Boulder Colorado. He was born in Southport, England in September of 1925 to Percy Brocklehurst and Eunice (Gledhill) Garstang. He won a scholarship to Caius College in Cambridge University. Because it was wartime, he could spend only two years at his studies. However, he managed to complete three years of required work during that time, and then spent 1945-46 as a Junior Scientific Officer at the Royal Aircraft Establishment at Farnborough. He received his BA in 1946 from Cambridge, his MA in 1950, and his PhD in Mathematics in 1954, with a thesis: "Atomic Transitions in Astrophysics," working under D. R. Hartree. He also received a ScD from Cambridge in Physics and Chemistry in 1983. He married Ann in August 1959. She and two daughters, Jennifer and Susan, survive him. While still pursuing his PhD, Roy Garstang served as a Research Associate at the Yerkes Observatory, from 1951-1952, working under Subrahmanyan Chandrasekhar. During that time he continued with his own calculations of atomic structure and transition probabilities, although these were not part of Chandra's research interests. After earning his PhD, he went to teach at the University of London, where he also served as the Assistant Director of the University of London Observatory (1959-1964). He was editor of "The Observatory" Magazine form 1953-1960. The continuing theme of this research was to help meet the needs of astrophysicists for atomic data. In 1964, he left England for the United States, where he joined the faculty at the University of Colorado, Boulder, where he would remain for the rest of his professional career. It was entirely fitting, considering his interest in performing calculations of interest to astrophysicists, that soon after arriving in Boulder he was appointed Chairman of JILA - Joint Institute for Laboratory Astrophysics (1966-1967). He was Director of the Division of Physics and AstroGeophysics (1979-80), acting

  15. Contraste de un modelo de envejecimiento exitoso derivado del modelo de Roy

    Directory of Open Access Journals (Sweden)

    María Amparo Kantún Marín

    2017-01-01

    Full Text Available Se formula y contrasta un modelo de envejecimiento exitoso derivado del modelo de adaptación de Roy. Se analizó una muestra no probabilística de 255 adultos mayores de seis centros sociales y un centro médico de consulta externa en Nuevo León, México. Se usó un modelamiento de ecuaciones estructurales. En el modelo final los estímulos focales de autopercepción del envejecimiento, entorno peatonal inmediato y el estímulo contextual de síntomas depresivos incidieron sobre el afrontamiento, que a su vez predijo el envejecimiento exitoso. El modelo tuvo buen ajuste al añadirse dos correlaciones entre residuos de medida de afrontamiento y envejecimiento exitoso. Los resultados obtenidos sugieren que el afrontamiento es un indicador directo del envejecimiento activo.

  16. High-Precision Determination of the Pion-Nucleon σ Term from Roy-Steiner Equations

    Science.gov (United States)

    Hoferichter, Martin; Ruiz de Elvira, Jacobo; Kubis, Bastian; Meißner, Ulf-G.

    2015-08-01

    We present a determination of the pion-nucleon (π N ) σ term σπ N based on the Cheng-Dashen low-energy theorem (LET), taking advantage of the recent high-precision data from pionic atoms to pin down the π N scattering lengths as well as of constraints from analyticity, unitarity, and crossing symmetry in the form of Roy-Steiner equations to perform the extrapolation to the Cheng-Dashen point in a reliable manner. With isospin-violating corrections included both in the scattering lengths and the LET, we obtain σπ N=(59.1 ±1.9 ±3.0 ) MeV =(59.1 ±3.5 ) MeV , where the first error refers to uncertainties in the π N amplitude and the second to the LET. Consequences for the scalar nucleon couplings relevant for the direct detection of dark matter are discussed.

  17. Afrontamientos de enfermeras al asumir la gerencia escolar: una mirada desde la teoría de Roy O afrontamento das enfermeiras ao assumirem a gerência escolar: um olhar a partir da teoria de Roy Confrontation of nurses when assuming the school management: a look from Roy's adaptation theory

    Directory of Open Access Journals (Sweden)

    Mariana Olizbeth Salinas Alvirde

    2012-06-01

    Full Text Available Esta investigación aborda la transición gerencial de las instituciones educativas de médicos a enfermeras con objetivo de delimitar mecanismos de afrontamiento y modos adaptativos al iniciar la gestión en el entorno académico. Se realizó estudio cualitativo de corte histórico-social sustentado por la teoría de adaptación de Roy. Los sujetos estudiados fueron las primeras profesoras que ocuparon la dirección de escuelas universitarias de enfermería, a través de entrevistas se recolectaron los datos. Los resultados revelaron que la incursión de enfermeras permitió abordar el proceso salud-enfermedad de manera distinta al acto médico, lo que significó generar mecanismos de afrontamiento para trabajar en la construcción de paradigmas que conformarán un pensamiento profesional y visión disciplinaria propia, a través de un plan de estudio solido. Concluímos que se renovaron los métodos de trabajo, creándose nuevos niveles académicos, especializaciones y titularidades en las materias en base a sacrificio y dedicación, iniciándose su autonomía profesional.Esta pesquisa aborda a transição gerencial das instituiçðes educativas de médicos às enfermeiras, com o objetivo de delimitar mecanismos de afrontamento e modos adaptativos ao iniciar a gestão no âmbito acadêmico. Realizou-se um estudo qualitativo de abordagem histórico-social, orientado pela teoria de adaptação de Roy. Os sujeitos estudados foram as primeiras professoras que ocuparam a direção das escolas universitárias de enfermagem; os dados foram recoletados por meio de entrevistas. Os resultados revelaram que a incursão de enfermeiras permitiu abordar o processo saúde-doença de maneira distinta ao ato médico, o que significou gerar mecanismos de afrontamento para trabalhar na construção de paradigmas que conformarão um pensamento profissional e uma visão disciplinar própria, a partir de um plano de estudo sólido. Concluiu-se que se renovarão os

  18. Assistência de enfermagem a portadores de anemia falciforme, à luz do referencial de Roy Atención de enfermería a portadores de anemia falciforme apoyada en el modelo conceptual de Roy Nursing care to patiens with sickle cell disease in the light of Roy's model

    Directory of Open Access Journals (Sweden)

    Maria Lúcia Ivo

    2003-03-01

    Full Text Available O presente estudo busca aplicar os conceitos do modelo de Adaptação de Roy para identificar os comportamentos (adaptativos e inefetivos de pacientes portadores de anemia falciforme, bem como os estímulos focais, contextuais e residuais responsáveis por tais comportamentos. A coleta de dados foi realizada no Ambulatório de Hemoglobinopatias do HCFMRP-USP. Foram sujeitos 9 pacientes (8 mulheres e 1 homem. Evidenciou-se, no modo fisiológico, o comportamento inefetivo de baixa oxigenação e suas conseqüências (desenvolvimento físico comprometido, retardo sexual, icterícia por hemólise, alterações respiratórias. No modo psicossocial, o autoconceito teve a diminuição da auto-estima como o comportamento mais destacado; o desempenho de papel foi caracterizado por mudanças de ocupação; quanto à interdependência, a mãe foi referida como o outro significante mais freqüente. Identificou-se, predominantemente, como estímulo causador dos comportamentos inefetivos, a vaso-oclusão. Verificou-se que a função fisiológica afetada altera os outros modos adaptativos.Este estudio busca aplicar los conceptos del modelo de adaptación de Roy para identificar los comportamientos (adaptativos e inefectivos de pacientes portadores de anemia falciforme, así como también como los estímulos focales, contextuales y residuales responsables por estos comportamientos. La recolección de datos fue realizada en la consulta externa de Hemoglobinopatias del HCFMRP-USP. Fueron sujetos 9 pacientes (8 mujeres y 1 hombre. Los resultados evidenciaron, en el modo fisiológico, el comportamiento inefectivo de baja oxigenación y sus consecuencias (desarrollo físico comprometido, retardo sexual, ictericia por hemólisis, alteraciones respiratorias. En el modo psicosocial y considerando el autoconcepto, fue observada la disminución de la auto estima como el comportamiento más destacado; el desempeño del rol fue caracterizado por cambios de ocupaci

  19. The K*0(800) scalar resonance from Roy-Steiner representations of πK scattering

    International Nuclear Information System (INIS)

    Descotes-Genon, S.; Moussallam, B.

    2006-01-01

    We discuss the existence of the light scalar meson K * 0 (800) (also called κ) in a rigorous way, by showing the presence of a pole in the πK→πK amplitude on the second Riemann sheet. For this purpose, we study the domain of validity of two classes of Roy-Steiner representations in the complex energy plane. We prove that one of them is valid in a region sufficiently broad in the imaginary direction. From this representation, we compute the l=0 partial wave in the complex plane neither making any additional approximation nor having model dependence, relying only on experimental data. A scalar resonance with strangeness S=1 is found with the following mass and width: M κ =658±13 MeV and Γ κ =557±24 MeV. (orig.)

  20. A new analysis of π K scattering from Roy and Steiner type equations

    International Nuclear Information System (INIS)

    Buettiker, P.; Descotes-Genon, S.; Moussallam, B.

    2004-01-01

    With the aim of generating new constraints on the OZI suppressed couplings of chiral perturbation theory a set of six equations of the Roy and Steiner type for the S- and P-waves of the πK scattering amplitudes is derived. The range of validity and the multiplicity of the solutions are discussed. Precise numerical solutions are obtained in the range E or sim 1 GeV for both πK→πK and ππ→ KK amplitudes. Our main result is the determination of a narrow allowed region for the two S-wave scattering lengths. Present experimental data below 1 GeV are found to be in generally poor agreement with our results. A set of threshold expansion parameters, as well as sub-threshold parameters are computed. For the latter, a matching with the SU(3) chiral expansion at NLO is performed. (orig.)

  1. Roy-Steiner equations for γγ→ππ

    International Nuclear Information System (INIS)

    Hoferichter, Martin; Phillips, Daniel R.; Schat, Carlos

    2011-01-01

    Starting from hyperbolic dispersion relations, we derive a system of Roy-Steiner equations for pion Compton scattering that respects analyticity, unitarity, gauge invariance, and crossing symmetry. It thus maintains all symmetries of the underlying quantum field theory. To suppress the dependence of observables on high-energy input, we also consider once- and twice-subtracted versions of the equations, and identify the subtraction constants with dipole and quadrupole pion polarizabilities. Based on the assumption of Mandelstam analyticity, we determine the kinematic range in which the equations are valid. As an application, we consider the resolution of the γγ→ππ partial waves by a Muskhelishvili-Omnes representation with finite matching point. We find a sum rule for the isospin-two S-wave, which, together with chiral constraints, produces an improved prediction for the charged-pion quadrupole polarizability (α 2 -β 2 ) π± =(15.3±3.7) x 10 -4 fm 5 . We investigate the prediction of our dispersion relations for the two-photon coupling of the σ-resonance Γ σγγ . The twice-subtracted version predicts a correlation between this width and the isospin-zero pion polarizabilities, which is largely independent of the high-energy input used in the equations. Using this correlation, the chiral perturbation theory results for pion polarizabilities, and our new sum rule, we find Γ σγγ =(1.7 ±0.4) keV. (orig.)

  2. Statement of Roy F. Pruett, Mayor, City of Oak Ridge, TN

    International Nuclear Information System (INIS)

    Anon.

    1987-01-01

    Thank you very much, Mr. Chairman, and Members of the Committee. My name is Roy Pruett, mayor of the city of Oak Ridge, TN, and an executive committee member on the Clinch River MRS task force. It is my pleasure to be here today to testify before this distinguished Committee and present the findings of the Clinch River task force as they relate to subtitle C of the Nuclear Waste Policy Act of 1982, and to the Department of Energy proposal on the Monitored Retrievable Storage facility, the MRS. I represent the city of Oak Ridge, which has been selected for the primary and the first alternative for the siting of an integrated MRS facility for the preparation and packaging of high-level nuclear waste and spent reactor fuel. Of civic and governmental leaders, we concluded that an MRS could safely be built and operated in Oak Ridge. We further concluded, however, that the facility would not be generally perceived as being safe unless the recommendations of the task force were adopted to address concerns and help mitigate impact. Indeed the MRS would not be viewed as a net economic benefit to the site's community, the region, or the State of Tennessee without such appropriate conditions

  3. Bringing critical realism to nursing practice: Roy Bhaskar's contribution.

    Science.gov (United States)

    Williams, Lynne; Rycroft-Malone, Jo; Burton, Christopher R

    2017-04-01

    In the context of modern nursing practice that is embedded within complex social situations, critical discussions about the contribution of major philosophers are relevant and important. Whilst nurse theorists have advanced and shaped nursing as a discipline, other major philosophers can offer much to advance nursing enquiry. In this paper, we focus on philosopher Roy Bhaskar who, amongst others, developed critical realism, a philosophy for social science which connects with how many of us think about the world. Bhaskar's work focuses our attention on the interplay between structure and agency and on the search for the causative or generative mechanisms that explain the social world. Bhaskar was interested in human emancipation, and we suggest his work is of great importance to advance understanding of complex social situations. Critical realism has already been endorsed by a range of disciplines, especially in research which focuses on real problems and acknowledges the complexities of the social world. In recent evidence from healthcare literature, there has been a surge in research using realist methodology (realist evaluation and realist synthesis), which is underpinned by the philosophy of critical realism and which offers a different perspective to understanding nursing and healthcare problems through the realist lens. However, we suggest that sufficient attention is not always paid to the philosophical roots of this methodology. In this paper, we provide insight into Bhaskar's work and demonstrate how research positioned within critical realism and realist methodology can advance nursing and healthcare-related knowledge. Through shining a light on Bhaskar, we illustrate how critical realism philosophy is a natural fit with human and health science enquiry, including nursing. © 2016 John Wiley & Sons Ltd.

  4. Writing the Past: Le Roy Ladurie and the Voice of the New History

    Directory of Open Access Journals (Sweden)

    Philippe Carrard

    1985-09-01

    Full Text Available Just as in fiction, discursive strategies in history can reveal the very nature of a project. The positivist historiography that prevailed in the late 19th and early 20th centuries regarded historical facts as givens. Accordingly, it held as its ideal of writing the objective text, that is. the text from which the historian's mediation would be carefully erased. The New History, on the other hand, considers all research to be grounded in a researcher and seeks to indicate by various means that the text does not generate itself. In Carnival in Romans , for example, Le Roy Ladurie explicitly resorts to various facets of the "I": that of the histor , going about the job of uncovering the evidence: that of the commentator, providing historical parallels and explanations; and even that of the emotional self (Barthes' personne passionnelle , making judgments on events and people in the narrative. These changes in writing conventions point to the emergence of a new historical paradigm. At the same time, they overturn the view of the historical text as a non-problematic vehicle for reporting "reality": this text, for the New Historians, becomes a construct, and is presented as such.

  5. ANALYSIS ON THE TRANSLATION OF WORDPLAYS IN “THE GOD OF SMALL THINGS” BY ARUNDHATI ROY (Studies on the Wordplay Shifts and the Translation Quality

    Directory of Open Access Journals (Sweden)

    Nur Saptaningsih

    2017-04-01

    Full Text Available Wordplay commonly appears in literary works to enrich the works themselves with certain effect and nuance, either to make a joke or to conceal anything taboo. However, problems frequently occur in translation of wordplay and this becomes an obstacle for a translator to find proper equivalent. Moreover, the translation of wordplay is closely related to different language systems (source and target languages. Novel of ―The God of Small Things‖ by Arundhati Roy is rich in the use of wordplays, but there are a number of shifts found in the translated version of the wordplays. This paper deals with descriptivequalitative research aiming at investigating the shifts of wordplays in the novel of ―The God of Small Things‖ by Arundhati Roy and in the translated version. This study also highlights the contribution of the shifts on the translation quality, in terms of accuracy and acceptability. This product-oriented study applies embedded-case method. The first data for this research are documents, consisting of source text and the translated text. The other data are obtained from informants (raters and respondents, consisting of information dealing with accuracy and acceptability. The data are collected using document analyses, questionnaire, and interview. Purposive sampling and content analysis are applied.

  6. Crise hipertensiva: estudo de caso com utilização da classificação das intervenções de enfermagem para alcançar respostas adaptativas baseadas no Modelo Teórico de Roy Crisis hipertensiva: estudio de caso con utilización de la clasificación de las intervenciones de enfermería para alcanzar respuestas adaptativas basadas en el Modelo Teórico de Roy Hypertensive crisis: case study with use of the nursing interventions classification in order to reach adaptive responses based in the Roy’s Theoretic Model

    Directory of Open Access Journals (Sweden)

    Maria Vilaní Cavalcante Guedes

    2005-09-01

    Full Text Available INTRODUÇÃO: Por acreditarmos que as complicações da hipertensão arterial surgem em decorrência da falta de adaptação do cliente à doença e ao tratamento, neste estudo trabalharemos com o modelo conceitual de enfermagem proposto por Roy e Andrews, conhecido como Modelo de Adaptação, na tentativa de descobrir meios de cuidar destas pessoas, ajudando-as a se manterem adaptadas e integradas. OBJETIVO: Este trabalho objetivou descrever as intervenções de enfermagem coerentes com a situação de crise hipertensiva, com apoio na Classificação das Intervenções de Enfermagem (NIC, buscando a interface com o Modelo de Adaptação de Roy. MÉTODO: Trata-se de pesquisa tipo estudo de caso realizada com cliente em crise hipertensiva atendida em um serviço especializado em hipertensão e diabetes em Fortaleza, no período de setembro a novembro de 2003, com dados coletados no serviço e no domicílio da cliente. RESULTADOS: Como apontam os resultados, existem dificuldades adaptativas em todos os modos. Por isto, as intervenções de enfermagem selecionadas da NIC foram implementadas com o apoio da família. CONCLUSÃO: Conclui-se ser viável a abordagem de cliente tendo por base os conceitos do Modelo Adaptativo de Roy e as intervenções de enfermagem da referida classificação.INTRODUCCIÓN: Por creermos que las complicaciones de la hipertensión arterial en decurrencia de la falta de adaptación del cliente a la enfermedad y al tratamiento, trabajaremos en este trabajo con el modelo conceptual de enfermería propuesto por Roy y Andrews, conocido como Modelo de Adaptación, intentando descubrir medios de cuidar de estas personas, ayudándolas a se manteneren adaptadas e integradas. OBJETIVO: Este trabajo ha objetivado describir las intervenciones de enfermería coherentes con la situación de crisis de hipertensión, con apoyo en la Clasificación de las Intervenciones de Enfermería (NIC, buscando la interfaz con el Modelo de Adaptaci

  7. Aplicación del Modelo de Adaptación de Callista Roy en Latinoamérica: revisión de la literatura

    OpenAIRE

    María Elisa Moreno-Fergusson; Alejandra María Alvarado-García

    2009-01-01

    Con el propósito de conocer los avances en la aplicación del Modelo de Adaptación de Callista Roy en Latinoamérica, se realizó una revisión de la literatura en el período comprendido entre 1996 y 2009. De los 163 documentos encontrados, se seleccionaron 45, que los autores clasificaron en siete categorías, según el propósito de los estudios. Los resultados señalan que el Modelo ha sido aplicado principalmente en Brasil, México y Colombia. La mayoría de los estudios reportados son de tipo desc...

  8. Assistência de enfermagem a idosos que realizam cateterismo cardíaco: uma proposta a partir do modelo de adaptação de Calista Roy Asistencia de enfermería a ancianos que realizan cateterismo cardíaco: una propuesta a partir del modelo de adaptación de Calista Roy Nursing care to elderly patients undergoing heart catheterization: a proposal according to the Adaptation model of Calista Roy

    Directory of Open Access Journals (Sweden)

    Maria Célia de Freitas

    2006-10-01

    Full Text Available O estudo objetivou identificar os diagnósticos de enfermagem de idosos que realizam cateterismo cardíaco, abordando os aspectos psicossociais, segundo a Teoria de Adaptação de Roy. Desenvolveu-se em hospital de pronto-atendimento em cardiologia de Fortaleza-CE, de janeiro a julho de 2005. Utilizou-se entrevista semi-estruturada, com 18 idosos de ambos os sexos, no pré-cateterismo. Na análise reconheceram-se os diagnósticos: alteração na manutenção da saúde, ansiedade, medo e alteração no processo familiar. Como intervenções propõe-se: criar um clima de confiança, antes do exame; escutar e respeitar sentimentos, crenças e valores, orientar quanto ao procedimento. A utilização desta teoria permitiu reconhecer que as pessoas, mediante estímulos, podem desencadear respostas positivas ou negativas, cabendo ao enfermeiro atuar como mediador.El estúdio objetivó identificar los diagnósticos de enfermería abordando los aspectos psico-sociales de los pacientes que realizan cateterismo cardiaco, según la Teoría de Adaptación de Roy. Se desarrolló en la sección de cardiología de un hospital de Fortaleza-CE, de Janeiro a Julio de 2005. Se utilizó la entrevista semi-estructurada, con 18 ancianos, en el pre-cateterismo. En el análisis reconocieron los diagnósticos: alteración en la manutención de la salud, ansiedad, miedo y alteración en el proceso familiar. Entre las acciones se elaboraron las siguientes: crearse un clima de confianza para el paciente después del examen; escuchar y respetar sentimientos, creencias y valores referentes a la situación; orientar el paciente cuanto al procedimiento. La utilización de esta teoría permitió reconocer que las personas, mediante estímulos, pueden desencadenar respuestas ora positivas ora negativas, cabiendo al enfermero actuar como mediador.The study aimed at identifying the nursing diagnoses related to the psychological and social aspects of elderly patients undergoing

  9. EFECTIVIDAD DEL PROGRAMA EDUCATIVO: “ADOPTANDO UNA DIETA SALUDABLE” BASADA EN ROY EN PREESCOLARES DE LA INSTITUCIÓN EDUCATIVA: “UN NUEVO MUNDO”. PIMENTEL- 2014

    OpenAIRE

    Chirinos Fernández, Jennifer Melissa; Universidad Señor de Sipán; Rodríguez Cabrejos, Iris Janet; Universidad Señor de Sípán

    2015-01-01

     El estudio de tipo cuantitativo tuvo como objetivo determinar la efectividad del programa educativo: Adoptando una dieta saludable basada en Callista Roy en preescolares de la I.E. Un nuevo mundo. El diseño fue cuasi experimental. La población fue no probabilística siendo 60 personas, la muestra fue a conveniencia, distribuyéndose en 2 grupos de 20 preescolares, control y experimental respectivamente. El instrumento utilizado fue el Cuestionario de Valoración Nutricional por dimensiones segú...

  10. Le rôle de l’intertexte et du palimpseste dans la création d’une Écosse mythique dans Waverley et Rob Roy de Walter Scott

    Directory of Open Access Journals (Sweden)

    Céline SABIRON

    2010-03-01

    Full Text Available L’Écosse des Lumières, récemment rattachée à sa puissante voisine anglaise par l’Acte d’Union de 1707, connaît une crise identitaire qui l’amène à une redéfinition de son image. Sa représentation, tant tangible, physique que mentale, nationale, passe par une réécriture de son Histoire par le mythe, ce récit imaginaire populaire ou littéraire mettant en scène des êtres surhumains et des actions remarquables qui est, selon Roland Barthes, « un discours, un système de communication, un message » (Mythologies. Ce message d’une re-construction identitaire est transmis par Walter Scott dans ses romans écossais, en particulier Waverley et Rob Roy qui dépeignent l’Écosse et ses habitants à travers les yeux naïfs d’érudits anglais. Ce portrait textuel, loin d’être un tableau réaliste, est brossé à l’aide d’une superposition d’images mythiques et littéraires, notamment dans la description des paysages des Highlands. De plus, les personnages, tel le héros populaire historique et hors-la-loi écossais Rob Roy, sont transformés, romancés, mythifiés dans ces fictions qui retracent, sous forme d’épopée, les grandes révoltes jacobites de 1715 et 1745. Enfin, le langage pictural et imagé contribue à véhiculer une vision mythique de l’Écosse. Nous chercherons donc à comprendre et à expliquer les motivations et les répercussions de ce maillage d’images fictives connues, tirées de mythes ou d’ouvrages littéraires, et tissées au moyen d’images rhétoriques au texte scottien pour créer nouveau visage écossais.Recently united to its powerful English twin sister through the 1707 Union Act, Scotland experiences a major identity crisis in the Enlightenment. Politically, religiously, and socially divided, it is led to redefine its image by rewriting history through mythology. A myth is “a speech, a system of communication, a message”, Roland Barthes explains in Mythologies. This message

  11. Componentes do modelo teórico de Roy em pacientes submetidos à hemodiálise

    Directory of Open Access Journals (Sweden)

    Cecília Maria Farias de Queiroz Frazão

    Full Text Available Estudo transversal, objetivando identificar os componentes do modelo teórico de Roy em pacientes submetidos à hemodiálise em um centro de diálise. Participaram 178 pacientes de um centro dialítico no Nordeste do Brasil. A coleta de dados ocorreu de outubro/2011 a fevereiro/2012, por entrevista e exame físico. Os componentes identificados foram: problemas adaptativos, comportamentos e estímulos. Os principais problemas adaptativos foram: retenção de líquido intracelular, hipercalemia, hipotermia, edema, intolerância à atividade. Os comportamentos foram: anúria, desequilíbrio hidroeletrolítico, aumento de peso em curto período, aumento do potássio sérico, temperatura corporal abaixo de 36°C, retenção de líquidos, fadiga, dificuldade em realizar atividades de vida diária. Os estímulos foram: lesão renal, circulação extracorpórea, hemodiálise, não seguimento da restrição hídrica, distúrbio eletrolítico, ambiente frio, efeitos adversos relacionados ao tratamento. Conclui-se que a identificação desses componentes, enquadrados no modo fisiológico, contribui para o planejamento de intervenções de enfermagem específicas e voltadas para a adaptação da clientela.

  12. Adaptación en pacientes con diabetes Mellitus Tipo 2, según Modelo de Roy

    Directory of Open Access Journals (Sweden)

    Margarita Lazcano-Ortiz

    2009-01-01

    Full Text Available Objetivo. Determinar la influencia entre estímulos focales y contextuales, y la adaptación fisiológica y psicosocial en personas con diabetes Mellitus Tipo 2 (DMT2. Material y método. El diseño fue descriptivo, transversal, predictivo. El muestreo fue probabilístico, sistemático. La muestra con 200 participantes de ambos géneros de 30 a 65 años, se determinó para un 95% de confianza, con una potencia de prueba de 90%. Resultados. Los resultados mostraron que el tiempo desde diagnóstico explicó la adaptación fisiológica F (1,198 = 9,18, p = ,003. Se observó efecto entre complicaciones y adaptación psicosocial F (4,195 = 4,97, p = ,001, con un coeficiente de determinación del 74%. Los estímulos contextuales influyeron en la adaptación fisiológica y psicosocial, F (6,193 = 2,89, p = ,010, y F (6, 193 = 2,41, p = ,029. Conclusiones. Los resultados de este estudio permiten sugerir relaciones entre las proposiciones teóricas propuestas y derivadas del Modelo de Adaptación de Roy, particularmente entre los estímulos y la adaptación fisiológica y psicosocial en pacientes con diabetes Mellitus Tipo 2.

  13. Soviet Military Objectives in the Artic Theater and How They Might be Attained

    Science.gov (United States)

    1986-09-01

    on NATO’s Northern Flank," Armed Forces Journal International, April 1984, 88 ff.; Roy Breivik , "Assuring the Security of Reinforcements to Norway...Publishing Co., 1985), 72-78 passim; Patrick Wall, "The Importance of NATO’s North- em Flank," Defence, vol. 10, no. 1 (January 1979), 9-11. 48. The...Ellingsen, Militaerbalansen 1983-1984; Breivik , "Assuring the Security of Rein- forcements to Norway," 66. 50. The reinforcements include a

  14. Modelo de Adaptação de Roy: revisão integrativa dos estudos realizados à luz da teoria

    Directory of Open Access Journals (Sweden)

    Lays Pinheiro de Medeiros

    2015-01-01

    Full Text Available identificar las evidencias científicas acerca de los componentes del Modelo de Adaptación de Roy en poblaciones estudiadas a la luz de esta teoría. Método: revisión integradora de la literatura en las bases de datos Literatura Latinoamericana y Ciencias de la Salud del Caribe, Medical Literature Analysis and Retrieval System Online, Índice Bibliográfico Español de Ciencias de la Salud, Base de Datos de Enfermería, PubMed Central, Cumulative Index to Nursing and Allied Health Literature, Web Of Science eSciVerse Scopus. La muestra constó de 20 artículos publicados entre años 2005-2013. Resultados: se identificaron tres tipos de estímulos, 38 de los 82 problemas de adaptación, los cuatro modos de adaptación y los seis pasos del proceso de enfermería. Conclusión: hay necesidad de estudios sobre esta teoría que aborden todo el proceso de enfermería, culminándose en aumento de conocimientos específicos de enfermería y afirmación de esta ciencia en salud.

  15. Problemas adaptativos segundo Roy e diagnósticos fundamentados na CIPE® em hipertensos com doenças associadas

    Directory of Open Access Journals (Sweden)

    Denizielle de Jesus Moreira Moura

    2013-06-01

    Full Text Available O objetivo do presente estudo foi identificar os problemas adaptativos e estímulos fundamentados no modelo teórico de Roy, bem como os diagnósticos de enfermagem segundo a CIPE® Versão 1. Estudo de casos múltiplos, realizado com 45 hipertensos com doenças associadas assistidos em uma unidade de saúde da Secretaria Executiva Regional V - Fortaleza. Dentre os problemas adaptativos identificados o sedentarismo é o mais presente (84,4% dos indivíduos, seguido de sobrepeso/obesidade (57,8% e distúrbios no padrão de sono (42,2%. 64,3% dos diagnósticos de enfermagem identificados encontram-se no âmbito biológico, sendo os de maior prevalência: Autocuidado Parcial (93,3%, Padrão de Exercício Diminuído (84,4%, Dentição Comprometida (82,2%, Aprendizagem Baixa (60,0%, Sobrepeso/Obesidade (57,7%. Concluiu-se que a identificação de problemas adaptativos auxiliam-nos na elaboração de diagnósticos, os quais, por sua vez, conferem uma linguagem própria à enfermagem além de maior autonomia profissional e qualidade na assistência.

  16. International Dynamics of U.S. National Defense Acquisition and Budgetary Policy

    Science.gov (United States)

    2012-04-30

    2010, Winter). Russian defense industry: Feet of clay . Security Index, 1(90), 31–46. Kan, S. (2002). CRS report for Congress—Taiwan: Major U.S...military (pp. 1–44). Carlisle, PA: U.S. Army Strategic Studies Institute. Le Roy, F. (2002, May). Mirages over the Andes: Peru , France, the United States

  17. Modelo de adaptación de Roy en el baño en cama

    Directory of Open Access Journals (Sweden)

    José Manuel Flórez Ramos

    2016-09-01

    Full Text Available Objetivo: Evaluar los efectos de dos tipos de baño en cama: seco y tradicional, frente a la respuesta adaptativa en modo fisiológico de Roy en paciente crítico cardiovascular (pccv. Metodología: Estudio de diseño cuasi-experimental, de intervención con preprueba y posprueba, realizado en la Unidad de Cuidados Intensivos (uci de la Clínica Medellín. El grupo experimental fue de 36 pacientes, a quienes se les realizó baño en cama seco; el grupo control fue de 36 pacientes, a quienes se les realizó baño en cama tradicional. Se utilizaron los estadísticos Wilcoxon, u de Mann Whitney y el Modelo de dos factores, con medidas repetidas en un factor. Resultados: Se encontró un efecto benéfico durante la realización del baño en cama en seco, puesto que los indicadores de tensión arterial y frecuencia respiratoria no presentaron respuestas inefectivas (p = 0,03 y p = 0,013, respectivamente. Por otra parte, las variables duración del baño y cuidados adicionales fueron satisfactorias en comparación con el baño en cama tradicional. Conclusiones: Los resultados permiten recomendar el uso del baño en cama en seco en paciente crítico cardiovascular (pccv, en virtud de los efectos benéficos que facilitan los procesos de adaptación, contribuyendo así a cualificar el cuidado de enfermería en este tipo de pacientes.

  18. Don’t Rock the Boat: Reinforcing Norway in Crisis and War

    Science.gov (United States)

    1989-07-01

    Navy’s SSBN Bastion: New Questions Raised," RUSI Journal, Vol. 132, No. 2, June 1987, pp. 39-44. Breivik , Rear Admiral Roy (RNoN), "Assuring the Security...Defence Publishers, London, 1987. Wall, Patrick , "NATO’s Vulnerable Northern Flank," The Atlantic Community, Spring 1986, pp. 57-62. Wallin, Lars B

  19. UMTRA water sampling technical (peer) review: Responses to observations, comments, and recommendations submitted by Don Messinger (Roy F. Weston, Inc.)

    International Nuclear Information System (INIS)

    1993-08-01

    An independent technical review (peer review) was conducted during the period of September 15--17, 1992. The review was conducted by C. Warren Ankerberg (Geraghty and Miller, Inc., Tampa, Florida) and Don Messinger (Roy F. Weston, Inc., West Chester, Pennsylvania). The review was held at Jacobs Engineering in Albuquerque, New Mexico, and at the Shiprock, New Mexico, site. The peer review included a review of written documentation [water sampling standard operating procedures (SOP)], an inspection of technical reports and other deliverables, a review of staff qualifications and training, and a field visit to evaluate the compliance of field procedures with SOPS. Upon completion of the peer review, each reviewer independently prepared a report of findings from the review. The reports listed findings and recommended actions. This document responds to the observations, comments, and recommendations submitted by Don Messinger following his review. The format of this document is to present the findings and recommendations verbatim from Mr. Messinger's report, followed by responses from the UMTRA Project staff. Included in the responses from the UMTRA Project staff are recommended changes in SOPs and strategies for implementing the charges

  20. Security research roadmap; Security-tutkimuksen roadmap

    Energy Technology Data Exchange (ETDEWEB)

    Naumanen, M.; Rouhiainen, V. (eds.)

    2006-02-15

    Requirements for increasing security have arisen in Europe after highly visible and tragic events in Madrid and in London. While responsibility for security rests largely with the national activities, the EU has also started planning a research area .Space and security. as a part of the 7th Framework Programme. As the justification for this research area it has been presented that technology alone can not assure security, but security can not be assured without the support of technology. Furthermore, the justification highlights that security and military research are becoming ever closer. The old separation between civil and military research is decreasing, because it has been noticed that both areas are nowadays utilising the same knowledge. In Finland, there is already now noteworthy entrepreneurship related to security. Although some of the companies are currently only operating in Finland, others are already international leaders in their area. The importance of the security area is increasing and remarkable potential for new growth business areas can already be identified. This however also requires an increase in research efforts. VTT has a broad range of security research ongoing in many technology areas. The main areas have been concentrating on public safety and security, but VTT is participating also in several research projects related to the defence technology. For identifying and defining in more detail the expertise and research goals, the Security research roadmap was developed. The roadmap identified three particularly significant areas related to security. The assurance of critical infrastructure emphasises the protection of energy networks, information networks, water supply, traffic and transport, and obviously also the citizens. For assuring the activities of entrepreneurship, significant areas include the security of production and services, the security of sites and assets, and information security for embedded systems. The most important

  1. INFORMATION SYSTEM SECURITY (CYBER SECURITY

    Directory of Open Access Journals (Sweden)

    Muhammad Siddique Ansari

    2016-03-01

    Full Text Available Abstract - Business Organizations and Government unequivocally relies on upon data to deal with their business operations. The most unfavorable impact on association is disappointment of friendship, goodness, trustworthiness, legitimacy and probability of data and administrations. There is an approach to ensure data and to deal with the IT framework's Security inside association. Each time the new innovation is made, it presents some new difficulties for the insurance of information and data. To secure the information and data in association is imperative on the grounds that association nowadays inside and remotely joined with systems of IT frameworks. IT structures are inclined to dissatisfaction and security infringement because of slips and vulnerabilities. These slips and vulnerabilities can be brought on by different variables, for example, quickly creating headway, human slip, poor key particulars, poor movement schedules or censuring the threat. Likewise, framework changes, new deserts and new strikes are a huge piece of the time displayed, which helpers augmented vulnerabilities, disappointments and security infringement all through the IT structure life cycle. The business went to the confirmation that it is essentially difficult to ensure a slip free, risk free and secure IT structure in perspective of the disfigurement of the disavowing security parts, human pass or oversight, and part or supplies frustration. Totally secure IT frameworks don't exist; just those in which the holders may have changing degrees of certainty that security needs of a framework are fulfilled do. The key viewpoints identified with security of data outlining are examined in this paper. From the start, the paper recommends pertinent legitimate structure and their duties including open association obligation, and afterward it returns to present and future time, system limits, structure security in business division. At long last, two key inadequacy markers

  2. What is Security? A perspective on achieving security

    Energy Technology Data Exchange (ETDEWEB)

    Atencio, Julian J.

    2014-05-05

    This presentation provides a perspective on achieving security in an organization. It touches upon security as a mindset, ability to adhere to rules, cultivating awareness of the reason for a security mindset, the quality of a security program, willingness to admit fault or acknowledge failure, peer review in security, science as a model that can be applied to the security profession, the security vision, security partnering, staleness in the security program, security responsibilities, and achievement of success over time despite the impossibility of perfection.

  3. Computer Security: the security marathon, part 2

    CERN Multimedia

    Computer Security Team

    2014-01-01

    Do you recall our latest article on the “Security Marathon” (see here) and why it’s wrong to believe that computer security is a sprint, that a quick hack is invulnerable, that quick bug-fixing is sufficient, that plugging security measures on top of existing structures is a good idea, that once you are secure, your life is cosy?   In fact, security is a marathon for us too. Again and again, we have felt comfortable with the security situation at CERN, with dedicated protections deployed on individual hosts, with the security measures deployed by individual service managers, with the attentiveness and vigilance of our users, and with the responsiveness of the Management. Again and again, however, we subsequently detect or receive reports that this is wrong, that protections are incomplete, that security measures are incomplete, that security awareness has dropped. Thus, unfortunately, we often have to go back to square one and address similar issues over and over...

  4. Alternative security

    International Nuclear Information System (INIS)

    Weston, B.H.

    1990-01-01

    This book contains the following chapters: The Military and Alternative Security: New Missions for Stable Conventional Security; Technology and Alternative Security: A Cherished Myth Expires; Law and Alternative Security: Toward a Just World Peace; Politics and Alternative Security: Toward a More Democratic, Therefore More Peaceful, World; Economics and Alternative Security: Toward a Peacekeeping International Economy; Psychology and Alternative Security: Needs, Perceptions, and Misperceptions; Religion and Alternative Security: A Prophetic Vision; and Toward Post-Nuclear Global Security: An Overview

  5. Security infrastructures: towards the INDECT system security

    OpenAIRE

    Stoianov, Nikolai; Urueña, Manuel; Niemiec, Marcin; Machník, Petr; Maestro, Gema

    2012-01-01

    This paper provides an overview of the security infrastructures being deployed inside the INDECT project. These security infrastructures can be organized in five main areas: Public Key Infrastructure, Communication security, Cryptography security, Application security and Access control, based on certificates and smartcards. This paper presents the new ideas and deployed testbeds for these five areas. In particular, it explains the hierarchical architecture of the INDECT PKI...

  6. Nation State as Security Provider in Human Security Issue

    OpenAIRE

    Maya Padmi, Made Fitri

    2015-01-01

    Human Security notion is emphasizing on human as the central of security studies, challenging the position of state as the core of security. Some studies are tried to separate the state security and human security, however there are strong connection between these two notions. State has important role in establishing and maintaining the security of its own citizens. Through social contract and social security protection, state are oblige to set the security of its own people as their security...

  7. Security Policy and Developments in Central Asia : Security Documents Compared with Security Challenges

    NARCIS (Netherlands)

    Haas, de M.

    2016-01-01

    This article examines the security policy of the Central Asian (CA) states, by comparing theory (security documents) with practice (the actual security challenges). The lack of CA regional (security) cooperation and authoritarian rule puts political and economic stability at stake. The internal and

  8. Internet Banking Security Strategy: Securing Customer Trust

    OpenAIRE

    Frimpong Twum; Kwaku Ahenkora

    2012-01-01

    Internet banking strategies should enhance customers¡¯ online experiences which are affected by trust and security issues. This study provides perspectives of users and nonusers on internet banking security with a view to understanding trust and security factors in relation to adoption and continuous usage. Perception of internet banking security influenced usage intentions. Nonusers viewed internet banking to be insecure but users perceived it to be secure with perceived ease of use influenc...

  9. Threats or threads: from usable security to secure experience

    DEFF Research Database (Denmark)

    Bødker, Susanne; Mathiasen, Niels Raabjerg

    2008-01-01

    While the domain of security dependent technologies brings new challenges to HCI research it seems that the results and breakthroughs of HCI have not been used in design of security dependent technologies. With exceptions, work in the research field of usable security may be criticized for focusing...... mainly on adjusting user behavior to behave securely. With our background in newer HCI perspectives we address secure interaction from the perspective of security technology as experience. We analyze a number of collected user stories to understand what happens when everyday users encounter security...... dependent technologies. We apply McCarthy & Wright's [12] experience framework to the security domain and our collected stories. We point out that there are significant differences between being secure and having a secure experience, and conclude that classical usable security, focus on people's immediate...

  10. Security an introduction

    CERN Document Server

    Purpura, Philip P

    2011-01-01

    Section I The History and Profession of SecurityDefinition, Role, and History of Security Security Defined The Contexts of Security The Roles of Security The History of Security Security in an Environment of Threats, Terrorism, and All-Hazards Threats and Hazards Terrorism National Strategies The Profession and Business of Security The Business of Security Professionalism and Security Associations Ethics Regulation of the Security Industry Security Training Higher Education Careers Section II Protecting People and AssetsSecurity Methodology Methodology Defined Security Business Proposals Secur

  11. ORDER SECURITY – NATIONAL SECURITY ADMINISTRATION. NATIONAL SECURITY DEFENSE AS SPECIAL ADMINISTRATION

    OpenAIRE

    Zoltán BALLA

    2009-01-01

    National security administration is the special executivedisposal activity of the national security agencies, the section of the state administration that helps the governmental work by reconnoitering and preventing with secret-servicing methods of the risks that shall harm or endanger the national security’s interests. The main operational principles of national security governing are the followings among others: - controlling the operation of national security organization belongs to the ex...

  12. Computer Security: Security operations at CERN (4/4)

    CERN Document Server

    CERN. Geneva

    2012-01-01

    Stefan Lueders, PhD, graduated from the Swiss Federal Institute of Technology in Zurich and joined CERN in 2002. Being initially developer of a common safety system used in all four experiments at the Large Hadron Collider, he gathered expertise in cyber-security issues of control systems. Consequently in 2004, he took over responsibilities in securing CERN's accelerator and infrastructure control systems against cyber-threats. Subsequently, he joined the CERN Computer Security Incident Response Team and is today heading this team as CERN's Computer Security Officer with the mandate to coordinate all aspects of CERN's computer security --- office computing security, computer centre security, GRID computing security and control system security --- whilst taking into account CERN's operational needs. Dr. Lueders has presented on these topics at many different occasions to international bodies, governments, and companies, and published several articles. With the prevalence of modern information technologies and...

  13. CHANGES IN THE SECURITY AGENDA: CRITICAL SECURITY STUDIES AND HUMAN SECURITY. THE CASE OF CHINA

    Directory of Open Access Journals (Sweden)

    Nguyen THI THUY HANG

    2012-06-01

    Full Text Available Since the end of the Cold War the meaning of security has fundamentally changed. Issues which are labeled as non-traditional security namely human development, economic crises, environmental degradation, natural disaster, poverty, epidemics… have become a crucial part of the security agenda. These changes have been intensified with the development of the two approaches: Critical Security Studies and Human Security. This article explores how the meaning of security has changed and how the boundaries between traditional and non-traditional security have become blurred. The case of China is taken as empirical evidence to support the assertion that security has evolved beyond its traditional focus on the state.

  14. Generating WS-SecurityPolicy documents via security model transformation

    DEFF Research Database (Denmark)

    Jensen, Meiko

    2009-01-01

    When SOA-based business processes are to be enhanced with security properties, the model-driven business process development approach enables an easier and more reliable security definition compared to manually crafting the security realizations afterwards. In this paper, we outline an appropriat...... security model definition and transformation approach, targeting the WS-SecurityPolicy and WS-BPEL specifications, in order to enable a Web-Service-based secure business process development.......When SOA-based business processes are to be enhanced with security properties, the model-driven business process development approach enables an easier and more reliable security definition compared to manually crafting the security realizations afterwards. In this paper, we outline an appropriate...

  15. Security Engine Management of Router based on Security Policy

    OpenAIRE

    Su Hyung Jo; Ki Young Kim; Sang Ho Lee

    2007-01-01

    Security management has changed from the management of security equipments and useful interface to manager. It analyzes the whole security conditions of network and preserves the network services from attacks. Secure router technology has security functions, such as intrusion detection, IPsec(IP Security) and access control, are applied to legacy router for secure networking. It controls an unauthorized router access and detects an illegal network intrusion. This paper re...

  16. Pragmatic security metrics applying metametrics to information security

    CERN Document Server

    Brotby, W Krag

    2013-01-01

    Other books on information security metrics discuss number theory and statistics in academic terms. Light on mathematics and heavy on utility, PRAGMATIC Security Metrics: Applying Metametrics to Information Security breaks the mold. This is the ultimate how-to-do-it guide for security metrics.Packed with time-saving tips, the book offers easy-to-follow guidance for those struggling with security metrics. Step by step, it clearly explains how to specify, develop, use, and maintain an information security measurement system (a comprehensive suite of metrics) to

  17. Strategic information security

    CERN Document Server

    Wylder, John

    2003-01-01

    Introduction to Strategic Information SecurityWhat Does It Mean to Be Strategic? Information Security Defined The Security Professional's View of Information Security The Business View of Information SecurityChanges Affecting Business and Risk Management Strategic Security Strategic Security or Security Strategy?Monitoring and MeasurementMoving Forward ORGANIZATIONAL ISSUESThe Life Cycles of Security ManagersIntroductionThe Information Security Manager's Responsibilities The Evolution of Data Security to Information SecurityThe Repository Concept Changing Job Requirements Business Life Cycles

  18. Security Expertise

    DEFF Research Database (Denmark)

    systematic study of security expertise and opens up a productive dialogue between science and technology studies and security studies to investigate the character and consequences of this expertise. In security theory, the study of expertise is crucial to understanding whose knowledge informs security making......This volume brings together scholars from different fields to explore the power, consequences and everyday practices of security expertise. Expertise mediates between different forms of knowledge: scientific and technological, legal, economic and political knowledge. This book offers the first...... and to reflect on the impact and responsibility of security analysis. In science and technology studies, the study of security politics adds a challenging new case to the agenda of research on expertise and policy. The contributors investigate cases such as academic security studies, security think tanks...

  19. Microsoft Security Bible A Collection of Practical Security Techniques

    CERN Document Server

    Mullen, Timothy "Thor"

    2011-01-01

    Thor's Microsoft® Security Bible provides a "one-stop-shop" for Microsoft-related security techniques and procedures as applied to the typical deployment of a Microsoft-based infrastructure. The book contains detailed security concepts and methodologies described at every level: Server, Client, Organizational Structure, Platform-specific security options, application specific security (IIS, SQL, Active Directory, etc.) and also includes new, never-before-published security tools complete with source code. Detailed technical information on security processes for all major Microsoft applications

  20. Security 2020 Reduce Security Risks This Decade

    CERN Document Server

    Howard, Doug; Schneier, Bruce

    2010-01-01

    Identify real security risks and skip the hype After years of focusing on IT security, we find that hackers are as active and effective as ever. This book gives application developers, networking and security professionals, those that create standards, and CIOs a straightforward look at the reality of today's IT security and a sobering forecast of what to expect in the next decade. It debunks the media hype and unnecessary concerns while focusing on the knowledge you need to combat and prioritize the actual risks of today and beyond.IT security needs are constantly evolving; this guide examine

  1. Security Evolution.

    Science.gov (United States)

    De Patta, Joe

    2003-01-01

    Examines how to evaluate school security, begin making schools safe, secure schools without turning them into fortresses, and secure schools easily and affordably; the evolution of security systems into information technology systems; using schools' high-speed network lines; how one specific security system was developed; pros and cons of the…

  2. Security Dilemma

    DEFF Research Database (Denmark)

    Wivel, Anders

    2011-01-01

    What is a security dilemma? What are the consequences of security dilemmas in international politics?......What is a security dilemma? What are the consequences of security dilemmas in international politics?...

  3. The intelligence-security services and national security

    OpenAIRE

    Mijalković, Saša

    2011-01-01

    Since their inception, states have been trying to protect their vital interests and values more effectively, in which they are often impeded by other countries. At the same time, they seek to protect the internal order and security against the so-called internal enemy. Therefore, the states organize (national) security systems within their (state) systems, in which they form some specialized security entities. Among them, however, intelligence and security services are the ones that stand out...

  4. Security intelligence a practitioner's guide to solving enterprise security challenges

    CERN Document Server

    Li, Qing

    2015-01-01

    Identify, deploy, and secure your enterprise Security Intelligence, A Practitioner's Guide to Solving Enterprise Security Challenges is a handbook for security in modern times, against modern adversaries. As leaders in the design and creation of security products that are deployed globally across a range of industries and market sectors, authors Qing Li and Gregory Clark deliver unparalleled insight into the development of comprehensive and focused enterprise security solutions. They walk you through the process of translating your security goals into specific security technology domains, fo

  5. Center for computer security: Computer Security Group conference. Summary

    Energy Technology Data Exchange (ETDEWEB)

    None

    1982-06-01

    Topics covered include: computer security management; detection and prevention of computer misuse; certification and accreditation; protection of computer security, perspective from a program office; risk analysis; secure accreditation systems; data base security; implementing R and D; key notarization system; DOD computer security center; the Sandia experience; inspector general's report; and backup and contingency planning. (GHT)

  6. Security dialogues: building better relationships between security and business

    OpenAIRE

    Ashenden, Debi; Lawrence, Darren

    2016-01-01

    In the real world, there's often a discrepancy between an organization's mandated security processes and what actually happens. The social practice of security flourishes in the space between and around formal organizational security processes. By recognizing the value of risk management as a communication tool, security practitioners can tap opportunities to improve the security dialogue with staff.

  7. Enterprise security IT security solutions : concepts, practical experiences, technologies

    CERN Document Server

    Fumy, Walter

    2013-01-01

    Addressing IT managers and staff, as well as CIOs and other executives dealing with corporate IT security, this book provides a broad knowledge on the major security issues affecting today's corporations and organizations, and presents state-of-the-art concepts and current trends for securing an enterprise.Areas covered include information security management, network and system security, identity and access management (IAM), authentication (including smart card based solutions and biometrics), and security certification. In-depth discussion of relevant technologies and standards (including cr

  8. Securing Chinese nuclear power development: further strengthening nuclear security

    International Nuclear Information System (INIS)

    Zhang Hui

    2014-01-01

    Chinese President Xi Jinping addresses China's new concept of nuclear security with four 'equal emphasis' at the third Nuclear Security Summit, and makes four commitments to strengthen nuclear security in the future. To convert President Xi's political commitments into practical, sustainable reality, China should take further steps to install a complete, reliable, and effective security system to ensure that all its nuclear materials and nuclear facilities are effectively protected against the full spectrum of plausible terrorist and criminal threats. This paper suggests the following measures be taken to improve China's existing nuclear security system, including updating and clarifying the requirements for a national level DBT; updating and enforcing existing regulations; further promoting nuclear security culture; balancing the costs of nuclear security, and further strengthening international cooperation on nuclear security. (author)

  9. To The Question Of The Concepts "National Security", "Information Security", "National Information Security" Meanings

    OpenAIRE

    Alexander A. Galushkin

    2015-01-01

    In the present article author analyzes value of the concepts "national security", "information security", "national information security". Author gives opinions of scientists-jurists, definitions given by legislators and normotvorets in various regulations.

  10. Security negotiation

    OpenAIRE

    Mitrović, Miroslav M.; Ivaniš, Željko

    2013-01-01

    Contemporary security challenges, risks and threats represent a resultant of the achieved level of interaction between various entities within the paradigm of global security relations. Asymmetry and nonlinearity are main features of contemporary challenges in the field of global security. Negotiation in the area of security, namely the security negotiation, thus goes beyond just the domain of negotiation in conflicts and takes into consideration particularly asymmetric forms of possible sour...

  11. Financial security

    NARCIS (Netherlands)

    de Goede, M.; Burgess, J.P.

    2010-01-01

    1. Introduction J. Peter Burgess Part 1: New Security Concepts 2. Civilizational Security Brett Bowden 3. Risk Oliver Kessler 4. Small Arms Keith Krause 5. Critical Human Security Taylor Owen 6. Critical Geopolitics Simon Dalby Part 2: New Security Subjects 7. Biopolitics Michael Dillon 8. Gendered

  12. Security patterns in practice designing secure architectures using software patterns

    CERN Document Server

    Fernandez-Buglioni, Eduardo

    2013-01-01

    Learn to combine security theory and code to produce secure systems Security is clearly a crucial issue to consider during the design and implementation of any distributed software architecture. Security patterns are increasingly being used by developers who take security into serious consideration from the creation of their work. Written by the authority on security patterns, this unique book examines the structure and purpose of security patterns, illustrating their use with the help of detailed implementation advice, numerous code samples, and descriptions in UML. Provides

  13. Database and applications security integrating information security and data management

    CERN Document Server

    Thuraisingham, Bhavani

    2005-01-01

    This is the first book to provide an in-depth coverage of all the developments, issues and challenges in secure databases and applications. It provides directions for data and application security, including securing emerging applications such as bioinformatics, stream information processing and peer-to-peer computing. Divided into eight sections, each of which focuses on a key concept of secure databases and applications, this book deals with all aspects of technology, including secure relational databases, inference problems, secure object databases, secure distributed databases and emerging

  14. The House of Security: Stakeholder Perceptions of Security Assessment and Importance

    OpenAIRE

    Ang, Wee Horng; Deng, Vicki; Lee, Yang; Madnick, Stuart; Mistree, Dinsha; Siegel, Michael; Strong, Diane

    2007-01-01

    In this paper we introduce a methodology for analyzing differences regarding security perceptions within and between stakeholders, and the elements which affect these perceptions. We have designed the €܈ouse of Security€ݬ a security assessment model that provides the basic framework for considering eight different constructs of security: Vulnerability, Accessibility, Confidentiality, Technology Resources for Security, Financial Resources for Security, Business Strategy for Security, Secur...

  15. Securing Land Tenure, Improving Food Security and Reducing ...

    International Development Research Centre (IDRC) Digital Library (Canada)

    Securing Land Tenure, Improving Food Security and Reducing Poverty in Rural ... land tenure regimes as obstacles to food security, economic integration and ... its 2017 call for proposals to establish Cyber Policy Centres in the Global South.

  16. Cyber security

    CERN Document Server

    Voeller, John G

    2014-01-01

    Cyber Security features articles from the Wiley Handbook of Science and Technology for Homeland Security covering topics related to cyber security metrics and measure  and related technologies that meet security needs. Specific applications to web services, the banking and the finance sector, and industrial process control systems are discussed.

  17. Computer Security: the security marathon

    CERN Multimedia

    Computer Security Team

    2014-01-01

    If you believe that “security” is a sprint, that a quick hack is invulnerable, that quick bug fixing is sufficient, that plugging security measures on top of existing structures is good, that once you are secure your life will be easy... then let me convince you otherwise.   An excellent example of this is when the summer students join us at CERN. As the summer period is short, software projects must be accomplished quickly, like a sprint. Rush, rush! But often, this sprint ends with aching muscles. Regularly, these summer students approach us to have their project or web server made visible to the Internet. Regularly, quick security reviews of those web servers diagnose severe underperformance with regards to security: the web applications are flawed or use insecure protocols; the employed software tools, databases or web frameworks are sub-optimal and not adequately chosen for that project; the operating system is non-standard and has never been brought up-to-date; and ...

  18. Homeland Security

    Science.gov (United States)

    Provides an overview of EPA's homeland security roles and responsibilities, and links to specific homeland security issues: water security, research, emergency response, recovery, and waste management.

  19. International Nuclear Security Education Network (INSEN): Promoting nuclear security education

    International Nuclear Information System (INIS)

    Muhamad Samudi Yasir

    2013-01-01

    Full-text: The need for human resource development programmes in nuclear security was underlined at several International Atomic Energy Agency (IAEA) General Conferences and Board of Governors Meetings. Successive IAEA Nuclear Security Plans, the most recent of which was agreed by the Board of Governors in September 2009, give high priority to assisting States in establishing educational programmes in nuclear security in order to ensure the sustainability of nuclear security improvements. The current Nuclear Security Plan 1 covering 2010-2013 emphasizes on the importance of considering existing capacities at international, regional and national levels while designing nuclear security academic programmes. In the course of implementing the Plan, the IAEA developed a guide entitled Educational Programme in Nuclear Security (IAEA Nuclear Security Series No. 12) that consists of a model of a MAster of Science (M.Sc.) and a Certificate Programme in Nuclear Security. This guide was aims at assisting universities or other educational institutes to developed academic programmes in nuclear security. Independently, some universities already offered academic programmes covering some areas of nuclear security, while other universities have asked the IAEA to support the implementation of these programmes. In order to better address current and future request for assistance in this area, the IAEA establish a collaboration network-International Nuclear Security Education Network (INSEN), among universities who are providing nuclear security education or who are interested in starting an academic programme/ course(s) in nuclear security. Universiti Kebangsaan Malaysia (UKM) is a first local university became a member of INSEN since the beginning of the establishment. (author)

  20. Enterprise Mac Security Mac OS X Snow Leopard Security

    CERN Document Server

    Edge, Stephen Charles; Hunter, Beau; Sullivan, Gene; LeBlanc, Dee-Ann

    2010-01-01

    A common misconception in the Mac community is that Mac's operating system is more secure than others. While this might be true in certain cases, security on the Mac is still a crucial issue. When sharing is enabled or remote control applications are installed, Mac OS X faces a variety of security threats. Enterprise Mac Security: Mac OS X Snow Leopard is a definitive, expert-driven update of the popular, slash-dotted first edition and was written in part as a companion to the SANS Institute course for Mac OS X. It contains detailed Mac OS X security information, and walkthroughs on securing s

  1. Quality of Security Service: Adaptive Security

    National Research Council Canada - National Science Library

    Levin, Timothy E; Irvine, Cynthia E; Spyropoulou, Evdoxia

    2004-01-01

    The premise of Quality of Security Service is that system and network management functions can be more effective if variable levels of security services and requirements can be presented to users or network tasks...

  2. Security research roadmap

    Energy Technology Data Exchange (ETDEWEB)

    Rouhiainen, V. (ed.)

    2007-02-15

    VTT has a broad range of security research ongoing in many areas of technology. The main areas have been concentrating on public safety and security, but VTT is also participating in several research projects related to defence technology. To identify and define expertise and research goals in more detail, the Security research roadmap was developed. The roadmap identified three particularly significant areas related to security. The assurance of a critical infrastructure emphasises the protection of energy networks, information networks, water supply, traffic and transport, and obviously also the citizens. For assuring the activities of entrepreneurship, significant areas include the security of production and services, the security of sites and assets, and information security for embedded systems. The most important security products and technologies needed are, for example, management of total security, detection, identification, localisation and communication, protection of information networks and systems, as well as physical protection. In the EU's Security programme, which aims at ensuring the security of society and its vital functions, it is stated that. Technology alone can not assure security, but security can not be assured without the support of technology. VTT is conducting security research in all its areas of expertise and clusters. The area has a significant research potential. The development of products and systems designed for the improvement of security has just started. There is still room for innovation. This report presents knowledge and development needs in more detail, as well as future development potential seen in the area of security. (orig.)

  3. ORACLE DATABASE SECURITY

    OpenAIRE

    Cristina-Maria Titrade

    2011-01-01

    This paper presents some security issues, namely security database system level, data level security, user-level security, user management, resource management and password management. Security is a constant concern in the design and database development. Usually, there are no concerns about the existence of security, but rather how large it should be. A typically DBMS has several levels of security, in addition to those offered by the operating system or network. Typically, a DBMS has user a...

  4. Pattern and security requirements engineering-based establishment of security standards

    CERN Document Server

    Beckers, Kristian

    2015-01-01

    Security threats are a significant problem for information technology companies today. This book focuses on how to mitigate these threats by using security standards and provides ways to address associated problems faced by engineers caused by ambiguities in the standards. The security standards are analysed, fundamental concepts of the security standards presented, and the relations to the elementary concepts of security requirements engineering (SRE) methods explored. Using this knowledge, engineers can build customised methods that support the establishment of security standards. Standard

  5. Information security fundamentals

    CERN Document Server

    Peltier, Thomas R

    2013-01-01

    Developing an information security program that adheres to the principle of security as a business enabler must be the first step in an enterprise's effort to build an effective security program. Following in the footsteps of its bestselling predecessor, Information Security Fundamentals, Second Edition provides information security professionals with a clear understanding of the fundamentals of security required to address the range of issues they will experience in the field.The book examines the elements of computer security, employee roles and r

  6. Security Bingo

    CERN Multimedia

    Computer Security Team

    2011-01-01

    Want to check your security awareness and win one of three marvellous books on computer security? Just print out this page, mark which of the 25 good practices below you already follow, and send the sheet back to us by 31 October 2011 at either Computer.Security@cern.ch or P.O. Box G19710.   Winners[1] must show that they fulfil at least five good practices in a continuous vertical, horizontal or diagonal row. For details on CERN Computer Security, please consult http://cern.ch/security. I personally…   …am concerned about computer security. …run my computer with an anti-virus software and up-to-date signature files. …lock my computer screen whenever I leave my office. …have chosen a reasonably complex password. …have restricted access to all my files and data. …am aware of the security risks and threats to CERN’s computing facilities. &hell...

  7. The Role Of Commercially Provided Security in Africa's Patrimonial Security Complexes

    OpenAIRE

    Kinsey, Christopher; Krieg, Andreas

    2014-01-01

    With the concept of public security generally absent in Africa and a factionalized security sector of both state and non-state actors delivering security exclusively to certain groups affiliated with patrimonial elites, this paper examines the role of commercial providers of security within African security sectors. In factionalized security sectors with limited territorial reach, the state unable or unwilling to provide security as a public good within its boundaries has long lost its monopo...

  8. A Development Framework for Software Security in Nuclear Safety Systems: Integrating Secure Development and System Security Activities

    Energy Technology Data Exchange (ETDEWEB)

    Park, Jaekwan; Suh, Yongsuk [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

    2014-02-15

    The protection of nuclear safety software is essential in that a failure can result in significant economic loss and physical damage to the public. However, software security has often been ignored in nuclear safety software development. To enforce security considerations, nuclear regulator commission recently issued and revised the security regulations for nuclear computer-based systems. It is a great challenge for nuclear developers to comply with the security requirements. However, there is still no clear software development process regarding security activities. This paper proposes an integrated development process suitable for the secure development requirements and system security requirements described by various regulatory bodies. It provides a three-stage framework with eight security activities as the software development process. Detailed descriptions are useful for software developers and licensees to understand the regulatory requirements and to establish a detailed activity plan for software design and engineering.

  9. Securing the Cloud Cloud Computer Security Techniques and Tactics

    CERN Document Server

    Winkler, Vic (JR)

    2011-01-01

    As companies turn to cloud computing technology to streamline and save money, security is a fundamental concern. Loss of certain control and lack of trust make this transition difficult unless you know how to handle it. Securing the Cloud discusses making the move to the cloud while securing your peice of it! The cloud offers felxibility, adaptability, scalability, and in the case of security-resilience. This book details the strengths and weaknesses of securing your company's information with different cloud approaches. Attacks can focus on your infrastructure, communications network, data, o

  10. Secure it now or secure it later: the benefits of addressing cyber-security from the outset

    Science.gov (United States)

    Olama, Mohammed M.; Nutaro, James

    2013-05-01

    The majority of funding for research and development (R&D) in cyber-security is focused on the end of the software lifecycle where systems have been deployed or are nearing deployment. Recruiting of cyber-security personnel is similarly focused on end-of-life expertise. By emphasizing cyber-security at these late stages, security problems are found and corrected when it is most expensive to do so, thus increasing the cost of owning and operating complex software systems. Worse, expenditures on expensive security measures often mean less money for innovative developments. These unwanted increases in cost and potential slowing of innovation are unavoidable consequences of an approach to security that finds and remediate faults after software has been implemented. We argue that software security can be improved and the total cost of a software system can be substantially reduced by an appropriate allocation of resources to the early stages of a software project. By adopting a similar allocation of R&D funds to the early stages of the software lifecycle, we propose that the costs of cyber-security can be better controlled and, consequently, the positive effects of this R&D on industry will be much more pronounced.

  11. The Extended Concept of Security and the Czech Security Practice

    Directory of Open Access Journals (Sweden)

    Libor Stejskal

    2008-12-01

    Full Text Available According to the extended concept of security, the nation state is no longer the sole privileged reference object of security. The traditional model of national security is developing from military terms to a broader concept which embraces the international, economic, social, environmental, and human rights dimensions of security. The meaning and relevance of the concept is being extended “upwards”, to international organisations, and “downwards”, to regional and local authorities, non-governmental organisations, communities, and individual citizens. This has immediate bearing on the everyday security reality of the Czech Republic. In international context, the “security frontier” of the Czech Republic is expanding, e.g. through the country’s involvement in UN and NATO security missions in conflict-ridden regions of Europe and the world. The country also helps enhance the internal security of the European Union, whose strength depends on its Member States’ willingness to “harmonise” the pursuit of their respective national security interests. This approach is especially important with regard to the principal security threats Europe faces and will continue to face in the future: terrorism and organised crime. It is vital that the Czech Republic have a well-working security system capable of responding effectively to a broad range of threats. This requirement applies first and foremost to the Police, the Fire and Rescue Service, and intelligence services. Unfortunately, with the present effectiveness of the Czech security system, much remains wishful thinking and, due to the lack of a comprehensive framework, a comparatively low level of protection against emergencies exists. Fight against crime is hampered by inefficient operation of the Police and judiciary. A thorough analysis of the aforementioned problems could provide basis for a broader public debate over the priorities and goals of Czech security policy, which should

  12. Process Control/SCADA system vendor security awareness and security posture.

    NARCIS (Netherlands)

    Luiijf, H.A.M.; Lüders, S.

    2009-01-01

    A starting point for the adequate security of process control/SCADA systems is the security awareness and security posture by the manufacturers, vendors, system integrators, and service organisations. The results of a short set of questions indicate that major security improvements are required in

  13. Information Security Service Branding – beyond information security awareness

    Directory of Open Access Journals (Sweden)

    Rahul Rastogi

    2012-12-01

    Full Text Available End-users play a critical role in the effective implementation and running of an information security program in any organization. The success of such a program depends primarily on the effective implementation and execution of associated information security policies and controls and the resultant behavior and actions of end-users. However, end-users often have negative perception of information security in the organization and exhibit non-compliance. In order to improve compliance levels, it is vital to improve the image of information security in the minds of end-users. This paper borrows the concepts of brands and branding from the domain of marketing to achieve this objective and applies these concepts to information security. The paper also describes a process for creating the information security service brand in the organization.

  14. Watermarking security

    CERN Document Server

    Bas, Patrick; Cayre, François; Doërr, Gwenaël; Mathon, Benjamin

    2016-01-01

    This book explains how to measure the security of a watermarking scheme, how to design secure schemes but also how to attack popular watermarking schemes. This book gathers the most recent achievements in the field of watermarking security by considering both parts of this cat and mouse game. This book is useful to industrial practitioners who would like to increase the security of their watermarking applications and for academics to quickly master this fascinating domain.

  15. TWO-LAYER SECURE PREVENTION MECHANISM FOR REDUCING E-COMMERCE SECURITY RISKS

    OpenAIRE

    Sen-Tarng Lai

    2015-01-01

    E-commerce is an important information system in the network and digital age. However, the network intrusion, malicious users, virus attack and system security vulnerabilities have continued to threaten the operation of the e-commerce, making e-commerce security encounter serious test. How to improve ecommerce security has become a topic worthy of further exploration. Combining routine security test and security event detection procedures, this paper proposes the Two-Layer Secure ...

  16. Security By Design

    OpenAIRE

    Tanner, M. James

    2009-01-01

    Securing a computer from unwanted intrusion requires astute planning and effort to effectively minimize the security invasions computers are plagued with today. While all of the efforts to secure a computer are needed, it seems that the underlying issue of what is being secured has been overlooked. The operating system is at the core of the security issue. Many applications and devices have been put into place to add layers of protection to an already weak operating system. Security did not u...

  17. Green Secure Processors: Towards Power-Efficient Secure Processor Design

    Science.gov (United States)

    Chhabra, Siddhartha; Solihin, Yan

    With the increasing wealth of digital information stored on computer systems today, security issues have become increasingly important. In addition to attacks targeting the software stack of a system, hardware attacks have become equally likely. Researchers have proposed Secure Processor Architectures which utilize hardware mechanisms for memory encryption and integrity verification to protect the confidentiality and integrity of data and computation, even from sophisticated hardware attacks. While there have been many works addressing performance and other system level issues in secure processor design, power issues have largely been ignored. In this paper, we first analyze the sources of power (energy) increase in different secure processor architectures. We then present a power analysis of various secure processor architectures in terms of their increase in power consumption over a base system with no protection and then provide recommendations for designs that offer the best balance between performance and power without compromising security. We extend our study to the embedded domain as well. We also outline the design of a novel hybrid cryptographic engine that can be used to minimize the power consumption for a secure processor. We believe that if secure processors are to be adopted in future systems (general purpose or embedded), it is critically important that power issues are considered in addition to performance and other system level issues. To the best of our knowledge, this is the first work to examine the power implications of providing hardware mechanisms for security.

  18. SecurID

    CERN Multimedia

    Now called RSA SecurID, SecurID is a mechanism developed by Security Dynamics that allows two-factor authentication for a user on a network resource. It works on the principle of the unique password mode, based on a shared secret. Every sixty seconds, the component generates a new six-digit token on the screen. The latter comes from the current time (internal clock) and the seed (SecurID private key that is available on the component, and is also from the SecurID server). During an authentication request, the SecurID server will check the entered token by performing exactly the same calculation as that performed by your component. The server knows the two information required for this calculation: the current time and the seed of your component. Access is allowed if the token calculated by the server matches the token you specified.

  19. A Security Audit Framework to Manage Information System Security

    Science.gov (United States)

    Pereira, Teresa; Santos, Henrique

    The widespread adoption of information and communication technology have promoted an increase dependency of organizations in the performance of their Information Systems. As a result, adequate security procedures to properly manage information security must be established by the organizations, in order to protect their valued or critical resources from accidental or intentional attacks, and ensure their normal activity. A conceptual security framework to manage and audit Information System Security is proposed and discussed. The proposed framework intends to assist organizations firstly to understand what they precisely need to protect assets and what are their weaknesses (vulnerabilities), enabling to perform an adequate security management. Secondly, enabling a security audit framework to support the organization to assess the efficiency of the controls and policy adopted to prevent or mitigate attacks, threats and vulnerabilities, promoted by the advances of new technologies and new Internet-enabled services, that the organizations are subject of. The presented framework is based on a conceptual model approach, which contains the semantic description of the concepts defined in information security domain, based on the ISO/IEC_JCT1 standards.

  20. Defining Information Security.

    Science.gov (United States)

    Lundgren, Björn; Möller, Niklas

    2017-11-15

    This article proposes a new definition of information security, the 'Appropriate Access' definition. Apart from providing the basic criteria for a definition-correct demarcation and meaning concerning the state of security-it also aims at being a definition suitable for any information security perspective. As such, it bridges the conceptual divide between so-called 'soft issues' of information security (those including, e.g., humans, organizations, culture, ethics, policies, and law) and more technical issues. Because of this it is also suitable for various analytical purposes, such as analysing possible security breaches, or for studying conflicting attitudes on security in an organization. The need for a new definition is demonstrated by pointing to a number of problems for the standard definition type of information security-the so-called CIA definition. Besides being too broad as well as too narrow, it cannot properly handle the soft issues of information security, nor recognize the contextual and normative nature of security.

  1. Breaking the cyber-security dilemma: aligning security needs and removing vulnerabilities.

    Science.gov (United States)

    Dunn Cavelty, Myriam

    2014-09-01

    Current approaches to cyber-security are not working. Rather than producing more security, we seem to be facing less and less. The reason for this is a multi-dimensional and multi-faceted security dilemma that extends beyond the state and its interaction with other states. It will be shown how the focus on the state and "its" security crowds out consideration for the security of the individual citizen, with detrimental effects on the security of the whole system. The threat arising from cyberspace to (national) security is presented as possible disruption to a specific way of life, one building on information technologies and critical functions of infrastructures, with relatively little consideration for humans directly. This non-focus on people makes it easier for state actors to militarize cyber-security and (re-)assert their power in cyberspace, thereby overriding the different security needs of human beings in that space. Paradoxically, the use of cyberspace as a tool for national security, both in the dimension of war fighting and the dimension of mass-surveillance, has detrimental effects on the level of cyber-security globally. A solution out of this dilemma is a cyber-security policy that is decidedly anti-vulnerability and at the same time based on strong considerations for privacy and data protection. Such a security would have to be informed by an ethics of the infosphere that is based on the dignity of information related to human beings.

  2. ICT security management

    OpenAIRE

    SCHREURS, Jeanne; MOREAU, Rachel

    2007-01-01

    Security becomes more and more important and companies are aware that it has become a management problem. It’s critical to know what are the critical resources and processes of the company and their weaknesses. A security audit can be a handy solution. We have developed BEVA, a method to critically analyse the company and to uncover the weak spots in the security system. BEVA results also in a general security score and security scores for each security factor. These will be used in the risk ...

  3. Relaxing Chosen-Ciphertext Security

    DEFF Research Database (Denmark)

    Canetti, Ran; Krawczyk, Hugo; Nielsen, Jesper Buus

    2003-01-01

    Security against adaptive chosen ciphertext attacks (or, CCA security) has been accepted as the standard requirement from encryption schemes that need to withstand active attacks. In particular, it is regarded as the appropriate security notion for encryption schemes used as components within...... general protocols and applications. Indeed, CCA security was shown to suffice in a large variety of contexts. However, CCA security often appears to be somewhat too strong: there exist encryption schemes (some of which come up naturally in practice) that are not CCA secure, but seem sufficiently secure...... “for most practical purposes.” We propose a relaxed variant of CCA security, called Replayable CCA (RCCA) security. RCCA security accepts as secure the non-CCA (yet arguably secure) schemes mentioned above; furthermore, it suffices for most existing applications of CCA security. We provide three...

  4. Cyber security awareness toolkit for national security: an approach to South Africa's cyber security policy implementation

    CSIR Research Space (South Africa)

    Phahlamohlaka, LJ

    2011-05-01

    Full Text Available The aim of this paper is to propose an approach that South Africa could follow in implementing its proposed cyber security policy. The paper proposes a Cyber Security Awareness Toolkit that is underpinned by key National Security imperatives...

  5. Information security architecture an integrated approach to security in the organization

    CERN Document Server

    Killmeyer, Jan

    2000-01-01

    An information security architecture is made up of several components. Each component in the architecture focuses on establishing acceptable levels of control. These controls are then applied to the operating environment of an organization. Functionally, information security architecture combines technical, practical, and cost-effective solutions to provide an adequate and appropriate level of security.Information Security Architecture: An Integrated Approach to Security in the Organization details the five key components of an information security architecture. It provides C-level executives

  6. Security for grids

    Energy Technology Data Exchange (ETDEWEB)

    Humphrey, Marty; Thompson, Mary R.; Jackson, Keith R.

    2005-08-14

    Securing a Grid environment presents a distinctive set of challenges. This paper groups the activities that need to be secured into four categories: naming and authentication; secure communication; trust, policy, and authorization; and enforcement of access control. It examines the current state of the art in securing these processes and introduces new technologies that promise to meet the security requirements of Grids more completely.

  7. Security threads: effective security devices in the past, present, and future

    Science.gov (United States)

    Wolpert, Gary R.

    2002-04-01

    Security threads were first used to secure banknotes in the mid 1800's. The key to their anti-counterfeiting success was the fact that by being embedded in the paper, they became an integral part of the banknote substrate. Today, all major currencies still utilize this effective security feature. Technological developments have allowed security threads to evolve from a feature authenticated by only visual means to devices that incorporate both visual and machine detectable components. When viewed from the perspective of a thread being a carrier of various security technologies and the fact that they can be incorporated into the core substrate of banknotes, documents, labels, packaging and some high valued articles, it is clear that security threads will remain as effective security devices well into the future. This paper discusses a brief historical background of security threads, current visual and machine authentication technologies incorporated into threads today and a look to the future of threads as effective security devices.

  8. Information security management handbook

    CERN Document Server

    Tipton, Harold F

    2006-01-01

    Access Control Systems and Methodology. Telecommunications and Network Security. Security Management Practices. Application Program Security. Cryptography. Computer, System, and Security Architecture. Operations Security. Business Continuity Planning and Disaster Recovery Planning. Law, Investigation and Ethics. Physical Security.

  9. Security management

    International Nuclear Information System (INIS)

    Adams, H.W.

    1990-01-01

    Technical progress is moving more and more quickly and the systems thus produced are so complex and have become so unclear to the individual that he can no longer estimate the consequences: Faith in progress has given way to deep mistrust. Companies have adjusted to this change in consciousness. An interesting tendency can be identified: technical security is already available - now the organization of security has become an important objective for companies. The key message of the book is: If outworn technical systems are no longer adequate, the organization must be thoroughly overhauled. Five chapters deal with the following themes: organization as an aspect of society; risk control; aspects of security; is there security in ADP; the broader concept of security. (orig./HP) [de

  10. Obsessive-Compulsive Homeland Security: Insights from the Neurobiological Security Motivation System

    Science.gov (United States)

    2018-03-01

    HOMELAND SECURITY: INSIGHTS FROM THE NEUROBIOLOGICAL SECURITY MOTIVATION SYSTEM by Marissa D. Madrigal March 2018 Thesis Advisor...FROM THE NEUROBIOLOGICAL SECURITY MOTIVATION SYSTEM 5. FUNDING NUMBERS 6. AUTHOR(S) Marissa D. Madrigal 7. PERFORMING ORGANIZATION NAME(S) AND...how activation of the neurobiological security- motivation system can lead to securitization in response to a security speech act. It explores the model

  11. Security Locks

    Science.gov (United States)

    Hart, Kevin

    2010-01-01

    According to a 2008 "Year in Review" report by Educational Security Incidents, an online repository that collects data on higher education security issues, the total number of security incidents reported at universities and colleges worldwide rose to 173 in 2008, a 24.5 percent increase over 2007. The number of institutions…

  12. Software Security and the "Building Security in Maturity" Model

    CERN Document Server

    CERN. Geneva

    2011-01-01

    Using the framework described in my book "Software Security: Building Security In" I will discuss and describe the state of the practice in software security. This talk is peppered with real data from the field, based on my work with several large companies as a Cigital consultant. As a discipline, software security has made great progress over the last decade. Of the sixty large-scale software security initiatives we are aware of, thirty-two---all household names---are currently included in the BSIMM study. Those companies among the thirty-two who graciously agreed to be identified include: Adobe, Aon, Bank of America, Capital One, The Depository Trust & Clearing Corporation (DTCC), EMC, Google, Intel, Intuit, McKesson, Microsoft, Nokia, QUALCOMM, Sallie Mae, Standard Life, SWIFT, Symantec, Telecom Italia, Thomson Reuters, VMware, and Wells Fargo. The BSIMM was created by observing and analyzing real-world data from thirty-two leading software security initiatives. The BSIMM can...

  13. Android apps security

    CERN Document Server

    Gunasekera, Sheran

    2012-01-01

    Android Apps Security provides guiding principles for how to best design and develop Android apps with security in mind. It explores concepts that can be used to secure apps and how developers can use and incorporate these security features into their apps. This book will provide developers with the information they need to design useful, high-performing, and secure apps that expose end-users to as little risk as possible.  Overview of Android OS versions, features, architecture and security.  Detailed examination of areas where attacks on applications can take place and what controls should b

  14. Critical Perspective on ASEAN's Security Policy Under ASEAN Political and Security Community

    Directory of Open Access Journals (Sweden)

    Irawan Jati

    2016-03-01

    Full Text Available   Despite economic integration challenges, ASEAN faces greater security challenges. It is obvious to assert that a stable economic development requires a secure regional atmosphere. The most probable threats against ASEAN are ranging from hostile foreign entities infiltration, intra and inter states disputes, radical religious movements, human trafficking, drugs and narcotics smuggling, cybercrimes and environmental disasters. In 2009, ASEAN established the ASEAN Political and Security Community as the umbrella of ASEAN’s political and security initiatives. APSC slots in some significant fora; ASEAN Intergovernmental Commission on Human Rights (AICHR, ASEAN Foreign Ministers Meeting (AMM,  ASEAN Regional Forum (ARF, ASEAN Defense Minister’s Meeting (ADMM, ASEAN Law Ministers Meeting (ALAWMM, and ASEAN Ministerial Meeting on Transnational Crimes (AMMTC. The wide array of these forums signify ASEAN efforts to confront double features of security; the traditional and nontraditional or critical security. The traditional security considers state security as the primary object security. While the critical security tends to focus on non-state aspects such as individual human being as its referent object. Even though some argue that APSC has been able to preserve the stability in the region, it still lack of confidence in solving critical issues such as territorial disputes and irregular migrants problems.Therefore, this piece would examine the fundamental questions: How does ASEAN address beyond state security issues in its security policy through APSC? To search for the answer this paper would apply critical security studies approach. Critical security posits that threats are not always for the states but in many cases for the people. Based on the examination of ASEAN security policies, this paper argues that ASEAN’s security policy has touched the non-traditional security issues but showing slow progress on its development and application. 

  15. Securing Hadoop

    CERN Document Server

    Narayanan, Sudheesh

    2013-01-01

    This book is a step-by-step tutorial filled with practical examples which will focus mainly on the key security tools and implementation techniques of Hadoop security.This book is great for Hadoop practitioners (solution architects, Hadoop administrators, developers, and Hadoop project managers) who are looking to get a good grounding in what Kerberos is all about and who wish to learn how to implement end-to-end Hadoop security within an enterprise setup. It's assumed that you will have some basic understanding of Hadoop as well as be familiar with some basic security concepts.

  16. The corporate security professional

    DEFF Research Database (Denmark)

    Petersen, Karen Lund

    2013-01-01

    In our age of globalization and complex threat environments, every business is called upon to manage security. This tendency is reflected in the fact that a wide range of businesses increasingly think about security in broad terms and strive to translate national security concerns into corporate...... speech. This article argues that the profession of the security manager has become central for understanding how the relationship between national and corporate security is currently negotiated. The national security background of most private sector security managers makes the corporate security...... professional inside the company a powerful hybrid agent. By zooming in on the profession and the practice of national security inside companies, the article raises questions about where to draw the line between corporate security and national security along with the political consequences of the constitution...

  17. Job security or employment security : What's in a name?

    NARCIS (Netherlands)

    Zekic, Nuna

    2016-01-01

    The main aim of the article is to survey and conceptualize the place of employment security in labour law, and to explore a number of important legal questions relating to this concept. After scrutinizing the notion of employment security, the author endorses the view that job security that exists

  18. Unification of Information Security Policies for Network Security Solutions

    Directory of Open Access Journals (Sweden)

    D.S. Chernyavskiy

    2012-03-01

    Full Text Available Diversity of command languages on network security solutions’ (NSS interfaces causes problems in a process of information security policy (ISP deployment. Unified model for security policy representation and implementation in NSS could aid to avoid such problems and consequently enhance efficiency of the process. The proposed solution is Unified language for network security policy (ULNSP. The language is based on formal languages theory, and being coupled with its translator, ULNSP makes it possible to formalize and implement ISP independently of particular NSS.

  19. Computers, business, and security the new role for security

    CERN Document Server

    Schweitzer, James A

    1987-01-01

    Computers, Business, and Security: The New Role for Security addresses the professional security manager's responsibility to protect all business resources, with operating environments and high technology in mind. This book discusses the technological aspects of the total security programs.Organized into three parts encompassing 10 chapters, this book begins with an overview of how the developing information age is affecting business management, operations, and organization. This text then examines a number of vulnerabilities that arise in the process of using business computing and communicat

  20. Enabling Dynamic Security Management of Networked Systems via Device-Embedded Security (Self-Securing Devices)

    National Research Council Canada - National Science Library

    Ganger, Gregory R

    2007-01-01

    This report summarizes the results of the work on the AFOSR's Critical Infrastructure Protection Program project, entitled Enabling Dynamic Security Management of Networked Systems via Device-Embedded Security...

  1. 48 CFR 1352.237-72 - Security processing requirements-national security contracts.

    Science.gov (United States)

    2010-10-01

    ... requirements-national security contracts. 1352.237-72 Section 1352.237-72 Federal Acquisition Regulations... Provisions and Clauses 1352.237-72 Security processing requirements—national security contracts. As prescribed in 48 CFR 1337.110-70(d), use the following clause: Security Processing Requirements—National...

  2. Core software security security at the source

    CERN Document Server

    Ransome, James

    2013-01-01

    First and foremost, Ransome and Misra have made an engaging book that will empower readers in both large and small software development and engineering organizations to build security into their products. This book clarifies to executives the decisions to be made on software security and then provides guidance to managers and developers on process and procedure. Readers are armed with firm solutions for the fight against cyber threats.-Dr. Dena Haritos Tsamitis. Carnegie Mellon UniversityIn the wake of cloud computing and mobile apps, the issue of software security has never been more importan

  3. Securing collaborative environments

    Energy Technology Data Exchange (ETDEWEB)

    Agarwal, Deborah [Lawrence Berkeley National Lab. (LBNL), Berkeley, CA (United States); Jackson, Keith [Lawrence Berkeley National Lab. (LBNL), Berkeley, CA (United States); Thompson, Mary [Lawrence Berkeley National Lab. (LBNL), Berkeley, CA (United States)

    2002-05-16

    The diverse set of organizations and software components involved in a typical collaboratory make providing a seamless security solution difficult. In addition, the users need support for a broad range of frequency and locations for access to the collaboratory. A collaboratory security solution needs to be robust enough to ensure that valid participants are not denied access because of its failure. There are many tools that can be applied to the task of securing collaborative environments and these include public key infrastructure, secure sockets layer, Kerberos, virtual and real private networks, grid security infrastructure, and username/password. A combination of these mechanisms can provide effective secure collaboration capabilities. In this paper, we discuss the requirements of typical collaboratories and some proposals for applying various security mechanisms to collaborative environments.

  4. Computer security engineering management

    International Nuclear Information System (INIS)

    McDonald, G.W.

    1988-01-01

    For best results, computer security should be engineered into a system during its development rather than being appended later on. This paper addresses the implementation of computer security in eight stages through the life cycle of the system; starting with the definition of security policies and ending with continuing support for the security aspects of the system throughout its operational life cycle. Security policy is addressed relative to successive decomposition of security objectives (through policy, standard, and control stages) into system security requirements. This is followed by a discussion of computer security organization and responsibilities. Next the paper directs itself to analysis and management of security-related risks, followed by discussion of design and development of the system itself. Discussion of security test and evaluation preparations, and approval to operate (certification and accreditation), is followed by discussion of computer security training for users is followed by coverage of life cycle support for the security of the system

  5. Nuclear security

    International Nuclear Information System (INIS)

    1991-12-01

    This paper reports that despite their crucial importance to national security, safeguards at the Department of Energy's (DOE) weapons facilities may be falling short. DOE security inspections have identified many weaknesses, including poor performance by members of DOE's security force, poor accountability for quantities of nuclear materials, and the inability of personnel to locate documents containing classified information. About 13 percent of the 2,100 identified weakness resulted in DOE inspectors giving out unsatisfactory security ratings; another 38 percent led to marginal ratings. In addition, DOE's centralized safeguards and security information tracking system lacks current data on whether DOE field offices have corrected the identified weaknesses. Without reliable information, DOE has no way of knowing whether timely action was taken to correct problems, nor can it determine whether weaknesses are systematic. DOE has tried to minimize the impact of these security weaknesses at its facilities by establishing multiple layers of protection measures and instituting interim and compensatory measures for identified weaknesses. DOE is planning enhancements to the centralized tracking system that should improve its reliability and increase its effectiveness

  6. FOOD SECURITY

    Directory of Open Access Journals (Sweden)

    Dorina Ardelean

    2013-12-01

    Full Text Available The assurance of food security at the individual level doesn’t implicitly provide for the one at family level as the concepts of hunger, malnutrition and food insecurity are the steps of the same process of access restricted to a sufficient supply of food. In order to achieve food security at the individual level the following is necessary: ensuring food availability (production, reserve stocks; redistribution of food availability within the country or out through international exchanges; effective access of the population to purchase food consumer goods, by ensuring its effective demand as required. Food security of families (FFS is required for assuring individual food security (IFS, but it is not sufficient because the food available may be unevenly distributed between family members. National food security (NFS corresponds to the possibilities that different countries have to ensure both FFS and IFS without sacrificing other important objectives. Under the name of GAS is defined the global food security which represents permanent access for the entire population of the globe to the necessary food for a healthy and active life.

  7. Beyond grid security

    International Nuclear Information System (INIS)

    Hoeft, B; Epting, U; Koenig, T

    2008-01-01

    While many fields relevant to Grid security are already covered by existing working groups, their remit rarely goes beyond the scope of the Grid infrastructure itself. However, security issues pertaining to the internal set-up of compute centres have at least as much impact on Grid security. Thus, this talk will present briefly the EU ISSeG project (Integrated Site Security for Grids). In contrast to groups such as OSCT (Operational Security Coordination Team) and JSPG (Joint Security Policy Group), the purpose of ISSeG is to provide a holistic approach to security for Grid computer centres, from strategic considerations to an implementation plan and its deployment. The generalised methodology of Integrated Site Security (ISS) is based on the knowledge gained during its implementation at several sites as well as through security audits, and this will be briefly discussed. Several examples of ISS implementation tasks at the Forschungszentrum Karlsruhe will be presented, including segregation of the network for administration and maintenance and the implementation of Application Gateways. Furthermore, the web-based ISSeG training material will be introduced. This aims to offer ISS implementation guidance to other Grid installations in order to help avoid common pitfalls

  8. A Secure Routing Protocol for Wireless Sensor Networks Considering Secure Data Aggregation

    Directory of Open Access Journals (Sweden)

    Triana Mugia Rahayu

    2015-06-01

    Full Text Available The commonly unattended and hostile deployments of WSNs and their resource-constrained sensor devices have led to an increasing demand for secure energy-efficient protocols. Routing and data aggregation receive the most attention since they are among the daily network routines. With the awareness of such demand, we found that so far there has been no work that lays out a secure routing protocol as the foundation for a secure data aggregation protocol. We argue that the secure routing role would be rendered useless if the data aggregation scheme built on it is not secure. Conversely, the secure data aggregation protocol needs a secure underlying routing protocol as its foundation in order to be effectively optimal. As an attempt for the solution, we devise an energy-aware protocol based on LEACH and ESPDA that combines secure routing protocol and secure data aggregation protocol. We then evaluate its security effectiveness and its energy-efficiency aspects, knowing that there are always trade-off between both.

  9. Windows 2012 Server network security securing your Windows network systems and infrastructure

    CERN Document Server

    Rountree, Derrick

    2013-01-01

    Windows 2012 Server Network Security provides the most in-depth guide to deploying and maintaining a secure Windows network. The book drills down into all the new features of Windows 2012 and provides practical, hands-on methods for securing your Windows systems networks, including: Secure remote access Network vulnerabilities and mitigations DHCP installations configuration MAC filtering DNS server security WINS installation configuration Securing wired and wireless connections Windows personal firewall

  10. Using the safety/security interface to the security manager's advantage

    International Nuclear Information System (INIS)

    Stapleton, B.W.

    1993-01-01

    Two aspects of the safety/security interface are discussed: (1) the personal safety of nuclear security officers; and (2) how the security manager can effectively deal with the safety/security interface in solving today's requirements yet supporting the overall mission of the facility. The basis of this presentation is the result of interviews, document analyses, and observations. The conclusion is that proper planning and communication between the players involved in the security/safety interface can benefit the two programs and help achieve overall system integration, ultimately contributing to the bottom line. This is especially important in today's cost conscious environment

  11. What kind of cyber security? Theorising cyber security and mapping approaches

    OpenAIRE

    Laura Fichtner

    2018-01-01

    Building on conceptual work on security and cyber security, the paper explores how different approaches to cyber security are constructed. It outlines structural components and presents four common approaches. Each of them suggests a different role for the actors involved and is motivated and justified by different values such as privacy, economic order and national security. When a cyber security policy or initiative is chosen by policymakers, the analysis of the underlying approach enhances...

  12. 17 CFR 404.5 - Securities counts by registered government securities brokers and dealers.

    Science.gov (United States)

    2010-04-01

    ... registered government securities brokers and dealers. 404.5 Section 404.5 Commodity and Securities Exchanges... AND PRESERVATION OF RECORDS § 404.5 Securities counts by registered government securities brokers and dealers. (a) Securities counts. Every registered government securities broker or dealer shall comply with...

  13. 12 CFR 615.5454 - Creation of participant's security entitlement; security interests.

    Science.gov (United States)

    2010-01-01

    ... 12 Banks and Banking 6 2010-01-01 2010-01-01 false Creation of participant's security entitlement... Procedures for Farm Credit Securities § 615.5454 Creation of participant's security entitlement; security... public money, including without limitation deposits to the Treasury tax and loan accounts, or other...

  14. 12 CFR 1511.4 - Creation of Participant's Security Entitlement; security interests.

    Science.gov (United States)

    2010-01-01

    ... 12 Banks and Banking 7 2010-01-01 2010-01-01 false Creation of Participant's Security Entitlement... CORPORATION BOOK-ENTRY PROCEDURE § 1511.4 Creation of Participant's Security Entitlement; security interests... to secure deposits of public money, including without limitation deposits to the Treasury tax and...

  15. The Shaping of Managers' Security Objectives through Information Security Awareness Training

    Science.gov (United States)

    Harris, Mark A.

    2010-01-01

    Information security research states that corporate security policy and information security training should be socio-technical in nature and that corporations should consider training as a primary method of protecting their information systems. However, information security policies and training are predominately technical in nature. In addition,…

  16. Contemporary security management

    CERN Document Server

    Fay, John

    2010-01-01

    Contemporary Security Management, 3rd Edition teaches security professionals how to operate an efficient security department and how to integrate smoothly with other groups inside and outside their own organizations. Fay demonstrates the specifics of security management: * how to organize, plan, develop and manage a security operation. * how to identify vulnerabilities. * how to determine the protective resources required to offset threats. * how to implement all necessary physical and IT security measures. Security professionals share the responsibility for mitigating damage, serving as a resource to an Emergency Tactical Center, assisting the return of business continuity, and liaising with local response agencies such as police and fire departments, emergency medical responders, and emergency warning centers. At the organizational level, the book addresses budgeting, employee performance, counseling, hiring and termination, employee theft and other misconduct, and offers sound advice on building constructi...

  17. DNS security management

    CERN Document Server

    Dooley, Michael

    2017-01-01

    An advanced Domain Name System (DNS) security resource that explores the operation of DNS, its vulnerabilities, basic security approaches, and mitigation strategies DNS Security Management offers an overall role-based security approach and discusses the various threats to the Domain Name Systems (DNS). This vital resource is filled with proven strategies for detecting and mitigating these all too frequent threats. The authors—noted experts on the topic—offer an introduction to the role of DNS and explore the operation of DNS. They cover a myriad of DNS vulnerabilities and include preventative strategies that can be implemented. Comprehensive in scope, the text shows how to secure DNS resolution with the Domain Name System Security Extensions (DNSSEC), DNS firewall, server controls, and much more. In addition, the text includes discussions on security applications facilitated by DNS, such as anti-spam, SFP, and DANE.

  18. Polish Security Printing Works in the system of public and economic security

    OpenAIRE

    Remigiusz Lewandowski

    2013-01-01

    The article raises the issue of placing PWPW in the system of economic and public security. Two particular categories of security connected with PWPW business activity, i.e. identification and transactional security, have been defined and discussed in the article. The most essential factors affecting the above security categories as well as relations between identification/transactional security and economic/public security. The article indicates that PWPW plays an important role in the state...

  19. Modelling security and trust with Secure Tropos

    NARCIS (Netherlands)

    Giorgini, P.; Mouratidis, H.; Zannone, N.; Mouratidis, H.; Giorgini, P.

    2006-01-01

    Although the concepts of security and trust play an important issue in the development of information systems, they have been mainly neglected by software engineering methodologies. In this chapter we present an approach that considers security and trust throughout the software development process.

  20. 24 CFR 81.93 - Creation of Participant's Security Entitlement; security interests.

    Science.gov (United States)

    2010-04-01

    ... 24 Housing and Urban Development 1 2010-04-01 2010-04-01 false Creation of Participant's Security... Procedures § 81.93 Creation of Participant's Security Entitlement; security interests. (a) A Participant's... Entitlement of a Participant in favor of the United States to secure deposits of public money, including...

  1. 6 CFR 7.10 - Authority of the Chief Security Officer, Office of Security.

    Science.gov (United States)

    2010-01-01

    ...) Direct and administer DHS implementation and compliance with the National Industrial Security Program in... 6 Domestic Security 1 2010-01-01 2010-01-01 false Authority of the Chief Security Officer, Office of Security. 7.10 Section 7.10 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE...

  2. Unix Security Cookbook

    Science.gov (United States)

    Rehan, S. C.

    This document has been written to help Site Managers secure their Unix hosts from being compromised by hackers. I have given brief introductions to the security tools along with downloading, configuring and running information. I have also included a section on my recommendations for installing these security tools starting from an absolute minimum security requirement.

  3. Center for Homeland Defense and Security Homeland Security Affairs Journal

    OpenAIRE

    2015-01-01

    Homeland Security Affairs is the peer-reviewed online journal of the Center for Homeland Defense and Security (CHDS). The journal provides a forum to propose and debate strategies, policies and organizational arrangements to strengthen U.S. homeland security.

  4. Security guide for subcontractors

    Energy Technology Data Exchange (ETDEWEB)

    Adams, R.C.

    1993-06-01

    This guide is provided to aid in the achievement of security objectives in the Department of Energy (DOE) contractor/subcontractor program. The objectives of security are to protect information that, if released, would endanger the common defense and security of the nation and to safeguard plants and installations of the DOE and its contractors to prevent the interruption of research and production programs. The security objective and means of achieving the objective are described. Specific security measures discussed in this guide include physical barriers, personnel identification systems, personnel and vehicular access control, classified document control, protection of classified matter in use, storing classified matter, and repository combinations. Means of dealing with security violations and security infractions are described. Maintenance of a security education program is discussed. Also discussed are methods of handling clearance terminations, visitor control, travel to sensitive countries, and shipment security. The Technical Surveillance Countermeasures Program (TSCM), the Computer Security Program, and the Operations Security Plan (OPSEC) are examined.

  5. 18 CFR 1314.5 - Creation of Participant's Security Entitlement; security interests.

    Science.gov (United States)

    2010-04-01

    ... 18 Conservation of Power and Water Resources 2 2010-04-01 2010-04-01 false Creation of Participant... FEDERAL RESERVE BANKS § 1314.5 Creation of Participant's Security Entitlement; security interests. (a) A... Security Entitlement of a Participant in favor of the United States to secure deposits of public money...

  6. Secure Transportation Management

    International Nuclear Information System (INIS)

    Gibbs, P. W.

    2014-01-01

    Secure Transport Management Course (STMC) course provides managers with information related to procedures and equipment used to successfully transport special nuclear material. This workshop outlines these procedures and reinforces the information presented with the aid of numerous practical examples. The course focuses on understanding the regulatory framework for secure transportation of special nuclear materials, identifying the insider and outsider threat(s) to secure transportation, organization of a secure transportation unit, management and supervision of secure transportation units, equipment and facilities required, training and qualification needed.

  7. Pro Spring security

    CERN Document Server

    Scarioni, Carlo

    2013-01-01

    Security is a key element in the development of any non-trivial application. The Spring Security Framework provides a comprehensive set of functionalities to implement industry-standard authentication and authorization mechanisms for Java applications. Pro Spring Security will be a reference and advanced tutorial that will do the following: Guides you through the implementation of the security features for a Java web application by presenting consistent examples built from the ground-up. Demonstrates the different authentication and authorization methods to secure enterprise-level applications

  8. Pro PHP Security From Application Security Principles to the Implementation of XSS Defenses

    CERN Document Server

    Snyder, Chris; Southwell, Michael

    2010-01-01

    PHP security, just like PHP itself, has advanced. Updated for PHP 5.3, the second edition of this authoritative PHP security book covers foundational PHP security topics like SQL injection, XSS, user authentication, and secure PHP development. Chris Snyder and Tom Myer also dive into recent developments like mobile security, the impact of Javascript, and the advantages of recent PHP hardening efforts. Pro PHP Security, Second Edition will serve as your complete guide for taking defensive and proactive security measures within your PHP applications. Beginners in secure programming will find a l

  9. The Extended Concept of Security and the Czech Security Practice

    OpenAIRE

    Libor Stejskal; Antonín Rašek; Miloš Balabán

    2008-01-01

    According to the extended concept of security, the nation state is no longer the sole privileged reference object of security. The traditional model of national security is developing from military terms to a broader concept which embraces the international, economic, social, environmental, and human rights dimensions of security. The meaning and relevance of the concept is being extended “upwards”, to international organisations, and “downwards”, to regional and local authorities, non-govern...

  10. Information technology - Security techniques - Information security management systems - Requirements

    CERN Document Server

    International Organization for Standardization. Geneva

    2005-01-01

    ISO/IEC 27001:2005 covers all types of organizations (e.g. commercial enterprises, government agencies, not-for profit organizations). ISO/IEC 27001:2005 specifies the requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented Information Security Management System within the context of the organization's overall business risks. It specifies requirements for the implementation of security controls customized to the needs of individual organizations or parts thereof. ISO/IEC 27001:2005 is designed to ensure the selection of adequate and proportionate security controls that protect information assets and give confidence to interested parties. ISO/IEC 27001:2005 is intended to be suitable for several different types of use, including the following: use within organizations to formulate security requirements and objectives; use within organizations as a way to ensure that security risks are cost effectively managed; use within organizations to ensure comp...

  11. Social Security Bulletin

    Data.gov (United States)

    Social Security Administration — The Social Security Bulletin (ISSN 1937-4666) is published quarterly by the Social Security Administration. The Bulletin is prepared in the Office of Retirement and...

  12. Android security cookbook

    CERN Document Server

    Makan, Keith

    2013-01-01

    Android Security Cookbook' breaks down and enumerates the processes used to exploit and remediate Android app security vulnerabilities in the form of detailed recipes and walkthroughs.""Android Security Cookbook"" is aimed at anyone who is curious about Android app security and wants to be able to take the necessary practical measures to protect themselves; this means that Android application developers, security researchers and analysts, penetration testers, and generally any CIO, CTO, or IT managers facing the impeding onslaught of mobile devices in the business environment will benefit from

  13. Grid Security

    CERN Multimedia

    CERN. Geneva

    2004-01-01

    The aim of Grid computing is to enable the easy and open sharing of resources between large and highly distributed communities of scientists and institutes across many independent administrative domains. Convincing site security officers and computer centre managers to allow this to happen in view of today's ever-increasing Internet security problems is a major challenge. Convincing users and application developers to take security seriously is equally difficult. This paper will describe the main Grid security issues, both in terms of technology and policy, that have been tackled over recent years in LCG and related Grid projects. Achievements to date will be described and opportunities for future improvements will be addressed.

  14. Audit Teknologiinformasiatas Physical Security Control Dan Logical Security Control Serta Penentuan Kondisi Security Risk Studi Kasus: PT Talc Indonesia

    OpenAIRE

    Inggrid; Arfianti, Rizka I; Utami, Viany

    2009-01-01

    Abstract The fast growth of technology has an impact to the accounting field. This relates to the term of information technology (17) auditing. One of the risI6 of using information technology in business which can be fatal enough i fignored is security risk Security risk can be reduced by security controls which include physical security control and logical security contra Information technology auditing is the process of collecting and evaluating evidence to determine whether or not a co...

  15. PCI DSS: Security Standard and Security in Fact

    OpenAIRE

    M. V. Kuzin

    2011-01-01

    The article focuses on Payment Card Industry Data Security Standard (PCI DSS) requirements and practices, especially it’s issues and disadvantages to achieve the main goal — security of payment cards infrastructure.

  16. Untangle network security

    CERN Document Server

    El-Bawab, Abd El-Monem A

    2014-01-01

    If you are a security engineer or a system administrator and want to secure your server infrastructure with the feature-rich Untangle, this book is for you. For individuals who want to start their career in the network security field, this book would serve as a perfect companion to learn the basics of network security and how to implement it using Untangle NGFW.

  17. Foundational aspects of security

    DEFF Research Database (Denmark)

    Chatzikokolakis, Konstantinos; Mödersheim, Sebastian Alexander; Palamidessi, Catuscia

    2014-01-01

    This Special Issue of the Journal of Computer Security focuses on foundational aspects of security, which in recent years have helped change much of the way we think about and approach system security.......This Special Issue of the Journal of Computer Security focuses on foundational aspects of security, which in recent years have helped change much of the way we think about and approach system security....

  18. Defending Norway and the Northern Flank: Analysis of NATO’s Strategic Options.

    Science.gov (United States)

    1985-12-01

    22a NAME OF RESPONSIBLE INDIVIDUAL 22b TELEPHONE (Include Area Code) 22c OFFICE SYMBOL Prof. Patrick J. Parker 646-2097 56 DV C")RM 1473,s84 MAt 53...34Roy Breivik , Assuring the Security of Reinforcements to Norway," NATO s Fifteen Nations, special issue no. 2 (1982), pp. 66 67. 22...Analyses 1 2000 North Beauregard Street P.O. Box 11280 Alexandria, Virginia 22311 5. Professor Patrick J. Parker, Code 56Pr 1 4 Department of National

  19. Smart grid security

    Energy Technology Data Exchange (ETDEWEB)

    Cuellar, Jorge (ed.) [Siemens AG, Muenchen (Germany). Corporate Technology

    2013-11-01

    The engineering, deployment and security of the future smart grid will be an enormous project requiring the consensus of many stakeholders with different views on the security and privacy requirements, not to mention methods and solutions. The fragmentation of research agendas and proposed approaches or solutions for securing the future smart grid becomes apparent observing the results from different projects, standards, committees, etc, in different countries. The different approaches and views of the papers in this collection also witness this fragmentation. This book contains the following papers: 1. IT Security Architecture Approaches for Smart Metering and Smart Grid. 2. Smart Grid Information Exchange - Securing the Smart Grid from the Ground. 3. A Tool Set for the Evaluation of Security and Reliability in Smart Grids. 4. A Holistic View of Security and Privacy Issues in Smart Grids. 5. Hardware Security for Device Authentication in the Smart Grid. 6. Maintaining Privacy in Data Rich Demand Response Applications. 7. Data Protection in a Cloud-Enabled Smart Grid. 8. Formal Analysis of a Privacy-Preserving Billing Protocol. 9. Privacy in Smart Metering Ecosystems. 10. Energy rate at home Leveraging ZigBee to Enable Smart Grid in Residential Environment.

  20. Securing abundance : The politics of energy security

    NARCIS (Netherlands)

    Kester, Johannes

    2016-01-01

    Energy Security is a concept that is known in the literature for its ‘slippery’ nature and subsequent wide range of definitions. Instead of another attempt at grasping the essence of this concept, Securing Abundance reformulates the problem and moves away from a definitional problem to a theoretical

  1. Professional Cocoa Application Security

    CERN Document Server

    Lee, Graham J

    2010-01-01

    The first comprehensive security resource for Mac and iPhone developers. The Mac platform is legendary for security, but consequently, Apple developers have little appropriate security information available to help them assure that their applications are equally secure. This Wrox guide provides the first comprehensive go-to resource for Apple developers on the available frameworks and features that support secure application development.: While Macs are noted for security, developers still need to design applications for the Mac and the iPhone with security in mind; this guide offers the first

  2. Information Systems Security Audit

    OpenAIRE

    Gheorghe Popescu; Veronica Adriana Popescu; Cristina Raluca Popescu

    2007-01-01

    The article covers:Defining an information system; benefits obtained by introducing new information technologies; IT management;Defining prerequisites, analysis, design, implementation of IS; Information security management system; aspects regarding IS security policy; Conceptual model of a security system; Auditing information security systems and network infrastructure security.

  3. Lecture 2: Software Security

    CERN Multimedia

    CERN. Geneva

    2013-01-01

    Computer security has been an increasing concern for IT professionals for a number of years, yet despite all the efforts, computer systems and networks remain highly vulnerable to attacks of different kinds. Design flaws and security bugs in the underlying software are among the main reasons for this. This lecture addresses the following question: how to create secure software? The lecture starts with a definition of computer security and an explanation of why it is so difficult to achieve. It then introduces the main security principles (like least-privilege, or defense-in-depth) and discusses security in different phases of the software development cycle. The emphasis is put on the implementation part: most common pitfalls and security bugs are listed, followed by advice on best practice for security development, testing and deployment. Sebastian Lopienski is CERN’s deputy Computer Security Officer. He works on security strategy and policies; offers internal consultancy and audit services; develops and ...

  4. Information Security Maturity Model

    OpenAIRE

    Information Security Maturity Model

    2011-01-01

    To ensure security, it is important to build-in security in both the planning and the design phases andadapt a security architecture which makes sure that regular and security related tasks, are deployedcorrectly. Security requirements must be linked to the business goals. We identified four domains thataffect security at an organization namely, organization governance, organizational culture, thearchitecture of the systems, and service management. In order to identify and explore the strengt...

  5. Security Inequalities in North America: Reassessing Regional Security Complex Theory

    Directory of Open Access Journals (Sweden)

    Richard Kilroy

    2017-12-01

    Full Text Available This article re-evaluates earlier work done by the authors on Regional Security Complex Theory (RSCT in North America, using sectoral analysis initially developed by Buzan and Waever, but also adding the variables of institutions, identity, and interests. These variables are assessed qualitatively in the contemporary context on how they currently impress upon the process of securitization within sectoral relations between Canada, Mexico, and the United States. The article reviews the movement from bilateral security relations between these states to the development of a trilateral response to regional security challenges post- 9/11. It further addresses the present period and what appears to be a security process derailed by recent political changes and security inequalities, heightened by the election of Donald Trump in 2016. The article argues that while these three states initially evinced a convergence of regional security interests after 9/11, which did create new institutional responses, under the current conditions, divergence in political interests and security inequalities have reduced the explanatory power of RSCT in North America. Relations between states in North American are becoming less characterized by the role of institutions and interests and more by identity politics in the region.

  6. DIRAC Security

    CERN Document Server

    Casajús Ramo, A

    2006-01-01

    DIRAC is the LHCb Workload and Data Management System. Based on a service-oriented architecture, it enables generic distributed computing with lightweight Agents and Clients for job execution and data transfers. DIRAC implements a client-server architecture exposing server methods through XML Remote Procedure Call (XML-RPC) protocol. DIRAC is mostly coded in python. DIRAC security infrastructure has been designed to be a completely generic XML-RPC transport over a SSL tunnel. This new security layer is able to handle standard X509 certificates as well as grid-proxies to authenticate both sides of the connection. Serve and client authentication relies over OpenSSL and py-Open SSL, but to be able to handle grid proxies some modifications have been added to those libraries. DIRAC security infrastructure handles authorization and authorization as well as provides extended capabilities like secure connection tunneling and file transfer. Using this new security infrastructure all LHCb users can safely make use o...

  7. PCI DSS: Security Standard and Security in Fact

    Directory of Open Access Journals (Sweden)

    M. V. Kuzin

    2011-12-01

    Full Text Available The article focuses on Payment Card Industry Data Security Standard (PCI DSS requirements and practices, especially it’s issues and disadvantages to achieve the main goal — security of payment cards infrastructure.

  8. Why SCADA security is NOT like Computer Centre Security

    CERN Multimedia

    CERN. Geneva

    2014-01-01

    Today, the industralized world lives in symbiosis with control systems (aka SCADA systems): it depends on power distribution, oil production, public transport, automatic production lines. While the convenience is at hand, still too many control systems are designed without any security in mind, lack basic security protections, and are not even robust enough to withstand basic attacks. The Stuxnet worm attacking Siemens PLCs in 2010 was another close call. Attackers currently enjoy hacking control systems, and aim to switch lights off. This presentation shall recap the current situation and discuss the differences (or not) between computer center cyber-security and control system cyber-security.

  9. European [Security] Union

    DEFF Research Database (Denmark)

    Manners, Ian James

    2013-01-01

    The past 20 years, since the 1992 Treaty on European Union, have seen the gradual creation of both an “Area of Freedom, Security and Justice” and a “Common Foreign and Security Policy”. More recent is the development of a “European Neighbourhood Policy” over the past 10 years. All three...... of these policies involved the navigation and negotiation of security, borders and governance in and by the European Union (EU). This article analyses these practices of bordering and governance through a five-fold security framework. The article argues that a richer understanding of EU security discourses can...

  10. Hybrid-secure MPC 

    DEFF Research Database (Denmark)

    Lucas, Christoph; Raub, Dominik; Maurer, Ueli

    2010-01-01

    of the adversary, without being aware of the actual adversarial setting. Thus, hybrid-secure MPC protocols allow for graceful degradation of security. We present a hybrid-secure MPC protocol that provides an optimal trade-off between IT robustness and computational privacy: For any robustness parameter ρ ... obtain one MPC protocol that is simultaneously IT secure with robustness for up to t ≤ ρ actively corrupted parties, IT secure with fairness (no robustness) for up to t ... in the universal composability (UC) framework (based on a network of secure channels, a broadcast channel, and a common reference string). It achieves the bound on the trade-off between robustness and privacy shown by Ishai et al. [CRYPTO'06] and Katz [STOC'07], the bound on fairness shown by Cleve [STOC'86...

  11. Embedded Java security security for mobile devices

    CERN Document Server

    Debbabi, Mourad; Talhi, Chamseddine

    2007-01-01

    Java brings more functionality and versatility to the world of mobile devices, but it also introduces new security threats. This book contains a presentation of embedded Java security and presents the main components of embedded Java. It gives an idea of the platform architecture and is useful for researchers and practitioners.

  12. Security Protocols in a Nutshell

    OpenAIRE

    Toorani, Mohsen

    2016-01-01

    Security protocols are building blocks in secure communications. They deploy some security mechanisms to provide certain security services. Security protocols are considered abstract when analyzed, but they can have extra vulnerabilities when implemented. This manuscript provides a holistic study on security protocols. It reviews foundations of security protocols, taxonomy of attacks on security protocols and their implementations, and different methods and models for security analysis of pro...

  13. Kyrgyzstan's security problems today

    OpenAIRE

    Abduvalieva, Ryskul

    2009-01-01

    Regional stability and security consist of two levels-the external security of each country at the regional level and the internal security of each of them individually. A state's external and internal security are closely interrelated concepts. It stands to reason that ensuring internal security and stability is the primary and most important task. But the external aspect also requires attention. This article takes a look at the most important problems of ensuring Kyrgyzstan's security.

  14. 10 CFR 73.28 - Security background checks for secure transfer of nuclear materials.

    Science.gov (United States)

    2010-01-01

    ... 10 Energy 2 2010-01-01 2010-01-01 false Security background checks for secure transfer of nuclear... PLANTS AND MATERIALS Physical Protection of Special Nuclear Material in Transit § 73.28 Security background checks for secure transfer of nuclear materials. Licensees are excepted from the security...

  15. Finance/security/life.

    OpenAIRE

    Langley, P.

    2017-01-01

    What is the contemporary relation between finance and security? This essay encourages further research into the securitization of finance by developing the notion of ‘finance/security/life’. A focus on the intersections of finance/security/life will be shown to prompt a broadened range of critical, cross-disciplinary concerns with the various ways in which financial markets are positioned as vital to securing wealth, welfare and wellbeing.

  16. Rethinking energy security in Asia. A non-traditional view of human security

    Energy Technology Data Exchange (ETDEWEB)

    Caballero-Anthony, Mely [Nanyang Technological Univ., Singapore (SG). Centre for Non-Traditional Security (NTS) Studies; Chang, Youngho [Nanyang Technological Univ., Singapore (Singapore). Division of Economics; Putra, Nur Azha (eds.) [National Univ. of Singapore (Singapore). Energy Security Division

    2012-07-01

    Traditional notions of security are premised on the primacy of state security. In relation to energy security, traditional policy thinking has focused on ensuring supply without much emphasis on socioeconomic and environmental impacts. Non-traditional security (NTS) scholars argue that threats to human security have become increasingly prominent since the end of the Cold War, and that it is thus critical to adopt a holistic and multidisciplinary approach in addressing rising energy needs. This volume represents the perspectives of scholars from across Asia, looking at diverse aspects of energy security through a non-traditional security lens. The issues covered include environmental and socioeconomic impacts, the role of the market, the role of civil society, energy sustainability and policy trends in the ASEAN region.

  17. Objective and Essential Elements of a State's Nuclear Security Regime. Nuclear Security Fundamentals

    International Nuclear Information System (INIS)

    2013-01-01

    The possibility that nuclear material or other radioactive material could be used for criminal purposes or intentionally used in an unauthorized manner cannot be ruled out in the current global situation. States have responded to this risk by engaging in a collective commitment to strengthen the protection and control of such material and to respond effectively to nuclear security events. States have agreed to strengthen existing instruments and have established new international legal instruments to enhance nuclear security worldwide. Nuclear security is fundamental in the management of nuclear technologies and in applications where nuclear material or other radioactive material is used or transported. Through its nuclear security programme, the IAEA supports States to establish, maintain and sustain an effective nuclear security regime. The IAEA has adopted a comprehensive approach to nuclear security. This recognizes that an effective national nuclear security regime builds on: the implementation of relevant international legal instruments; information protection; physical protection; material accounting and control; detection of and response to trafficking in such material; national response plans; and contingency measures. With its Nuclear Security Series, the IAEA aims to assist States in implementing and sustaining such a regime in a coherent and integrated manner. The IAEA Nuclear Security Series comprises: Nuclear Security Fundamentals, which include the objective and essential elements of a State's nuclear security regime; Recommendations; Implementing Guides; and Technical Guidance. Each State carries the full responsibility for nuclear security. Specifically, each State has the responsibility to provide for the security of nuclear material and other radioactive material and their associated facilities and activities; to ensure the security of such material in use, storage, or in transport; to combat illicit trafficking and the inadvertent movement of

  18. Transportation Security Administration

    Science.gov (United States)

    ... content Official website of the Department of Homeland Security Transportation Security Administration A - Z Index Blog What Can I ... Search form Search the Site Main menu Travel Security Screening Special Procedures TSA Pre✓® Passenger Support Travel ...

  19. Security, Fraud Detection

    Indian Academy of Sciences (India)

    First page Back Continue Last page Overview Graphics. Secure. Secure. Server – Intruder prevention/detection; Network – Encryption, PKI; Client - Secure. Fraud detection based on audit trails. Automatic alerts like credit-card alerts based on suspicious patterns.

  20. Security guide for subcontractors

    Energy Technology Data Exchange (ETDEWEB)

    Adams, R.C.

    1991-01-01

    This security guide of the Department of Energy covers contractor and subcontractor access to DOE and Mound facilities. The topics of the security guide include responsibilities, physical barriers, personnel identification system, personnel and vehicular access controls, classified document control, protecting classified matter in use, storing classified matter repository combinations, violations, security education clearance terminations, security infractions, classified information nondisclosure agreement, personnel security clearances, visitor control, travel to communist-controlled or sensitive countries, shipment security, and surreptitious listening devices.

  1. Managing Cisco network security

    CERN Document Server

    Knipp, Eric

    2002-01-01

    An in-depth knowledge of how to configure Cisco IP network security is a MUST for anyone working in today''s internetworked world"There''s no question that attacks on enterprise networks are increasing in frequency and sophistication..."-Mike Fuhrman, Cisco Systems Manager, Security ConsultingManaging Cisco Network Security, Second Edition offers updated and revised information covering many of Cisco''s security products that provide protection from threats, detection of network security incidents, measurement of vulnerability and policy compliance and management of security policy across an extended organization. These are the tools that network administrators have to mount defenses against threats. Chapters also cover the improved functionality and ease of the Cisco Secure Policy Manger software used by thousands of small-to-midsized businesses and a special section on the Cisco Aironet Wireless Security Solutions.Security from a real-world perspectiveKey coverage of the new technologies offered by the Cisc...

  2. Computer Security: SAHARA - Security As High As Reasonably Achievable

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    History has shown us time and again that our computer systems, computing services and control systems have digital security deficiencies. Too often we deploy stop-gap solutions and improvised hacks, or we just accept that it is too late to change things.    In my opinion, this blatantly contradicts the professionalism we show in our daily work. Other priorities and time pressure force us to ignore security or to consider it too late to do anything… but we can do better. Just look at how “safety” is dealt with at CERN! “ALARA” (As Low As Reasonably Achievable) is the objective set by the CERN HSE group when considering our individual radiological exposure. Following this paradigm, and shifting it from CERN safety to CERN computer security, would give us “SAHARA”: “Security As High As Reasonably Achievable”. In other words, all possible computer security measures must be applied, so long as ...

  3. What kind of cyber security? Theorising cyber security and mapping approaches

    Directory of Open Access Journals (Sweden)

    Laura Fichtner

    2018-05-01

    Full Text Available Building on conceptual work on security and cyber security, the paper explores how different approaches to cyber security are constructed. It outlines structural components and presents four common approaches. Each of them suggests a different role for the actors involved and is motivated and justified by different values such as privacy, economic order and national security. When a cyber security policy or initiative is chosen by policymakers, the analysis of the underlying approach enhances our understanding of how this shapes relationships between actors and of the values prioritised, promoted and inscribed into the concerned technologies.

  4. Medical Information Security

    OpenAIRE

    William C. Figg, Ph.D.; Hwee Joo Kam, M.S.

    2011-01-01

    Modern medicine is facing a complex environment, not from medical technology but rather government regulations and information vulnerability. HIPPA is the government’s attempt to protect patient’s information yet this only addresses traditional record handling. The main threat is from the evolving security issues. Many medical offices and facilities have multiple areas of information security concerns. Physical security is often weak, office personnel are not always aware of security needs an...

  5. Cloud security mechanisms

    OpenAIRE

    2014-01-01

    Cloud computing has brought great benefits in cost and flexibility for provisioning services. The greatest challenge of cloud computing remains however the question of security. The current standard tools in access control mechanisms and cryptography can only partly solve the security challenges of cloud infrastructures. In the recent years of research in security and cryptography, novel mechanisms, protocols and algorithms have emerged that offer new ways to create secure services atop cloud...

  6. IAEA nuclear security program

    Energy Technology Data Exchange (ETDEWEB)

    Ek, D. [International Atomic Energy Agency, Vienna (Austria)

    2006-07-01

    Although nuclear security is a State responsibility, it is nevertheless an international concern, as the consequences of a nuclear security incident would have worldwide impact. These concerns have resulted in the development of numerous international instruments on nuclear security since the terrorist events in the USA on September 11, 2001. The IAEA Office of Nuclear Security has been charged to assist Member States to improvement their nuclear security and to meet the intent of these international obligations in order to ensure a cohesive thread of nuclear security protects the global community. The programs underway and planned by the Office of Nuclear Security will be discussed in this paper. (author)

  7. IAEA nuclear security program

    International Nuclear Information System (INIS)

    Ek, D.

    2006-01-01

    Although nuclear security is a State responsibility, it is nevertheless an international concern, as the consequences of a nuclear security incident would have worldwide impact. These concerns have resulted in the development of numerous international instruments on nuclear security since the terrorist events in the USA on September 11, 2001. The IAEA Office of Nuclear Security has been charged to assist Member States to improvement their nuclear security and to meet the intent of these international obligations in order to ensure a cohesive thread of nuclear security protects the global community. The programs underway and planned by the Office of Nuclear Security will be discussed in this paper. (author)

  8. 49 CFR 1542.205 - Security of the security identification display area (SIDA).

    Science.gov (United States)

    2010-10-01

    ... area (SIDA). 1542.205 Section 1542.205 Transportation Other Regulations Relating to Transportation... AIRPORT SECURITY Operations § 1542.205 Security of the security identification display area (SIDA). (a... one SIDA, as follows: (1) Each secured area must be a SIDA. (2) Each part of the air operations area...

  9. Security of Dependable Systems

    DEFF Research Database (Denmark)

    Ahmed, Naveed; Jensen, Christian D.

    2011-01-01

    Security and dependability are crucial for designing trustworthy systems. The approach “security as an add-on” is not satisfactory, yet the integration of security in the development process is still an open problem. Especially, a common framework for specifying dependability and security is very...... much needed. There are many pressing challenges however; here, we address some of them. Firstly, security for dependable systems is a broad concept and traditional view of security, e.g., in terms of confidentiality, integrity and availability, does not suffice. Secondly, a clear definition of security...... in the dependability context is not agreed upon. Thirdly, security attacks cannot be modeled as a stochastic process, because the adversary’s strategy is often carefully planned. In this chapter, we explore these challenges and provide some directions toward their solutions....

  10. Lecture 1: General Security

    CERN Multimedia

    CERN. Geneva

    2013-01-01

    The CERN Computer Security Team is mandated to coordinate all aspects of CERN’s computer security --- office computing security, computer centre security, GRID computing security and control system security --- whilst taking into account CERN’s operational needs. This presentation will cover a series of security incidents which happened at CERN over the last five years, and discuss the lessons-learned in order to avoid similar things from happening again (there is enough blunder out there so there is need to make the same mistake twice). In the second part, I will outline how computer security --- prevention, protection, detection and response --- is generated at CERN, what the main objectives of the CERN computer security team are, and which policies, procedures and tools have been put in place. Stefan Lüders, PhD, graduated from the Swiss Federal Institute of Technology in Zurich and joined CERN in 2002. Being initially developer of a common safety system used in all four experiments at the Large Hadr...

  11. CLOUD SECURITY AND COMPLIANCE - A SEMANTIC APPROACH IN END TO END SECURITY

    OpenAIRE

    Kalaiprasath, R.; Elankavi, R.; Udayakumar, R.

    2017-01-01

    The Cloud services are becoming an essential part of many organizations. Cloud providers have to adhere to security and privacy policies to ensure their users' data remains confidential and secure. Though there are some ongoing efforts on developing cloud security standards, most cloud providers are implementing a mish-mash of security and privacy controls. This has led to confusion among cloud consumers as to what security measures they should expect from the cloud services, and whether thes...

  12. Security of pipeline facilities

    Energy Technology Data Exchange (ETDEWEB)

    Lee, S.C. [Alberta Energy and Utilities Board, Calgary, AB (Canada); Van Egmond, C.; Duquette, L. [National Energy Board, Calgary, AB (Canada); Revie, W. [Canada Centre for Mineral and Energy Technology, Ottawa, ON (Canada)

    2005-07-01

    This working group provided an update on provincial, federal and industry directions regarding the security of pipeline facilities. The decision to include security issues in the NEB Act was discussed as well as the Pipeline Security Management Assessment Project, which was created to establish a better understanding of existing security management programs as well as to assist the NEB in the development and implementation of security management regulations and initiatives. Amendments to the NEB were also discussed. Areas of pipeline security management assessment include physical safety management; cyber and information security management; and personnel security. Security management regulations were discussed, as well as implementation policies. Details of the Enbridge Liquids Pipelines Security Plan were examined. It was noted that the plan incorporates flexibility for operations and is integrated with Emergency Response and Crisis Management. Asset characterization and vulnerability assessments were discussed, as well as security and terrorist threats. It was noted that corporate security threat assessment and auditing are based on threat information from the United States intelligence community. It was concluded that the oil and gas industry is a leader in security in North America. The Trans Alaska Pipeline Incident was discussed as a reminder of how costly accidents can be. Issues of concern for the future included geographic and climate issues. It was concluded that limited resources are an ongoing concern, and that the regulatory environment is becoming increasingly prescriptive. Other concerns included the threat of not taking international terrorism seriously, and open media reporting of vulnerability of critical assets, including maps. tabs., figs.

  13. Game based cyber security training: are serious games suitable for cyber security training?

    OpenAIRE

    Hendrix, Maurice; Al-Sherbaz, Ali; Victoria, Bloom

    2016-01-01

    Security research and training is attracting a lot of investment and interest from governments and the private sector. Most efforts have focused on physical security, while cyber security or digital security has been given less importance. With recent high-profile attacks it has become clear that training in cyber security is needed. Serious Games have the capability to be effective tools for public engagement and behavioural change and role play games, are already used by security profession...

  14. Smart security proven practices

    CERN Document Server

    Quilter, J David

    2014-01-01

    Smart Security: Understanding and Contributing to the Business is a video presentation. Length: 68 minutes. In Smart Security: Understanding and Contributing to the Business, presenter J. David Quilter demonstrates the benefits of how a fully integrated security program increases business profits and delivers smart security practices at the same time. The presentation does away with the misconception that security is only an expense. In fact, a well-integrated security program can protect business interests, thereby enhancing productivity and net income. Quilter covers cost analysis and secu

  15. Developing a secured social networking site using information security awareness techniques

    Directory of Open Access Journals (Sweden)

    Julius O. Okesola

    2014-11-01

    Full Text Available Background: Ever since social network sites (SNS became a global phenomenon in almost every industry, security has become a major concern to many SNS stakeholders. Several security techniques have been invented towards addressing SNS security, but information security awareness (ISA remains a critical point. Whilst very few users have used social circles and applications because of a lack of users’ awareness, the majority have found it difficult to determine the basis of categorising friends in a meaningful way for privacy and security policies settings. This has confirmed that technical control is just part of the security solutions and not necessarily a total solution. Changing human behaviour on SNSs is essential; hence the need for a privately enhanced ISA SNS. Objective: This article presented sOcialistOnline – a newly developed SNS, duly secured and platform independent with various ISA techniques fully implemented. Method: Following a detailed literature review of the related works, the SNS was developed on the basis of Object Oriented Programming (OOP approach, using PhP as the coding language with the MySQL database engine at the back end. Result: This study addressed the SNS requirements of privacy, security and services, and attributed them as the basis of architectural design for sOcialistOnline. SNS users are more aware of potential risk and the possible consequences of unsecured behaviours. Conclusion: ISA is focussed on the users who are often the greatest security risk on SNSs, regardless of technical securities implemented. Therefore SNSs are required to incorporate effective ISA into their platform and ensure users are motivated to embrace it.

  16. Hybrid Security Policies

    Directory of Open Access Journals (Sweden)

    Radu CONSTANTINESCU

    2006-01-01

    Full Text Available Policy is defined as the rules and regulations set by the organization. They are laid down by management in compliance with industry regulations, law and internal decisions. Policies are mandatory. Security policies rules how the information is protected against security vulnerabilities and they are the basis for security awareness, training and vital for security audits. Policies are focused on desired results. The means of achieving the goals are defined on controls, standards and procedures.

  17. The Security Gap in Syria: Individual and Collective Security in ‘Rebel-held’ Territories

    OpenAIRE

    Ali, Ali Abdul Kadir

    2015-01-01

    This paper examines security in Syria through the conceptual lens of the security gap, understood as the gap between security practices and objectives which have implications for individual and collective security. Practices of security can be the state apparatus, the military, and militias. The objective – safety – can refer to the safety or security of a range of collectives including the state, political parties, and ethnic groups, while individual security re...

  18. Water System Security and Resilience in Homeland Security Research

    Science.gov (United States)

    EPA's water security research provides tools needed to improve infrastructure security and to recover from an attack or contamination incident involving chemical, biological, or radiological (CBR) agents or weapons.

  19. National Cyber Security Policy

    Indian Academy of Sciences (India)

    National Cyber Security Policy. Salient Features: Caters to ... Creating a secure cyber ecosystem. Creating an assurance framework. Encouraging Open Standards. Strengthening the Regulatory framework. Creating mechanisms for security threat early warning, vulnerability management and response to security threats.

  20. Critical Security Studies in the 21st Century: Any Directions for Lithuanian Security Studies?

    Directory of Open Access Journals (Sweden)

    Jakniūnaitė Dovilė

    2014-12-01

    Full Text Available This article focuses on recent developments and discussions in the field of security studies and aims to suggest new guidelines for the research of Lithuanian security policy. First it covers the main subjects of contemporary security discourse; next it provides evaluation and review of the critical tradition in security studies that frames presuppositions and is the means for analyzing specific security issues as well as that which fosters reflexive thinking about security. The third part deals with three topics of security research (analysis of security through the concepts of risk, exceptionality and media which have become talking-points in recent years and which have provided innovative insights in security studies.

  1. Securing the Vista Environment

    CERN Document Server

    Gregory, Peter

    2007-01-01

    "Securing the Vista Environment" takes you on a quick tour of the most significant security features in Vista, Microsoft's first revision of Windows in almost six years. You'll get background on threats and vulnerabilities that will make you think differently about security. Security is more than just the technology and configurations--it's about how we use the system that makes it secure or not. Then we'll cover Vista's security features, from user privileges to Windows Defender, User Account Control, and BitLocker, as well as strategies for protecting your information from unwanted disclo

  2. SOCIAL MEDIA SECURITY

    Science.gov (United States)

    RESPONSIBILITY CENTCOM COALITION MEDIA SOCIAL MEDIA NEWS ARTICLES PRESS RELEASES IMAGERY VIDEOS TRANSCRIPTS VISITORS AND PERSONNEL FAMILY CENTER FAMILY READINESS CENTCOM WEBMAIL SOCIAL MEDIA SECURITY ACCOUNTABILITY HomeVISITORS AND PERSONNELSOCIAL MEDIA SECURITY FAQ on Security for Social Media Due to the widespread use of

  3. VMware vCloud security

    CERN Document Server

    Sarkar, Prasenjit

    2013-01-01

    VMware vCloud Security provides the reader with in depth knowledge and practical exercises sufficient to implement a secured private cloud using VMware vCloud Director and vCloud Networking and Security.This book is primarily for technical professionals with system administration and security administration skills with significant VMware vCloud experience who want to learn about advanced concepts of vCloud security and compliance.

  4. Big data, little security: Addressing security issues in your platform

    Science.gov (United States)

    Macklin, Thomas; Mathews, Joseph

    2017-05-01

    This paper describes some patterns for information security problems that consistently emerge among traditional enterprise networks and applications, both with respect to cyber threats and data sensitivity. We draw upon cases from qualitative studies and interviews of system developers, network operators, and certifiers of military applications. Specifically, the problems discussed involve sensitivity of data aggregates, training efficacy, and security decision support in the human machine interface. While proven techniques can address many enterprise security challenges, we provide additional recommendations on how to further improve overall security posture, and suggest additional research thrusts to address areas where known gaps remain.

  5. Usable Security and E-Banking: ease of use vis-a-vis security

    Directory of Open Access Journals (Sweden)

    Morten Hertzum

    2004-05-01

    Full Text Available Electronic banking must be secure and easy to use. An evaluation of six Danish web-based electronic banking systems indicates that the systems have serious weaknesses with respect to ease of use. Our analysis of the weaknesses suggests that security requirements are among their causes and that the weaknesses may in turn cause decreased security. We view the conflict between ease of use and security in the context of usable security, a concept that is intended to match security principles and demands against user knowledge and motivation. Automation, instruction, and understanding can be identified as different approaches to usable security. Instruction is the main approach of the systems evaluated; automation relieves the user from involvement in security, as far as possible; and understanding goes beyond step-by-step instructions, to enable users to act competently and safely in situations that transcend preconceived instructions. We discuss the pros and cons of automation and understanding as alternative approaches to the design of web-based e-banking systems.

  6. Computer security at ukrainian nuclear facilities: interface between nuclear safety and security

    International Nuclear Information System (INIS)

    Chumak, D.; Klevtsov, O.

    2015-01-01

    Active introduction of information technology, computer instrumentation and control systems (I and C systems) in the nuclear field leads to a greater efficiency and management of technological processes at nuclear facilities. However, this trend brings a number of challenges related to cyber-attacks on the above elements, which violates computer security as well as nuclear safety and security of a nuclear facility. This paper considers regulatory support to computer security at the nuclear facilities in Ukraine. The issue of computer and information security considered in the context of physical protection, because it is an integral component. The paper focuses on the computer security of I and C systems important to nuclear safety. These systems are potentially vulnerable to cyber threats and, in case of cyber-attacks, the potential negative impact on the normal operational processes can lead to a breach of the nuclear facility security. While ensuring nuclear security of I and C systems, it interacts with nuclear safety, therefore, the paper considers an example of an integrated approach to the requirements of nuclear safety and security

  7. Mobile platform security

    CERN Document Server

    Asokan, N; Dmitrienko, Alexandra

    2013-01-01

    Recently, mobile security has garnered considerable interest in both the research community and industry due to the popularity of smartphones. The current smartphone platforms are open systems that allow application development, also for malicious parties. To protect the mobile device, its user, and other mobile ecosystem stakeholders such as network operators, application execution is controlled by a platform security architecture. This book explores how such mobile platform security architectures work. We present a generic model for mobile platform security architectures: the model illustrat

  8. Collective Security

    DEFF Research Database (Denmark)

    Galster, Kjeld

    in worldwide market conditions left perceptible ripples in Danish economy, budget discussions grew in importance over this period. The pacifist stance entailed disinclination to accept that the collective security concept and international treaties and accords signed by Denmark should necessitate credible...... and other international treaties provided arguments for adjusting the foreign and security policy ambitions, and since the general flux in worldwide market conditions left perceptible ripples in Danish economy, budget discussions grew in importance over this period. The pacifist stance entailed......Collective Security: National Egotism (Abstract) In Danish pre-World War I defence debate the notion of collective security is missing. During the early years of the 19th century, the political work is influenced by a pervasive feeling of rising tension and danger on the continent of Europe...

  9. Web security a whitehat perspective

    CERN Document Server

    Wu, Hanqing

    2015-01-01

    MY VIEW OF THE SECURITY WORLDView of the IT Security WorldBrief History of Web SecurityBrief History of Chinese HackersDevelopment Process of Hacking TechniquesRise of Web SecurityBlack Hat, White HatBack to Nature: The Essence of Secret SecuritySuperstition: There Is No Silver BulletSecurity Is an Ongoing ProcessSecurity ElementsHow to Implement Safety AssessmentAsset ClassificationThreat AnalysisRisk AnalysisDesign of Security ProgramsArt of War of White HatPrinciples of Secure by DefaultBlacklist, WhitelistPrinciple of Least PrivilegePrinciple of Defense in DepthPrinciples of Data and Code

  10. Microsoft Azure security

    CERN Document Server

    Freato, Roberto

    2015-01-01

    This book is intended for Azure administrators who want to understand the application of security principles in distributed environments and how to use Azure to its full capability to reduce the risks of security breaches. Only basic knowledge of the security processes and services of Microsoft Azure is required.

  11. Mobile communication security

    NARCIS (Netherlands)

    Broek, F.M.J. van den

    2016-01-01

    Security of the mobile network Fabian van den Broek We looked at the security of the wireless connection between mobile phone and cell towers and suggested possible improvements. The security was analysed on a design level, by looking at the protocols and encryption techniques, but also on an

  12. 12 CFR 987.4 - Creation of Participant's Security Entitlement; security interests.

    Science.gov (United States)

    2010-01-01

    ... 12 Banks and Banking 7 2010-01-01 2010-01-01 false Creation of Participant's Security Entitlement... BOOK-ENTRY PROCEDURE FOR CONSOLIDATED OBLIGATIONS § 987.4 Creation of Participant's Security... of the United States to secure deposits of public money, including, without limitation, deposits to...

  13. VoIP Security

    OpenAIRE

    Fontanini, Piero

    2008-01-01

    VOIP or Voice Over Internet Protocol is a common term for phone service over IP based networks. There are much information about VoIP and some of how VoIP can be secured. There is however no standard for VoIP and no general solution for VoIP Security. The security in VoIP systems today are often non existing or in best case weak and often based on proprietary solutions. This master thesis investigates threats to VoIP system and describes existing alternatives for securing Vo...

  14. Operating System Security

    CERN Document Server

    Jaeger, Trent

    2008-01-01

    Operating systems provide the fundamental mechanisms for securing computer processing. Since the 1960s, operating systems designers have explored how to build "secure" operating systems - operating systems whose mechanisms protect the system against a motivated adversary. Recently, the importance of ensuring such security has become a mainstream issue for all operating systems. In this book, we examine past research that outlines the requirements for a secure operating system and research that implements example systems that aim for such requirements. For system designs that aimed to

  15. Digital security technology simplified.

    Science.gov (United States)

    Scaglione, Bernard J

    2007-01-01

    Digital security technology is making great strides in replacing analog and other traditional security systems including CCTV card access, personal identification and alarm monitoring applications. Like any new technology, the author says, it is important to understand its benefits and limitations before purchasing and installing, to ensure its proper operation and effectiveness. This article is a primer for security directors on how digital technology works. It provides an understanding of the key components which make up the foundation for digital security systems, focusing on three key aspects of the digital security world: the security network, IP cameras and IP recorders.

  16. International Nuclear Security

    Energy Technology Data Exchange (ETDEWEB)

    Doyle, James E. [Los Alamos National Laboratory

    2012-08-14

    This presentation discusses: (1) Definitions of international nuclear security; (2) What degree of security do we have now; (3) Limitations of a nuclear security strategy focused on national lock-downs of fissile materials and weapons; (4) What do current trends say about the future; and (5) How can nuclear security be strengthened? Nuclear security can be strengthened by: (1) More accurate baseline inventories; (2) Better physical protection, control and accounting; (3) Effective personnel reliability programs; (4) Minimize weapons-usable materials and consolidate to fewer locations; (5) Consider local threat environment when siting facilities; (6) Implement pledges made in the NSS process; and (7) More robust interdiction, emergency response and special operations capabilities. International cooperation is desirable, but not always possible.

  17. 21st Century Security Manager

    Directory of Open Access Journals (Sweden)

    Stelian ARION

    2010-11-01

    Full Text Available We live in world of uncertainty that generates major paradigms changing that affect security risk management. Modern organization’s security risks management can’t be done without a profound knowlegde and daily practice for security governance, security risk management and resilience. 21st Century security manager need to deal with several areas of konwledge in order to succesfully manage security risks. The document presents the advantages, disadvantages and challenges for security managers thah have government backgroud, or IT security backgroud, or are promoted from organization’s inside leaders. There are six different areas of knowledge that successful security programs of the future must incorporate, either in the knowledge base of their leaders or in the collective knowledge of the leading staff. They are government elements, security organization, emerging issue awareness, IT security, business elements and executive leadership.

  18. Arguing Against Security Communitarianism

    DEFF Research Database (Denmark)

    Bilgin, Pinar

    2016-01-01

    Anthony Burke’s ‘security cosmopolitanism’ is a fresh and thought-provoking contribution to critical theorizing about security. In this discussion piece, I would like to join Burke’s call for ‘security cosmopolitanism’ by way of arguing against ‘security communitarianism’. I understand the latter...

  19. Security and Prosperity: Reexamining the Connection Between Economic, Homeland and National Security

    Science.gov (United States)

    2015-09-01

    security enterprise NAFTA North American Free Trade Agreement NATO North Atlantic Treaty Organization NS national security NSS National Security...all hazards, outcome driven, national security) of the person being asked. Some advocate a more holistic description that encompasses law enforcement...department rather than maintaining the artificial separation. 3. Create a Department of Prosperity The Preamble to the Constitution defines our federal

  20. Security in Computer Applications

    CERN Multimedia

    CERN. Geneva

    2004-01-01

    Computer security has been an increasing concern for IT professionals for a number of years, yet despite all the efforts, computer systems and networks remain highly vulnerable to attacks of different kinds. Design flaws and security bugs in the underlying software are among the main reasons for this. This lecture addresses the following question: how to create secure software? The lecture starts with a definition of computer security and an explanation of why it is so difficult to achieve. It then introduces the main security principles (like least-privilege, or defense-in-depth) and discusses security in different phases of the software development cycle. The emphasis is put on the implementation part: most common pitfalls and security bugs are listed, followed by advice on best practice for security development. The last part of the lecture covers some miscellaneous issues like the use of cryptography, rules for networking applications, and social engineering threats. This lecture was first given on Thursd...

  1. SecurityCom: A Multi-Player Game for Researching and Teaching Information Security Teams

    Directory of Open Access Journals (Sweden)

    Douglas P. Twitchell

    2007-12-01

    Full Text Available A major portion of government and business organizations’ attempts to counteract information security threats is teams of security personnel.  These teams often consist of personnel of diverse backgrounds in specific specialties such as network administration, application development, and business administration, resulting in possible conflicts between security, functionality, and availability.  This paper discusses the use of games to teach and research information security teams and outlines research to design and build a simple, team-oriented, configurable, information security game. It will be used to study how information security teams work together to defend against attacks using a multi-player game, and to study the use of games in training security teams.  Studying how information security teams work, especially considering the topic of shared-situational awareness, could lead to better ways of forming, managing, and training teams.  Studying the effectiveness of the game as a training tool could lead to better training for security teams. 

  2. 24 CFR 350.5 - Creation of Participant's Security Entitlement; Security Interests.

    Science.gov (United States)

    2010-04-01

    ... 24 Housing and Urban Development 2 2010-04-01 2010-04-01 false Creation of Participant's Security... AND URBAN DEVELOPMENT BOOK-ENTRY PROCEDURES § 350.5 Creation of Participant's Security Entitlement... States to secure deposits of public money, including without limitation deposits to the Treasury tax and...

  3. Getting Grip on Security Requirements Elicitation by Structuring and Reusing Security Requirements Sources

    Directory of Open Access Journals (Sweden)

    Christian Schmitt

    2015-07-01

    Full Text Available This paper presents a model for structuring and reusing security requirements sources. The model serves as blueprint for the development of an organization-specific repository, which provides relevant security requirements sources, such as security information and knowledge sources and relevant compliance obligations, in a structured and reusable form. The resulting repository is intended to be used by development teams during the elicitation and analysis of security requirements with the goal to understand the security problem space, incorporate all relevant requirements sources, and to avoid unnecessary effort for identifying, understanding, and correlating applicable security requirements sources on a project-wise basis. We start with an overview and categorization of important security requirements sources, followed by the description of the generic model. To demonstrate the applicability and benefits of the model, the instantiation approach and details of the resulting repository of security requirements sources are presented.

  4. Multimedia Security System for Security and Medical Applications

    Science.gov (United States)

    Zhou, Yicong

    2010-01-01

    This dissertation introduces a new multimedia security system for the performance of object recognition and multimedia encryption in security and medical applications. The system embeds an enhancement and multimedia encryption process into the traditional recognition system in order to improve the efficiency and accuracy of object detection and…

  5. Junos Security

    CERN Document Server

    Cameron, Rob; Giecco, Patricio; Eberhard, Timothy; Quinn, James

    2010-01-01

    Junos® Security is the complete and authorized introduction to the new Juniper Networks SRX hardware series. This book not only provides a practical, hands-on field guide to deploying, configuring, and operating SRX, it also serves as a reference to help you prepare for any of the Junos Security Certification examinations offered by Juniper Networks. Network administrators and security professionals will learn how to use SRX Junos services gateways to address an array of enterprise data network requirements -- including IP routing, intrusion detection, attack mitigation, unified threat manag

  6. Model-Based Security Testing

    Directory of Open Access Journals (Sweden)

    Ina Schieferdecker

    2012-02-01

    Full Text Available Security testing aims at validating software system requirements related to security properties like confidentiality, integrity, authentication, authorization, availability, and non-repudiation. Although security testing techniques are available for many years, there has been little approaches that allow for specification of test cases at a higher level of abstraction, for enabling guidance on test identification and specification as well as for automated test generation. Model-based security testing (MBST is a relatively new field and especially dedicated to the systematic and efficient specification and documentation of security test objectives, security test cases and test suites, as well as to their automated or semi-automated generation. In particular, the combination of security modelling and test generation approaches is still a challenge in research and of high interest for industrial applications. MBST includes e.g. security functional testing, model-based fuzzing, risk- and threat-oriented testing, and the usage of security test patterns. This paper provides a survey on MBST techniques and the related models as well as samples of new methods and tools that are under development in the European ITEA2-project DIAMONDS.

  7. Security Clearances and the Protection of National Security Information: Law and Procedures

    National Research Council Canada - National Science Library

    Cohen, Sheldon

    2000-01-01

    ... designed to protect National Security information. The report provides an authoritative compendium for lawyers, security officers and for managers of corporations who must deal with the legal and procedural aspects of security clearances...

  8. Exploring the Future of Security in the Caribbean: a Regional Security Partnership?

    Science.gov (United States)

    2007-12-14

    by these organizations and their members. 25 CHAPTER 2 LITERATURE REVIEW Psychologist Abraham Maslow posited that safety [read security] is one...addressing the security needs of the Caribbean Basin and the United States? Of necessity , there are several secondary questions which must be...development of models/ theories of security. These theories of security abound, and have evolved as the international arena has changed. Realists, idealists and

  9. 21st Century Security Manager

    OpenAIRE

    Stelian ARION

    2010-01-01

    We live in world of uncertainty that generates major paradigms changing that affect security risk management. Modern organization’s security risks management can’t be done without a profound knowlegde and daily practice for security governance, security risk management and resilience. 21st Century security manager need to deal with several areas of konwledge in order to succesfully manage security risks. The document presents the advantages, disadvantages and challenges for security managers ...

  10. Latvian Security and Defense Policy within the Twenty-First Century Security Environment

    Directory of Open Access Journals (Sweden)

    Rublovskis Raimonds

    2014-12-01

    Full Text Available The aim of this paper is to analyze fundamental factors which form and profoundly shape security and defense policy of the Republic of Latvia. One can argue that historical background, geographical location, common institutional history within the former Soviet Union, the Russia factor, the relative smallness of the territory of state and the population, the ethnic composition of the population, the low density of the population and rather limited financial and manpower resources available for the defense of the Republic of Latvia are the key factors of influence on the state security and defense policy. The core principles of the security and defense policy of Latvia are the membership in powerful global military alliance of NATO and bilateral strategic partnership with the United States. However, security and defense cooperation among the three Baltic States as well as enhanced cooperation within the Baltic-Nordic framework is seen as an important supplementary factor for the increased security of the Republic of Latvia. Latvia has developed a sustainable legal and institutional framework in order to contribute to state security and defense; however, security challenges and significant changes within the global security environment of the twenty-first century will further challenge the ability of the Republic of Latvia to sustain its current legal framework, and more importantly, current institutional structure of Latvian security and defense architecture. Significant internal and external challenges will impact the fundamental pillars of Latvian security and defense policy, such as American strategic shift to the Pacific, and lack of political will to increase defense budgets in European part of NATO. It has to be clear that very independence, security and defense of the Republic of Latvia depend on the ability of NATO to remain an effective organization with timely and efficient decision-making, and the ability of the United States to remain

  11. Overview of security culture

    International Nuclear Information System (INIS)

    Matulanya, M. A.

    2014-04-01

    Nuclear Security culture concept has been aggressively promoted over the past several years as a tool to improve the physical protection of the nuclear and radioactive materials due to growing threats of catastrophic terrorism and other new security challenges. It is obvious that, the scope of nuclear security and the associated cultures need to be extended beyond the traditional task of protecting weapons-usable materials. The role of IAEA is to strengthen the nuclear security framework globally and in leading the coordination of international activities in this field. Therefore all governments should work closely with the IAEA to take stronger measures to ensure the physical protection, the safety and security of the nuclear and radioactive materials. In the effort to reflect this new realities and concerns, the IAEA in 2008 came up with the document, the Nuclear Security Culture, Nuclear Security Series No. 7, Implementing Guide to the member states which urged every member state to take appropriate measures to promote security culture with respect to nuclear and radioactive materials. The document depicted this cultural approach as the way to protect individual, society and the environment. Among other things, the document defined nuclear security culture as characteristics and attitudes in organizations and of individuals which establishes that, nuclear security issues receives attention warranted by their significance. (au)

  12. EMI Security Architecture

    CERN Document Server

    White, J.; Schuller, B.; Qiang, W.; Groep, D.; Koeroo, O.; Salle, M.; Sustr, Z.; Kouril, D.; Millar, P.; Benedyczak, K.; Ceccanti, A.; Leinen, S.; Tschopp, V.; Fuhrmann, P.; Heyman, E.; Konstantinov, A.

    2013-01-01

    This document describes the various architectures of the three middlewares that comprise the EMI software stack. It also outlines the common efforts in the security area that allow interoperability between these middlewares. The assessment of the EMI Security presented in this document was performed internally by members of the Security Area of the EMI project.

  13. Information security architecture an integrated approach to security in the organization

    CERN Document Server

    Killmeyer, Jan

    2006-01-01

    Information Security Architecture, Second Edition incorporates the knowledge developed during the past decade that has pushed the information security life cycle from infancy to a more mature, understandable, and manageable state. It simplifies security by providing clear and organized methods and by guiding you to the most effective resources available.

  14. An Analysis Of Wireless Security

    OpenAIRE

    Salendra Prasad

    2017-01-01

    The WLAN security includes Wired Equivalent Primary WEP and WI-FI protected Access WPA. Today WEP is regarded as very poor security standard. WEP was regarded as very old security standard and has many security issues which users need to be addressed. In this Paper we will discuss Wireless Security and ways to improve on wireless security.

  15. Computer Security: Computer security threats, vulnerabilities and attacks (3/4)

    CERN Document Server

    CERN. Geneva

    2012-01-01

    Antonio Perez Perez works in the Computer Security Team doing software development, sysadmin tasks and operations. He is also involved on grid security and does 1st line security support at CERN on ROTA. With the prevalence of modern information technologies and its increasing integration into our daily live, digital systems become more and more playground for evil people. While in the past, attacks were driven by fame& kudos, nowadays money is the motivating factor. Just the recent months have shown several successful attacks against e.g. Sony, PBS, UNESCO, RSAsecurity, Citibank, and others. Credit card information of hundreds of thousands of people got exposed. Affected companies not only lost their assets and data, also their reputation has suffered. Thus, proper computer security measures are essential. Without question, security must even more become an inherent ingredient when developing, deploying, and operating applications, web sites, and computing services. These lectures shall give an ove...

  16. Macro Security Methodology for Conducting Facility Security and Sustainability Assessments

    International Nuclear Information System (INIS)

    Herdes, Greg A.; Freier, Keith D.; Wright, Kyle A.

    2007-01-01

    Pacific Northwest National Laboratory (PNNL) has developed a macro security strategy that not only addresses traditional physical protection systems, but also focuses on sustainability as part of the security assessment and management process. This approach is designed to meet the needs of virtually any industry or environment requiring critical asset protection. PNNL has successfully demonstrated the utility of this macro security strategy through its support to the NNSA Office of Global Threat Reduction implementing security upgrades at international facilities possessing high activity radioactive sources that could be used in the assembly of a radiological dispersal device, commonly referred to as a 'dirty bomb'. Traditional vulnerability assessments provide a snap shot in time of the effectiveness of a physical protection system without significant consideration to the sustainability of the component elements that make up the system. This paper describes the approach and tools used to integrate technology, plans and procedures, training, and sustainability into a simple, quick, and easy-to-use security assessment and management tool.

  17. SECURITY ANALYSIS OF ONE SOLUTION FOR SECURE PRIVATE DATA STORAGE IN A CLOUD

    OpenAIRE

    Ludmila Klimentievna Babenko; Alina Viktorovna Trepacheva

    2016-01-01

    The paper analyzes the security of one recently proposed secure cloud data base architecture. We present an attack on it binding the security of whole solution with the security of particular encryption schemes, used in it. We show this architecture is vulnerable and consequently the solution is unviable.

  18. Statistical security for Social Security.

    Science.gov (United States)

    Soneji, Samir; King, Gary

    2012-08-01

    The financial viability of Social Security, the single largest U.S. government program, depends on accurate forecasts of the solvency of its intergenerational trust fund. We begin by detailing information necessary for replicating the Social Security Administration's (SSA's) forecasting procedures, which until now has been unavailable in the public domain. We then offer a way to improve the quality of these procedures via age- and sex-specific mortality forecasts. The most recent SSA mortality forecasts were based on the best available technology at the time, which was a combination of linear extrapolation and qualitative judgments. Unfortunately, linear extrapolation excludes known risk factors and is inconsistent with long-standing demographic patterns, such as the smoothness of age profiles. Modern statistical methods typically outperform even the best qualitative judgments in these contexts. We show how to use such methods, enabling researchers to forecast using far more information, such as the known risk factors of smoking and obesity and known demographic patterns. Including this extra information makes a substantial difference. For example, by improving only mortality forecasting methods, we predict three fewer years of net surplus, $730 billion less in Social Security Trust Funds, and program costs that are 0.66% greater for projected taxable payroll by 2031 compared with SSA projections. More important than specific numerical estimates are the advantages of transparency, replicability, reduction of uncertainty, and what may be the resulting lower vulnerability to the politicization of program forecasts. In addition, by offering with this article software and detailed replication information, we hope to marshal the efforts of the research community to include ever more informative inputs and to continue to reduce uncertainties in Social Security forecasts.

  19. Security Investigation Database (SID)

    Data.gov (United States)

    US Agency for International Development — Security Investigation & Personnel Security Clearance - COTS personnel security application in a USAID virtualized environement that can support USAID's business...

  20. Securing the Global Airspace System Via Identity-Based Security

    Science.gov (United States)

    Ivancic, William D.

    2015-01-01

    Current telecommunications systems have very good security architectures that include authentication and authorization as well as accounting. These three features enable an edge system to obtain access into a radio communication network, request specific Quality-of-Service (QoS) requirements and ensure proper billing for service. Furthermore, the links are secure. Widely used telecommunication technologies are Long Term Evolution (LTE) and Worldwide Interoperability for Microwave Access (WiMAX) This paper provides a system-level view of network-centric operations for the global airspace system and the problems and issues with deploying new technologies into the system. The paper then focuses on applying the basic security architectures of commercial telecommunication systems and deployment of federated Authentication, Authorization and Accounting systems to provide a scalable, evolvable reliable and maintainable solution to enable a globally deployable identity-based secure airspace system.

  1. Learning Puppet security

    CERN Document Server

    Slagle, Jason

    2015-01-01

    If you are a security professional whose workload is increasing, or a Puppet professional looking to increase your knowledge of security, or even an experienced systems administrator, then this book is for you. This book will take you to the next level of security automation using Puppet. The book requires no prior knowledge of Puppet to get started.

  2. Nuclear security. Improving correction of security deficiencies at DOE's weapons facilities

    International Nuclear Information System (INIS)

    Wells, James E.; Cannon, Doris E.; Fenzel, William F.; Lightner, Kenneth E. Jr.; Curtis, Lois J.; DuBois, Julia A.; Brown, Gail W.; Trujillo, Charles S.; Tumler, Pamela K.

    1992-11-01

    The US nuclear weapons research, development, and production are conducted at 10 DOE nuclear weapons facilities by contractors under the guidance and oversight of 9 DOE field offices. Because these facilities house special nuclear materials used in making nuclear weapons and nuclear weapons components, DOE administers a security program to protect (1) against theft, sabotage, espionage, terrorism, or other risks to national security and (2) the safety and health of DOE employees and the public. DOE spends almost $1 billion a year on this security program. DOE administers the security program through periodic inspections that evaluate and monitor the effectiveness of facilities' safeguards and security. Security inspections identify deficiencies, instances of noncompliance with safeguards and security requirements or poor performance of the systems being evaluated, that must be corrected to maintain adequate security. The contractors and DOE share responsibility for correcting deficiencies. Contractors, in correcting deficiencies, must comply with several DOE orders. The contractors' performances were not adequate in conducting four of the eight procedures considered necessary in meeting DOE's deficiency correction requirements. For 19 of the 20 deficiency cases we reviewed, contractors could not demonstrate that they had conducted three critical deficiency analyses (root cause, risk assessment, and cost-benefit) required by DOE. Additionally, the contractors did not always adequately verify that corrective actions taken were appropriate, effective, and complete. The contractors performed the remaining four procedures (reviewing deficiencies for duplication, entering deficiencies into a data base, tracking the status of deficiencies, and preparing and implementing a corrective action plan) adequately in all 20 cases. DOE's oversight of the corrective action process could be improved in three areas. The computerized systems used to track the status of security

  3. SECURITY ANALYSIS OF ONE SOLUTION FOR SECURE PRIVATE DATA STORAGE IN A CLOUD

    Directory of Open Access Journals (Sweden)

    Ludmila Klimentievna Babenko

    2016-03-01

    Full Text Available The paper analyzes the security of one recently proposed secure cloud data base architecture. We present an attack on it binding the security of whole solution with the security of particular encryption schemes, used in it. We show this architecture is vulnerable and consequently the solution is unviable.

  4. Strategic planning and security analysis

    International Nuclear Information System (INIS)

    DePasquale, S.

    1991-01-01

    Nuclear security master planning is a deliberative process, founded on the premise that the broad scope of security must be analyzed before any meaningful determinations may be reached on an individual security aspect. This paper examines the analytical process required in developing a Security Master Plan. It defines a four stage process concluding with the selection of security measures encompassing physical security, policy and procedure considerations and guard force deployment. The final product orchestrates each security measure in a complementary and supportive configuration

  5. The strategic security officer.

    Science.gov (United States)

    Hodges, Charles

    2014-01-01

    This article discusses the concept of the strategic security officer, and the potential that it brings to the healthcare security operational environment. The author believes that training and development, along with strict hiring practices, can enable a security department to reach a new level of professionalism, proficiency and efficiency. The strategic officer for healthcare security is adapted from the "strategic corporal" concept of US Marine Corps General Charles C. Krulak which focuses on understanding the total force implications of the decisions made by the lowest level leaders within the Corps (Krulak, 1999). This article focuses on the strategic organizational implications of every security officer's decisions in the constantly changing and increasingly volatile operational environment of healthcare security.

  6. PRIVATE SECURITY IN SPORT

    Directory of Open Access Journals (Sweden)

    Dragan Vukasović

    2011-09-01

    Full Text Available Given the importance of sport for international integration, affirmation, a sense of belonging and other values of general interest, in order to maintain and open new prospects of development, it is necessary to form the private security system along with state security system, with a view to creating conditions for development sports athletes to achieve better results both in domestic and international competitions. Private security is only one element of an integrated security system which, with its efficient organization with the use of adequate means and measures should provide answers to new challenges, risks and threats. Private security in line with the new understanding of the concept of security has an important role in providing athletes.

  7. Beginning ASPNET Security

    CERN Document Server

    Dorrans, Barry

    2010-01-01

    Beginning ASP.NET 3.5 Security is geared for novice to intermediate ASP.NET programmers who wish to protect and defend their web sites against attack and exploitation. Beginning with a discussion of why we need security and the things that may occur when it is ignored and an overview of how ASP.NET works, readers are taken through the common steps in developing a web site, the security problems each area exposes and how these can be exploited. Visual Studio Security MVP Barry Dorrans teaches readers how they can defend their applications using the standard .NET framework, industry patterns and

  8. Linux Security Cookbook

    CERN Document Server

    Barrett, Daniel J; Byrnes, Robert G

    2003-01-01

    Computer security is an ongoing process, a relentless contest between system administrators and intruders. A good administrator needs to stay one step ahead of any adversaries, which often involves a continuing process of education. If you're grounded in the basics of security, however, you won't necessarily want a complete treatise on the subject each time you pick up a book. Sometimes you want to get straight to the point. That's exactly what the new Linux Security Cookbook does. Rather than provide a total security solution for Linux computers, the authors present a series of easy-to-fol

  9. Parliamentary control of security information agency in terms of security culture: State and problems

    Directory of Open Access Journals (Sweden)

    Radivojević Nenad

    2013-01-01

    Full Text Available Even though security services have the same function as before, today they have different tasks and significantly more work than before. Modern security problems of the late 20th and early 21st century require states to reorganize their security services, adapting them to the new changes. The reorganization involves, among other things, giving wider powers of the security services, in order to effectively counter the growing and sophisticated security threats, which may also lead to violations of human rights and freedoms. It is therefore necessary to define the right competence, organization, authority and control of these services. In democratic countries, there are several institutions with different levels of control of security services. Parliament is certainly one of the most important institutions in that control, both in the world and in our country. Powers, finance, the use of special measures and the nature and scope of work of the Security Information Agency are certainly object of the control of the National Assembly. What seems to be the problem is achieving a balance between the need for control of security services and security services to have effective methods for combating modern security problems. This paper presents the legal framework related to the National Assembly control of the Security Intelligence Agency, as well as the practical problems associated with this type of control. We analyzed the role of security culture as one of the factors of that control. In this regard, it provides guidance for the practical work of the members of parliament who control the Security Intelligence Agency, noting in particular the importance of and the need for continuous improvement of security culture representatives.

  10. Security Vulnerability Profiles of NASA Mission Software: Empirical Analysis of Security Related Bug Reports

    Science.gov (United States)

    Goseva-Popstojanova, Katerina; Tyo, Jacob P.; Sizemore, Brian

    2017-01-01

    NASA develops, runs, and maintains software systems for which security is of vital importance. Therefore, it is becoming an imperative to develop secure systems and extend the current software assurance capabilities to cover information assurance and cybersecurity concerns of NASA missions. The results presented in this report are based on the information provided in the issue tracking systems of one ground mission and one flight mission. The extracted data were used to create three datasets: Ground mission IVV issues, Flight mission IVV issues, and Flight mission Developers issues. In each dataset, we identified the software bugs that are security related and classified them in specific security classes. This information was then used to create the security vulnerability profiles (i.e., to determine how, why, where, and when the security vulnerabilities were introduced) and explore the existence of common trends. The main findings of our work include:- Code related security issues dominated both the Ground and Flight mission IVV security issues, with 95 and 92, respectively. Therefore, enforcing secure coding practices and verification and validation focused on coding errors would be cost effective ways to improve mission's security. (Flight mission Developers issues dataset did not contain data in the Issue Category.)- In both the Ground and Flight mission IVV issues datasets, the majority of security issues (i.e., 91 and 85, respectively) were introduced in the Implementation phase. In most cases, the phase in which the issues were found was the same as the phase in which they were introduced. The most security related issues of the Flight mission Developers issues dataset were found during Code Implementation, Build Integration, and Build Verification; the data on the phase in which these issues were introduced were not available for this dataset.- The location of security related issues, as the location of software issues in general, followed the Pareto

  11. Control System Applicable Use Assessment of the Secure Computing Corporation - Secure Firewall (Sidewinder)

    Energy Technology Data Exchange (ETDEWEB)

    Hadley, Mark D.; Clements, Samuel L.

    2009-01-01

    Battelle’s National Security & Defense objective is, “applying unmatched expertise and unique facilities to deliver homeland security solutions. From detection and protection against weapons of mass destruction to emergency preparedness/response and protection of critical infrastructure, we are working with industry and government to integrate policy, operational, technological, and logistical parameters that will secure a safe future”. In an ongoing effort to meet this mission, engagements with industry that are intended to improve operational and technical attributes of commercial solutions that are related to national security initiatives are necessary. This necessity will ensure that capabilities for protecting critical infrastructure assets are considered by commercial entities in their development, design, and deployment lifecycles thus addressing the alignment of identified deficiencies and improvements needed to support national cyber security initiatives. The Secure Firewall (Sidewinder) appliance by Secure Computing was assessed for applicable use in critical infrastructure control system environments, such as electric power, nuclear and other facilities containing critical systems that require augmented protection from cyber threat. The testing was performed in the Pacific Northwest National Laboratory’s (PNNL) Electric Infrastructure Operations Center (EIOC). The Secure Firewall was tested in a network configuration that emulates a typical control center network and then evaluated. A number of observations and recommendations are included in this report relating to features currently included in the Secure Firewall that support critical infrastructure security needs.

  12. Personal computer security: part 1. Firewalls, antivirus software, and Internet security suites.

    Science.gov (United States)

    Caruso, Ronald D

    2003-01-01

    Personal computer (PC) security in the era of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) involves two interrelated elements: safeguarding the basic computer system itself and protecting the information it contains and transmits, including personal files. HIPAA regulations have toughened the requirements for securing patient information, requiring every radiologist with such data to take further precautions. Security starts with physically securing the computer. Account passwords and a password-protected screen saver should also be set up. A modern antivirus program can easily be installed and configured. File scanning and updating of virus definitions are simple processes that can largely be automated and should be performed at least weekly. A software firewall is also essential for protection from outside intrusion, and an inexpensive hardware firewall can provide yet another layer of protection. An Internet security suite yields additional safety. Regular updating of the security features of installed programs is important. Obtaining a moderate degree of PC safety and security is somewhat inconvenient but is necessary and well worth the effort. Copyright RSNA, 2003

  13. Introduction to Hardware Security

    Directory of Open Access Journals (Sweden)

    Yier Jin

    2015-10-01

    Full Text Available Hardware security has become a hot topic recently with more and more researchers from related research domains joining this area. However, the understanding of hardware security is often mixed with cybersecurity and cryptography, especially cryptographic hardware. For the same reason, the research scope of hardware security has never been clearly defined. To help researchers who have recently joined in this area better understand the challenges and tasks within the hardware security domain and to help both academia and industry investigate countermeasures and solutions to solve hardware security problems, we will introduce the key concepts of hardware security as well as its relations to related research topics in this survey paper. Emerging hardware security topics will also be clearly depicted through which the future trend will be elaborated, making this survey paper a good reference for the continuing research efforts in this area.

  14. Information security cost management

    CERN Document Server

    Bazavan, Ioana V

    2006-01-01

    While information security is an ever-present challenge for all types of organizations today, most focus on providing security without addressing the necessities of staff, time, or budget in a practical manner.Information Security Cost Management offers a pragmatic approach to implementing information security, taking budgetary and real-world constraints into consideration. By providing frameworks, step-by-step processes, and project management breakdowns, this book demonstrates how to design the best security strategy with the resources you have available. Organized into five sections, the book-Focuses on setting the right road map so that you can be most effective in your information security implementationsDiscusses cost-effective staffing, the single biggest expense to the security organizationPresents practical ways to build and manage the documentation that details strategy, provides resources for operating annual audits, and illustrates how to advertise accomplishments to senior management effectivelyI...

  15. Security Administration Reports Application

    Data.gov (United States)

    Social Security Administration — Contains SSA Security Reports that allow Information Security Officers (ISOs) to access, review and take appropriate action based on the information contained in the...

  16. Social Security.

    Science.gov (United States)

    Social and Labour Bulletin, 1983

    1983-01-01

    This group of articles discusses a variety of studies related to social security and retirement benefits. These studies are related to both developing and developed nations and are also concerned with studying work conditions and government role in administering a democratic social security system. (SSH)

  17. 17 CFR 240.17a-1 - Recordkeeping rule for national securities exchanges, national securities associations...

    Science.gov (United States)

    2010-04-01

    ... national securities exchanges, national securities associations, registered clearing agencies and the... Certain Stabilizing Activities § 240.17a-1 Recordkeeping rule for national securities exchanges, national...) Every national securities exchange, national securities association, registered clearing agency and the...

  18. Service Oriented Architecture in Network Security - a novel Organisation in Security Systems

    OpenAIRE

    Hilker, Michael; Schommer, Christoph

    2008-01-01

    Current network security systems are a collection of various security components, which are directly installed in the operating system. These check the whole node for suspicious behaviour. Armouring intrusions e.g. have the ability to hide themselves from being checked. We present in this paper an alternative organisation of security systems. The node is completely virtualized with current virtualization systems so that the operating system with applications and the security system is disting...

  19. Information Security Governance: When Compliance Becomes More Important than Security

    OpenAIRE

    Tan , Terence C. C.; Ruighaver , Anthonie B.; Ahmad , Atif

    2010-01-01

    International audience; Current security governance is often based on a centralized decision making model and still uses an ineffective 20th century risk management approach to security. This approach is relatively simple to manage since it needs almost no security governance below the top enterprise level where most decisions are made. However, while there is a role for more corporate governance, new regulations, and improved codes of best practice to address current weak organizational secu...

  20. Development and analysis of security policies in security enhanced Android

    OpenAIRE

    Rimando, Ryan A.

    2012-01-01

    Approved for public release; distribution is unlimited. This thesis examines Security Enhanced Android. Both its policy and its additional security features are explored. The policy is examined in depth, providing a better understanding of the security provided by SE Android. We analyze the default SE Android policy. We identify a potential weakness and change the policy to facilitate control over communication channels. A proof-of-concept set of applications is developed to demonstrate ho...

  1. Computer security

    CERN Document Server

    Gollmann, Dieter

    2011-01-01

    A completely up-to-date resource on computer security Assuming no previous experience in the field of computer security, this must-have book walks you through the many essential aspects of this vast topic, from the newest advances in software and technology to the most recent information on Web applications security. This new edition includes sections on Windows NT, CORBA, and Java and discusses cross-site scripting and JavaScript hacking as well as SQL injection. Serving as a helpful introduction, this self-study guide is a wonderful starting point for examining the variety of competing sec

  2. Secure PVM

    Energy Technology Data Exchange (ETDEWEB)

    Dunigan, T.H.; Venugopal, N.

    1996-09-01

    This research investigates techniques for providing privacy, authentication, and data integrity to PVM (Parallel Virtual Machine). PVM is extended to provide secure message passing with no changes to the user`s PVM application, or, optionally, security can be provided on a message-by message basis. Diffe-Hellman is used for key distribution of a single session key for n-party communication. Keyed MD5 is used for message authentication, and the user may select from various secret-key encryption algorithms for message privacy. The modifications to PVM are described, and the performance of secure PVM is evaluated.

  3. 76 FR 8946 - Security Ratings

    Science.gov (United States)

    2011-02-16

    ... grade securities (such as foreign currency or other cash settled derivative securities). See... investment grade securities (such as foreign currency or other cash settled derivative securities). See... SECURITIES AND EXCHANGE COMMISSION 17 CFR Parts 200, 229, 230, 232, 239, 240, and 249 [Release No...

  4. Information security management handbook

    CERN Document Server

    2002-01-01

    The Information Security Management Handbook continues its tradition of consistently communicating the fundamental concepts of security needed to be a true CISSP. In response to new developments, Volume 4 supplements the previous volumes with new information covering topics such as wireless, HIPAA, the latest hacker attacks and defenses, intrusion detection, and provides expanded coverage on security management issues and applications security. Even those that don't plan on sitting for the CISSP exam will find that this handbook is a great information security reference.The changes in the tech

  5. Specifying Information Security Needs for the Delivery of High Quality Security Services

    NARCIS (Netherlands)

    Su, X.; Bolzoni, D.; van Eck, Pascal

    In this paper we present an approach for specifying and prioritizing information security requirements in organizations. We propose to explicitly link security requirements with the organizations' business vision, i.e. to provide business rationale for security requirements. The rationale is then

  6. Measuring Short-term Energy Security

    Energy Technology Data Exchange (ETDEWEB)

    NONE

    2011-07-01

    Ensuring energy security has been at the centre of the IEA mission since its inception, following the oil crises of the early 1970s. While the security of oil supplies remains important, contemporary energy security policies must address all energy sources and cover a comprehensive range of natural, economic and political risks that affect energy sources, infrastructures and services. In response to this challenge, the IEA is currently developing a Model Of Short-term Energy Security (MOSES) to evaluate the energy security risks and resilience capacities of its member countries. The current version of MOSES covers short-term security of supply for primary energy sources and secondary fuels among IEA countries. It also lays the foundation for analysis of vulnerabilities of electricity and end-use energy sectors. MOSES contains a novel approach to analysing energy security, which can be used to identify energy security priorities, as a starting point for national energy security assessments and to track the evolution of a country's energy security profile. By grouping together countries with similar 'energy security profiles', MOSES depicts the energy security landscape of IEA countries. By extending the MOSES methodology to electricity security and energy services in the future, the IEA aims to develop a comprehensive policy-relevant perspective on global energy security. This Brochure provides and overview of the analysis and results. Readers interested in an in-depth discussion of methodology are referred to the MOSES Working Paper.

  7. Smart security and securing data through watermarking

    Science.gov (United States)

    Singh, Ritesh; Kumar, Lalit; Banik, Debraj; Sundar, S.

    2017-11-01

    The growth of image processing in embedded system has provided the boon of enhancing the security in various sectors. This lead to the developing of various protective strategies, which will be needed by private or public sectors for cyber security purposes. So, we have developed a method which uses digital water marking and locking mechanism for the protection of any closed premises. This paper describes a contemporary system based on user name, user id, password and encryption technique which can be placed in banks, protected offices to beef the security up. The burglary can be abated substantially by using a proactive safety structure. In this proposed framework, we are using water-marking in spatial domain to encode and decode the image and PIR(Passive Infrared Sensor) sensor to detect the existence of person in any close area.

  8. Security planning an applied approach

    CERN Document Server

    Lincke, Susan

    2015-01-01

    This book guides readers through building an IT security plan. Offering a template, it helps readers to prioritize risks, conform to regulation, plan their defense and secure proprietary/confidential information. The process is documented in the supplemental online security workbook. Security Planning is designed for the busy IT practitioner, who does not have time to become a security expert, but needs a security plan now. It also serves to educate the reader of a broader set of concepts related to the security environment through the Introductory Concepts and Advanced sections. The book serv

  9. Privacy and Security: A Bibliography.

    Science.gov (United States)

    Computer and Business Equipment Manufacturers Association, Washington, DC.

    Compiled at random from many sources, this bibliography attempts to cite as many publications concerning privacy and security as are available. The entries are organized under seven headings: (1) systems security, technical security, clearance of personnel, (2) corporate physical security, (3) administrative security, (4) miscellaneous--privacy…

  10. Calling Out Cheaters : Covert Security with Public VerifiabilitySecurity

    DEFF Research Database (Denmark)

    Asharov, Gilad; Orlandi, Claudio

    2012-01-01

    We introduce the notion of covert security with public verifiability, building on the covert security model introduced by Aumann and Lindell (TCC 2007). Protocols that satisfy covert security guarantee that the honest parties involved in the protocol will notice any cheating attempt with some...... constant probability ε. The idea behind the model is that the fear of being caught cheating will be enough of a deterrent to prevent any cheating attempt. However, in the basic covert security model, the honest parties are not able to persuade any third party (say, a judge) that a cheating occurred. We...... propose (and formally define) an extension of the model where, when an honest party detects cheating, it also receives a certificate that can be published and used to persuade other parties, without revealing any information about the honest party’s input. In addition, malicious parties cannot create fake...

  11. Security Analysis of Yeh-Tsai Security Mechanism

    Science.gov (United States)

    Yum, Dae Hyun; Shin, Jong Hoon; Lee, Pil Joong

    Yeh and Tsai recently proposed an enhanced mobile commerce security mechanism. They modified the lightweight security mechanism due to Lam, Chung, Gu, and Sun to relieve the burden of mobile clients. However, this article shows that a malicious WAP gateway can successfully obtain the mobile client's PIN by sending a fake public key of a mobile commerce server and exploiting information leakage caused by addition operation. We also present a countermeasure against the proposed attack.

  12. Using Common Sense to Effectively Integrate Security Technologies within a School's Security Strategy

    Energy Technology Data Exchange (ETDEWEB)

    Gree, M.W.

    1998-11-03

    Security technologies are not the answer to all school security problems. However, they can be an excellent tool for school administrators and security personnel when incorporated into a total security strategy involving personnel, procedures, and facility layout. Unfortunately, very few of the tougher security problems in schools have solutions that are affordable, effective, and acceptable. Like any other type of facility, a school's security staff must understand the strengths and limitations of the security measures they are csecurity practices, which will rarely increase new building costs if included in the initial planning.

  13. 7 CFR 1942.114 - Security.

    Science.gov (United States)

    2010-01-01

    ... 7 Agriculture 13 2010-01-01 2009-01-01 true Security. 1942.114 Section 1942.114 Agriculture... Security. Specific requirements for security for each loan will be included in the letter of conditions. Loans must be secured by the best security position practicable, in a manner which will adequately...

  14. Unconditionally Secure Protocols

    DEFF Research Database (Denmark)

    Meldgaard, Sigurd Torkel

    This thesis contains research on the theory of secure multi-party computation (MPC). Especially information theoretically (as opposed to computationally) secure protocols. It contains results from two main lines of work. One line on Information Theoretically Secure Oblivious RAMS, and how....... We construct an oblivious RAM that hides the client's access pattern with information theoretic security with an amortized $\\log^3 N$ query overhead. And how to employ a second server that is guaranteed not to conspire with the first to improve the overhead to $\\log^2 N$, while also avoiding...... they are used to speed up secure computation. An Oblivious RAM is a construction for a client with a small $O(1)$ internal memory to store $N$ pieces of data on a server while revealing nothing more than the size of the memory $N$, and the number of accesses. This specifically includes hiding the access pattern...

  15. Concept for Energy Security Matrix

    International Nuclear Information System (INIS)

    Kisel, Einari; Hamburg, Arvi; Härm, Mihkel; Leppiman, Ando; Ots, Märt

    2016-01-01

    The following paper presents a discussion of short- and long-term energy security assessment methods and indicators. The aim of the current paper is to describe diversity of approaches to energy security, to structure energy security indicators used by different institutions and papers, and to discuss several indicators that also play important role in the design of energy policy of a state. Based on this analysis the paper presents a novel Energy Security Matrix that structures relevant energy security indicators from the aspects of Technical Resilience and Vulnerability, Economic Dependence and Political Affectability for electricity, heat and transport fuel sectors. Earlier publications by different authors have presented energy security assessment methodologies that use publicly available indicators from different databases. Current paper challenges viability of some of these indicators and introduces new indicators that would deliver stronger energy security policy assessments. Energy Security Matrix and its indicators are based on experiences that the authors have gathered as high-level energy policymakers in Estonia, where all different aspects of energy security can be observed. - Highlights: •Energy security should be analysed in technical, economic and political terms; •Energy Security Matrix provides a framework for energy security analyses; •Applicability of Matrix is limited due to the lack of statistical data and sensitivity of output.

  16. Security leader insights for information protection lessons and strategies from leading security professionals

    CERN Document Server

    Fahy, Bob

    2014-01-01

    How do you, as a busy security executive or manager, stay current with evolving issues, familiarize yourself with the successful practices of your peers, and transfer this information to build a knowledgeable, skilled workforce the times now demand? With Security Leader Insights for Information Protection, a collection of timeless leadership best practices featuring insights from some of the nation's most successful security practitioners, you can. This book can be used as a quick and effective resource to bring your security staff up to speed on security's role in information protection. I

  17. Addressing Software Security

    Science.gov (United States)

    Bailey, Brandon

    2015-01-01

    Historically security within organizations was thought of as an IT function (web sites/servers, email, workstation patching, etc.) Threat landscape has evolved (Script Kiddies, Hackers, Advanced Persistent Threat (APT), Nation States, etc.) Attack surface has expanded -Networks interconnected!! Some security posture factors Network Layer (Routers, Firewalls, etc.) Computer Network Defense (IPS/IDS, Sensors, Continuous Monitoring, etc.) Industrial Control Systems (ICS) Software Security (COTS, FOSS, Custom, etc.)

  18. Updating energy security and environmental policy: Energy security theories revisited.

    Science.gov (United States)

    Proskuryakova, L

    2018-06-18

    The energy security theories are based on the premises of sufficient and reliable supply of fossil fuels at affordable prices in centralized supply systems. Policy-makers and company chief executives develop energy security strategies based on the energy security theories and definitions that dominate in the research and policy discourse. It is therefore of utmost importance that scientists revisit these theories in line with the latest changes in the energy industry: the rapid advancement of renewables and smart grid, decentralization of energy systems, new environmental and climate challenges. The study examines the classic energy security concepts (neorealism, neoliberalism, constructivism and international political economy) and assesses if energy technology changes are taken into consideration. This is done through integrative literature review, comparative analysis, identification of 'international relations' and 'energy' research discourse with the use of big data, and case studies of Germany, China, and Russia. The paper offers suggestions for revision of energy security concepts through integration of future technology considerations. Copyright © 2018 Elsevier Ltd. All rights reserved.

  19. Model-based security testing

    OpenAIRE

    Schieferdecker, Ina; Großmann, Jürgen; Schneider, Martin

    2012-01-01

    Security testing aims at validating software system requirements related to security properties like confidentiality, integrity, authentication, authorization, availability, and non-repudiation. Although security testing techniques are available for many years, there has been little approaches that allow for specification of test cases at a higher level of abstraction, for enabling guidance on test identification and specification as well as for automated test generation. Model-based security...

  20. Enhancing implementation security of QKD

    Science.gov (United States)

    Tamaki, Kiyoshi

    2017-10-01

    Quantum key distribution (QKD) can achieve information-theoretic security, which is a provable security against any eavesdropping, given that all the devices the sender and the receiver employ operate exactly as the theory of security requires. Unfortunately, however, it is difficult for practical devices to meet all such requirements, and therefore more works have to be done toward guaranteeing information-theoretic security in practice, i.e., implementation security. In this paper, we review our recent efforts to enhance implementation security. We also have a brief look at a flaw in security proofs and present how to fix it.

  1. USCG Security Plan Review

    Data.gov (United States)

    Department of Homeland Security — The Security Plan Review module is intended for vessel and facility operators to check on the status of their security plans submitted to the US Coast Guard. A MISLE...

  2. Objective and Essential Elements of a State's Nuclear Security Regime. Nuclear Security Fundamentals (Chinese Edition)

    International Nuclear Information System (INIS)

    2014-01-01

    The possibility that nuclear material or other radioactive material could be used for criminal purposes or intentionally used in an unauthorized manner cannot be ruled out in the current global situation. States have responded to this risk by engaging in a collective commitment to strengthen the protection and control of such material and to respond effectively to nuclear security events. States have agreed to strengthen existing instruments and have established new international legal instruments to enhance nuclear security worldwide. Nuclear security is fundamental in the management of nuclear technologies and in applications where nuclear material or other radioactive material is used or transported. Through its nuclear security programme, the IAEA supports States to establish, maintain and sustain an effective nuclear security regime. The IAEA has adopted a comprehensive approach to nuclear security. This recognizes that an effective national nuclear security regime builds on: the implementation of relevant international legal instruments; information protection; physical protection; material accounting and control; detection of and response to trafficking in such material; national response plans; and contingency measures. With its Nuclear Security Series, the IAEA aims to assist States in implementing and sustaining such a regime in a coherent and integrated manner. The IAEA Nuclear Security Series comprises: Nuclear Security Fundamentals, which include the objective and essential elements of a State's nuclear security regime; Recommendations; Implementing Guides; and Technical Guidance. Each State carries the full responsibility for nuclear security. Specifically, each State has the responsibility to provide for the security of nuclear material and other radioactive material and their associated facilities and activities; to ensure the security of such material in use, storage, or in transport; to combat illicit trafficking and the inadvertent movement of

  3. Objective and Essential Elements of a State's Nuclear Security Regime. Nuclear Security Fundamentals (Arabic Edition)

    International Nuclear Information System (INIS)

    2014-01-01

    The possibility that nuclear material or other radioactive material could be used for criminal purposes or intentionally used in an unauthorized manner cannot be ruled out in the current global situation. States have responded to this risk by engaging in a collective commitment to strengthen the protection and control of such material and to respond effectively to nuclear security events. States have agreed to strengthen existing instruments and have established new international legal instruments to enhance nuclear security worldwide. Nuclear security is fundamental in the management of nuclear technologies and in applications where nuclear material or other radioactive material is used or transported. Through its nuclear security programme, the IAEA supports States to establish, maintain and sustain an effective nuclear security regime. The IAEA has adopted a comprehensive approach to nuclear security. This recognizes that an effective national nuclear security regime builds on: the implementation of relevant international legal instruments; information protection; physical protection; material accounting and control; detection of and response to trafficking in such material; national response plans; and contingency measures. With its Nuclear Security Series, the IAEA aims to assist States in implementing and sustaining such a regime in a coherent and integrated manner. The IAEA Nuclear Security Series comprises: Nuclear Security Fundamentals, which include the objective and essential elements of a State's nuclear security regime; Recommendations; Implementing Guides; and Technical Guidance. Each State carries the full responsibility for nuclear security. Specifically, each State has the responsibility to provide for the security of nuclear material and other radioactive material and their associated facilities and activities; to ensure the security of such material in use, storage, or in transport; to combat illicit trafficking and the inadvertent movement of

  4. Objective and Essential Elements of a State's Nuclear Security Regime. Nuclear Security Fundamentals (Spanish Edition)

    International Nuclear Information System (INIS)

    2014-01-01

    The possibility that nuclear material or other radioactive material could be used for criminal purposes or intentionally used in an unauthorized manner cannot be ruled out in the current global situation. States have responded to this risk by engaging in a collective commitment to strengthen the protection and control of such material and to respond effectively to nuclear security events. States have agreed to strengthen existing instruments and have established new international legal instruments to enhance nuclear security worldwide. Nuclear security is fundamental in the management of nuclear technologies and in applications where nuclear material or other radioactive material is used or transported. Through its nuclear security programme, the IAEA supports States to establish, maintain and sustain an effective nuclear security regime. The IAEA has adopted a comprehensive approach to nuclear security. This recognizes that an effective national nuclear security regime builds on: the implementation of relevant international legal instruments; information protection; physical protection; material accounting and control; detection of and response to trafficking in such material; national response plans; and contingency measures. With its Nuclear Security Series, the IAEA aims to assist States in implementing and sustaining such a regime in a coherent and integrated manner. The IAEA Nuclear Security Series comprises: Nuclear Security Fundamentals, which include the objeurity Fundamentals, which include the objective and essential elements of a State's nuclear security regime; Recommendations; Implementing Guides; and Technical Guidance. Each State carries the full responsibility for nuclear security. Specifically, each State has the responsibility to provide for the security of nuclear material and other radioactive material and their associated facilities and activities; to ensure the security of such material in use, storage, or in transport; to combat illicit

  5. Objective and Essential Elements of a State's Nuclear Security Regime. Nuclear Security Fundamentals (French Edition)

    International Nuclear Information System (INIS)

    2014-01-01

    The possibility that nuclear material or other radioactive material could be used for criminal purposes or intentionally used in an unauthorized manner cannot be ruled out in the current global situation. States have responded to this risk by engaging in a collective commitment to strengthen the protection and control of such material and to respond effectively to nuclear security events. States have agreed to strengthen existing instruments and have established new international legal instruments to enhance nuclear security worldwide. Nuclear security is fundamental in the management of nuclear technologies and in applications where nuclear material or other radioactive material is used or transported. Through its nuclear security programme, the IAEA supports States to establish, maintain and sustain an effective nuclear security regime. The IAEA has adopted a comprehensive approach to nuclear security. This recognizes that an effective national nuclear security regime builds on: the implementation of relevant international legal instruments; information protection; physical protection; material accounting and control; detection of and response to trafficking in such material; national response plans; and contingency measures. With its Nuclear Security Series, the IAEA aims to assist States in implementing and sustaining such a regime in a coherent and integrated manner. The IAEA Nuclear Security Series comprises: Nuclear Security Fundamentals, which include the objective and essential elements of a State's nuclear security regime; Recommendations; Implementing Guides; and Technical Guidance. Each State carries the full responsibility for nuclear security. Specifically, each State has the responsibility to provide for the security of nuclear material and other radioactive material and their associated facilities and activities; to ensure the security of such material in use, storage, or in transport; to combat illicit trafficking and the inadvertent movement of

  6. The Security Gap in Syria: Individual and Collective Security in ‘Rebel-held’ Territories

    Directory of Open Access Journals (Sweden)

    Ali Abdul Kadir Ali

    2015-07-01

    Full Text Available This paper examines security in Syria through the conceptual lens of the security gap, understood as the gap between security practices and objectives which have implications for individual and collective security. Practices of security can be the state apparatus, the military, and militias. The objective – safety – can refer to the safety or security of a range of collectives including the state, political parties, and ethnic groups, while individual security refers to the general safety of inhabitants and the protection of human rights. This paper compares the security situation in so-called ‘rebel-held’ areas of Syria where alternative governance structures have emerged, examining the security approaches of Local Administrative Councils and Rebel Councils in Deir Azzor, Manbij, Dera, and areas dominated by the Kurdish Democratic Union Party (PYD. It argues that security and safety are strongly influenced by authority formation and the nature of deals and relationships involved in the formation of these nascent authorities. It also argues that security in these areas is strongly influenced by the Syrian government, which disrupts collectives that threaten its own collective security while giving limited support to those which serve its agenda of retaining power. It also demonstrates the limited utility of the ‘regime’ vs. ‘rebel-held’ dichotomy, as rebel groups at times must accommodate the Syrian state in limited ways for instrumental purposes. The article is based on fieldwork conducted in Turkey in 2013–2014, interviews conducted in 2015, and secondary sources based on field research.

  7. Food Security Strategies for Vanuatu

    OpenAIRE

    Welegtabit, Shadrack R.

    2001-01-01

    This report describes and analyzes food security conditions and policies in Vanuatu. The national food security systems are dualistic in nature, and the rural and urban food security systems are weakly related. Household food security in rural areas is primarily determined by access to arable land and fishery resources, whereas in urban areas household food security is primarily determined by access to employment. Household food security has been a concern in both rural and urban areas. Both ...

  8. Database Security: A Historical Perspective

    OpenAIRE

    Lesov, Paul

    2010-01-01

    The importance of security in database research has greatly increased over the years as most of critical functionality of the business and military enterprises became digitized. Database is an integral part of any information system and they often hold sensitive data. The security of the data depends on physical security, OS security and DBMS security. Database security can be compromised by obtaining sensitive data, changing data or degrading availability of the database. Over the last 30 ye...

  9. Security requirements engineering : the SI* modeling language and the Secure Tropos methodology

    NARCIS (Netherlands)

    Massacci, F.; Mylopoulos, J.; Zannone, N.; Ras, Z.W.; Tsay, L.-S.

    2010-01-01

    Security Requirements Engineering is an emerging field which lies at the crossroads of Security and Software Engineering. Much research has focused on this field in recent years, spurred by the realization that security must be dealt with in the earliest phases of the software development process as

  10. Human factors in network security

    OpenAIRE

    Jones, Francis B.

    1991-01-01

    Human factors, such as ethics and education, are important factors in network information security. This thesis determines which human factors have significant influence on network security. Those factors are examined in relation to current security devices and procedures. Methods are introduced to evaluate security effectiveness by incorporating the appropriate human factors into network security controls

  11. Efficient and Provable Secure Pairing-Free Security-Mediated Identity-Based Identification Schemes

    Directory of Open Access Journals (Sweden)

    Ji-Jian Chin

    2014-01-01

    Full Text Available Security-mediated cryptography was first introduced by Boneh et al. in 2001. The main motivation behind security-mediated cryptography was the capability to allow instant revocation of a user’s secret key by necessitating the cooperation of a security mediator in any given transaction. Subsequently in 2003, Boneh et al. showed how to convert a RSA-based security-mediated encryption scheme from a traditional public key setting to an identity-based one, where certificates would no longer be required. Following these two pioneering papers, other cryptographic primitives that utilize a security-mediated approach began to surface. However, the security-mediated identity-based identification scheme (SM-IBI was not introduced until Chin et al. in 2013 with a scheme built on bilinear pairings. In this paper, we improve on the efficiency results for SM-IBI schemes by proposing two schemes that are pairing-free and are based on well-studied complexity assumptions: the RSA and discrete logarithm assumptions.

  12. Efficient and provable secure pairing-free security-mediated identity-based identification schemes.

    Science.gov (United States)

    Chin, Ji-Jian; Tan, Syh-Yuan; Heng, Swee-Huay; Phan, Raphael C-W

    2014-01-01

    Security-mediated cryptography was first introduced by Boneh et al. in 2001. The main motivation behind security-mediated cryptography was the capability to allow instant revocation of a user's secret key by necessitating the cooperation of a security mediator in any given transaction. Subsequently in 2003, Boneh et al. showed how to convert a RSA-based security-mediated encryption scheme from a traditional public key setting to an identity-based one, where certificates would no longer be required. Following these two pioneering papers, other cryptographic primitives that utilize a security-mediated approach began to surface. However, the security-mediated identity-based identification scheme (SM-IBI) was not introduced until Chin et al. in 2013 with a scheme built on bilinear pairings. In this paper, we improve on the efficiency results for SM-IBI schemes by proposing two schemes that are pairing-free and are based on well-studied complexity assumptions: the RSA and discrete logarithm assumptions.

  13. Between security and military identities: The case of Israeli security experts.

    Science.gov (United States)

    Grassiani, Erella

    2018-02-01

    The relationship between private security professionals and the military in Israel is complex. While there is growing attention to the fact that security and military actors and their activities are becoming increasingly blurred, the Israeli case shows something different. In this ground-up analysis of the relationship between private security practices and the military, I investigate its constant negotiation by private security professionals through their identification with and differentiation from the military, whereby they reconfigure the meaning of military capital. This identity work should be understood, I propose, within the strongly militarist context of Israeli society, where military capital is highly valued. I argue that actors who exit the military system feel the need to demonstrate the added value of their work in the private sector in order for it to gain value in the light of the symbolic capital given to the military. I analyse these processes as leading to a new kind of militarism, which includes security skills and ideas about professionalism. Such an approach sheds new light on the ways in which security actors can actively reconfigure the workings of military capital in and outside the nation-state and produce a different kind of militarism.

  14. Summary Report on Unconditionally Secure Protocols

    DEFF Research Database (Denmark)

    Damgård, Ivan Bjerre; Salvail, Louis; Cachin, Christian

    This document describes the state of the art snd some of the main open problems in the area of unconditionally secure cryptographic protocols. The most essential part of a cryptographic protocol is not its being secure. Imagine a cryptographic protocol which is secure, but where we do not know...... that it is secure. Such a protocol would do little in providing security. When all comes to all, cryptographic security is done for the sake of people, and the essential part of security is for people what it has always been, namely to feel secure. To feel secure employing a given cryptographic protocol we need...... to know that is is secure. I.e. we need a proof that it is secure. Today the proof of security of essentially all practically employed cryptographic protocols relies on computational assumptions. To prove that currently employed ways to communicate securely over the Internet are secure we e.g. need...

  15. Network security with openSSL cryptography for secure communications

    CERN Document Server

    Viega, John; Chandra, Pravir

    2002-01-01

    Most applications these days are at least somewhat network aware, but how do you protect those applications against common network security threats? Many developers are turning to OpenSSL, an open source version of SSL/TLS, which is the most widely used protocol for secure network communications.The OpenSSL library is seeing widespread adoption for web sites that require cryptographic functions to protect a broad range of sensitive information, such as credit card numbers and other financial transactions. The library is the only free, full-featured SSL implementation for C and C++, and it can be used programmatically or from the command line to secure most TCP-based network protocols.Network Security with OpenSSL enables developers to use this protocol much more effectively. Traditionally, getting something simple done in OpenSSL could easily take weeks. This concise book gives you the guidance you need to avoid pitfalls, while allowing you to take advantage of the library?s advanced features. And, inst...

  16. Game Based Cyber Security Training: are Serious Games suitable for cyber security training?

    Directory of Open Access Journals (Sweden)

    Maurice Hendrix

    2016-03-01

    Full Text Available Security research and training is attracting a lot of investment and interest from governments and the private sector. Most efforts have focused on physical security, while cyber security or digital security has been given less importance. With recent high-profile attacks it has become clear that training in cyber security is needed. Serious Games have the capability to be effective tools for public engagement and behavioural change and role play games, are already used by security professionals. Thus cyber security seems especially well-suited to Serious Games. This paper investigates whether games can be effective cyber security training tools. The study is conducted by means of a structured literature review supplemented with a general web search.While there are early positive indications there is not yet enough evidence to draw any definite conclusions. There is a clear gap in target audience with almost all products and studies targeting the general public and very little attention given to IT professionals and managers. The products and studies also mostly work over a short period, while it is known that short-term interventions are not particularly effective at affecting behavioural change.

  17. Capturing security requirements for software systems.

    Science.gov (United States)

    El-Hadary, Hassan; El-Kassas, Sherif

    2014-07-01

    Security is often an afterthought during software development. Realizing security early, especially in the requirement phase, is important so that security problems can be tackled early enough before going further in the process and avoid rework. A more effective approach for security requirement engineering is needed to provide a more systematic way for eliciting adequate security requirements. This paper proposes a methodology for security requirement elicitation based on problem frames. The methodology aims at early integration of security with software development. The main goal of the methodology is to assist developers elicit adequate security requirements in a more systematic way during the requirement engineering process. A security catalog, based on the problem frames, is constructed in order to help identifying security requirements with the aid of previous security knowledge. Abuse frames are used to model threats while security problem frames are used to model security requirements. We have made use of evaluation criteria to evaluate the resulting security requirements concentrating on conflicts identification among requirements. We have shown that more complete security requirements can be elicited by such methodology in addition to the assistance offered to developers to elicit security requirements in a more systematic way.

  18. Capturing security requirements for software systems

    Directory of Open Access Journals (Sweden)

    Hassan El-Hadary

    2014-07-01

    Full Text Available Security is often an afterthought during software development. Realizing security early, especially in the requirement phase, is important so that security problems can be tackled early enough before going further in the process and avoid rework. A more effective approach for security requirement engineering is needed to provide a more systematic way for eliciting adequate security requirements. This paper proposes a methodology for security requirement elicitation based on problem frames. The methodology aims at early integration of security with software development. The main goal of the methodology is to assist developers elicit adequate security requirements in a more systematic way during the requirement engineering process. A security catalog, based on the problem frames, is constructed in order to help identifying security requirements with the aid of previous security knowledge. Abuse frames are used to model threats while security problem frames are used to model security requirements. We have made use of evaluation criteria to evaluate the resulting security requirements concentrating on conflicts identification among requirements. We have shown that more complete security requirements can be elicited by such methodology in addition to the assistance offered to developers to elicit security requirements in a more systematic way.

  19. Capturing security requirements for software systems

    Science.gov (United States)

    El-Hadary, Hassan; El-Kassas, Sherif

    2014-01-01

    Security is often an afterthought during software development. Realizing security early, especially in the requirement phase, is important so that security problems can be tackled early enough before going further in the process and avoid rework. A more effective approach for security requirement engineering is needed to provide a more systematic way for eliciting adequate security requirements. This paper proposes a methodology for security requirement elicitation based on problem frames. The methodology aims at early integration of security with software development. The main goal of the methodology is to assist developers elicit adequate security requirements in a more systematic way during the requirement engineering process. A security catalog, based on the problem frames, is constructed in order to help identifying security requirements with the aid of previous security knowledge. Abuse frames are used to model threats while security problem frames are used to model security requirements. We have made use of evaluation criteria to evaluate the resulting security requirements concentrating on conflicts identification among requirements. We have shown that more complete security requirements can be elicited by such methodology in addition to the assistance offered to developers to elicit security requirements in a more systematic way. PMID:25685514

  20. Windows Security patch required

    CERN Multimedia

    3004-01-01

    This concerns Windows PCs (XP, 2000, NT) which are NOT centrally managed at CERN for security patches, e.g. home PCs, experiment PCs, portables,... A security hole which can give full privileges on Windows systems needs to be URGENTLY patched. Details of the security hole and hotfix are at: http://cern.ch/it-div/news/hotfix-MS03-026.asp http://www.microsoft.com/technet/security/bulletin/MS03-026.asp

  1. Auditing Organizational Security

    Science.gov (United States)

    2017-01-01

    Organi- zation for Standardiza- tion ( ISO ): ISO 27000 : Information Systems Se- curity Management. A robust program of internal auditing of a...improvement is the basis and underpinning of the ISO . All processes must be considered ongoing and never at an “end state.” Top management develops a...security management system, including security policies and security objectives, plus threats and risks. Orga- nizations already working with ISO 9000

  2. Natural gas and energy security

    International Nuclear Information System (INIS)

    Saga, B.P.

    1996-01-01

    This paper relates to energy security by natural gas supply seen in an International Energy Agency perspective. Topics are: Security of supply, what is it; the role gas on the European energy scene; short term security of supply; long term security of supply; future structural and regulatory developments and possible implications for security of supply. 6 figs

  3. Secure software development training course

    Directory of Open Access Journals (Sweden)

    Victor S. Gorbatov

    2017-06-01

    Full Text Available Information security is one of the most important criteria for the quality of developed software. To obtain a sufficient level of application security companies implement security process into software development life cycle. At this stage software companies encounter with deficit employees who able to solve problems of software design, implementation and application security. This article provides a description of the secure software development training course. Training course of application security is designed for co-education students of different IT-specializations.

  4. Agile IT Security Implementation Methodology

    CERN Document Server

    Laskowski, Jeff

    2011-01-01

    The book is a tutorial that goes from basic to professional level for Agile IT security. It begins by assuming little knowledge of agile security. Readers should hold a good knowledge of security methods and agile development. The book is targeted at IT security managers, directors, and architects. It is useful for anyone responsible for the deployment of IT security countermeasures. Security people with a strong knowledge of agile software development will find this book to be a good review of agile concepts.

  5. Security for multihop wireless networks

    CERN Document Server

    Khan, Shafiullah

    2014-01-01

    Security for Multihop Wireless Networks provides broad coverage of the security issues facing multihop wireless networks. Presenting the work of a different group of expert contributors in each chapter, it explores security in mobile ad hoc networks, wireless sensor networks, wireless mesh networks, and personal area networks.Detailing technologies and processes that can help you secure your wireless networks, the book covers cryptographic coprocessors, encryption, authentication, key management, attacks and countermeasures, secure routing, secure medium access control, intrusion detection, ep

  6. Security threat assessment of an Internet security system using attack tree and vague sets.

    Science.gov (United States)

    Chang, Kuei-Hu

    2014-01-01

    Security threat assessment of the Internet security system has become a greater concern in recent years because of the progress and diversification of information technology. Traditionally, the failure probabilities of bottom events of an Internet security system are treated as exact values when the failure probability of the entire system is estimated. However, security threat assessment when the malfunction data of the system's elementary event are incomplete--the traditional approach for calculating reliability--is no longer applicable. Moreover, it does not consider the failure probability of the bottom events suffered in the attack, which may bias conclusions. In order to effectively solve the problem above, this paper proposes a novel technique, integrating attack tree and vague sets for security threat assessment. For verification of the proposed approach, a numerical example of an Internet security system security threat assessment is adopted in this paper. The result of the proposed method is compared with the listing approaches of security threat assessment methods.

  7. Changing Homeland Security: In 2010, Was Homeland Security Useful?

    Science.gov (United States)

    2011-02-01

    Education Consortium, September 2007). 8 James Ramsay , Daniel Cutrer, and Robert Raffel, “Development of an Outcomes-Based Undergraduate Curriculum in... Gordon , “Changing Homeland Security: Teaching the Core,” Homeland Security Affairs II, no. 1 (April 2006) http://www.hsaj.org/?article=2.1.1. 13 Kuhn

  8. Home - Defense Technology Security Administration

    Science.gov (United States)

    by @dtsamil Defense Technology Security Administration Mission, Culture, and History Executive Official seal of Defense Technology Security Administration Official seal of Defense Technology Security Administration OFFICE of the SECRETARY of DEFENSE Defense Technology Security Administration

  9. Materialism and food security.

    Science.gov (United States)

    Allen, M W; Wilson, M

    2005-12-01

    The present studies examined if materialists have an elevated concern about food availability, presumably stemming from a general survival security motivation. Study 1 found that materialists set a greater life goal of food security, and reported more food insecurity during their childhood. Materialists reported less present-day food insecurity. Study 2 revealed that materialists stored/hoarded more food at home, and that obese persons endorsed materialism more than low/normal weight persons. Study 3 found that experimentally decreasing participants' feelings of survival security (via a mortality salience manipulation) led to greater endorsement of materialism, food security as goal, and using food for emotional comfort. The results imply that materialists overcame the food insecurity of their childhood by making food security a top life goal, but that materialists' current concerns about food security may not wholly stem from genuine threats to their food supply.

  10. While Working Around Security

    DEFF Research Database (Denmark)

    Mathiasen, Niels Raabjerg

    Users of technology encounter various IT security mechanisms in their everyday lives. If these mechanisms fail to support everyday activities, they either get in the way, or the users find a way to work around them. Even though users manage to carry out everyday activities by using substandard...... IT security mechanisms or via workarounds, it will influence their experience of security. If researchers and designers only focus on IT security artifacts and fail to take the user experience into account, incorrect processes or workarounds will occur. Accordingly, to get users to follow the correct process...... may seem to be a criterion of success, even though it may yield a less appropriate experience of security. This dissertation deals with an improved understanding of IT security sensitive IT artifacts and presents three design methods, and a framework for addressing the complexities and contingencies...

  11. Personnel Security Investigations -

    Data.gov (United States)

    Department of Transportation — This data set contains the types of background investigations, decisions, level of security clearance, date of security clearance training, and credentials issued to...

  12. Attachment Security Balances Perspectives: Effects of Security Priming on Highly Optimistic and Pessimistic Explanatory Styles.

    Science.gov (United States)

    Deng, Yanhe; Yan, Mengge; Chen, Henry; Sun, Xin; Zhang, Peng; Zeng, Xianglong; Liu, Xiangping; Lye, Yue

    2016-01-01

    Highly optimistic explanatory style (HOES) and highly pessimistic explanatory style (HPES) are two maladaptive ways to explain the world and may have roots in attachment insecurity. The current study aims to explore the effects of security priming - activating supportive representations of attachment security - on ameliorating these maladaptive explanatory styles. 57 participants with HOES and 57 participants with HPES were randomized into security priming and control conditions. Their scores of overall optimistic attribution were measured before and after priming. Security priming had a moderating effect: the security primed HOES group exhibited lower optimistic attribution, while the security primed HPES group evinced higher scores of optimistic attribution. Furthermore, the security primed HOES group attributed positive outcomes more externally, while the security primed HPES group attributed successful results more internally. The results support the application of security priming interventions on maladaptive explanatory styles. Its potential mechanism and directions for future study are also discussed.

  13. Farmland Tenure Security in China: Influencing Factors of Actual and Perceived Farmland Tenure Security

    Science.gov (United States)

    Ren, Guangcheng; Zhu, Xueqin; Heerink, Nico; van Ierland, Ekko; Feng, Shuyi

    2017-04-01

    Tenure security plays an important role in farm households' investment, land renting and other decisions. Recent literature distinguishes between actual farmland tenure security (i.e. farm households' actual control of farmland) and perceived farmland tenure security (i.e. farm households' subjective understanding of their farmland tenure situation and expectation regarding government enforcement and equality of the law). However little is known on what factors influence the actual and perceived farmland tenure security in rural China. Theoretically, actual farmland tenure security is related to village self-governance as a major informal governance rule in rural China. Both economic efficiency and equity considerations are likely to play a role in the distribution of land and its tenure security. Household perceptions of farmland tenure security depend not only on the actual farmland tenure security in a village, but may also be affected by households' investment in and ability of changing social rules. Our study examines what factors contribute to differences in actual and perceived farmland tenure security between different villages and farm households in different regions of China. Applying probit models to the data collected from 1,485 households in 124 villages in Jiangsu, Jiangxi, Liaoning and Chongqing, we find that development of farmland rental market and degree of self-governance of a village have positive impacts, and development of labour market has a negative effect on actual farmland tenure security. Household perceptions of tenure security depend not only on actual farmland tenure security and on households' investment in and ability of changing social rules, but also on risk preferences of households. This finding has interesting policy implications for future land reforms in rural China.

  14. Quantum secure communication models comparison

    Directory of Open Access Journals (Sweden)

    Georgi Petrov Bebrov

    2017-12-01

    Full Text Available The paper concerns the quantum cryptography, more specifically, the quantum secure communication type of schemes. The main focus here is on making a comparison between the distinct secure quantum communication models – quantum secure direct communication and deterministic secure quantum communication, in terms of three parameters: resource efficiency, eavesdropping check efficiency, and security (degree of preserving the confidentiality.

  15. Security Mechanism Based on Hospital Authentication Server for Secure Application of Implantable Medical Devices

    Science.gov (United States)

    2014-01-01

    After two recent security attacks against implantable medical devices (IMDs) have been reported, the privacy and security risks of IMDs have been widely recognized in the medical device market and research community, since the malfunctioning of IMDs might endanger the patient's life. During the last few years, a lot of researches have been carried out to address the security-related issues of IMDs, including privacy, safety, and accessibility issues. A physician accesses IMD through an external device called a programmer, for diagnosis and treatment. Hence, cryptographic key management between IMD and programmer is important to enforce a strict access control. In this paper, a new security architecture for the security of IMDs is proposed, based on a 3-Tier security model, where the programmer interacts with a Hospital Authentication Server, to get permissions to access IMDs. The proposed security architecture greatly simplifies the key management between IMDs and programmers. Also proposed is a security mechanism to guarantee the authenticity of the patient data collected from IMD and the nonrepudiation of the physician's treatment based on it. The proposed architecture and mechanism are analyzed and compared with several previous works, in terms of security and performance. PMID:25276797

  16. Security mechanism based on Hospital Authentication Server for secure application of implantable medical devices.

    Science.gov (United States)

    Park, Chang-Seop

    2014-01-01

    After two recent security attacks against implantable medical devices (IMDs) have been reported, the privacy and security risks of IMDs have been widely recognized in the medical device market and research community, since the malfunctioning of IMDs might endanger the patient's life. During the last few years, a lot of researches have been carried out to address the security-related issues of IMDs, including privacy, safety, and accessibility issues. A physician accesses IMD through an external device called a programmer, for diagnosis and treatment. Hence, cryptographic key management between IMD and programmer is important to enforce a strict access control. In this paper, a new security architecture for the security of IMDs is proposed, based on a 3-Tier security model, where the programmer interacts with a Hospital Authentication Server, to get permissions to access IMDs. The proposed security architecture greatly simplifies the key management between IMDs and programmers. Also proposed is a security mechanism to guarantee the authenticity of the patient data collected from IMD and the nonrepudiation of the physician's treatment based on it. The proposed architecture and mechanism are analyzed and compared with several previous works, in terms of security and performance.

  17. Computer Security Systems Enable Access.

    Science.gov (United States)

    Riggen, Gary

    1989-01-01

    A good security system enables access and protects information from damage or tampering, but the most important aspects of a security system aren't technical. A security procedures manual addresses the human element of computer security. (MLW)

  18. Refelctions on the security

    Directory of Open Access Journals (Sweden)

    Ladislav Hofreiter

    2013-07-01

    Full Text Available In this paper are presented the author‘s reflections about concept meaning of the security, about his systemic perception and actual scientific access to the security research. The author presented securitology paradigm for valuation security optional reference object.

  19. Cloud Infrastructure Security

    OpenAIRE

    Velev , Dimiter; Zlateva , Plamena

    2010-01-01

    Part 4: Security for Clouds; International audience; Cloud computing can help companies accomplish more by eliminating the physical bonds between an IT infrastructure and its users. Users can purchase services from a cloud environment that could allow them to save money and focus on their core business. At the same time certain concerns have emerged as potential barriers to rapid adoption of cloud services such as security, privacy and reliability. Usually the information security professiona...

  20. Outsourcing information security

    CERN Document Server

    Axelrod, Warren

    2004-01-01

    This comprehensive and timely resource examines security risks related to IT outsourcing, clearly showing you how to recognize, evaluate, minimize, and manage these risks. Unique in its scope, this single volume offers you complete coverage of the whole range of IT security services and fully treats the IT security concerns of outsourcing. The book helps you deepen your knowledge of the tangible and intangible costs and benefits associated with outsourcing IT and IS functions.

  1. Automated security management

    CERN Document Server

    Al-Shaer, Ehab; Xie, Geoffrey

    2013-01-01

    In this contributed volume, leading international researchers explore configuration modeling and checking, vulnerability and risk assessment, configuration analysis, and diagnostics and discovery. The authors equip readers to understand automated security management systems and techniques that increase overall network assurability and usability. These constantly changing networks defend against cyber attacks by integrating hundreds of security devices such as firewalls, IPSec gateways, IDS/IPS, authentication servers, authorization/RBAC servers, and crypto systems. Automated Security Managemen

  2. Nuclear security education and training at Naif Arab University for Security Sciences

    International Nuclear Information System (INIS)

    Amjad Fataftah

    2009-01-01

    Naif Arab University for Security Sciences (NAUSS) was established in 1978 as an Arab institution specialized in security sciences to fulfill the needs of the Arab law enforcement agencies for an academic institution that promotes research in security sciences, offers graduate education programs and conduct short-term training courses, which should contribute to the prevention and control of crimes in the Arab world. NAUSS and the IAEA organized the first workshop on nuclear security on November, 2006, which aimed to explore and improve the nuclear security culture awareness through the definitions of the nuclear security main pillars, Prevention, Detection and Response. In addition, NAUSS and IAEA organized a very important training course on April, 2008 on combating nuclear terrorism titled P rotection against nuclear terrorism: Protection of radioactive sources . In the past two years, IAEA has put tremendous efforts to develop an education program in nuclear security, which may lead into Master's degree in nuclear security, where NAUSS helped in this project through the participation in the IAEA organized consultancy and technical meetings for the development of this program along with many other academic, security and law enfacement experts and lawyers from many different institution in the world. NAUSS and IAEA drafted a work plan for the next coming two years which should lead into the gradual implementation of these educational programs at NAUSS. NAUSS also continues to participate in several local conferences and symposiums related to the peaceful application of nuclear power in the gulf region, and the need for a human resources development programs to fulfill the scientific and security needs which will arise from building nuclear power plants. NAUSS participated in the International Symposium on the Peaceful Application of Nuclear Technology in the GCC countries, organized by King Abdulaziz University in the city of Jeddah, Saudi Arabia. Also NAUSS

  3. Maternal secure-base scripts and children's attachment security in an adopted sample.

    Science.gov (United States)

    Veríssimo, Manuela; Salvaterra, Fernanda

    2006-09-01

    Studies of families with adopted children are of special interest to attachment theorists because they afford opportunities to probe assumptions of attachment theory with regard to the developmental timing of interactions necessary to form primary attachments and also with regard to effects of shared genes on child attachment quality. In Bowlby's model, attachment-relevant behaviors and interactions are observable from the moment of birth, but for adoptive families, these interactions cannot begin until the child enters the family, sometimes several months or even years post-partum. Furthermore, because adoptive parents and adopted children do not usually share genes by common descent, any correspondence between attachment representations of the parent and secure base behavior of the child must arise as a consequence of dyadic interaction histories. The objectives of this study were to evaluate whether the child's age at the time of adoption or at the time of attachment assessment predicted child attachment security in adoptive families and also whether the adoptive mother's internal attachment representation predicted the child's attachment security. The participants were 106 mother - child dyads selected from the 406 adoptions carried out through the Lisbon Department of Adoption Services over a period of 3 years. The Attachment Behavior Q-Set (AQS; Waters, 1995) was used to assess secure base behavior and an attachment script representation task was used to assess the maternal attachment representations. Neither child's age at the time of adoption, nor age of the child at assessment significantly predicted the AQS security score; however, scores reflecting the presence and quality of maternal secure base scripts did predict AQS security. These findings support the notion that the transmission of attachment security across generations involves mutual exchanges and learning by the child and that the exchanges leading to secure attachment need not begin at birth

  4. Gross anatomy of network security

    Science.gov (United States)

    Siu, Thomas J.

    2002-01-01

    Information security involves many branches of effort, including information assurance, host level security, physical security, and network security. Computer network security methods and implementations are given a top-down description to permit a medically focused audience to anchor this information to their daily practice. The depth of detail of network functionality and security measures, like that of the study of human anatomy, can be highly involved. Presented at the level of major gross anatomical systems, this paper will focus on network backbone implementation and perimeter defenses, then diagnostic tools, and finally the user practices (the human element). Physical security measures, though significant, have been defined as beyond the scope of this presentation.

  5. 75 FR 10507 - Information Security Oversight Office; National Industrial Security Program Policy Advisory...

    Science.gov (United States)

    2010-03-08

    ... NATIONAL ARCHIVES AND RECORDS ADMINISTRATION Information Security Oversight Office; National Industrial Security Program Policy Advisory Committee (NISPPAC) AGENCY: National Archives and Records... individuals planning to attend must be submitted to the Information Security Oversight Office (ISOO) no later...

  6. Game Theory Based Security in Wireless Body Area Network with Stackelberg Security Equilibrium.

    Science.gov (United States)

    Somasundaram, M; Sivakumar, R

    2015-01-01

    Wireless Body Area Network (WBAN) is effectively used in healthcare to increase the value of the patient's life and also the value of healthcare services. The biosensor based approach in medical care system makes it difficult to respond to the patients with minimal response time. The medical care unit does not deploy the accessing of ubiquitous broadband connections full time and hence the level of security will not be high always. The security issue also arises in monitoring the user body function records. Most of the systems on the Wireless Body Area Network are not effective in facing the security deployment issues. To access the patient's information with higher security on WBAN, Game Theory with Stackelberg Security Equilibrium (GTSSE) is proposed in this paper. GTSSE mechanism takes all the players into account. The patients are monitored by placing the power position authority initially. The position authority in GTSSE is the organizer and all the other players react to the organizer decision. Based on our proposed approach, experiment has been conducted on factors such as security ratio based on patient's health information, system flexibility level, energy consumption rate, and information loss rate. Stackelberg Security considerably improves the strength of solution with higher security.

  7. Game Theory Based Security in Wireless Body Area Network with Stackelberg Security Equilibrium

    Science.gov (United States)

    Somasundaram, M.; Sivakumar, R.

    2015-01-01

    Wireless Body Area Network (WBAN) is effectively used in healthcare to increase the value of the patient's life and also the value of healthcare services. The biosensor based approach in medical care system makes it difficult to respond to the patients with minimal response time. The medical care unit does not deploy the accessing of ubiquitous broadband connections full time and hence the level of security will not be high always. The security issue also arises in monitoring the user body function records. Most of the systems on the Wireless Body Area Network are not effective in facing the security deployment issues. To access the patient's information with higher security on WBAN, Game Theory with Stackelberg Security Equilibrium (GTSSE) is proposed in this paper. GTSSE mechanism takes all the players into account. The patients are monitored by placing the power position authority initially. The position authority in GTSSE is the organizer and all the other players react to the organizer decision. Based on our proposed approach, experiment has been conducted on factors such as security ratio based on patient's health information, system flexibility level, energy consumption rate, and information loss rate. Stackelberg Security considerably improves the strength of solution with higher security. PMID:26759829

  8. Study of Security Attributes of Smart Grid Systems- Current Cyber Security Issues

    Energy Technology Data Exchange (ETDEWEB)

    Wayne F. Boyer; Scott A. McBride

    2009-04-01

    This document provides information for a report to congress on Smart Grid security as required by Section 1309 of Title XIII of the Energy Independence and Security Act of 2007. The security of any future Smart Grid is dependent on successfully addressing the cyber security issues associated with the nation’s current power grid. Smart Grid will utilize numerous legacy systems and technologies that are currently installed. Therefore, known vulnerabilities in these legacy systems must be remediated and associated risks mitigated in order to increase the security and success of the Smart Grid. The implementation of Smart Grid will include the deployment of many new technologies and multiple communication infrastructures. This report describes the main technologies that support Smart Grid and summarizes the status of implementation into the existing U.S. electrical infrastructure.

  9. Masters in Nuclear Security

    International Nuclear Information System (INIS)

    Rickwood, Peter

    2013-01-01

    Continuing global efforts to improve the security of nuclear and other radioactive material against the threat of malicious acts are being assisted by a new initiative, the development of a corps of professional experts to strengthen nuclear security. The IAEA, the European Commission, universities, research institutions and other bodies working in collaboration have established an International Nuclear Security Education Network (INSEN). In 2011, six European academic institutions, the Vienna University of Technology, the Brandenburg University of Applied Sciences, the Demokritos National Centre for Scientific Research in Greece, the Reactor Institute Delft of the Delft University of Technology in the Netherlands, the University of Oslo, and the University of Manchester Dalton Nuclear Institute, started developing a European Master of Science Programme in Nuclear Security Management. In March 2013, the masters project was inaugurated when ten students commenced studies at the Brandenburg University of Applied Sciences in Germany for two weeks. In April, they moved to the Delft University of Technology in the Netherlands for a further two weeks of studies. The pilot programme consists of six teaching sessions in different academic institutions. At the inauguration in Delft, IAEA Director General Yukiya Amano commended this effort to train a new generation of experts who can help to improve global nuclear security. ''It is clear that we will need a new generation of policy-makers and nuclear professionals - people like you - who will have a proper understanding of the importance of nuclear security,'' Mr. Amano told students and faculty members. ''The IAEA's goal is to support the development of such programmes on a global basis,'' said David Lambert, Senior Training Officer in the IAEA's Office of Nuclear Security. ''An existing postgraduate degree programme focused on nuclear security at Naif Arab University for Security Sciences (NAUSS) is currently supported by

  10. Android application security essentials

    CERN Document Server

    Rai, Pragati

    2013-01-01

    Android Application Security Essentials is packed with examples, screenshots, illustrations, and real world use cases to secure your apps the right way.If you are looking for guidance and detailed instructions on how to secure app data, then this book is for you. Developers, architects, managers, and technologists who wish to enhance their knowledge of Android security will find this book interesting. Some prior knowledge of development on the Android stack is desirable but not required.

  11. Security system signal supervision

    International Nuclear Information System (INIS)

    Chritton, M.R.; Matter, J.C.

    1991-09-01

    This purpose of this NUREG is to present technical information that should be useful to NRC licensees for understanding and applying line supervision techniques to security communication links. A review of security communication links is followed by detailed discussions of link physical protection and DC/AC static supervision and dynamic supervision techniques. Material is also presented on security for atmospheric transmission and video line supervision. A glossary of security communication line supervision terms is appended. 16 figs

  12. Electronic healthcare information security

    CERN Document Server

    Dube, Kudakwashe; Shoniregun, Charles A

    2010-01-01

    The ever-increasing healthcare expenditure and pressing demand for improved quality and efficiency of patient care services are driving innovation in healthcare information management. The domain of healthcare has become a challenging testing ground for information security due to the complex nature of healthcare information and individual privacy. ""Electronic Healthcare Information Security"" explores the challenges of e-healthcare information and security policy technologies. It evaluates the effectiveness of security and privacy implementation systems for anonymization methods and techniqu

  13. Demarcation of Security in Authentication Protocols

    DEFF Research Database (Denmark)

    Ahmed, Naveed; Jensen, Christian D.

    2011-01-01

    Security analysis of communication protocols is a slippery business; many “secure” protocols later turn out to be insecure. Among many, two complains are more frequent: inadequate definition of security and unstated assumptions in the security model. In our experience, one principal cause...... for such state of affairs is an apparent overlap of security and correctness, which may lead to many sloppy security definitions and security models. Although there is no inherent need to separate security and correctness requirements, practically, such separation is significant. It makes security analysis...... easier, and enables us to define security goals with a fine granularity. We present one such separation, by introducing the notion of binding sequence as a security primitive. A binding sequence, roughly speaking, is the only required security property of an authentication protocol. All other...

  14. While working around security

    DEFF Research Database (Denmark)

    Mathiasen, Niels Raabjerg; Bødker, Susanne; Petersen, Marianne Graves

    This paper describes our work at two levels. First of all the paper discusses how users of IT deal with issues of IT security in their everyday life. Secondly, we discuss how the kind of understanding of IT security that comes out of careful analyses of use confronts the ways in which usable...... IT security is established in the literature. Recent literature has called for better conceptual models as a starting point for improving IT security. In contrast to such models we propose to dress up designers by helping them better understand the work that goes into everyday security. The result...... is a methodological toolbox that helps address and design for usable and useful IT security. We deploy examples of analyses and design, carried out by ourselves and by others to fine-tune our design perspective; in particular we use examples from three current research projects....

  15. Security Administrator Street Smarts A Real World Guide to CompTIA Security+ Skills

    CERN Document Server

    Miller, David R

    2011-01-01

    A step-by-step guide to the tasks involved in security administration If you aspire to a career in security administration, one of your greatest challenges will be gaining hands-on experience. This book takes you through the most common security admin tasks step by step, showing you the way around many of the roadblocks you can expect on the job. It offers a variety of scenarios in each phase of the security administrator's job, giving you the confidence of first-hand experience. In addition, this is an ideal complement to the brand-new, bestselling CompTIA Security+ Study Guide, 5th Edition o

  16. Computer Network Security- The Challenges of Securing a Computer Network

    Science.gov (United States)

    Scotti, Vincent, Jr.

    2011-01-01

    This article is intended to give the reader an overall perspective on what it takes to design, implement, enforce and secure a computer network in the federal and corporate world to insure the confidentiality, integrity and availability of information. While we will be giving you an overview of network design and security, this article will concentrate on the technology and human factors of securing a network and the challenges faced by those doing so. It will cover the large number of policies and the limits of technology and physical efforts to enforce such policies.

  17. Principles of maximally classical and maximally realistic quantum ...

    Indian Academy of Sciences (India)

    Principles of maximally classical and maximally realistic quantum mechanics. S M ROY. Tata Institute of Fundamental Research, Homi Bhabha Road, Mumbai 400 005, India. Abstract. Recently Auberson, Mahoux, Roy and Singh have proved a long standing conjecture of Roy and Singh: In 2N-dimensional phase space, ...

  18. Layered Location-Based Security Mechanism for Mobile Sensor Networks: Moving Security Areas

    Directory of Open Access Journals (Sweden)

    Ze Wang

    2015-09-01

    Full Text Available Network security is one of the most important issues in mobile sensor networks (MSNs. Networks are particularly vulnerable in hostile environments because of many factors, such as uncertain mobility, limitations on computation, and the need for storage in mobile nodes. Though some location-based security mechanisms can resist some malicious attacks, they are only suitable for static networks and may sometimes require large amounts of storage. To solve these problems, using location information, which is one of the most important properties in outdoor wireless networks, a security mechanism called a moving security area (MSA is proposed to resist malicious attacks by using mobile nodes’ dynamic location-based keys. The security mechanism is layered by performing different detection schemes inside or outside the MSA. The location-based private keys will be updated only at the appropriate moments, considering the balance of cost and security performance. By transferring parts of the detection tasks from ordinary nodes to the sink node, the memory requirements are distributed to different entities to save limited energy.

  19. Layered Location-Based Security Mechanism for Mobile Sensor Networks: Moving Security Areas.

    Science.gov (United States)

    Wang, Ze; Zhang, Haijuan; Wu, Luqiang; Zhou, Chang

    2015-09-25

    Network security is one of the most important issues in mobile sensor networks (MSNs). Networks are particularly vulnerable in hostile environments because of many factors, such as uncertain mobility, limitations on computation, and the need for storage in mobile nodes. Though some location-based security mechanisms can resist some malicious attacks, they are only suitable for static networks and may sometimes require large amounts of storage. To solve these problems, using location information, which is one of the most important properties in outdoor wireless networks, a security mechanism called a moving security area (MSA) is proposed to resist malicious attacks by using mobile nodes' dynamic location-based keys. The security mechanism is layered by performing different detection schemes inside or outside the MSA. The location-based private keys will be updated only at the appropriate moments, considering the balance of cost and security performance. By transferring parts of the detection tasks from ordinary nodes to the sink node, the memory requirements are distributed to different entities to save limited energy.

  20. Information Security: USDA Needs to Implement Its Departmentwide Information Security Plan

    National Research Council Canada - National Science Library

    2000-01-01

    USDA has taken positive steps to begin improving its information security by developing its August 1999 Action Plan with recommendations to strengthen department-wide information security and hiring...

  1. Considerations for Cloud Security Operations

    OpenAIRE

    Cusick, James

    2016-01-01

    Information Security in Cloud Computing environments is explored. Cloud Computing is presented, security needs are discussed, and mitigation approaches are listed. Topics covered include Information Security, Cloud Computing, Private Cloud, Public Cloud, SaaS, PaaS, IaaS, ISO 27001, OWASP, Secure SDLC.

  2. International and European Security Law

    Directory of Open Access Journals (Sweden)

    Jonathan Herbach

    2012-02-01

    Full Text Available Security law, or more comprehensively conflict and security law, on the international level represents the intersection of three distinct but interrelated fields: international humanitarian law (the law of armed conflict, jus in bello, the law of collective security (most identified with the United Nations (UN system, jus ad bellum and arms control law (including non-proliferation. Security in this sense is multifaceted - interest security, military security and, as is often referred to in the context of the EU, human security. As such, the law covers a wide range of specific topics with respect to conflict, encompassing the use of force, including choice of weapons and fighting techniques, extending to the rules applicable in peacekeeping and peace enforcement, and yet also dictating obligations outside the context of conflict, such as safeguarding and securing dual-use materials (those with both peaceful and military applications to prevent malicious use.

  3. SECURITY AWARENESS – MAJOR PIECE IN THE PUZZLE OF INFORMATION SECURITY

    OpenAIRE

    MARIUS PETRESCU; NICOLETA SÎRBU; ANCA-GABRIELA PETRESCU; MIOARA BRABOVEANU

    2011-01-01

    Information security has come to be recognized as increasingly important because global communication and information systems allow a potentially large number of unauthorized users to access and possibly alter information from around the world. As the dependence on information systems grows, so the security of information networks becomes ever more critical to any entity, no matter if it is a company or a public institution. Information security involves both technology and people. Any securi...

  4. MODEL-BASED SECURITY ENGINEERING OF SOA SYSTEM USING SECURITY INTENT DSL

    OpenAIRE

    Muhammad Qaiser Saleem; Jafreezal Jaafar; Mohd Fadzil Hassan

    2011-01-01

    Currently most of the enterprises are using SOA and web services technologies to build their web information system. They are using MDA principles for design and development of WIS and using UML as a modelling language for business process modelling. Along with the increased connectivity in SOA environment, security risks rise exponentially. Security is not defined during the early phases of development and left onto developer. Properly configuring security requirements in SOA applications is...

  5. Integrated security systems design a complete reference for building enterprise-wide digital security systems

    CERN Document Server

    Norman, Thomas L

    2014-01-01

    Integrated Security Systems Design, 2nd Edition, is recognized as the industry-leading book on the subject of security systems design. It explains how to design a fully integrated security system that ties together numerous subsystems into one complete, highly coordinated, and highly functional system. With a flexible and scalable enterprise-level system, security decision makers can make better informed decisions when incidents occur and improve their operational efficiencies in ways never before possible. The revised edition covers why designing an integrated security system is essential a

  6. Do Job Security Guarantees Work?

    OpenAIRE

    Alex Bryson; Lorenzo Cappellari; Claudio Lucifora

    2004-01-01

    We investigate the effect of employer job security guarantees on employee perceptions of job security. Using linked employer-employee data from the 1998 British Workplace Employee Relations Survey, we find job security guarantees reduce employee perceptions of job insecurity. This finding is robust to endogenous selection of job security guarantees by employers engaging in organisational change and workforce reductions. Furthermore, there is no evidence that increased job security through job...

  7. BASIC CONCEPTS OF TAX SECURITY AS PART OF THE FINANCIAL SECURITY OF UKRAINE

    Directory of Open Access Journals (Sweden)

    Sergiy Golikov

    2016-11-01

    Full Text Available The purpose of the paper is to examine the essence of the term «tax security», its fundamental characteristics, such as threats, risks, interests and protection, defined how the state could provide them. The paper analyses economic, social and legal nature of the term. Key indicators of tax security of Ukraine identified and analyzed. In addition, the paper studies an integrated approach of tax security threats. In case of a big amount of threats, they divided to four main sources of threats: the state of the national economy, the state of the public finances, social features of the society and institutional environment. For each source, there have been identified and analyzed the most important factors of threats of tax security of Ukraine. Methodology. The survey based on an analysis of existing studies of Ukrainian and foreign scientists about the essence and nature of "tax security" for the last 10 years. In addition, to determine the essence and the concept, goals and objectives, methods and principles of the economic nature of the tax security, main risks, threats, expectations and results of efficient tax security identified. To build an integrated approach it is necessary to analyse all existing and potential factors of threats. There data used from reports of the State Statistics Service of Ukraine, Ministry of Economic Development and Trade of Ukraine, PWC and World Bank. Results of the survey showed that tax security is such a condition of tax security, when the process of harmonization of taxation provided under effective management of risks and threats that arise in tax area, by taking the necessary measures by the executive bodies to meet the interests of the state, society and taxpayers (business entities, organizations, people. Integrated approach of threats analysis of tax security shows that the most dangerous threats are those that are associated with poor economic development, considerable socio-economic stratification of

  8. Selection of the Best Security Controls for Rapid Development of Enterprise-Level Cyber Security

    Science.gov (United States)

    2017-03-01

    investment (ROI) assessment. This ROI assessment entailed consideration of both the likely/expected security benefits of each candidate security control...the top 10–20 cyber security controls, where ranking was based upon a return on investment (ROI) assessment. This ROI assessment entailed...11  II.  CYBER SECURITY: UNDERLYING PRINCIPLES, FUNDAMENTALS AND BEST PRACTICES .................................................13  A

  9. Security Mechanism Based on Hospital Authentication Server for Secure Application of Implantable Medical Devices

    Directory of Open Access Journals (Sweden)

    Chang-Seop Park

    2014-01-01

    Full Text Available After two recent security attacks against implantable medical devices (IMDs have been reported, the privacy and security risks of IMDs have been widely recognized in the medical device market and research community, since the malfunctioning of IMDs might endanger the patient’s life. During the last few years, a lot of researches have been carried out to address the security-related issues of IMDs, including privacy, safety, and accessibility issues. A physician accesses IMD through an external device called a programmer, for diagnosis and treatment. Hence, cryptographic key management between IMD and programmer is important to enforce a strict access control. In this paper, a new security architecture for the security of IMDs is proposed, based on a 3-Tier security model, where the programmer interacts with a Hospital Authentication Server, to get permissions to access IMDs. The proposed security architecture greatly simplifies the key management between IMDs and programmers. Also proposed is a security mechanism to guarantee the authenticity of the patient data collected from IMD and the nonrepudiation of the physician’s treatment based on it. The proposed architecture and mechanism are analyzed and compared with several previous works, in terms of security and performance.

  10. Knowledge-based computer security advisor

    International Nuclear Information System (INIS)

    Hunteman, W.J.; Squire, M.B.

    1991-01-01

    The rapid expansion of computer security information and technology has included little support to help the security officer identify the safeguards needed to comply with a policy and to secure a computing system. This paper reports that Los Alamos is developing a knowledge-based computer security system to provide expert knowledge to the security officer. This system includes a model for expressing the complex requirements in computer security policy statements. The model is part of an expert system that allows a security officer to describe a computer system and then determine compliance with the policy. The model contains a generic representation that contains network relationships among the policy concepts to support inferencing based on information represented in the generic policy description

  11. Implementing an Information Security Program

    Energy Technology Data Exchange (ETDEWEB)

    Glantz, Clifford S.; Lenaeus, Joseph D.; Landine, Guy P.; O' Neil, Lori Ross; Leitch, Rosalyn; Johnson, Christopher; Lewis, John G.; Rodger, Robert M.

    2017-11-01

    The threats to information security have dramatically increased with the proliferation of information systems and the internet. Chemical, biological, radiological, nuclear, and explosives (CBRNe) facilities need to address these threats in order to protect themselves from the loss of intellectual property, theft of valuable or hazardous materials, and sabotage. Project 19 of the European Union CBRN Risk Mitigation Centres of Excellence Initiative is designed to help CBRN security managers, information technology/cybersecurity managers, and other decision-makers deal with these threats through the application of cost-effective information security programs. Project 19 has developed three guidance documents that are publically available to cover information security best practices, planning for an information security management system, and implementing security controls for information security.

  12. 17 CFR 240.17a-6 - Right of national securities exchange, national securities association, registered clearing...

    Science.gov (United States)

    2010-04-01

    ... 17 Commodity and Securities Exchanges 3 2010-04-01 2010-04-01 false Right of national securities exchange, national securities association, registered clearing agency or the Municipal Securities... and Reports of Certain Stabilizing Activities § 240.17a-6 Right of national securities exchange...

  13. Entre a viagem, a escrita e a publicação do relato, um mar de interesses. Argentina, Chile e Nova Zelândia comparados pelo britânico Robert FitzRoy na década de 1830

    Directory of Open Access Journals (Sweden)

    Gabriel Passetti

    2013-06-01

    Full Text Available Este artigo tem por objetivo discutir as relações entre a viagem, a escrita, a publicação de um relato e os interesses pessoais e a conjuntura social e política no momento de sua redação. A discussão recai sobre as escolhas na seleção de temas e formas de descrever locais, a partir de objetivos pessoais, econômicos ou políticos. São analisadas as imagens da América do Sul e da Oceania presentes no livro Narrative of the surveying voyages of HMS Beagle, produzido pelo comandante da Marinha Britânica Robert FitzRoy, entre os anos de 1836 e 1839, no contexto de intensas discussões e projetos para a expansão do império britânico.

  14. 6th Annual Homeland Security and Defense Education Summit, Developing an Adaptive Homeland Security Environment

    OpenAIRE

    2013-01-01

    6th Annual Homeland Security and Defense Education Summit Developing an Adaptive Homeland Security Environment, Burlington, MA, September 26-28, 2013 2013 Summit Agenda Naval Postgraduate School Center for Homeland Defense and Security In Partnership With Northeastern University, Department of Homeland Security, Federal Emergency Management Agency, National Guard Homeland Security Institute, National Homeland Defense Foundation Naval Postgraduate School Center for Homeland Defense and S...

  15. Secure pairing with biometrics

    NARCIS (Netherlands)

    Buhan, I.R.; Boom, B.J.; Doumen, J.M.; Hartel, Pieter H.; Veldhuis, Raymond N.J.

    Secure pairing enables two devices that share no prior context with each other to agree upon a security association, which they can use to protect their subsequent communication. Secure pairing offers guarantees of the association partner identity and it should be resistant to eavesdropping and to a

  16. 76 FR 42395 - Business Conduct Standards for Security-Based Swap Dealers and Major Security-Based Swap...

    Science.gov (United States)

    2011-07-18

    ... Business Conduct Standards for Security-Based Swap Dealers and Major Security-Based Swap Participants...-11] RIN 3235-AL10 Business Conduct Standards for Security-Based Swap Dealers and Major Security-Based...'') relating to external business conduct standards for security-based swap dealers (``SBS Dealers'') and major...

  17. Cyber Security : Home User's Perspective

    OpenAIRE

    Ikonen, Mikko

    2014-01-01

    Cyber security is important to understand for home users. New technology allows for new cyber threats to emerge and new solutions must be considered to counter them. Nearly every device is connected to the Internet and this opens new possibilities and threats to cyber security. This Bachelor's thesis explores the different aspects of cyber security and suggests solutions to different cyber security issues found. The different aspects of cyber security under research here include personal ...

  18. Computer Security: Introduction to information and computer security (1/4)

    CERN Multimedia

    CERN. Geneva

    2012-01-01

    Sebastian Lopienski is CERN's Deputy Computer Security Officer. He works on security strategy and policies; offers internal consultancy and audit services; develops and maintains security tools for vulnerability assessment and intrusion detection; provides training and awareness raising; and does incident investigation and response. During his work at CERN since 2001, Sebastian has had various assignments, including designing and developing software to manage and support services hosted in the CERN Computer Centre; providing Central CVS Service for software projects at CERN; and development of applications for accelerator controls in Java. He graduated from the University of Warsaw (MSc in Computer Science) in 2002, and earned an MBA degree at the Enterprise Administration Institute in Aix-en-Provence and Haute Ecole de Gestion in Geneva in 2010. His professional interests include software and network security, distributed systems, and Web and mobile technologies. With the prevalence of modern information te...

  19. Secure Sessions for Web Services

    NARCIS (Netherlands)

    Reiter, M.; Bhargavan, K.; Corin, R.J.; Fournet, C.; Gordon, A.D.

    2007-01-01

    We address the problem of securing sequences of SOAP messages exchanged between web services and their clients. The WS-Security standard defines basic mechanisms to secure SOAP traffic, one message at a time. For typical web services, however, using WS-Security independently for each message is

  20. 78 FR 48076 - Facility Security Clearance and Safeguarding of National Security Information and Restricted Data

    Science.gov (United States)

    2013-08-07

    ...-2011-0268] RIN 3150-AJ07 Facility Security Clearance and Safeguarding of National Security Information..., Classified National Security Information. The rule would allow licensees flexibility in determining the means... licensee security education and training programs and enhances the protection of classified information...

  1. Information risk and security modeling

    Science.gov (United States)

    Zivic, Predrag

    2005-03-01

    This research paper presentation will feature current frameworks to addressing risk and security modeling and metrics. The paper will analyze technical level risk and security metrics of Common Criteria/ISO15408, Centre for Internet Security guidelines, NSA configuration guidelines and metrics used at this level. Information IT operational standards view on security metrics such as GMITS/ISO13335, ITIL/ITMS and architectural guidelines such as ISO7498-2 will be explained. Business process level standards such as ISO17799, COSO and CobiT will be presented with their control approach to security metrics. Top level, the maturity standards such as SSE-CMM/ISO21827, NSA Infosec Assessment and CobiT will be explored and reviewed. For each defined level of security metrics the research presentation will explore the appropriate usage of these standards. The paper will discuss standards approaches to conducting the risk and security metrics. The research findings will demonstrate the need for common baseline for both risk and security metrics. This paper will show the relation between the attribute based common baseline and corporate assets and controls for risk and security metrics. IT will be shown that such approach spans over all mentioned standards. The proposed approach 3D visual presentation and development of the Information Security Model will be analyzed and postulated. Presentation will clearly demonstrate the benefits of proposed attributes based approach and defined risk and security space for modeling and measuring.

  2. Security culture for nuclear facilities

    Science.gov (United States)

    Gupta, Deeksha; Bajramovic, Edita

    2017-01-01

    Natural radioactive elements are part of our environment and radioactivity is a natural phenomenon. There are numerous beneficial applications of radioactive elements (radioisotopes) and radiation, starting from power generation to usages in medical, industrial and agriculture applications. But the risk of radiation exposure is always attached to operational workers, the public and the environment. Hence, this risk has to be assessed and controlled. The main goal of safety and security measures is to protect human life, health, and the environment. Currently, nuclear security considerations became essential along with nuclear safety as nuclear facilities are facing rapidly increase in cybersecurity risks. Therefore, prevention and adequate protection of nuclear facilities from cyberattacks is the major task. Historically, nuclear safety is well defined by IAEA guidelines while nuclear security is just gradually being addressed by some new guidance, especially the IAEA Nuclear Security Series (NSS), IEC 62645 and some national regulations. At the overall level, IAEA NSS 7 describes nuclear security as deterrence and detection of, and response to, theft, sabotage, unauthorized access, illegal transfer or other malicious acts involving nuclear, other radioactive substances and their associated facilities. Nuclear security should be included throughout nuclear facilities. Proper implementation of a nuclear security culture leads to staff vigilance and a high level of security posture. Nuclear security also depends on policy makers, regulators, managers, individual employees and members of public. Therefore, proper education and security awareness are essential in keeping nuclear facilities safe and secure.

  3. How Secure Is Your Radiology Department? Mapping Digital Radiology Adoption and Security Worldwide.

    Science.gov (United States)

    Stites, Mark; Pianykh, Oleg S

    2016-04-01

    Despite the long history of digital radiology, one of its most critical aspects--information security--still remains extremely underdeveloped and poorly standardized. To study the current state of radiology security, we explored the worldwide security of medical image archives. Using the DICOM data-transmitting standard, we implemented a highly parallel application to scan the entire World Wide Web of networked computers and devices, locating open and unprotected radiology servers. We used only legal and radiology-compliant tools. Our security-probing application initiated a standard DICOM handshake to remote computer or device addresses, and then assessed their security posture on the basis of handshake replies. The scan discovered a total of 2774 unprotected radiology or DICOM servers worldwide. Of those, 719 were fully open to patient data communications. Geolocation was used to analyze and rank our findings according to country utilization. As a result, we built maps and world ranking of clinical security, suggesting that even the most radiology-advanced countries have hospitals with serious security gaps. Despite more than two decades of active development and implementation, our radiology data still remains insecure. The results provided should be applied to raise awareness and begin an earnest dialogue toward elimination of the problem. The application we designed and the novel scanning approach we developed can be used to identify security breaches and to eliminate them before they are compromised.

  4. Indirection and computer security.

    Energy Technology Data Exchange (ETDEWEB)

    Berg, Michael J.

    2011-09-01

    The discipline of computer science is built on indirection. David Wheeler famously said, 'All problems in computer science can be solved by another layer of indirection. But that usually will create another problem'. We propose that every computer security vulnerability is yet another problem created by the indirections in system designs and that focusing on the indirections involved is a better way to design, evaluate, and compare security solutions. We are not proposing that indirection be avoided when solving problems, but that understanding the relationships between indirections and vulnerabilities is key to securing computer systems. Using this perspective, we analyze common vulnerabilities that plague our computer systems, consider the effectiveness of currently available security solutions, and propose several new security solutions.

  5. Social security for seafarers globally

    DEFF Research Database (Denmark)

    Jensen, Olaf; Canals, Luisa; Haarløv, Erik

    2013-01-01

    Social security for seafarers globally Background: Social security protection is one of the essential elements of decent work. The issue is complex and no previous epidemiological studies of the coverage among seafarers have yet been performed. Objectives: The aim was to overcome the gap...... of knowledge to promote the discussion and planning of the implementation of social security for all seafarers. Methods: The seafarers completed a short questionnaire concerning their knowledge about their social security status. Results: Significant disparities of coverage of social security were pointed out...... comes from poorer countries without substantial social security systems. The solutions suggested are to implement the minimum requirements as recommended by the ILO 2006 Convention, to survey the implementation and in the long term to struggle for global social equality. Key words: Social security...

  6. 27 CFR 19.966 - Security.

    Science.gov (United States)

    2010-04-01

    ... 27 Alcohol, Tobacco Products and Firearms 1 2010-04-01 2010-04-01 false Security. 19.966 Section 19.966 Alcohol, Tobacco Products and Firearms ALCOHOL AND TOBACCO TAX AND TRADE BUREAU, DEPARTMENT OF... and Security § 19.966 Security. Proprietors shall provide security adequate to deter the unauthorized...

  7. The Personal Information Security Assistant

    NARCIS (Netherlands)

    Kegel, Roeland Hendrik,Pieter

    The human element is often found to be the weakest link in the information security chain. The Personal Information Security Assistant project aims to address this by improving the privacy and security awareness of end-users and by aligning the user's personal IT environment to the user's security

  8. 76 FR 46603 - Security Ratings

    Science.gov (United States)

    2011-08-03

    ... settled derivative securities). See Simplification of Registration of Reporting Requirements for Foreign... SECURITIES AND EXCHANGE COMMISSION 17 CFR Parts 200, 229, 230, 232, 239, 240, and 249 [Release No. 33-9245; 34-64975; File No. S7-18-08] RIN 3235-AK18 Security Ratings AGENCY: Securities and Exchange...

  9. Evaluating of foreign trade security

    OpenAIRE

    Vasyliev Andriy

    2015-01-01

    A method of evaluating foreign trade security is considered based on horizontally integrated approach to research security issues, taking into account the conditions of management, factors, components and levels of external security. The work was based theories of security, economics, management theory, practice of state regulation of foreign trade.

  10. Computer Security Issues in Online Banking: An Assessment from the Context of Usable Security

    Science.gov (United States)

    Mahmadi, FN; Zaaba, ZF; Osman, A.

    2016-11-01

    Today's online banking is a convenient mode of finance management. Despite the ease of doing online banking, there are people that still sceptical in utilizing it due to perception and its security. This paper highlights the subject of online banking security in Malaysia, especially from the perspective of the end-users. The study is done by assessing human computer interaction, usability and security. An online survey utilising 137 participants was previously conducted to gain preliminary insights on security issues of online banking in Malaysia. Following from those results, 37 participants were interviewed to gauge deeper understanding about end-users perception on online banking within the context of usable security. The results suggested that most of the end-users are continuingly experiencing significant difficulties especially in relation to the technical terminologies, security features and other technical issues. Although the security features are provided to provide a shield or protection, users are still incapable to cope with the technical aspects of such implementation.

  11. Advanced API security securing APIs with OAuth 2.0, OpenID Connect, JWS, and JWE

    CERN Document Server

    Siriwardena, Prabath

    2014-01-01

    Advanced API Security is a complete reference to the next wave of challenges in enterprise security--securing public and private APIs. API adoption in both consumer and enterprises has gone beyond predictions. It has become the 'coolest' way of exposing business functionalities to the outside world. Both your public and private APIs, need to be protected, monitored and managed. Security is not an afterthought, but API security has evolved a lot in last five years. The growth of standards, out there, has been exponential. That's where AdvancedAPI Security comes in--to wade through the weeds

  12. Security Dynamics of Cloud Computing

    OpenAIRE

    Khan, Khaled M.

    2009-01-01

    This paper explores various dimensions of cloud computing security. It argues that security concerns of cloud computing need to be addressed from the perspective of individual stakeholder. Security focuses of cloud computing are essentially different in terms of its characteristics and business model. Conventional way of viewing as well as addressing security such as ‘bolting-in’ on the top of cloud computing may not work well. The paper attempts to portray the security spectrum necessary for...

  13. Selecting Security Technology Providers

    Science.gov (United States)

    Schneider, Tod

    2009-01-01

    The world of security technology holds great promise, but it is fraught with opportunities for expensive missteps and misapplications. The quality of the security technology consultants and system integrators one uses will have a direct bearing on how well his school masters this complex subject. Security technology consultants help determine…

  14. 7 CFR 4274.326 - Security.

    Science.gov (United States)

    2010-01-01

    ... 7 Agriculture 15 2010-01-01 2010-01-01 false Security. 4274.326 Section 4274.326 Agriculture... (IRP) § 4274.326 Security. (a) Intermediaries. Security for all loans to intermediaries must be such... and the Government. (1) Security for such loans may include, but is not limited to: (i) Any realty...

  15. 7 CFR 1780.14 - Security.

    Science.gov (United States)

    2010-01-01

    ... 7 Agriculture 12 2010-01-01 2010-01-01 false Security. 1780.14 Section 1780.14 Agriculture... (CONTINUED) WATER AND WASTE LOANS AND GRANTS General Policies and Requirements § 1780.14 Security. Loans will be secured by the best security position practicable in a manner which will adequately protect the...

  16. A Portable Computer Security Workshop

    Science.gov (United States)

    Wagner, Paul J.; Phillips, Andrew T.

    2006-01-01

    We have developed a computer security workshop designed to instruct post-secondary instructors who want to start a course or laboratory exercise sequence in computer security. This workshop has also been used to provide computer security education to IT professionals and students. It is effective in communicating basic computer security principles…

  17. Securing remote services by integrating SecurID strong authentication technology in EFDA-Federation infrastructure

    Energy Technology Data Exchange (ETDEWEB)

    Castro, R., E-mail: rodrigo.castro@visite.es [Asociacion EURATOM/CIEMAT para Fusion, Madrid (Spain); Barbato, P. [Consorzio RFX, Euratom ENEA Association, Corso Stati Uniti 4, 35127 Padova (Italy); Vega, J. [Asociacion EURATOM/CIEMAT para Fusion, Madrid (Spain); Taliercio, C. [Consorzio RFX, Euratom ENEA Association, Corso Stati Uniti 4, 35127 Padova (Italy)

    2011-10-15

    Remote participation facilities among fusion laboratories require access control solutions with two main objectives: to preserve the usability of the systems and to guaranty the required level of security for accessing to shared services. On one hand, this security solution has to be: single-sign-on, transparent for users, compatible with user mobility, and compatible with used client applications. On the other hand, it has to be compatible with shared services and resources among organisations, providing in each case the required access security level. EFDA-Federation is a security infrastructure that integrates a set of fusion laboratories and enables to share resources and services fulfilling the requirements previously described. In EFDA community, JET and RFX have security access policies to some of their services that require strong authentication mechanisms. In both cases, strong authentication is based on RSA SecurID tokens. This is a hardware device that is supplied to and generates a new password every minute. The job presents two main results. The first one is the integration of RSA SecurID into EFDA-Federation. Thanks to it, federated organisations are able to offer SecurID to their users as an alternative strong authentication mechanism, with the corresponding increase of security level. The second result is the development of a new access control mechanism based on port knocking techniques and its integration into EFDA-Federation. Additionally, a real application in RFX is presented and includes the integration of its SecurID infrastructure as federated authentication mechanism, and the application of the new access control mechanism to its MDSplus server.

  18. Securing remote services by integrating SecurID strong authentication technology in EFDA-Federation infrastructure

    International Nuclear Information System (INIS)

    Castro, R.; Barbato, P.; Vega, J.; Taliercio, C.

    2011-01-01

    Remote participation facilities among fusion laboratories require access control solutions with two main objectives: to preserve the usability of the systems and to guaranty the required level of security for accessing to shared services. On one hand, this security solution has to be: single-sign-on, transparent for users, compatible with user mobility, and compatible with used client applications. On the other hand, it has to be compatible with shared services and resources among organisations, providing in each case the required access security level. EFDA-Federation is a security infrastructure that integrates a set of fusion laboratories and enables to share resources and services fulfilling the requirements previously described. In EFDA community, JET and RFX have security access policies to some of their services that require strong authentication mechanisms. In both cases, strong authentication is based on RSA SecurID tokens. This is a hardware device that is supplied to and generates a new password every minute. The job presents two main results. The first one is the integration of RSA SecurID into EFDA-Federation. Thanks to it, federated organisations are able to offer SecurID to their users as an alternative strong authentication mechanism, with the corresponding increase of security level. The second result is the development of a new access control mechanism based on port knocking techniques and its integration into EFDA-Federation. Additionally, a real application in RFX is presented and includes the integration of its SecurID infrastructure as federated authentication mechanism, and the application of the new access control mechanism to its MDSplus server.

  19. Network and Database Security: Regulatory Compliance, Network, and Database Security - A Unified Process and Goal

    Directory of Open Access Journals (Sweden)

    Errol A. Blake

    2007-12-01

    Full Text Available Database security has evolved; data security professionals have developed numerous techniques and approaches to assure data confidentiality, integrity, and availability. This paper will show that the Traditional Database Security, which has focused primarily on creating user accounts and managing user privileges to database objects are not enough to protect data confidentiality, integrity, and availability. This paper is a compilation of different journals, articles and classroom discussions will focus on unifying the process of securing data or information whether it is in use, in storage or being transmitted. Promoting a change in Database Curriculum Development trends may also play a role in helping secure databases. This paper will take the approach that if one make a conscientious effort to unifying the Database Security process, which includes Database Management System (DBMS selection process, following regulatory compliances, analyzing and learning from the mistakes of others, Implementing Networking Security Technologies, and Securing the Database, may prevent database breach.

  20. Android Applications Security

    Directory of Open Access Journals (Sweden)

    Paul POCATILU

    2011-01-01

    Full Text Available The use of smartphones worldwide is growing very fast and also the malicious attacks have increased. The mobile security applications development keeps the pace with this trend. The paper presents the vulnerabilities of mobile applications. The Android applications and devices are analyzed through the security perspective. The usage of restricted API is also presented. The paper also focuses on how users can prevent these malicious attacks and propose some prevention measures, including the architecture of a mobile security system for Android devices.

  1. Cloud Computing Security

    OpenAIRE

    Ngongang, Guy

    2011-01-01

    This project aimed to show how possible it is to use a network intrusion detection system in the cloud. The security in the cloud is a concern nowadays and security professionals are still finding means to make cloud computing more secure. First of all the installation of the ESX4.0, vCenter Server and vCenter lab manager in server hardware was successful in building the platform. This allowed the creation and deployment of many virtual servers. Those servers have operating systems and a...

  2. Information security management handbook

    CERN Document Server

    Tipton, Harold F

    2003-01-01

    Since 1993, the Information Security Management Handbook has served not only as an everyday reference for information security practitioners but also as an important document for conducting the intense review necessary to prepare for the Certified Information System Security Professional (CISSP) examination. Now completely revised and updated and in its fifth edition, the handbook maps the ten domains of the Information Security Common Body of Knowledge and provides a complete understanding of all the items in it. This is a ...must have... book, both for preparing for the CISSP exam and as a c

  3. Information security foundations, technologies and applications

    CERN Document Server

    Awad, Ali Ismail; Fairhurst, Michael

    2018-01-01

    This book outlines key emerging trends in information security from the foundations and technologies in biometrics, cybersecurity, and big data security to applications in hardware and embedded systems security, computer forensics, the Internet of Things security, and network security.

  4. Perspectives on Energy Security

    International Nuclear Information System (INIS)

    Carlsson-Kanyama, Annika; Holmgren, Aake J.; Joensson, Thomas; Larsson, Robert L.

    2007-05-01

    A common notion of 'Energy Security' is that it includes access to energy resources without risking the the survival of the state. 'Security of supply' is most often the concept emphasized in the political discourse on energy security and it includes both production as well as secure and safe delivery of energy to the end consumers. Another aspect of energy security is the need for reducing energy consumption by improving energy efficiency. In this report, eight chapters covering these and other perspectives on energy security are presented. Six of the chapters deal with the supply perspective. Included topics cover power politics and geopolitical perspectives regarding large infrastructure projects and the ambitions of the EU in this regard. Further, methods and approaches for conducting risk analyses of electricity supply systems as well as for improving the security of digital control systems are discussed. As climate change will affect the supply and distribution of energy, one chapter presents an overview of this topic. The consumption perspective is discussed against the backdrop of research about household consumption practices and the role of climate change for future consumption levels. Finally, the role of armed forces as a large energy users is touched upon, as well as how so-called 'future studies' have dealt with energy as a topic

  5. Security Components of Globalization

    Directory of Open Access Journals (Sweden)

    Florin Iftode

    2015-05-01

    Full Text Available The objective of this paper is our intention to present what are the main connections between globalization and international security. In terms of global security we can perceive the globalization as a process by which global state is represented by the UN, with a single world system, represented by major security organizations and with global effects. We will present from the beginning the main theoretical aspects that define the phenomenon of globalization, and then our contribution in assessing the implications of this phenomenon on the regional and global security. The results of our research are materialized in the last part of the paper. They emphasize the personal assessments on how the phenomenon of globalization has direct effect on global security. When talking about government, we think of norms, rules and decisionmaking procedures in the management of international life. The value that we add to the new scientific interpretation of the definition of globalization is represented, primarily, by the valuable bibliographic used resources and the original approach on the concept that refers to the links between globalization and security. This article may be, at any time, a starting point in an interesting research direction in the field of global security.

  6. Operations Security (OPSEC) Guide

    Science.gov (United States)

    2011-04-01

    Request for Proposal TAC Threat Analysis Center TECHINT Technical Intelligence TMAP Telecommunications Monitoring and Assessment Program TTP...communications security, use of secure telephones, and a robust Telecommunications Monitoring and Assessment Program ( TMAP ) prevents undetermined...and AFI 33-219, Telecommunications Monitoring and Assessment Program ( TMAP ), or Information Assurance (IA) or Communications Security (COMSEC

  7. 12 CFR 561.44 - Security.

    Science.gov (United States)

    2010-01-01

    ... 12 Banks and Banking 5 2010-01-01 2010-01-01 false Security. 561.44 Section 561.44 Banks and... SAVINGS ASSOCIATIONS § 561.44 Security. The term security means any non-withdrawable account, note, stock... commonly known as a security, or any certificate of interest or participation in, temporary or interim...

  8. 9 CFR 121.11 - Security.

    Science.gov (United States)

    2010-01-01

    ... 9 Animals and Animal Products 1 2010-01-01 2010-01-01 false Security. 121.11 Section 121.11... AGENTS AND TOXINS § 121.11 Security. (a) An individual or entity required to register under this part must develop and implement a written security plan. The security plan must be sufficient to safeguard...

  9. 7 CFR 3560.610 - Security.

    Science.gov (United States)

    2010-01-01

    ... 7 Agriculture 15 2010-01-01 2010-01-01 false Security. 3560.610 Section 3560.610 Agriculture... DIRECT MULTI-FAMILY HOUSING LOANS AND GRANTS On-Farm Labor Housing § 3560.610 Security. (a) Security... housing will be located on a tract of land that is surveyed such that, for security purposes, it is...

  10. European Security

    DEFF Research Database (Denmark)

    Møller, Bjørn

    Theoretical chapters on "Security", "Organisations" and "Regions," Historical Chapters on "Europe and Its Distinguishing Features" and on "The United Nations," "NATO," "The CSCE/OSCE and the Council of Europe" and "The European Union"......Theoretical chapters on "Security", "Organisations" and "Regions," Historical Chapters on "Europe and Its Distinguishing Features" and on "The United Nations," "NATO," "The CSCE/OSCE and the Council of Europe" and "The European Union"...

  11. Improving the redistribution of the security lessons in healthcare: An evaluation of the Generic Security Template.

    Science.gov (United States)

    He, Ying; Johnson, Chris

    2015-11-01

    The recurrence of past security breaches in healthcare showed that lessons had not been effectively learned across different healthcare organisations. Recent studies have identified the need to improve learning from incidents and to share security knowledge to prevent future attacks. Generic Security Templates (GSTs) have been proposed to facilitate this knowledge transfer. The objective of this paper is to evaluate whether potential users in healthcare organisations can exploit the GST technique to share lessons learned from security incidents. We conducted a series of case studies to evaluate GSTs. In particular, we used a GST for a security incident in the US Veterans' Affairs Administration to explore whether security lessons could be applied in a very different Chinese healthcare organisation. The results showed that Chinese security professional accepted the use of GSTs and that cyber security lessons could be transferred to a Chinese healthcare organisation using this approach. The users also identified the weaknesses and strengths of GSTs, providing suggestions for future improvements. Generic Security Templates can be used to redistribute lessons learned from security incidents. Sharing cyber security lessons helps organisations consider their own practices and assess whether applicable security standards address concerns raised in previous breaches in other countries. The experience gained from this study provides the basis for future work in conducting similar studies in other healthcare organisations. Copyright © 2015 Elsevier Ireland Ltd. All rights reserved.

  12. Wireshark network security

    CERN Document Server

    Verma, Piyush

    2015-01-01

    If you are network administrator or a security analyst with an interest in using Wireshark for security analysis, then this is the book for you. Basic familiarity with common network and application services terms and technologies is assumed.

  13. Military veterans and Social Security.

    Science.gov (United States)

    Olsen, Anya

    There are 9.4 million military veterans receiving Social Security benefits, which means that almost one out of every four adult Social Security beneficiaries has served in the United States military. In addition, veterans and their families make up almost 40 percent of the adult Social Security beneficiary population. Policymakers are particularly interested in military veterans and their families and have provided them with benefits through several government programs, including Social Security credits, home loan guarantees, and compensation and pension payments through the Department of Veterans Affairs. It is therefore important to understand the economic and demographic characteristics of this population. Information in this article is based on data from the March 2004 Current Population Survey, a large, nationally representative survey of U.S. households. Veterans are overwhelmingly male compared with all adult Social Security beneficiaries who are more evenly split between males and females. Military veterans receiving Social Security are more likely to be married and to have finished high school compared with all adult Social Security beneficiaries, and they are less likely to be poor or near poor than the overall beneficiary population. Fourteen percent of veterans receiving Social Security benefits have income below 150 percent of poverty, while 25 percent of all adult Social Security beneficiaries are below this level. The higher economic status among veterans is also reflected in the relatively high Social Security benefits they receive. The number of military veterans receiving Social Security benefits will remain high over the next few decades, while their make-up and characteristics will change. In particular, the number of Vietnam War veterans who receive Social Security will increase in the coming decades, while the number of veterans from World War II and the Korean War will decline.

  14. Nuclear Security Education in Morocco

    International Nuclear Information System (INIS)

    Hakam, O.K.

    2015-01-01

    Morocco has made significant progress in the field of nuclear security by supporting the efforts and activities of the International Atomic Energy Agency (IAEA), promoting nuclear security under international initiatives and continues to undertake actions aiming at strengthening capacity building in nuclear security. As well, Morocco has developed a new law on radiological and nuclear safety and security which was promulgated in 2014. Some Moroccan universities in cooperation with the IAEA-International Nuclear Security Education Network (INSEN) and the US-DoS Partnership for Nuclear Security (PNS) are working to develop their nuclear security educational programmes. In this regard, faculties who have been involved in INSEN Professional Development Courses (PDCs) have acquired a high-quality of knowledge and teaching tools in nuclear security topics that led them to be able to develop and teach their nuclear security curriculum as is the case at the University of Ibn Tofail. Furthermore, University of Ibn Tofail has developed in 2014 with collaboration with CRDFGlobal the first Institute of Nuclear Material Management (INMM) Student Chapter in Africa. This Chapter has organized many events to promote best practices among the young generation. Moreover, University of Ibn Tofail and Brandenburg University in Germany are working to develop a PDC on Nuclear IT/Cyber Security to be held in Kenitra, Morocco. This PDC aims at building capacity among the academic communities from Africa and MENA Region in order to further raise awareness, develop and disseminate best practices, increase professional standards and therefore enhance nuclear security culture. So, this paper will present some nuclear security education activities in Morocco and more specifically at the University of Ibn Tofail. These activities involve women as leaders but also contribute in education and training of young generation of women in nuclear field. (author)

  15. IPv6 Security

    Science.gov (United States)

    Babik, M.; Chudoba, J.; Dewhurst, A.; Finnern, T.; Froy, T.; Grigoras, C.; Hafeez, K.; Hoeft, B.; Idiculla, T.; Kelsey, D. P.; López Muñoz, F.; Martelli, E.; Nandakumar, R.; Ohrenberg, K.; Prelz, F.; Rand, D.; Sciabà, A.; Tigerstedt, U.; Traynor, D.; Wartel, R.

    2017-10-01

    IPv4 network addresses are running out and the deployment of IPv6 networking in many places is now well underway. Following the work of the HEPiX IPv6 Working Group, a growing number of sites in the Worldwide Large Hadron Collider Computing Grid (WLCG) are deploying dual-stack IPv6/IPv4 services. The aim of this is to support the use of IPv6-only clients, i.e. worker nodes, virtual machines or containers. The IPv6 networking protocols while they do contain features aimed at improving security also bring new challenges for operational IT security. The lack of maturity of IPv6 implementations together with the increased complexity of some of the protocol standards raise many new issues for operational security teams. The HEPiX IPv6 Working Group is producing guidance on best practices in this area. This paper considers some of the security concerns for WLCG in an IPv6 world and presents the HEPiX IPv6 working group guidance for the system administrators who manage IT services on the WLCG distributed infrastructure, for their related site security and networking teams and for developers and software engineers working on WLCG applications.

  16. Conceptualizing energy security

    International Nuclear Information System (INIS)

    Winzer, Christian

    2012-01-01

    Energy security is one of the main targets of energy policy. However, the term has not been clearly defined, which makes it hard to measure and difficult to balance against other policy objectives. We review the multitude of definitions of energy security. They can be characterized according to the sources of risk, the scope of the impacts, and the severity filters in the form of the speed, size, sustention, spread, singularity and sureness of impacts. Using a stylized case study for three European countries, we illustrate how the selection of conceptual boundaries along these dimensions determines the outcome. This can be avoided by more clearly separating between security of supply and other policy objectives. This leads us to the definition of energy security as the continuity of energy supplies relative to demand. - Highlights: ► The widest energy security concept includes all risks that are caused by or have an impact on the energy supply chain. ► Authors narrow this down by choosing different risk sources, impact measures and subjective severity filters in their definitions. ► The selection of conceptual boundaries determines outcome of quantitative studies.

  17. 7 CFR 1822.269 - Security.

    Science.gov (United States)

    2010-01-01

    ... 7 Agriculture 12 2010-01-01 2010-01-01 false Security. 1822.269 Section 1822.269 Agriculture..., Procedures, and Authorizations § 1822.269 Security. Each loan will be secured by a mortgage on the property purchased or improved with the loan, and a security interest in the funds held by the corporation in trust...

  18. 42 CFR 73.11 - Security.

    Science.gov (United States)

    2010-10-01

    ... 42 Public Health 1 2010-10-01 2010-10-01 false Security. 73.11 Section 73.11 Public Health PUBLIC... AND TOXINS § 73.11 Security. (a) An individual or entity required to register under this part must develop and implement a written security plan. The security plan must be sufficient to safeguard the...

  19. 22 CFR 8.7 - Security.

    Science.gov (United States)

    2010-04-01

    ... 22 Foreign Relations 1 2010-04-01 2010-04-01 false Security. 8.7 Section 8.7 Foreign Relations DEPARTMENT OF STATE GENERAL ADVISORY COMMITTEE MANAGEMENT § 8.7 Security. (a) All officers and members of a committee must have a security clearance for the subject matter level of security at which the committee...

  20. Modified Small Business Network Security

    OpenAIRE

    Md. Belayet Ali; Oveget Das; Md. Shamim Hossain

    2012-01-01

    This paper covers some likely threats and effectivesteps for a secure small business. It also involves a flowchart tocomprehend the overall small business network security easilyand we identify a set of security issues and applyappropriate techniques to satisfy the correspondingsecurity requirements. In respect of all, this document isstrong enough for any small business network security.

  1. Cryptography for Big Data Security

    Science.gov (United States)

    2015-07-13

    Cryptography for Big Data Security Book Chapter for Big Data: Storage, Sharing, and Security (3S) Distribution A: Public Release Ariel Hamlin1 Nabil...Email: arkady@ll.mit.edu ii Contents 1 Cryptography for Big Data Security 1 1.1 Introduction...48 Chapter 1 Cryptography for Big Data Security 1.1 Introduction With the amount

  2. About Security in Contemporary World

    Directory of Open Access Journals (Sweden)

    Ladislav Hofreiter

    2015-06-01

    Full Text Available The task to ensure security in contemporary world is a complicated political, scientific-technological and socio-economic problem. As the security itself is complicated, multifactor and hierarchized phenomen also its investigation has to be of an interdisciplinary character. The character of security environment, the character of security risks and threats and also the character of tools for their elimination are essentially changing. The basis to security of social subject consisted in arrangement of the conditions for their existence, to surviving in the present time and advancement into the future. Assurance of this condition means it provided ability to the social subjects to eliminated threats that are defined. In situations of asymmetrical security, the threats are not always clearly defined. They often consist of their own structure systems, in relationships and status the subjects of internationals relations. Asymmetrical of security, by our opinion, presents a discrepancy, unbalance, non-parity between subjects of the international security environment. The unbalance, discrepancy, non-parity has political, military, economic, law, social and societal dimensions.

  3. Computer Security Handbook

    CERN Document Server

    Bosworth, Seymour; Whyne, Eric

    2012-01-01

    The classic and authoritative reference in the field of computer security, now completely updated and revised With the continued presence of large-scale computers; the proliferation of desktop, laptop, and handheld computers; and the vast international networks that interconnect them, the nature and extent of threats to computer security have grown enormously. Now in its fifth edition, Computer Security Handbook continues to provide authoritative guidance to identify and to eliminate these threats where possible, as well as to lessen any losses attributable to them. With seventy-seven chapter

  4. Privacy vs security

    CERN Document Server

    Stalla-Bourdillon, Sophie; Ryan, Mark D

    2014-01-01

    Securing privacy in the current environment is one of the great challenges of today's democracies. Privacy vs. Security explores the issues of privacy and security and their complicated interplay, from a legal and a technical point of view. Sophie Stalla-Bourdillon provides a thorough account of the legal underpinnings of the European approach to privacy and examines their implementation through privacy, data protection and data retention laws. Joshua Philips and Mark D. Ryan focus on the technological aspects of privacy, in particular, on today's attacks on privacy by the simple use of today'

  5. Transmission grid security

    CERN Document Server

    Haarla, Liisa; Hirvonen, Ritva; Labeau, Pierre-Etienne

    2011-01-01

    In response to the growing importance of power system security and reliability, ""Transmission Grid Security"" proposes a systematic and probabilistic approach for transmission grid security analysis. The analysis presented uses probabilistic safety assessment (PSA) and takes into account the power system dynamics after severe faults. In the method shown in this book the power system states (stable, not stable, system breakdown, etc.) are connected with the substation reliability model. In this way it is possible to: estimate the system-wide consequences of grid faults; identify a chain of eve

  6. Security basics for computer architects

    CERN Document Server

    Lee, Ruby B

    2013-01-01

    Design for security is an essential aspect of the design of future computers. However, security is not well understood by the computer architecture community. Many important security aspects have evolved over the last several decades in the cryptography, operating systems, and networking communities. This book attempts to introduce the computer architecture student, researcher, or practitioner to the basic concepts of security and threat-based design. Past work in different security communities can inform our thinking and provide a rich set of technologies for building architectural support fo

  7. Emerging trends in ICT security

    CERN Document Server

    Akhgar, Babak

    2013-01-01

    Emerging Trends in ICT Security, an edited volume, discusses the foundations and theoretical aspects of ICT security; covers trends, analytics, assessments and frameworks necessary for performance analysis and evaluation; and gives you the state-of-the-art knowledge needed for successful deployment of security solutions in many environments. Application scenarios provide you with an insider's look at security solutions deployed in real-life scenarios, including but limited to smart devices, biometrics, social media, big data security, and crowd sourcing. Provides a multidisciplinary approach

  8. Efficient secure two-party protocols

    CERN Document Server

    Hazay, Carmit

    2010-01-01

    The authors present a comprehensive study of efficient protocols and techniques for secure two-party computation -- both general constructions that can be used to securely compute any functionality, and protocols for specific problems of interest. The book focuses on techniques for constructing efficient protocols and proving them secure. In addition, the authors study different definitional paradigms and compare the efficiency of protocols achieved under these different definitions.The book opens with a general introduction to secure computation and then presents definitions of security for a

  9. Information security principles and practice

    CERN Document Server

    Stamp, Mark

    2011-01-01

    Now updated-your expert guide to twenty-first century information security Information security is a rapidly evolving field. As businesses and consumers become increasingly dependent on complex multinational information systems, it is more imperative than ever to protect the confidentiality and integrity of data. Featuring a wide array of new information on the most current security issues, this fully updated and revised edition of Information Security: Principles and Practice provides the skills and knowledge readers need to tackle any information security challenge. Taking a pract

  10. Embedding security messages in existing processes: a pragmatic and effective approach to information security culture change

    CERN Document Server

    Lopienski, Sebastian

    Companies and organizations world-wide depend more and more on IT infrastructure and operations. Computer systems store vital information and sensitive data; computing services are essential for main business processes. This high dependency comes with a number of security risks, which have to be managed correctly on technological, organizational and human levels. Addressing the human aspects of information security often boils down just to procedures, training and awareness raising. On the other hand, employees and collaborators do not adopt security attitude and habits simply when told to do so – a real change in behaviour requires an established security culture. But how to introduce a security culture? This thesis outlines the need of developing or improving security culture, and discusses how this can be done. The proposed approach is to gradually build security knowledge and awareness, and influence behaviours. The way to achieve this is to make security communication pervasive by embedding security me...

  11. 32 CFR 154.61 - Security education.

    Science.gov (United States)

    2010-07-01

    ... 32 National Defense 1 2010-07-01 2010-07-01 false Security education. 154.61 Section 154.61... PERSONNEL SECURITY PROGRAM REGULATION Continuing Security Responsibilities § 154.61 Security education. (a.... Through security briefings and education, the Department of Defense continues to provide for the...

  12. Process Security in Chemical Engineering Education

    Science.gov (United States)

    Piluso, Cristina; Uygun, Korkut; Huang, Yinlun; Lou, Helen H.

    2005-01-01

    The threats of terrorism have greatly alerted the chemical process industries to assure plant security at all levels: infrastructure-improvement-focused physical security, information-protection-focused cyber security, and design-and-operation-improvement-focused process security. While developing effective plant security methods and technologies…

  13. Engineering Principles for Information Technology Security (A Baseline for Achieving Security)

    National Research Council Canada - National Science Library

    Stoneburner, Gary

    2001-01-01

    The purpose of the Engineering Principles for Information Technology (IT) Security (HP-ITS) is to present a list of system-level security principles to he considered in the design, development, and operation of an information system...

  14. The security analyzer: A security analyzer program written in Prolog

    International Nuclear Information System (INIS)

    Zimmerman, B.D.; Densley, P.J.

    1986-09-01

    The Security Analyzer is a software tool capable of analyzing the effectiveness of a facility's security system. It is written in the Prolog logic programming computer language, using entity-relationship data modeling techniques. The program performs the following functions: (1) provides descriptive, locational and operational status information about intrusion detectors and assessment devices (i.e., ''sensors'' and ''cameras'') upon request; (2) provides for storage and retrieval of maintenance history information for various components of the security system (including intrusion detectors), and allows for changing that information as desired; (3) provides a ''search'' mode, wherein all paths are found from any specified physical location to another specified location which satisfy user chosen ''intruder detection'' probability and elapsed time criteria (i.e., the program finds the ''weakest paths'' from a security point of view). The first two of these functions can be provided fairly easily with a conventional database program; the third function could be provided using Fortran or some similar language, though with substantial difficulty. In the Security Analyzer program, all these functions are provided in a simple and straight-forward manner. This simplicity is possible because the program is written in the symbolic (as opposed to numeric) processing language Prolog, and because the knowledge base is structured according to entity-relationship modeling principles. Also, the use of Prolog and the entity-relationship modeling technique allows the capabilities of the Security analyzer program, both for knowledge base interrogation and for searching-type operations, to be easily expanded in ways that would be very difficult for a numeric and more algorithmically deterministic language such as Fortran to duplicate. 4 refs

  15. EPICS: Channel Access security design

    International Nuclear Information System (INIS)

    Kraimer, M.; Hill, J.

    1994-05-01

    This document presents the design for implementing the requirements specified in: EPICS -- Channel Access Security -- functional requirements, Ned. D. Arnold, 03/09/92. Use of the access security system is described along with a summary of the functional requirements. The programmer's interface is given. Security protocol is described and finally aids for reading the access security code are provided

  16. Tele-Lab IT-Security: an Architecture for an online virtual IT Security Lab

    Directory of Open Access Journals (Sweden)

    Christoph Meinel

    2008-05-01

    Full Text Available Recently, Awareness Creation in terms of IT security has become a big thing – not only for enterprises. Campaigns for pupils try to highlight the importance of IT security even in the user’s early years. Common practices in security education – as seen in computer science courses at universities – mainly consist of literature and lecturing. In the best case, the teaching facility offers practical courses in a dedicated isolated computer lab. Additionally, there are some more or less interactive e-learning applications around. Most existing offers can do nothing more than impart theoretical knowledge or basic information. They all lack of possibilities to provide practical experience with security software or even hacker tools in a realistic environment. The only exceptions are the expensive and hard-to-maintain dedicated computer security labs. Those can only be provided by very few organizations. Tele-Lab IT-Security was designed to offer hands-on experience exercises in IT security without the need of additional hardware or maintenance expenses. The existing implementation of Tele-Lab even provides access to the learning environment over the Internet – and thus can be used anytime and anywhere. The present paper describes the extended architecture on which the current version of the Tele-Lab server is built.

  17. The remote security station (RSS)

    International Nuclear Information System (INIS)

    Pletta, J.B.

    1991-01-01

    This paper reports that, as an outgrowth of research into physical security systems, Sandia is investigating robotic technologies for improving physical security performance and flexibility. Robotic systems have the potential to allow more effective utilization of security personnel, especially in scenarios where they might be exposed to harm. They also can supplement fixed site installations where sensors have failed or where transient assets are present. The Remote Security Station (RSS) program for the defense Nuclear Agency is developing a proof-of-principle robotic system which will be used to evaluate the role, and associated cost, of robotic technologies in exterior physical security systems. The RSS consists of three primary elements: a fixed but quickly moveable tripod with intrusion detection sensors and assessment camera; a mobile robotic platform with a functionally identical security module; and a control console which allows an operator to perform security functions and teleoperate the mobile platform

  18. Secure Java For Web Application Development

    CERN Document Server

    Bhargav, Abhay

    2010-01-01

    As the Internet has evolved, so have the various vulnerabilities, which largely stem from the fact that developers are unaware of the importance of a robust application security program. This book aims to educate readers on application security and building secure web applications using the new Java Platform. The text details a secure web application development process from the risk assessment phase to the proof of concept phase. The authors detail such concepts as application risk assessment, secure SDLC, security compliance requirements, web application vulnerabilities and threats, security

  19. Water security evaluation in Yellow River basin

    Science.gov (United States)

    Jiang, Guiqin; He, Liyuan; Jing, Juan

    2018-03-01

    Water security is an important basis for making water security protection strategy, which concerns regional economic and social sustainable development. In this paper, watershed water security evaluation index system including 3 levels of 5 criterion layers (water resources security, water ecological security and water environment security, water disasters prevention and control security and social economic security) and 24 indicators were constructed. The entropy weight method was used to determine the weights of the indexes in the system. The water security index of 2000, 2005, 2010 and 2015 in Yellow River basin were calculated by linear weighting method based on the relative data. Results show that the water security conditions continue to improve in Yellow River basin but still in a basic security state. There is still a long way to enhance the water security in Yellow River basin, especially the water prevention and control security, the water ecological security and water environment security need to be promoted vigorously.

  20. Cloud Computing Security: A Survey

    Directory of Open Access Journals (Sweden)

    Issa M. Khalil

    2014-02-01

    Full Text Available Cloud computing is an emerging technology paradigm that migrates current technological and computing concepts into utility-like solutions similar to electricity and water systems. Clouds bring out a wide range of benefits including configurable computing resources, economic savings, and service flexibility. However, security and privacy concerns are shown to be the primary obstacles to a wide adoption of clouds. The new concepts that clouds introduce, such as multi-tenancy, resource sharing and outsourcing, create new challenges to the security community. Addressing these challenges requires, in addition to the ability to cultivate and tune the security measures developed for traditional computing systems, proposing new security policies, models, and protocols to address the unique cloud security challenges. In this work, we provide a comprehensive study of cloud computing security and privacy concerns. We identify cloud vulnerabilities, classify known security threats and attacks, and present the state-of-the-art practices to control the vulnerabilities, neutralize the threats, and calibrate the attacks. Additionally, we investigate and identify the limitations of the current solutions and provide insights of the future security perspectives. Finally, we provide a cloud security framework in which we present the various lines of defense and identify the dependency levels among them. We identify 28 cloud security threats which we classify into five categories. We also present nine general cloud attacks along with various attack incidents, and provide effectiveness analysis of the proposed countermeasures.

  1. Enabling Dynamic Security Management of Networked Systems via Device-Embedded Security

    National Research Council Canada - National Science Library

    Ganger, Gregory

    2000-01-01

    This report contains the technical content of a recent funding proposal. In it, we propose a new approach to network security in which each individual device erects its own security perimeter and defends its own critical resources...

  2. Competitive Cyber-Insurance and Internet Security

    Science.gov (United States)

    Shetty, Nikhil; Schwartz, Galina; Felegyhazi, Mark; Walrand, Jean

    This paper investigates how competitive cyber-insurers affect network security and welfare of the networked society. In our model, a user's probability to incur damage (from being attacked) depends on both his security and the network security, with the latter taken by individual users as given. First, we consider cyberinsurers who cannot observe (and thus, affect) individual user security. This asymmetric information causes moral hazard. Then, for most parameters, no equilibrium exists: the insurance market is missing. Even if an equilibrium exists, the insurance contract covers only a minor fraction of the damage; network security worsens relative to the no-insurance equilibrium. Second, we consider insurers with perfect information about their users' security. Here, user security is perfectly enforceable (zero cost); each insurance contract stipulates the required user security. The unique equilibrium contract covers the entire user damage. Still, for most parameters, network security worsens relative to the no-insurance equilibrium. Although cyber-insurance improves user welfare, in general, competitive cyber-insurers fail to improve network security.

  3. Maritime security : progress made in implementing Maritime Transportation Security Act, but concerns remain : statement of Margaret Wrightson, Director, Homeland Security and Justice Issues

    Science.gov (United States)

    2003-09-09

    After the events of September 11, 2001, concerns were raised over the security of U.S. ports and waterways. In response to the concerns over port security, Congress passed the Maritime Transportation Security Act in November 2002. The act created a b...

  4. Microsoft Windows Security Essentials

    CERN Document Server

    Gibson, Darril

    2011-01-01

    Windows security concepts and technologies for IT beginners IT security can be a complex topic, especially for those new to the field of IT. This full-color book, with a focus on the Microsoft Technology Associate (MTA) program, offers a clear and easy-to-understand approach to Windows security risks and attacks for newcomers to the world of IT. By paring down to just the essentials, beginners gain a solid foundation of security concepts upon which more advanced topics and technologies can be built. This straightforward guide begins each chapter by laying out a list of topics to be discussed,

  5. 17 CFR 240.19g2-1 - Enforcement of compliance by national securities exchanges and registered securities associations...

    Science.gov (United States)

    2010-04-01

    ... national securities exchanges and registered securities associations with the Act and rules and regulations... Enforcement of compliance by national securities exchanges and registered securities associations with the Act... associated with its members, a national securities exchange or registered securities association is not...

  6. Cloud Security Requirements - A checklist with security and privacy requirements for public cloud services

    OpenAIRE

    Bernsmed, Karin; Meland, Per Håkon; Jaatun, Martin Gilje

    2015-01-01

    - This document contains a checklist that can be used to develop or evaluate security and privacy requirements for Cloud computing services. The content has been gathered from established industry standards and best practices, supplemented with requirements from European data protection legislation, and taking into account security issues identified in recent research on Cloud security. The document is intended to be used by potential cloud customers that need to assess the security of a c...

  7. Security Threat Assessment of an Internet Security System Using Attack Tree and Vague Sets

    OpenAIRE

    Kuei-Hu Chang

    2014-01-01

    Security threat assessment of the Internet security system has become a greater concern in recent years because of the progress and diversification of information technology. Traditionally, the failure probabilities of bottom events of an Internet security system are treated as exact values when the failure probability of the entire system is estimated. However, security threat assessment when the malfunction data of the system’s elementary event are incomplete—the traditional approach for ca...

  8. Data Security

    OpenAIRE

    Lopez, Diego

    2013-01-01

    Training specialists in the field of data security and security administrators for the information systems represents a significant priority demanded by both governmental environments and the central and local administrations, as well as by the private sector - companies, banks. They are responsible for implementing information services and systems, but they are also their beneficiaries, with applicability in fields such as: e government, e-administration, e-banking, e-commerce, e-payment, wh...

  9. Energy security in Yemen

    International Nuclear Information System (INIS)

    Torosyan, Emil

    2009-09-01

    Yemen, situated in the Arab world, has considerable energy resources. However, its history of repeated revolts, civil wars and terrorism and also the presence of the Wahabi movement and al Qaeda in the country constitute security issues for the energy industry and its infrastructure. The aim of this paper is to assess the impact level on the security of the energy sector in Yemen and the effect that the threats to that sector could have on global energy security. Analyses of the political environment, the security threats and the measures taken to respond to these threats have been carried out. Results showed that Yemen's resources are depleting and that the government is having trouble containing the escalation of conflicts; this situation could lead to Yemen's political collapse which could have an important impact on global energy security.

  10. The pharmaceuticalisation of security: Molecular biomedicine, antiviral stockpiles, and global health security.

    Science.gov (United States)

    Elbe, Stefan

    2014-12-01

    Pharmaceuticals are now critical to the security of populations. Antivirals, antibiotics, next-generation vaccines, and antitoxins are just some of the new 'medical countermeasures' that governments are stockpiling in order to defend their populations against the threat of pandemics and bioterrorism. How has security policy come to be so deeply imbricated with pharmaceutical logics and solutions? This article captures, maps, and analyses the 'pharmaceuticalisation' of security. Through an in-depth analysis of the prominent antiviral medication Tamiflu , it shows that this pharmaceutical turn in security policy is intimately bound up with the rise of a molecular vision of life promulgated by the biomedical sciences. Caught in the crosshairs of powerful commercial, political, and regulatory pressures, governments are embracing a molecular biomedicine promising to secure populations pharmaceutically in the twenty-first century. If that is true, then the established disciplinary view of health as a predominantly secondary matter of 'low' international politics is mistaken. On the contrary, the social forces of health and biomedicine are powerful enough to influence the core practices of international politics - even those of security. For a discipline long accustomed to studying macrolevel processes and systemic structures, it is in the end also our knowledge of the minute morass of molecules that shapes international relations.

  11. Security and SCADA protocols

    International Nuclear Information System (INIS)

    Igure, V. M.; Williams, R. D.

    2006-01-01

    Supervisory control and data acquisition (SCADA) networks have replaced discrete wiring for many industrial processes, and the efficiency of the network alternative suggests a trend toward more SCADA networks in the future. This paper broadly considers SCADA to include distributed control systems (DCS) and digital control systems. These networks offer many advantages, but they also introduce potential vulnerabilities that can be exploited by adversaries. Inter-connectivity exposes SCADA networks to many of the same threats that face the public internet and many of the established defenses therefore show promise if adapted to the SCADA differences. This paper provides an overview of security issues in SCADA networks and ongoing efforts to improve the security of these networks. Initially, a few samples from the range of threats to SCADA network security are offered. Next, attention is focused on security assessment of SCADA communication protocols. Three challenges must be addressed to strengthen SCADA networks. Access control mechanisms need to be introduced or strengthened, improvements are needed inside of the network to enhance security and network monitoring, and SCADA security management improvements and policies are needed. This paper discusses each of these challenges. This paper uses the Profibus protocol as an example to illustrate some of the vulnerabilities that arise within SCADA networks. The example Profibus security assessment establishes a network model and an attacker model before proceeding to a list of example attacks. (authors)

  12. Security Technologies for Open Networking Environments (STONE)

    Energy Technology Data Exchange (ETDEWEB)

    Muftic, Sead

    2005-03-31

    Under this project SETECS performed research, created the design, and the initial prototype of three groups of security technologies: (a) middleware security platform, (b) Web services security, and (c) group security system. The results of the project indicate that the three types of security technologies can be used either individually or in combination, which enables effective and rapid deployment of a number of secure applications in open networking environments. The middleware security platform represents a set of object-oriented security components providing various functions to handle basic cryptography, X.509 certificates, S/MIME and PKCS No.7 encapsulation formats, secure communication protocols, and smart cards. The platform has been designed in the form of security engines, including a Registration Engine, Certification Engine, an Authorization Engine, and a Secure Group Applications Engine. By creating a middleware security platform consisting of multiple independent components the following advantages have been achieved - Object-oriented, Modularity, Simplified Development, and testing, Portability, and Simplified extensions. The middleware security platform has been fully designed and a preliminary Java-based prototype has been created for the Microsoft Windows operating system. The Web services security system, designed in the project, consists of technologies and applications that provide authentication (i.e., single sign), authorization, and federation of identities in an open networking environment. The system is based on OASIS SAML and XACML standards for secure Web services. Its topology comprises three major components: Domain Security Server (DSS) is the main building block of the system Secure Application Server (SAS) Secure Client In addition to the SAML and XACML engines, the authorization system consists of two sets of components An Authorization Administration System An Authorization Enforcement System Federation of identities in multi

  13. Railway infrastructure security

    CERN Document Server

    Sforza, Antonio; Vittorini, Valeria; Pragliola, Concetta

    2015-01-01

    This comprehensive monograph addresses crucial issues in the protection of railway systems, with the objective of enhancing the understanding of railway infrastructure security. Based on analyses by academics, technology providers, and railway operators, it explains how to assess terrorist and criminal threats, design countermeasures, and implement effective security strategies. In so doing, it draws upon a range of experiences from different countries in Europe and beyond. The book is the first to be devoted entirely to this subject. It will serve as a timely reminder of the attractiveness of the railway infrastructure system as a target for criminals and terrorists and, more importantly, as a valuable resource for stakeholders and professionals in the railway security field aiming to develop effective security based on a mix of methodological, technological, and organizational tools. Besides researchers and decision makers in the field, the book will appeal to students interested in critical infrastructur...

  14. Health Security and Risk Aversion.

    Science.gov (United States)

    Herington, Jonathan

    2016-09-01

    Health security has become a popular way of justifying efforts to control catastrophic threats to public health. Unfortunately, there has been little analysis of the concept of health security, nor the relationship between health security and other potential aims of public health policy. In this paper I develop an account of health security as an aversion to risky policy options. I explore three reasons for thinking risk avoidance is a distinctly worthwhile aim of public health policy: (i) that security is intrinsically valuable, (ii) that it is necessary for social planning and (iii) that it is an appropriate response to decision-making in contexts of very limited information. Striking the right balance between securing and maximizing population health thus requires a substantive, and hitherto unrecognized, value judgment. Finally, I critically evaluate the current health security agenda in light of this new account of the concept and its relationship to the other aims of public health policy. © 2016 John Wiley & Sons Ltd.

  15. A Survey of E-Commerce Security

    Institute of Scientific and Technical Information of China (English)

    QIN Zhiguang; LUO Xucheng; GAO Rong

    2004-01-01

    E-commerce is a very active field of Intemet research. A very important aspect of e-commerce is its security. Because of the variety of e-commerce applications, many security policies,protocols and techniques are involved in the deployment of the security. The related standards and protocols ofe-commerce are studied in this paper. The general model of e-commerce security is set forth.In this model, two most important e-commerce protocols including secure sockets layer (SSL) and secure electronic transaction (SET) are analyzed. The open problems and new trends of e-commerce security are presented.

  16. 10 CFR 2.905 - Access to restricted data and national security information for parties; security clearances.

    Science.gov (United States)

    2010-01-01

    ... information for parties; security clearances. 2.905 Section 2.905 Energy NUCLEAR REGULATORY COMMISSION RULES... to Adjudicatory Proceedings Involving Restricted Data and/or National Security Information § 2.905 Access to restricted data and national security information for parties; security clearances. (a) Access...

  17. Privacy and security in teleradiology

    International Nuclear Information System (INIS)

    Ruotsalainen, Pekka

    2010-01-01

    Teleradiology is probably the most successful eHealth service available today. Its business model is based on the remote transmission of radiological images (e.g. X-ray and CT-images) over electronic networks, and on the interpretation of the transmitted images for diagnostic purpose. Two basic service models are commonly used teleradiology today. The most common approach is based on the message paradigm (off-line model), but more developed teleradiology systems are based on the interactive use of PACS/RIS systems. Modern teleradiology is also more and more cross-organisational or even cross-border service between service providers having different jurisdictions and security policies. This paper defines the requirements needed to make different teleradiology models trusted. Those requirements include a common security policy that covers all partners and entities, common security and privacy protection principles and requirements, controlled contracts between partners, and the use of security controls and tools that supporting the common security policy. The security and privacy protection of any teleradiology system must be planned in advance, and the necessary security and privacy enhancing tools should be selected (e.g. strong authentication, data encryption, non-repudiation services and audit-logs) based on the risk analysis and requirements set by the legislation. In any case the teleradiology system should fulfil ethical and regulatory requirements. Certification of the whole teleradiology service system including security and privacy is also proposed. In the future, teleradiology services will be an integrated part of pervasive eHealth. Security requirements for this environment including dynamic and context aware security services are also discussed in this paper.

  18. Privacy and security in teleradiology

    Energy Technology Data Exchange (ETDEWEB)

    Ruotsalainen, Pekka [National Institute for Health and Welfare, Helsinki (Finland)], E-mail: pekka.ruotsalainen@THL.fi

    2010-01-15

    Teleradiology is probably the most successful eHealth service available today. Its business model is based on the remote transmission of radiological images (e.g. X-ray and CT-images) over electronic networks, and on the interpretation of the transmitted images for diagnostic purpose. Two basic service models are commonly used teleradiology today. The most common approach is based on the message paradigm (off-line model), but more developed teleradiology systems are based on the interactive use of PACS/RIS systems. Modern teleradiology is also more and more cross-organisational or even cross-border service between service providers having different jurisdictions and security policies. This paper defines the requirements needed to make different teleradiology models trusted. Those requirements include a common security policy that covers all partners and entities, common security and privacy protection principles and requirements, controlled contracts between partners, and the use of security controls and tools that supporting the common security policy. The security and privacy protection of any teleradiology system must be planned in advance, and the necessary security and privacy enhancing tools should be selected (e.g. strong authentication, data encryption, non-repudiation services and audit-logs) based on the risk analysis and requirements set by the legislation. In any case the teleradiology system should fulfil ethical and regulatory requirements. Certification of the whole teleradiology service system including security and privacy is also proposed. In the future, teleradiology services will be an integrated part of pervasive eHealth. Security requirements for this environment including dynamic and context aware security services are also discussed in this paper.

  19. Environmental security and sustainable development

    International Nuclear Information System (INIS)

    Kok, M.T.J.

    1996-01-01

    Environmental security has become an important problem area for the social sciences and is becoming a key concept in long-term environmental policy and global environmental change issues. In taking Environmental Security on board, the International Human Dimensions Programme (IHDP) intends to stimulate research on approaches to solve global environmental issues, responses to climate change, food and water security, extreme weather events, etc. Both the Netherlands and Canadian HDP committee have placed environmental security and sustainable development on their national agendas. However, a research agenda for the role of social sciences in environmental security and societal impacts of global change has not been sufficiently elaborated yet, except for economic research on the impacts of climate change. This was the main reason for holding the title workshop. The aims of the workshop were: (1) to define environmental security as a research theme; (2) to explore the research agenda on environmental security for the social sciences; and (3) to establish and reinforce (inter)national research networks in this field. Two papers served as input for the participants of the workshop. First, in the Scoping Report Global Environmental Change and Human Security a brief overview is given of research conducted so far, as well as a working plan for the recently formed ad hoc Working Group on Environmental Security and Global Environmental Change. Secondly, the preliminary results of a programming study on Environmental Security and the societal impacts of climate change are presented. Special attention was given to the involvement of policymakers in the workshop. figs., tabs., 3 appendices, refs

  20. Systems Security Engineering

    Science.gov (United States)

    2010-08-22

    environment that contains network- borne cybersecurity threats, an argument may be made that the firewall increases overall system functionality by reserving...the number of administered devices. This approach to security analysis is at once old and new. In the early days of eCommerce , security

  1. Secure Enclaves: An Isolation-centric Approach for Creating Secure High Performance Computing Environments

    Energy Technology Data Exchange (ETDEWEB)

    Aderholdt, Ferrol [Tennessee Technological Univ., Cookeville, TN (United States); Caldwell, Blake A. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Hicks, Susan Elaine [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Koch, Scott M. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Naughton, III, Thomas J. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Pelfrey, Daniel S. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Pogge, James R [Tennessee Technological Univ., Cookeville, TN (United States); Scott, Stephen L [Tennessee Technological Univ., Cookeville, TN (United States); Shipman, Galen M. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Sorrillo, Lawrence [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States)

    2017-01-01

    High performance computing environments are often used for a wide variety of workloads ranging from simulation, data transformation and analysis, and complex workflows to name just a few. These systems may process data at various security levels but in so doing are often enclaved at the highest security posture. This approach places significant restrictions on the users of the system even when processing data at a lower security level and exposes data at higher levels of confidentiality to a much broader population than otherwise necessary. The traditional approach of isolation, while effective in establishing security enclaves poses significant challenges for the use of shared infrastructure in HPC environments. This report details current state-of-the-art in virtualization, reconfigurable network enclaving via Software Defined Networking (SDN), and storage architectures and bridging techniques for creating secure enclaves in HPC environments.

  2. Linux Server Security

    CERN Document Server

    Bauer, Michael D

    2005-01-01

    Linux consistently appears high up in the list of popular Internet servers, whether it's for the Web, anonymous FTP, or general services such as DNS and delivering mail. But security is the foremost concern of anyone providing such a service. Any server experiences casual probe attempts dozens of time a day, and serious break-in attempts with some frequency as well. This highly regarded book, originally titled Building Secure Servers with Linux, combines practical advice with a firm knowledge of the technical tools needed to ensure security. The book focuses on the most common use of Linux--

  3. Secure Multiparty AES

    Science.gov (United States)

    Damgård, Ivan; Keller, Marcel

    We propose several variants of a secure multiparty computation protocol for AES encryption. The best variant requires 2200 + {{400}over{255}} expected elementary operations in expected 70 + {{20}over{255}} rounds to encrypt one 128-bit block with a 128-bit key. We implemented the variants using VIFF, a software framework for implementing secure multiparty computation (MPC). Tests with three players (passive security against at most one corrupted player) in a local network showed that one block can be encrypted in 2 seconds. We also argue that this result could be improved by an optimized implementation.

  4. Information Security: Past, Present and Future - Impact of Developments in Information Technology on Security

    NARCIS (Netherlands)

    Overbeek, P.L.

    1991-01-01

    The development of information security is addressed in relation to the development of information technology. The leading question is: how has information security developed itself so far, and how should it progress to address tomorrow's security needs. An overwiew is given of the use of

  5. Future consumer mobile phone security : a case study using the data centric security model

    NARCIS (Netherlands)

    van Cleeff, A.

    2008-01-01

    In the interconnected world that we live in, traditional security barriers are broken down. Developments such as outsourcing, increased usage of mobile devices and wireless networks each cause new security problems. To address the new security threats, a number of solutions have been suggested,

  6. Moving towards Cloud Security

    Directory of Open Access Journals (Sweden)

    Edit Szilvia Rubóczki

    2015-01-01

    Full Text Available Cloud computing hosts and delivers many different services via Internet. There are a lot of reasons why people opt for using cloud resources. Cloud development is increasing fast while a lot of related services drop behind, for example the mass awareness of cloud security. However the new generation upload videos and pictures without reason to a cloud storage, but only few know about data privacy, data management and the proprietary of stored data in the cloud. In an enterprise environment the users have to know the rule of cloud usage, however they have little knowledge about traditional IT security. It is important to measure the level of their knowledge, and evolve the training system to develop the security awareness. The article proves the importance of suggesting new metrics and algorithms for measuring security awareness of corporate users and employees to include the requirements of emerging cloud security.

  7. Network systems security analysis

    Science.gov (United States)

    Yilmaz, Ä.°smail

    2015-05-01

    Network Systems Security Analysis has utmost importance in today's world. Many companies, like banks which give priority to data management, test their own data security systems with "Penetration Tests" by time to time. In this context, companies must also test their own network/server systems and take precautions, as the data security draws attention. Based on this idea, the study cyber-attacks are researched throughoutly and Penetration Test technics are examined. With these information on, classification is made for the cyber-attacks and later network systems' security is tested systematically. After the testing period, all data is reported and filed for future reference. Consequently, it is found out that human beings are the weakest circle of the chain and simple mistakes may unintentionally cause huge problems. Thus, it is clear that some precautions must be taken to avoid such threats like updating the security software.

  8. Proactive Security Testing and Fuzzing

    Science.gov (United States)

    Takanen, Ari

    Software is bound to have security critical flaws, and no testing or code auditing can ensure that software is flaw-less. But software security testing requirements have improved radically during the past years, largely due to criticism from security conscious consumers and Enterprise customers. Whereas in the past, security flaws were taken for granted (and patches were quietly and humbly installed), they now are probably one of the most common reasons why people switch vendors or software providers. The maintenance costs from security updates often add to become one of the biggest cost items to large Enterprise users. Fortunately test automation techniques have also improved. Techniques like model-based testing (MBT) enable efficient generation of security tests that reach good confidence levels in discovering zero-day mistakes in software. This technique is called fuzzing.

  9. Optimization of airport security process

    Science.gov (United States)

    Wei, Jianan

    2017-05-01

    In order to facilitate passenger travel, on the basis of ensuring public safety, the airport security process and scheduling to optimize. The stochastic Petri net is used to simulate the single channel security process, draw the reachable graph, construct the homogeneous Markov chain to realize the performance analysis of the security process network, and find the bottleneck to limit the passenger throughput. Curve changes in the flow of passengers to open a security channel for the initial state. When the passenger arrives at a rate that exceeds the processing capacity of the security channel, it is queued. The passenger reaches the acceptable threshold of the queuing time as the time to open or close the next channel, simulate the number of dynamic security channel scheduling to reduce the passenger queuing time.

  10. Metric-Aware Secure Service Orchestration

    Directory of Open Access Journals (Sweden)

    Gabriele Costa

    2012-12-01

    Full Text Available Secure orchestration is an important concern in the internet of service. Next to providing the required functionality the composite services must also provide a reasonable level of security in order to protect sensitive data. Thus, the orchestrator has a need to check whether the complex service is able to satisfy certain properties. Some properties are expressed with metrics for precise definition of requirements. Thus, the problem is to analyse the values of metrics for a complex business process. In this paper we extend our previous work on analysis of secure orchestration with quantifiable properties. We show how to define, verify and enforce quantitative security requirements in one framework with other security properties. The proposed approach should help to select the most suitable service architecture and guarantee fulfilment of the declared security requirements.

  11. 6 CFR 37.41 - Security plan.

    Science.gov (United States)

    2010-01-01

    ... 6 Domestic Security 1 2010-01-01 2010-01-01 false Security plan. 37.41 Section 37.41 Domestic... Security plan. (a) In General. States must have a security plan that addresses the provisions in paragraph (b) of this section and must submit the security plan as part of its REAL ID certification under § 37...

  12. Quality of Security Service: Adaptive Security

    National Research Council Canada - National Science Library

    Levin, Timothy E; Irvine, Cynthia E; Spyropoulou, Evdoxia

    2004-01-01

    .... In this approach, the "level of service" must be within an acceptable range, and can indicate degrees of security with respect to various aspects of assurance, mechanistic strength, administrative diligence, etc...

  13. Human security from paradigm shift to operationalisation: job description for a human security worker

    NARCIS (Netherlands)

    Glasius, M.

    2008-01-01

    This article shows how human security has functioned as both a paradigm-shifting and a bridging concept, with its most significant implications being, first, the shift from a focus on state security to one on human rights, and, second, the indivisibility of physical and material security. The

  14. Securing Major Events

    International Nuclear Information System (INIS)

    Loeoef, Susanna

    2013-01-01

    When asked why the IAEA should provide nuclear security support to countries that organize large public events, Nuclear Security Officer Sophia Miaw answers quickly and without hesitation. ''Imagine any major public event such as the Olympics, a football championship, or an Expo. If a dirty bomb were to be exploded at a site where tens of thousands of people congregate, the radioactive contamination would worsen the effects of the bomb, increase the number of casualties, impede a rapid emergency response, and cause long term disruption in the vicinity,'' she said. Avoiding such nightmarish scenarios is the driving purpose behind the assistance the IAEA offers States that host major sporting or other public events. The support can range from a single training course to a comprehensive programme that includes threat assessment, training, loaned equipment and exercises. The type and scope of assistance depends on the host country's needs. ''We incorporate nuclear security measures into their security plan. We don't create anything new,'' Miaw said

  15. Radioactive Waste SECURITY

    International Nuclear Information System (INIS)

    Brodowski, R.; Drapalik, M.; Gepp, C.; Gufler, K.; Sholly, S.

    2010-01-01

    The purpose of this work is to investigate the safety requirements for a radioactive waste repository, the fundamental problems involved and the legislative rules and arrangements for doing so. As the title already makes clear, the focus of this work is on aspects that can be assigned to the security sector - ie the security against the influence of third parties - and are to be distinguished from safety measures for the improvement of the technical safety aspects. In this context, mention is made of events such as human intrusion into guarded facilities, whereas e.g. a geological analysis on seismic safety is not discussed. For a variety of reasons, the consideration of security nuclear waste repositories in public discussions is increasingly taking a back seat, as ia. Terrorist threats can be considered as negligible risk or well calculable. Depending on the type of storage, different security aspects still have to be considered. (roessner)

  16. Security Information System Digital Simulation

    OpenAIRE

    Tao Kuang; Shanhong Zhu

    2015-01-01

    The study built a simulation model for the study of food security information system relay protection. MATLAB-based simulation technology can support the analysis and design of food security information systems. As an example, the food security information system fault simulation, zero-sequence current protection simulation and transformer differential protection simulation are presented in this study. The case studies show that the simulation of food security information system relay protect...

  17. Coping with Security in Programming

    OpenAIRE

    Frank Schindler

    2006-01-01

    This article deals with importance of security issues in computer programming.Secure software can only be designed with security as a primary goal. To achieve that wewould have to redesign our computer systems with security in our mind including entirecomputer environment, e.g. hardware, programming languages and, of course, operatingsystems. In software development process the quality of resulting computer code should bethe most important aspect during the whole program development process. ...

  18. The nature of international health security.

    Science.gov (United States)

    Chiu, Ya-Wen; Weng, Yi-Hao; Su, Yi-Yuan; Huang, Ching-Yi; Chang, Ya-Chen; Kuo, Ken N

    2009-01-01

    Health issues occasionally intersect security issues. Health security has been viewed as an essential part of human security. Policymakers and health professionals, however, do not share a common definition of health security. This article aims to characterize the notions of health security in order to clarify what constitutes the nexus of health and security. The concept of health security has evolved over time so that it encompasses many entities. Analyzing the health reports of four multilateral organizations (the United Nations, World Health Organization, Asia-Pacific Economic Cooperation, and the European Union) produced eight categories of most significant relevance to contemporary health security, allowing comparison of the definitions. The four categories are: emerging diseases; global infectious disease; deliberate release of chemical and biological materials; violence, conflict, and humanitarian emergencies. Two other categories of common concern are natural disasters and environmental change, as well as chemical and radioactive accidents. The final two categories, food insecurity and poverty, are discussed less frequently. Nevertheless, food security is emerging as an increasingly important issue in public health. Health security is the first line of defence against health emergencies. As globalization brings more complexities, dealing with the increased scale and extent of health security will require greater international effort and political support.

  19. The electronic security partnership of safety/security and information systems departments.

    Science.gov (United States)

    Yow, J Art

    2012-01-01

    The ever-changing world of security electronics is reviewed in this article. The author focuses on its usage in a hospital setting and the need for safety/security and information systems departments to work together to protect and get full value from IP systems.

  20. Between security and military identities: The case of Israeli security experts

    NARCIS (Netherlands)

    Grassiani, E.

    2018-01-01

    The relationship between private security professionals and the military in Israel is complex. While there is growing attention to the fact that security and military actors and their activities are becoming increasingly blurred, the Israeli case shows something different. In this ground-up analysis