WorldWideScience

Sample records for security technology applications

  1. Information security foundations, technologies and applications

    CERN Document Server

    Awad, Ali Ismail; Fairhurst, Michael

    2018-01-01

    This book outlines key emerging trends in information security from the foundations and technologies in biometrics, cybersecurity, and big data security to applications in hardware and embedded systems security, computer forensics, the Internet of Things security, and network security.

  2. Restricted access processor - An application of computer security technology

    Science.gov (United States)

    Mcmahon, E. M.

    1985-01-01

    This paper describes a security guard device that is currently being developed by Computer Sciences Corporation (CSC). The methods used to provide assurance that the system meets its security requirements include the system architecture, a system security evaluation, and the application of formal and informal verification techniques. The combination of state-of-the-art technology and the incorporation of new verification procedures results in a demonstration of the feasibility of computer security technology for operational applications.

  3. The application of data encryption technology in computer network communication security

    Science.gov (United States)

    Gong, Lina; Zhang, Li; Zhang, Wei; Li, Xuhong; Wang, Xia; Pan, Wenwen

    2017-04-01

    With the rapid development of Intemet and the extensive application of computer technology, the security of information becomes more and more serious, and the information security technology with data encryption technology as the core has also been developed greatly. Data encryption technology not only can encrypt and decrypt data, but also can realize digital signature, authentication and authentication and other functions, thus ensuring the confidentiality, integrity and confirmation of data transmission over the network. In order to improve the security of data in network communication, in this paper, a hybrid encryption system is used to encrypt and decrypt the triple DES algorithm with high security, and the two keys are encrypted with RSA algorithm, thus ensuring the security of the triple DES key and solving the problem of key management; At the same time to realize digital signature using Java security software, to ensure data integrity and non-repudiation. Finally, the data encryption system is developed by Java language. The data encryption system is simple and effective, with good security and practicality.

  4. Digital security technology simplified.

    Science.gov (United States)

    Scaglione, Bernard J

    2007-01-01

    Digital security technology is making great strides in replacing analog and other traditional security systems including CCTV card access, personal identification and alarm monitoring applications. Like any new technology, the author says, it is important to understand its benefits and limitations before purchasing and installing, to ensure its proper operation and effectiveness. This article is a primer for security directors on how digital technology works. It provides an understanding of the key components which make up the foundation for digital security systems, focusing on three key aspects of the digital security world: the security network, IP cameras and IP recorders.

  5. Using Science Driven Technologies for the Defense and Security Applications

    Science.gov (United States)

    Habib, Shahid; Zukor, Dorthy; Ambrose, Stephen D.

    2004-01-01

    For the past three decades, Earth science remote sensing technologies have been providing enormous amounts of useful data and information in broadening our understanding of our home planet as a system. This research, as it has expanded our learning process, has also generated additional questions. This has further resulted in establishing new science requirements, which have culminated in defining and pushing the state-of-the-art technology needs. NASA s Earth science program has deployed 18 highly complex satellites, with a total of 80 sensors, so far and is in a process of defining and launching multiple observing systems in the next decade. Due to the heightened security alert of the nation, researchers and technologists are paying serious attention to the use of these science driven technologies for dual use. In other words, how such sophisticated observing and measuring systems can be used in detecting multiple types of security concerns with a substantial lead time so that the appropriate law enforcement agencies can take adequate steps to defuse any potential risky scenarios. This paper examines numerous NASA technologies such as laser/lidar systems, microwave and millimeter wave technologies, optical observing systems, high performance computational techniques for rapid analyses, and imaging products that can have a tremendous pay off for security applications.

  6. Internet security technologies

    CERN Multimedia

    CERN. Geneva

    2003-01-01

    The three pillars of Internet Security are Infrastructure, Applications and People. In this series of lectures we will examine those three pillars and how vital it is for individuals to understand the vulnerabilities of this technology so they can made informed decisions about risks and how they can reduce those risks for themselves and their colleagues.First we will focus on the infrastructure: network; servers; operating systems and all those things that are mostly invisible. Moving up a level, into the visible realm, we discuss the application and see things like buffer overflows, viruses and how as application developers and users we can protect ourselves. Finally, it's all about people. The strongest security technology in the world is easily defeated if people don't understand their role in the whole system.

  7. Database and applications security integrating information security and data management

    CERN Document Server

    Thuraisingham, Bhavani

    2005-01-01

    This is the first book to provide an in-depth coverage of all the developments, issues and challenges in secure databases and applications. It provides directions for data and application security, including securing emerging applications such as bioinformatics, stream information processing and peer-to-peer computing. Divided into eight sections, each of which focuses on a key concept of secure databases and applications, this book deals with all aspects of technology, including secure relational databases, inference problems, secure object databases, secure distributed databases and emerging

  8. National Security Technology Incubator Business Plan

    Energy Technology Data Exchange (ETDEWEB)

    None, None

    2007-12-31

    This document contains a business plan for the National Security Technology Incubator (NSTI), developed as part of the National Security Preparedness Project (NSPP) and performed under a Department of Energy (DOE)/National Nuclear Security Administration (NNSA) grant. This business plan describes key features of the NSTI, including the vision and mission, organizational structure and staffing, services, evaluation criteria, marketing strategies, client processes, a budget, incubator evaluation criteria, and a development schedule. The purpose of the NSPP is to promote national security technologies through business incubation, technology demonstration and validation, and workforce development. The NSTI will focus on serving businesses with national security technology applications by nurturing them through critical stages of early development. The vision of the NSTI is to be a successful incubator of technologies and private enterprise that assist the NNSA in meeting new challenges in national safety, security, and protection of the homeland. The NSTI is operated and managed by the Arrowhead Center, responsible for leading the economic development mission of New Mexico State University (NMSU). The Arrowhead Center will recruit business with applications for national security technologies recruited for the NSTI program. The Arrowhead Center and its strategic partners will provide business incubation services, including hands-on mentoring in general business matters, marketing, proposal writing, management, accounting, and finance. Additionally, networking opportunities and technology development assistance will be provided.

  9. National Security Technology Incubator Evaluation Process

    Energy Technology Data Exchange (ETDEWEB)

    None, None

    2007-12-31

    This report describes the process by which the National Security Technology Incubator (NSTI) will be evaluated. The technology incubator is being developed as part of the National Security Preparedness Project (NSPP), funded by a Department of Energy (DOE)/National Nuclear Security Administration (NNSA) grant. This report includes a brief description of the components, steps, and measures of the proposed evaluation process. The purpose of the NSPP is to promote national security technologies through business incubation, technology demonstration and validation, and workforce development. The NSTI will focus on serving businesses with national security technology applications by nurturing them through critical stages of early development. An effective evaluation process of the NSTI is an important step as it can provide qualitative and quantitative information on incubator performance over a given period. The vision of the NSTI is to be a successful incubator of technologies and private enterprise that assist the NNSA in meeting new challenges in national safety and security. The mission of the NSTI is to identify, incubate, and accelerate technologies with national security applications at various stages of development by providing hands-on mentoring and business assistance to small businesses and emerging or growing companies. To achieve success for both incubator businesses and the NSTI program, an evaluation process is essential to effectively measure results and implement corrective processes in the incubation design if needed. The evaluation process design will collect and analyze qualitative and quantitative data through performance evaluation system.

  10. Marine data security based on blockchain technology

    Science.gov (United States)

    Yang, Zhao; Xie, Weiwei; Huang, Lei; Wei, Zhiqiang

    2018-03-01

    With the development of marine observation technology and network technology, the volume of marine data growing rapidly. This brings new challenges for data storage and transmission. How to protect data security of marine big data has become an urgent problem. The traditional information security methods’ characteristic is centralization. These technologies cannot provide whole process protection, e.g., data storage, data management and application of data. The blockchain technology is a novel technology, which can keep the data security and reliability by using decentralized methodology. It has aroused wide interest in the financial field. In this paper, we describe the concept, characteristics and key technologies of blockchain technology and introduce it into the field of marine data security.

  11. Intelligent Facial Recognition Systems: Technology advancements for security applications

    Energy Technology Data Exchange (ETDEWEB)

    Beer, C.L.

    1993-07-01

    Insider problems such as theft and sabotage can occur within the security and surveillance realm of operations when unauthorized people obtain access to sensitive areas. A possible solution to these problems is a means to identify individuals (not just credentials or badges) in a given sensitive area and provide full time personnel accountability. One approach desirable at Department of Energy facilities for access control and/or personnel identification is an Intelligent Facial Recognition System (IFRS) that is non-invasive to personnel. Automatic facial recognition does not require the active participation of the enrolled subjects, unlike most other biological measurement (biometric) systems (e.g., fingerprint, hand geometry, or eye retinal scan systems). It is this feature that makes an IFRS attractive for applications other than access control such as emergency evacuation verification, screening, and personnel tracking. This paper discusses current technology that shows promising results for DOE and other security applications. A survey of research and development in facial recognition identified several companies and universities that were interested and/or involved in the area. A few advanced prototype systems were also identified. Sandia National Laboratories is currently evaluating facial recognition systems that are in the advanced prototype stage. The initial application for the evaluation is access control in a controlled environment with a constant background and with cooperative subjects. Further evaluations will be conducted in a less controlled environment, which may include a cluttered background and subjects that are not looking towards the camera. The outcome of the evaluations will help identify areas of facial recognition systems that need further development and will help to determine the effectiveness of the current systems for security applications.

  12. Security Technologies for Open Networking Environments (STONE)

    Energy Technology Data Exchange (ETDEWEB)

    Muftic, Sead

    2005-03-31

    Under this project SETECS performed research, created the design, and the initial prototype of three groups of security technologies: (a) middleware security platform, (b) Web services security, and (c) group security system. The results of the project indicate that the three types of security technologies can be used either individually or in combination, which enables effective and rapid deployment of a number of secure applications in open networking environments. The middleware security platform represents a set of object-oriented security components providing various functions to handle basic cryptography, X.509 certificates, S/MIME and PKCS No.7 encapsulation formats, secure communication protocols, and smart cards. The platform has been designed in the form of security engines, including a Registration Engine, Certification Engine, an Authorization Engine, and a Secure Group Applications Engine. By creating a middleware security platform consisting of multiple independent components the following advantages have been achieved - Object-oriented, Modularity, Simplified Development, and testing, Portability, and Simplified extensions. The middleware security platform has been fully designed and a preliminary Java-based prototype has been created for the Microsoft Windows operating system. The Web services security system, designed in the project, consists of technologies and applications that provide authentication (i.e., single sign), authorization, and federation of identities in an open networking environment. The system is based on OASIS SAML and XACML standards for secure Web services. Its topology comprises three major components: Domain Security Server (DSS) is the main building block of the system Secure Application Server (SAS) Secure Client In addition to the SAML and XACML engines, the authorization system consists of two sets of components An Authorization Administration System An Authorization Enforcement System Federation of identities in multi

  13. The DOE safeguards and security technology development program

    International Nuclear Information System (INIS)

    Cherry, R.C.; Wheelock, A.J.

    1991-01-01

    This paper reports that strategic planning for safeguards and security within the Department of Energy emphasizes the contributions of advanced technologies to the achievement of Departmental protection program goals. The Safeguards and Security Technology Development Program provides state-of-the-art technologies, systems and technical services in support of the policies and programmatic requirements for the protection of Departmental assets. The Program encompasses research and development in physical security, nuclear material control and accountability, information security and personnel security, and the integration of these disciplines in advanced applications. Technology development tasks serve goals that range from the maintenance of an effective technology base to the development, testing and evaluation of applications to meet field needs. A variety of factors, from the evolving threat to reconfiguration of the DOE complex and the technical requirements of new facilities, are expected to influence safeguards and security technology requirements and development efforts. Implementation of the Program is based on the systematic identification, prioritization and alignment of technology development tasks and needs. Initiatives currently underway are aimed at enhancing technology development project management. Increased management attention is also being placed on efforts to promote the benefits of the Program through technology transfer and interagency liaison

  14. Application Security Automation

    Science.gov (United States)

    Malaika, Majid A.

    2011-01-01

    With today's high demand for online applications and services running on the Internet, software has become a vital component in our lives. With every revolutionary technology comes challenges unique to its characteristics; for online applications, security is one huge concern and challenge. Currently, there are several schemes that address…

  15. Chemical Sniffing Instrumentation for Security Applications.

    Science.gov (United States)

    Giannoukos, Stamatios; Brkić, Boris; Taylor, Stephen; Marshall, Alan; Verbeck, Guido F

    2016-07-27

    Border control for homeland security faces major challenges worldwide due to chemical threats from national and/or international terrorism as well as organized crime. A wide range of technologies and systems with threat detection and monitoring capabilities has emerged to identify the chemical footprint associated with these illegal activities. This review paper investigates artificial sniffing technologies used as chemical sensors for point-of-use chemical analysis, especially during border security applications. This article presents an overview of (a) the existing available technologies reported in the scientific literature for threat screening, (b) commercially available, portable (hand-held and stand-off) chemical detection systems, and (c) their underlying functional and operational principles. Emphasis is given to technologies that have been developed for in-field security operations, but laboratory developed techniques are also summarized as emerging technologies. The chemical analytes of interest in this review are (a) volatile organic compounds (VOCs) associated with security applications (e.g., illegal, hazardous, and terrorist events), (b) chemical "signatures" associated with human presence, and (c) threat compounds (drugs, explosives, and chemical warfare agents).

  16. Infrared: A Key Technology for Security Systems

    OpenAIRE

    Corsi, Carlo

    2012-01-01

    Infrared science and technology has been, since the first applications, mainly dedicated to security and surveillance especially in military field, besides specialized techniques in thermal imaging for medical diagnostic and building structures and recently in energy savings and aerospace context. Till recently the security applications were mainly based on thermal imaging as surveillance and warning military systems. In all these applications the advent of room temperature, more reliable due...

  17. Cyber security evaluation of II&C technologies

    Energy Technology Data Exchange (ETDEWEB)

    Thomas, Ken [Idaho National Laboratory (INL), Idaho Falls, ID (United States)

    2014-11-01

    cyber security team with expertise in nuclear utility cyber security programs and experience in conducting these evaluations. The evaluation has determined that, for the most part, cyber security will not be a limiting factor in the application of these technologies to nuclear power plant applications.

  18. Review of the model of technological pragmatism considering privacy and security

    Directory of Open Access Journals (Sweden)

    Kovačević-Lepojević Marina M.

    2013-01-01

    Full Text Available The model of technological pragmatism assumes awareness that technological development involves both benefits and dangers. Most modern security technologies represent citizens' mass surveillance tools, which can lead to compromising a significant amount of personal data due to the lack of institutional monitoring and control. On the other hand, people are interested in improving crime control and reducing the fear of potential victimization which this framework provides as a rational justification for the apparent loss of privacy, personal rights and freedoms. Citizens' perception on the categories of security and privacy, and their balancing, can provide the necessary guidelines to regulate the application of security technologies in the actual context. The aim of this paper is to analyze the attitudes of students at the University of Belgrade (N = 269 toward the application of security technology and identification of the key dimensions. On the basis of the relevant research the authors have formed assumptions about the following dimensions: security, privacy, trust in institutions and concern about the misuse of security technology. The Prise Questionnaire on Security Technology and Privacy was used for data collection. Factor analysis abstracted eight factors which together account for 58% of variance, with the highest loading of the four factors that are identified as security, privacy, trust and concern. The authors propose a model of technological pragmatism considering security and privacy. The data also showed that students are willing to change their privacy for the purpose of improving security and vice versa.

  19. Home - Defense Technology Security Administration

    Science.gov (United States)

    by @dtsamil Defense Technology Security Administration Mission, Culture, and History Executive Official seal of Defense Technology Security Administration Official seal of Defense Technology Security Administration OFFICE of the SECRETARY of DEFENSE Defense Technology Security Administration

  20. THz and Security Applications

    CERN Document Server

    Sizov, Fedir; Detectors, Sources and Associated Electronics for THz Applications

    2014-01-01

    These proceedings comprise invited papers from highly experienced researchers in THz technology and security applications. THz detection of explosives represents one of the most appealing technologies to have recently emerged in dealing with terrorist attacks encountered by civil security and military forces throughout the world. Discussed are the most advanced technologies and developments, the various points of operational strength and weaknesses as well as are suggestions and predictions the best technological solutions to  overcome current operational limits.  The current status of various levels of cooling in THz detectors, sources and associated electronics are also addressed. The goal was to provide a clear view on the current technologies available and the required advances needed in order to achieve more efficient systems. This goal was outlined in part by establishing the baseline of current uncertainty estimations in physics-based modelling and the identification of key areas which require additi...

  1. Wireless network security theories and applications

    CERN Document Server

    Chen, Lei; Zhang, Zihong

    2013-01-01

    Wireless Network Security Theories and Applications discusses the relevant security technologies, vulnerabilities, and potential threats, and introduces the corresponding security standards and protocols, as well as provides solutions to security concerns. Authors of each chapter in this book, mostly top researchers in relevant research fields in the U.S. and China, presented their research findings and results about the security of the following types of wireless networks: Wireless Cellular Networks, Wireless Local Area Networks (WLANs), Wireless Metropolitan Area Networks (WMANs), Bluetooth

  2. On enabling secure applications through off-line biometric identification

    Energy Technology Data Exchange (ETDEWEB)

    Davida, G.I. [Univ. of Wisconsin, Milwaukee, WI (United States); Frankel, Y. [CertCo LLC, New York, NY (United States); Matt, B.J. [Sandia National Labs., Albuquerque, NM (United States)

    1998-04-01

    In developing secure applications and systems, the designers often must incorporate secure user identification in the design specification. In this paper, the authors study secure off line authenticated user identification schemes based on a biometric system that can measure a user`s biometric accurately (up to some Hamming distance). The schemes presented here enhance identification and authorization in secure applications by binding a biometric template with authorization information on a token such as a magnetic strip. Also developed here are schemes specifically designed to minimize the compromise of a user`s private biometrics data, encapsulated in the authorization information, without requiring secure hardware tokens. In this paper the authors furthermore study the feasibility of biometrics performing as an enabling technology for secure system and application design. The authors investigate a new technology which allows a user`s biometrics to facilitate cryptographic mechanisms.

  3. On enabling secure applications through off-line biometric identification

    International Nuclear Information System (INIS)

    Davida, G.I.; Frankel, Y.; Matt, B.J.

    1998-04-01

    In developing secure applications and systems, the designers often must incorporate secure user identification in the design specification. In this paper, the authors study secure off line authenticated user identification schemes based on a biometric system that can measure a user's biometric accurately (up to some Hamming distance). The schemes presented here enhance identification and authorization in secure applications by binding a biometric template with authorization information on a token such as a magnetic strip. Also developed here are schemes specifically designed to minimize the compromise of a user's private biometrics data, encapsulated in the authorization information, without requiring secure hardware tokens. In this paper the authors furthermore study the feasibility of biometrics performing as an enabling technology for secure system and application design. The authors investigate a new technology which allows a user's biometrics to facilitate cryptographic mechanisms

  4. Selecting Security Technology Providers

    Science.gov (United States)

    Schneider, Tod

    2009-01-01

    The world of security technology holds great promise, but it is fraught with opportunities for expensive missteps and misapplications. The quality of the security technology consultants and system integrators one uses will have a direct bearing on how well his school masters this complex subject. Security technology consultants help determine…

  5. Practical Pocket PC Application w/Biometric Security

    Science.gov (United States)

    Logan, Julian

    2004-01-01

    I work in the Flight Software Engineering Branch, where we provide design and development of embedded real-time software applications for flight and supporting ground systems to support the NASA Aeronautics and Space Programs. In addition, this branch evaluates, develops and implements new technologies for embedded real-time systems, and maintains a laboratory for applications of embedded technology. The majority of microchips that are used in modern society have been programmed using embedded technology. These small chips can be found in microwaves, calculators, home security systems, cell phones and more. My assignment this summer entails working with an iPAQ HP 5500 Pocket PC. This top-of-the-line hand-held device is one of the first mobile PC's to introduce biometric security capabilities. Biometric security, in this case a fingerprint authentication system, is on the edge of technology as far as securing information. The benefits of fingerprint authentication are enormous. The most significant of them are that it is extremely difficult to reproduce someone else's fingerprint, and it is equally difficult to lose or forget your own fingerprint as opposed to a password or pin number. One of my goals for this summer is to integrate this technology with another Pocket PC application. The second task for the summer is to develop a simple application that provides an Astronaut EVA (Extravehicular Activity) Log Book capability. The Astronaut EVA Log Book is what an astronaut would use to report the status of field missions, crew physical health, successes, future plans, etc. My goal is to develop a user interface into which these data fields can be entered and stored. The applications that I am developing are created using eMbedded Visual C++ 4.0 with the Pocket PC 2003 Software Development Kit provided by Microsoft.

  6. School Security Technologies

    Science.gov (United States)

    Schneider, Tod

    2010-01-01

    Over the past decade electronic security technology has evolved from an exotic possibility into an essential safety consideration. Before resorting to high-tech security solutions, school officials should think carefully about the potential for unintended consequences. Technological fixes may be mismatched to the problems being addressed. They can…

  7. Combining overt and covert anti-counterfeiting technologies for securities

    Science.gov (United States)

    Uematsu, Tsuyoshi

    2006-02-01

    The National Printing Bureau of Japan has been developing new anti-counterfeiting technologies as a banknote printer. Some of our technologies have already been effectively introduced into Japan's new banknote series. Anti-counterfeiting technologies can be applied not only to banknotes but also to other security documents depending on desired features. In this presentation, I will introduce three of our newly developed overt and covert security techniques, which are intended for document security and brand protection, as well as banknotes. "Metallic View" is mainly for offset printing. "Copy Check" (micro-structural lines involving luminescence) is for plate making technology. "ImageSwitch" is for a new security solution which has unlimited printing applications. All three techniques create "latent images" (some of which may be better known as "carrier screen images") that are useful in preventing counterfeiting. While each of the techniques is effective by itself, all are more effective when applied together. Combining these techniques could make all security documents harder to copy using IT scanners, and provide cost-effective anti-counterfeiting solutions for all security users.

  8. Exploring the Application of Shared Ledger Technology to Safeguards and other National Security Topics

    Energy Technology Data Exchange (ETDEWEB)

    Frazar, Sarah L.; Winters, Samuel T.; Kreyling, Sean J.; Joslyn, Cliff A.; West, Curtis L.; Schanfein, Mark J.; Sayre, Amanda M.

    2017-07-17

    In 2016, the Office of International Nuclear Safeguards at the National Nuclear Security Administration (NNSA) within the Department of Energy (DOE) commissioned the Pacific Northwest National Laboratory (PNNL) to explore the potential implications of the digital currency bitcoin and its underlying technologies on the safeguards system. The authors found that one category of technologies referred to as Shared Ledger Technology (SLT) offers a spectrum of benefits to the safeguards system. While further research is needed to validate assumptions and findings in the paper, preliminary analysis suggests that both the International Atomic Energy Agency (IAEA) and Member States can use SLT to promote efficient, effective, accurate, and timely reporting, and increase transparency in the safeguards system without sacrificing confidentiality of safeguards data. This increased transparency and involvement of Member States in certain safeguards transactions could lead to increased trust and cooperation among States and the public, which generates a number of benefits. This paper describes these benefits and the analytical framework for assessing SLT applications for specific safeguards problems. The paper will also describe other national security areas where SLT could provide benefits.

  9. Secure, Mobile, Wireless Network Technology Designed, Developed, and Demonstrated

    Science.gov (United States)

    Ivancic, William D.; Paulsen, Phillip E.

    2004-01-01

    The inability to seamlessly disseminate data securely over a high-integrity, wireless broadband network has been identified as a primary technical barrier to providing an order-of-magnitude increase in aviation capacity and safety. Secure, autonomous communications to and from aircraft will enable advanced, automated, data-intensive air traffic management concepts, increase National Air Space (NAS) capacity, and potentially reduce the overall cost of air travel operations. For the first time ever, secure, mobile, network technology was designed, developed, and demonstrated with state-ofthe- art protocols and applications by a diverse, cooperative Government-industry team led by the NASA Glenn Research Center. This revolutionary technology solution will make fundamentally new airplane system capabilities possible by enabling secure, seamless network connections from platforms in motion (e.g., cars, ships, aircraft, and satellites) to existing terrestrial systems without the need for manual reconfiguration. Called Mobile Router, the new technology autonomously connects and configures networks as they traverse from one operating theater to another. The Mobile Router demonstration aboard the Neah Bay, a U.S. Coast Guard vessel stationed in Cleveland, Ohio, accomplished secure, seamless interoperability of mobile network systems across multiple domains without manual system reconfiguration. The Neah Bay was chosen because of its low cost and communications mission similarity to low-Earth-orbiting satellite platforms. This technology was successfully advanced from technology readiness level (TRL) 2 (concept and/or application formation) to TRL 6 (system model or prototype demonstration in a relevant environment). The secure, seamless interoperability offered by the Mobile Router and encryption device will enable several new, vehicle-specific and systemwide technologies to perform such things as remote, autonomous aircraft performance monitoring and early detection and

  10. Systematic, appropriate, and cost-effective application of security technologies in U.S. public schools to reduce crime, violence, and drugs

    Science.gov (United States)

    Green, Mary W.

    1997-01-01

    As problems of violence and crime become more prevalent in our schools, more and more school districts will elect to use security technologies to control these problems. While the desired change in student and community attitudes will require significant systemic change through intense US social programs, security technologies can greatly augment school staff today by providing services similar to having extra adults present. Technologies such as cameras, sensors, drug detection, biometric and personnel identification, lighting, barriers, weapon and explosives detection, anti- graffiti methods, and duress alarms can all be effective, given they are used in appropriate applications, with realistic expectations and an understanding of limitations. Similar to a high-risk government facility, schools must consider a systems approach to security, which includes the use of personnel and procedures as well as security technologies, such that the synergy created by all these elements together contributes more tot he general 'order maintenance' of the facility than could be achieved by separate measures not integrated or related.

  11. MEMS and MOEMS for national security applications

    Science.gov (United States)

    Scott, Marion W.

    2003-01-01

    Major opportunities for microsystem insertion into commercial applications, such as telecommunications and medical prosthesis, are well known. Less well known are applications that ensure the security of our nation, the protection of its armed forces, and the safety of its citizens. Microsystems enable entirely new possibilities to meet National Security needs, which can be classed along three lines: anticipating security needs and threats, deterring the efficacy of identified threats, and defending against the application of these threats. In each of these areas, specific products that are enabled by MEMS and MOEMS are discussed. In the area of anticipating needs and threats, sensored microsystems designed for chem/bio/nuclear threats, and sensors for border and asset protection can significantly secure our borders, ports, and transportation systems. Key features for these applications include adaptive optics and spectroscopic capabilities. Microsystems to monitor soil and water quality can be used to secure critical infrastructure, food safety can be improved by in-situ identification of pathogens, and sensored buildings can ensure the architectural safety of our homes and workplaces. A challenge to commercializing these opportunities, and thus making them available for National Security needs, is developing predictable markets and predictable technology roadmaps. The integrated circuit manufacturing industry provides an example of predictable technology maturation and market insertion, primarily due to the existence of a "unit cell" that allows volume manufacturing. It is not clear that microsystems can follow an analogous path. The possible paths to affordable low-volume production, as well as the prospects of a microsystems unit cell, are discussed.

  12. Technology Empowerment: Security Challenges.

    Energy Technology Data Exchange (ETDEWEB)

    Warren, Drake Edward [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Backus, George A. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Jones, Wendell [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Nelson, Thomas R. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Skocypec, Russell D. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

    2017-03-01

    Technology empowerment” means that innovation is increasingly accessible to ordinary people of limited means. As powerful technologies become more affordable and accessible, and as people are increasingly connected around the world, ordinary people are empowered to participate in the process of innovation and share the fruits of collaborative innovation. This annotated briefing describes technology empowerment and focuses on how empowerment may create challenges to U.S. national security. U.S. defense research as a share of global innovation has dwindled in recent years. With technology empowerment, the role of U.S. defense research is likely to shrink even further while technology empowerment will continue to increase the speed of innovation. To avoid falling too far behind potential technology threats to U.S. national security, U.S. national security institutions will need to adopt many of the tools of technology empowerment.

  13. Security force effectiveness and technology

    International Nuclear Information System (INIS)

    Seaton, M.B.

    1988-01-01

    No one would propose ineffective security forces. Applied technology always has, as its purpose, to increase effectiveness. Evidence exists, however, that poorly conceived or executed technological solutions can actually do more harm than good. The author argues for improved human factor considerations in physical security applied technology -- especially in the area of security console operations

  14. Physical security technology base programs for physical security

    International Nuclear Information System (INIS)

    Jacobs, J.

    1986-01-01

    Sandia National Laboratories is the US Department of Energy's lead laboratory for physical security research and development (R and D). In support of this mission, Sandia has maintained for several years an R and D program in each of the following technology areas: Intrusion Detection, Entry Control, CCTV Assessment, Access Delay, Alarm Display, and Guard Equipment and Training. The purpose of the technology base programs is to maintain cognizance of the capabilities of the commercial market, identify improvements and transfer technology to industry and facilities. The output of these programs supports the development of new equipment and advanced system concepts, demonstrations of proof-of-principles and system implementation. This paper will review the status of current developments and discuss trends in new technologies which are being explored for future applications, i.e., artificial intelligence, expert systems, robotics, and more automated systems

  15. Blockchains as security-enabler for industrial IoT-applications

    Directory of Open Access Journals (Sweden)

    Volker Skwarek

    2017-12-01

    Full Text Available Purpose - This paper aims to describe a method for Internet-of-Things-devices to achieve industrial grade reliability for information transfer from wireless sensor systems to production systems using blockchain technologies. Design/methodology/approach - An increased security and reliability of submitted data within the sensor network could be achieved on an application level. Therefore, a lightweight, high-level communication protocol based on blockchain principles was designed. Findings - Blockchain mechanisms can secure the wireless communication of Internet-of-Things-devices in a lightweight and scalable manner. Originality/value - The innovation of this research is the successful application of general blockchain mechanisms to increase security of a wireless sensor system without binding to a dedicated blockchain technology.

  16. A Component-Based Approach for Securing Indoor Home Care Applications.

    Science.gov (United States)

    Agirre, Aitor; Armentia, Aintzane; Estévez, Elisabet; Marcos, Marga

    2017-12-26

    eHealth systems have adopted recent advances on sensing technologies together with advances in information and communication technologies (ICT) in order to provide people-centered services that improve the quality of life of an increasingly elderly population. As these eHealth services are founded on the acquisition and processing of sensitive data (e.g., personal details, diagnosis, treatments and medical history), any security threat would damage the public's confidence in them. This paper proposes a solution for the design and runtime management of indoor eHealth applications with security requirements. The proposal allows applications definition customized to patient particularities, including the early detection of health deterioration and suitable reaction (events) as well as security needs. At runtime, security support is twofold. A secured component-based platform supervises applications execution and provides events management, whilst the security of the communications among application components is also guaranteed. Additionally, the proposed event management scheme adopts the fog computing paradigm to enable local event related data storage and processing, thus saving communication bandwidth when communicating with the cloud. As a proof of concept, this proposal has been validated through the monitoring of the health status in diabetic patients at a nursing home.

  17. Application of the JDL data fusion process model for cyber security

    Science.gov (United States)

    Giacobe, Nicklaus A.

    2010-04-01

    A number of cyber security technologies have proposed the use of data fusion to enhance the defensive capabilities of the network and aid in the development of situational awareness for the security analyst. While there have been advances in fusion technologies and the application of fusion in intrusion detection systems (IDSs), in particular, additional progress can be made by gaining a better understanding of a variety of data fusion processes and applying them to the cyber security application domain. This research explores the underlying processes identified in the Joint Directors of Laboratories (JDL) data fusion process model and further describes them in a cyber security context.

  18. A Component-Based Approach for Securing Indoor Home Care Applications

    Science.gov (United States)

    Estévez, Elisabet

    2017-01-01

    eHealth systems have adopted recent advances on sensing technologies together with advances in information and communication technologies (ICT) in order to provide people-centered services that improve the quality of life of an increasingly elderly population. As these eHealth services are founded on the acquisition and processing of sensitive data (e.g., personal details, diagnosis, treatments and medical history), any security threat would damage the public’s confidence in them. This paper proposes a solution for the design and runtime management of indoor eHealth applications with security requirements. The proposal allows applications definition customized to patient particularities, including the early detection of health deterioration and suitable reaction (events) as well as security needs. At runtime, security support is twofold. A secured component-based platform supervises applications execution and provides events management, whilst the security of the communications among application components is also guaranteed. Additionally, the proposed event management scheme adopts the fog computing paradigm to enable local event related data storage and processing, thus saving communication bandwidth when communicating with the cloud. As a proof of concept, this proposal has been validated through the monitoring of the health status in diabetic patients at a nursing home. PMID:29278370

  19. A Component-Based Approach for Securing Indoor Home Care Applications

    Directory of Open Access Journals (Sweden)

    Aitor Agirre

    2017-12-01

    Full Text Available eHealth systems have adopted recent advances on sensing technologies together with advances in information and communication technologies (ICT in order to provide people-centered services that improve the quality of life of an increasingly elderly population. As these eHealth services are founded on the acquisition and processing of sensitive data (e.g., personal details, diagnosis, treatments and medical history, any security threat would damage the public’s confidence in them. This paper proposes a solution for the design and runtime management of indoor eHealth applications with security requirements. The proposal allows applications definition customized to patient particularities, including the early detection of health deterioration and suitable reaction (events as well as security needs. At runtime, security support is twofold. A secured component-based platform supervises applications execution and provides events management, whilst the security of the communications among application components is also guaranteed. Additionally, the proposed event management scheme adopts the fog computing paradigm to enable local event related data storage and processing, thus saving communication bandwidth when communicating with the cloud. As a proof of concept, this proposal has been validated through the monitoring of the health status in diabetic patients at a nursing home.

  20. Video performance for high security applications

    International Nuclear Information System (INIS)

    Connell, Jack C.; Norman, Bradley C.

    2010-01-01

    The complexity of physical protection systems has increased to address modern threats to national security and emerging commercial technologies. A key element of modern physical protection systems is the data presented to the human operator used for rapid determination of the cause of an alarm, whether false (e.g., caused by an animal, debris, etc.) or real (e.g., a human adversary). Alarm assessment, the human validation of a sensor alarm, primarily relies on imaging technologies and video systems. Developing measures of effectiveness (MOE) that drive the design or evaluation of a video system or technology becomes a challenge, given the subjectivity of the application (e.g., alarm assessment). Sandia National Laboratories has conducted empirical analysis using field test data and mathematical models such as binomial distribution and Johnson target transfer functions to develop MOEs for video system technologies. Depending on the technology, the task of the security operator and the distance to the target, the Probability of Assessment (PAs) can be determined as a function of a variety of conditions or assumptions. PAs used as an MOE allows the systems engineer to conduct trade studies, make informed design decisions, or evaluate new higher-risk technologies. This paper outlines general video system design trade-offs, discusses ways video can be used to increase system performance and lists MOEs for video systems used in subjective applications such as alarm assessment.

  1. Professional Cocoa Application Security

    CERN Document Server

    Lee, Graham J

    2010-01-01

    The first comprehensive security resource for Mac and iPhone developers. The Mac platform is legendary for security, but consequently, Apple developers have little appropriate security information available to help them assure that their applications are equally secure. This Wrox guide provides the first comprehensive go-to resource for Apple developers on the available frameworks and features that support secure application development.: While Macs are noted for security, developers still need to design applications for the Mac and the iPhone with security in mind; this guide offers the first

  2. Denial technology, the neglected security element

    International Nuclear Information System (INIS)

    Mauney, C.H.

    1982-01-01

    Even though there has been an increased concern over providing adequate security during the past decade, and even though some aspects of existing security systems have been enhanced during this period, much remains to be done to provide that balance which is so necessary to have all elements function as an effective unit. The area that primarily has been neglected is the delay element - the part of the system which makes possible the needed time for the security force to respond after an intrustion is detected and prior to the adversary attaining his desired goal. The purpose of this paper is to address the vulnerabilities of a security system which exist without the proper delay elements and to suggest how current technology can provide, through the use of activated barriers, that needed delay time to bring the system into balance. Security managers desire reliability and effectiveness; plant managers require safety, non-interference with operations, cost considerate capability, and aesthetic application - these characteristics will be addressed in the context of providing the required delay. This paper, hopefully, will set the stage for dialogue between developer and user, yielding a mutally acceptable approach to balanced security protection

  3. Europe, Middle East and North Africa Conference on Technology and Security to Support Learning 2016

    CERN Document Server

    Serrhini, Mohammed; Felgueiras, Carlos

    2017-01-01

    This book contains a selection of articles from The Europe, Middle East and North Africa Conference on Technology and Security to Support Learning 2016 (EMENA-TSSL'16), held between the 3th and 5th of October at Saidia, Oujda, Morocco. EMENA-TSSL'16 is a global forum for researchers and practitioners to present and discuss recent results and innovations, current trends, professional experiences and challenges in Information & Communication Technologies, and Security to support Learning. The main topics covered are: A) Online Education; B) Emerging Technologies in Education; C) Artificial Intelligence in Education; D) Gamification and Serious games; E) Network & Web Technologies Applications; F) Online experimentation and Virtual Laboratories; G) Multimedia Systems and Applications; H) Security and Privacy; I) Multimedia, Computer Vision and Image Processing; J) Cloud, Big Data Analytics and Applications; K) Human-Computer Interaction; L) Software Systems, Architectures, Applications and Tools; M) Onli...

  4. Discussion on the Technology and Method of Computer Network Security Management

    Science.gov (United States)

    Zhou, Jianlei

    2017-09-01

    With the rapid development of information technology, the application of computer network technology has penetrated all aspects of society, changed people's way of life work to a certain extent, brought great convenience to people. But computer network technology is not a panacea, it can promote the function of social development, but also can cause damage to the community and the country. Due to computer network’ openness, easiness of sharing and other characteristics, it had a very negative impact on the computer network security, especially the loopholes in the technical aspects can cause damage on the network information. Based on this, this paper will do a brief analysis on the computer network security management problems and security measures.

  5. Artificial immune system applications in computer security

    CERN Document Server

    Tan, Ying

    2016-01-01

    This book provides state-of-the-art information on the use, design, and development of the Artificial Immune System (AIS) and AIS-based solutions to computer security issues. Artificial Immune System: Applications in Computer Security focuses on the technologies and applications of AIS in malware detection proposed in recent years by the Computational Intelligence Laboratory of Peking University (CIL@PKU). It offers a theoretical perspective as well as practical solutions for readers interested in AIS, machine learning, pattern recognition and computer security. The book begins by introducing the basic concepts, typical algorithms, important features, and some applications of AIS. The second chapter introduces malware and its detection methods, especially for immune-based malware detection approaches. Successive chapters present a variety of advanced detection approaches for malware, including Virus Detection System, K-Nearest Neighbour (KNN), RBF networ s, and Support Vector Machines (SVM), Danger theory, ...

  6. Nuclear material facilities - security systems and technology R and D trends

    International Nuclear Information System (INIS)

    Ellis, D.; Steele, B.

    2002-01-01

    Full text: In the US, physical security research and development (R and D) during the 1970s and 1980s created a body of technology and systems engineering that largely defined the industry for several decades. However, despite today's terrorists threats and risks, the overall funding of new and innovative physical security solutions is relatively very small. Such factors constraining physical security R and D include the expansion of overall security responsibilities, the emphasis on programmatic and business performance, in addition to evolving (mis)perceptions that 'the problem has been solved' or that 'anyone can do security'. Underlying these factors, the lack of robust standards and certifications has limited the development and application of physical security products, systems, and services. The research and development of new security technologies must be evaluated against very demanding constraints - including costs/benefits, emerging threats, and policies. Going forward, the goal will be to create a more comprehensive approach to physical security of nuclear material facilities that matches evolving threats and that will complement the transition to an integrated security/operations management environment. Such a management model evaluates the additional value of increasing security alternatives in addition to determining trade-offs between the programmatic mission and security issues. Correspondingly, more explicit and strategically useful measures must be developed to determine importance that, in turn, will influence security-related R and D efforts. The research and development of security technologies should be based upon identified needs and requirements resulting from a systematic analysis of the threat and other conditions. In particular, security technologies and systems must be evaluated in terms of current and long-term impacts. Such needs are (will be) diverse and will depend upon sustained research investments in a broad range of technologies

  7. Smart Card Security; Technology and Adoption

    OpenAIRE

    Hamed Taherdoost; Shamsul Sahibuddin; Neda Jalaliyoon

    2011-01-01

    Newly, smart card technology are being used in a number of ways around the world, on the otherhand, security has become significant in information technology, especially in those applicationinvolving data sharing and transactions through the internet. Furthermore, researches ininformation technology acceptance have identified the security as one of the factor that caninfluence on smart card adoption. This research is chiefly to study the security principals of smartcard and assess the securit...

  8. Developing security tools of WSN and WBAN networks applications

    CERN Document Server

    A M El-Bendary, Mohsen

    2015-01-01

    This book focuses on two of the most rapidly developing areas in wireless technology (WT) applications, namely, wireless sensors networks (WSNs) and wireless body area networks (WBANs). These networks can be considered smart applications of the recent WT revolutions. The book presents various security tools and scenarios for the proposed enhanced-security of WSNs, which are supplemented with numerous computer simulations. In the computer simulation section, WSN modeling is addressed using MATLAB programming language.

  9. High-Performance Secure Database Access Technologies for HEP Grids

    Energy Technology Data Exchange (ETDEWEB)

    Matthew Vranicar; John Weicher

    2006-04-17

    The Large Hadron Collider (LHC) at the CERN Laboratory will become the largest scientific instrument in the world when it starts operations in 2007. Large Scale Analysis Computer Systems (computational grids) are required to extract rare signals of new physics from petabytes of LHC detector data. In addition to file-based event data, LHC data processing applications require access to large amounts of data in relational databases: detector conditions, calibrations, etc. U.S. high energy physicists demand efficient performance of grid computing applications in LHC physics research where world-wide remote participation is vital to their success. To empower physicists with data-intensive analysis capabilities a whole hyperinfrastructure of distributed databases cross-cuts a multi-tier hierarchy of computational grids. The crosscutting allows separation of concerns across both the global environment of a federation of computational grids and the local environment of a physicist’s computer used for analysis. Very few efforts are on-going in the area of database and grid integration research. Most of these are outside of the U.S. and rely on traditional approaches to secure database access via an extraneous security layer separate from the database system core, preventing efficient data transfers. Our findings are shared by the Database Access and Integration Services Working Group of the Global Grid Forum, who states that "Research and development activities relating to the Grid have generally focused on applications where data is stored in files. However, in many scientific and commercial domains, database management systems have a central role in data storage, access, organization, authorization, etc, for numerous applications.” There is a clear opportunity for a technological breakthrough, requiring innovative steps to provide high-performance secure database access technologies for grid computing. We believe that an innovative database architecture where the

  10. High-Performance Secure Database Access Technologies for HEP Grids

    International Nuclear Information System (INIS)

    Vranicar, Matthew; Weicher, John

    2006-01-01

    The Large Hadron Collider (LHC) at the CERN Laboratory will become the largest scientific instrument in the world when it starts operations in 2007. Large Scale Analysis Computer Systems (computational grids) are required to extract rare signals of new physics from petabytes of LHC detector data. In addition to file-based event data, LHC data processing applications require access to large amounts of data in relational databases: detector conditions, calibrations, etc. U.S. high energy physicists demand efficient performance of grid computing applications in LHC physics research where world-wide remote participation is vital to their success. To empower physicists with data-intensive analysis capabilities a whole hyperinfrastructure of distributed databases cross-cuts a multi-tier hierarchy of computational grids. The crosscutting allows separation of concerns across both the global environment of a federation of computational grids and the local environment of a physicist's computer used for analysis. Very few efforts are on-going in the area of database and grid integration research. Most of these are outside of the U.S. and rely on traditional approaches to secure database access via an extraneous security layer separate from the database system core, preventing efficient data transfers. Our findings are shared by the Database Access and Integration Services Working Group of the Global Grid Forum, who states that 'Research and development activities relating to the Grid have generally focused on applications where data is stored in files. However, in many scientific and commercial domains, database management systems have a central role in data storage, access, organization, authorization, etc, for numerous applications'. There is a clear opportunity for a technological breakthrough, requiring innovative steps to provide high-performance secure database access technologies for grid computing. We believe that an innovative database architecture where the secure

  11. Applications of Blockchain Technology beyond Cryptocurrency

    Directory of Open Access Journals (Sweden)

    Mahdi H. Miraz

    2018-01-01

    Full Text Available Blockchain (BC, the technology behind the Bitcoin crypto-currency system, is considered to be both alluring and critical for ensuring enhanced security and (in some implementations, non-traceable privacy for diverse applications in many other domains - including in the Internet of Things (IoT eco-system. Intensive research is currently being conducted in both academia and industry applying the Blockchain technology in multifarious applications. Proof-of-Work (PoW, a cryptographic puzzle, plays a vital rôle in ensuring BC security by maintaining a digital ledger of transactions, which is considered to be incorruptible. Furthermore, BC uses a changeable Public Key (PK to record the users’ identity, which provides an extra layer of privacy. Not only in cryptocurrency has the successful adoption of BC been implemented but also in multifaceted non-monetary systems such as in: distributed storage systems, proof-of-location, healthcare, decentralized voting and so forth. Recent research articles and projects/applications were surveyed to assess the implementation of BC for enhanced security, to identify associated challenges and to propose solutions for BC enabled enhanced security systems.

  12. Overview of Accelerator Applications for Security and Defense

    Science.gov (United States)

    Antolak, Arlyn J.

    Particle accelerators play a key role in a broad set of defense and security applications, including war-fighter and asset protection, cargo inspection, nonproliferation, materials characterization, and stockpile stewardship. Accelerators can replace the high activity radioactive sources that pose a security threat to developing a radiological dispersal device, and, can be used to produce isotopes for medical, industrial, and research purposes. An overview of current and emerging accelerator technologies relevant to addressing the needs of defense and security is presented.

  13. Multi-color IR sensors based on QWIP technology for security and surveillance applications

    Science.gov (United States)

    Sundaram, Mani; Reisinger, Axel; Dennis, Richard; Patnaude, Kelly; Burrows, Douglas; Cook, Robert; Bundas, Jason

    2006-05-01

    Room-temperature targets are detected at the furthest distance by imaging them in the long wavelength (LW: 8-12 μm) infrared spectral band where they glow brightest. Focal plane arrays (FPAs) based on quantum well infrared photodetectors (QWIPs) have sensitivity, noise, and cost metrics that have enabled them to become the best commercial solution for certain security and surveillance applications. Recently, QWIP technology has advanced to provide pixelregistered dual-band imaging in both the midwave (MW: 3-5 μm) and longwave infrared spectral bands in a single chip. This elegant technology affords a degree of target discrimination as well as the ability to maximize detection range for hot targets (e.g. missile plumes) by imaging in the midwave and for room-temperature targets (e.g. humans, trucks) by imaging in the longwave with one simple camera. Detection-range calculations are illustrated and FPA performance is presented.

  14. Android Applications Security

    Directory of Open Access Journals (Sweden)

    Paul POCATILU

    2011-01-01

    Full Text Available The use of smartphones worldwide is growing very fast and also the malicious attacks have increased. The mobile security applications development keeps the pace with this trend. The paper presents the vulnerabilities of mobile applications. The Android applications and devices are analyzed through the security perspective. The usage of restricted API is also presented. The paper also focuses on how users can prevent these malicious attacks and propose some prevention measures, including the architecture of a mobile security system for Android devices.

  15. New trends in science and technology implications for international peace and security

    International Nuclear Information System (INIS)

    1991-01-01

    In December 1988, the General Assembly requested the Secretary-General to follow future scientific and technological developments, especially those with potential military applications, and to evaluate their impact on international security. In resolution 43/77 A it also requested the Secretary-General to report to it at its forty-fifth session. The broad fields in which scientific and technological developments are taking place were identified as: information technology, biotechnology, materials technology, nuclear technology and space technology. These assessments were discussed by a wider group of experts at a high-level conference on ''New trends in science and technology: implications for international peace and security'', held in April 1990 in the city of Sendai, Japan. The Conference, which was attended by nearly 100 participants from over 20 countries, addressed issues of technological change and global security, new technologies and the search for security in the post-cold-war era, and national policy-making and international diplomacy in an era of rapid technological change. General approaches to technology assessment and technology trends in selected areas were also discussed. The positions taken by Member States on the subject of establishing a mechanism for technology assessment were also taken into account. The highlights of the report are summarized

  16. Detection of the Security Vulnerabilities in Web Applications

    Directory of Open Access Journals (Sweden)

    2009-01-01

    Full Text Available The contemporary organizations develop business processes in a very complex environment. The IT&C technologies are used by organizations to improve their competitive advantages. But, the IT&C technologies are not perfect. They are developed in an iterative process and their quality is the result of the lifecycle activities. The audit and evaluation processes are required by the increased complexity of the business processes supported by IT&C technologies. In order to organize and develop a high-quality audit process, the evaluation team must analyze the risks, threats and vulnerabilities of the information system. The paper highlights the security vulnerabilities in web applications and the processes of their detection. The web applications are used as IT&C tools to support the distributed information processes. They are a major component of the distributed information systems. The audit and evaluation processes are carried out in accordance with the international standards developed for information system security assurance.

  17. Enterprise security IT security solutions : concepts, practical experiences, technologies

    CERN Document Server

    Fumy, Walter

    2013-01-01

    Addressing IT managers and staff, as well as CIOs and other executives dealing with corporate IT security, this book provides a broad knowledge on the major security issues affecting today's corporations and organizations, and presents state-of-the-art concepts and current trends for securing an enterprise.Areas covered include information security management, network and system security, identity and access management (IAM), authentication (including smart card based solutions and biometrics), and security certification. In-depth discussion of relevant technologies and standards (including cr

  18. Information technology security system engineering methodology

    Science.gov (United States)

    Childs, D.

    2003-01-01

    A methodology is described for system engineering security into large information technology systems under development. The methodology is an integration of a risk management process and a generic system development life cycle process. The methodology is to be used by Security System Engineers to effectively engineer and integrate information technology security into a target system as it progresses through the development life cycle. The methodology can also be used to re-engineer security into a legacy system.

  19. Optical Imaging Sensors and Systems for Homeland Security Applications

    CERN Document Server

    Javidi, Bahram

    2006-01-01

    Optical and photonic systems and devices have significant potential for homeland security. Optical Imaging Sensors and Systems for Homeland Security Applications presents original and significant technical contributions from leaders of industry, government, and academia in the field of optical and photonic sensors, systems and devices for detection, identification, prevention, sensing, security, verification and anti-counterfeiting. The chapters have recent and technically significant results, ample illustrations, figures, and key references. This book is intended for engineers and scientists in the relevant fields, graduate students, industry managers, university professors, government managers, and policy makers. Advanced Sciences and Technologies for Security Applications focuses on research monographs in the areas of -Recognition and identification (including optical imaging, biometrics, authentication, verification, and smart surveillance systems) -Biological and chemical threat detection (including bios...

  20. Evolution of Biotechnology and Information Technology and Its Impact on Human Security

    Directory of Open Access Journals (Sweden)

    Elena S. Zinovieva

    2015-01-01

    Full Text Available Abstract: The development of post-industrial society initiates profound economic, technological and cultural change in the way of life of all mankind. The revolutionary breakthroughs in the field of new technologies such as biotechnology and information technology are reflected in all spheres of human activity, directly affecting the human security. The article analyzes the consequences of widespread usage biotechnology and information technology in the foreign policy practice on the basis of the human security theory. The detailed description of the main directions of the use of biometric technology in the foreign policy and consular practices is provided, the challenges and threats to information security associated with biometrics are analyzed, arising from widespread biotechnology are the main challenges and threats to as well as human security threats arising at the present stage of development and application of these technologies. Human security threats associated with the use of biotechnology are placed in the broader context of global trends in scientific and technological development. The recommendations are formulated in the field of foreign policy and international cooperation, which would neutralize new threats to international and personal safety arising at the present stage of development of biotechnology. The authors conclude that in order to ensure ethical regulation of new technologies that address issues of human security, it is necessary to organize multi-stakeholder partnerships at national and international level with the participation of states, representatives of civil society, business and the research community.

  1. Security surveillance challenges and proven thermal imaging capabilities in real-world applications

    Science.gov (United States)

    Francisco, Glen L.; Roberts, Sharon

    2004-09-01

    Uncooled thermal imaging was first introduced to the public in early 1980's by Raytheon (legacy Texas Instruments Defense Segment Electronics Group) as a solution for military applications. Since the introduction of this technology, Raytheon has remained the leader in this market as well as introduced commercial versions of thermal imaging products specifically designed for security, law enforcement, fire fighting, automotive and industrial uses. Today, low cost thermal imaging for commercial use in security applications is a reality. Organizations of all types have begun to understand the advantages of using thermal imaging as a means to solve common surveillance problems where other popular technologies fall short. Thermal imaging has proven to be a successful solution for common security needs such as: ¸ vision at night where lighting is undesired and 24x7 surveillance is needed ¸ surveillance over waterways, lakes and ports where water and lighting options are impractical ¸ surveillance through challenging weather conditions where other technologies will be challenged by atmospheric particulates ¸ low maintenance requirements due to remote or difficult locations ¸ low cost over life of product Thermal imaging is now a common addition to the integrated security package. Companies are relying on thermal imaging for specific applications where no other technology can perform.

  2. A study of the security technology and a new security model for WiFi network

    Science.gov (United States)

    Huang, Jing

    2013-07-01

    The WiFi network is one of the most rapidly developing wireless communication networks, which makes wireless office and wireless life possible and greatly expands the application form and scope of the internet. At the same time, the WiFi network security has received wide attention, and this is also the key factor of WiFi network development. This paper makes a systematic introduction to the WiFi network and WiFi network security problems, and the WiFi network security technology are reviewed and compared. In order to solve the security problems in WiFi network, this paper presents a new WiFi network security model and the key exchange algorithm. Experiments are performed to test the performance of the model, the results show that the new security model can withstand external network attack and ensure stable and safe operation of WiFi network.

  3. Secure Java For Web Application Development

    CERN Document Server

    Bhargav, Abhay

    2010-01-01

    As the Internet has evolved, so have the various vulnerabilities, which largely stem from the fact that developers are unaware of the importance of a robust application security program. This book aims to educate readers on application security and building secure web applications using the new Java Platform. The text details a secure web application development process from the risk assessment phase to the proof of concept phase. The authors detail such concepts as application risk assessment, secure SDLC, security compliance requirements, web application vulnerabilities and threats, security

  4. Building secure network by integrated technology

    International Nuclear Information System (INIS)

    An Dehai; Xu Rongsheng; Liu Baoxu

    2000-01-01

    The author introduces a method which can realize the most powerful network security prevention by the network security integrated technologies such as firewall, realtime monitor, network scanner, Web detection and security, etc

  5. Security issues in healthcare applications using wireless medical sensor networks: a survey.

    Science.gov (United States)

    Kumar, Pardeep; Lee, Hoon-Jae

    2012-01-01

    Healthcare applications are considered as promising fields for wireless sensor networks, where patients can be monitored using wireless medical sensor networks (WMSNs). Current WMSN healthcare research trends focus on patient reliable communication, patient mobility, and energy-efficient routing, as a few examples. However, deploying new technologies in healthcare applications without considering security makes patient privacy vulnerable. Moreover, the physiological data of an individual are highly sensitive. Therefore, security is a paramount requirement of healthcare applications, especially in the case of patient privacy, if the patient has an embarrassing disease. This paper discusses the security and privacy issues in healthcare application using WMSNs. We highlight some popular healthcare projects using wireless medical sensor networks, and discuss their security. Our aim is to instigate discussion on these critical issues since the success of healthcare application depends directly on patient security and privacy, for ethic as well as legal reasons. In addition, we discuss the issues with existing security mechanisms, and sketch out the important security requirements for such applications. In addition, the paper reviews existing schemes that have been recently proposed to provide security solutions in wireless healthcare scenarios. Finally, the paper ends up with a summary of open security research issues that need to be explored for future healthcare applications using WMSNs.

  6. Security Issues in Healthcare Applications Using Wireless Medical Sensor Networks: A Survey

    Directory of Open Access Journals (Sweden)

    Hoon-Jae Lee

    2011-12-01

    Full Text Available Healthcare applications are considered as promising fields for wireless sensor networks, where patients can be monitored using wireless medical sensor networks (WMSNs. Current WMSN healthcare research trends focus on patient reliable communication, patient mobility, and energy-efficient routing, as a few examples. However, deploying new technologies in healthcare applications without considering security makes patient privacy vulnerable. Moreover, the physiological data of an individual are highly sensitive. Therefore, security is a paramount requirement of healthcare applications, especially in the case of patient privacy, if the patient has an embarrassing disease. This paper discusses the security and privacy issues in healthcare application using WMSNs. We highlight some popular healthcare projects using wireless medical sensor networks, and discuss their security. Our aim is to instigate discussion on these critical issues since the success of healthcare application depends directly on patient security and privacy, for ethic as well as legal reasons. In addition, we discuss the issues with existing security mechanisms, and sketch out the important security requirements for such applications. In addition, the paper reviews existing schemes that have been recently proposed to provide security solutions in wireless healthcare scenarios. Finally, the paper ends up with a summary of open security research issues that need to be explored for future healthcare applications using WMSNs.

  7. Advances in network systems architectures, security, and applications

    CERN Document Server

    Awad, Ali; Furtak, Janusz; Legierski, Jarosław

    2017-01-01

    This book provides the reader with a comprehensive selection of cutting–edge algorithms, technologies, and applications. The volume offers new insights into a range of fundamentally important topics in network architectures, network security, and network applications. It serves as a reference for researchers and practitioners by featuring research contributions exemplifying research done in the field of network systems. In addition, the book highlights several key topics in both theoretical and practical aspects of networking. These include wireless sensor networks, performance of TCP connections in mobile networks, photonic data transport networks, security policies, credentials management, data encryption for network transmission, risk management, live TV services, and multicore energy harvesting in distributed systems. .

  8. Android Applications Security

    OpenAIRE

    Paul POCATILU

    2011-01-01

    The use of smartphones worldwide is growing very fast and also the malicious attacks have increased. The mobile security applications development keeps the pace with this trend. The paper presents the vulnerabilities of mobile applications. The Android applications and devices are analyzed through the security perspective. The usage of restricted API is also presented. The paper also focuses on how users can prevent these malicious attacks and propose some prevention measures, including the a...

  9. Security central processing unit applications in the protection of nuclear facilities

    International Nuclear Information System (INIS)

    Goetzke, R.E.

    1987-01-01

    New or upgraded electronic security systems protecting nuclear facilities or complexes will be heavily computer dependent. Proper planning for new systems and the employment of new state-of-the-art 32 bit processors in the processing of subsystem reports are key elements in effective security systems. The processing of subsystem reports represents only a small segment of system overhead. In selecting a security system to meet the current and future needs for nuclear security applications the central processing unit (CPU) applied in the system architecture is the critical element in system performance. New 32 bit technology eliminates the need for program overlays while providing system programmers with well documented program tools to develop effective systems to operate in all phases of nuclear security applications

  10. Applications of Blockchain Technology beyond Cryptocurrency

    OpenAIRE

    Miraz, Mahdi H.; Ali, Maaruf

    2018-01-01

    Blockchain (BC), the technology behind the Bitcoin crypto-currency system, is considered to be both alluring and critical for ensuring enhanced security and (in some implementations, non-traceable) privacy for diverse applications in many other domains - including in the Internet of Things (IoT) eco-system. Intensive research is currently being conducted in both academia and industry applying the Blockchain technology in multifarious applications. Proof-of-Work (PoW), a cryptographic puzzle, ...

  11. The research on information security technology for the industrial control system of special equipment

    International Nuclear Information System (INIS)

    Chen Ligang; Liu Hongye; Zhang Wei; Sun Jianying; Lan Peng; Dai Sidan

    2014-01-01

    With the rapid development of information technology in enterprise application, industrial control network and management network is becoming more and more closely linked. Development and application of special equipment control system from the traditional industrial control system, not considered when designing communication security problem mainly, therefore, the industrial control system opened at the same time, isolation control system and the outside was weakened, the safety problems of industrial control system had become more and more serious. The practical application combined with the special equipment control system, analysis and elaboration in view of security problems for the control network, also, provide appropriate security solutions for professional characteristics of industrial control network, design on process control system specially, provide security partition protection scheme, in order to improve security ability of industrial control system information. (authors)

  12. Nuclear energy technology transfer: the security barriers

    International Nuclear Information System (INIS)

    Rinne, R.L.

    1975-08-01

    The problems presented by security considerations to the transfer of nuclear energy technology are examined. In the case of fusion, the national security barrier associated with the laser and E-beam approaches is discussed; for fission, the international security requirements, due to the possibility of the theft or diversion of special nuclear materials or sabotage of nuclear facilities, are highlighted. The paper outlines the nuclear fuel cycle and terrorist threat, examples of security barriers, and the current approaches to transferring technology. (auth)

  13. Image-based electronic patient records for secured collaborative medical applications.

    Science.gov (United States)

    Zhang, Jianguo; Sun, Jianyong; Yang, Yuanyuan; Liang, Chenwen; Yao, Yihong; Cai, Weihua; Jin, Jin; Zhang, Guozhen; Sun, Kun

    2005-01-01

    We developed a Web-based system to interactively display image-based electronic patient records (EPR) for secured intranet and Internet collaborative medical applications. The system consists of four major components: EPR DICOM gateway (EPR-GW), Image-based EPR repository server (EPR-Server), Web Server and EPR DICOM viewer (EPR-Viewer). In the EPR-GW and EPR-Viewer, the security modules of Digital Signature and Authentication are integrated to perform the security processing on the EPR data with integrity and authenticity. The privacy of EPR in data communication and exchanging is provided by SSL/TLS-based secure communication. This presentation gave a new approach to create and manage image-based EPR from actual patient records, and also presented a way to use Web technology and DICOM standard to build an open architecture for collaborative medical applications.

  14. Photonic sensor opportunities for distributed and wireless systems in security applications

    Science.gov (United States)

    Krohn, David

    2006-10-01

    There are broad ranges of homeland security sensing applications that can be facilitated by distributed fiber optic sensors and photonics integrated wireless systems. These applications include [1]: Pipeline, (Monitoring, Security); Smart structures (Bridges, Tunnels, Dams, Public spaces); Power lines (Monitoring, Security); Transportation security; Chemical/biological detection; Wide area surveillance - perimeter; and Port Security (Underwater surveillance, Cargo container). Many vital assets which cover wide areas, such as pipeline and borders, are under constant threat of being attacked or breached. There is a rapidly emerging need to be able to provide identification of intrusion threats to such vital assets. Similar problems exit for monitoring the basic infrastructure such as water supply, power utilities, communications systems as well as transportation. There is a need to develop a coordinated and integrated solution for the detection of threats. From a sensor standpoint, consideration must not be limited to detection, but how does detection lead to intervention and deterrence. Fiber optic sensor technology must be compatible with other surveillance technologies such as wireless mote technology to facilitate integration. In addition, the multi-functionality of fiber optic sensors must be expanded to include bio-chemical detection. There have been a number of barriers for the acceptance and broad use of smart fiber optic sensors. Compared to telecommunications, the volume is low. This fact coupled with proprietary and custom specifications has kept the price of fiber optic sensors high. There is a general lack of a manufacturing infrastructure and lack of standards for packaging and reliability. Also, there are several competing technologies; some photonic based and other approaches based on conventional non-photonic technologies.

  15. Cyber security

    CERN Document Server

    Voeller, John G

    2014-01-01

    Cyber Security features articles from the Wiley Handbook of Science and Technology for Homeland Security covering topics related to cyber security metrics and measure  and related technologies that meet security needs. Specific applications to web services, the banking and the finance sector, and industrial process control systems are discussed.

  16. Technologies to counter aviation security threats

    Science.gov (United States)

    Karoly, Steve

    2017-11-01

    The Aviation and Transportation Security Act (ATSA) makes TSA responsible for security in all modes of transportation, and requires that TSA assess threats to transportation, enforce security-related regulations and requirements, and ensure the adequacy of security measures at airports and other transportation facilities. Today, TSA faces a significant challenge and must address a wide range of commercial, military grade, and homemade explosives and these can be presented in an infinite number of configurations and from multiple vectors. TSA screens 2 million passengers and crew, and screens almost 5 million carry-on items and 1.2 million checked bags daily. As TSA explores new technologies for improving efficiency and security, those on the forefront of research and development can help identify unique and advanced methods to combat terrorism. Research and Development (R&D) drives the development of future technology investments that can address an evolving adversary and aviation threat. The goal is to rethink the aviation security regime in its entirety, and rather than focusing security at particular points in the enterprise, distribute security from the time a reservation is made to the time a passenger boards the aircraft. The ultimate objective is to reengineer aviation security from top to bottom with a continued focus on increasing security throughout the system.

  17. Making Technology Work for Campus Security

    Science.gov (United States)

    Floreno, Jeff; Keil, Brad

    2010-01-01

    The challenges associated with securing schools from both on- and off-campus threats create constant pressure for law enforcement, campus security professionals, and administrators. And while security technology choices are plentiful, many colleges and universities are operating with limited dollars and information needed to select and integrate…

  18. Applications for cyber security - System and application monitoring

    International Nuclear Information System (INIS)

    Marron, J. E.

    2006-01-01

    Standard network security measures are adequate for defense against external attacks. However, many experts agree that the greater threat is from internal sources. Insiders with malicious intentions can change controller instructions, change alarm thresholds, and issue commands to equipment which can damage equipment and compromise control system integrity. In addition to strict physical security the state of the system must be continually monitored. System and application monitoring goes beyond the capabilities of network security appliances. It will include active processes, operating system services, files, network adapters and IP addresses. The generation of alarms is a crucial feature of system and application monitoring. The alarms should be integrated to avoid the burden on operators of checking multiple locations for security violations. Tools for system and application monitoring include commercial software, free software, and ad-hoc tools that can be easily created. System and application monitoring is part of a 'defense-in-depth' approach to a control network security plan. Layered security measures prevent an individual security measure failure from being exploited into a successful security breach. Alarming of individual failures is essential for rapid isolation and correction of single failures. System and application monitoring is the innermost layer of this defense strategy. (authors)

  19. The study of business opportunities and value add of NFC applications in security

    OpenAIRE

    Niemelä, Harri

    2011-01-01

    Niemelä, Harri 2011. The study of business opportunities and value add of NFC applications in security access control solutions. Master´s Thesis. Kemi-Tornio University of Applied Sciences. Business and Culture. Pages 59. Appendices 2. Since wireless technologies and electrical identification is already our everyday life, it is naturally to utilize latest technologies and in this case Near Field Communication technology to security access control purposes what we meet in our life at wo...

  20. Survey of network and information security technology

    International Nuclear Information System (INIS)

    Liu Baoxu; Wang Xiaozhen

    2007-01-01

    With the rapidly development of the computer network technology and informationize working of our Country, Network and Information Security issues becomes the focal point problem that people shows solicitude for. On the basis analysing security threat and challenge of network information and their developing trend. This paper briefly analyses and discusses the main relatively study direction and content about the theory, technology and practice of Network and Information Security. (authors)

  1. Leveraging multi-channel x-ray detector technology to improve quality metrics for industrial and security applications

    Science.gov (United States)

    Jimenez, Edward S.; Thompson, Kyle R.; Stohn, Adriana; Goodner, Ryan N.

    2017-09-01

    Sandia National Laboratories has recently developed the capability to acquire multi-channel radio- graphs for multiple research and development applications in industry and security. This capability allows for the acquisition of x-ray radiographs or sinogram data to be acquired at up to 300 keV with up to 128 channels per pixel. This work will investigate whether multiple quality metrics for computed tomography can actually benefit from binned projection data compared to traditionally acquired grayscale sinogram data. Features and metrics to be evaluated include the ability to dis- tinguish between two different materials with similar absorption properties, artifact reduction, and signal-to-noise for both raw data and reconstructed volumetric data. The impact of this technology to non-destructive evaluation, national security, and industry is wide-ranging and has to potential to improve upon many inspection methods such as dual-energy methods, material identification, object segmentation, and computer vision on radiographs.

  2. 75 FR 28275 - Homeland Security Science and Technology Advisory Committee

    Science.gov (United States)

    2010-05-20

    ...: The Homeland Security Science and Technology Advisory Committee met on April 20, 2010 from 8:30 a.m... and Technology Directorate, Department of Homeland Security, 245 Murray Lane, Bldg. 410, Washington... for the Under Secretary of Homeland Security for Science and Technology. The Homeland Security Science...

  3. Control System Applicable Use Assessment of the Secure Computing Corporation - Secure Firewall (Sidewinder)

    Energy Technology Data Exchange (ETDEWEB)

    Hadley, Mark D.; Clements, Samuel L.

    2009-01-01

    Battelle’s National Security & Defense objective is, “applying unmatched expertise and unique facilities to deliver homeland security solutions. From detection and protection against weapons of mass destruction to emergency preparedness/response and protection of critical infrastructure, we are working with industry and government to integrate policy, operational, technological, and logistical parameters that will secure a safe future”. In an ongoing effort to meet this mission, engagements with industry that are intended to improve operational and technical attributes of commercial solutions that are related to national security initiatives are necessary. This necessity will ensure that capabilities for protecting critical infrastructure assets are considered by commercial entities in their development, design, and deployment lifecycles thus addressing the alignment of identified deficiencies and improvements needed to support national cyber security initiatives. The Secure Firewall (Sidewinder) appliance by Secure Computing was assessed for applicable use in critical infrastructure control system environments, such as electric power, nuclear and other facilities containing critical systems that require augmented protection from cyber threat. The testing was performed in the Pacific Northwest National Laboratory’s (PNNL) Electric Infrastructure Operations Center (EIOC). The Secure Firewall was tested in a network configuration that emulates a typical control center network and then evaluated. A number of observations and recommendations are included in this report relating to features currently included in the Secure Firewall that support critical infrastructure security needs.

  4. Center for Coastline Security Technology, Year-2

    Science.gov (United States)

    2007-05-01

    cinematic film industry . For the port security application there are several research issues being addressed under this program, specifically...being the cinematic film industry . For the port security application there are several research issues being addressed under this program...the primary customers being the film industry . For the port security application there are several research issues being addressed under this program

  5. Managing information technology security risk

    Science.gov (United States)

    Gilliam, David

    2003-01-01

    Information Technology (IT) Security Risk Management is a critical task for the organization to protect against the loss of confidentiality, integrity and availability of IT resources. As systems bgecome more complex and diverse and and attacks from intrusions and malicious content increase, it is becoming increasingly difficult to manage IT security risk. This paper describes a two-pronged approach in addressing IT security risk and risk management in the organization: 1) an institutional enterprise appraoch, and 2) a project life cycle approach.

  6. Engineering Principles for Information Technology Security (A Baseline for Achieving Security)

    National Research Council Canada - National Science Library

    Stoneburner, Gary

    2001-01-01

    The purpose of the Engineering Principles for Information Technology (IT) Security (HP-ITS) is to present a list of system-level security principles to he considered in the design, development, and operation of an information system...

  7. RFID Based Security Access Control System with GSM Technology

    OpenAIRE

    Peter Adole; Joseph M. Môm; Gabriel A. Igwue

    2016-01-01

    The security challenges being encountered in many places today require electronic means of controlling access to secured premises in addition to the available security personnel. Various technologies were used in different forms to solve these challenges. The Radio Frequency Identification (RFID) Based Access Control Security system with GSM technology presented in this work helps to prevent unauthorized access to controlled environments (secured premises). This is achieved mainly...

  8. 76 FR 55427 - Horizon Technology Finance Corporation, et al.; Notice of Application

    Science.gov (United States)

    2011-09-07

    .... Applicants: Horizon Technology Finance Corporation (the ``Company''), Horizon Technology Finance Management... Technology Finance Corporation, et al.; Notice of Application August 31, 2011. AGENCY: Securities and... Blass, Branch Chief, at (202) 551-6821 (Division of Investment Management, Office of Investment Company...

  9. Making Wireless Networks Secure for NASA Mission Critical Applications Using Virtual Private Network (VPN) Technology

    Science.gov (United States)

    Nichols, Kelvin F.; Best, Susan; Schneider, Larry

    2004-01-01

    With so many security issues involved with wireless networks, the technology has not been fully utilized in the area of mission critical applications. These applications would include the areas of telemetry, commanding, voice and video. Wireless networking would allow payload operators the mobility to take computers outside of the control room to their off ices and anywhere else in the facility that the wireless network was extended. But the risk is too great of having someone sit just inside of your wireless network coverage and intercept enough of your network traffic to steal proprietary data from a payload experiment or worse yet hack back into your system and do even greater harm by issuing harmful commands. Wired Equivalent Privacy (WEP) is improving but has a ways to go before it can be trusted to protect mission critical data. Today s hackers are becoming more aggressive and innovative, and in order to take advantage of the benefits that wireless networking offer, appropriate security measures need to be in place that will thwart hackers. The Virtual Private Network (VPN) offers a solution to the security problems that have kept wireless networks from being used for mission critical applications. VPN provides a level of encryption that will ensure that data is protected while it is being transmitted over a wireless local area network (LAN). The VPN allows a user to authenticate to the site that the user needs to access. Once this authentication has taken place the network traffic between that site and the user is encapsulated in VPN packets with the Triple Data Encryption Standard (3DES). 3DES is an encryption standard that uses a single secret key to encrypt and decrypt data. The length of the encryption key is 168 bits as opposed to its predecessor DES that has a 56-bit encryption key. Even though 3DES is the common encryption standard for today, the Advance Encryption Standard (AES), which provides even better encryption at a lower cycle cost is growing

  10. Standoff Sensing Technology Based on Laser-Induced Breakdown Spectroscopy: Advanced Targeting, Surveillance and Reconnaissance in Security and Architectural Heritage Applications

    OpenAIRE

    Gaona Fernández, María Inmaculada

    2014-01-01

    Due to the ability to perform simultaneous, multi-element and real-time analysis without pretreatment and doing from a distance, laser induced breakdown spectroscopy (LIBS) in standoff mode is now considered a cutting-edge analytical technology. All these features have allowed its application in various fields such as security, environment, cultural heritage protection and space exploration, among the more outstanding. Nonetheless, the fact of working to long distances involves greater dif...

  11. 75 FR 18516 - Homeland Security Science and Technology Advisory Committee

    Science.gov (United States)

    2010-04-12

    ...; notice of closed Federal Advisory Committee meeting SUMMARY: The Homeland Security Science and Technology.... DATES: The Homeland Security Science and Technology Advisory Committee will meet April 20, 2010 from 8...: Ms. Tiwanda Burse, Science and Technology Directorate, Department of Homeland Security, 245 Murray...

  12. 75 FR 2555 - Homeland Security Science and Technology Advisory Committee

    Science.gov (United States)

    2010-01-15

    ... Technology Advisory Committee will meet January 26-28, 2010, at the Department of Homeland Security, 1120..., Science and Technology Directorate, Department of Homeland Security, 245 Murray Lane, Bldg. 410... Burse, Science and Technology Directorate, Department of Homeland Security, 245 Murray Lane, Bldg. 410...

  13. Energy technology evaluation report: Energy security

    Science.gov (United States)

    Koopman, R.; Lamont, A.; Schock, R.

    1992-09-01

    Energy security was identified in the National Energy Strategy (NES) as a major issue for the Department of Energy (DOE). As part of a process designed by the DOE to identify technologies important to implementing the NES, an expert working group was convened to consider which technologies can best contribute to reducing the nation's economic vulnerability to future disruptions of world oil supplies, the working definition of energy security. Other working groups were established to deal with economic growth, environmental quality, and technical foundations. Energy Security working group members were chosen to represent as broad a spectrum of energy supply and end-use technologies as possible and were selected for their established reputations as experienced experts with an ability to be objective. The time available for this evaluation was very short. The group evaluated technologies using criteria taken from the NES which can be summarized for energy security as follows: diversifying sources of world oil supply so as to decrease the increasing monopoly status of the Persian Gulf region; reducing the importance of oil use in the US economy to diminish the impact of future disruptions in oil supply; and increasing the preparedness of the US to deal with oil supply disruptions by having alternatives available at a known price. The result of the first phase of the evaluation process was the identification of technology groups determined to be clearly important for reducing US vulnerability to oil supply disruptions. The important technologies were mostly within the high leverage areas of oil and gas supply and transportation demand but also included hydrogen utilization, biomass, diversion resistant nuclear power, and substitute industrial feedstocks.

  14. An RFID-based luggage and passenger tracking system for airport security control applications

    Science.gov (United States)

    Vastianos, George E.; Kyriazanos, Dimitris M.; Kountouriotis, Vassilios I.; Thomopoulos, Stelios C. A.

    2014-06-01

    Market analysis studies of recent years have shown a steady and significant increase in the usage of RFID technology. Key factors for this growth were the decreased costs of passive RFIDs and their improved performance compared to the other identification technologies. Besides the benefits of RFID technologies into the supply chains, warehousing, traditional inventory and asset management applications, RFID has proven itself worth exploiting on experimental, as well as on commercial level in other sectors, such as healthcare, transport and security. In security sector, airport security is one of the biggest challenges. Airports are extremely busy public places and thus prime targets for terrorism, with aircraft, passengers, crew and airport infrastructure all subject to terrorist attacks. Inside this labyrinth of security challenges, the long range detection capability of the UHF passive RFID technology can be turned into a very important tracking tool that may outperform all the limitations of the barcode tracking inside the current airport security control chain. The Integrated Systems Lab of NCSR Demokritos has developed an RFID based Luggage and Passenger tracking system within the TASS (FP7-SEC-2010-241905) EU research project. This paper describes application scenarios of the system categorized according to the structured nature of the environment, the system architecture and presents evaluation results extracted from measurements with a group of different massive production GEN2 UHF RFID tags that are widely available in the world market.

  15. Forensics Investigation of Web Application Security Attacks

    OpenAIRE

    Amor Lazzez; Thabet Slimani

    2015-01-01

    Nowadays, web applications are popular targets for security attackers. Using specific security mechanisms, we can prevent or detect a security attack on a web application, but we cannot find out the criminal who has carried out the security attack. Being unable to trace back an attack, encourages hackers to launch new attacks on the same system. Web application forensics aims to trace back and attribute a web application security attack to its originator. This may significantly reduce the sec...

  16. 75 FR 39955 - Homeland Security Science and Technology Advisory Committee

    Science.gov (United States)

    2010-07-13

    ... Homeland Security Science and Technology Advisory Committee meeting will be open to the public on July 20th... Burse, Science and Technology Directorate, Department of Homeland Security, 245 Murray Lane, Bldg. 410... Protection programs in Science & Technology and updates on homeland security sensitive Federally Funded...

  17. Information Technology Convergence, Secure and Trust Computing, and Data Management ITCS 2012 & STA 2012

    CERN Document Server

    Kim, Jongsung; Zou, Deqing; Lee, Yang

    2012-01-01

    ITCS 2012 and STA 2012 address the various theories and practical applications of information technology convergence, secure and trust computing, and data management in future environments. It will present important results of significant value to solve the application services and various problems within the scope of ITCS 2012 & STA 2012. In addition, we expect it will trigger further related research and technology developments which will improve our lives in the future.

  18. Wireless Technology Application to Nuclear Power Plants

    International Nuclear Information System (INIS)

    Lee, Jeong Kweon; Jeong, See Chae; Jeong, Ki Hoon; Oh, Do Young; Kim, Jae Hack

    2009-01-01

    Wireless technologies are getting widely used in various industrial processes for equipment condition monitoring, process measurement and other applications. In case of Nuclear Power Plant (NPP), it is required to review applicability of the wireless technologies for maintaining plant reliability, preventing equipment failure, and reducing operation and maintenance costs. Remote sensors, mobile technology and two-way radio communication may satisfy these needs. The application of the state of the art wireless technologies in NPPs has been restricted because of the vulnerability for the Electromagnetic Interference and Radio Frequency Interference (EMI/RFI) and cyber security. It is expected that the wireless technologies can be applied to the nuclear industry after resolving these issues which most of the developers and vendors are aware of. This paper presents an overview and information on general wireless deployment in nuclear facilities for future application. It also introduces typical wireless plant monitoring system application in the existing NPPs

  19. Application Security in the ISO27001 Environment

    CERN Document Server

    Vinod, Vasudevan; Firosh, Ummer

    2008-01-01

    Application Security in the ISO27001 Environment demonstrates how to secure software applications within a best practice ISO/IEC 27001 environment and supports implementation of the PCI DSS Payment Application Security Standard.

  20. Safeguards and security deficiencies fulfilled through technology development

    International Nuclear Information System (INIS)

    Smoot, W.

    1996-01-01

    The Office of Safeguards and Security (OSS) sponsors research and development activities based on identified field and headquarters customer requirements. Annually, a formal solicitation of safeguards and security user needs is conducted. Currently, there are over 300 valid safeguards and security deficiencies that have been identified. These user needs serve as the basis for formulating the OSS Technology Development Program (TDP). Due to budget constraints, the TDP can only address approximately 47% of these needs in FY 1996. This paper will discuss, in a general sense, the current deficiencies and how the TDP is responding to each. Specifically, the paper will highlight technologies in the areas of Material Control and Accounting, Physical Security, and Information Security. A brief discussion of unfulfilled user requirements will also be presented as a catalyst for leveraging available or developing technologies from other similar programs or from private industry

  1. National Security Technology Incubation Project Continuation Plan

    Energy Technology Data Exchange (ETDEWEB)

    None

    2008-09-30

    This document contains a project continuation plan for the National Security Technology Incubator (NSTI). The plan was developed as part of the National Security Preparedness Project (NSPP) funded by a Department of Energy (DOE)/National Nuclear Security Administration (NNSA) grant. This continuation plan describes the current status of NSTI (staffing and clients), long-term goals, strategies, and long-term financial solvency goals.The Arrowhead Center of New Mexico State University (NMSU) is the operator and manager of the NSTI. To realize the NSTI, Arrowhead Center must meet several performance objectives related to planning, development, execution, evaluation, and sustainability. This continuation plan is critical to the success of NSTI in its mission of incubating businesses with security technology products and services.

  2. Advanced technologies: Trends and implications for security

    International Nuclear Information System (INIS)

    Shaw, A.

    1990-01-01

    As the world moves towards the close of the twentieth century, three technological trends will strongly influence security. In order of importance they are: first, the increasing globalization of the ability to develop and use high technology, much of which has both civilian and military applications; secondly, the broad dissemination of militarily-relevant technology world-wide; and thirdly, the continued development by the United States and the USSR (and a few other nations) of advanced technology for military applications. The military balance between the super-Powers and their allies has been strongly rooted in advancing military technology. Great changes in technology have resulted in adjustments -mostly in limited aspects such as the armour/ anti-armour balance - but have not caused it to change wildly. This seems likely to remain the case for the foreseeable future. There are arguments that Western technology has been a prime causative factor behind Soviet willingness to engage in negotiations to reduce forces. They claim that fear of the Strategic Defense Initiative is behind progress in the Strategic Arms Reduction Talks, and that perceived Western mastery of the technology for systems combining quick reaction, deep strike and high kill probabilities led the Soviet Union to reassess its potential for a successful land campaign in Europe. If current arms control negotiations are successful, the momentum is maintained, and other political changes take hold, the military balance could be taken to a point where ft would not be very sensitive to technological change. One should be aware that the arms control negotiations are very complex, primarily because of technological issues, and we should not yet bank on it all working out well. If it fails, the military technical competition will heat up again. Even under a strict arms control regime we can expect the competition to continue as each side seeks to develop counters to what ft sees as the other side

  3. 48 CFR 2452.239-71 - Information Technology Virus Security.

    Science.gov (United States)

    2010-10-01

    ... 48 Federal Acquisition Regulations System 6 2010-10-01 2010-10-01 true Information Technology... Provisions and Clauses 2452.239-71 Information Technology Virus Security. As prescribed in 2439.107(b), insert the following clause: Information Technology Virus Security (FEB 2006) (a) The contractor hereby...

  4. Cyber security analytics, technology and automation

    CERN Document Server

    Neittaanmäki, Pekka

    2015-01-01

    Over the last two decades, the Internet and more broadly cyberspace has had a tremendous impact on all parts of society. Governments across the world have started to develop cyber security strategies and to consider cyberspace as an increasingly important international issue. The book, in addition to the cyber threats and technology, processes cyber security from many sides as a social phenomenon and how the implementation of the cyber security strategy is carried out. The book gives a profound idea of the most spoken phenomenon of this time. The book is suitable for a wide-ranging audience from graduate to professionals/practitioners and researchers. Relevant disciplines for the book are  Telecommunications / Network security, Applied mathematics / Data analysis, Mobile systems / Security, Engineering / Security of critical infrastructure and Military science / Security.

  5. Android application security essentials

    CERN Document Server

    Rai, Pragati

    2013-01-01

    Android Application Security Essentials is packed with examples, screenshots, illustrations, and real world use cases to secure your apps the right way.If you are looking for guidance and detailed instructions on how to secure app data, then this book is for you. Developers, architects, managers, and technologists who wish to enhance their knowledge of Android security will find this book interesting. Some prior knowledge of development on the Android stack is desirable but not required.

  6. Security Testing Handbook for Banking Applications

    CERN Document Server

    Doraiswamy, Arvind; Kapoor, Nilesh

    2009-01-01

    Security Testing Handbook for Banking Applications is a specialised guide to testing a wide range of banking applications. The book is intended as a companion to security professionals, software developers and QA professionals who work with banking applications.

  7. 76 FR 78009 - Information Collection; Implementation of Information Technology Security Provision

    Science.gov (United States)

    2011-12-15

    ...] Information Collection; Implementation of Information Technology Security Provision AGENCY: General Services... collection requirement regarding Implementation of Information Technology Security Provision. Public comments... Information Collection 3090- 0294, Implementation of Information Technology Security Provision, by any of the...

  8. New Technology's Surprising Security Threats. Building Digital Libraries

    Science.gov (United States)

    Huwe, Terence

    2005-01-01

    In recent years, security issues have increasingly come to dominate the technological development process--although still in a more reactive than proactive mode. It now seems more important than ever to monitor security trends and policy developments, especially if technology is regarded as a potential community builder. This article suggests…

  9. Comparative Overview of UWB and VLC for Data- Intensive and Security-Sensitive Applications

    DEFF Research Database (Denmark)

    Prasad, Ramjee; Mihovska, Albena D.; Cianca, Ernestina

    2012-01-01

    This paper provides a comparative overview of two short-range wireless technologies with high potential for use in various data-intensive and security-sensitive applications, namely, ultra wideband (UWB) and visible light communications (VLC). Both are emerging technologies with some unique...... and standardization developments for both technologies and gives a proposal for their suitability based on a comparative view, of the strengths and weaknesses for use in applications, such as home networking, vehicular communications, and medical care, including the main technical challenges....

  10. Secure Architectures for Mobile Applications

    OpenAIRE

    Cristian TOMA

    2007-01-01

    The paper presents security issues and architectures for mobile applications and GSM infrastructure. The article also introduces the idea of a new secure architecture for an inter-sector electronic wallet used in payments - STP4EW (Secure Transmission Protocol for Electronic Wallet)

  11. Lecture 3: Web Application Security

    CERN Multimedia

    CERN. Geneva

    2013-01-01

    Computer security has been an increasing concern for IT professionals for a number of years, yet despite all the efforts, computer systems and networks remain highly vulnerable to attacks of different kinds. Design flaws and security bugs in the underlying software are among the main reasons for this. This lecture focuses on security aspects of Web application development. Various vulnerabilities typical to web applications (such as Cross-site scripting, SQL injection, cross-site request forgery etc.) are introduced and discussed. Sebastian Lopienski is CERN’s deputy Computer Security Officer. He works on security strategy and policies; offers internal consultancy and audit services; develops and maintains security tools for vulnerability assessment and intrusion detection; provides training and awareness raising; and does incident investigation and response. During his work at CERN since 2001, Sebastian has had various assignments, including designing and developing software to manage and support servic...

  12. Geospatial informatics applications for assessment of pipeline safety and security

    Energy Technology Data Exchange (ETDEWEB)

    Roper, W. [George Mason University, Fairfax, VA (United States). Dept. of Civil, Environmental and Infrastructure

    2005-07-01

    A variety of advanced technologies are available to enhance planning, designing, managing, operating and maintaining the components of the electric utility system. Aerial and satellite remote sensing represents one area of rapid development that can be leveraged to address some of these challenges. Airborne remote sensing can be an effective technology to assist pipeline risk management to assure safety in design, construction, operation, maintenance, and emergency response of pipeline facilities. Industrial and scientific advances in airborne and satellite remote sensing systems and data processing techniques are opening new technological opportunities for developing an increased capability of accomplishing the pipeline mapping and safety needs of the industry. These technologies have significant and unique potential for application to a number of cross cutting energy system security issues. This paper addresses some of the applications of these technologies to pipeline and power industry infrastructure, economics and relative effectiveness of these technologies and issues related to technology implementation and diffusion. (Author)

  13. Secure Architectures for Mobile Applications

    Directory of Open Access Journals (Sweden)

    2007-01-01

    Full Text Available The paper presents security issues and architectures for mobile applications and GSM infrastructure. The article also introduces the idea of a new secure architecture for an inter-sector electronic wallet used in payments - STP4EW (Secure Transmission Protocol for Electronic Wallet

  14. Aerospace Communications Security Technologies Demonstrated

    Science.gov (United States)

    Griner, James H.; Martzaklis, Konstantinos S.

    2003-01-01

    In light of the events of September 11, 2001, NASA senior management requested an investigation of technologies and concepts to enhance aviation security. The investigation was to focus on near-term technologies that could be demonstrated within 90 days and implemented in less than 2 years. In response to this request, an internal NASA Glenn Research Center Communications, Navigation, and Surveillance Aviation Security Tiger Team was assembled. The 2-year plan developed by the team included an investigation of multiple aviation security concepts, multiple aircraft platforms, and extensively leveraged datalink communications technologies. It incorporated industry partners from NASA's Graphical Weather-in-the-Cockpit research, which is within NASA's Aviation Safety Program. Two concepts from the plan were selected for demonstration: remote "black box," and cockpit/cabin surveillance. The remote "black box" concept involves real-time downlinking of aircraft parameters for remote monitoring and archiving of aircraft data, which would assure access to the data following the loss or inaccessibility of an aircraft. The cockpit/cabin surveillance concept involves remote audio and/or visual surveillance of cockpit and cabin activity, which would allow immediate response to any security breach and would serve as a possible deterrent to such breaches. The datalink selected for the demonstrations was VDL Mode 2 (VHF digital link), the first digital datalink for air-ground communications designed for aircraft use. VDL Mode 2 is beginning to be implemented through the deployment of ground stations and aircraft avionics installations, with the goal of being operational in 2 years. The first demonstration was performed December 3, 2001, onboard the LearJet 25 at Glenn. NASA worked with Honeywell, Inc., for the broadcast VDL Mode 2 datalink capability and with actual Boeing 757 aircraft data. This demonstration used a cockpitmounted camera for video surveillance and a coupling to

  15. On the Horizon: New Advances in Security Technology

    Science.gov (United States)

    Gamble, Cheryl

    2005-01-01

    The worlds of security and technology have been on an intersecting course since the first published account of the use of fingerprint identification made news in 1880 (although unpublished reports suggest its use as early as 1858). In the three and one half years since the September 11 attacks, technological advances across the security field have…

  16. Multimedia Security System for Security and Medical Applications

    Science.gov (United States)

    Zhou, Yicong

    2010-01-01

    This dissertation introduces a new multimedia security system for the performance of object recognition and multimedia encryption in security and medical applications. The system embeds an enhancement and multimedia encryption process into the traditional recognition system in order to improve the efficiency and accuracy of object detection and…

  17. Practice brief. Securing wireless technology for healthcare.

    Science.gov (United States)

    Retterer, John; Casto, Brian W

    2004-05-01

    Wireless networking can be a very complex science, requiring an understanding of physics and the electromagnetic spectrum. While the radio theory behind the technology can be challenging, a basic understanding of wireless networking can be sufficient for small-scale deployment. Numerous security mechanisms are available to wireless technologies, making it practical, scalable, and affordable for healthcare organizations. The decision on the selected security model should take into account the needs for additional server hardware and administrative costs. Where wide area network connections exist between cooperative organizations, deployment of a distributed security model can be considered to reduce administrative overhead. The wireless approach chosen should be dynamic and concentrate on the organization's specific environmental needs. Aspects of organizational mission, operations, service level, and budget allotment as well as an organization's risk tolerance are all part of the balance in the decision to deploy wireless technology.

  18. The research of network database security technology based on web service

    Science.gov (United States)

    Meng, Fanxing; Wen, Xiumei; Gao, Liting; Pang, Hui; Wang, Qinglin

    2013-03-01

    Database technology is one of the most widely applied computer technologies, its security is becoming more and more important. This paper introduced the database security, network database security level, studies the security technology of the network database, analyzes emphatically sub-key encryption algorithm, applies this algorithm into the campus-one-card system successfully. The realization process of the encryption algorithm is discussed, this method is widely used as reference in many fields, particularly in management information system security and e-commerce.

  19. Physical security technologies for weapons complex reconfiguration facilities

    International Nuclear Information System (INIS)

    Jaeger, C.D.

    1994-01-01

    Sandia National Laboratories was a member of the Weapons Complex Reconfiguration (WCR) Safeguards and Security (S ampersand S) team providing assistance to the Department of Energy's (DOE) Office of Weapons Complex Reconfiguration. The physical security systems in the new and upgraded facilities being considered for the WCR had to meet DOE orders and other requirements set forth in the WCR Programmatic Design Criteria (PDC), incorporate the latest physical security technologies using proven state-of-the-art systems and meet fundamental security principles. The outcome was to avoid costly retrofits and provide effective and comprehensive protection against current and projected threats with minimal impact on operations, costs and schedule. Physical security requirements for WCR facilities include: (1) reducing S ampersand S life-cycle costs, (2) where feasible automating S ampersand S functions to minimize operational costs, access to critical assets and exposure of people to hazardous environments, (3) increasing the amount of delay to outsider adversary attack, (4) compartmentalizing the facility to minimize the number of personnel requiring access to critical areas and (5) having reliable and maintainable systems. To be most effective against threats physical security must be integrated with facility operations, safety and other S ampersand S activities, such as material control and accountability, nuclear measurements and computer and information security. This paper will discuss the S ampersand S issues, requirements, technology opportunities and needs. Physical security technologies and systems considered in the design effort of the Weapons Complex Reconfiguration facilities will be reviewed

  20. Safety and Security Interface Technology Initiative

    Energy Technology Data Exchange (ETDEWEB)

    Dr. Michael A. Lehto; Kevin J. Carroll; Dr. Robert Lowrie

    2007-05-01

    Safety and Security Interface Technology Initiative Mr. Kevin J. Carroll Dr. Robert Lowrie, Dr. Micheal Lehto BWXT Y12 NSC Oak Ridge, TN 37831 865-576-2289/865-241-2772 carrollkj@y12.doe.gov Work Objective. Earlier this year, the Energy Facility Contractors Group (EFCOG) was asked to assist in developing options related to acceleration deployment of new security-related technologies to assist meeting design base threat (DBT) needs while also addressing the requirements of 10 CFR 830. NNSA NA-70, one of the working group participants, designated this effort the Safety and Security Interface Technology Initiative (SSIT). Relationship to Workshop Theme. “Supporting Excellence in Operations Through Safety Analysis,” (workshop theme) includes security and safety personnel working together to ensure effective and efficient operations. One of the specific workshop elements listed in the call for papers is “Safeguards/Security Integration with Safety.” This paper speaks directly to this theme. Description of Work. The EFCOG Safety Analysis Working Group (SAWG) and the EFCOG Security Working Group formed a core team to develop an integrated process involving both safety basis and security needs allowing achievement of the DBT objectives while ensuring safety is appropriately considered. This effort garnered significant interest, starting with a two day breakout session of 30 experts at the 2006 Safety Basis Workshop. A core team was formed, and a series of meetings were held to develop that process, including safety and security professionals, both contractor and federal personnel. A pilot exercise held at Idaho National Laboratory (INL) in mid-July 2006 was conducted as a feasibility of concept review. Work Results. The SSIT efforts resulted in a topical report transmitted from EFCOG to DOE/NNSA in August 2006. Elements of the report included: Drivers and Endstate, Control Selections Alternative Analysis Process, Terminology Crosswalk, Safety Basis/Security

  1. Information Security: Past, Present and Future - Impact of Developments in Information Technology on Security

    NARCIS (Netherlands)

    Overbeek, P.L.

    1991-01-01

    The development of information security is addressed in relation to the development of information technology. The leading question is: how has information security developed itself so far, and how should it progress to address tomorrow's security needs. An overwiew is given of the use of

  2. The development of mobile robot for security application and nuclear facilities

    Energy Technology Data Exchange (ETDEWEB)

    Kim, B. S.; Lee, Y. B.; Choi, Y. S.; Seo, Y. C.; Park, Y. M

    1999-12-01

    The use of a mobile robot system in nuclear radioactive environments has the advantage of watching and inspecting the NPP safety-related equipment systematically and repairing damaged parts efficiently, thereby enhancing the safe operations of NPPs as well as reducing significantly personnel's dose rate to radioactive environment. Key technology achieved through the development of such robotic system can be used for security application and can offer new approaches to many of the tasks faced to the industry as well. The mobile robot system was composed of a mobile subsystem, a manipulator subsystem, a control subsystem, and a sensor subsystem to use in security application and nuclear radioactive environments. The mobile subsystem was adopted to synchro-drive method to improve the mobility of it. And the manipulator subsystem was developed to minimize the weight and easy to control at remote site. Finally, we developed the USB-based robot control system considering the expandability and modularity. The developed mobile robot for inspection and security was experimented for the collision avoidance and autonomous algorithm, and then it was confirmed that the mobile robot was very effective to the security application and inspection of nuclear facilities. (author)

  3. The development of mobile robot for security application and nuclear facilities

    International Nuclear Information System (INIS)

    Kim, B. S.; Lee, Y. B.; Choi, Y. S.; Seo, Y. C.; Park, Y. M.

    1999-12-01

    The use of a mobile robot system in nuclear radioactive environments has the advantage of watching and inspecting the NPP safety-related equipment systematically and repairing damaged parts efficiently, thereby enhancing the safe operations of NPPs as well as reducing significantly personnel's dose rate to radioactive environment. Key technology achieved through the development of such robotic system can be used for security application and can offer new approaches to many of the tasks faced to the industry as well. The mobile robot system was composed of a mobile subsystem, a manipulator subsystem, a control subsystem, and a sensor subsystem to use in security application and nuclear radioactive environments. The mobile subsystem was adopted to synchro-drive method to improve the mobility of it. And the manipulator subsystem was developed to minimize the weight and easy to control at remote site. Finally, we developed the USB-based robot control system considering the expandability and modularity. The developed mobile robot for inspection and security was experimented for the collision avoidance and autonomous algorithm, and then it was confirmed that the mobile robot was very effective to the security application and inspection of nuclear facilities. (author)

  4. New technology for food systems and security.

    Science.gov (United States)

    Yau, N J Newton

    2009-01-01

    In addition to product trade, technology trade has become one of the alternatives for globalization action around the world. Although not all technologies employed on the technology trade platform are innovative technologies, the data base of international technology trade still is a good indicator for observing innovative technologies around world. The technology trade data base from Sinew Consulting Group (SCG) Ltd. was employed as an example to lead the discussion on security or safety issues that may be caused by these innovative technologies. More technologies related to processing, functional ingredients and quality control technology of food were found in the data base of international technology trade platform. The review was conducted by categorizing technologies into the following subcategories in terms of safety and security issues: (1) agricultural materials/ingredients, (2) processing/engineering, (3) additives, (4) packaging/logistics, (5) functional ingredients, (6) miscellaneous (include detection technology). The author discusses examples listed for each subcategory, including GMO technology, nanotechnology, Chinese medicine based functional ingredients, as well as several innovative technologies. Currently, generation of innovative technology advance at a greater pace due to cross-area research and development activities. At the same time, more attention needs to be placed on the employment of these innovative technologies.

  5. Security in Computer Applications

    CERN Multimedia

    CERN. Geneva

    2004-01-01

    Computer security has been an increasing concern for IT professionals for a number of years, yet despite all the efforts, computer systems and networks remain highly vulnerable to attacks of different kinds. Design flaws and security bugs in the underlying software are among the main reasons for this. This lecture addresses the following question: how to create secure software? The lecture starts with a definition of computer security and an explanation of why it is so difficult to achieve. It then introduces the main security principles (like least-privilege, or defense-in-depth) and discusses security in different phases of the software development cycle. The emphasis is put on the implementation part: most common pitfalls and security bugs are listed, followed by advice on best practice for security development. The last part of the lecture covers some miscellaneous issues like the use of cryptography, rules for networking applications, and social engineering threats. This lecture was first given on Thursd...

  6. Directions for Web and E-Commerce Applications Security

    OpenAIRE

    Thuraisingham, Bhavani; Clifton, Chris; Gupta, Amar; Bertino, Elisa; Ferrari, Elena

    2003-01-01

    This paper provides directions for web and e-commerce applications security. In particular, access control policies, workflow security, XML security and federated database security issues pertaining to the web and ecommerce applications are discussed.

  7. The Informatics Security Cost of Distributed Applications

    Directory of Open Access Journals (Sweden)

    Ion IVAN

    2010-01-01

    Full Text Available The objective, necessity, means and estimated efficiency of information security cost modeling are presented. The security requirements of distributed informatics applications are determined. Aspects regarding design, development and implementation are established. Influence factors for informatics security are presented and their correlation is analyzed. The costs associated to security processes are studied. Optimal criteria for informatics security are established. The security cost of the informatics application for validating organizational identifiers is determined using theoretical assumptions made for cost models. The conclusions highlight the validity of research results and offer perspectives for future research.

  8. The Threat of Security: Hindering Technology Integration in the Classroom

    Science.gov (United States)

    Robinson, LeAnne K.; Brown, Abbie; Green, Tim

    2007-01-01

    For the last year the authors have been gathering examples of how perceived "threats of security" are hampering the integration of technology in teaching and learning. They hope that educators will examine both the challenges of increased security demands and ways in which security might enhance, rather than detract from, the use of technology for…

  9. The Web Application Hacker's Handbook Finding and Exploiting Security Flaws

    CERN Document Server

    Stuttard, Dafydd

    2011-01-01

    The highly successful security book returns with a new edition, completely updated Web applications are the front door to most organizations, exposing them to attacks that may disclose personal information, execute fraudulent transactions, or compromise ordinary users. This practical book has been completely updated and revised to discuss the latest step-by-step techniques for attacking and defending the range of ever-evolving web applications. You'll explore the various new technologies employed in web applications that have appeared since the first edition and review the new attack technique

  10. Potential National Security Applications of Nuclear Resonance Fluorescence Methods

    International Nuclear Information System (INIS)

    Warren, Glen A.; Peplowski, Patrick N.; Caggiano, Joseph A.

    2009-01-01

    The objective of this report is to document the initial investigation into the possible research issues related to the development of NRF-based national security applications. The report discusses several potential applications ranging from measuring uranium enrichment in UF6 canisters to characterization of gas samples. While these applications are varied, there are only a few research issues that need to be addressed to understand the limitation of NRF in solving these problems. These research issues range from source and detector development to measuring small samples. The next effort is to determine how best to answer the research issues, followed by a prioritization of those questions to ensure that the most important are addressed. These issues will be addressed through either analytical calculations, computer simulations, analysis of previous data or collection of new measurements. It will also be beneficial to conduct a thorough examination of a couple of the more promising applications in order to develop concrete examples of how NRF may be applied in specific situations. The goals are to develop an understanding of whether the application of NRF is limited by technology or physics in addressing national security applications, to gain a motivation to explore those possible applications, and to develop a research roadmap so that those possibilities may be made reality.

  11. Future role of AI/Robotics in physical security

    International Nuclear Information System (INIS)

    Jacobs, J.

    1986-01-01

    Manpower requirements for physical security systems place a heavy burden on operating security budgets. Technology innovations which free personnel or which make security personnel more efficient in carrying out their tasks is an important means of dealing with budget and manpower constraints. It is believed that AI/Robotics will be important technologies to alleviate these problems in the future. There are three types of applications for AI and Robotics technology that may: (l) help security personnel perform their tasks more effectively or efficiently, (2) perform tasks that security personnel would otherwise perform (free up people), and (3) perform tasks that cannot be performed by security personnel at this time. This paper discusses the various types of security applications that are presently being considered for the above areas and briefly describes a few examples of the application of this technology

  12. Surviving security how to integrate people, process, and technology

    CERN Document Server

    Andress, Amanda

    2003-01-01

    WHY DO I NEED SECURITY? Introduction The Importance of an Effective Security Infrastructure People, Process, and Technology What Are You Protecting Against? Types of Attacks Types of Attackers Security as a Competitive Advantage Choosing a Solution Finding Security Employees The Layered Approach UNDERSTANDING REQUIREMENTS AND RISK What Is Risk? Embracing Risk Information Security Risk Assessment Assessing Risk Insurance SECURITY POLICIES AND PROCEDURES Internal Focus Is Key Security Awareness and Education Policy Life Cycle Developing Policies Components of a Security Policy Sample Security Po

  13. Vision and Displays for Military and Security Applications The Advanced Deployable Day/Night Simulation Project

    CERN Document Server

    Niall, Keith K

    2010-01-01

    Vision and Displays for Military and Security Applications presents recent advances in projection technologies and associated simulation technologies for military and security applications. Specifically, this book covers night vision simulation, semi-automated methods in photogrammetry, and the development and evaluation of high-resolution laser projection technologies for simulation. Topics covered include: advances in high-resolution projection, advances in image generation, geographic modeling, and LIDAR imaging, as well as human factors research for daylight simulation and for night vision devices. This title is ideal for optical engineers, simulator users and manufacturers, geomatics specialists, human factors researchers, and for engineers working with high-resolution display systems. It describes leading-edge methods for human factors research, and it describes the manufacture and evaluation of ultra-high resolution displays to provide unprecedented pixel density in visual simulation.

  14. Use of Persuasive Technology to Change End-Users- IT Security Aware Behaviour: A Pilot Study

    OpenAIRE

    Ai Cheo Yeo; Md. Mahbubur Rahim; Yin Ying Ren

    2008-01-01

    Persuasive technology has been applied in marketing, health, environmental conservation, safety and other domains and is found to be quite effective in changing people-s attitude and behaviours. This research extends the application domains of persuasive technology to information security awareness and uses a theory-driven approach to evaluate the effectiveness of a web-based program developed based on the principles of persuasive technology to improve the information sec...

  15. Preliminary field evaluation of solid state cameras for security applications

    International Nuclear Information System (INIS)

    1987-01-01

    Recent developments in solid state imager technology have resulted in a series of compact, lightweight, all-solid-state closed circuit television (CCTV) cameras. Although it is widely known that the various solid state cameras have less light sensitivity and lower resolution than their vacuum tube counterparts, the potential for having a much longer Mean Time Between Failure (MTBF) for the all-solid-state cameras is generating considerable interest within the security community. Questions have been raised as to whether the newest and best of the solid state cameras are a viable alternative to the high maintenance vacuum tube cameras in exterior security applications. To help answer these questions, a series of tests were performed by Sandia National Laboratories at various test sites and under several lighting conditions. In general, all-solid-state cameras need to be improved in four areas before they can be used as wholesale replacements for tube cameras in exterior security applications: resolution, sensitivity, contrast, and smear. However, with careful design some of the higher performance cameras can be used for perimeter security systems, and all of the cameras have applications where they are uniquely qualified. Many of the cameras are well suited for interior assessment and surveillance uses, and several of the cameras are well designed as robotics and machine vision devices

  16. An Overview of Computer Network security and Research Technology

    OpenAIRE

    Rathore, Vandana

    2016-01-01

    The rapid development in the field of computer networks and systems brings both convenience and security threats for users. Security threats include network security and data security. Network security refers to the reliability, confidentiality, integrity and availability of the information in the system. The main objective of network security is to maintain the authenticity, integrity, confidentiality, availability of the network. This paper introduces the details of the technologies used in...

  17. Scanning technology with multi-slice helical CT in security inspection domain

    International Nuclear Information System (INIS)

    Wang Jue; Wang Fuquan; Jiang Zenghui

    2008-01-01

    The paper analyzes the technology conditions of security inspection in home and abroad, and expatiates technology of spiral CT and how to define CT value etc, with studying on the key technology of spiral CT scanning way (X-RAY, detector, technology of pulley etc) and mutual relation. By comparing the present products of security inspection, the conclusion was drawn that it is inevitable to develop the tendency of security inspection area with the checking and discerning the substance by using the technology of multi-layer spiral CT. (authors)

  18. Further applications for mosaic pixel FPA technology

    Science.gov (United States)

    Liddiard, Kevin C.

    2011-06-01

    In previous papers to this SPIE forum the development of novel technology for next generation PIR security sensors has been described. This technology combines the mosaic pixel FPA concept with low cost optics and purpose-designed readout electronics to provide a higher performance and affordable alternative to current PIR sensor technology, including an imaging capability. Progressive development has resulted in increased performance and transition from conventional microbolometer fabrication to manufacture on 8 or 12 inch CMOS/MEMS fabrication lines. A number of spin-off applications have been identified. In this paper two specific applications are highlighted: high performance imaging IRFPA design and forest fire detection. The former involves optional design for small pixel high performance imaging. The latter involves cheap expendable sensors which can detect approaching fire fronts and send alarms with positional data via mobile phone or satellite link. We also introduce to this SPIE forum the application of microbolometer IR sensor technology to IoT, the Internet of Things.

  19. Secure coprocessing applications and research issues

    Energy Technology Data Exchange (ETDEWEB)

    Smith, S.W.

    1996-08-01

    The potential of secure coprocessing to address many emerging security challenges and to enable new applications has been a long-standing interest of many members of the Computer Research and Applications Group, including this author. The purpose of this paper is to summarize this thinking, by presenting a taxonomy of some potential applications and by summarizing what we regard as some particularly interesting research questions.

  20. Middleware-based Security for Hyperconnected Applications in Future In-Car Networks

    Directory of Open Access Journals (Sweden)

    Alexandre Bouard

    2013-12-01

    Full Text Available Today’s cars take advantage of powerful electronic platforms and provide more and more sophisticated connected services. More than just ensuring the role of a safe transportation mean, they process private information, industrial secrets, communicate with our smartphones, Internet and will soon host thirdparty applications. Their pervasive computerization makes them vulnerable to common security attacks, against which automotive technologies cannot protect. The transition toward Ethernet/IP-based on-board communication could be a first step to respond to these security and privacy issues. In this paper, we present a security framework leveraging local and distributed information flow techniques in order to secure the on-board network against internal and external untrusted components. We describe the implementation and integration of such a framework within an IP-based automotive middleware and provide its evaluation.

  1. Semiconductor radiation detectors technology and applications

    CERN Document Server

    2018-01-01

    The aim of this book is to educate the reader on radiation detectors, from sensor to read-out electronics to application. Relatively new detector materials, such as CdZTe and Cr compensated GaAs, are introduced, along with emerging applications of radiation detectors. This X-ray technology has practical applications in medical, industrial, and security applications. It identifies materials based on their molecular composition, not densities as the traditional transmission equipment does. With chapters written by an international selection of authors from both academia and industry, the book covers a wide range of topics on radiation detectors, which will satisfy the needs of both beginners and experts in the field.

  2. Hydrogen storage technology materials and applications

    CERN Document Server

    Klebanoff, Lennie

    2012-01-01

    Zero-carbon, hydrogen-based power technology offers the most promising long-term solution for a secure and sustainable energy infrastructure. With contributions from the world's leading technical experts in the field, Hydrogen Storage Technology: Materials and Applications presents a broad yet unified account of the various materials science, physics, and engineering aspects involved in storing hydrogen gas so that it can be used to provide power. The book helps you understand advanced hydrogen storage materials and how to build systems around them. Accessible to nonscientists, the first chapt

  3. Security Issues in Healthcare Applications Using Wireless Medical Sensor Networks: A Survey

    OpenAIRE

    Hoon-Jae Lee; Pardeep Kumar

    2011-01-01

    Healthcare applications are considered as promising fields for wireless sensor networks, where patients can be monitored using wireless medical sensor networks (WMSNs). Current WMSN healthcare research trends focus on patient reliable communication, patient mobility, and energy-efficient routing, as a few examples. However, deploying new technologies in healthcare applications without considering security makes patient privacy vulnerable. Moreover, the physiological data of an individual are ...

  4. 14 CFR 1274.937 - Security requirements for unclassified information technology resources.

    Science.gov (United States)

    2010-01-01

    ... information technology resources. 1274.937 Section 1274.937 Aeronautics and Space NATIONAL AERONAUTICS AND... Conditions § 1274.937 Security requirements for unclassified information technology resources. Security Requirements for Unclassified Information Technology Resources July 2002 (a) The Recipient shall be responsible...

  5. Review: Security in Wireless Technologies in Business

    Science.gov (United States)

    Sattarova, F. Y.; Kim, Tai-Hoon

    Wireless technology seems to be everywhere now - but it is still relatively in its infancy. New standards and protocols continue to emerge and problems and bugs are discovered. Nevertheless, wireless networks make many things much more convenient and it appears that wireless networks are here to stay. The differences and similarities of wireless and wired security, the new threats brought by mobility, the security of networks and devices and effects of security, or lack of it are shortly discussed in this review paper.

  6. Safety and Security Interface Technology Initiative

    International Nuclear Information System (INIS)

    Dr. Michael A. Lehto; Kevin J. Carroll; Dr. Robert Lowrie

    2007-01-01

    Earlier this year, the Energy Facility Contractors Group (EFCOG) was asked to assist in developing options related to acceleration deployment of new security-related technologies to assist meeting design base threat (DBT) needs while also addressing the requirements of 10 CFR 830. NNSA NA-70, one of the working group participants, designated this effort the Safety and Security Interface Technology Initiative (SSIT). Relationship to Workshop Theme. ''Supporting Excellence in Operations Through Safety Analysis'', (workshop theme) includes security and safety personnel working together to ensure effective and efficient operations. One of the specific workshop elements listed in the call for papers is ''Safeguards/Security Integration with Safety''. This paper speaks directly to this theme. Description of Work. The EFCOG Safety Analysis Working Group (SAWG) and the EFCOG Security Working Group formed a core team to develop an integrated process involving both safety basis and security needs allowing achievement of the DBT objectives while ensuring safety is appropriately considered. This effort garnered significant interest, starting with a two day breakout session of 30 experts at the 2006 Safety Basis Workshop. A core team was formed, and a series of meetings were held to develop that process, including safety and security professionals, both contractor and federal personnel. A pilot exercise held at Idaho National Laboratory (INL) in mid-July 2006 was conducted as a feasibility of concept review. Work Results. The SSIT efforts resulted in a topical report transmitted from EFCOG to DOE/NNSA in August 2006. Elements of the report included: Drivers and Endstate, Control Selections Alternative Analysis Process, Terminology Crosswalk, Safety Basis/Security Documentation Integration, Configuration Control, and development of a shared ''tool box'' of information/successes. Specific Benefits. The expectation or end state resulting from the topical report and associated

  7. Assessing security technology's impact: old tools for new problems.

    Science.gov (United States)

    Kreissl, Reinhard

    2014-09-01

    The general idea developed in this paper from a sociological perspective is that some of the foundational categories on which the debate about privacy, security and technology rests are blurring. This process is a consequence of a blurring of physical and digital worlds. In order to define limits for legitimate use of intrusive digital technologies, one has to refer to binary distinctions such as private versus public, human versus technical, security versus insecurity to draw differences determining limits for the use of surveillance technologies. These distinctions developed in the physical world and are rooted in a cultural understanding of pre-digital culture. Attempts to capture the problems emerging with the implementation of security technologies using legal reasoning encounter a number of problems since law is by definition oriented backwards, adapting new developments to existing traditions, whereas the intrusion of new technologies in the physical world produces changes and creates fundamentally new problems.

  8. New flexible origination technology based on electron-beam lithography and its integration into security devices in combination with covert features based on DNA authentication

    Science.gov (United States)

    Drinkwater, John K.; Ryzi, Zbynek; Outwater, Chris S.

    2002-04-01

    Embossed diffractive optically variable devices are becoming increasingly familiar security items on plastic cards, banknotes, security documents and on branded goods and media to protect against counterfeit, protect copyright and to evidence tamper. Equally as this devices become both more widely available there is a pressing requirement for security technology upgrades to keep ahead of technology advances available to potential counterfeiters. This paper describes a new generation electron beam DOVID origination technology particularly suitable for high security applications. Covert marking of security devices is provided using the DNA matrix by creating and verifying unique DNA sequences. This integration of this into practical security features in combination with covert features based on DNA matrix authentication and other more straightforwardly authenticable features to provide multi- technology security solutions will be described.

  9. Optical and digital techniques for information security

    CERN Document Server

    2005-01-01

    Optical and Digital Techniques for Information Security is the first book in a series focusing on Advanced Sciences and Technologies for Security Applications. This book encompases the results of research investigation and technologies used to secure, verify, recognize, track, and authenticate objects and information from theft, counterfeiting, and manipulation by unauthorized persons and agencies. This Information Security book will draw on the diverse expertise in optical sciences and engineering, digital image processing, imaging systems, information processing, computer based information systems, sensors, detectors, and biometrics to report innovative technologies that can be applied to information security issues. The Advanced Sciences and Technologies for Security Applications series focuses on research monographs in the areas of: -Recognition and identification (including optical imaging, biometrics, authentication, verification, and smart surveillance systems) -Biological and chemical threat detection...

  10. Positioning of a Peaceful Use of Nuclear Technology in National Security Aspects

    International Nuclear Information System (INIS)

    Kim, Hyun Jun; Chang, Moon Hee; Kim, Hark Rho; Lee, Young Joon; Lee, Sang Heon

    2012-01-01

    Many cases have shown that a peaceful use of nuclear technology should play an important role in national securities such as energy, economic and science and technology securities, etc. It would be interesting to know what the positioning of the peaceful use of nuclear technology is in the national security aspects. In this paper, a positioning of nuclear power on various national security components is intended by using a positioning process that has been widely used for marketing. Findings can be used for directing further R and Ds to develop nuclear power technology

  11. Positioning of a Peaceful Use of Nuclear Technology in National Security Aspects

    Energy Technology Data Exchange (ETDEWEB)

    Kim, Hyun Jun; Chang, Moon Hee; Kim, Hark Rho; Lee, Young Joon [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of); Lee, Sang Heon [Korea National Defense University, Goyang (Korea, Republic of)

    2012-05-15

    Many cases have shown that a peaceful use of nuclear technology should play an important role in national securities such as energy, economic and science and technology securities, etc. It would be interesting to know what the positioning of the peaceful use of nuclear technology is in the national security aspects. In this paper, a positioning of nuclear power on various national security components is intended by using a positioning process that has been widely used for marketing. Findings can be used for directing further R and Ds to develop nuclear power technology

  12. Nano/micromotors for security/defense applications. A review

    Science.gov (United States)

    Singh, Virendra V.; Wang, Joseph

    2015-11-01

    The new capabilities of man-made micro/nanomotors open up considerable opportunities for diverse security and defense applications. This review highlights new micromotor-based strategies for enhanced security monitoring and detoxification of chemical and biological warfare agents (CBWA). The movement of receptor-functionalized nanomotors offers great potential for sensing and isolating target bio-threats from complex samples. New mobile reactive materials based on zeolite or activated carbon offer considerable promise for the accelerated removal of chemical warfare agents. A wide range of proof-of-concept motor-based approaches, including the detection and destruction of anthrax spores, `on-off' nerve-agent detection or effective neutralization of chemical warfare agents have thus been demonstrated. The propulsion of micromotors and their corresponding bubble tails impart significant mixing that greatly accelerates such detoxification processes. These nanomotors will thus empower sensing and destruction where stirring large quantities of decontaminating reagents and controlled mechanical agitation are impossible or undesired. New technological breakthroughs and greater sophistication of micro/nanoscale machines will lead to rapid translation of the micromotor research activity into practical defense applications, addressing the escalating threat of CBWA.

  13. Military Applications of Nanotechnology: Implications for Strategic Security I

    OpenAIRE

    Kosal, Margaret E.

    2014-01-01

    PASCC Final Report Nanotechnology has emerged as a major science and technology focus of the 21st century. Proponents assert that military applications of nanotechnology have even greater potential than nuclear weapons to radically change the balance of power internationally. The suggestion that nanotechnology will enable a new class of weapons that will alter the geopolitical landscape remains to be realized. A number of unresolved security puzzles underlying the emergence of nanotechn...

  14. CC-based Design of Secure Application Systems

    DEFF Research Database (Denmark)

    Sharp, Robin

    2009-01-01

    This paper describes some experiences with using the Common Criteria for Information Security Evaluation as the basis for a design methodology for secure application systems. The examples considered include a Point-of-Sale (POS) system, a wind turbine park monitoring and control system and a secu...... an effective and secure design, starting with the formulation of a Protection Profile and ending with a concrete design, within the project timeframe.......This paper describes some experiences with using the Common Criteria for Information Security Evaluation as the basis for a design methodology for secure application systems. The examples considered include a Point-of-Sale (POS) system, a wind turbine park monitoring and control system and a secure...

  15. 48 CFR 652.239-70 - Information Technology Security Plan and Accreditation.

    Science.gov (United States)

    2010-10-01

    ... 48 Federal Acquisition Regulations System 4 2010-10-01 2010-10-01 false Information Technology... Clauses 652.239-70 Information Technology Security Plan and Accreditation. As prescribed in 639.107-70(a), insert the following provision: Information Technology Security Plan and Accreditation (SEP 2007) All...

  16. 48 CFR 1252.239-71 - Information technology security plan and accreditation.

    Science.gov (United States)

    2010-10-01

    ... 48 Federal Acquisition Regulations System 5 2010-10-01 2010-10-01 false Information technology... Provisions and Clauses 1252.239-71 Information technology security plan and accreditation. As prescribed in (TAR) 48 CFR 1239.70, insert the following provision: Information Technology Security Plan and...

  17. Securing remote services by integrating SecurID strong authentication technology in EFDA-Federation infrastructure

    Energy Technology Data Exchange (ETDEWEB)

    Castro, R., E-mail: rodrigo.castro@visite.es [Asociacion EURATOM/CIEMAT para Fusion, Madrid (Spain); Barbato, P. [Consorzio RFX, Euratom ENEA Association, Corso Stati Uniti 4, 35127 Padova (Italy); Vega, J. [Asociacion EURATOM/CIEMAT para Fusion, Madrid (Spain); Taliercio, C. [Consorzio RFX, Euratom ENEA Association, Corso Stati Uniti 4, 35127 Padova (Italy)

    2011-10-15

    Remote participation facilities among fusion laboratories require access control solutions with two main objectives: to preserve the usability of the systems and to guaranty the required level of security for accessing to shared services. On one hand, this security solution has to be: single-sign-on, transparent for users, compatible with user mobility, and compatible with used client applications. On the other hand, it has to be compatible with shared services and resources among organisations, providing in each case the required access security level. EFDA-Federation is a security infrastructure that integrates a set of fusion laboratories and enables to share resources and services fulfilling the requirements previously described. In EFDA community, JET and RFX have security access policies to some of their services that require strong authentication mechanisms. In both cases, strong authentication is based on RSA SecurID tokens. This is a hardware device that is supplied to and generates a new password every minute. The job presents two main results. The first one is the integration of RSA SecurID into EFDA-Federation. Thanks to it, federated organisations are able to offer SecurID to their users as an alternative strong authentication mechanism, with the corresponding increase of security level. The second result is the development of a new access control mechanism based on port knocking techniques and its integration into EFDA-Federation. Additionally, a real application in RFX is presented and includes the integration of its SecurID infrastructure as federated authentication mechanism, and the application of the new access control mechanism to its MDSplus server.

  18. Securing remote services by integrating SecurID strong authentication technology in EFDA-Federation infrastructure

    International Nuclear Information System (INIS)

    Castro, R.; Barbato, P.; Vega, J.; Taliercio, C.

    2011-01-01

    Remote participation facilities among fusion laboratories require access control solutions with two main objectives: to preserve the usability of the systems and to guaranty the required level of security for accessing to shared services. On one hand, this security solution has to be: single-sign-on, transparent for users, compatible with user mobility, and compatible with used client applications. On the other hand, it has to be compatible with shared services and resources among organisations, providing in each case the required access security level. EFDA-Federation is a security infrastructure that integrates a set of fusion laboratories and enables to share resources and services fulfilling the requirements previously described. In EFDA community, JET and RFX have security access policies to some of their services that require strong authentication mechanisms. In both cases, strong authentication is based on RSA SecurID tokens. This is a hardware device that is supplied to and generates a new password every minute. The job presents two main results. The first one is the integration of RSA SecurID into EFDA-Federation. Thanks to it, federated organisations are able to offer SecurID to their users as an alternative strong authentication mechanism, with the corresponding increase of security level. The second result is the development of a new access control mechanism based on port knocking techniques and its integration into EFDA-Federation. Additionally, a real application in RFX is presented and includes the integration of its SecurID infrastructure as federated authentication mechanism, and the application of the new access control mechanism to its MDSplus server.

  19. Using Common Sense to Effectively Integrate Security Technologies within a School's Security Strategy

    Energy Technology Data Exchange (ETDEWEB)

    Gree, M.W.

    1998-11-03

    Security technologies are not the answer to all school security problems. However, they can be an excellent tool for school administrators and security personnel when incorporated into a total security strategy involving personnel, procedures, and facility layout. Unfortunately, very few of the tougher security problems in schools have solutions that are affordable, effective, and acceptable. Like any other type of facility, a school's security staff must understand the strengths and limitations of the security measures they are csecurity practices, which will rarely increase new building costs if included in the initial planning.

  20. Security Problems of Mobile Technologies

    Directory of Open Access Journals (Sweden)

    A. G. Beltov

    2012-09-01

    Full Text Available The article provides an overview of security problems which exist in the mobile devices. The main technologies aimed to protect the phones from various types of attacks are considered. The authors justify the necessity of developing new improved tools and methods to ensure the safety of such devices.

  1. PREFACE: 1st International Conference on Sensing for Industry, Control, Communication & Security Technologies

    Science.gov (United States)

    Shuja Syed, Ahmed

    2013-12-01

    The 1st International Conference on Sensing for Industry, Control, Communication & Security Technologies (ICSICCST-2013), took place in Karachi, Pakistan, from 24-26 June 2013. It was organized by Indus University, Karachi, in collaboration with HEJ Research Institute of Chemistry, University of Karachi, Karachi. More than 80 abstracts were submitted to the conference and were double blind-reviewed by an international scientific committee. The topics of the Conference were: Video, Image & Voice Sensing Sensing for Industry, Environment, and Health Automation and Controls Laser Sensors and Systems Displays for Innovative Applications Emerging Technologies Unmanned, Robotic, and Layered Systems Sensing for Defense, Homeland Security, and Law Enforcement The title of the conference, 'Sensing for Industry, Control, Communication & Security Technologies' is very apt in capturing the main issues facing the industry of Pakistan and the world. We believe the sensing industry, particularly in Pakistan, is currently at a critical juncture of its development. The future of the industry will depend on how the industry players choose to respond to the challenge of global competition and opportunities arising from strong growth in the Asian region for which we are pleased to note that the conference covered a comprehensive spectrum of issues with an international perspective. This will certainly assist industry players to make informed decisions in shaping the future of the industry. The conference gathered qualified researchers from developed countries like USA, UK, Sweden, Saudi Arabia, China, South Korea and Malaysia etc whose expertise resulting from the research can be drawn upon to build an exploitable area of new technology that has potential Defense, Homeland Security, and Military applicability. More than 250 researchers/students attended the event and made the event great success as the turnout was 100%. An exceptional line-up of speakers spoke at the occasion. We want

  2. Factors Influencing the Adoption of Biometric Security Technologies by Decision Making Information Technology and Security Managers

    OpenAIRE

    Lease, David R.

    2005-01-01

    The research conducted under this study offers an understanding of the reasons why information technology (IT) and/or information assurance (IA) managers choose to recommend or not to recommend particular technologies, specifically biometric security, to their organizations. A review of the relevant literature provided the foundation to develop a set of research questions and factors for this research effort. The research questions became the basis of the study’s stated hypotheses for examini...

  3. On the security of SSL/TLS-enabled applications

    Directory of Open Access Journals (Sweden)

    Manik Lal Das

    2014-01-01

    Full Text Available SSL/TLS (Secure Socket Layer/Transport Layer Security-enabled web applications aim to provide public key certificate based authentication, secure session key establishment, and symmetric key based traffic confidentiality. A large number of electronic commerce applications, such as stock trading, banking, shopping, and gaming rely on the security strength of the SSL/TLS protocol. In recent times, a potential threat, known as main-in-the-middle (MITM attack, has been exploited by attackers of SSL/TLS-enabled web applications, particularly when naive users want to connect to an SSL/TLS-enabled web server. In this paper, we discuss about the MITM threat to SSL/TLS-enabled web applications. We review the existing space of solutions to counter the MITM attack on SSL/TLS-enabled applications, and then, we provide an effective solution which can resist the MITM attack on SSL/TLS-enabled applications. The proposed solution uses a soft-token based approach for user authentication on top of the SSL/TLS’s security features. We show that the proposed solution is secure, efficient and user friendly in comparison to other similar approaches.

  4. Clinicians, security and information technology support services in practice settings--a pilot study.

    Science.gov (United States)

    Fernando, Juanita

    2010-01-01

    This case study of 9 information technology (IT) support staff in 3 Australian (Victoria) public hospitals juxtaposes their experiences at the user-level of eHealth security in the Natural Hospital Environment with that previously reported by 26 medical, nursing and allied healthcare clinicians. IT support responsibilities comprised the entire hospital, of which clinician eHealth security needs were only part. IT staff believed their support tasks were often fragmented while work responsibilities were hampered by resources shortages. They perceived clinicians as an ongoing security risk to private health information. By comparison clinicians believed IT staff would not adequately support the private and secure application of eHealth for patient care. Preliminary data analysis suggests the tension between these cohorts manifests as an eHealth environment where silos of clinical work are disconnected from silos of IT support work. The discipline-based silos hamper health privacy outcomes. Privacy and security policies, especially those influencing the audit process, will benefit by further research of this phenomenon.

  5. Neutron Generators Developed at LBNL for Homeland Security and Imaging Applications

    International Nuclear Information System (INIS)

    Reijonen, Jani

    2006-01-01

    The Plasma and Ion Source Technology Group at Lawrence Berkeley National Laboratory has developed various types of advanced D-D (neutron energy 2.5 MeV), D-T (14 MeV) and T-T (0-9 MeV) neutron generators for wide range of applications. These applications include medical (Boron Neutron Capture Therapy), homeland security (Prompt Gamma Activation Analysis, Fast Neutron Activation Analysis and Pulsed Fast Neutron Transmission Spectroscopy) and planetary exploration with a sub-surface material characterization on Mars. These neutron generators utilize RF induction discharge to ionize the deuterium/tritium gas. This discharge method provides high plasma density for high output current, high atomic species from molecular gases, long life operation and versatility for various discharge chamber geometries. Four main neutron generator developments are discussed here: high neutron output co-axial neutron generator for BNCT applications, point neutron generator for security applications, compact and sub-compact axial neutron generator for elemental analysis applications. Current status of the neutron generator development with experimental data will be presented

  6. Marketing Plan for the National Security Technology Incubator

    Energy Technology Data Exchange (ETDEWEB)

    None

    2008-03-31

    This marketing plan was developed as part of the National Security Preparedness Project by the Arrowhead Center of New Mexico State University. The vision of the National Security Technology Incubator program is to be a successful incubator of technologies and private enterprise that assist the NNSA in meeting new challenges in national safety and security. The plan defines important aspects of developing the incubator, such as defining the target market, marketing goals, and creating strategies to reach the target market while meeting those goals. The three main marketing goals of the incubator are: 1) developing marketing materials for the incubator program; 2) attracting businesses to become incubator participants; and 3) increasing name recognition of the incubator program on a national level.

  7. Efficient Security Mechanisms for mHealth Applications Using Wireless Body Sensor Networks

    Directory of Open Access Journals (Sweden)

    Prasan Kumar Sahoo

    2012-09-01

    Full Text Available Recent technological advances in wireless communications and physiological sensing allow miniature, lightweight, ultra-low power, intelligent monitoring devices, which can be integrated into a Wireless Body Sensor Network (WBSN for health monitoring. Physiological signals of humans such as heartbeats, temperature and pulse can be monitored from a distant location using tiny biomedical wireless sensors. Hence, it is highly essential to combine the ubiquitous computing with mobile health technology using wireless sensors and smart phones to monitor the well-being of chronic patients such as cardiac, Parkinson and epilepsy patients. Since physiological data of a patient are highly sensitive, maintaining its confidentiality is highly essential. Hence, security is a vital research issue in mobile health (mHealth applications, especially if a patient has an embarrassing disease. In this paper a three tier security architecture for the mHealth application is proposed, in which light weight data confidentiality and authentication protocols are proposed to maintain the privacy of a patient. Moreover, considering the energy and hardware constraints of the wireless body sensors, low complexity data confidential and authentication schemes are designed. Performance evaluation of the proposed architecture shows that they can satisfy the energy and hardware limitations of the sensors and still can maintain the secure fabrics of the wireless body sensor networks. Besides, the proposed schemes can outperform in terms of energy consumption, memory usage and computation time over standard key establishment security scheme.

  8. Efficient Security Mechanisms for mHealth Applications Using Wireless Body Sensor Networks

    Science.gov (United States)

    Sahoo, Prasan Kumar

    2012-01-01

    Recent technological advances in wireless communications and physiological sensing allow miniature, lightweight, ultra-low power, intelligent monitoring devices, which can be integrated into a Wireless Body Sensor Network (WBSN) for health monitoring. Physiological signals of humans such as heartbeats, temperature and pulse can be monitored from a distant location using tiny biomedical wireless sensors. Hence, it is highly essential to combine the ubiquitous computing with mobile health technology using wireless sensors and smart phones to monitor the well-being of chronic patients such as cardiac, Parkinson and epilepsy patients. Since physiological data of a patient are highly sensitive, maintaining its confidentiality is highly essential. Hence, security is a vital research issue in mobile health (mHealth) applications, especially if a patient has an embarrassing disease. In this paper a three tier security architecture for the mHealth application is proposed, in which light weight data confidentiality and authentication protocols are proposed to maintain the privacy of a patient. Moreover, considering the energy and hardware constraints of the wireless body sensors, low complexity data confidential and authentication schemes are designed. Performance evaluation of the proposed architecture shows that they can satisfy the energy and hardware limitations of the sensors and still can maintain the secure fabrics of the wireless body sensor networks. Besides, the proposed schemes can outperform in terms of energy consumption, memory usage and computation time over standard key establishment security scheme. PMID:23112734

  9. Efficient security mechanisms for mHealth applications using wireless body sensor networks.

    Science.gov (United States)

    Sahoo, Prasan Kumar

    2012-01-01

    Recent technological advances in wireless communications and physiological sensing allow miniature, lightweight, ultra-low power, intelligent monitoring devices, which can be integrated into a Wireless Body Sensor Network (WBSN) for health monitoring. Physiological signals of humans such as heartbeats, temperature and pulse can be monitored from a distant location using tiny biomedical wireless sensors. Hence, it is highly essential to combine the ubiquitous computing with mobile health technology using wireless sensors and smart phones to monitor the well-being of chronic patients such as cardiac, Parkinson and epilepsy patients. Since physiological data of a patient are highly sensitive, maintaining its confidentiality is highly essential. Hence, security is a vital research issue in mobile health (mHealth) applications, especially if a patient has an embarrassing disease. In this paper a three tier security architecture for the mHealth application is proposed, in which light weight data confidentiality and authentication protocols are proposed to maintain the privacy of a patient. Moreover, considering the energy and hardware constraints of the wireless body sensors, low complexity data confidential and authentication schemes are designed. Performance evaluation of the proposed architecture shows that they can satisfy the energy and hardware limitations of the sensors and still can maintain the secure fabrics of the wireless body sensor networks. Besides, the proposed schemes can outperform in terms of energy consumption, memory usage and computation time over standard key establishment security scheme.

  10. Web application security: a beginner's guide

    National Research Council Canada - National Science Library

    Sullivan, Bryan; Liu, Vincent

    2012-01-01

    .... Sullivan and Liu have created a savvy, essentials-based approach to web app security packed with immediately applicable tools for any information security practitioner sharpening his or her tools or just starting...

  11. Center for Coastline Security Technology, Year-2

    National Research Council Canada - National Science Library

    Glegg, Stewart; Glenn, William; Furht, Borko; Beaujean, P. P; Frisk, G; Schock, S; VonEllenrieder, K; Ananthakrishnan, P; An, E; Granata, R

    2007-01-01

    ...), the Imaging Technology Center, the Department of Computer Science and Engineering, and the University Consortium for Intermodal Transportation Safety and Security at Florida Atlantic University...

  12. Modern Quantum Technologies of Information Security

    OpenAIRE

    Korchenko, Oleksandr; Vasiliu, Yevhen; Gnatyuk, Sergiy

    2010-01-01

    In this paper, the systematisation and classification of modern quantum technologies of information security against cyber-terrorist attack are carried out. The characteristic of the basic directions of quantum cryptography from the viewpoint of the quantum technologies used is given. A qualitative analysis of the advantages and disadvantages of concrete quantum protocols is made. The current status of the problem of practical quantum cryptography use in telecommunication networks is consider...

  13. Wireshark network security

    CERN Document Server

    Verma, Piyush

    2015-01-01

    If you are network administrator or a security analyst with an interest in using Wireshark for security analysis, then this is the book for you. Basic familiarity with common network and application services terms and technologies is assumed.

  14. Safeguards and Security Technology Development Directory. FY 1993

    Energy Technology Data Exchange (ETDEWEB)

    1993-06-01

    The Safeguards and Security Technology Development Directory is published annually by the Office of Safeguards and Security (OSS) of the US Department of Energy (DOE), and is Intended to inform recipients of the full scope of the OSS R&D program. It is distributed for use by DOE headquarters personnel, DOE program offices, DOE field offices, DOE operating contractors, national laboratories, other federal agencies, and foreign governments. Chapters 1 through 7 of the Directory provide general information regarding the Technology Development Program, including the mission, program description, organizational roles and responsibilities, technology development lifecycle, requirements analysis, program formulation, the task selection process, technology development infrastructure, technology transfer activities, and current research and development tasks. These chapters are followed by a series of appendices which contain more specific information on aspects of the Program. Appendix A is a summary of major technology development accomplishments made during FY 1992. Appendix B lists S&S technology development reports issued during FY 1992 which reflect work accomplished through the OSS Technology Development Program and other relevant activities outside the Program. Finally, Appendix C summarizes the individual task statements which comprise the FY 1993 Technology Development Program.

  15. Terahertz antenna technology for space applications

    CERN Document Server

    Choudhury, Balamati; Jha, Rakesh Mohan

    2016-01-01

    This book explores the terahertz antenna technology towards implementation of compact, consistent and cheap terahertz sources, as well as the high sensitivity terahertz detectors. The terahertz EM band provides a transition between the electronic and the photonic regions thus adopting important characteristics from these regimes. These characteristics, along with the progress in semiconductor technology, have enabled researchers to exploit hitherto unexplored domains including satellite communication, bio-medical imaging, and security systems. The advances in new materials and nanostructures such as graphene will be helpful in miniaturization of antenna technology while simultaneously maintaining the desired output levels. Terahertz antenna characterization of bandwidth, impedance, polarization, etc. has not yet been methodically structured and it continues to be a major research challenge. This book addresses these issues besides including the advances of terahertz technology in space applications worldwide,...

  16. Accelerator applications in energy and security

    CERN Document Server

    Chou, Weiren

    2015-01-01

    As accelerator science and technology progressed over the past several decades, the accelerators themselves have undergone major improvements in multiple performance factors: beam energy, beam power, and beam brightness. As a consequence, accelerators have found applications in a wide range of fields in our life and in our society. The current volume is dedicated to applications in energy and security, two of the most important and urgent topics in today's world. This volume makes an effort to provide a review as complete and up to date as possible of this broad and challenging subject. It contains overviews on each of the two topics and a series of articles for in-depth discussions including heavy ion accelerator driven inertial fusion, linear accelerator-based ADS systems, circular accelerator-based ADS systems, accelerator-reactor interface, accelerators for fusion material testing, cargo inspection, proton radiography, compact neutron generators and detectors. It also has a review article on accelerator ...

  17. On the security of SSL/TLS-enabled applications

    OpenAIRE

    Das, Manik Lal; Samdaria, Navkar

    2014-01-01

    SSL/TLS (Secure Socket Layer/Transport Layer Security)-enabled web applications aim to provide public key certificate based authentication, secure session key establishment, and symmetric key based traffic confidentiality. A large number of electronic commerce applications, such as stock trading, banking, shopping, and gaming rely on the security strength of the SSL/TLS protocol. In recent times, a potential threat, known as main-in-the-middle (MITM) attack, has been exploited by attackers of...

  18. Survey of current technologies of security management for distributed information systems; Bunsangata joho system no security iji kanri hoshiki no genjo

    Energy Technology Data Exchange (ETDEWEB)

    Matsui, S [Central Research Institute of Electric Power Industry, Tokyo (Japan)

    1997-05-01

    The latest situation of the security management for a distributed information system was examined and systematically summarized to indicate the management design in future. This paper describes the threat of the distributed information system to security, the risk for confidentiality, integrity, and availability due to the threat, and the measures to be taken. The basic technology of security management is classified into the `user certification to prevent an incorrect access` and the `encipherment to prevent data from being used incorrectly.` The technology for certification has been almost completed. It can be securely done using an expendable password or IC card system. In Internet, multiple enciphering technologies for constructing a virtual private network that can secure the almost the same security as for a private network can be used. In an electronic mail, the enciphering technology can also be used easily. The tool that manages the security of very many servers, clients, and networks is in the initial stage. 16 refs., 1 fig., 5 tabs.

  19. IT Convergence and Security 2012

    CERN Document Server

    Chung, Kyung-Yong

    2013-01-01

    The proceedings approaches the subject matter with problems in technical convergence and convergences of security technology. This approach is new because we look at new issues that arise from techniques converging. The general scope of the proceedings content is convergence security and the latest information technology. The intended readership are societies, enterprises, and research institutes, and intended content level is mid- to highly educated personals. The most important features and benefits of the proceedings are the introduction of the most recent information technology and its related ideas, applications and problems related to technology convergence, and its case studies and finally an introduction of converging existing security techniques through convergence security. Overall, through the proceedings, authors will be able to understand the most state of the art information strategies and technologies of convergence security.

  20. 77 FR 59407 - Homeland Security Science and Technology Advisory Committee (HSSTAC)

    Science.gov (United States)

    2012-09-27

    ... Secretary for Science and Technology, such as new developments in systems engineering, cyber-security... Security Challenges; Accelerating Innovation Through Systems Analysis; and Leveraging Industry for Impact... DEPARTMENT OF HOMELAND SECURITY [Docket No. DHS-2012-0053] Homeland Security Science and...

  1. State of the Art: Embedding Security in Vehicles

    Directory of Open Access Journals (Sweden)

    Weimerskirch André

    2007-01-01

    Full Text Available For new automotive applications and services, information technology (IT has gained central importance. IT-related costs in car manufacturing are already high and they will increase dramatically in the future. Yet whereas safety and reliability have become a relatively well-established field, the protection of vehicular IT systems against systematic manipulation or intrusion has only recently started to emerge. Nevertheless, IT security is already the base of some vehicular applications such as immobilizers or digital tachographs. To securely enable future automotive applications and business models, IT security will be one of the central technologies for the next generation of vehicles. After a state-of-the-art overview of IT security in vehicles, we give a short introduction into cryptographic terminology and functionality. This contribution will then identify the need for automotive IT security while presenting typical attacks, resulting security objectives, and characteristic constraints within the automotive area. We will introduce core security technologies and relevant security mechanisms followed by a detailed description of critical vehicular applications, business models, and components relying on IT security. We conclude our contribution with a detailed statement about challenges and opportunities for the automotive IT community for embedding IT security in vehicles.

  2. State of the Art: Embedding Security in Vehicles

    Directory of Open Access Journals (Sweden)

    André Weimerskirch

    2007-06-01

    Full Text Available For new automotive applications and services, information technology (IT has gained central importance. IT-related costs in car manufacturing are already high and they will increase dramatically in the future. Yet whereas safety and reliability have become a relatively well-established field, the protection of vehicular IT systems against systematic manipulation or intrusion has only recently started to emerge. Nevertheless, IT security is already the base of some vehicular applications such as immobilizers or digital tachographs. To securely enable future automotive applications and business models, IT security will be one of the central technologies for the next generation of vehicles. After a state-of-the-art overview of IT security in vehicles, we give a short introduction into cryptographic terminology and functionality. This contribution will then identify the need for automotive IT security while presenting typical attacks, resulting security objectives, and characteristic constraints within the automotive area. We will introduce core security technologies and relevant security mechanisms followed by a detailed description of critical vehicular applications, business models, and components relying on IT security. We conclude our contribution with a detailed statement about challenges and opportunities for the automotive IT community for embedding IT security in vehicles.

  3. 78 FR 66949 - Homeland Security Science and Technology Advisory Committee (HSSTAC)

    Science.gov (United States)

    2013-11-07

    ... Technology, such as new developments in systems engineering, cyber-security, knowledge management and how... DEPARTMENT OF HOMELAND SECURITY [Docket No. DHS-2013-0071] Homeland Security Science and... Management; Notice of Federal Advisory Committee Meeting. SUMMARY: The Homeland Security Science and...

  4. Effective surveillance for homeland security balancing technology and social issues

    CERN Document Server

    Flammini, Francesco; Franceschetti, Giorgio

    2013-01-01

    Effective Surveillance for Homeland Security: Balancing Technology and Social Issues provides a comprehensive survey of state-of-the-art methods and tools for the surveillance and protection of citizens and critical infrastructures against natural and deliberate threats. Focusing on current technological challenges involving multi-disciplinary problem analysis and systems engineering approaches, it provides an overview of the most relevant aspects of surveillance systems in the framework of homeland security. Addressing both advanced surveillance technologies and the related socio-ethical issues, the book consists of 21 chapters written by international experts from the various sectors of homeland security. Part I, Surveillance and Society, focuses on the societal dimension of surveillance-stressing the importance of societal acceptability as a precondition to any surveillance system. Part II, Physical and Cyber Surveillance, presents advanced technologies for surveillance. It considers developing technologie...

  5. Pro PHP Security From Application Security Principles to the Implementation of XSS Defenses

    CERN Document Server

    Snyder, Chris; Southwell, Michael

    2010-01-01

    PHP security, just like PHP itself, has advanced. Updated for PHP 5.3, the second edition of this authoritative PHP security book covers foundational PHP security topics like SQL injection, XSS, user authentication, and secure PHP development. Chris Snyder and Tom Myer also dive into recent developments like mobile security, the impact of Javascript, and the advantages of recent PHP hardening efforts. Pro PHP Security, Second Edition will serve as your complete guide for taking defensive and proactive security measures within your PHP applications. Beginners in secure programming will find a l

  6. Ultrabroadband spectroscopy for security applications

    DEFF Research Database (Denmark)

    Engelbrecht, Sunniva; Berge, Luc; Skupin, Stefan

    2015-01-01

    Ultrabroadband spectroscopy is a promising novel approach to overcome two major hurdles which have so far limited the application of THz spectroscopy for security applications: the increased bandwidth enables to record several characteristic spectroscopic features and the technique allows...

  7. Security issues of cloud computing environment in possible military applications

    OpenAIRE

    Samčović, Andreja B.

    2013-01-01

    The evolution of cloud computing over the past few years is potentially one of major advances in the history of computing and telecommunications. Although there are many benefits of adopting cloud computing, there are also some significant barriers to adoption, security issues being the most important of them. This paper introduces the concept of cloud computing; looks at relevant technologies in cloud computing; takes into account cloud deployment models and some military applications. Addit...

  8. How the Office of Safeguards and Security Technology development program facilitates safeguarding and securing the DOE complex

    International Nuclear Information System (INIS)

    Smoot, W.

    1995-01-01

    The technology development program's (TDP's) mission is to provide technologies or methodologies that address safeguards and security requirements throughout the U.S. DOE complex as well as to meet headquarters' policy needs. This includes developing state-of-the-art technologies or modifying existing technologies in physical security, material control and accountability, information security, and integrated safeguards systems. The TDP has an annual process during which it solicits user requirements from the field. These requirements are analyzed by DOE headquarters and laboratory personnel for technical merit. The requirements are then prioritized at headquarters, and the highest priorities are incorporated into our budget. Although this user-needs process occurs formally once a year, user requirements are accepted at any time. The status of funded technologies is communicated through briefings, programs reviews, and various documents that are available to all interested parties. Participants in several interagency groups allows our program to benefit from what others are doing and to prevent duplications of efforts throughout the federal community. Many technologies are transferred to private industry

  9. Gamma-ray imaging. Applications in nuclear non-proliferation and homeland security

    International Nuclear Information System (INIS)

    Vetter, Kai; Mihailescu, Lucian

    2010-01-01

    This paper provides the motivation and describes implementations of gamma-ray imaging for homeland security applications and more general for national and international nuclear security. As in nuclear medicine and astrophysics, the goal of gamma-ray imaging is the detection and localization of nuclear materials, however, here in a terrestrial environment with distances between nuclear medicine and astrophysics, i.e. in the range of 1-100 meters. Due to the recently increased threat of nuclear terrorism, the detection of illicit nuclear materials and the prevention of nuclear proliferation through the development of advanced gamma-ray imaging concepts and technologies has become and active research field. (author)

  10. 78 FR 14101 - Homeland Security Science and Technology Advisory Committee (HSSTAC)

    Science.gov (United States)

    2013-03-04

    ... Secretary for Science and Technology, such as new developments in systems engineering, cyber-security... HSSTAC input on how to improve that collaboration. --Cyber Security and the evolution of the Cyber... DEPARTMENT OF HOMELAND SECURITY [Docket No. DHS-2013-0014] Homeland Security Science and...

  11. Secure messaging via the cloud and mobile devices: data security issues emerge with new technologies.

    Science.gov (United States)

    Prestigiacomo, Jennifer

    2011-05-01

    The secure messaging space is alive with new innovations that are moving the industry forward. Key in this space is the push toward moving secure messaging to the cloud and pushing it out to mobile devices. Among the examples are solutions that allow physicians to receive encrypted email on mobile devices, as well as ones that allow doctors to securely text-message each other to coordinate care. However, the security issues around these emerging technologies in this very active space must be further explored.

  12. Physically Transient Memory on a Rapidly Dissoluble Paper for Security Application

    Science.gov (United States)

    Bae, Hagyoul; Lee, Byung-Hyun; Lee, Dongil; Seol, Myeong-Lok; Kim, Daewon; Han, Jin-Woo; Kim, Choong-Ki; Jeon, Seung-Bae; Ahn, Daechul; Park, Sang-Jae; Park, Jun-Young; Choi, Yang-Kyu

    2016-12-01

    We report the transient memory device by means of a water soluble SSG (solid sodium with glycerine) paper. This material has a hydroscopic property hence it can be soluble in water. In terms of physical security of memory devices, prompt abrogation of a memory device which stored a large number of data is crucial when it is stolen because all of things have identified information in the memory device. By utilizing the SSG paper as a substrate, we fabricated a disposable resistive random access memory (RRAM) which has good data retention of longer than 106 seconds and cycling endurance of 300 cycles. This memory device is dissolved within 10 seconds thus it can never be recovered or replicated. By employing direct printing but not lithography technology to aim low cost and disposable applications, the memory capacity tends to be limited less than kilo-bits. However, unlike high memory capacity demand for consumer electronics, the proposed device is targeting for security applications. With this regards, the sub-kilobit memory capacity should find the applications such as one-time usable personal identification, authentication code storage, cryptography key, and smart delivery tag. This aspect is attractive for security and protection system against unauthorized accessibility.

  13. 75 FR 3948 - Big Sky Energy Corp., Biomedical Waste Systems, Inc., Biometrics Security Technology, Inc...

    Science.gov (United States)

    2010-01-25

    ... SECURITIES AND EXCHANGE COMMISSION [File No. 500-1] Big Sky Energy Corp., Biomedical Waste Systems, Inc., Biometrics Security Technology, Inc., Biosys, Inc., Bolder Technologies Corp., Boyds Wheels, Inc... securities of Biometrics Security Technology, Inc. because it has not filed any periodic reports since...

  14. Capitalization of Defense Technology Security Administration Equipment

    National Research Council Canada - National Science Library

    Gimble, Thomas

    1996-01-01

    ... $5.2 million in the Equipment in Use account on its trial balance. Starting with FY 1996, Defense Technology Security Administration financial data will be included in consolidated DoD financial statements...

  15. Information and technology: Improving food security in Uganda ...

    International Development Research Centre (IDRC) Digital Library (Canada)

    2014-06-23

    Jun 23, 2014 ... Information and technology: Improving food security in Uganda ... knowledge to make decisions about planting, harvesting, and managing livestock, but ... to be effective for minimizing risks and increasing agricultural productivity. ... In time, this network of information – made possible by digital technology ...

  16. Secure smart embedded devices, platforms and applications

    CERN Document Server

    Markantonakis, Konstantinos

    2013-01-01

    New generations of IT users are increasingly abstracted from the underlying devices and platforms that provide and safeguard their services. As a result they may have little awareness that they are critically dependent on the embedded security devices that are becoming pervasive in daily modern life. Secure Smart Embedded Devices, Platforms and Applications provides a broad overview of the many security and practical issues of embedded devices, tokens, and their operation systems, platforms and main applications. It also addresses a diverse range of industry/government initiatives and consider

  17. National and International Security Applications of Cryogenic Detectors - Mostly Nuclear Safeguards

    International Nuclear Information System (INIS)

    Rabin, Michael W.

    2009-01-01

    As with science, so with security--in both arenas, the extraordinary sensitivity of cryogenic sensors enables high-confidence detection and high-precision measurement even of the faintest signals. Science applications are more mature, but several national and international security applications have been identified where cryogenic detectors have high potential payoff. International safeguards and nuclear forensics are areas needing new technology and methods to boost speed, sensitivity, precision and accuracy. Successfully applied, improved nuclear materials analysis will help constrain nuclear materials diversion pathways and contribute to treaty verification. Cryogenic microcalorimeter detectors for X-ray, gamma-ray, neutron, and alpha-particle spectrometry are under development with these aims in mind. In each case the unsurpassed energy resolution of microcalorimeters reveals previously invisible spectral features of nuclear materials. Preliminary results of quantitative analysis indicate substantial improvements are still possible, but significant work will be required to fully understand the ultimate performance limits.

  18. International and national security applications of cryogenic detectors - mostly nuclear safeguards

    International Nuclear Information System (INIS)

    Rabin, Michael W.

    2009-01-01

    As with science, so with security - in both arenas, the extraordinary sensitivity of cryogenic sensors enables high-confidence detection and high-precision measurement even of the faintest signals. Science applications are more mature, but several national and international security applications have been identified where cryogenic detectors have high potential payoff. International safeguards and nuclear forensics are areas needing new technology and methods to boost speed, sensitivity, precision and accuracy. Successfully applied, improved nuclear materials analysis will help constrain nuclear materials diversion pathways and contribute to treaty verification. Cryogenic microcalorimeter detectors for X-ray, gamma ray, neutron, and alpha particle spectrometry are under development with these aims in mind. In each case the unsurpassed energy resolution of microcalorimeters reveals previously invi sible spectral features of nuclear materials. Preliminary results of quantitative analysis indicate substantial improvements are still possible, but significant work will be required to fully understand the ultimate performance limits.

  19. ICT security- aspects important for nuclear facilities; Information and Communication Technologies

    Energy Technology Data Exchange (ETDEWEB)

    Thunem, Atoosa P-J.

    2005-09-15

    Rapid application growth of complex Information and Communication Technologies (ICT) in every society and state infrastructure as well as industry has revealed vulnerabilities that eventually have given rise to serious security breaches. These vulnerabilities together with the course of the breaches from cause to consequence are gradually about to convince the field experts that ensuring the security of ICT-driven systems is no longer possible by only relying on the fundaments of computer science, IT, or telecommunications. Appropriating knowledge from other disciplines is not only beneficial, but indeed very necessary. At the same time, it is a common observation today that ICT-driven systems are used everywhere, from the nuclear, aviation, commerce and healthcare domains to camera-equipped web-enabled cellular phones. The increasing interdisciplinary and inter-sectoral aspects of ICT security worldwide have been providing updated and useful information to the nuclear domain, as one of the emerging users of ICT-driven systems. Nevertheless, such aspects have also contributed to new and complicated challenges, as ICT security for the nuclear domain is in a much more delicate manner than for any other domains related to the concept of safety, at least from the public standpoint. This report addresses some important aspects of ICT security that need to be considered at nuclear facilities. It deals with ICT security and the relationship between security and safety from a rather different perspective than usually observed and applied. The report especially highlights the influence on the security of ICT-driven systems by all other dependability factors, and on that basis suggests a framework for ICT security profiling, where several security profiles are assumed to be valid and used in parallel for each ICT-driven system, sub-system or unit at nuclear facilities. The report also covers a related research topic of the Halden Project with focus on cyber threats and

  20. Modification of CAS-protocol for improvement of security web-applications from unauthorized access

    Directory of Open Access Journals (Sweden)

    Alexey I Igorevich Alexandrov

    2017-07-01

    Full Text Available Dissemination of information technologies and the expansion of their application demand constantly increasing security level for users, operating with confidential information and personal data. The problem of setting up secure user identification is probably one of the most common tasks, which occur in the process of software development. Today, despite the availability of a large amount of authentication tools, new solutions, mechanisms and technologies are being introduced regularly. Primarily, it is done to increase the security level of data protection against unauthorized access. This article describes the experience of using central user authentication service based on CAS-protocol (CAS – Central Authentication Service and free open source software, analyzing its main advantages and disadvantages and describing the possibility of its modification, which would increase security of web-based information systems from being accessed illegally. The article contains recommendations for setting a maximum time limit for users working on services, integrated with central authentication; and, analyses the research of implementing modern web-technologies while using user authentication system based on CAS-protocol. In addition, it describes the ways of CAS-server modernization for developing additional modules: a module for collecting and analyzing the use of information systems, and another one, for a user management system. Furthermore, CAS-protocol can be used at universities and other organizations for creating a unified information environment in education.

  1. Future role of AI/Robotics in physical security

    International Nuclear Information System (INIS)

    Jacobs, J.

    1986-06-01

    Manpower requirements for physical security systems place a heavy burden on operating security budgets. Technology innovations which free personnel or which make security personnel more efficient in carrying out their tasks is an important means of dealing with budget and manpower constraints. It is believed that AI/Robotics will be important technologies to alleviate these problems in the future. There are three types of applications for AI and Robotics technology that may: (1) help security personnel perform their tasks more effectively or efficiently, (2) perform tasks that security personnel would otherwise perform (free up people), and (3) perform tasks that cannot be performed by security personnel at this time. This paper will discuss the various types of security applications that are presently being considered for the above areas and will briefly describe a few examples of the application of this technology. Examples will include ground mobile platforms carrying alarm assessment and/or surveillance sensors and operating either autonomously or with telepresence by a remote operator. An airborne platform performing similar functions will also be discussed. An application of a type of robot sentry that would be fixed and incorporate very simple portable displays will also be described. A third type of robot, an interior robot, that could be used in sensitive or hazardous areas to do detection and assessment functions will be reviewed

  2. Technologies for security, military police, and professional policing organizations: the Department of Energy perspective

    Science.gov (United States)

    Steele, Basil J.

    1997-01-01

    There are many emerging technologies that can be used to help the law enforcement community protect the public as well as public and private facilities against ever increasing threats to this country and its resources. These technologies include sensors, closed circuit television (CCTV), access control, contraband detection, communications, control and display, barriers, and various component and system modeling techniques. This paper will introduce some of the various technologies that have been examined for the Department of Energy that could be applied to various law enforcement applications. They include: scannerless laser radar; next generation security systems; response force video information helmet system; access delay technologies; rapidly deployable intrusion detection systems; cost risk benefit analysis.

  3. Security and privacy issues with health care information technology.

    Science.gov (United States)

    Meingast, Marci; Roosta, Tanya; Sastry, Shankar

    2006-01-01

    The face of health care is changing as new technologies are being incorporated into the existing infrastructure. Electronic patient records and sensor networks for in-home patient monitoring are at the current forefront of new technologies. Paper-based patient records are being put in electronic format enabling patients to access their records via the Internet. Remote patient monitoring is becoming more feasible as specialized sensors can be placed inside homes. The combination of these technologies will improve the quality of health care by making it more personalized and reducing costs and medical errors. While there are benefits to technologies, associated privacy and security issues need to be analyzed to make these systems socially acceptable. In this paper we explore the privacy and security implications of these next-generation health care technologies. We describe existing methods for handling issues as well as discussing which issues need further consideration.

  4. Securing the Application Layer in eCommerce

    OpenAIRE

    Bala Musa S; Norita Md Norwawi; Mohd Hasan Selamat

    2012-01-01

    As e-commerce transaction is evolving, security is becoming a paramount issue since a great deal of credit cards, fund transfer, web shopping and public retirements are involved. Therefore, an appropriate development process is necessary for such security critical application. Also, handling security issues at early stage of software development is paramount to avoiding vulnerabilities from scaling through production environment unnoticed. This paper proposes a comprehensive security requirem...

  5. Security training with interactive laser-video-disk technology

    International Nuclear Information System (INIS)

    Wilson, D.

    1988-01-01

    DOE, through its contractor EG and G Energy Measurements, Inc., has developed a state-of-the-art interactive-video system for use at the Department of Energy's Central Training Academy. Called the Security Training and Evaluation Shooting System (STRESS), the computer-driven decision shooting system employs the latest is laservideo-disk technology. STRESS is designed to provide realistic and stressful training for security inspectors employed by the DOE and its contractors. The system uses wide-screen video projection, sophisticated scenario-branching technology, and customized video scenarios especially designed for the DOE. Firing a weapon that has been modified to shoot ''laser bullets,'' and wearing a special vest that detects ''hits'': the security inspector encounters adversaries on the wide screen who can shoot or be shot by the inspector in scenarios that demand fast decisions. Based on those decisions, the computer provides instantaneous branching to different scenes, giving the inspector confrontational training with the realism and variability of real life

  6. Securing a better future for all: making a difference with nuclear technology

    International Nuclear Information System (INIS)

    Mohamad, Daud; )

    2014-01-01

    The IAEA is an inter-governmental organization and the world's centre of cooperation in the nuclear field. As per its mandate, the IAEA shall seek to accelerate and enlarge the contribution of atomic energy to peace, health and prosperity throughout the world. The IAEA executes its mandate on the basis of three pillars: nuclear verification and security, safety and technology transfer. Nuclear technologies and techniques can offer vital assistance in fighting disease, improving food security and safety, and studying and sustainably managing water resources and the environment. The IAEA's Department of Nuclear Sciences and Applications works to address these critical developmental needs by helping Member States to apply nuclear science and technology more effectively where they have a comparative advantage and can have substantial socio-economic impact. The scale of these needs is growing each day as the world's population and life expectancies increase, as global industry and migration multiply the populations of the world's cities and their demands for resources, and as these trends impact human disease, the availability of safe and sufficient supplies of food and water, the health of our terrestrial and marine ecosystems, and the variability of our climate. These are highly complex challenges, and nuclear science and technology, can make impactful contributions in helping Member States to respond to these challenges

  7. 48 CFR 1804.470 - Security requirements for unclassified information technology (IT) resources.

    Science.gov (United States)

    2010-10-01

    ... 48 Federal Acquisition Regulations System 6 2010-10-01 2010-10-01 true Security requirements for unclassified information technology (IT) resources. 1804.470 Section 1804.470 Federal Acquisition Regulations... Classified Information Within Industry 1804.470 Security requirements for unclassified information technology...

  8. Smart Secure Homes: A Survey of Smart Home Technologies that Sense, Assess, and Respond to Security Threats.

    Science.gov (United States)

    Dahmen, Jessamyn; Cook, Diane J; Wang, Xiaobo; Honglei, Wang

    2017-08-01

    Smart home design has undergone a metamorphosis in recent years. The field has evolved from designing theoretical smart home frameworks and performing scripted tasks in laboratories. Instead, we now find robust smart home technologies that are commonly used by large segments of the population in a variety of settings. Recent smart home applications are focused on activity recognition, health monitoring, and automation. In this paper, we take a look at another important role for smart homes: security. We first explore the numerous ways smart homes can and do provide protection for their residents. Next, we provide a comparative analysis of the alternative tools and research that has been developed for this purpose. We investigate not only existing commercial products that have been introduced but also discuss the numerous research that has been focused on detecting and identifying potential threats. Finally, we close with open challenges and ideas for future research that will keep individuals secure and healthy while in their own homes.

  9. Raman Spectroscopy for Homeland Security Applications

    Directory of Open Access Journals (Sweden)

    Gregory Mogilevsky

    2012-01-01

    Full Text Available Raman spectroscopy is an analytical technique with vast applications in the homeland security and defense arenas. The Raman effect is defined by the inelastic interaction of the incident laser with the analyte molecule’s vibrational modes, which can be exploited to detect and identify chemicals in various environments and for the detection of hazards in the field, at checkpoints, or in a forensic laboratory with no contact with the substance. A major source of error that overwhelms the Raman signal is fluorescence caused by the background and the sample matrix. Novel methods are being developed to enhance the Raman signal’s sensitivity and to reduce the effects of fluorescence by altering how the hazard material interacts with its environment and the incident laser. Basic Raman techniques applicable to homeland security applications include conventional (off-resonance Raman spectroscopy, surface-enhanced Raman spectroscopy (SERS, resonance Raman spectroscopy, and spatially or temporally offset Raman spectroscopy (SORS and TORS. Additional emerging Raman techniques, including remote Raman detection, Raman imaging, and Heterodyne imaging, are being developed to further enhance the Raman signal, mitigate fluorescence effects, and monitor hazards at a distance for use in homeland security and defense applications.

  10. Public key infrastructure for DOE security research

    Energy Technology Data Exchange (ETDEWEB)

    Aiken, R.; Foster, I.; Johnston, W.E. [and others

    1997-06-01

    This document summarizes the Department of Energy`s Second Joint Energy Research/Defence Programs Security Research Workshop. The workshop, built on the results of the first Joint Workshop which reviewed security requirements represented in a range of mission-critical ER and DP applications, discussed commonalties and differences in ER/DP requirements and approaches, and identified an integrated common set of security research priorities. One significant conclusion of the first workshop was that progress in a broad spectrum of DOE-relevant security problems and applications could best be addressed through public-key cryptography based systems, and therefore depended upon the existence of a robust, broadly deployed public-key infrastructure. Hence, public-key infrastructure ({open_quotes}PKI{close_quotes}) was adopted as a primary focus for the second workshop. The Second Joint Workshop covered a range of DOE security research and deployment efforts, as well as summaries of the state of the art in various areas relating to public-key technologies. Key findings were that a broad range of DOE applications can benefit from security architectures and technologies built on a robust, flexible, widely deployed public-key infrastructure; that there exists a collection of specific requirements for missing or undeveloped PKI functionality, together with a preliminary assessment of how these requirements can be met; that, while commercial developments can be expected to provide many relevant security technologies, there are important capabilities that commercial developments will not address, due to the unique scale, performance, diversity, distributed nature, and sensitivity of DOE applications; that DOE should encourage and support research activities intended to increase understanding of security technology requirements, and to develop critical components not forthcoming from other sources in a timely manner.

  11. Bio-inspired motion planning algorithms for autonomous robots facilitating greater plasticity for security applications

    Science.gov (United States)

    Guo, Yi; Hohil, Myron; Desai, Sachi V.

    2007-10-01

    Proposed are techniques toward using collaborative robots for infrastructure security applications by utilizing them for mobile sensor suites. A vast number of critical facilities/technologies must be protected against unauthorized intruders. Employing a team of mobile robots working cooperatively can alleviate valuable human resources. Addressed are the technical challenges for multi-robot teams in security applications and the implementation of multi-robot motion planning algorithm based on the patrolling and threat response scenario. A neural network based methodology is exploited to plan a patrolling path with complete coverage. Also described is a proof-of-principle experimental setup with a group of Pioneer 3-AT and Centibot robots. A block diagram of the system integration of sensing and planning will illustrate the robot to robot interaction to operate as a collaborative unit. The proposed approach singular goal is to overcome the limits of previous approaches of robots in security applications and enabling systems to be deployed for autonomous operation in an unaltered environment providing access to an all encompassing sensor suite.

  12. Soils and food security | Nortcliff | Nigerian Journal of Technological ...

    African Journals Online (AJOL)

    A threat impacting on food security strongly in Africa is nutrient mining where insufficient nutrients are returned to the soil after crop production. The impacts of global change on food security and the potential impacts of global markets for food and land are also briefly discussed. Nigerian Journal of Technological Research ...

  13. External Service Providers to the National Security Technology Incubator: Formalization of Relationships

    Energy Technology Data Exchange (ETDEWEB)

    None

    2008-04-30

    This report documents the formalization of relationships with external service providers in the development of the National Security Technology Incubator (NSTI). The technology incubator is being developed as part of the National Security Preparedness Project (NSPP), funded by a Department of Energy (DOE)/National Nuclear Security Administration (NNSA) grant. This report summarizes the process in developing and formalizing relationships with those service providers and includes a sample letter of cooperation executed with each provider.

  14. The Search for Security Technology Funding.

    Science.gov (United States)

    Fickes, Michael

    2003-01-01

    Explains that although it is difficult to find money to pay for school security technology, there are places to look. For example, the Department of Education has a list serve that summarizes various funding opportunities. There is also a Federal Register list serve and a site put out by the Department of Justice. A sidebar presents three…

  15. Technical aspects of portal technology application for e-health systems.

    Science.gov (United States)

    Kosińska, Joanna; Słowikowski, Paweł

    2004-01-01

    E-health is an emerging field on the intersection of medical information technologies, public health and business, referring to health services and information delivered or enhanced through the Internet and related technologies. Portal technology, allowing services to be accessible over the Internet is a perfect tool for providing e-health services. The use of portal technologies has had deep influence on the architecture of the whole e-health system, both regarding new subsystems and older ones which we want to integrate with the portal. Portals provide new possibilities for creating novel types of e-health applications as well. In this paper we provide a brief overview of e-health systems and portal technologies, and present many technical aspects of portal technology application for e-health systems such as the architecture of portal-based e-health systems, graphical user interfaces, access to various e-health systems' resources, personalization, security and privacy.

  16. Technologies for security, military police and professional policing organizations, the Department of Energy perspective

    International Nuclear Information System (INIS)

    Steele, B.J.

    1996-01-01

    There are many technologies emerging from this decade that can be used to help the law enforcement community protect the public as well as public and private facilities against ever increasing threats to this country and its resources. These technologies include sensors, closed circuit television (CCTV), access control, contraband detection, communications, control and display, barriers, and various component and system modeling techniques. This paper will introduce some of the various technologies that have been examined for the Department of Energy that could be applied to various law enforcement applications. They include: (1) scannerless laser radar; (2) next generation security systems; (3) response force video information helmet system; (4) access delay technologies; (5) rapidly deployable intrusion detection systems; and (6) cost risk benefit analysis

  17. Three Essays on Information Technology Security Management in Organizations

    Science.gov (United States)

    Gupta, Manish

    2011-01-01

    Increasing complexity and sophistication of ever evolving information technologies has spurred unique and unprecedented challenges for organizations to protect their information assets. Companies suffer significant financial and reputational damage due to ineffective information technology security management, which has extensively been shown to…

  18. Reverse Engineering and Security Evaluation of Commercial Tags for RFID-Based IoT Applications.

    Science.gov (United States)

    Fernández-Caramés, Tiago M; Fraga-Lamas, Paula; Suárez-Albela, Manuel; Castedo, Luis

    2016-12-24

    The Internet of Things (IoT) is a distributed system of physical objects that requires the seamless integration of hardware (e.g., sensors, actuators, electronics) and network communications in order to collect and exchange data. IoT smart objects need to be somehow identified to determine the origin of the data and to automatically detect the elements around us. One of the best positioned technologies to perform identification is RFID (Radio Frequency Identification), which in the last years has gained a lot of popularity in applications like access control, payment cards or logistics. Despite its popularity, RFID security has not been properly handled in numerous applications. To foster security in such applications, this article includes three main contributions. First, in order to establish the basics, a detailed review of the most common flaws found in RFID-based IoT systems is provided, including the latest attacks described in the literature. Second, a novel methodology that eases the detection and mitigation of such flaws is presented. Third, the latest RFID security tools are analyzed and the methodology proposed is applied through one of them (Proxmark 3) to validate it. Thus, the methodology is tested in different scenarios where tags are commonly used for identification. In such systems it was possible to clone transponders, extract information, and even emulate both tags and readers. Therefore, it is shown that the methodology proposed is useful for auditing security and reverse engineering RFID communications in IoT applications. It must be noted that, although this paper is aimed at fostering RFID communications security in IoT applications, the methodology can be applied to any RFID communications protocol.

  19. Reverse Engineering and Security Evaluation of Commercial Tags for RFID-Based IoT Applications

    Directory of Open Access Journals (Sweden)

    Tiago M. Fernández-Caramés

    2016-12-01

    Full Text Available The Internet of Things (IoT is a distributed system of physical objects that requires the seamless integration of hardware (e.g., sensors, actuators, electronics and network communications in order to collect and exchange data. IoT smart objects need to be somehow identified to determine the origin of the data and to automatically detect the elements around us. One of the best positioned technologies to perform identification is RFID (Radio Frequency Identification, which in the last years has gained a lot of popularity in applications like access control, payment cards or logistics. Despite its popularity, RFID security has not been properly handled in numerous applications. To foster security in such applications, this article includes three main contributions. First, in order to establish the basics, a detailed review of the most common flaws found in RFID-based IoT systems is provided, including the latest attacks described in the literature. Second, a novel methodology that eases the detection and mitigation of such flaws is presented. Third, the latest RFID security tools are analyzed and the methodology proposed is applied through one of them (Proxmark 3 to validate it. Thus, the methodology is tested in different scenarios where tags are commonly used for identification. In such systems it was possible to clone transponders, extract information, and even emulate both tags and readers. Therefore, it is shown that the methodology proposed is useful for auditing security and reverse engineering RFID communications in IoT applications. It must be noted that, although this paper is aimed at fostering RFID communications security in IoT applications, the methodology can be applied to any RFID communications protocol.

  20. Reverse Engineering and Security Evaluation of Commercial Tags for RFID-Based IoT Applications

    Science.gov (United States)

    Fernández-Caramés, Tiago M.; Fraga-Lamas, Paula; Suárez-Albela, Manuel; Castedo, Luis

    2016-01-01

    The Internet of Things (IoT) is a distributed system of physical objects that requires the seamless integration of hardware (e.g., sensors, actuators, electronics) and network communications in order to collect and exchange data. IoT smart objects need to be somehow identified to determine the origin of the data and to automatically detect the elements around us. One of the best positioned technologies to perform identification is RFID (Radio Frequency Identification), which in the last years has gained a lot of popularity in applications like access control, payment cards or logistics. Despite its popularity, RFID security has not been properly handled in numerous applications. To foster security in such applications, this article includes three main contributions. First, in order to establish the basics, a detailed review of the most common flaws found in RFID-based IoT systems is provided, including the latest attacks described in the literature. Second, a novel methodology that eases the detection and mitigation of such flaws is presented. Third, the latest RFID security tools are analyzed and the methodology proposed is applied through one of them (Proxmark 3) to validate it. Thus, the methodology is tested in different scenarios where tags are commonly used for identification. In such systems it was possible to clone transponders, extract information, and even emulate both tags and readers. Therefore, it is shown that the methodology proposed is useful for auditing security and reverse engineering RFID communications in IoT applications. It must be noted that, although this paper is aimed at fostering RFID communications security in IoT applications, the methodology can be applied to any RFID communications protocol. PMID:28029119

  1. The application of artificial intelligence within information security.

    OpenAIRE

    2012-01-01

    D.Phil. Computer-based information systems will probably always have to contend with security issues. Much research have already gone into the field of information security. These research results have yielded some very sophisticated and effective security mechanisms and procedures. However, due to the ever increasing sophistication of criminals, combined with the ever changing and evolving information technology environment, some limitations still exist within the field of information sec...

  2. Extended outlook: description, utilization, and daily applications of cloud technology in radiology.

    Science.gov (United States)

    Gerard, Perry; Kapadia, Neil; Chang, Patricia T; Acharya, Jay; Seiler, Michael; Lefkovitz, Zvi

    2013-12-01

    The purpose of this article is to discuss the concept of cloud technology, its role in medical applications and radiology, the role of the radiologist in using and accessing these vast resources of information, and privacy concerns and HIPAA compliance strategies. Cloud computing is the delivery of shared resources, software, and information to computers and other devices as a metered service. This technology has a promising role in the sharing of patient medical information and appears to be particularly suited for application in radiology, given the field's inherent need for storage and access to large amounts of data. The radiology cloud has significant strengths, such as providing centralized storage and access, reducing unnecessary repeat radiologic studies, and potentially allowing radiologic second opinions more easily. There are significant cost advantages to cloud computing because of a decreased need for infrastructure and equipment by the institution. Private clouds may be used to ensure secure storage of data and compliance with HIPAA. In choosing a cloud service, there are important aspects, such as disaster recovery plans, uptime, and security audits, that must be considered. Given that the field of radiology has become almost exclusively digital in recent years, the future of secure storage and easy access to imaging studies lies within cloud computing technology.

  3. Design and develop a video conferencing framework for real-time telemedicine applications using secure group-based communication architecture.

    Science.gov (United States)

    Mat Kiah, M L; Al-Bakri, S H; Zaidan, A A; Zaidan, B B; Hussain, Muzammil

    2014-10-01

    One of the applications of modern technology in telemedicine is video conferencing. An alternative to traveling to attend a conference or meeting, video conferencing is becoming increasingly popular among hospitals. By using this technology, doctors can help patients who are unable to physically visit hospitals. Video conferencing particularly benefits patients from rural areas, where good doctors are not always available. Telemedicine has proven to be a blessing to patients who have no access to the best treatment. A telemedicine system consists of customized hardware and software at two locations, namely, at the patient's and the doctor's end. In such cases, the video streams of the conferencing parties may contain highly sensitive information. Thus, real-time data security is one of the most important requirements when designing video conferencing systems. This study proposes a secure framework for video conferencing systems and a complete management solution for secure video conferencing groups. Java Media Framework Application Programming Interface classes are used to design and test the proposed secure framework. Real-time Transport Protocol over User Datagram Protocol is used to transmit the encrypted audio and video streams, and RSA and AES algorithms are used to provide the required security services. Results show that the encryption algorithm insignificantly increases the video conferencing computation time.

  4. Competitive Technologies for National Security: Review and Recommendations

    National Research Council Canada - National Science Library

    Carafano, James J; Gudgel, Andew; Kochems, Alane

    2008-01-01

    .... Innovation will always be a national security wild card. New technologies may unleash or accelerate social and cultural changes that affect how nations protect themselves on battlefields and behind the scenes...

  5. Reducing security risk using data loss prevention technology.

    Science.gov (United States)

    Beeskow, John

    2015-11-01

    Data loss/leakage protection (DLP) technology seeks to improve data security by answering three fundamental questions: > Where are confidential data stored? > Who is accessing the information? > How are data being handled?

  6. After Globalization Future Security in a Technology Rich World

    Energy Technology Data Exchange (ETDEWEB)

    Gilmartin,T J

    2001-08-17

    Over the course of the year 2000, five workshops were conducted by the Center for Global Security Research at the Lawrence Livermore National Laboratory on threats to international security in the 2015 to 2020 timeframe due to the global availability of advanced technology. These workshops focused on threats that are enabled by nuclear, missile, and space technology; military technology; information technology; bio technology; and geo systems technology. The participants included US national leaders and experts from the Department of Energy National Laboratories; the Department of Defense: Army, Navy, Air Force, Office of the Secretary of Defense, Defense Threat Reduction Agency, and Defense Advanced Research Projects Agency; the Department of State, NASA, Congressional technical staff, the intelligence community, universities and university study centers, think tanks, consultants on security issues, and private industry. For each workshop the process of analysis involved identification and prioritization of the participants' perceived most severe threat scenarios (worst nightmares), discussion of the technologies which enabled those threats, and ranking of the technologies' threat potentials. The threats ranged from local/regional to global, from intentional to unintended to natural, from merely economic to massively destructive, and from individual and group to state actions. We were not concerned in this exercise with defining responses to the threats, although our assessment of each threat's severity included consideration of the ease or difficulty with which it might be executed or countered. At the concluding review, we brought the various workshops' participants together, added senior participant/reviewers with broad experience and national responsibility, and discussed the workshop findings to determine what is most certain or uncertain, and what might be needed to resolve our uncertainties. This paper summarizes the consenses and

  7. BIOMETRIC SECURITY: ALTERNATIF PENGENDALIAN DALAM SISTEM INFORMASI AKUNTANSI TERKOMPUTERISASI

    Directory of Open Access Journals (Sweden)

    Josua Tarigan

    2004-01-01

    Full Text Available As organization search more secure authentication method for user access, biometric security technology is gaining more and more attention. The implementation of biometric security technology in accounting information systems was physical access, virtual access, e-commerce applications and covert suveillance. There are three phase when an organization implementation biometric technology: strategic planning and budgeting, developing a system reliability plan and documentation. The challenges will face when develop biometric technology as control in accounting information system are standardization, hybrid technology uses, life cycle management. Abstract in Bahasa Indonesia : Adanya keinginan setiap organisasi untuk mencari metode pengamanan authentication yang lebih untuk akses user, dijawab dengan adanya teknologi biometric security yang mendapat perhatian yang cukup besar bagi organisasi. Implementasi teknologi biometric security cukup luas dalam sistem informasi akuntansi yaitu sebagai pengendalian pada physical access, virtual access, e-commerce applications dan covert surveillance. Dalam mengimplementasikan teknologi biometric, ada tiga tahapan yang harus dilakukan organisasi, yakni strategic planning and budgeting, developing a system reliability plan dan documentation. Tantangan yang akan dihadapi dalam mengembangkan teknologi biometric sebagai pengendalian dalam sistem informasi akuntansi yakni standarisasi, aplikasi teknologi hybrid dan manajemen siklus hidup pada biometric security. Kata kunci: authentication, akses user dan biometric security.

  8. Survey into basics, concepts, applications, security and simulation of DHT and applications based on DHT technologies

    OpenAIRE

    Aaltonen, Petri

    2017-01-01

    Distributed architectures have emerged as a significant area of computing affecting the consumer domain more and more. Distributed data transfer has proven to be a suitable and convenient technology for efficiently transferring files across multiple peers interested in obtaining an identical copy of the same data – for example entertainment or a block of application data. Current technology when discussing decentralized distributed systems are based on the Distributed Hash Table structures. F...

  9. MODEL-BASED SECURITY ENGINEERING OF SOA SYSTEM USING SECURITY INTENT DSL

    OpenAIRE

    Muhammad Qaiser Saleem; Jafreezal Jaafar; Mohd Fadzil Hassan

    2011-01-01

    Currently most of the enterprises are using SOA and web services technologies to build their web information system. They are using MDA principles for design and development of WIS and using UML as a modelling language for business process modelling. Along with the increased connectivity in SOA environment, security risks rise exponentially. Security is not defined during the early phases of development and left onto developer. Properly configuring security requirements in SOA applications is...

  10. Research Market Gap in Law Enforcement Technology: Lessons from Czech Security Research Funding Programmes

    Directory of Open Access Journals (Sweden)

    Luděk Moravec

    2014-12-01

    Full Text Available While security research funding schemes are nothing new to the EU (Horizon 2020 and FP7, or to several Member States, their priorities and procedures are usually decided administratively or shaped by advisory groups of varying membership. Only recently did the EU shift its focus to the role of end users in security research programmes, seeking their input in order to maximise the utility of funded solutions. Such a hint to limited usefulness of some industrial solutions is not exactly inconspicuous. This paper discusses the gap between the stated needs of law enforcement agencies in terms of R&D funding and the grant project applications in the area of law enforcement. It aims to define and describe the gap, and consequently the market opportunities, between the supply and demand sides represented by industry-driven grant project applications and end-user-formulated calls. The study is based on empirical data from two Czech security research funding programmes that have been running since 2010 and should deliver their results by 2015. It seeks to contribute some preliminary observations about the structure of both end user needs and industry capabilities in such a particular area as law enforcement technology.

  11. Video motion detection for physical security applications

    International Nuclear Information System (INIS)

    Matter, J.C.

    1990-01-01

    Physical security specialists have been attracted to the concept of video motion detection for several years. Claimed potential advantages included additional benefit from existing video surveillance systems, automatic detection, improved performance compared to human observers, and cost-effectiveness. In recent years, significant advances in image-processing dedicated hardware and image analysis algorithms and software have accelerated the successful application of video motion detection systems to a variety of physical security applications. Early video motion detectors (VMDs) were useful for interior applications of volumetric sensing. Success depended on having a relatively well-controlled environment. Attempts to use these systems outdoors frequently resulted in an unacceptable number of nuisance alarms. Currently, Sandia National Laboratories (SNL) is developing several advanced systems that employ image-processing techniques for a broader set of safeguards and security applications. The Target Cueing and Tracking System (TCATS), the Video Imaging System for Detection, Tracking, and Assessment (VISDTA), the Linear Infrared Scanning Array (LISA); the Mobile Intrusion Detection and Assessment System (MIDAS), and the Visual Artificially Intelligent Surveillance (VAIS) systems are described briefly

  12. Understanding Application Behaviours for Android Security: A Systematic Characterization

    OpenAIRE

    Cai, Haipeng; Ryder, Barbara

    2016-01-01

    In contrast to most existing research on Android focusing on specific security issues, there is little broad understanding of Android application run-time characteristics and their security implications. To mitigate this gap, we present the first dynamic characterization study of Android applications that targets such a broad understanding for Android security. Through lightweight method-level profiling, we have collected 33GB traces of method calls and inter-component communication (ICC) fro...

  13. New technologies and the search for security: Prospects for a post-cold-war era

    International Nuclear Information System (INIS)

    Brown, G.E. Jr.

    1990-01-01

    Technology alone will not solve our many environmental, economic and military problems. The search for peace and security must be based on a concept of international security that extends beyond the bounds of military concerns and into the realm of environmental and economic matters. In our efforts to understand how science and technology fit within this security context, we should not look simply at emerging technologies, even those that are sustainable and stabilizing, as being the principal candidates for drastic improvements in peace and security on our planet. One must keep in mind that security for as many as one fourth to one half of the world's inhabitants would be revolutionized if they had access to some of the most basic existing technologies of our times. Equitable access to resources and technology is an age-old problem. Today it must be faced on a global basis. It demands creating a new world economic order that combines the best that the capitalist and socialist economies can offer. We must declare today that a secure global society cannot exist which is half in slavery to poverty and deprived of opportunity, and half free to develop its potential and achieve its dreams

  14. Public assessment of new surveillance-oriented security technologies: Beyond the trade-off between privacy and security.

    Science.gov (United States)

    Pavone, Vincenzo; Esposti, Sara Degli

    2012-07-01

    As surveillance-oriented security technologies (SOSTs) are considered security enhancing but also privacy infringing, citizens are expected to trade part of their privacy for higher security. Drawing from the PRISE project, this study casts some light on how citizens actually assess SOSTs through a combined analysis of focus groups and survey data. First, the outcomes suggest that people did not assess SOSTs in abstract terms but in relation to the specific institutional and social context of implementation. Second, from this embedded viewpoint, citizens either expressed concern about government's surveillance intentions and considered SOSTs mainly as privacy infringing, or trusted political institutions and believed that SOSTs effectively enhanced their security. None of them, however, seemed to trade privacy for security because concerned citizens saw their privacy being infringed without having their security enhanced, whilst trusting citizens saw their security being increased without their privacy being affected.

  15. Biometric Security: Alternatif Pengendalian Dalam Sistem Informasi Akuntansi Terkomputerisasi

    OpenAIRE

    Tarigan, Josua

    2004-01-01

    As organization search more secure authentication method for user access, biometric security technology is gaining more and more attention. The implementation of biometric security technology in accounting information systems was physical access, virtual access, e-commerce applications and covert suveillance. There are three phase when an organization implementation biometric technology: strategic planning and budgeting, developing a system reliability plan and documentation. The challenges w...

  16. BIOMETRIC SECURITY: ALTERNATIF PENGENDALIAN DALAM SISTEM INFORMASI AKUNTANSI TERKOMPUTERISASI

    OpenAIRE

    Josua Tarigan

    2004-01-01

    As organization search more secure authentication method for user access, biometric security technology is gaining more and more attention. The implementation of biometric security technology in accounting information systems was physical access, virtual access, e-commerce applications and covert suveillance. There are three phase when an organization implementation biometric technology: strategic planning and budgeting, developing a system reliability plan and documentation. The challenges w...

  17. Security engineering: systems engineering of security through the adaptation and application of risk management

    Science.gov (United States)

    Gilliam, David P.; Feather, Martin S.

    2004-01-01

    Information Technology (IT) Security Risk Management is a critical task in the organization, which must protect its resources and data against the loss of confidentiality, integrity, and availability. As systems become more complex and diverse, and more vulnerabilities are discovered while attacks from intrusions and malicious content increase, it is becoming increasingly difficult to manage IT security. This paper describes an approach to address IT security risk through risk management and mitigation in both the institution and in the project life cycle.

  18. Achieving Security Assurance with Assertion-based Application Construction

    Directory of Open Access Journals (Sweden)

    Carlos E. Rubio-Medrano

    2015-12-01

    Full Text Available Modern software applications are commonly built by leveraging pre-fabricated modules, e.g. application programming interfaces (APIs, which are essential to implement the desired functionalities of software applications, helping reduce the overall development costs and time. When APIs deal with security-related functionality, it is critical to ensure they comply with their design requirements since otherwise unexpected flaws and vulnerabilities may consequently occur. Often, such APIs may lack sufficient specification details, or may implement a semantically-different version of a desired security model to enforce, thus possibly complicating the runtime enforcement of security properties and making it harder to minimize the existence of serious vulnerabilities. This paper proposes a novel approach to address such a critical challenge by leveraging the notion of software assertions. We focus on security requirements in role-based access control models and show how proper verification at the source-code level can be performed with our proposed approach as well as with automated state-of-the-art assertion-based techniques.

  19. Privacy and Security Research Group workshop on network and distributed system security: Proceedings

    Energy Technology Data Exchange (ETDEWEB)

    1993-05-01

    This report contains papers on the following topics: NREN Security Issues: Policies and Technologies; Layer Wars: Protect the Internet with Network Layer Security; Electronic Commission Management; Workflow 2000 - Electronic Document Authorization in Practice; Security Issues of a UNIX PEM Implementation; Implementing Privacy Enhanced Mail on VMS; Distributed Public Key Certificate Management; Protecting the Integrity of Privacy-enhanced Electronic Mail; Practical Authorization in Large Heterogeneous Distributed Systems; Security Issues in the Truffles File System; Issues surrounding the use of Cryptographic Algorithms and Smart Card Applications; Smart Card Augmentation of Kerberos; and An Overview of the Advanced Smart Card Access Control System. Selected papers were processed separately for inclusion in the Energy Science and Technology Database.

  20. Application Security for the Android Platform Processes, Permissions, and Other Safeguards

    CERN Document Server

    Six, Jeff

    2011-01-01

    This book will educate readers on the need for application security and secure coding practices when designing any app. No prior knowledge of security or secure programming techniques is assumed. The book will discuss the need for such practices, how the Android environment is structured with respect to security considerations, what services and techniques are available on the platform to protect data, and how developers can build and code applications that address the risk to their applications and the data processed by them. This text is especially important now, as Android is fast becoming

  1. 78 FR 41954 - TA-W-82,634, Prudential Global Business Technology Solutions Central Security Services Dresher...

    Science.gov (United States)

    2013-07-12

    ... Business Technology Solutions Central Security Services Iselin, New Jersey; TA-W-82,634B, Prudential Global Business Technology Solutions Central Security Services Plymouth, Minnesota; TA- W-82,634C, Prudential Global Business Technology Solutions Central Security Services Scottsdale, Arizona; TA-W-82,634D...

  2. Concepts and applications of wireless security systems for tactical, portable, and fixed sites

    International Nuclear Information System (INIS)

    Harrington, J.J.

    1997-01-01

    Intrusion detection systems sometimes use radio signals to convey sensor status in areas that wire conduits do not service or as a redundant path to wired systems. Some applications benefit from radio technology by minimizing setup time and reducing installation and operation costs. In recent years with the explosion in wireless communications, these radio-based security systems have become more capable while lowering costs, size, and power consumption. However, the very nature of radio communication raises issues regarding setup, operation, and security of these systems. Sandia National Laboratories, in cooperation with government and industry, has addressed many of these issues through the analysis and development of security systems, communications protocols, and operational procedures. Message encryption and frequent channel supervision are used to enhance security. Installation and maintenance of these systems are simplified by incorporating built-in radio link analysis, menu-driven configuration equipment, and other techniques. Commercial communications satellites and spread-spectrum radios are also being integrated to provide unique capabilities to the security community. The status of this work is presented here along with details of its development

  3. 78 FR 56263 - HydroGen Corp., QueryObject Systems Corp., Security Intelligence Technologies, Inc., Skins, Inc...

    Science.gov (United States)

    2013-09-12

    ... SECURITIES AND EXCHANGE COMMISSION [File No. 500-1] HydroGen Corp., QueryObject Systems Corp., Security Intelligence Technologies, Inc., Skins, Inc., SLM Holdings, Inc., Spring Creek Healthcare Systems... securities of Security Intelligence Technologies, Inc. because it has not filed any periodic reports since...

  4. Grid Security

    CERN Multimedia

    CERN. Geneva

    2004-01-01

    The aim of Grid computing is to enable the easy and open sharing of resources between large and highly distributed communities of scientists and institutes across many independent administrative domains. Convincing site security officers and computer centre managers to allow this to happen in view of today's ever-increasing Internet security problems is a major challenge. Convincing users and application developers to take security seriously is equally difficult. This paper will describe the main Grid security issues, both in terms of technology and policy, that have been tackled over recent years in LCG and related Grid projects. Achievements to date will be described and opportunities for future improvements will be addressed.

  5. The Application of Biometrics in Critical Infrastructures Operations: Guidance for Security Managers. ERNCIP Thematic Group Applied Biometrics for CIP. Deliverable: Guidance for Security Managers - Task 2

    OpenAIRE

    REJMAN-GREENE Marek; BRZOZOWSKI Krzysztof; MANSFIELD Tony; SANCHEZ-REILLO Raul; WAGGETT Peter; WHITAKER Geoff

    2015-01-01

    Biometric technologies have advanced considerably over the past decade, and have paved the way for more widespread use by governments, commercial enterprises and, more recently, by the consumer through the introduction of sensors and apps on mobile phones. This report provides introductory information about the application of these technologies to achieve secure recognition of individuals by organisations which form part of critical infrastructures in the EU. As a specific example, it offers ...

  6. Review on Cyber Security Programs for NPP Application

    Energy Technology Data Exchange (ETDEWEB)

    Oh, Eung Se [KEPRI, Daejeon (Korea, Republic of)

    2010-10-15

    Increased history records of cyber security (CS) attacks and concerns for computers and networks technical mishaps pull out cyber security to open places. In spite of secrete nature of security, transparent and shared knowledge of many security features are more required at modern plant floors. Korea Institute of Nuclear Safety (KINS), US Government and Nuclear Regulatory Commission (NRC) requested to develop cyber security plans and enforce their implementing to the NPPs. [KINS; CFR; RG 5.71] This paper reviews various cyber security guidelines and suggests an applicable cyber security program development models during the life cycle of NPP's Instrumentation and Control (I and C) systems

  7. Review on Cyber Security Programs for NPP Application

    International Nuclear Information System (INIS)

    Oh, Eung Se

    2010-01-01

    Increased history records of cyber security (CS) attacks and concerns for computers and networks technical mishaps pull out cyber security to open places. In spite of secrete nature of security, transparent and shared knowledge of many security features are more required at modern plant floors. Korea Institute of Nuclear Safety (KINS), US Government and Nuclear Regulatory Commission (NRC) requested to develop cyber security plans and enforce their implementing to the NPPs. [KINS] [CFR] [RG 5.71] This paper reviews various cyber security guidelines and suggests an applicable cyber security program development models during the life cycle of NPP's Instrumentation and Control (I and C) systems

  8. Designing Intelligent Secure Android Application for Effective Chemical Inventory

    Science.gov (United States)

    Shukran, Mohd Afizi Mohd; Naim Abdullah, Muhammad; Nazri Ismail, Mohd; Maskat, Kamaruzaman; Isa, Mohd Rizal Mohd; Shahfee Ishak, Muhammad; Adib Khairuddin, Muhamad

    2017-08-01

    Mobile services support various situations in everyday life and with the increasing sophistication of phone functions, the daily life is much more easier and better especially in term of managing tools and apparatus. Since chemical inventory management system has been experiencing a new revolution from antiquated to an automated inventory management system, some additional features should be added in current chemical inventory system. Parallel with the modern technologies, chemical inventory application using smart phone has been developed. Several studies about current related chemical inventory management using smart phone application has been done in this paper in order to obtain an overview on recent studies in smartphone application for chemical inventory system which are needed in schools, universities or other education institutions. This paper also discuss about designing the proposed secure mobile chemical inventory system. The study of this paper can provide forceful review analysis support for the chemical inventory management system related research.

  9. Health Information Security in Hospitals: the Application of Security Safeguards.

    Science.gov (United States)

    Mehraeen, Esmaeil; Ayatollahi, Haleh; Ahmadi, Maryam

    2016-02-01

    A hospital information system has potentials to improve the accessibility of clinical information and the quality of health care. However, the use of this system has resulted in new challenges, such as concerns over health information security. This paper aims to assess the status of information security in terms of administrative, technical and physical safeguards in the university hospitals. This was a survey study in which the participants were information technology (IT) managers (n=36) who worked in the hospitals affiliated to the top ranked medical universities (university A and university B). Data were collected using a questionnaire. The content validity of the questionnaire was examined by the experts and the reliability of the questionnaire was determined using Cronbach's coefficient alpha (α=0.75). The results showed that the administrative safeguards were arranged at a medium level. In terms of the technical safeguards and the physical safeguards, the IT managers rated them at a strong level. According to the results, among three types of security safeguards, the administrative safeguards were assessed at the medium level. To improve it, developing security policies, implementing access control models and training users are recommended.

  10. Advances in cyber security technology, operations, and experiences

    CERN Document Server

    Hsu, D Frank

    2013-01-01

    Advances in Cyber Security provides, in a technical yet easy to understand fashion, a real life story of the evolving cyberspace ecosystem from the perspectives of structure, function, and application. It also provides ways and means to secure and sustain this ecosystem by the collective wisdom of professionals and practitioners from government, academia, and industry across national and international boundaries.

  11. The Firewall and Security of Information Systems

    OpenAIRE

    Radut Carmen; Albici Mihaela; Tenovici Cristina Otilia

    2010-01-01

    Information security is a broader concept which refers to ensuring the integrity, confidentiality and availability of information. The dynamics of information technology to induce new risks to which organizations must implement new measures of control. Technological development has been accompanied by security solutions, equipment manufacturers and applications including technical methods of protection performance. However, while in information technology change is exponential, the human comp...

  12. Overview of RFID technology and its applications in the food industry.

    Science.gov (United States)

    Kumar, P; Reinitz, H W; Simunovic, J; Sandeep, K P; Franzon, P D

    2009-10-01

    Radio frequency identification (RFID) is an alternative technology with a potential to replace traditional universal product code (UPC) barcodes. RFID enables identification of an object from a distance without requiring a line of sight. RFID tags can also incorporate additional data such as details of product and manufacturer and can transmit measured environmental factors such as temperature and relative humidity. This article presents key concepts and terminology related to RFID technology and its applications in the food industry. Components and working principles of an RFID system are described. Numerous applications of RFID technology in the food industry (supply chain management, temperature monitoring of foods, and ensuring food safety) are discussed. Challenges in implementation of RFID technology are also discussed in terms of read range, read accuracy, nonuniform standards, cost, recycling issues, privacy, and security concerns.

  13. Security technology discussion for emergency command system of nuclear power plant

    International Nuclear Information System (INIS)

    Liu Zhenjun

    2014-01-01

    Nuclear power plant emergency command system can provide valuable data for emergency personnel, such as the unit data, weather data, environmental radiation data. In the course of emergency response, the emergency command system provides decision support to quickly and effectively control and mitigate the consequences of the nuclear accident, to avoid and reduce the dose received by staff and the public, to protect the environment and the public. There are high performance requirements on the security of the system and the data transmission. Based on the previous project and new demand after the Fukushima incident, the security technology design of emergency system in nuclear power plant was discussed. The results show that the introduction of information security technology can effectively ensure the security of emergency systems, and enhance the capacity of nuclear power plant to deal with nuclear accidents. (author)

  14. Security analysis of cyber-physical system

    Science.gov (United States)

    Li, Bo; Zhang, Lichen

    2017-05-01

    In recent years, Cyber-Physical System (CPS) has become an important research direction of academic circles and scientific and technological circles at home and abroad, is considered to be following the third wave of world information technology after the computer, the Internet. PS is a multi-dimensional, heterogeneous, deep integration of open systems, Involving the computer, communication, control and other disciplines of knowledge. As the various disciplines in the research theory and methods are significantly different, so the application of CPS has brought great challenges. This paper introduces the definition and characteristics of CPS, analyzes the current situation of CPS, analyzes the security threats faced by CPS, and gives the security solution for security threats. It also discusses CPS-specific security technology, to promote the healthy development of CPS in information security.

  15. Preliminary field evaluation of solid state cameras for security applications

    International Nuclear Information System (INIS)

    Murray, D.W.

    1987-01-01

    Recent developments in solid state imager technology have resulted in a series of compact, lightweight, all-solid-state closed circuit television (CCTV) cameras. Although it is widely known that the various solid state cameras have less light sensitivity and lower resolution than their vacuum tube counterparts, the potential for having a much longer Mean Time Between Failure (MTBF) for the all-solid-state cameras is generating considerable interest within the security community. Questions have been raised as to whether the newest and best of the solid state cameras are a viable alternative to the high maintenance vacuum tube cameras in exterior security applications. To help answer these questions, a series of tests were performed by Sandia National Laboratories at various test sites and under several lighting conditions. The results of these tests as well as a description of the test equipment, test sites, and procedures are presented in this report

  16. Research on the application in disaster reduction for using cloud computing technology

    Science.gov (United States)

    Tao, Liang; Fan, Yida; Wang, Xingling

    Cloud Computing technology has been rapidly applied in different domains recently, promotes the progress of the domain's informatization. Based on the analysis of the state of application requirement in disaster reduction and combining the characteristics of Cloud Computing technology, we present the research on the application of Cloud Computing technology in disaster reduction. First of all, we give the architecture of disaster reduction cloud, which consists of disaster reduction infrastructure as a service (IAAS), disaster reduction cloud application platform as a service (PAAS) and disaster reduction software as a service (SAAS). Secondly, we talk about the standard system of disaster reduction in five aspects. Thirdly, we indicate the security system of disaster reduction cloud. Finally, we draw a conclusion the use of cloud computing technology will help us to solve the problems for disaster reduction and promote the development of disaster reduction.

  17. New technologies and the search for security: Prospects for a post-cold-war era

    Energy Technology Data Exchange (ETDEWEB)

    Brown, Jr, G E

    1991-12-31

    Technology alone will not solve our many environmental, economic and military problems. The search for peace and security must be based on a concept of international security that extends beyond the bounds of military concerns and into the realm of environmental and economic matters. In our efforts to understand how science and technology fit within this security context, we should not look simply at emerging technologies, even those that are sustainable and stabilizing, as being the principal candidates for drastic improvements in peace and security on our planet. One must keep in mind that security for as many as one fourth to one half of the world`s inhabitants would be revolutionized if they had access to some of the most basic existing technologies of our times. Equitable access to resources and technology is an age-old problem. Today it must be faced on a global basis. It demands creating a new world economic order that combines the best that the capitalist and socialist economies can offer. We must declare today that a secure global society cannot exist which is half in slavery to poverty and deprived of opportunity, and half free to develop its potential and achieve its dreams

  18. Technology scale and supply chains in a secure, affordable and low carbon energy transition

    International Nuclear Information System (INIS)

    Hoggett, Richard

    2014-01-01

    Highlights: • Energy systems need to decarbonise, provide security and remain affordable. • There is uncertainty over which technologies will best enable this to happen. • A strategy to deal with uncertainty is to assess a technologies ability to show resilience, flexibility and adaptability. • Scale is important and smaller scale technologies are like to display the above characteristics. • Smaller scale technologies are therefore more likely to enable a sustainable, secure, and affordable energy transition. - Abstract: This research explores the relationship between technology scale, energy security and decarbonisation within the UK energy system. There is considerable uncertainty about how best to deliver on these goals for energy policy, but a focus on supply chains and their resilience can provide useful insights into the problems uncertainty causes. Technology scale is central to this, and through an analysis of the supply chains of nuclear power and solar photovoltaics, it is suggested that smaller scale technologies are more likely to support and enable a secure, low carbon energy transition. This is because their supply chains are less complex, show more flexibility and adaptability, and can quickly respond to changes within an energy system, and as such they are more resilient than large scale technologies. These characteristics are likely to become increasingly important in a rapidly changing energy system, and prioritising those technologies that demonstrate resilience, flexibility and adaptability will better enable a transition that is rapid, sustainable, secure and affordable

  19. Multimedia security watermarking, steganography, and forensics

    CERN Document Server

    Shih, Frank Y

    2012-01-01

    Multimedia Security: Watermarking, Steganography, and Forensics outlines essential principles, technical information, and expert insights on multimedia security technology used to prove that content is authentic and has not been altered. Illustrating the need for improved content security as the Internet and digital multimedia applications rapidly evolve, this book presents a wealth of everyday protection application examples in fields including multimedia mining and classification, digital watermarking, steganography, and digital forensics. Giving readers an in-depth overview of different asp

  20. 78 FR 45255 - Homeland Security Science and Technology Advisory Committee (HSSTAC)

    Science.gov (United States)

    2013-07-26

    ..., cyber-security, knowledge management and how best to leverage related technologies funded by other... INFORMATION CONTACT: Mary Hanson, HSSTAC Executive Director, Science and Technology Directorate, Department of... Technology Advisory Committee (HSSTAC) ACTION: Notice of Federal Advisory Committee charter renewal. SUMMARY...

  1. Multilayered security and privacy protection in Car-to-X networks solutions from application down to physical layer

    CERN Document Server

    Stübing, Hagen

    2013-01-01

    Car-to-X (C2X) communication in terms of Car-to-Car (C2C) and Car-to-Infrastructure (C2I) communication aims at increasing road safety and traffic efficiency by exchanging foresighted traffic information. Thereby, security and privacy are regarded as an absolute prerequisite for successfully establishing the C2X technology on the market. Towards the paramount objective of covering the entire ITS reference model with security and privacy measures, Hagen Stübing develops dedicated solutions for each layer, respectively. On application layer a security architecture in terms of a Public Key Infras

  2. Design of Prototype Payment Application System With Near Field Communication (NFC Technology based on Android

    Directory of Open Access Journals (Sweden)

    Huda Ubaya

    2012-06-01

    Full Text Available Since the late 1990s, people have enjoyed a comfortable lifestyle. Mobile devices supported by the development of wireless networks have spread throughout the world. People can get information, order tickets, download songs and perform commercial transactions, called mobile commerce. Mobile commerce applications become the most popular application for mobile device users who want to do business and financial transactions easily and securely, anytime and anywhere they are. Today the use of physical cash is experiencing a decline in popularity in the business world, because it is being replaced by non-physical payments are often called electronic money (e-money. An important technology behind mobile payments is called Near Field Communication (NFC. As an indication that the NFC has tremendous business potential, leading companies like Nokia, Microsoft, Visa Inc., and MasterCard Worldwide and NXP Semiconductors, is actively engaged on them. Payment processing integrated with NFC technology based mobile operating system that is a trend today is Android that support NFC technology is version 2.3.3 Gingerbread. The prototype application is designed to pay for 2 on the user side of the user as consumer and the merchant side as a trader or seller by using the handset that already have NFC technology is Google Samsung Nexus S. Pay an application prototype also implements the concept of security in e-commerce transactions by using the protocol-to-Tag Tag so that the user needs for security and comfort during the financial transaction are met.

  3. Mitigating Docker Security Issues

    OpenAIRE

    Yasrab, Robail

    2018-01-01

    It is very easy to run applications in Docker. Docker offers an ecosystem that offers a platform for application packaging, distributing and managing within containers. However, Docker platform is yet not matured. Presently, Docker is less secured as compare to virtual machines (VM) and most of the other cloud technologies. The key of reason of Docker inadequate security protocols is containers sharing of Linux kernel, which can lead to risk of privileged escalations. This research is going t...

  4. Clean fuel technology for world energy security

    Energy Technology Data Exchange (ETDEWEB)

    Sunjay, Sunjay

    2010-09-15

    Clean fuel technology is the integral part of geoengineering and green engineering with a view to global warming mitigation. Optimal utilization of natural resources coal and integration of coal & associated fuels with hydrocarbon exploration and development activities is pertinent task before geoscientist with evergreen energy vision with a view to energy security & sustainable development. Value added technologies Coal gasification,underground coal gasification & surface coal gasification converts solid coal into a gas that can be used for power generation, chemical production, as well as the option of being converted into liquid fuels.

  5. Nuclear Technologies Secure Food For Future

    International Nuclear Information System (INIS)

    2012-01-01

    Full text: For nearly fifty years, applications of nuclear technology have been helping the world's farmers, contributing new varieties of crops, controlling pests, diagnosing livestock disease, improving soil and water management and increasing food safety. The significant role of nuclear technology in supporting agriculture will be the focus of this year's IAEA Scientific Forum in Vienna on 18-19 September. Food for the Future: Meeting the Challenges with Nuclear Applications is the theme of the Forum, which takes place during the annual IAEA General Conference. ''Demand for food is rising significantly as the world's population grows,'' IAEA Director General Yukiya Amano said. ''Fighting hunger is a key priority. It is essential not only that the world should produce more food. We must also protect crops and livestock and make sure that food is safe to eat. Nuclear applications can make a real difference in all of these areas.'' ''The goal of the Scientific Forum is to make Member States more aware of the very important work of the IAEA in nuclear applications related to food and to encourage more countries to make use of our services.'' Nuclear technology has many possible uses in food and agriculture. By irradiation, scientists can accelerate natural spontaneous mutation and improve crop varieties to suit particular conditions. Farmers are benefitting from rice that grows in salty conditions, barley that flourishes above 4 000 metres (13 000 feet) and hundreds of other crop varieties. The use of the sterile insect technique, in which males of a targeted species such as the tsetse fly or the Mediterranean fruit fly are sterilised by radiation and released into the wild, is expanding significantly. This effectively combats insect pests that damage crops and spread disease among humans and livestock, while limiting pesticide use. The world was last year declared free of the deadly cattle disease rinderpest after a campaign made possible by nuclear techniques. The

  6. Physics through the 1990s: scientific interfaces and technological applications

    International Nuclear Information System (INIS)

    1986-01-01

    The volume examines the scientific interfaces and technological applications of physics. Twelve areas are dealt with: biological physics--biophysics, the brain, and theoretical biology; the physics-chemistry interface--instrumentation, surfaces, neutron and synchrotron radiation, polymers, organic electronic materials; materials science; geophysics--tectonics, the atmosphere and oceans, planets, drilling and seismic exploration, and remote sensing; computational physics--complex systems and applications in basic research; mathematics--field theory and chaos; microelectronics--integrated circuits, miniaturization, future trends; optical information technologies--fiber optics and photonics; instrumentation; physics applications to energy needs and the environment; national security--devices, weapons, and arms control; medical physics--radiology, ultrasonics, NMR, and photonics. An executive summary and many chapters contain recommendations regarding funding, education, industry participation, small-group university research and large facility programs, government agency programs, and computer database needs

  7. A Windows Phone 7 Oriented Secure Architecture for Business Intelligence Mobile Applications

    Directory of Open Access Journals (Sweden)

    Silvia TRIF

    2011-01-01

    Full Text Available This paper present and implement a Windows Phone 7 Oriented Secure Architecture for Business Intelligence Mobile Application. In the developing process is used a Windows Phone 7 application that interact with a WCF Web Service and a database. The types of Business Intelligence Mobile Applications are presented. The Windows mobile devices security and restrictions are presented. The namespaces and security algorithms used in .NET Compact Framework for assuring the application security are presented. The proposed architecture is showed underlying the flows between the application and the web service.

  8. Asset Identification for Security Risk Assessment in Web Applications

    OpenAIRE

    Hisham M. Haddad; Brunil D. Romero

    2009-01-01

    As software applications become more complex they require more security, allowing them to reach an appropriate level of quality to manage information, and therefore achieving business objectives. Web applications represent one segment of software industry where security risk assessment is essential. Web engineering must address new challenges to provide new techniques and tools that guarantee high quality application development. This work focuses asset identification, the initial step in sec...

  9. Computer security

    CERN Document Server

    Gollmann, Dieter

    2011-01-01

    A completely up-to-date resource on computer security Assuming no previous experience in the field of computer security, this must-have book walks you through the many essential aspects of this vast topic, from the newest advances in software and technology to the most recent information on Web applications security. This new edition includes sections on Windows NT, CORBA, and Java and discusses cross-site scripting and JavaScript hacking as well as SQL injection. Serving as a helpful introduction, this self-study guide is a wonderful starting point for examining the variety of competing sec

  10. Information Technology Security Professionals' Knowledge and Use Intention Based on UTAUT Model

    Science.gov (United States)

    Kassa, Woldeloul

    2016-01-01

    Information technology (IT) security threats and vulnerabilities have become a major concern for organizations in the United States. However, there has been little research on assessing the effect of IT security professionals' knowledge on the use of IT security controls. This study examined the unified theory of acceptance and use of technology…

  11. International Conference on Recent Developments and Applications of Nuclear Technologies - Conference Abstracts

    International Nuclear Information System (INIS)

    Zakrzewska-Trznadel, G.

    2008-01-01

    The aim of the Conference was to offer an opportunity to interchange views and experiences, as well as to present the state of the art and modern trends concerning research and applications in the field of nuclear technologies. It was hoped that the Conference may fill up the gap on the field of information about possibilities and results of the application of nuclear technologies in modern economy of the 21 century, particularly in: industry, food processing, heritage preservation, environmental protection, homeland security and health protection. One session, with invited lectures, was entirely devoted to modern nuclear technologies for power generation. Conference participants presented 7 plenary lectures, 68 oral communications in 8 sessions and 98 posters

  12. Irradiation applications for homeland security

    International Nuclear Information System (INIS)

    Desrosiers, Marc F.

    2004-01-01

    In October 2001, first-class mail laced with anthrax was sent to political and media targets resulting in several deaths, illnesses, significant mail-service disruption, and economic loss. The White House Office of Science and Technology Policy established a technical task force on mail decontamination that included three key agencies: National Institute of Standards and Technology with responsibility for radiation dosimetry and coordinating and performing experiments at industrial accelerator facilities; the Armed Forces Radiobiology Research Institute with responsibility for radiobiology; and the US Postal Service with responsibility for radiation-processing quality assurance and quality control. An overview of the anthrax attack decontamination events will be presented as well as expectations for growth in this area and the prospects of other homeland security areas where irradiation technology can be applied

  13. Mid-Atlantic Technology Applications Center. Quarters 1-4

    Science.gov (United States)

    1997-01-01

    Mid-atlantic Technology Application Center (MTAC) pursued a number of initiatives designed to enhance the strategic position of the Langley Research Center (LaRC) and NASA in industry. Among these was a closer association with the ISA, International Society for Measurement and Control. During 1997, MTAC placed articles regarding NASA-developed technologies in each In Tech magazine. The monthly magazine is sent to 46,000 sensors and instrumentation professionals. In addition, MTAC coordinated NASXs participation in the ISA Tech 97 Conference, securing $112,000 of free exhibit space, 1500 NASA sensors posters at no cost to NASA, and thousands of dollars of free publicity. MTAC was awarded a contract by ISA to operate its Technical Resource Center (TRC). The goal of this project is to determine what user needs are in order to identify opportunities for collaboration between NASA centers and companies. In addition, the TRC work will lay the groundwork for the Technology Development Consortium (TDC) proposed by MTAC. The purpose of the TDC is to: match current industry needs with NASA technologies available now, and to identify future needs of NASA and industry which may lead to dual use projects. The goal of these activities is twofold: to infuse NASA technologies into the sensors and instrumentation industry and to secure industry funds to support NASA technology development projects. The instrumentation and sensors industry is valued at $30 billion worldwide, with $12 billion in sales in the United States. The growth rate averages 13.5%, so that by the year 2000, the industry will produce products worth $49 billion. More than 80% of instruments, sensors and control systems are currently manufactured in the United States. NASA and the industry do not have a history of collaborative projects; MTAC's initiatives in this area are designed to foster working relationships between the two parties that will help maintain U.S. leadership in this field. Mid-atlantic Technology

  14. Development of IT-based Cyber Security Technology for Nuclear Power Plant

    International Nuclear Information System (INIS)

    Hong, S. B.; Lee, J. C.; Choi, Y. S.; Choi, Y. R.; Cho, J. W.; Jung, C. E.; Jeong, K. I.; Park, B.; Koo, I. S.

    2009-11-01

    Development and enlargement of the high speed communication network make it possible the user to access online information easily. It generates changing offline activities to online in the economics, expansion of cultural interchanges and convenient life. But it also causes misuse, wiretapping, forgery and alteration of the information via illegal invasion(virus, hacking), and these are derived from the open network characteristic, weakness of the securities of the TCP/IP protocol and information systems. The security of individual and the national foundation facility(industry and government) can be threatened because of these problems, and theses can be used as a instrument of cyber-war. Many cyber security technologies have been developed to corp with the cyber threat. One of the most important national facility is the nuclear power plant and the necessity of the cyber security for the digital I and C of it have been proposed since middle of the 2000. KINS announced the regulation of the cyber security for the digital I and C of the nuclear power plant in 2007. The main concept of the cyber security for it is similar to the IT field that is treated as a leader of the cyber security. Because of the difference of the characteristics between the IT field and the nuclear industry, applying the cyber security technologies developed and used in the IT field to the nuclear industry has some critical constraints. We will analyze these problems and propose a cyber security method based on cryptograph and authentication for the I and C communication network in this report

  15. Development of IT-based Cyber Security Technology for Nuclear Power Plant

    Energy Technology Data Exchange (ETDEWEB)

    Hong, S. B.; Lee, J. C.; Choi, Y. S.; Choi, Y. R.; Cho, J. W.; Jung, C. E.; Jeong, K. I.; Park, B.; Koo, I. S

    2009-11-15

    Development and enlargement of the high speed communication network make it possible the user to access online information easily. It generates changing offline activities to online in the economics, expansion of cultural interchanges and convenient life. But it also causes misuse, wiretapping, forgery and alteration of the information via illegal invasion(virus, hacking), and these are derived from the open network characteristic, weakness of the securities of the TCP/IP protocol and information systems. The security of individual and the national foundation facility(industry and government) can be threatened because of these problems, and theses can be used as a instrument of cyber-war. Many cyber security technologies have been developed to corp with the cyber threat. One of the most important national facility is the nuclear power plant and the necessity of the cyber security for the digital I and C of it have been proposed since middle of the 2000. KINS announced the regulation of the cyber security for the digital I and C of the nuclear power plant in 2007. The main concept of the cyber security for it is similar to the IT field that is treated as a leader of the cyber security. Because of the difference of the characteristics between the IT field and the nuclear industry, applying the cyber security technologies developed and used in the IT field to the nuclear industry has some critical constraints. We will analyze these problems and propose a cyber security method based on cryptograph and authentication for the I and C communication network in this report.

  16. A Survey On Biometric Security Technologies From Cloud Computing Perspective

    Directory of Open Access Journals (Sweden)

    Shivashish Ratnam

    2015-08-01

    Full Text Available Cloud computing is one of the rising technologies that takes set of connections users to the next level. Cloud is a technology where resources are paid as per usage rather than owned. One of the major challenges in this technology is Security. Biometric systems provide the answer to ensure that the rendered services are accessed only by a legal user or an authorized user and no one else. Biometric systems recognize users based on behavioral or physiological characteristics. The advantages of such systems over traditional validation methods such as passwords and IDs are well known and hence biometric systems are progressively gaining ground in terms of usage. This paper brings about a new replica of a security system where in users have to offer multiple biometric finger prints during Enrollment for a service. These templates are stored at the cloud providers section. The users are authenticated based on these finger print designed templates which have to be provided in the order of arbitrary numbers or imaginary numbers that are generated every time continuously. Both finger prints templates and images are present and they provided every time duration are encrypted or modified for enhanced security.

  17. FlySec: a risk-based airport security management system based on security as a service concept

    Science.gov (United States)

    Kyriazanos, Dimitris M.; Segou, Olga E.; Zalonis, Andreas; Thomopoulos, Stelios C. A.

    2016-05-01

    Complementing the ACI/IATA efforts, the FLYSEC European H2020 Research and Innovation project (http://www.fly-sec.eu/) aims to develop and demonstrate an innovative, integrated and end-to-end airport security process for passengers, enabling a guided and streamlined procedure from the landside to airside and into the boarding gates, and offering for an operationally validated innovative concept for end-to-end aviation security. FLYSEC ambition turns through a well-structured work plan into: (i) innovative processes facilitating risk-based screening; (ii) deployment and integration of new technologies and repurposing existing solutions towards a risk-based Security paradigm shift; (iii) improvement of passenger facilitation and customer service, bringing security as a real service in the airport of tomorrow;(iv) achievement of measurable throughput improvement and a whole new level of Quality of Service; and (v) validation of the results through advanced "in-vitro" simulation and "in-vivo" pilots. On the technical side, FLYSEC achieves its ambitious goals by integrating new technologies on video surveillance, intelligent remote image processing and biometrics combined with big data analysis, open-source intelligence and crowdsourcing. Repurposing existing technologies is also in the FLYSEC objectives, such as mobile application technologies for improved passenger experience and positive boarding applications (i.e. services to facilitate boarding and landside/airside way finding) as well as RFID for carry-on luggage tracking and quick unattended luggage handling. In this paper, the authors will describe the risk based airport security management system which powers FLYSEC intelligence and serves as the backend on top of which FLYSEC's front end technologies reside for security services management, behaviour and risk analysis.

  18. Robot technology. Vol. 3B. Teleoperation and robotics: applications and technology

    Energy Technology Data Exchange (ETDEWEB)

    Vertut, J; Coiffet, P

    1985-01-01

    Teleoperation is concerned with the exploration and exploitation of of spaces which do not allow, because of their inaccessibility or hostility, direct access to man. This volume (Parts 2, 3 and 4) covers the contribution of computer science and automatic control to this technology. Part 2 includes a description of teleoperation systems followed by chapters on the operator substitution function by computer feedback to the operator. Part 3 has chapters on performance evaluation of teleoperation systems and the human operator in the teleoperation system. Part 4 is about applications of teleoperation in the nuclear industry, underwater, in space, in medicine, in industry and in security and civil protection. The nuclear applications include research and pilot facilities, reactor operation and maintenance, reactor decommissioning and dismantling and in emergencies, for example following a reactor accident. (U.K.).

  19. Reform of the National Security Science and Technology Enterprise

    National Research Council Canada - National Science Library

    Berry, William; Coffey, Timothy; DeYoung, Donald; Kadtke, James; Loeb, Cheryl

    2008-01-01

    A strong science and technology (S&T) program has been vitally important to American national security since World War II and has to date given the United States a strategic advantage over competitors...

  20. Research on the information security system in electrical gis system in mobile application

    Science.gov (United States)

    Zhou, Chao; Feng, Renjun; Jiang, Haitao; Huang, Wei; Zhu, Daohua

    2017-05-01

    With the rapid development of social informatization process, the demands of government, enterprise, and individuals for spatial information becomes larger. In addition, the combination of wireless network technology and spatial information technology promotes the generation and development of mobile technologies. In today’s rapidly developed information technology field, network technology and mobile communication have become the two pillar industries by leaps and bounds. They almost absorbed and adopted all the latest information, communication, computer, electronics and so on new technologies. Concomitantly, the network coverage is more and more big, the transmission rate is faster and faster, the volume of user’s terminal is smaller and smaller. What’s more, from LAN to WAN, from wired network to wireless network, from wired access to mobile wireless access, people’s demand for communication technology is increasingly higher. As a result, mobile communication technology is facing unprecedented challenges as well as unprecedented opportunities. When combined with the existing mobile communication network, it led to the development of leaps and bounds. However, due to the inherent dependence of the system on the existing computer communication network, information security problems cannot be ignored. Today’s information security has penetrated into all aspects of life. Information system is a complex computer system, and it’s physical, operational and management vulnerabilities constitute the security vulnerability of the system. Firstly, this paper analyzes the composition of mobile enterprise network and information security threat. Secondly, this paper puts forward the security planning and measures, and constructs the information security structure.

  1. The impact of medical technology on sense of security in the palliative home care setting.

    Science.gov (United States)

    Munck, Berit; Sandgren, Anna

    2017-03-02

    The increase in the use of medical devices in palliative home care requires that patients and next-of-kin feel secure. Therefore, the aim was to describe medical technology's impact on the sense of security for patients, next-of-kin and district nurses. Deductive content analysis was conducted on data from three previous studies, using the theoretical framework 'palliative home care as a secure base'. The use of medical technology was shown to have an impact on the sense of security for all involved. A sense of control was promoted by trust in staff and their competence in managing the technology, which was linked to continuity. Inner peace and being in comfort implied effective symptom relief facilitated by pain pumps and being relieved of responsibility. Health care professionals need to have practical knowledge about medical technology, but at the same time have an awareness of how to create and maintain a sense of security.

  2. A sensor monitoring system for telemedicine, safety and security applications

    Science.gov (United States)

    Vlissidis, Nikolaos; Leonidas, Filippos; Giovanis, Christos; Marinos, Dimitrios; Aidinis, Konstantinos; Vassilopoulos, Christos; Pagiatakis, Gerasimos; Schmitt, Nikolaus; Pistner, Thomas; Klaue, Jirka

    2017-02-01

    A sensor system capable of medical, safety and security monitoring in avionic and other environments (e.g. homes) is examined. For application inside an aircraft cabin, the system relies on an optical cellular network that connects each seat to a server and uses a set of database applications to process data related to passengers' health, safety and security status. Health monitoring typically encompasses electrocardiogram, pulse oximetry and blood pressure, body temperature and respiration rate while safety and security monitoring is related to the standard flight attendance duties, such as cabin preparation for take-off, landing, flight in regions of turbulence, etc. In contrast to previous related works, this article focuses on the system's modules (medical and safety sensors and associated hardware), the database applications used for the overall control of the monitoring function and the potential use of the system for security applications. Further tests involving medical, safety and security sensing performed in an real A340 mock-up set-up are also described and reference is made to the possible use of the sensing system in alternative environments and applications, such as health monitoring within other means of transport (e.g. trains or small passenger sea vessels) as well as for remotely located home users, over a wired Ethernet network or the Internet.

  3. Technology Applications that Support Space Exploration

    Science.gov (United States)

    Henderson, Edward M.; Holderman, Mark L.

    2011-01-01

    consideration and are addressed in this paper. These applications have been made available to the various NASA study groups that are determining the next steps the Agency must take to secure a sound foundation for future space exploration The paper also addresses how follow-on demonstrations, as launch performance grows, can build on the earlier applications to provide increased benefits for both the commercial and scientific communities. The architecture of incrementally building upon previous successes and insights dramatically lowers the overall associated risk for developing and maturing the key enabling technologies. The goal is to establish a potential business case that encourages commercial activity, thereby reducing the cost for the demonstration while using the technology maturation in developing readiness for future space exploration with overall less risk.

  4. iOS application security analysis

    OpenAIRE

    Βλάχος, Κωνσταντίνος Γ.; Vlachos, Konstantinos G.

    2017-01-01

    The purpose of this research is to explain the nature of the Apple iOS applications and provide all the available Open Source tools for analyzing them, starting from decrypting any application’s binary downloaded from the AppStore to reverse engineering it and even altering the flow of its running process on the actual device. We start introducing the basic theory of the iOS operating system and its applications including the security mechanisms incorporated by Apple that are a...

  5. 76 FR 31350 - Cruise Vessel Safety and Security Act of 2010, Available Technology

    Science.gov (United States)

    2011-05-31

    ... DEPARTMENT OF HOMELAND SECURITY Coast Guard [Docket No. USCG-2011-0357] Cruise Vessel Safety and Security Act of 2010, Available Technology AGENCY: Coast Guard, DHS. ACTION: Notice of request for comments... Security and Safety Act of 2010(CVSSA), specifically related to video recording and overboard detection...

  6. Secure Multi-party Computation Protocol for Defense Applications in Military Operations Using Virtual Cryptography

    Science.gov (United States)

    Pathak, Rohit; Joshi, Satyadhar

    With the advent into the 20th century whole world has been facing the common dilemma of Terrorism. The suicide attacks on US twin towers 11 Sept. 2001, Train bombings in Madrid Spain 11 Mar. 2004, London bombings 7 Jul. 2005 and Mumbai attack 26 Nov. 2008 were some of the most disturbing, destructive and evil acts by terrorists in the last decade which has clearly shown their evil intent that they can go to any extent to accomplish their goals. Many terrorist organizations such as al Quaida, Harakat ul-Mujahidin, Hezbollah, Jaish-e-Mohammed, Lashkar-e-Toiba, etc. are carrying out training camps and terrorist operations which are accompanied with latest technology and high tech arsenal. To counter such terrorism our military is in need of advanced defense technology. One of the major issues of concern is secure communication. It has to be made sure that communication between different military forces is secure so that critical information is not leaked to the adversary. Military forces need secure communication to shield their confidential data from terrorist forces. Leakage of concerned data can prove hazardous, thus preservation and security is of prime importance. There may be a need to perform computations that require data from many military forces, but in some cases the associated forces would not want to reveal their data to other forces. In such situations Secure Multi-party Computations find their application. In this paper, we propose a new highly scalable Secure Multi-party Computation (SMC) protocol and algorithm for Defense applications which can be used to perform computation on encrypted data. Every party encrypts their data in accordance with a particular scheme. This encrypted data is distributed among some created virtual parties. These Virtual parties send their data to the TTP through an Anonymizer layer. TTP performs computation on encrypted data and announces the result. As the data sent was encrypted its actual value can’t be known by TTP

  7. 76 FR 45645 - 10-Day Notice of Proposed Information Collection: Technology Security/Clearance Plans, Screening...

    Science.gov (United States)

    2011-07-29

    ...: Technology Security/Clearance Plans, Screening Records, and Non-Disclosure Agreements ACTION: Notice of... Information Collection: Technology Security/ Clearance Plans, Screening Records, and Non-Disclosure Agreements...: None. Respondents: Business and Nonprofit Organizations, Foreign Governments. Estimated Number of...

  8. 48 CFR 1252.239-70 - Security requirements for unclassified information technology resources.

    Science.gov (United States)

    2010-10-01

    ... unclassified information technology resources. 1252.239-70 Section 1252.239-70 Federal Acquisition Regulations... of Provisions and Clauses 1252.239-70 Security requirements for unclassified information technology... Unclassified Information Technology Resources (APR 2005) (a) The Contractor shall be responsible for...

  9. Satellite Technology Contribution to Water and Food Security

    Science.gov (United States)

    Brown, Molly E.

    2010-01-01

    This slide presentation reviews the issue of supplies of food, the relationship to food security, the ability of all people to attain sufficient food for an active and healthy life, and the ability to use satellite technology and remote sensing to assist with planning and act as an early warning system.

  10. Security systems engineering overview

    Science.gov (United States)

    Steele, Basil J.

    1997-01-01

    Crime prevention is on the minds of most people today. The concern for public safety and the theft of valuable assets are being discussed at all levels of government and throughout the public sector. There is a growing demand for security systems that can adequately safeguard people and valuable assets against the sophistication of those criminals or adversaries who pose a threat. The crime in this country has been estimated at 70 billion dollars in direct costs and up to 300 billion dollars in indirect costs. Health insurance fraud alone is estimated to cost American businesses 100 billion dollars. Theft, warranty fraud, and counterfeiting of computer hardware totaled 3 billion dollars in 1994. A threat analysis is a prerequisite to any security system design to assess the vulnerabilities with respect to the anticipated threat. Having established a comprehensive definition of the threat, crime prevention, detection, and threat assessment technologies can be used to address these criminal activities. This talk will outline the process used to design a security system regardless of the level of security. This methodology has been applied to many applications including: government high security facilities; residential and commercial intrusion detection and assessment; anti-counterfeiting/fraud detection technologies; industrial espionage detection and prevention; security barrier technology.

  11. 48 CFR 3052.204-70 - Security requirements for unclassified information technology resources.

    Science.gov (United States)

    2010-10-01

    ... unclassified information technology resources. 3052.204-70 Section 3052.204-70 Federal Acquisition Regulations... for unclassified information technology resources. As prescribed in (HSAR) 48 CFR 3004.470-3, insert a clause substantially the same as follows: Security Requirements for Unclassified Information Technology...

  12. Modeling and simulation for cyber-physical system security research, development and applications.

    Energy Technology Data Exchange (ETDEWEB)

    Pollock, Guylaine M.; Atkins, William Dee; Schwartz, Moses Daniel; Chavez, Adrian R.; Urrea, Jorge Mario; Pattengale, Nicholas; McDonald, Michael James; Cassidy, Regis H.; Halbgewachs, Ronald D.; Richardson, Bryan T.; Mulder, John C.

    2010-02-01

    This paper describes a new hybrid modeling and simulation architecture developed at Sandia for understanding and developing protections against and mitigations for cyber threats upon control systems. It first outlines the challenges to PCS security that can be addressed using these technologies. The paper then describes Virtual Control System Environments (VCSE) that use this approach and briefly discusses security research that Sandia has performed using VCSE. It closes with recommendations to the control systems security community for applying this valuable technology.

  13. Bridging the Gap from Networking Technologies to Applications: Workshop Report

    Science.gov (United States)

    Johnson, Marjory J.; desJardins, Richard

    2000-01-01

    The objective of the Next Generation Internet (NGI) Federal program is threefold, encompassing development of networking technologies, high-performance network testbeds, and revolutionary applications. There have been notable advances in emerging network technologies and several nationwide testbeds have been established, but the integration of emerging technologies into applications is lagging. To help bridge this gap between developers of NGI networking technologies and developers of NGI applications, the NASA Research and Education Network (NREN) project hosted a two-day workshop at NASA Ames Research Center in August 1999. This paper presents a summary of the results of this workshop and also describes some of the challenges NREN is facing while incorporating new technologies into HPCC and other NASA applications. The workshop focused on three technologies - Quality of Service (QoS), advanced multicast, and security-and five major NGI application areas - telemedicine, digital earth, digital video, distributed data-intensive applications, and computational infrastructure applications. Network technology experts, application developers, and NGI testbed representatives came together at the workshop to promote cross-fertilization between the groups. Presentations on the first day, including an overview of the three technologies, application case studies and testbed status reports, laid the foundation for discussions on the second day. The objective of these latter discussions, held within smaller breakout groups, was to establish a coherent picture of the current status of the various pieces of each of the three technologies, to create a roadmap outlining future technology development, and to offer technological guidance to application developers. In this paper we first present a brief overview of the NGI applications that were represented at the workshop, focusing on the identification of technological advances that have successfully been incorporated in each

  14. Dynamic secrets in communication security

    CERN Document Server

    Xiao, Sheng; Towsley, Donald

    2013-01-01

    Dynamic secrets are constantly generated and updated from messages exchanged between two communication users. When dynamic secrets are used as a complement to existing secure communication systems, a stolen key or password can be quickly and automatically reverted to its secret status without disrupting communication. 'Dynamic Secrets in Communication Security' presents unique security properties and application studies for this technology. Password theft and key theft no longer pose serious security threats when parties frequently use dynamic secrets. This book also illustrates that a dynamic

  15. Modern supercritical fluid technology for food applications.

    Science.gov (United States)

    King, Jerry W

    2014-01-01

    This review provides an update on the use of supercritical fluid (SCF) technology as applied to food-based materials. It advocates the use of the solubility parameter theory (SPT) for rationalizing the results obtained when employing sub- and supercritical media to food and nutrient-bearing materials and for optimizing processing conditions. Total extraction and fractionation of foodstuffs employing SCFs are compared and are illustrated by using multiple fluids and unit processes to obtain the desired food product. Some of the additional prophylactic benefits of using carbon dioxide as the processing fluid are explained and illustrated with multiple examples of commercial products produced using SCF media. I emphasize the role of SCF technology in the context of environmentally benign and sustainable processing, as well as its integration into an overall biorefinery concept. Conclusions are drawn in terms of current trends in the field and future research that is needed to secure new applications of the SCF platform as applied in food science and technology.

  16. Machine vision applications for physical security, quality assurance and personnel dosimetry

    International Nuclear Information System (INIS)

    Kar, S.; Shrikhande, S.V.; Suresh Babu, R.M.

    2016-01-01

    Machine vision is the technology used to provide imaging-based solutions to variety of applications, relevant to nuclear facilities and other industries. It uses computerized image analysis for automatic inspection, process control, object sorting, parts assembly, human identity authentication, and so on. In this article we discuss the in-house developed machine vision systems at EISD, BARC for three specific areas: Biometric recognition for physical security, visual inspection for QA of fuel pellets, and fast neutron personnel dosimetry. The advantages in using these systems include objective decision making, reduced man-rem, operational consistency, and capability of statistical quantitative analysis. (author)

  17. Fully simulatable quantum-secure coin-flipping and applications

    DEFF Research Database (Denmark)

    Lunemann, Carolin; Nielsen, Jesper Buus

    2011-01-01

    schemes which we show how to construct in the given setting. We then show that the interactive generation of random coins at the beginning or during outer protocols allows for quantum-secure realizations of classical schemes, again without any set-up assumptions. As example applications we discuss quantum...... zero-knowledge proofs of knowledge and quantum-secure two-party function evaluation. Both applications assume only fully simulatable coin-flipping and mixed commitments. Since our framework allows to construct fully simulatable coin-flipping from mixed commitments, this in particular shows that mixed...

  18. Security Guidelines for the Development of Accessible Web Applications through the implementation of intelligent systems

    Directory of Open Access Journals (Sweden)

    Luis Joyanes Aguilar

    2009-12-01

    Full Text Available Due to the significant increase in threats, attacks and vulnerabilities that affect the Web in recent years has resulted the development and implementation of pools and methods to ensure security measures in the privacy, confidentiality and data integrity of users and businesses. Under certain circumstances, despite the implementation of these tools do not always get the flow of information which is passed in a secure manner. Many of these security tools and methods cannot be accessed by people who have disabilities or assistive technologies which enable people to access the Web efficiently. Among these security tools that are not accessible are the virtual keyboard, the CAPTCHA and other technologies that help to some extent to ensure safety on the Internet and are used in certain measures to combat malicious code and attacks that have been increased in recent times on the Web. Through the implementation of intelligent systems can detect, recover and receive information on the characteristics and properties of the different tools and hardware devices or software with which the user is accessing a web application and through analysis and interpretation of these intelligent systems can infer and automatically adjust the characteristics necessary to have these tools to be accessible by anyone regardless of disability or navigation context. This paper defines a set of guidelines and specific features that should have the security tools and methods to ensure the Web accessibility through the implementation of intelligent systems.

  19. WIRELESS SENSOR NETWORKS – ARCHITECTURE, SECURITY REQUIREMENTS, SECURITY THREATS AND ITS COUNTERMEASURES

    OpenAIRE

    Ranjit Panigrahi; Kalpana Sharma; M.K. Ghose

    2013-01-01

    Wireless Sensor Network (WSN) has a huge range of applications such as battlefield, surveillance, emergency rescue operation and smart home technology etc. Apart from its inherent constraints such as limited memory and energy resources, when deployed in hostile environmental conditions, the sensor nodes are vulnerable to physical capture and other security constraints. These constraints put security as a major challenge for the researchers in the field of computer networking. T...

  20. Radiation Detection for Homeland Security Applications

    Science.gov (United States)

    Ely, James

    2008-05-01

    In the past twenty years or so, there have been significant changes in the strategy and applications for homeland security. Recently there have been significant at deterring and interdicting terrorists and associated organizations. This is a shift in the normal paradigm of deterrence and surveillance of a nation and the `conventional' methods of warfare to the `unconventional' means that terrorist organizations resort to. With that shift comes the responsibility to monitor international borders for weapons of mass destruction, including radiological weapons. As a result, countries around the world are deploying radiation detection instrumentation to interdict the illegal shipment of radioactive material crossing international borders. These efforts include deployments at land, rail, air, and sea ports of entry in the US and in European and Asian countries. Radioactive signatures of concern include radiation dispersal devices (RDD), nuclear warheads, and special nuclear material (SNM). Radiation portal monitors (RPMs) are used as the main screening tool for vehicles and cargo at borders, supplemented by handheld detectors, personal radiation detectors, and x-ray imaging systems. This talk will present an overview of radiation detection equipment with emphasis on radiation portal monitors. In the US, the deployment of radiation detection equipment is being coordinated by the Domestic Nuclear Detection Office within the Department of Homeland Security, and a brief summary of the program will be covered. Challenges with current generation systems will be discussed as well as areas of investigation and opportunities for improvements. The next generation of radiation portal monitors is being produced under the Advanced Spectroscopic Portal program and will be available for deployment in the near future. Additional technologies, from commercially available to experimental, that provide additional information for radiation screening, such as density imaging equipment, will

  1. Threats or threads: from usable security to secure experience

    DEFF Research Database (Denmark)

    Bødker, Susanne; Mathiasen, Niels Raabjerg

    2008-01-01

    While the domain of security dependent technologies brings new challenges to HCI research it seems that the results and breakthroughs of HCI have not been used in design of security dependent technologies. With exceptions, work in the research field of usable security may be criticized for focusing...... mainly on adjusting user behavior to behave securely. With our background in newer HCI perspectives we address secure interaction from the perspective of security technology as experience. We analyze a number of collected user stories to understand what happens when everyday users encounter security...... dependent technologies. We apply McCarthy & Wright's [12] experience framework to the security domain and our collected stories. We point out that there are significant differences between being secure and having a secure experience, and conclude that classical usable security, focus on people's immediate...

  2. Security Awareness in Software-Defined Multi-Domain 5G Networks

    Directory of Open Access Journals (Sweden)

    Jani Suomalainen

    2018-03-01

    Full Text Available Fifth generation (5G technologies will boost the capacity and ease the management of mobile networks. Emerging virtualization and softwarization technologies enable more flexible customization of network services and facilitate cooperation between different actors. However, solutions are needed to enable users, operators, and service providers to gain an up-to-date awareness of the security and trustworthiness of 5G systems. We describe a novel framework and enablers for security monitoring, inferencing, and trust measuring. The framework leverages software-defined networking and big data technologies to customize monitoring for different applications. We present an approach for sharing security measurements across administrative domains. We describe scenarios where the correlation of multi-domain information improves the accuracy of security measures with respect to two threats: end-user location tracking and Internet of things (IoT authentication storms. We explore the security characteristics of data flows in software networks dedicated to different applications with a mobile network testbed.

  3. Assessment of the Technological Changes Impact on the Sustainability of State Security System of Ukraine

    Directory of Open Access Journals (Sweden)

    Olexandr Yemelyanov

    2018-04-01

    Full Text Available Currently, the governments of many countries are facing with a lack of funds for financing programs for social protection of population. Among the causes of this problem, we can indicate the high unemployment rate, which, among other things, is due to implementation of labor-saving technologies. The purpose of this work is to study the impact of technological changes on the sustainability of the state social security system in Ukraine. The general approaches to the assessment of the stability of the state social security system are described. The simulation of the effect of economically efficient technological changes on the company’s income and expenses was carried out. Some patterns of such changes are established. The group of productive technological changes types is presented. The model is developed, and an indicator of the impact estimation of efficiently effective technological changes on the stability of the state social security system is proposed. The analysis of the main indicators of the state social security system functioning of Ukraine is carried out. The dynamics of indicators characterizing the labor market of Ukraine is analyzed. The influence of changes in labor productivity on costs and profits by industries of Ukraine is estimated. The evaluation of the impact of economically efficient technological changes in the industries of Ukraine on the stability of its state social security system is carried out. The different state authorities can use the obtained results for developing measures to manage the sustainability of the state social security system.

  4. A Holistic Approach to Securing Web Applications

    OpenAIRE

    Stankovic, Srdjan; Simic, Dejan

    2010-01-01

    Protection of Web applications is an activity that requires constant monitoring of security threats as well as looking for solutions in this field. Since protection has moved from the lower layers of OSI models to the application layer and having in mind the fact that 75% of all the attacks are performed at the application layer, special attention should be paid to the application layer. It is possible to improve protection of Web application on the level of the system architecture by introdu...

  5. Security Assessment of Web Based Distributed Applications

    Directory of Open Access Journals (Sweden)

    Catalin BOJA

    2010-01-01

    Full Text Available This paper presents an overview about the evaluation of risks and vulnerabilities in a web based distributed application by emphasizing aspects concerning the process of security assessment with regards to the audit field. In the audit process, an important activity is dedicated to the measurement of the characteristics taken into consideration for evaluation. From this point of view, the quality of the audit process depends on the quality of assessment methods and techniques. By doing a review of the fields involved in the research process, the approach wants to reflect the main concerns that address the web based distributed applications using exploratory research techniques. The results show that many are the aspects which must carefully be worked with, across a distributed system and they can be revealed by doing a depth introspective analyze upon the information flow and internal processes that are part of the system. This paper reveals the limitations of a non-existing unified security risk assessment model that could prevent such risks and vulnerabilities debated. Based on such standardize models, secure web based distributed applications can be easily audited and many vulnerabilities which can appear due to the lack of access to information can be avoided.

  6. Security research roadmap; Security-tutkimuksen roadmap

    Energy Technology Data Exchange (ETDEWEB)

    Naumanen, M.; Rouhiainen, V. (eds.)

    2006-02-15

    Requirements for increasing security have arisen in Europe after highly visible and tragic events in Madrid and in London. While responsibility for security rests largely with the national activities, the EU has also started planning a research area .Space and security. as a part of the 7th Framework Programme. As the justification for this research area it has been presented that technology alone can not assure security, but security can not be assured without the support of technology. Furthermore, the justification highlights that security and military research are becoming ever closer. The old separation between civil and military research is decreasing, because it has been noticed that both areas are nowadays utilising the same knowledge. In Finland, there is already now noteworthy entrepreneurship related to security. Although some of the companies are currently only operating in Finland, others are already international leaders in their area. The importance of the security area is increasing and remarkable potential for new growth business areas can already be identified. This however also requires an increase in research efforts. VTT has a broad range of security research ongoing in many technology areas. The main areas have been concentrating on public safety and security, but VTT is participating also in several research projects related to the defence technology. For identifying and defining in more detail the expertise and research goals, the Security research roadmap was developed. The roadmap identified three particularly significant areas related to security. The assurance of critical infrastructure emphasises the protection of energy networks, information networks, water supply, traffic and transport, and obviously also the citizens. For assuring the activities of entrepreneurship, significant areas include the security of production and services, the security of sites and assets, and information security for embedded systems. The most important

  7. The research of computer network security and protection strategy

    Science.gov (United States)

    He, Jian

    2017-05-01

    With the widespread popularity of computer network applications, its security is also received a high degree of attention. Factors affecting the safety of network is complex, for to do a good job of network security is a systematic work, has the high challenge. For safety and reliability problems of computer network system, this paper combined with practical work experience, from the threat of network security, security technology, network some Suggestions and measures for the system design principle, in order to make the masses of users in computer networks to enhance safety awareness and master certain network security technology.

  8. Security Testing in Agile Web Application Development - A Case Study Using the EAST Methodology

    CERN Document Server

    Erdogan, Gencer

    2010-01-01

    There is a need for improved security testing methodologies specialized for Web applications and their agile development environment. The number of web application vulnerabilities is drastically increasing, while security testing tends to be given a low priority. In this paper, we analyze and compare Agile Security Testing with two other common methodologies for Web application security testing, and then present an extension of this methodology. We present a case study showing how our Extended Agile Security Testing (EAST) performs compared to a more ad hoc approach used within an organization. Our working hypothesis is that the detection of vulnerabilities in Web applications will be significantly more efficient when using a structured security testing methodology specialized for Web applications, compared to existing ad hoc ways of performing security tests. Our results show a clear indication that our hypothesis is on the right track.

  9. Beyond RFID : the NFC Security Landscape

    NARCIS (Netherlands)

    Hoepman, J.H.; Siljee, B.I.J.

    2007-01-01

    For applications like mobile payments for which the use of NFC technology is considered, security is of paramount importance. This whitepaper discusses the main risks associated with using NFC technology, and the possible countermeasures that can be used to mitigate those risks.

  10. A case for avoiding security-enhanced HTTP tools to improve security for Web-based applications

    Energy Technology Data Exchange (ETDEWEB)

    Wood, B.

    1996-03-01

    This paper describes some of the general weaknesses of the current popular Hypertext Transmission Protocol (HTTP) security standards and products in an effort to show that these standards are not appealing for many applications. The author will then show how one can treat HTTP browsers and servers as untrusted elements in the network so that one can rely on other mechanisms to achieve better overall security than can be attained through today`s security-enhanced HTTP tools.

  11. Aerospace Technologies and Applications for Dual Use

    DEFF Research Database (Denmark)

    Events which occurred over the past years have shown how the threat related to both intentional and natural disasters could bring the civil and the miliary worlds closer in the conception and deployment of countermeasures, as well as in the identification of effective strategies for enhancing...... the Planet safety and security. In this frame, the concept of dual use - the set of technologies and applications that can be exploied for both civil and military purposes - becomes a key-topic. In addition, the aerospace is a strategic building block in the deployment of a network centric environment...... that aims at the global protection of the mankind. Aeropsace is also a natural environment for dual use: many of the related enabling technologies have been first developed for the military world and then applied to civil - including commercial - purposes....

  12. Security and privacy in smart grids

    CERN Document Server

    Xiao, Yang

    2013-01-01

    Presenting the work of prominent researchers working on smart grids and related fields around the world, Security and Privacy in Smart Grids identifies state-of-the-art approaches and novel technologies for smart grid communication and security. It investigates the fundamental aspects and applications of smart grid security and privacy and reports on the latest advances in the range of related areas-making it an ideal reference for students, researchers, and engineers in these fields. The book explains grid security development and deployment and introduces novel approaches for securing today'

  13. PACFEST 2004 : enabling technologies for maritime security in the Pacific region.

    Energy Technology Data Exchange (ETDEWEB)

    Moore, Judy Hennessey; Whitley, John B.; Chellis, Craig (Pacific Disaster Center, Kihei, HI)

    2005-06-01

    In October of 2003 experts involved in various aspects of homeland security from the Pacific region met to engage in a free-wheeling discussion and brainstorming (a 'fest') on the role that technology could play in winning the war on terrorism in the Pacific region. The result was a concise and relatively thorough definition of the terrorism problem in the Pacific region, emphasizing the issues unique to Island nations in the Pacific setting, along with an action plan for developing working demonstrations of advanced technological solutions to these issues. Since PacFest 2003, the maritime dimensions of the international security environment have garnered increased attention and interest. To this end, PacFest 2004 sought to identify gaps and enabling technologies for maritime domain awareness and responsive decision-making in the Asia-Pacific region. The PacFest 2004 participants concluded that the technologies and basic information building blocks exist to create a system that would enable the Pacific region government and private organizations to effectively collaborate and share their capabilities and information concerning maritime security. The proposed solution summarized in this report integrates national environments in real time, thereby enabling effective prevention and first response to natural and terrorist induced disasters through better use of national and regional investments in people, infrastructure, systems, processes and standards.

  14. 6 CFR 25.9 - Procedures for certification of approved products for Homeland Security.

    Science.gov (United States)

    2010-01-01

    ... Procedures for certification of approved products for Homeland Security. (a) Application Procedure. An applicant seeking a Certification of anti-terrorism Technology as an Approved Product for Homeland Security... application for renewal must be made using the “Application for Certification of an Approved Product for...

  15. Increasing Distributed IT&C Application Security

    Directory of Open Access Journals (Sweden)

    Ion IVAN

    2013-01-01

    Full Text Available The development of distributed IT & C applications – DIA is presented alongside their main characteristics and the actors involved in activities through-out their lifecycle are identified in the before-mentioned scope. Aspects pertaining security risks, as well as methods of enhancing security, are detailed by DIA architectural features. The analysis includes risk elements, vulnerabilities, means of enhancing the behavior of the system, as well as a hierarchical feature dependency model based on a qualitative assessment of DIA security features, obtained through an inquiry in the common means of protection used by Romanian professionals, as well as their prioritization in the context of limited resources. A graph-based model of feature interactions is built. The last section deals with the ways of improving risk detection methods, as derived from the answers and features presented.

  16. Information fusion for cyber-security analytics

    CERN Document Server

    Karabatis, George; Aleroud, Ahmed

    2017-01-01

    This book highlights several gaps that have not been addressed in existing cyber security research. It first discusses the recent attack prediction techniques that utilize one or more aspects of information to create attack prediction models. The second part is dedicated to new trends on information fusion and their applicability to cyber security; in particular, graph data analytics for cyber security, unwanted traffic detection and control based on trust management software defined networks, security in wireless sensor networks & their applications, and emerging trends in security system design using the concept of social behavioral biometric. The book guides the design of new commercialized tools that can be introduced to improve the accuracy of existing attack prediction models. Furthermore, the book advances the use of Knowledge-based Intrusion Detection Systems (IDS) to complement existing IDS technologies. It is aimed towards cyber security researchers. .

  17. Implementing Information Security and Its Technology: A LineManagement Perspective

    Energy Technology Data Exchange (ETDEWEB)

    Barletta, William A.

    2005-08-22

    Assuring the security and privacy of institutionalinformation assets is a complex task for the line manager responsible forinternational and multi-national transactions. In the face of an unsureand often conflicting international legal framework, the line managermust employ all available tools in an Integrated Security and PrivacyManagement framework that ranges from legal obligations, to policy, toprocedure, to cutting edge technology to counter the rapidly evolvingcyber threat to information assets and the physical systems thatinformation systems control.

  18. 76 FR 41274 - Committee Name: Homeland Security Science and Technology Advisory Committee (HSSTAC)

    Science.gov (United States)

    2011-07-13

    ..., cyber-security, knowledge management and how best to leverage related technologies funded by other... Science and Technology Advisory Committee (HSSTAC) ACTION: Committee Management; Notice of Federal... FURTHER INFORMATION CONTACT: Mary Hanson, HSSTAC Executive Director, Science and Technology Directorate...

  19. Application distribution model and related security attacks in VANET

    Science.gov (United States)

    Nikaein, Navid; Kanti Datta, Soumya; Marecar, Irshad; Bonnet, Christian

    2013-03-01

    In this paper, we present a model for application distribution and related security attacks in dense vehicular ad hoc networks (VANET) and sparse VANET which forms a delay tolerant network (DTN). We study the vulnerabilities of VANET to evaluate the attack scenarios and introduce a new attacker`s model as an extension to the work done in [6]. Then a VANET model has been proposed that supports the application distribution through proxy app stores on top of mobile platforms installed in vehicles. The steps of application distribution have been studied in detail. We have identified key attacks (e.g. malware, spamming and phishing, software attack and threat to location privacy) for dense VANET and two attack scenarios for sparse VANET. It has been shown that attacks can be launched by distributing malicious applications and injecting malicious codes to On Board Unit (OBU) by exploiting OBU software security holes. Consequences of such security attacks have been described. Finally, countermeasures including the concepts of sandbox have also been presented in depth.

  20. Advances in Intelligence and Security Informatics

    CERN Document Server

    Mao, Wenji

    2012-01-01

    The Intelligent Systems Series comprises titles that present state of the art knowledge and the latest advances in intelligent systems. Its scope includes theoretical studies, design methods, and real-world implementations and applications. Traditionally, Intelligence and Security Informatics (ISI) research and applications have focused on information sharing and data mining, social network analysis, infrastructure protection and emergency responses for security informatics. With the continuous advance of IT technologies and the increasing sophistication of national and international securi

  1. Factors affecting food security and contribution of modern technologies in food sustainability.

    Science.gov (United States)

    Premanandh, Jagadeesan

    2011-12-01

    The concept of food insecurity is complex and goes beyond the simplistic idea of a country's inability to feed its population. The global food situation is redefined by many driving forces such as population growth, availability of arable lands, water resources, climate change and food availability, accessibility and loss. The combined effect of these factors has undeniably impacted global food production and security. This article reviews the key factors influencing global food insecurity and emphasises the need to adapt science-based technological innovations to address the issue. Although anticipated benefits of modern technologies suggest a level of food production that will sustain the global population, both political will and sufficient investments in modern agriculture are needed to alleviate the food crisis in developing countries. In this globalised era of the 21st century, many determinants of food security are trans-boundary and require multilateral agreements and actions for an effective solution. Food security and hunger alleviation on a global scale are within reach provided that technological innovations are accepted and implemented at all levels. Copyright © 2011 Society of Chemical Industry.

  2. After globalization future security in a technology rich world

    Energy Technology Data Exchange (ETDEWEB)

    Gilmartin, T J

    2000-02-12

    Over the course of the year 2000, five one-day workshops were conducted by the Center for Global Security Research at the Lawrence Livermore National Laboratory on threats that might come against the US and its allies in the 2015 to 2020 timeframe due to the global availability of advanced technology. These workshops focused on threats that are enabled by nuclear, missile, and space technology; military technology; information technology; bio technology; and geo systems technology. In December, an Integration Workshop and Senior Review before national leaders and experts were held. The participants and reviewers were invited from the DOE National Laboratories, the DOD Services, OSD, DTRA, and DARPA, the DOS, NASA, Congressional technical staff, the intelligence community, universities and university study centers, think tanks, consultants on national security issues, and private industry. For each workshop the process of analysis involved identification and prioritization of the participants' perceived most severe threat scenarios (worst nightmares), discussion of the technologies which enabled those threats, and ranking of the technologies' threat potentials. We were not concerned in this exercise with defining responses, although our assessment of each threat's severity included consideration of the ease or difficulty with which it might be countered. At the concluding Integration Workshop and Senior Panel Review, we brought the various workshops' participants together, added senior participant/reviewers with broad experience and responsibility, and discussed the workshop findings to determine what is most certain, and uncertain, and what might be needed to resolve our uncertainties. This document reports the consensus and important variations of both the reviewers and the participants. In all, 45 threats over a wide range of lethality and probability of occurrence were identified. Over 60 enabling technologies were also discussed. These are

  3. Design optimization for security-and safety-critical distributed real-time applications

    DEFF Research Database (Denmark)

    Jiang, Wei; Pop, Paul; Jiang, Ke

    2016-01-01

    requirements on confidentiality of messages, task replication is used to enhance system reliability, and dynamic voltage and frequency scaling is used for energy efficiency of tasks. It is challenging to address these factors simultaneously, e.g., better security protections need more computing resources......In this paper, we are interested in the design of real-time applications with security, safety, timing, and energy requirements. The applications are scheduled with cyclic scheduling, and are mapped on distributed heterogeneous architectures. Cryptographic services are deployed to satisfy security...... and consume more energy, while lower voltages and frequencies may impair schedulability and security, and also lead to reliability degradation. We introduce a vulnerability based method to quantify the security performance of communications on distributed systems. We then focus on determining the appropriate...

  4. Relevance of Clean Coal Technology for India’s Energy Security: A Policy Perspective

    Science.gov (United States)

    Garg, Amit; Tiwari, Vineet; Vishwanathan, Saritha

    2017-07-01

    Climate change mitigation regimes are expected to impose constraints on the future use of fossil fuels in order to reduce greenhouse gas (GHG) emissions. In 2015, 41% of total final energy consumption and 64% of power generation in India came from coal. Although almost a sixth of the total coal based thermal power generation is now super critical pulverized coal technology, the average CO2 emissions from the Indian power sector are 0.82 kg-CO2/kWh, mainly driven by coal. India has large domestic coal reserves which give it adequate energy security. There is a need to find options that allow the continued use of coal while considering the need for GHG mitigation. This paper explores options of linking GHG emission mitigation and energy security from 2000 to 2050 using the AIM/Enduse model under Business-as-Usual scenario. Our simulation analysis suggests that advanced clean coal technologies options could provide promising solutions for reducing CO2 emissions by improving energy efficiencies. This paper concludes that integrating climate change security and energy security for India is possible with a large scale deployment of advanced coal combustion technologies in Indian energy systems along with other measures.

  5. Implementing an Information Security Program

    Energy Technology Data Exchange (ETDEWEB)

    Glantz, Clifford S.; Lenaeus, Joseph D.; Landine, Guy P.; O' Neil, Lori Ross; Leitch, Rosalyn; Johnson, Christopher; Lewis, John G.; Rodger, Robert M.

    2017-11-01

    The threats to information security have dramatically increased with the proliferation of information systems and the internet. Chemical, biological, radiological, nuclear, and explosives (CBRNe) facilities need to address these threats in order to protect themselves from the loss of intellectual property, theft of valuable or hazardous materials, and sabotage. Project 19 of the European Union CBRN Risk Mitigation Centres of Excellence Initiative is designed to help CBRN security managers, information technology/cybersecurity managers, and other decision-makers deal with these threats through the application of cost-effective information security programs. Project 19 has developed three guidance documents that are publically available to cover information security best practices, planning for an information security management system, and implementing security controls for information security.

  6. A Study Of Cyber Security Challenges And Its Emerging Trends On Latest Technologies

    OpenAIRE

    Reddy, G. Nikhita; Reddy, G. J. Ugander

    2014-01-01

    Cyber Security plays an important role in the field of information technology .Securing the information have become one of the biggest challenges in the present day. When ever we think about the cyber security the first thing that comes to our mind is cyber crimes which are increasing immensely day by day. Various Governments and companies are taking many measures in order to prevent these cyber crimes. Besides various measures cyber security is still a very big concern to many. This paper ma...

  7. Mobile Technology: The Foundation for an Engaged and Secure Campus Community

    Science.gov (United States)

    Chapel, Edward

    2008-01-01

    Montclair State University, a public New Jersey institution with more than 17,000 students enrolled, has harnessed the cell phone and cellular broadband technology to foster a stronger sense of community and provide students with a safe, secure, and rich learning environment. This paper discusses the potential for new technologies to foster…

  8. The application of algorithm in taxi security system

    Science.gov (United States)

    Luo, Chengyu

    2017-08-01

    With the booming of the society and economy today, Taxis and private cars have gradually become one of the most popular tools in transportation for their low price and convenience. However, because of the breakdown in the security system, a few accidents occurred due to the illegal taxi. The unreliable security management has attributed to the lack of trust in taxi companies and relevant regulatory authorities, which considered to be the reason why people are worried about it. Accordingly, we put forward a design for a taxi security system, making use of modern technology such as NFC, iBeacon, GPS combined with algorithms, automatically recognize the taxi we take, and reflecting basic information of taxi and driver on our mobile phone.

  9. Performance Testing of Homeland Security Technologies in U.S. EPA's Environmental Technology Verification (ETV) Program

    National Research Council Canada - National Science Library

    Kelly, Thomas J; Hofacre, Kent C; Derringer, Tricia L; Riggs, Karen B; Koglin, Eric N

    2004-01-01

    ... (reports and test plans available at www.epa.gov/etv). In the aftermath of the terrorist attacks of September 11, 2001, the ETV approach has also been employed in performance tests of technologies relevant to homeland security (HS...

  10. NASA technology applications team: Applications of aerospace technology

    Science.gov (United States)

    1993-01-01

    This report covers the activities of the Research Triangle Institute (RTI) Technology Applications Team for the period 1 October 1992 through 30 September 1993. The work reported herein was supported by the National Aeronautics and Space Administration (NASA), Contract No. NASW-4367. Highlights of the RTI Applications Team activities over the past year are presented in Section 1.0. The Team's progress in fulfilling the requirements of the contract is summarized in Section 2.0. In addition to our market-driven approach to applications project development, RTI has placed increased effort on activities to commercialize technologies developed at NASA Centers. These Technology Commercialization efforts are summarized in Section 3.0. New problem statements prepared by the Team in the reporting period are presented in Section 4.0. The Team's transfer activities for ongoing projects with the NASA Centers are presented in Section 5.0. Section 6.0 summarizes the status of four add-on tasks. Travel for the reporting period is described in Section 7.0. The RTI Team staff and consultants and their project responsibilities are listed in Appendix A. Appendix B includes Technology Opportunity Announcements and Spinoff! Sheets prepared by the Team while Appendix C contains a series of technology transfer articles prepared by the Team.

  11. An aspect-oriented methodology for designing secure applications

    NARCIS (Netherlands)

    Georg, Geri; Ray, Indrakshi; Anastasakis, Kyriakos; Bordbar, Behzad; Toahchoodee, Manachai; Houmb, S.H.

    We propose a methodology, based on aspect-oriented modeling (AOM), for incorporating security mechanisms in an application. The functionality of the application is described using the primary model and the attacks are specified using aspects. The attack aspect is composed with the primary model to

  12. Biometric Template Security

    OpenAIRE

    Abhishek Nagar; Karthik Nandakumar; Anil K. Jain

    2008-01-01

    Biometric recognition offers a reliable solution to the problem of user authentication in identity management systems. With the widespread deployment of biometric systems in various applications, there are increasing concerns about the security and privacy of biometric technology. Public acceptance of biometrics technology will depend on the ability of system designers to demonstrate that these systems are robust, have low error rates, and are tamper proof. We present a high-level categorizat...

  13. URANOS: User-Guided Rewriting for Plugin-Enabled ANdroid ApplicatiOn Security

    OpenAIRE

    Schreckling , Daniel; Huber , Stephan; Höhne , Focke; Posegga , Joachim

    2013-01-01

    Part 2: Mobile Security; International audience; URANOS is an Android application which uses syntactical static analysis to determine in which component of an Android application a permission is required. This work describes how the detection and analysis of widely distributed and security critical ad-ware plugins is achieved. We show, how users can trigger bytecode rewriting to (de)activate selected or redundant permissions in Android applications without sacrificing functionality. The paper...

  14. Cloud Computing Application of Personal Information's Security in Network Sales-channels

    OpenAIRE

    Sun Qiong; Min Liu; Shiming Pang

    2013-01-01

    With the promotion of Internet sales, the security of personal information to network users have become increasingly demanding. The existing network of sales channels has personal information security risks, vulnerable to hacker attacking. Taking full advantage of cloud security management strategy, cloud computing security management model is introduced to the network sale of personal information security applications, which is to solve the problem of information leakage. Then we proposed me...

  15. [Application of patient card technology to health care].

    Science.gov (United States)

    Sayag, E; Danon, Y L

    1995-03-15

    The potential benefits of patient card technology in improving management and delivery of health services have been explored. Patient cards can be used for numerous applications and functions: as a means of identification, as a key for an insurance payment system, and as a communication medium. Advanced card technologies allow for the storage of data on the card, creating the possibility of a comprehensive and portable patient record. There are many types of patient cards: paper or plastic cards, microfilm cards, bar-code cards, magnetic-strip cards and integrated circuit smart-cards. Choosing the right card depends on the amount of information to be stored, the degree of security required and the cost of the cards and their supporting infrastructure. Problems with patient cards are related to storage capacity, backup and data consistency, access authorization and ownership and compatibility. We think it is worth evaluating the place of patient card technology in the delivery of health services in Israel.

  16. Innovative Secure Mobile Banking Services

    Directory of Open Access Journals (Sweden)

    Mousa T AL-Akhras

    2011-01-01

    Full Text Available Due to the widespread use of computer technologies in almost all aspects of life, organisations that are connected to the Internet started extending their services to their customers to include new applications and services that satisfy their customers’ desires to make better businesses. One of these emerging applications is mobile banking. The term mobile banking (or m-banking describes the banking services that the user can perform via a mobile device ubiquitously at anytime and from anywhere. In order for users to access their accounts, they need a mobile device and network connectivity. Therefore, sitting in front of a computer is not a requirement anymore; accessing accounts can occur while users are waiting their turn at the dentist clinic or relaxing at the beach! This paper explores the opportunities of using mobile technology in the electronic banking (e-banking sector to enhance existing banking services by moving toward m-banking using mobile devices and wireless media that can provide opportunities for ubiquitous access to the banking services as mobile technologies can be used at anytime and from anywhere. The technical problems encountered while using the mobile devices presents some technical difficulties and challenges for the m-banking. In this paper we introduce a mobile system that demonstrates the flexibility gained out of this technology and covers the major aspects of such kind of applications. The proposed system covers two parts: the customer services (user interface and the security aspects. In the user interface part, banking facility is provided to the user through the mobile device to implement banking transactions. The model provides customers with the services: billing payments, transferring of funds, viewing of customer’s accounts and transactions, allowing the user to change his/her password and request a cheque book. The application takes into consideration security aspects, it satisfies the following

  17. Open source systems security certification

    CERN Document Server

    Damiani, Ernesto; El Ioini, Nabil

    2009-01-01

    Open Source Advances in Computer Applications book series provides timely technological and business information for: Enabling Open Source Systems (OSS) to become an integral part of systems and devices produced by technology companies; Inserting OSS in the critical path of complex network development and embedded products, including methodologies and tools for domain-specific OSS testing (lab code available), plus certification of security, dependability and safety properties for complex systems; Ensuring integrated systems, including OSS, meet performance and security requirements as well as achieving the necessary certifications, according to the overall strategy of OSS usage on the part of the adopter

  18. Technology Applications Team: Applications of aerospace technology

    Science.gov (United States)

    1993-01-01

    Highlights of the Research Triangle Institute (RTI) Applications Team activities over the past quarter are presented in Section 1.0. The Team's progress in fulfilling the requirements of the contract is summarized in Section 2.0. In addition to our market-driven approach to applications project development, RTI has placed increased effort on activities to commercialize technologies developed at NASA Centers. These Technology Commercialization efforts are summarized in Section 3.0. New problem statements prepared by the Team in the reporting period are presented in Section 4.0. The Team's transfer activities for ongoing projects with the NASA Centers are presented in Section 5.0. Section 6.0 summarizes the status of four add-on tasks. Travel for the reporting period is described in Section 7.0. The RTI Team staff and consultants and their project responsibilities are listed in Appendix A. The authors gratefully acknowledge the contributions of many individuals to the RTI Technology Applications Team program. The time and effort contributed by managers, engineers, and scientists throughout NASA were essential to program success. Most important to the program has been a productive working relationship with the NASA Field Center Technology Utilization (TU) Offices. The RTI Team continues to strive for improved effectiveness as a resource to these offices. Industry managers, technical staff, medical researchers, and clinicians have been cooperative and open in their participation. The RTI Team looks forward to continuing expansion of its interaction with U.S. industry to facilitate the transfer of aerospace technology to the private sector.

  19. Review of Enabling Technologies to Facilitate Secure Compute Customization

    Energy Technology Data Exchange (ETDEWEB)

    Aderholdt, Ferrol [Tennessee Technological University; Caldwell, Blake A [ORNL; Hicks, Susan Elaine [ORNL; Koch, Scott M [ORNL; Naughton, III, Thomas J [ORNL; Pelfrey, Daniel S [ORNL; Pogge, James R [Tennessee Technological University; Scott, Stephen L [Tennessee Technological University; Shipman, Galen M [ORNL; Sorrillo, Lawrence [ORNL

    2014-12-01

    environments. As part of our technology review we analyzed several current virtualization solutions to assess their vulnerabilities. This included a review of common vulnerabilities and exposures (CVEs) for Xen, KVM, LXC and Docker to gauge their susceptibility to different attacks. The complete details are provided in Section 5 on page 33. Based on this review we concluded that system-level virtualization solutions have many more vulnerabilities than OS level virtualization solutions. As such, security mechanisms like sVirt (Section 3.3) should be considered when using system-level virtualization solutions in order to protect the host against exploits. The majority of vulnerabilities related to KVM, LXC, and Docker are in specific regions of the system. Therefore, future "zero day attacks" are likely to be in the same regions, which suggests that protecting these areas can simplify the protection of the host and maintain the isolation between users. The evaluations of virtualization technologies done thus far are discussed in Section 4. This includes experiments with 'user' namespaces in VEs, which provides the ability to isolate user privileges and allow a user to run with different UIDs within the container while mapping them to non-privileged UIDs in the host. We have identified Linux namespaces as a promising mechanism to isolate shared resources, while maintaining good performance. In Section 4.1 we describe our tests with LXC as a non-root user and leveraging namespaces to control UID/GID mappings and support controlled sharing of parallel file-systems. We highlight several of these namespace capabilities in Section 6.2.3. The other evaluations that were performed during this initial phase of work provide baseline performance data for comparing VEs and VMs to purely native execution. In Section 4.2 we performed tests using the High-Performance Computing Conjugate Gradient (HPCCG) benchmark to establish baseline performance for a scientific application when run

  20. Wireless sensors and sensor networks for homeland security applications.

    Science.gov (United States)

    Potyrailo, Radislav A; Nagraj, Nandini; Surman, Cheryl; Boudries, Hacene; Lai, Hanh; Slocik, Joseph M; Kelley-Loughnane, Nancy; Naik, Rajesh R

    2012-11-01

    New sensor technologies for homeland security applications must meet the key requirements of sensitivity to detect agents below risk levels, selectivity to provide minimal false-alarm rates, and response speed to operate in high throughput environments, such as airports, sea ports, and other public places. Chemical detection using existing sensor systems is facing a major challenge of selectivity. In this review, we provide a brief summary of chemical threats of homeland security importance; focus in detail on modern concepts in chemical sensing; examine the origins of the most significant unmet needs in existing chemical sensors; and, analyze opportunities, specific requirements, and challenges for wireless chemical sensors and wireless sensor networks (WSNs). We further review a new approach for selective chemical sensing that involves the combination of a sensing material that has different response mechanisms to different species of interest, with a transducer that has a multi-variable signal-transduction ability. This new selective chemical-sensing approach was realized using an attractive ubiquitous platform of battery-free passive radio-frequency identification (RFID) tags adapted for chemical sensing. We illustrate the performance of RFID sensors developed in measurements of toxic industrial materials, humidity-independent detection of toxic vapors, and detection of chemical-agent simulants, explosives, and strong oxidizers.

  1. Food Security, Institutional Framework and Technology: Examining the Nexus in Nigeria Using ARDL Approach.

    Science.gov (United States)

    Osabohien, Romanus; Osabuohien, Evans; Urhie, Ese

    2018-04-01

    Growth in agricultural science and technology is deemed essential for in-creasing agricultural output; reduce the vulnerability of rural poverty and in turn, food security. Food security and growth in agricultural output depends on technological usages, which enhances the pro-ductive capacity of the agricultural sector. The indicators of food security utilised in this study in-clude: dietary energy supply, average value of food production, prevalence of food inadequacy, among others. In this paper, we examined the level of technology and how investment in the agriculture and technology can improve technical know-how in Nigeria with a view to achieving food security. We carried out the analysis on how investment in technology and institutional framework can improve the level of food availability (a key component of food security) in Nigeria using econ-ometric technique based on Autoregressive Distribution Lag (ARDL) framework. The results showed, inter alia, that in Nigeria, there is a high level of food insecurity as a result of low attention on food production occasioned by the pervasive influence of oil that become the major export product. It was noted that the availability of arable land was one of the major factors to increase food production to solve the challenge of food insecurity. Thus, the efforts of reducing the rate of food insecurity are essential in this regards. This can also be achieved, among others, by active interactions between government and farmers, to make contribution to important planning issues that relate to food production in the country and above all, social protection policies should be geared or channelled to agricultural sector to protect farmers who are vulnerable to shocks and avert risks associated with agriculture.

  2. A Method of Signal Scrambling to Secure Data Storage for Healthcare Applications.

    Science.gov (United States)

    Bao, Shu-Di; Chen, Meng; Yang, Guang-Zhong

    2017-11-01

    A body sensor network that consists of wearable and/or implantable biosensors has been an important front-end for collecting personal health records. It is expected that the full integration of outside-hospital personal health information and hospital electronic health records will further promote preventative health services as well as global health. However, the integration and sharing of health information is bound to bring with it security and privacy issues. With extensive development of healthcare applications, security and privacy issues are becoming increasingly important. This paper addresses the potential security risks of healthcare data in Internet-based applications and proposes a method of signal scrambling as an add-on security mechanism in the application layer for a variety of healthcare information, where a piece of tiny data is used to scramble healthcare records. The former is kept locally and the latter, along with security protection, is sent for cloud storage. The tiny data can be derived from a random number generator or even a piece of healthcare data, which makes the method more flexible. The computational complexity and security performance in terms of theoretical and experimental analysis has been investigated to demonstrate the efficiency and effectiveness of the proposed method. The proposed method is applicable to all kinds of data that require extra security protection within complex networks.

  3. 48 CFR 339.7102 - Applicability.

    Science.gov (United States)

    2010-10-01

    ... CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY Information Security Management 339.7102 Applicability. Contracting Officers are responsible for ensuring that all information technology acquisitions comply with the Federal Information Security Management Act (FISMA), the HHS-OCIO Information Systems Security and Privacy...

  4. Microsoft Technology as an Optimization Tool in Promoting Security and Functionality of the Educational System

    Directory of Open Access Journals (Sweden)

    Jelena Jardas Antonic

    2008-10-01

    Full Text Available Abstract - In the cooperation with the City of Rijeka, the project of analysis of the functional and security situation of information infrastructure has been initiated in 24 schools in the authority of the city. Having completed the multicriteria analysis of the collected data, we have built a model of implementing Microsoft service technologies. The implementation should satisfy the elementary security principles that are required by the security standards today, maximizing functionality of infrastructure and minimizing network administration tasks. Server technology that has been used in this solution is Microsoft Widows 2003 Server R2 and Internet Security and Acceleration Server 2006, as well as the GFI WebMonitor and antivirus.

  5. Research on the application of wisdom technology in smart city

    Science.gov (United States)

    Li, Juntao; Ma, Shuai; Gu, Weihua; Chen, Weiyi

    2015-12-01

    This paper first analyzes the concept of smart technology, the relationship between wisdom technology and smart city, and discusses the practical application of IOT(Internet of things) in smart city to explore a better way to realize smart city; then Introduces the basic concepts of cloud computing and smart city, and explains the relationship between the two; Discusses five advantages of cloud computing that applies to smart city construction: a unified and highly efficient, large-scale infrastructure software and hardware management, service scheduling and resource management, security control and management, energy conservation and management platform layer, and to promote modern practical significance of the development of services, promoting regional social and economic development faster. Finally, a brief description of the wisdom technology and smart city management is presented.

  6. Security of legacy process control systems : Moving towards secure process control systems

    NARCIS (Netherlands)

    Oosterink, M.

    2012-01-01

    This white paper describes solutions which organisations may use to improve the security of their legacy process control systems. When we refer to a legacy system, we generally refer to old methodologies, technologies, computer systems or applications which are still in use, despite the fact that

  7. Security Expertise

    DEFF Research Database (Denmark)

    systematic study of security expertise and opens up a productive dialogue between science and technology studies and security studies to investigate the character and consequences of this expertise. In security theory, the study of expertise is crucial to understanding whose knowledge informs security making......This volume brings together scholars from different fields to explore the power, consequences and everyday practices of security expertise. Expertise mediates between different forms of knowledge: scientific and technological, legal, economic and political knowledge. This book offers the first...... and to reflect on the impact and responsibility of security analysis. In science and technology studies, the study of security politics adds a challenging new case to the agenda of research on expertise and policy. The contributors investigate cases such as academic security studies, security think tanks...

  8. Security systems engineering overview

    International Nuclear Information System (INIS)

    Steele, B.J.

    1996-01-01

    Crime prevention is on the minds of most people today. The concern for public safety and the theft of valuable assets are being discussed at all levels of government and throughout the public sector. There is a growing demand for security systems that can adequately safeguard people and valuable assets against the sophistication of those criminals or adversaries who pose a threat. The crime in this country has been estimated at $70 billion in direct costs and up to $300 billion in indirect costs. Health insurance fraud alone is estimated to cost American businesses $100 billion. Theft, warranty fraud, and counterfeiting of computer hardware totaled $3 billion in 1994. A threat analysis is a prerequisite to any security system design to assess the vulnerabilities with respect to the anticipated threat. Having established a comprehensive definition of the threat, crime prevention, detection, and threat assessment technologies can be used to address these criminal activities. This talk will outline the process used to design a security system regardless of the level of security. This methodology has been applied to many applications including: government high security facilities; residential and commercial intrusion detection and assessment; anti-counterfeiting/fraud detection technologies (counterfeit currency, cellular phone billing, credit card fraud, health care fraud, passport, green cards, and questionable documents); industrial espionage detection and prevention (intellectual property, computer chips, etc.); and security barrier technology (creation of delay such as gates, vaults, etc.)

  9. Homeland security application of the Army Soft Target Exploitation and Fusion (STEF) system

    Science.gov (United States)

    Antony, Richard T.; Karakowski, Joseph A.

    2010-04-01

    A fusion system that accommodates both text-based extracted information along with more conventional sensor-derived input has been developed and demonstrated in a terrorist attack scenario as part of the Empire Challenge (EC) 09 Exercise. Although the fusion system was developed to support Army military analysts, the system, based on a set of foundational fusion principles, has direct applicability to department of homeland security (DHS) & defense, law enforcement, and other applications. Several novel fusion technologies and applications were demonstrated in EC09. One such technology is location normalization that accommodates both fuzzy semantic expressions such as behind Library A, across the street from the market place, as well as traditional spatial representations. Additionally, the fusion system provides a range of fusion products not supported by traditional fusion algorithms. Many of these additional capabilities have direct applicability to DHS. A formal test of the fusion system was performed during the EC09 exercise. The system demonstrated that it was able to (1) automatically form tracks, (2) help analysts visualize behavior of individuals over time, (3) link key individuals based on both explicit message-based information as well as discovered (fusion-derived) implicit relationships, and (4) suggest possible individuals of interest based on their association with High Value Individuals (HVI) and user-defined key locations.

  10. Safety and security profiles of industry networks used in safety- critical applications

    Directory of Open Access Journals (Sweden)

    Mária FRANEKOVÁ

    2008-01-01

    Full Text Available The author describes the mechanisms of safety and security profiles of industry and communication networks used within safety – related applications in technological and information levels of process control recommended according to standards IEC 61784-3,4. Nowadays the number of vendors of the safety – related communication technologies who guarantees besides the standard communication, the communication amongst the safety – related equipment according to IEC 61508 is increasing. Also the number of safety – related products is increasing, e. g. safety Fieldbus, safety PLC, safety curtains, safety laser scanners, safety buttons, safety relays and other. According to world survey the safety Fieldbus denoted the highest growth from all manufactured safety products.The main part of this paper is the description of the safety-related Fieldbus communication system, which has to guaranty Safety Integrity Level.

  11. National and International Security Applications of Cryogenic Detectors—Mostly Nuclear Safeguards

    Science.gov (United States)

    Rabin, Michael W.

    2009-12-01

    As with science, so with security—in both arenas, the extraordinary sensitivity of cryogenic sensors enables high-confidence detection and high-precision measurement even of the faintest signals. Science applications are more mature, but several national and international security applications have been identified where cryogenic detectors have high potential payoff. International safeguards and nuclear forensics are areas needing new technology and methods to boost speed, sensitivity, precision and accuracy. Successfully applied, improved nuclear materials analysis will help constrain nuclear materials diversion pathways and contribute to treaty verification. Cryogenic microcalorimeter detectors for X-ray, gamma-ray, neutron, and alpha-particle spectrometry are under development with these aims in mind. In each case the unsurpassed energy resolution of microcalorimeters reveals previously invisible spectral features of nuclear materials. Preliminary results of quantitative analysis indicate substantial improvements are still possible, but significant work will be required to fully understand the ultimate performance limits.

  12. Nuclear Security Education Program at the Pennsylvania State University

    International Nuclear Information System (INIS)

    Uenlue, Kenan; Jovanovic, Igor

    2015-01-01

    The availability of trained and qualified nuclear and radiation security experts worldwide has decreased as those with hands-on experience have retired while the demand for these experts and skills have increased. The U.S. Department of Energy's National Nuclear Security Administration's (NNSA) Global Threat Reduction Initiative (GTRI) has responded to the continued loss of technical and policy expertise amongst personnel and students in the security field by initiating the establishment of a Nuclear Security Education Initiative, in partnership with Pennsylvania State University (PSU), Texas A and M (TAMU), and Massachusetts Institute of Technology (MIT). This collaborative, multi-year initiative forms the basis of specific education programs designed to educate the next generation of personnel who plan on careers in the nonproliferation and security fields with both domestic and international focus. The three universities worked collaboratively to develop five core courses consistent with the GTRI mission, policies, and practices. These courses are the following: Global Nuclear Security Policies, Detectors and Source Technologies, Applications of Detectors/Sensors/Sources for Radiation Detection and Measurements Nuclear Security Laboratory, Threat Analysis and Assessment, and Design and Analysis of Security Systems for Nuclear and Radiological Facilities. The Pennsylvania State University (PSU) Nuclear Engineering Program is a leader in undergraduate and graduate-level nuclear engineering education in the USA. The PSU offers undergraduate and graduate programs in nuclear engineering. The PSU undergraduate program in nuclear engineering is the largest nuclear engineering programs in the USA. The PSU Radiation Science and Engineering Center (RSEC) facilities are being used for most of the nuclear security education program activities. Laboratory space and equipment was made available for this purpose. The RSEC facilities include the Penn State Breazeale

  13. Nuclear Security Education Program at the Pennsylvania State University

    Energy Technology Data Exchange (ETDEWEB)

    Uenlue, Kenan [The Pennsylvania State University, Radiation Science and Engineering Center, University Park, PA 16802-2304 (United States); The Pennsylvania State University, Department of Mechanical and Nuclear Engineering, University Park, PA 16802-2304 (United States); Jovanovic, Igor [The Pennsylvania State University, Department of Mechanical and Nuclear Engineering, University Park, PA 16802-2304 (United States)

    2015-07-01

    The availability of trained and qualified nuclear and radiation security experts worldwide has decreased as those with hands-on experience have retired while the demand for these experts and skills have increased. The U.S. Department of Energy's National Nuclear Security Administration's (NNSA) Global Threat Reduction Initiative (GTRI) has responded to the continued loss of technical and policy expertise amongst personnel and students in the security field by initiating the establishment of a Nuclear Security Education Initiative, in partnership with Pennsylvania State University (PSU), Texas A and M (TAMU), and Massachusetts Institute of Technology (MIT). This collaborative, multi-year initiative forms the basis of specific education programs designed to educate the next generation of personnel who plan on careers in the nonproliferation and security fields with both domestic and international focus. The three universities worked collaboratively to develop five core courses consistent with the GTRI mission, policies, and practices. These courses are the following: Global Nuclear Security Policies, Detectors and Source Technologies, Applications of Detectors/Sensors/Sources for Radiation Detection and Measurements Nuclear Security Laboratory, Threat Analysis and Assessment, and Design and Analysis of Security Systems for Nuclear and Radiological Facilities. The Pennsylvania State University (PSU) Nuclear Engineering Program is a leader in undergraduate and graduate-level nuclear engineering education in the USA. The PSU offers undergraduate and graduate programs in nuclear engineering. The PSU undergraduate program in nuclear engineering is the largest nuclear engineering programs in the USA. The PSU Radiation Science and Engineering Center (RSEC) facilities are being used for most of the nuclear security education program activities. Laboratory space and equipment was made available for this purpose. The RSEC facilities include the Penn State Breazeale

  14. Secure Web System in a Cloud Environment

    OpenAIRE

    Pokherl, Bibesh

    2013-01-01

    Advent of cloud computing has brought a lot of benefits for users based on its essential characteristics. Users are attracted by its costs per use service and rapidly deploy their applications in the cloud and scale by using virtualization technology without investing in their own IT infrastructure. These applications can be accessed through web based technology, such as web browsers or mobile apps. However, security becomes a major challenge when user’s data and applications are stored in a ...

  15. Recovering Data from Password Protected Data Security Applications in Android Based Smartphones

    Directory of Open Access Journals (Sweden)

    Hammad Riaz

    2016-06-01

    Full Text Available The standard method of mobile forensic analysis is to attach the mobile device to forensic tools and to perform logical, file system, or physical extraction. A hindrance in analysis arises if the mobile is not properly supported or data in the handset is secured using data security android applications. The techniques discussed in this paper help in the analysis and extraction of data files secured using data hiding password protected android based applications. A few well known data protection android applications are analyzed. The analysis was performed on both partially supported and fully supported sets.

  16. MUSES RT2AE V P/DP: On the Road to Privacy-Friendly Security Technologies in the Workplace

    OpenAIRE

    Van Der Sype, Yung Shin Marleen; Guislain, Jonathan; Seigneur, Jean-Marc; Titi, Xavier

    2016-01-01

    Successful protection of company data assets requires strong technological support. As many security incidents still occur from within, security technologies often include elements to monitor the behaviour of employees. As those security systems are considered as privacy-intrusive, they are hard to align with the privacy and data protection rights of the employees of the company. Even though there is currently no legal obligation for developers to embed privacy and data protection in security...

  17. Computer Security: Computer security threats, vulnerabilities and attacks (3/4)

    CERN Document Server

    CERN. Geneva

    2012-01-01

    Antonio Perez Perez works in the Computer Security Team doing software development, sysadmin tasks and operations. He is also involved on grid security and does 1st line security support at CERN on ROTA. With the prevalence of modern information technologies and its increasing integration into our daily live, digital systems become more and more playground for evil people. While in the past, attacks were driven by fame& kudos, nowadays money is the motivating factor. Just the recent months have shown several successful attacks against e.g. Sony, PBS, UNESCO, RSAsecurity, Citibank, and others. Credit card information of hundreds of thousands of people got exposed. Affected companies not only lost their assets and data, also their reputation has suffered. Thus, proper computer security measures are essential. Without question, security must even more become an inherent ingredient when developing, deploying, and operating applications, web sites, and computing services. These lectures shall give an ove...

  18. Multi-agent integrated password management (MIPM) application secured with encryption

    Science.gov (United States)

    Awang, Norkhushaini; Zukri, Nurul Hidayah Ahmad; Rashid, Nor Aimuni Md; Zulkifli, Zuhri Arafah; Nazri, Nor Afifah Mohd

    2017-10-01

    Users use weak passwords and reuse them on different websites and applications. Password managers are a solution to store login information for websites and help users log in automatically. This project developed a system that acts as an agent managing passwords. Multi-Agent Integrated Password Management (MIPM) is an application using encryption that provides users with secure storage of their login account information such as their username, emails and passwords. This project was developed on an Android platform with an encryption agent using Java Agent Development Environment (JADE). The purpose of the embedded agents is to act as a third-party software to ease the encryption process, and in the future, the developed encryption agents can form part of the security system. This application can be used by the computer and mobile users. Currently, users log into many applications causing them to use unique passwords to prevent password leaking. The crypto agent handles the encryption process using an Advanced Encryption Standard (AES) 128-bit encryption algorithm. As a whole, MIPM is developed on the Android application to provide a secure platform to store passwords and has high potential to be commercialised for public use.

  19. Recommendation on the Use of Biometric Technology

    DEFF Research Database (Denmark)

    Juul, Niels Christian

    2013-01-01

    Biometric technology is based on the use of information linked to individuals. Hence, privacy and security in biometric applications becomes a concern and the need to assess such applications thoroughly becomes equally important. Guidelines for application of biometric technology must ensure...... a positive impact on both security and privacy. Based on two cases of biometric application, which have been assessed by the Danish Data Protecting Agency, this chapter present a set of recommendations to legislators, regulators, corporations and individuals on the appropriate use of biometric technologies...... put forward by the Danish Board of Technology. The recommendations are discussed and compared to the similar proposal put forward by the European Article 29 Data Protection Working Party....

  20. Audit Teknologiinformasiatas Physical Security Control Dan Logical Security Control Serta Penentuan Kondisi Security Risk Studi Kasus: PT Talc Indonesia

    OpenAIRE

    Inggrid; Arfianti, Rizka I; Utami, Viany

    2009-01-01

    Abstract The fast growth of technology has an impact to the accounting field. This relates to the term of information technology (17) auditing. One of the risI6 of using information technology in business which can be fatal enough i fignored is security risk Security risk can be reduced by security controls which include physical security control and logical security contra Information technology auditing is the process of collecting and evaluating evidence to determine whether or not a co...

  1. The Importance of the Brain Neuro-Programming Technologies in National and Regional Security

    Directory of Open Access Journals (Sweden)

    Vasyl H. Fatkhutdinov

    2018-02-01

    Full Text Available The authors’ understanding of neuro-programming is the result of the impact on the human brain of information and communication technology (including educational one, through which in the human brain the programs of manifestation in the ontogenesis of internal creative potentials are written. This article summarizes the history of the formation of key neuro-programming technologies of the human brain as well as proves that the changes in the society’s worldview are caused by the possibilities and quality of neuro-programming technologies that society uses. Having influence over worldview stereotypes and behaviour set by the society, neuro-programming technologies essentially ensure the national security of any state and the peaceful coexistence of states in the regions and on the planet as a whole. Using historical and philosophical methods, methods of conceptualization, systematization, modeling, etc., the authors have come to the conclusion that the modern world lies in a confrontation of security strategies, in which neuro-programming technologies play a key role.

  2. Security Data Warehouse Application

    Science.gov (United States)

    Vernon, Lynn R.; Hennan, Robert; Ortiz, Chris; Gonzalez, Steve; Roane, John

    2012-01-01

    The Security Data Warehouse (SDW) is used to aggregate and correlate all JSC IT security data. This includes IT asset inventory such as operating systems and patch levels, users, user logins, remote access dial-in and VPN, and vulnerability tracking and reporting. The correlation of this data allows for an integrated understanding of current security issues and systems by providing this data in a format that associates it to an individual host. The cornerstone of the SDW is its unique host-mapping algorithm that has undergone extensive field tests, and provides a high degree of accuracy. The algorithm comprises two parts. The first part employs fuzzy logic to derive a best-guess host assignment using incomplete sensor data. The second part is logic to identify and correct errors in the database, based on subsequent, more complete data. Host records are automatically split or merged, as appropriate. The process had to be refined and thoroughly tested before the SDW deployment was feasible. Complexity was increased by adding the dimension of time. The SDW correlates all data with its relationship to time. This lends support to forensic investigations, audits, and overall situational awareness. Another important feature of the SDW architecture is that all of the underlying complexities of the data model and host-mapping algorithm are encapsulated in an easy-to-use and understandable Perl language Application Programming Interface (API). This allows the SDW to be quickly augmented with additional sensors using minimal coding and testing. It also supports rapid generation of ad hoc reports and integration with other information systems.

  3. The Evolving Relationship Between Technology and National Security in China: Innovation, Defense Transformation, and China’s Place in the Global Technology Order

    Science.gov (United States)

    2016-02-12

    Stockmann, Xiao Qiang. Changing Media, Changing China , New York: Oxford University Press, (01 2011) Dieter Ernst. Indigenous Innovation and...2211 China , science, technology, dual use, defense, security, innovation REPORT DOCUMENTATION PAGE 11. SPONSOR/MONITOR’S REPORT NUMBER(S) 10...ABSTRACT Final Report: The Evolving Relationship Between Technology and National Security in China : Innovation , Defense Transformation, and China’s

  4. Security in Context-aware Mobile Business Applications

    OpenAIRE

    Tatli, Emin Islam

    2008-01-01

    The support of location computation on mobile devices (e.g. mobile phones, PDAs) has enabled the development of context-aware and especially location-aware applications (e.g. Restaurant Finder, Friend Finder) which are becoming the new trend for future software applications. However, fears regarding security and privacy are the biggest barriers against their success. Especially, mobile users are afraid of the possible threats against their private identity and personal data. Within the M-Busi...

  5. Functional Security Model: Managers Engineers Working Together

    Science.gov (United States)

    Guillen, Edward Paul; Quintero, Rulfo

    2008-05-01

    Information security has a wide variety of solutions including security policies, network architectures and technological applications, they are usually designed and implemented by security architects, but in its own complexity this solutions are difficult to understand by company managers and they are who finally fund the security project. The main goal of the functional security model is to achieve a solid security platform reliable and understandable in the whole company without leaving of side the rigor of the recommendations and the laws compliance in a single frame. This paper shows a general scheme of the model with the use of important standards and tries to give an integrated solution.

  6. Selection application for platforms and security protocols suitable for wireless sensor networks

    International Nuclear Information System (INIS)

    Moeller, S; Newe, T; Lochmann, S

    2009-01-01

    There is a great number of platforms and security protocols which can be used for wireless sensor networks (WSN). All these platforms and protocols have different properties with certain advantages and disadvantages. For a good choice of platform and an associated protocol, these advantages and disadvantages should be compared and the best for the appropriate WSN chosen. To select a Security protocol and a wireless platform suitable for a specific application a software tool will be developed. That tool will enable wireless network deployment engineers to easily select a suitable wireless platform for their application based on their network needs and application security requirements.

  7. Breach of Personal Security through Applicative use of Online Social Networks

    Directory of Open Access Journals (Sweden)

    Bojan Nikolovski

    2013-11-01

    Full Text Available Throughout this article there is an attempt to indicate the threats of potential to breach of personal security through applicative use of internet as well as applicative use of online social networks. In addition to many other ways of privacy protection applicative users of social network’s sites must take into considerations the risk of distributing private data. Through a series of actions and settings users can customize the security settings with the ultimate goal of reducing the risk of attack on their privacy.

  8. Marketing and reputation aspects of neonatal safeguards and hospital-security systems.

    Science.gov (United States)

    Smith, Alan D

    2009-01-01

    Technological advancements have migrated from personal-use electronics into the healthcare setting for security enhancements. Within maternity wards and nurseries, technology was seen as one of best way to protect newborns from abduction. The present study is a focus on what systems and methods are used in neonatal security, the security arrangements, staff training, and impacts outside the control of the hospital, customer satisfaction and customer relations management. Through hypothesis-testing and exploratory analysis, gender biases and extremely high levels of security were found within a web-enabled and professional sample of 200 respondents. The factor-based constructs were found to be, in order of the greatest explained variance: security concerns, personal technology usage, work technology applications, and demographic maturity concerns, resulting in four factor-based scores with significant combined variance of 61.5%. It was found that through a better understanding on the importance and vital need for hospitals to continue to improve on their technology-based security policies significantly enhanced their reputation in the highly competitive local healthcare industry.

  9. Computer Security: Introduction to information and computer security (1/4)

    CERN Multimedia

    CERN. Geneva

    2012-01-01

    Sebastian Lopienski is CERN's Deputy Computer Security Officer. He works on security strategy and policies; offers internal consultancy and audit services; develops and maintains security tools for vulnerability assessment and intrusion detection; provides training and awareness raising; and does incident investigation and response. During his work at CERN since 2001, Sebastian has had various assignments, including designing and developing software to manage and support services hosted in the CERN Computer Centre; providing Central CVS Service for software projects at CERN; and development of applications for accelerator controls in Java. He graduated from the University of Warsaw (MSc in Computer Science) in 2002, and earned an MBA degree at the Enterprise Administration Institute in Aix-en-Provence and Haute Ecole de Gestion in Geneva in 2010. His professional interests include software and network security, distributed systems, and Web and mobile technologies. With the prevalence of modern information te...

  10. Energy Assurance: Essential Energy Technologies for Climate Protection and Energy Security

    Energy Technology Data Exchange (ETDEWEB)

    Greene, David L [ORNL; Boudreaux, Philip R [ORNL; Dean, David Jarvis [ORNL; Fulkerson, William [University of Tennessee, Knoxville (UTK); Gaddis, Abigail [University of Tennessee, Knoxville (UTK); Graham, Robin Lambert [ORNL; Graves, Ronald L [ORNL; Hopson, Dr Janet L [University of Tennessee, Knoxville (UTK); Hughes, Patrick [ORNL; Lapsa, Melissa Voss [ORNL; Mason, Thom [ORNL; Standaert, Robert F [ORNL; Wilbanks, Thomas J [ORNL; Zucker, Alexander [ORNL

    2009-12-01

    We present and apply a new method for analyzing the significance of advanced technology for achieving two important national energy goals: climate protection and energy security. Quantitative metrics for U.S. greenhouse gas emissions in 2050 and oil independence in 2030 are specified, and the impacts of 11 sets of energy technologies are analyzed using a model that employs the Kaya identity and incorporates the uncertainty of technological breakthroughs. The goals examined are a 50% to 80% reduction in CO2 emissions from energy use by 2050 and increased domestic hydrocarbon fuels supply and decreased demand that sum to 11 mmbd by 2030. The latter is intended to insure that the economic costs of oil dependence are not more than 1% of U.S. GDP with 95% probability by 2030. Perhaps the most important implication of the analysis is that meeting both energy goals requires a high probability of success (much greater than even odds) for all 11 technologies. Two technologies appear to be indispensable for accomplishment of both goals: carbon capture and storage, and advanced fossil liquid fuels. For reducing CO2 by more than 50% by 2050, biomass energy and electric drive (fuel cell or battery powered) vehicles also appear to be necessary. Every one of the 11 technologies has a powerful influence on the probability of achieving national energy goals. From the perspective of technology policy, conflict between the CO2 mitigation and energy security is negligible. These general results appear to be robust to a wide range of technology impact estimates; they are substantially unchanged by a Monte Carlo simulation that allows the impacts of technologies to vary by 20%.

  11. Security threat assessment of an Internet security system using attack tree and vague sets.

    Science.gov (United States)

    Chang, Kuei-Hu

    2014-01-01

    Security threat assessment of the Internet security system has become a greater concern in recent years because of the progress and diversification of information technology. Traditionally, the failure probabilities of bottom events of an Internet security system are treated as exact values when the failure probability of the entire system is estimated. However, security threat assessment when the malfunction data of the system's elementary event are incomplete--the traditional approach for calculating reliability--is no longer applicable. Moreover, it does not consider the failure probability of the bottom events suffered in the attack, which may bias conclusions. In order to effectively solve the problem above, this paper proposes a novel technique, integrating attack tree and vague sets for security threat assessment. For verification of the proposed approach, a numerical example of an Internet security system security threat assessment is adopted in this paper. The result of the proposed method is compared with the listing approaches of security threat assessment methods.

  12. 17 CFR 270.6b-1 - Exemption of employees' securities company pending determination of application.

    Science.gov (United States)

    2010-04-01

    ...' securities company pending determination of application. 270.6b-1 Section 270.6b-1 Commodity and Securities... 1940 § 270.6b-1 Exemption of employees' securities company pending determination of application. Any... Act (54 Stat. 801; 15 U.S.C. 80a-6) shall be exempt, pending final determination of such application...

  13. Food safety and quality through radiation technology: its implications to national security

    Energy Technology Data Exchange (ETDEWEB)

    Lanuza, Luvimina G.

    2012-08-15

    The increasing consumption of ready-to-eat meals necessitates a review of its quality and safety. Food irradiation is a technology that would allow the food product to be free from pathogenic organisms while maintaining its fresh-like taste and appearance. The paper evaluated the effectiveness of food irradiation in maintaining the quality and safety of ready-to-eat meals using the three criteria: microbiological, nutritional and acceptability. Chicken adobo was chosen as a representative ready-to-eat meat. Primary data was collected through experimental and non-experimental methods using irradiated and non-irradiated chicken adobo. Irradiation was carried out at the Multipurpose Irradiation Facility of the Philippine Nuclear Research Institute using a radiation dose of 4 kGy at an irradiation temperature of 29.9-32.1 degree centigrade. Experimental data were gathered through laboratory analyses. Nutritional analyses (protein and Vitamin B{sub 1}) as well as microbiological analyses (E. Coli) were conducted at Day 1, Day 7 and Day 15 stored at -4 degree centigrade after irradiation. The non-experimental data were gathered by means of acceptability questionnaires which made use of a modified Likert scale of 1 to 4. This made the respondents rate the food attributes (color, odor, flavor, texture, juiciness) and overall acceptability during the sensory evaluation of both Sample A (irradiated) and Sample B (non-irradiated). There were two sets of respondents, the professional and non-professional sector. The laboratory-scale study revealed that the application of gamma irradiation of a dose of 4 kGy at an irradiation temperature range of 29.9 to 32.1 degree centigrade to packed ready-to-eat chicken adobo was found to be an effective treatment for eliminating the E.coli pathogen even up to Day 15 stored at -4 degree centigrade after irradiation. The protein and Vitamin B{sub 1} contents of the food sample were not significantly affected and results of the acceptability

  14. Food safety and quality through radiation technology: its implications to national security

    International Nuclear Information System (INIS)

    Lanuza, Luvimina G.

    2012-08-01

    The increasing consumption of ready-to-eat meals necessitates a review of its quality and safety. Food irradiation is a technology that would allow the food product to be free from pathogenic organisms while maintaining its fresh-like taste and appearance. The paper evaluated the effectiveness of food irradiation in maintaining the quality and safety of ready-to-eat meals using the three criteria: microbiological, nutritional and acceptability. Chicken adobo was chosen as a representative ready-to-eat meat. Primary data was collected through experimental and non-experimental methods using irradiated and non-irradiated chicken adobo. Irradiation was carried out at the Multipurpose Irradiation Facility of the Philippine Nuclear Research Institute using a radiation dose of 4 kGy at an irradiation temperature of 29.9-32.1 degree centigrade. Experimental data were gathered through laboratory analyses. Nutritional analyses (protein and Vitamin B 1 ) as well as microbiological analyses (E. Coli) were conducted at Day 1, Day 7 and Day 15 stored at -4 degree centigrade after irradiation. The non-experimental data were gathered by means of acceptability questionnaires which made use of a modified Likert scale of 1 to 4. This made the respondents rate the food attributes (color, odor, flavor, texture, juiciness) and overall acceptability during the sensory evaluation of both Sample A (irradiated) and Sample B (non-irradiated). There were two sets of respondents, the professional and non-professional sector. The laboratory-scale study revealed that the application of gamma irradiation of a dose of 4 kGy at an irradiation temperature range of 29.9 to 32.1 degree centigrade to packed ready-to-eat chicken adobo was found to be an effective treatment for eliminating the E.coli pathogen even up to Day 15 stored at -4 degree centigrade after irradiation. The protein and Vitamin B 1 contents of the food sample were not significantly affected and results of the acceptability tests

  15. A review of emerging non-volatile memory (NVM) technologies and applications

    Science.gov (United States)

    Chen, An

    2016-11-01

    This paper will review emerging non-volatile memory (NVM) technologies, with the focus on phase change memory (PCM), spin-transfer-torque random-access-memory (STTRAM), resistive random-access-memory (RRAM), and ferroelectric field-effect-transistor (FeFET) memory. These promising NVM devices are evaluated in terms of their advantages, challenges, and applications. Their performance is compared based on reported parameters of major industrial test chips. Memory selector devices and cell structures are discussed. Changing market trends toward low power (e.g., mobile, IoT) and data-centric applications create opportunities for emerging NVMs. High-performance and low-cost emerging NVMs may simplify memory hierarchy, introduce non-volatility in logic gates and circuits, reduce system power, and enable novel architectures. Storage-class memory (SCM) based on high-density NVMs could fill the performance and density gap between memory and storage. Some unique characteristics of emerging NVMs can be utilized for novel applications beyond the memory space, e.g., neuromorphic computing, hardware security, etc. In the beyond-CMOS era, emerging NVMs have the potential to fulfill more important functions and enable more efficient, intelligent, and secure computing systems.

  16. Neutron and Gamma Imaging for National Security Applications

    Science.gov (United States)

    Hornback, Donald

    2017-09-01

    The Department of Energy, National Nuclear Security Administration (NNSA), Office of Defense Nuclear Nonproliferation Research and Development (DNN R&D/NA-22) possesses, in part, the mission to develop technologies in support of nuclear security efforts in coordination with other U.S. government entities, such as the Department of Defense and the Department of Homeland Security. DNN R&D has long supported research in nuclear detection at national labs, universities, and through the small business innovation research (SBIR) program. Research topics supported include advanced detector materials and electronics, detection algorithm development, and advanced gamma/neutron detection systems. Neutron and gamma imaging, defined as the directional detection of radiation as opposed to radiography, provides advanced detection capabilities for the NNSA mission in areas of emergency response, international safeguards, and nuclear arms control treaty monitoring and verification. A technical and programmatic overview of efforts in this field of research will be summarized.

  17. Applications of nuclear safety probabilistic risk assessment to nuclear security for optimized risk mitigation

    Energy Technology Data Exchange (ETDEWEB)

    Donnelly, S.K.; Harvey, S.B. [Amec Foster Wheeler, Toronto, Ontario (Canada)

    2016-06-15

    Critical infrastructure assets such as nuclear power generating stations are potential targets for malevolent acts. Probabilistic methodologies can be applied to evaluate the real-time security risk based upon intelligence and threat levels. By employing this approach, the application of security forces and other protective measures can be optimized. Existing probabilistic safety analysis (PSA) methodologies and tools employed. in the nuclear industry can be adapted to security applications for this purpose. Existing PSA models can also be adapted and enhanced to consider total plant risk, due to nuclear safety risks as well as security risks. By creating a Probabilistic Security Model (PSM), safety and security practitioners can maximize the safety and security of the plant while minimizing the significant costs associated with security upgrades and security forces. (author)

  18. Information technology - Security techniques - Information security management systems - Requirements

    CERN Document Server

    International Organization for Standardization. Geneva

    2005-01-01

    ISO/IEC 27001:2005 covers all types of organizations (e.g. commercial enterprises, government agencies, not-for profit organizations). ISO/IEC 27001:2005 specifies the requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented Information Security Management System within the context of the organization's overall business risks. It specifies requirements for the implementation of security controls customized to the needs of individual organizations or parts thereof. ISO/IEC 27001:2005 is designed to ensure the selection of adequate and proportionate security controls that protect information assets and give confidence to interested parties. ISO/IEC 27001:2005 is intended to be suitable for several different types of use, including the following: use within organizations to formulate security requirements and objectives; use within organizations as a way to ensure that security risks are cost effectively managed; use within organizations to ensure comp...

  19. Mobile Security: A Systems Engineering Framework for Implementing Bring Your Own Device (BYOD) Security through the Combination of Policy Management and Technology

    Science.gov (United States)

    Zahadat, Nima

    2016-01-01

    With the rapid increase of smartphones and tablets, security concerns have also been on the rise. Traditionally, Information Technology (IT) departments set up devices, apply security, and monitor them. Such approaches do not apply to today's mobile devices due to a phenomenon called Bring Your Own Device or BYOD. Employees find it desirable to…

  20. Security research roadmap

    Energy Technology Data Exchange (ETDEWEB)

    Rouhiainen, V. (ed.)

    2007-02-15

    VTT has a broad range of security research ongoing in many areas of technology. The main areas have been concentrating on public safety and security, but VTT is also participating in several research projects related to defence technology. To identify and define expertise and research goals in more detail, the Security research roadmap was developed. The roadmap identified three particularly significant areas related to security. The assurance of a critical infrastructure emphasises the protection of energy networks, information networks, water supply, traffic and transport, and obviously also the citizens. For assuring the activities of entrepreneurship, significant areas include the security of production and services, the security of sites and assets, and information security for embedded systems. The most important security products and technologies needed are, for example, management of total security, detection, identification, localisation and communication, protection of information networks and systems, as well as physical protection. In the EU's Security programme, which aims at ensuring the security of society and its vital functions, it is stated that. Technology alone can not assure security, but security can not be assured without the support of technology. VTT is conducting security research in all its areas of expertise and clusters. The area has a significant research potential. The development of products and systems designed for the improvement of security has just started. There is still room for innovation. This report presents knowledge and development needs in more detail, as well as future development potential seen in the area of security. (orig.)

  1. Implementing Network Video for Traditional Security and Innovative Applications: Best Practices and Uses for Network Video in K-12 Schools

    Science.gov (United States)

    Wren, Andrew

    2008-01-01

    Administrators are constantly seeking ways to cost-effectively and adequately increase security and improve efficiency in K-12 schools. While video is not a new tool to schools, the shift from analog to network technology has increased the accessibility and usability in a variety of applications. Properly installed and used, video is a powerful…

  2. Ethics of emergent information and communication technology applications in humanitarian medical assistance.

    Science.gov (United States)

    Hunt, Matthew; Pringle, John; Christen, Markus; Eckenwiler, Lisa; Schwartz, Lisa; Davé, Anushree

    2016-07-01

    New applications of information and communication technology (ICT) are shaping the way we understand and provide humanitarian medical assistance in situations of disaster, disease outbreak or conflict. Each new crisis appears to be accompanied by advancements in humanitarian technology, leading to significant improvements in the humanitarian aid sector. However, ICTs raise ethical questions that warrant attention. Focusing on the context of humanitarian medical assistance, we review key domains of ICT innovation. We then discuss ethical challenges and uncertainties associated with the development and application of new ICTs in humanitarian medical assistance, including avoiding harm, ensuring privacy and security, responding to inequalities, demonstrating respect, protecting relationships, and addressing expectations. In doing so, we emphasize the centrality of ethics in humanitarian ICT design, application and evaluation. © The Author 2016. Published by Oxford University Press on behalf of Royal Society of Tropical Medicine and Hygiene. All rights reserved. For permissions, please e-mail: journals.permissions@oup.com.

  3. Commercial Security on the Internet.

    Science.gov (United States)

    Liddy, Carrie

    1996-01-01

    Discusses commercial security on the Internet and explains public key technology as successfully melding the conflicting requirements of openness for practical business applications and isolation and confidentiality for protection of data. Examples of public key value-added products are described, including encryption, digital signature and…

  4. Defence and security applications of quantum cascade lasers

    Science.gov (United States)

    Grasso, Robert J.

    2016-09-01

    Quantum Cascade Lasers (QCL) have seen tremendous recent application in the realm of Defence and Security. And, in many instances replacing traditional solid state lasers as the source of choice for Countermeasures, Remote Sensing, In-situ Sensing, Through-Barrier Sensing, and many others. Following their development and demonstration in the early 1990's, QCL's reached some maturity and specific defence and security application prior to 2005; with much initial development fostered by DARPA initiatives in the US, dstl, MoD, and EOARD funding initiatives in the UK, and University level R&D such as those by Prof Manijeh Razeghi at Northwestern University [1], and Prof Ted Masselink at Humboldt University [2]. As QCL's provide direct mid-IR laser output for electrical input, they demonstrate high quantum efficiency compared with diode pumped solid state lasers with optical parametric oscillators (OPOs) to generate mid-Infrared output. One particular advantage of QCL's is their very broad operational bandwidth, extending from the terahertz to the near-infrared spectral regions. Defence and Security areas benefiting from QCL's include: Countermeasures, Remote Sensing, Through-the-Wall Sensing, and Explosive Detection. All information used to construct this paper obtained from open sources.

  5. A Secure and Robust Connectivity Architecture for Smart Devices and Applications

    Directory of Open Access Journals (Sweden)

    Lee YangSun

    2011-01-01

    Full Text Available Convergence environments and technologies are urgently coming close to our life with various wireless communications and smart devices in order to provide many benefits such as connectivity, usability, mobility, portability, and flexibility as well as lower installation and maintenance costs. Convergence has brought important change not only in the way we live but also in the way we think. It is the progress towards the attempt to create and to evolve new valuable services through the device convergence and fusion of in-home, office, and various environments around the personal mobile apparatus. Based on the dynamic trends of convergence, it is widely argued that the increased requirements on secure and robust connectivity between a variety of mobile devices and their applications provide us the era of real pervasive computing environment. Thus, in this paper, we present a novel connectivity architecture using RF4CE-(Radio Frequency for Consumer Electronics- based wireless zero-configuration and enhanced key agreement approach. We analyze the security and performance of our proposed approach by the development of the prototype H/W and the construction of a testbed with CE and mobile devices.

  6. A Survey on the Security of Blockchain Systems

    OpenAIRE

    Li, Xiaoqi; Jiang, Peng; Chen, Ting; Luo, Xiapu; Wen, Qiaoyan

    2018-01-01

    Since its inception, the blockchain technology has shown promising application prospects. From the initial cryptocurrency to the current smart contract, blockchain has been applied to many fields. Although there are some studies on the security and privacy issues of blockchain, there lacks a systematic examination on the security of blockchain systems. In this paper, we conduct a systematic study on the security threats to blockchain and survey the corresponding real attacks by examining popu...

  7. Security Administration Reports Application

    Data.gov (United States)

    Social Security Administration — Contains SSA Security Reports that allow Information Security Officers (ISOs) to access, review and take appropriate action based on the information contained in the...

  8. 3D Reconstruction in Nuclear Security

    International Nuclear Information System (INIS)

    Bostrom, G.; Fiocco, M.; Goncalves, J.M.C.; Puig, D.; Sequeira, V.; Chartier, B.; Mariotte, F.; Richard, M.; Zamora, P.; Kiesser, R.

    2008-01-01

    Accurate modelling is gaining increasing importance in security applications. Indeed, realistic and dimensionally accurate models of critical areas can be used for prevention and simulation exercises as well as for planning emergency responses once an attack is perpetrated. CEA-DAM and EC-JRC engaged in a joint exercise involving the simulation of a terrorist attack in an urban area with possible release of radiological substances. JRC was responsible for creating a dimensionally accurate (centimetre accuracy) 3D model from the urban area as-is before and after the attack. Further tests involved the automatic 3D detection of changes in both indoors and outdoors environments. The paper describes the principles and technologies behind the generation of photo-realistic and accurate 3D models of wide areas as-is, and will discuss the use of those technologies for nuclear security applications

  9. Reputation based security model for android applications

    OpenAIRE

    Tesfay, Welderufael Berhane; Booth, Todd; Andersson, Karl

    2012-01-01

    The market for smart phones has been booming in the past few years. There are now over 400,000 applications on the Android market. Over 10 billion Android applications have been downloaded from the Android market. Due to the Android popularity, there are now a large number of malicious vendors targeting the platform. Many honest end users are being successfully hacked on a regular basis. In this work, a cloud based reputation security model has been proposed as a solution which greatly mitiga...

  10. Biometric Template Security

    Directory of Open Access Journals (Sweden)

    Abhishek Nagar

    2008-03-01

    Full Text Available Biometric recognition offers a reliable solution to the problem of user authentication in identity management systems. With the widespread deployment of biometric systems in various applications, there are increasing concerns about the security and privacy of biometric technology. Public acceptance of biometrics technology will depend on the ability of system designers to demonstrate that these systems are robust, have low error rates, and are tamper proof. We present a high-level categorization of the various vulnerabilities of a biometric system and discuss countermeasures that have been proposed to address these vulnerabilities. In particular, we focus on biometric template security which is an important issue because, unlike passwords and tokens, compromised biometric templates cannot be revoked and reissued. Protecting the template is a challenging task due to intrauser variability in the acquired biometric traits. We present an overview of various biometric template protection schemes and discuss their advantages and limitations in terms of security, revocability, and impact on matching accuracy. A template protection scheme with provable security and acceptable recognition performance has thus far remained elusive. Development of such a scheme is crucial as biometric systems are beginning to proliferate into the core physical and information infrastructure of our society.

  11. Security Analysis in the Migration to Cloud Environments

    Directory of Open Access Journals (Sweden)

    Eduardo Fernández-Medina

    2012-05-01

    Full Text Available Cloud computing is a new paradigm that combines several computing concepts and technologies of the Internet creating a platform for more agile and cost-effective business applications and IT infrastructure. The adoption of Cloud computing has been increasing for some time and the maturity of the market is steadily growing. Security is the question most consistently raised as consumers look to move their data and applications to the cloud. We justify the importance and motivation of security in the migration of legacy systems and we carry out an analysis of different approaches related to security in migration processes to cloud with the aim of finding the needs, concerns, requirements, aspects, opportunities and benefits of security in the migration process of legacy systems.

  12. Metro Optical Networks for Homeland Security

    Science.gov (United States)

    Bechtel, James H.

    Metro optical networks provide an enticing opportunity for strengthening homeland security. Many existing and emerging fiber-optic networks can be adapted for enhanced security applications. Applications include airports, theme parks, sports venues, and border surveillance systems. Here real-time high-quality video and captured images can be collected, transported, processed, and stored for security applications. Video and data collection are important also at correctional facilities, courts, infrastructure (e.g., dams, bridges, railroads, reservoirs, power stations), and at military and other government locations. The scaling of DWDM-based networks allows vast amounts of data to be collected and transported including biometric features of individuals at security check points. Here applications will be discussed along with potential solutions and challenges. Examples of solutions to these problems are given. This includes a discussion of metropolitan aggregation platforms for voice, video, and data that are SONET compliant for use in SONET networks and the use of DWDM technology for scaling and transporting a variety of protocols. Element management software allows not only network status monitoring, but also provides optimized allocation of network resources through the use of optical switches or electrical cross connects.

  13. A Sustainable Technology Contribuiting to the Food Security

    Directory of Open Access Journals (Sweden)

    Dra. Rosa Catalina Bermúdez-Savòn

    2015-11-01

    Full Text Available A sustainable way for food and energetic security in rural and the city regions, is presented with the application of the solid state fermentation for the biotransformation of lignocellulosic by-products and agro-industrial wastes with white-rot fungi. Inamush as advantages of this technology, is showed the cultivation of mushroom Pleurotus spp.on coffee pulp, cedar chip , coconut and cocoa shells, and the influence of it´s mixture (1:1, trough examination of their growth rates and conversion efficacy to fruiting bodies, which cause contamination of soil and water, because of large volumes and difficult management. The use of residues for these cultive was consolidate such as alternative viable for food production, capable to satisfy the protein and nutritive necessity of population in the non-developing countries, besides low cost production, high protein content and obtention in large quantity in short time. In addition to produce complements for animal feet, such as the spent oyster mushroom substrate postcosecha is detoxified, has proteic content and better digestibility than original substrates,and can be used as animal feed or fertilizer, at the same time, was eradicated the problem of environmental contamination of these residues provoking and further contribution at sustainable development of the communities.

  14. Sandia technology: Engineering and science applications

    Science.gov (United States)

    Maydew, M. C.; Parrot, H.; Dale, B. C.; Floyd, H. L.; Leonard, J. A.; Parrot, L.

    1990-12-01

    This report discusses: protecting environment, safety, and health; Sandia's quality initiative; Sandia vigorously pursues technology transfer; scientific and technical education support programs; nuclear weapons development; recognizing battlefield targets with trained artificial neural networks; battlefield robotics: warfare at a distance; a spinning shell sizes up the enemy; thwarting would-be nuclear terrorists; unattended video surveillance system for nuclear facilities; making the skies safer for travelers; onboard instrumentation system to evaluate performance of stockpile bombs; keeping track with lasers; extended-life lithium batteries; a remote digital video link acquires images securely; guiding high-performance missiles with laser gyroscopes; nonvolatile memory chips for space applications; initiating weapon explosives with lasers; next-generation optoelectronics and microelectronics technology developments; chemometrics: new methods for improving chemical analysis; research team focuses ion beam to record-breaking intensities; standardizing the volt to quantum accuracy; new techniques improve robotic software development productivity; a practical laser plasma source for generating soft x-rays; exploring metal grain boundaries; massively parallel computing; modeling the amount of desiccant needed for moisture control; attacking pollution with sunshine; designing fuel-conversion catalysts with computers; extending a nuclear power plant's useful life; plasma-facing components for the International Thermonuclear Experimental Reactor.

  15. Resilient Infrastructure and Building Security

    DEFF Research Database (Denmark)

    Ingwar, Mads Ingerslew

    inference. Persistent authentication offers an effective integrated protection measure that is distributed directly in the facility and is non-intrusive to the public and affordable to the facility owners. Persistent authentication is suitable for security sensitive applications and can help protect...... to authentication that combines traditional access control systems with the sensing technologies and tracking capabilities offered by smart environments. Our approach is called Persistent Authentication for Location-based Services. Persistent authentication enables the secure provision of location-based services...

  16. Intelligent techniques in signal processing for multimedia security

    CERN Document Server

    Santhi, V

    2017-01-01

    This book proposes new algorithms to ensure secured communications and prevent unauthorized data exchange in secured multimedia systems. Focusing on numerous applications’ algorithms and scenarios, it offers an in-depth analysis of data hiding technologies including watermarking, cryptography, encryption, copy control, and authentication. The authors present a framework for visual data hiding technologies that resolves emerging problems of modern multimedia applications in several contexts including the medical, healthcare, education, and wireless communication networking domains. Further, it introduces several intelligent security techniques with real-time implementation. As part of its comprehensive coverage, the book discusses contemporary multimedia authentication and fingerprinting techniques, while also proposing personal authentication/recognition systems based on hand images, surveillance system security using gait recognition, face recognition under restricted constraints such as dry/wet face condi...

  17. Arms and technology transfers: Security and economic considerations among importing and exporting states

    International Nuclear Information System (INIS)

    Lodgaard, S.; Pfaltzgraff, R.L. Jr.

    1995-01-01

    The issues of technology and armament transfers are increasingly at the forefront of problems of international security and disarmament. Three major reasons could explain this. First, the disarmament process has been very successful in the last few years, especially in the field of nuclear, as well chemical and conventional, weapons. Second the disarmament effort underway concerns primarily the old partners of the East-West confrontation. Last, the general context, characterized by the opening and widening of exchanges, the increasingly open and transparent circulation of techniques and material, and the globalization of economic relations, must be taken into account. This report, prepared by UNIDIR comprises the following subjects: General trends in defense related transfers; Political/military factors associated with the diffusion of advanced technology; economic and technological consideration; and facilitation of economic growth/maximization of regional security and stability

  18. Dod physical security equipment application experience

    International Nuclear Information System (INIS)

    Dixon, H.M.

    1978-01-01

    In the Department of Defense, the subject of physical security is very broad in scope. Its application ranges from countering the shoplifters in the post exchange facilities to the sophisticated terrorist who may attempt to obtain access to one of our nuclear weapons. This paper focuses on the area of specific interest to the members of INMM which is the protection of nuclear devices and the classified information associated with them

  19. Technological laser application

    International Nuclear Information System (INIS)

    Shia, D.O.; Kollen, R.; Rods, U.

    1980-01-01

    Problems of the technological applications of lasers are stated in the popular form. Main requirements to a technological laser as well as problems arising in designing any system using lasers have been considered. Areas of the laser applications are described generally: laser treatment of materials, thermal treatment, welding, broach and drilling of holes, scribing, microtreatment and adjustment of resistors, material cutting, investigations into controlled thermonuclear fussion

  20. National Security Science and Technology Initiative: Air Cargo Screening

    Energy Technology Data Exchange (ETDEWEB)

    Bingham, Philip R [ORNL; White, Tim [Pacific Northwest National Laboratory (PNNL); Cespedes, Ernesto [Idaho National Laboratory (INL); Bowerman, Biays [Brookhaven National Laboratory (BNL); Bush, John [Battelle

    2010-11-01

    The non-intrusive inspection (NII) of consolidated air cargo carried on commercial passenger aircraft continues to be a technically challenging, high-priority requirement of the Department of Homeland Security's Science and Technology Directorate (DHS S&T), the Transportation Security Agency and the Federal Aviation Administration. The goal of deploying a screening system that can reliably and cost-effectively detect explosive threats in consolidated cargo without adversely affecting the flow of commerce will require significant technical advances that will take years to develop. To address this critical National Security need, the Battelle Memorial Institute (Battelle), under a Cooperative Research and Development Agreement (CRADA) with four of its associated US Department of Energy (DOE) National Laboratories (Oak Ridge, Pacific Northwest, Idaho, and Brookhaven), conducted a research and development initiative focused on identifying, evaluating, and integrating technologies for screening consolidated air cargo for the presence of explosive threats. Battelle invested $8.5M of internal research and development funds during fiscal years 2007 through 2009. The primary results of this effort are described in this document and can be summarized as follows: (1) Completed a gap analysis that identified threat signatures and observables, candidate technologies for detection, their current state of development, and provided recommendations for improvements to meet air cargo screening requirements. (2) Defined a Commodity/Threat/Detection matrix that focuses modeling and experimental efforts, identifies technology gaps and game-changing opportunities, and provides a means of summarizing current and emerging capabilities. (3) Defined key properties (e.g., elemental composition, average density, effective atomic weight) for basic commodity and explosive benchmarks, developed virtual models of the physical distributions (pallets) of three commodity types and three

  1. Applications of ultra-compact accelerator technologies for homeland security

    International Nuclear Information System (INIS)

    Sampayan, S.; Caporaso, G.; Chen, Y.J.; Falabella, S.; Guethlein, G.; Harris, J.R.; Hawkins, S.; Holmes, C.; Krogh, M.; Nelson, S.; Nunnally, W.; Paul, A.C.; Poole, B.; Rhodes, M.; Sanders, D.; Selenes, K.; Shaklee, K.; Sitaraman, S.; Sullivan, J.; Wang, L.; Watson, J.

    2007-01-01

    We report on a technology development to address explosive detector system throughout with increased detection probability. The system we proposed and are studying consists of a pixelized X-ray based pre-screener and a pulsed neutron source quantitative post verifier. Both technologies are derived from our compact accelerator development program for the Department of Energy Radiography Mission that enables gradients >10MV/m. For the pixelized X-ray source panel technology, we have performed initial integration and testing. For the accelerator, we are presently integrating and testing cell modules. For the verifier, we performed MCNP calculations that show good detectability of military and multi-part liquid threat systems. We detail the progress of our overall effort, including research and modeling to date, recent high voltage test results and concept integration

  2. New technologies and emerging threats: personnel security adjudicative guidelines in the age of social networking

    OpenAIRE

    Festa, James P.

    2012-01-01

    Approved for public release; distribution is unlimited Publicized incidents involving espionage or violence by government employees with security clearances have raised concern for the personnel security community. The guidelines used to adjudicate security clearances were last updated in 2005; since that time, significant technological developments, especially in social media and communications, have emerged. This thesis developed a comprehensive list of current Internet behaviors, and us...

  3. Validity of information security policy models

    Directory of Open Access Journals (Sweden)

    Joshua Onome Imoniana

    Full Text Available Validity is concerned with establishing evidence for the use of a method to be used with a particular set of population. Thus, when we address the issue of application of security policy models, we are concerned with the implementation of a certain policy, taking into consideration the standards required, through attribution of scores to every item in the research instrument. En today's globalized economic scenarios, the implementation of information security policy, in an information technology environment, is a condition sine qua non for the strategic management process of any organization. Regarding this topic, various studies present evidences that, the responsibility for maintaining a policy rests primarily with the Chief Security Officer. The Chief Security Officer, in doing so, strives to enhance the updating of technologies, in order to meet all-inclusive business continuity planning policies. Therefore, for such policy to be effective, it has to be entirely embraced by the Chief Executive Officer. This study was developed with the purpose of validating specific theoretical models, whose designs were based on literature review, by sampling 10 of the Automobile Industries located in the ABC region of Metropolitan São Paulo City. This sampling was based on the representativeness of such industries, particularly with regards to each one's implementation of information technology in the region. The current study concludes, presenting evidence of the discriminating validity of four key dimensions of the security policy, being such: the Physical Security, the Logical Access Security, the Administrative Security, and the Legal & Environmental Security. On analyzing the Alpha of Crombach structure of these security items, results not only attest that the capacity of those industries to implement security policies is indisputable, but also, the items involved, homogeneously correlate to each other.

  4. The CFFTP technology applications program

    International Nuclear Information System (INIS)

    Anon.

    1984-01-01

    The Canadian Fusion Fuels Technology Project (CFFTP) was originally conceived as having a Technology Applications Program to help fulfill its mandate of extending and adapting existing Canadian technology for use in international fusion programs. This technology was determined to be materials, breeder technology, remote handling, health and saftey, and tritium fuel systems. The CFFTP Applications Program has done work for the STARFIRE, MARS and TFTR reactors as well as developing two computer codes for tritium fuel systems. In the future the Technology Applications Program will be involved in the Tokamak Fusion Core Experiment (TFCX) as well as work for NET, JET and Frascati

  5. Security and privacy issues in wireless sensor networks for healthcare applications.

    Science.gov (United States)

    Al Ameen, Moshaddique; Liu, Jingwei; Kwak, Kyungsup

    2012-02-01

    The use of wireless sensor networks (WSN) in healthcare applications is growing in a fast pace. Numerous applications such as heart rate monitor, blood pressure monitor and endoscopic capsule are already in use. To address the growing use of sensor technology in this area, a new field known as wireless body area networks (WBAN or simply BAN) has emerged. As most devices and their applications are wireless in nature, security and privacy concerns are among major areas of concern. Due to direct involvement of humans also increases the sensitivity. Whether the data gathered from patients or individuals are obtained with the consent of the person or without it due to the need by the system, misuse or privacy concerns may restrict people from taking advantage of the full benefits from the system. People may not see these devices safe for daily use. There may also possibility of serious social unrest due to the fear that such devices may be used for monitoring and tracking individuals by government agencies or other private organizations. In this paper we discuss these issues and analyze in detail the problems and their possible measures.

  6. Proceedings of the 1989 Carnahan conference on security technology

    International Nuclear Information System (INIS)

    DeVore, R.W.

    1989-01-01

    This book contains the proceedings of the 1989 Carnahan conference on security technology and crime countermeasures. Topics covered include: study of methods for the enhancement of classified document control and protection; research and development of a portable microfocus x-ray system capable of providing ultra-high resolution images of improvised explosive devices; and BombCAD - a CAD-based technique for assessing bomb vulnerability and designing and evaluating bomb defense measures

  7. Secure Path Selection under Random Fading

    Directory of Open Access Journals (Sweden)

    Furqan Jameel

    2017-05-01

    Full Text Available Application-oriented Wireless Sensor Networks (WSNs promises to be one of the most useful technologies of this century. However, secure communication between nodes in WSNs is still an unresolved issue. In this context, we propose two protocols (i.e. Optimal Secure Path (OSP and Sub-optimal Secure Path (SSP to minimize the outage probability of secrecy capacity in the presence of multiple eavesdroppers. We consider dissimilar fading at the main and wiretap link and provide detailed evaluation of the impact of Nakagami-m and Rician-K factors on the secrecy performance of WSNs. Extensive simulations are performed to validate our findings. Although the optimal scheme ensures more security, yet the sub-optimal scheme proves to be a more practical approach to secure wireless links.

  8. Printable, scannable biometric templates for secure documents and materials

    Science.gov (United States)

    Cambier, James L.; Musgrave, Clyde

    2000-04-01

    Biometric technology has been widely acknowledged as an effective means for enhancing private and public security through applications in physical access control, computer and computer network access control, medical records protection, banking security, public identification programs, and others. Nearly all of these applications involve use of a biometric token to control access to a physical entity or private information. There are also unique benefits to be derived from attaching a biometric template to a physical entity such as a document, package, laboratory sample, etc. Such an association allows fast, reliable, and highly accurate association of an individual person's identity to the physical entity, and can be used to enhance security, convenience, and privacy in many types of transactions. Examples include authentication of documents, tracking of laboratory samples in a testing environment, monitoring the movement of physical evidence within the criminal justice system, and authenticating the identity of both sending and receiving parties in shipment of high value parcels. A system is described which combines a biometric technology based on iris recognition with a printing and scanning technology for high-density bar codes.

  9. An Evaluation Methodology for the Usability and Security of Cloud-based File Sharing Technologies

    Science.gov (United States)

    2012-09-01

    FISMA, ISO 27001 , FIPS 140-2, and ISO 270001) indicate a cloud-based service’s compliance with industry standard security controls, management and...Information Assurance IEEE Institute of Electrical and Electronics Engineers IT Information Technology ITS Insider Threat Study ISO International...effectively, efficiently and with satisfaction” (International Organization for Standardization [ ISO ], 1998). Alternately, information security

  10. The QUANTGRID Project (RO)—Quantum Security in GRID Computing Applications

    Science.gov (United States)

    Dima, M.; Dulea, M.; Petre, M.; Petre, C.; Mitrica, B.; Stoica, M.; Udrea, M.; Sterian, R.; Sterian, P.

    2010-01-01

    The QUANTGRID Project, financed through the National Center for Programme Management (CNMP-Romania), is the first attempt at using Quantum Crypted Communications (QCC) in large scale operations, such as GRID Computing, and conceivably in the years ahead in the banking sector and other security tight communications. In relation with the GRID activities of the Center for Computing & Communications (Nat.'l Inst. Nucl. Phys.—IFIN-HH), the Quantum Optics Lab. (Nat.'l Inst. Plasma and Lasers—INFLPR) and the Physics Dept. (University Polytechnica—UPB) the project will build a demonstrator infrastructure for this technology. The status of the project in its incipient phase is reported, featuring tests for communications in classical security mode: socket level communications under AES (Advanced Encryption Std.), both proprietary code in C++ technology. An outline of the planned undertaking of the project is communicated, highlighting its impact in quantum physics, coherent optics and information technology.

  11. Computer Security: Security operations at CERN (4/4)

    CERN Document Server

    CERN. Geneva

    2012-01-01

    Stefan Lueders, PhD, graduated from the Swiss Federal Institute of Technology in Zurich and joined CERN in 2002. Being initially developer of a common safety system used in all four experiments at the Large Hadron Collider, he gathered expertise in cyber-security issues of control systems. Consequently in 2004, he took over responsibilities in securing CERN's accelerator and infrastructure control systems against cyber-threats. Subsequently, he joined the CERN Computer Security Incident Response Team and is today heading this team as CERN's Computer Security Officer with the mandate to coordinate all aspects of CERN's computer security --- office computing security, computer centre security, GRID computing security and control system security --- whilst taking into account CERN's operational needs. Dr. Lueders has presented on these topics at many different occasions to international bodies, governments, and companies, and published several articles. With the prevalence of modern information technologies and...

  12. New technologies and the search for security: Prospects for a post-cold-war era

    International Nuclear Information System (INIS)

    Petrovsky, V.

    1990-01-01

    New technologies are setting a fast pace in our world. Through science and technology we are able to make our world better, richer and more liveable to everyone. However, the new technologies have brought new mans of destruction and have confronted the world with a real prospect of self destruction. This is one of the main challenges of our age. Greater mutual confidence, openness and, if necessary, checks on how scientific and technological co-operation is used must bring down the existing barriers un the area of technological exchanges. The first results are already evident, for instance in the nuclear field. In our age, science and technology are becoming an inherent element in the comprehensive search for a new, post-confrontational system of peace, security and co-operation. United nations, together with its family of specialized agencies, is called upon to play a major positive role in finding approaches in this area. Scientific and technological progress, especially on the eve of a new millennium in the history of mankind, must serve only to enhance international peace and security and, enable everyone to live a full and worthy life

  13. Network security: a survey of modern approaches

    International Nuclear Information System (INIS)

    Zafar, M.F.; Naheed, F.; Ahmad, Z.; Anwar, M.M.

    2008-01-01

    Security is an essential element of information technology (IT) infrastructure and applications. Concerns about security of networks and information systems have been growing along with the rapid increase in the number of network users and the value of their transactions. The hasty security threats have driven the development of security products known as Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) to detect and protect the network, server and desktop infrastructure ahead of the threat. Authentication and signing techniques are used to prevent integrity threats. Users, devices, and applications should always be authenticated and authorized before they are allowed to access networking resources. Though a lot of information is available on the internet about IDS and IPS but it all is spread on so many sites and one has to spend a considerable part of his precious time to search it. In this regard a thorough survey has been conducted to facilitate and assist the researchers. The issues and defend challenges in fighting with cyber attacks have been discussed. A comparison of the categories of network security technologies has been presented. In this paper an effort has been made to gather the scattered information and present it at one place. This survey will provide best available up-to-date advancement in the area. A brief description of open source IPS has also been presented. (author)

  14. Automated Big Traffic Analytics for Cyber Security

    OpenAIRE

    Miao, Yuantian; Ruan, Zichan; Pan, Lei; Wang, Yu; Zhang, Jun; Xiang, Yang

    2018-01-01

    Network traffic analytics technology is a cornerstone for cyber security systems. We demonstrate its use through three popular and contemporary cyber security applications in intrusion detection, malware analysis and botnet detection. However, automated traffic analytics faces the challenges raised by big traffic data. In terms of big data's three characteristics --- volume, variety and velocity, we review three state of the art techniques to mitigate the key challenges including real-time tr...

  15. A case for societal digital security culture

    NARCIS (Netherlands)

    Ben Othmane, L.; Weffers, H.T.G.; Ranchal, R.; Angin, P.; Bhargava, B.; Mohamad, M.M.; Janczewski, L.J.; Wolfe, H.B.; Shenoi, S.

    2013-01-01

    Information and communication technology systems, such as remote health care monitoring and smart mobility applications, have become indispensable parts of our lives. Security vulnerabilities in these systems could cause financial losses, privacy/safety compromises, and operational interruptions.

  16. 2nd International Conference on Mobile and Wireless Technology

    CERN Document Server

    Wattanapongsakorn, Naruemon

    2015-01-01

    This book provides a snapshot of the current state-of-the-art in the fields of mobile and wireless technology, security and applications.  The proceedings of the 2nd International Conference on Mobile and Wireless Technology (ICMWT2015), it represents the outcome of a unique platform for researchers and practitioners from academia and industry to share cutting-edge developments in the field of mobile and wireless science technology, including those working on data management and mobile security.   The contributions presented here describe the latest academic and industrial research from the international mobile and wireless community.  The scope covers four major topical areas: mobile and wireless networks and applications; security in mobile and wireless technology; mobile data management and applications; and mobile software.  The book will be a valuable reference for current researchers in academia and industry, and a useful resource for graduate-level students working on mobile and wireless technology...

  17. Addressing software security and mitigations in the life cycle

    Science.gov (United States)

    Gilliam, David; Powell, John; Haugh, Eric; Bishop, Matt

    2004-01-01

    Traditionally, security is viewed as an organizational and Information Technology (IT) systems function comprising of firewalls, intrusion detection systems (IDS), system security settings and patches to the operating system (OS) and applications running on it. Until recently, little thought has been given to the importance of security as a formal approach in the software life cycle. The Jet Propulsion Laboratory has approached the problem through the development of an integrated formal Software Security Assessment Instrument (SSAI) with six foci for the software life cycle.

  18. Security and privacy issues of personal health.

    Science.gov (United States)

    Blobel, Bernd; Pharow, Peter

    2007-01-01

    While health systems in developed countries and increasingly also in developing countries are moving from organisation-centred to person-centred health service delivery, the supporting communication and information technology is faced with new risks regarding security and privacy of stakeholders involved. The comprehensively distributed environment puts special burden on guaranteeing communication security services, but even more on guaranteeing application security services dealing with privilege management, access control and audit regarding social implication and connected sensitivity of personal information recorded, processed, communicated and stored in an even internationally distributed environment.

  19. Enabling Technologies for Ultra-Safe and Secure Modular Nuclear Energy

    International Nuclear Information System (INIS)

    Mendez Cruz, Carmen Margarita; Rochau, Gary E.; Middleton, Bobby; Rodriguez, Salvador B.; Rodriguez, Carmelo; Schleicher, Robert

    2016-01-01

    Sandia National Laboratories and General Atomics are pleased to respond to the Advanced Research Projects Agency-Energy (ARPA-e)'s request for information on innovative developments that may overcome various current reactor-technology limitations. The RFI is particularly interested in innovations that enable ultra-safe and secure modular nuclear energy systems. Our response addresses the specific features for reactor designs called out in the RFI, including a brief assessment of the current state of the technologies that would enable each feature and the methods by which they could be best incorporated into a reactor design.

  20. Enabling Technologies for Ultra-Safe and Secure Modular Nuclear Energy

    Energy Technology Data Exchange (ETDEWEB)

    Mendez Cruz, Carmen Margarita [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Rochau, Gary E. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Middleton, Bobby [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Rodriguez, Salvador B. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Rodriguez, Carmelo [General Atomics, San Diego, CA (United States); Schleicher, Robert [General Atomics, San Diego, CA (United States)

    2016-06-01

    Sandia National Laboratories and General Atomics are pleased to respond to the Advanced Research Projects Agency-Energy (ARPA-e)’s request for information on innovative developments that may overcome various current reactor-technology limitations. The RFI is particularly interested in innovations that enable ultra-safe and secure modular nuclear energy systems. Our response addresses the specific features for reactor designs called out in the RFI, including a brief assessment of the current state of the technologies that would enable each feature and the methods by which they could be best incorporated into a reactor design.

  1. SAFE/SNAP application to shipboard security

    International Nuclear Information System (INIS)

    Grady, L.M.; Walker, J.L.; Polito, J.

    1981-11-01

    An application of the combined Safeguards Automated Facility Evaluation/Safeguards Network Analysis Procedure (SAFE/SNAP) modeling technique to a physical protection system (PPS) aboard a generic ship is described. This application was performed as an example of how the SAFE and SNAP techniques could be used. Estimates of probability of interruption and neutralization for the example shipboard PPS are provided by SAFE as well as an adversary scenario, which serves as input to SNAP. This adversary scenario is analyzed by SNAP through four cases which incorporate increasingly detailed security force tactics. Comparisons between the results of the SAFE and SNAP analyses are made and conclusions drawn on the validity of each technique. Feedback from SNAP to SAFE is described, and recommendations for upgrading the ship based on the results of the SAFE/SNAP application are also discussed

  2. JWIG: Yet Another Framework for Maintainable and Secure Web Applications

    DEFF Research Database (Denmark)

    Møller, Anders; Schwarz, Mathias Romme

    2009-01-01

    Although numerous frameworks for web application programming have been developed in recent years, writing web applications remains a challenging task. Guided by a collection of classical design principles, we propose yet another framework. It is based on a simple but flexible server-oriented arch...... services.The resulting framework provides a novel foundation for developing maintainable and secure web applications....

  3. Probabilistic safety assessment technology for commercial nuclear power plant security evaluation

    International Nuclear Information System (INIS)

    Liming, J.K.; Johnson, D.H.; Dykes, A.A.

    2004-01-01

    Commercial nuclear power plant physical security has received much more intensive treatment and regulatory attention since September 11, 2001. In light of advancements made by the nuclear power industry in the field of probabilistic safety assessment (PSA) for its power plants over that last 30 years, and given the many examples of successful applications of risk-informed regulation at U. S. nuclear power plants during recent years, it may well be advisable to apply a 'risk-informed' approach to security management at nuclear power plants from now into the future. In fact, plant PSAs developed in response to NRC Generic Letter 88-20 and related requirements are used to help define target sets of critical plant safety equipment in our current security exercises for the industry. With reasonable refinements, plant PSAs can be used to identify, analyze, and evaluate reasonable and prudent approaches to address security issues and associated defensive strategies at nuclear power plants. PSA is the ultimate scenario-based approach to risk assessment, and thus provides a most powerful tool in identifying and evaluating potential risk management decisions. This paper provides a summary of observations of factors that are influencing or could influence cost-effective or 'cost-reasonable' security management decision-making in the current political environment, and provides recommendations for the application of PSA tools and techniques to the nuclear power plant operational safety response exercise process. The paper presents a proposed framework for nuclear power plant probabilistic terrorist risk assessment that applies these tools and techniques. (authors)

  4. Survey of holographic security systems

    Science.gov (United States)

    Kontnik, Lewis T.; Lancaster, Ian M.

    1990-04-01

    The counterfeiting of products and financial instruments is a major problem throughout the world today. The dimensions of the problem are growing, accelerated by the expanding availability of production technologies to sophisticated counterfeiters and the increasing capabilities of these technologies. Various optical techniques, including holography, are beingused in efforts to mark authentic products and to distinguish them from copies. Industry is recognizing that the effectiveness of these techniques depends on such factors as the economics of the counterfeiting process and the distribution channels for the products involved, in addition to the performance of the particular optical security technologies used. This paper surveys the nature of the growing counterfeit market place and reviews the utility of holographic optical security systems. In particular, we review the use of holograms on credit cards and other products; and outline certain steps the holography industry should take to promote these application.

  5. Accelerators for Discovery Science and Security applications

    Energy Technology Data Exchange (ETDEWEB)

    Todd, A.M.M., E-mail: alan_todd@mail.aesys.net; Bluem, H.P.; Jarvis, J.D.; Park, J.H.; Rathke, J.W.; Schultheiss, T.J.

    2015-05-01

    Several Advanced Energy Systems (AES) accelerator projects that span applications in Discovery Science and Security are described. The design and performance of the IR and THz free electron laser (FEL) at the Fritz-Haber-Institut der Max-Planck-Gesellschaft in Berlin that is now an operating user facility for physical chemistry research in molecular and cluster spectroscopy as well as surface science, is highlighted. The device was designed to meet challenging specifications, including a final energy adjustable in the range of 15–50 MeV, low longitudinal emittance (<50 keV-psec) and transverse emittance (<20 π mm-mrad), at more than 200 pC bunch charge with a micropulse repetition rate of 1 GHz and a macropulse length of up to 15 μs. Secondly, we will describe an ongoing effort to develop an ultrafast electron diffraction (UED) source that is scheduled for completion in 2015 with prototype testing taking place at the Brookhaven National Laboratory (BNL) Accelerator Test Facility (ATF). This tabletop X-band system will find application in time-resolved chemical imaging and as a resource for drug–cell interaction analysis. A third active area at AES is accelerators for security applications where we will cover some top-level aspects of THz and X-ray systems that are under development and in testing for stand-off and portal detection.

  6. Accelerators for Discovery Science and Security applications

    International Nuclear Information System (INIS)

    Todd, A.M.M.; Bluem, H.P.; Jarvis, J.D.; Park, J.H.; Rathke, J.W.; Schultheiss, T.J.

    2015-01-01

    Several Advanced Energy Systems (AES) accelerator projects that span applications in Discovery Science and Security are described. The design and performance of the IR and THz free electron laser (FEL) at the Fritz-Haber-Institut der Max-Planck-Gesellschaft in Berlin that is now an operating user facility for physical chemistry research in molecular and cluster spectroscopy as well as surface science, is highlighted. The device was designed to meet challenging specifications, including a final energy adjustable in the range of 15–50 MeV, low longitudinal emittance (<50 keV-psec) and transverse emittance (<20 π mm-mrad), at more than 200 pC bunch charge with a micropulse repetition rate of 1 GHz and a macropulse length of up to 15 μs. Secondly, we will describe an ongoing effort to develop an ultrafast electron diffraction (UED) source that is scheduled for completion in 2015 with prototype testing taking place at the Brookhaven National Laboratory (BNL) Accelerator Test Facility (ATF). This tabletop X-band system will find application in time-resolved chemical imaging and as a resource for drug–cell interaction analysis. A third active area at AES is accelerators for security applications where we will cover some top-level aspects of THz and X-ray systems that are under development and in testing for stand-off and portal detection

  7. Security threads: effective security devices in the past, present, and future

    Science.gov (United States)

    Wolpert, Gary R.

    2002-04-01

    Security threads were first used to secure banknotes in the mid 1800's. The key to their anti-counterfeiting success was the fact that by being embedded in the paper, they became an integral part of the banknote substrate. Today, all major currencies still utilize this effective security feature. Technological developments have allowed security threads to evolve from a feature authenticated by only visual means to devices that incorporate both visual and machine detectable components. When viewed from the perspective of a thread being a carrier of various security technologies and the fact that they can be incorporated into the core substrate of banknotes, documents, labels, packaging and some high valued articles, it is clear that security threads will remain as effective security devices well into the future. This paper discusses a brief historical background of security threads, current visual and machine authentication technologies incorporated into threads today and a look to the future of threads as effective security devices.

  8. Guide to cloud computing for business and technology managers from distributed computing to cloudware applications

    CERN Document Server

    Kale, Vivek

    2014-01-01

    Guide to Cloud Computing for Business and Technology Managers: From Distributed Computing to Cloudware Applications unravels the mystery of cloud computing and explains how it can transform the operating contexts of business enterprises. It provides a clear understanding of what cloud computing really means, what it can do, and when it is practical to use. Addressing the primary management and operation concerns of cloudware, including performance, measurement, monitoring, and security, this pragmatic book:Introduces the enterprise applications integration (EAI) solutions that were a first ste

  9. Keystone Business Models for Network Security Processors

    Directory of Open Access Journals (Sweden)

    Arthur Low

    2013-07-01

    Full Text Available Network security processors are critical components of high-performance systems built for cybersecurity. Development of a network security processor requires multi-domain experience in semiconductors and complex software security applications, and multiple iterations of both software and hardware implementations. Limited by the business models in use today, such an arduous task can be undertaken only by large incumbent companies and government organizations. Neither the “fabless semiconductor” models nor the silicon intellectual-property licensing (“IP-licensing” models allow small technology companies to successfully compete. This article describes an alternative approach that produces an ongoing stream of novel network security processors for niche markets through continuous innovation by both large and small companies. This approach, referred to here as the "business ecosystem model for network security processors", includes a flexible and reconfigurable technology platform, a “keystone” business model for the company that maintains the platform architecture, and an extended ecosystem of companies that both contribute and share in the value created by innovation. New opportunities for business model innovation by participating companies are made possible by the ecosystem model. This ecosystem model builds on: i the lessons learned from the experience of the first author as a senior integrated circuit architect for providers of public-key cryptography solutions and as the owner of a semiconductor startup, and ii the latest scholarly research on technology entrepreneurship, business models, platforms, and business ecosystems. This article will be of interest to all technology entrepreneurs, but it will be of particular interest to owners of small companies that provide security solutions and to specialized security professionals seeking to launch their own companies.

  10. Technology applications bulletins

    International Nuclear Information System (INIS)

    Koncinski, W. Jr.

    1989-02-01

    Martin Marietta Energy Systems, Inc. (Energy Systems), operates five facilities for the US Department of Energy (DOE): the Oak Ridge National Laboratory (ORNL), which is a large, multidisciplinary research and development (R and D) center whose primary mission is energy research; the Oak Ridge Y-12 Plant, which engages in defense research, development, and production; and the uranium-enrichment plants at Oak Ridge; Paducah, Kentucky; and Portsmouth, Ohio. Much of the research carried out at these facilities is of interest to industry and to state or local governments. To make information about this research available, the Energy Systems Office of Technology Applications publishes brief descriptions of selected technologies and reports. These technology applications bulletins describe the new technology and inform the reader about how to obtain further information, gain access to technical resources, and initiate direct contact with Energy Systems researchers

  11. Blockchain Technology: A new secured Electronic Health Record System

    OpenAIRE

    Tamazirt , Lotfi; Alilat , Farid; Agoulmine , Nazim

    2018-01-01

    International audience; Nowadays, health systems are looking for effective ways to manage more patients in a shorter time, and to increase the quality of care through better coordination to provide quick, accurate and non-invasive diagnostics to patients. This paper aims to solve the dependence on trusted third parties by proposing a new management strategy, storage and security in a decentralized network through Blockchain technology. The proposed system also aims to offer a solution to help...

  12. Combining technologies - radiography and neutron based - for cargo security applications

    International Nuclear Information System (INIS)

    Gozani, T.; Liu, F.; Sivakumar, M.; Brown, D.

    2004-01-01

    Inspection of air and sea cargo has traditionally been done by X-ray systems of various energies relying on operators to analyze images looking for anomalies in the image of cargo that may signify a threat. This has shown only limited success in detecting explosives and other threats, which do not have any distinctive shapes. OSI Systems, through its subsidiaries Rapiscan and Ancore, has combined high-energy x-ray radiography with thermal neutron analysis (TNA) to create the combined system-''TNX''. The system provides automatic material specific detection of bulk threat items, like explosives, while furnishing the operator with a high-resolution image for weapons detection and also to identify anomalies for the TNA to inspect. Similarly the Pulsed Fast Neutron Analysis (PFNA) can be combined with high-energy x-ray to create a ''FNX'' system for both air and sea cargo applications. This enables the operator obtain a three dimensional image of the material composition of the cargo under inspection and remove the clutter from the image leaving only the potentially hazardous material(s) automatically while viewing a high resolution image for manifest verification and weapons. The current status of the technology will be discussed and data be presented

  13. Application of smart cards in physical and information security systems

    International Nuclear Information System (INIS)

    Dreifus, H.N.

    1988-01-01

    Smart Cards, integrated circuits embedded into credit cards, have been proposed for many computer and physical security applications. The cards have shown promise in improving both the security and monitoring of systems ranging from computer network identification through physical protection and access control. With the increasing computational power embedded within these cards, advanced encryption techniques such as public key cryptography can now be realized, enabling more sophisticated uses

  14. Computers, business, and security the new role for security

    CERN Document Server

    Schweitzer, James A

    1987-01-01

    Computers, Business, and Security: The New Role for Security addresses the professional security manager's responsibility to protect all business resources, with operating environments and high technology in mind. This book discusses the technological aspects of the total security programs.Organized into three parts encompassing 10 chapters, this book begins with an overview of how the developing information age is affecting business management, operations, and organization. This text then examines a number of vulnerabilities that arise in the process of using business computing and communicat

  15. Multimedia database retrieval technology and applications

    CERN Document Server

    Muneesawang, Paisarn; Guan, Ling

    2014-01-01

    This book explores multimedia applications that emerged from computer vision and machine learning technologies. These state-of-the-art applications include MPEG-7, interactive multimedia retrieval, multimodal fusion, annotation, and database re-ranking. The application-oriented approach maximizes reader understanding of this complex field. Established researchers explain the latest developments in multimedia database technology and offer a glimpse of future technologies. The authors emphasize the crucial role of innovation, inspiring users to develop new applications in multimedia technologies

  16. Development programs of cutting-edge technologies for measurement and detection of nuclear material for safeguards and security

    International Nuclear Information System (INIS)

    Seya, Michio; Wakabayashi, Shuji; Naoi, Yosuke; Ohkubo, Michiaki; Senzaki, Masao

    2011-01-01

    The Integrated Support Center for Nuclear Nonproliferation and Nuclear Security ('ISCN', hereafter) of Japan Atomic Energy Agency (JAEA) has development programs of cutting-edge technologies for measurement and detection of nuclear materials for nuclear safeguards and security, under the sponsorship of Japanese government (MEXT: Ministry of Education, Culture, Sports, Science and Technology). ISCN started development programs of the following technologies this year. (1) NRF (Nuclear Resonance Fluorescence) NDA technology using laser Compton scattering (LCS) gamma-rays, (2) Alternative to 3 He neutron detection technology using inorganic solid scintillator. ISCN is also going to conduct a demonstration test of a spent fuel Pu-NDA system that is to be developed by LANL (Los Alamos National Laboratory) using very sophisticated neutron measurement technologies, under JAEA/USDOE cooperation agreement. This presentation shows the above programs of ISCN. (author)

  17. Security Evolution.

    Science.gov (United States)

    De Patta, Joe

    2003-01-01

    Examines how to evaluate school security, begin making schools safe, secure schools without turning them into fortresses, and secure schools easily and affordably; the evolution of security systems into information technology systems; using schools' high-speed network lines; how one specific security system was developed; pros and cons of the…

  18. User Acceptance of Social Learning Systems in Higher Education: An Application of the Extended Technology Acceptance Model

    Science.gov (United States)

    Akman, Ibrahim; Turhan, Cigdem

    2017-01-01

    This study aims to explore the users' behaviour and acceptance of social media for learning in higher educational institutions with the help of the extended Technology Acceptance Model (TAM). TAM has been extended to investigate how ethical and security awareness of users affect the actual usage of social learning applications. For this purpose, a…

  19. Optical security based on near-field processes at the nanoscale

    International Nuclear Information System (INIS)

    Naruse, Makoto; Tate, Naoya; Ohtsu, Motoichi

    2012-01-01

    Optics has been playing crucial roles in security applications ranging from authentication and watermarks to anti-counterfeiting. However, since the fundamental physical principle involves optical far-fields, or propagating light, diffraction of light causes severe difficulties, for example in device scaling and system integration. Moreover, conventional security technologies in use today have been facing increasingly stringent demands to safeguard against threats such as counterfeiting of holograms, requiring innovative physical principles and technologies to overcome their limitations. Nanophotonics, which utilizes interactions between light and matter at the nanometer scale via optical near-field interactions, can break through the diffraction limit of conventional propagating light. Moreover, nanophotonics has some unique physical attributes, such as localized optical energy transfer and the hierarchical nature of optical near-field interactions, which pave the way for novel security functionalities. This paper reviews the physical principles and describes some experimental demonstrations of systems based on nanophotonics with respect to security applications such as tamper resistance against non-invasive and invasive attacks, hierarchical information retrieval, hierarchical holograms, authentication, and traceability. (paper)

  20. Security Optimization for Distributed Applications Oriented on Very Large Data Sets

    Directory of Open Access Journals (Sweden)

    Mihai DOINEA

    2010-01-01

    Full Text Available The paper presents the main characteristics of applications which are working with very large data sets and the issues related to security. First section addresses the optimization process and how it is approached when dealing with security. The second section describes the concept of very large datasets management while in the third section the risks related are identified and classified. Finally, a security optimization schema is presented with a cost-efficiency analysis upon its feasibility. Conclusions are drawn and future approaches are identified.

  1. Bio-inspiring cyber security and cloud services trends and innovations

    CERN Document Server

    Kim, Tai-Hoon; Kacprzyk, Janusz; Awad, Ali

    2014-01-01

    This volume presents recent research in cyber security, and reports how organizations can gain competitive advantages by applying the different security techniques in real-world scenarios. The volume provides reviews of cutting–edge technologies, algorithms, applications and insights for bio-inspiring cyber security-based systems. The book will be a valuable companion and comprehensive reference for both postgraduate and senior undergraduate students who are taking a course in cyber security. The volume is organized in self-contained chapters to provide greatest reading flexibility.  

  2. Information science and applications

    CERN Document Server

    2015-01-01

    This proceedings volume provides a snapshot of the latest issues encountered in technical convergence and convergences of security technology.  It explores how information science is core to most current research, industrial and commercial activities and consists of contributions covering topics including Ubiquitous Computing, Networks and Information Systems, Multimedia and Visualization, Middleware and Operating Systems, Security and Privacy, Data Mining and Artificial Intelligence, Software Engineering, and Web Technology.   The proceedings introduce the most recent information technology and ideas, applications and problems related to technology convergence, illustrated through case studies, and reviews converging existing security techniques.  Through this volume, readers will gain an understanding of the current state-of-the-art in information strategies and technologies of convergence security. The intended readership are researchers in academia, industry, and other research institutes focusing on ...

  3. Computer Security: How to succeed in software deployment

    CERN Multimedia

    Computer Security Team

    2014-01-01

    The summer student period has ended and we would like to congratulate all those who successfully accomplished their project! In particular, well done to those who managed to develop and deploy sophisticated web applications in the short summer season. Unfortunately, not all web applications made the final cut, moved into production and became visible on the Internet. We had to reject some... let me explain why.   Making a web application visible on the Internet requires an opening in the CERN outer perimeter firewall. Such a request is usually made through the CERN WebReq web interface. As standard procedure, the CERN Computer Security team reviews every request and performs a security assessment. This is where you, your supervisee and the Computer Security team all start to get frustrated. Many summer students delivered awesome web applications with great new functions and a good “look and feel” following precise use cases, using modern web technologies, dashboards, integr...

  4. Design of the XML Security System for Electronic Commerce Application

    Institute of Scientific and Technical Information of China (English)

    2003-01-01

    The invocation of World Wide Web (www) first triggered mass adoption of the Internet for public access to digital information exchanges across the globe. To get a big market on the Web, a special security infrastructure would need to be put into place transforming the wild-and-woolly Internet into a network with end-to-end protections. XML (extensible Markup Language) is widely accepted as powerful data representation standard for electronic documents, so a security mechanism for XML documents must be provided in the first place to secure electronic commerce over Internet. In this paper the authors design and implement a secure framework that provides XML signature function, XML Element-wise Encryption function, smart card based crypto API library and Public Key Infrastructure (PKI) security functions to achieve confidentiality, integrity, message authentication, and/or signer authentication services for XML documents and existing non-XML documents that are exchanged by Internet for E-commerce application.

  5. Microwave and millimeter-wave remote sensing for security applications

    CERN Document Server

    Nanzer, Jeffrey

    2012-01-01

    Microwave and millimeter-wave remote sensing techniques are fast becoming a necessity in many aspects of security as detection and classification of objects or intruders becomes more difficult. This groundbreaking resource offers you expert guidance in this burgeoning area. It provides you with a thorough treatment of the principles of microwave and millimeter-wave remote sensing for security applications, as well as practical coverage of the design of radiometer, radar, and imaging systems. You learn how to design active and passive sensors for intruder detection, concealed object detection,

  6. Microsoft Security Bible A Collection of Practical Security Techniques

    CERN Document Server

    Mullen, Timothy "Thor"

    2011-01-01

    Thor's Microsoft® Security Bible provides a "one-stop-shop" for Microsoft-related security techniques and procedures as applied to the typical deployment of a Microsoft-based infrastructure. The book contains detailed security concepts and methodologies described at every level: Server, Client, Organizational Structure, Platform-specific security options, application specific security (IIS, SQL, Active Directory, etc.) and also includes new, never-before-published security tools complete with source code. Detailed technical information on security processes for all major Microsoft applications

  7. UHF RFID technologies for identification and traceability

    CERN Document Server

    Laheurte, Jean-Marc; Paret, Dominique; Loussert, Christophe

    2014-01-01

    UHF Radio Frequency Identification (RFID) is an electronic tagging technology that allows an object, place or person to be automatically identified at a distance without a direct line-of-sight using a radio wave exchange. Applications include inventory tracking, prescription medication tracking and authentication, secure automobile keys, and access control for secure facilities. This book begins with an overview of UHF RFID challenges describing the applications, markets, trades and basic technologies. It follows this by highlighting the main features distinguishing UHF (860MHz-960MHz) and HF

  8. Computational Intelligence, Cyber Security and Computational Models

    CERN Document Server

    Anitha, R; Lekshmi, R; Kumar, M; Bonato, Anthony; Graña, Manuel

    2014-01-01

    This book contains cutting-edge research material presented by researchers, engineers, developers, and practitioners from academia and industry at the International Conference on Computational Intelligence, Cyber Security and Computational Models (ICC3) organized by PSG College of Technology, Coimbatore, India during December 19–21, 2013. The materials in the book include theory and applications for design, analysis, and modeling of computational intelligence and security. The book will be useful material for students, researchers, professionals, and academicians. It will help in understanding current research trends and findings and future scope of research in computational intelligence, cyber security, and computational models.

  9. Information Security Controls against Cross-Site Request Forgery Attacks on Software Applications of Automated Systems

    Science.gov (United States)

    Barabanov, A. V.; Markov, A. S.; Tsirlov, V. L.

    2018-05-01

    This paper presents statistical results and their consolidation, which were received in the study into security of various web-application against cross-site request forgery attacks. Some of the results were received in the study carried out within the framework of certification for compliance with information security requirements. The paper provides the results of consolidating information about the attack and protection measures, which are currently used by the developers of web-applications. It specifies results of the study, which demonstrate various distribution types: distribution of identified vulnerabilities as per the developer type (Russian and foreign), distribution of the security measures used in web-applications, distribution of the identified vulnerabilities as per the programming languages, data on the number of security measures that are used in the studied web-applications. The results of the study show that in most cases the developers of web-applications do not pay due attention to protection against cross-site request forgery attacks. The authors give recommendations to the developers that are planning to undergo a certification process for their software applications.

  10. 6 CFR 25.6 - Procedures for designation of qualified anti-terrorism technologies.

    Science.gov (United States)

    2010-01-01

    ...-terrorism technologies. 25.6 Section 25.6 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY REGULATIONS TO SUPPORT ANTI-TERRORISM BY FOSTERING EFFECTIVE TECHNOLOGIES § 25.6 Procedures for designation of qualified anti-terrorism technologies. (a) Application Procedure. Any person, firm or other...

  11. A Survey on Secure Wireless Body Area Networks

    Directory of Open Access Journals (Sweden)

    Shihong Zou

    2017-01-01

    Full Text Available Combining tiny sensors and wireless communication technology, wireless body area network (WBAN is one of the most promising fields. Wearable and implantable sensors are utilized for collecting the physiological data to achieve continuously monitoring of people’s physical conditions. However, due to the openness of wireless environment and the significance and privacy of people’s physiological data, WBAN is vulnerable to various attacks; thus, strict security mechanisms are required to enable a secure WBAN. In this article, we mainly focus on a survey on the security issues in WBAN, including securing internal communication in WBAN and securing communication between WBAN and external users. For each part, we discuss and identify the security goals to be achieved. Meanwhile, relevant security solutions in existing research on WBAN are presented and their applicability is analyzed.

  12. 8th International Conference on Information Science and Applications

    CERN Document Server

    Joukov, Nikolai

    2017-01-01

    This book contains selected papers from the 8th International Conference on Information Science and Applications (ICISA 2017) and provides a snapshot of the latest issues encountered in technical convergence and convergences of security technology. It explores how information science is core to most current research, industrial and commercial activities and consists of contributions covering topics including Ubiquitous Computing, Networks and Information Systems, Multimedia and Visualization, Middleware and Operating Systems, Security and Privacy, Data Mining and Artificial Intelligence, Software Engineering, and Web Technology. The proceedings introduce the most recent information technology and ideas, applications and problems related to technology convergence, illustrated through case studies, and reviews converging existing security techniques. Through this volume, readers will gain an understanding of the current state-of-the-art information strategies and technologies of convergence security.The intende...

  13. Alternative security

    International Nuclear Information System (INIS)

    Weston, B.H.

    1990-01-01

    This book contains the following chapters: The Military and Alternative Security: New Missions for Stable Conventional Security; Technology and Alternative Security: A Cherished Myth Expires; Law and Alternative Security: Toward a Just World Peace; Politics and Alternative Security: Toward a More Democratic, Therefore More Peaceful, World; Economics and Alternative Security: Toward a Peacekeeping International Economy; Psychology and Alternative Security: Needs, Perceptions, and Misperceptions; Religion and Alternative Security: A Prophetic Vision; and Toward Post-Nuclear Global Security: An Overview

  14. Photonics for safety and security

    CERN Document Server

    Mignani, Anna Grazia; Tajani, Antonella

    2014-01-01

    This volume aims to illustrate the state-of-the-art as well as the newest and latest applications of photonics in safety and security. The contributions from renowned and experienced Italian and international scientists, both from the academic and industrial community, present a multidisciplinary and comprehensive overview of this popular topic. The volume is self-contained and offers a broad survey of the various emerging technologies, as well as their applications in the real world. It spans from applications in cultural heritage, to environment, space, monitoring of coasts, quantum cryptogr

  15. PRINCIPLE OF THE ELECTRONIC EDUCATIONAL ENVIRONMENT SECURITY IN THE PROFESSIONAL TRAINING OF UNIVERSITY STUDENTS

    Directory of Open Access Journals (Sweden)

    Valery G. Tylets

    2017-12-01

    Full Text Available The article considers the problem of professional training of students in e-learning environment in accordance with the principle of security. The authors offer the essay technology of multiple difficulty levels. In the article the description of each level of technology proves its conformity to the positions of principle of security. The main methods of measurement performance were made by expert assessment and subjective scaling. The analysis of results of approbation of essay technology of multiple difficulty levels in the experimental sample showed an increase of objective and subjective indicators. Positive methodological and personal effects of the introduction of technology into the process of university education were identified, corresponding to the positions of principle of security. Methodical recommendations of application of technology were formulated.

  16. Summary Report for the Radiation Detection for Nuclear Security Summer School 2012

    Energy Technology Data Exchange (ETDEWEB)

    Runkle, Robert C.; Baciak, James E.; Stave, Jean A.

    2012-08-22

    The Pacific Northwest National Laboratory (PNNL) hosted students from across the United States at the inaugural Radiation Detection for Nuclear Security Summer School from June 11 – 22, 2012. The summer school provided students with a unique understanding of nuclear security challenges faced in the field and exposed them to the technical foundations, analyses, and insight that will be required by future leaders in technology development and implementation. The course heavily emphasized laboratory and field demonstrations including direct measurements of special nuclear material. The first week of the summer school focused on the foundational knowledge required by technology practitioners; the second week focused on contemporary applications. Student evaluations and feedback from student advisors indicates that the summer school achieved its objectives of 1) exposing students to the range of nuclear security applications for which radiation detection is necessary, 2) articulating the relevance of student research into the broader context, and 3) exciting students about the possibility of future careers in nuclear security.

  17. Pro Spring security

    CERN Document Server

    Scarioni, Carlo

    2013-01-01

    Security is a key element in the development of any non-trivial application. The Spring Security Framework provides a comprehensive set of functionalities to implement industry-standard authentication and authorization mechanisms for Java applications. Pro Spring Security will be a reference and advanced tutorial that will do the following: Guides you through the implementation of the security features for a Java web application by presenting consistent examples built from the ground-up. Demonstrates the different authentication and authorization methods to secure enterprise-level applications

  18. Nuclear security culture: a generic model for universal application

    International Nuclear Information System (INIS)

    Khripunov, I.

    2005-01-01

    Full text: Nuclear security culture found its way into professional parlance several years ago, but still lacks an agreed-upon definition and description. The February 2005 U.S.-Russian Joint Statement, issued at the presidential summit meeting in Bratislava, referred specifically to security culture, focusing renewed attention on the concept. Numerous speakers at the March 2005 International Atomic Energy Agency's (IAEA) international conference on nuclear security referred to security culture, but their visions and interpretations were often at odds with one another. Clearly, there is a need for a generic model of nuclear security culture with universal applicability. Internationally acceptable standards in this area would be invaluable for evaluation, comparison, cooperation, and assistance. They would also help international bodies better manage their relations with the nuclear sectors in various countries. This paper will develop such a model. It will use the IAEA definition of nuclear security, and then apply Edgar Schein's model of organizational culture to security culture at a generic nuclear facility. A cultural approach to physical protection involves determining what attitudes and beliefs need to be established in an organization, how these attitudes and beliefs manifest themselves in the behavior of assigned personnel, and how desirable attitudes and beliefs can be transcribed into formal working methods to produce good outcomes, i.e., effective protection. The security-culture mechanism I will propose is broken into four major units: facility leadership, proactive policies and procedures, personnel performance, and learning and professional improvement. The paper will amplify on the specific traits characteristic of each of these units. Security culture is not a panacea. In a time of mounting terrorist threats, it should nonetheless be looked upon as a necessary organizational tool that enhances the skills of nuclear personnel and ensures that

  19. Future Information Technology

    CERN Document Server

    Stojmenovic, Ivan; Choi, Min; Xhafa, Fatos; FutureTech 2013

    2014-01-01

    Future technology information technology stands for all of continuously evolving and converging information technologies, including digital convergence, multimedia convergence, intelligent applications, embedded systems, mobile and wireless communications, bio-inspired computing, grid and cloud computing, semantic web, user experience and HCI, security and trust computing and so on, for satisfying our ever-changing needs. In past twenty five years or so, Information Technology (IT) influenced and changed every aspect of our lives and our cultures. These proceedings foster the dissemination of state-of-the-art research in all future IT areas, including their models, services, and novel applications associated with their utilization.

  20. Risk, security and technology: governing football supporters in the twenty-first century

    NARCIS (Netherlands)

    Spaaij, R.

    2013-01-01

    This paper critically examines the security and risk management technologies that are being used to conduct and pre-empt the behaviour of football supporters. It is shown how, in the Netherlands, pre-emptive risk management in the governing of football supporters involves a dispersed and fragmented

  1. Security Engine Management of Router based on Security Policy

    OpenAIRE

    Su Hyung Jo; Ki Young Kim; Sang Ho Lee

    2007-01-01

    Security management has changed from the management of security equipments and useful interface to manager. It analyzes the whole security conditions of network and preserves the network services from attacks. Secure router technology has security functions, such as intrusion detection, IPsec(IP Security) and access control, are applied to legacy router for secure networking. It controls an unauthorized router access and detects an illegal network intrusion. This paper re...

  2. The Department of Energy's safeguards and security technology development program

    International Nuclear Information System (INIS)

    Smith, G.D.; Pocratsky, C.A.

    1995-01-01

    The US DOE has had a program that develops technologies to protect sensitive nuclear weapons facilities for more than thirty years. The mission of the program is overwhelmingly diverse, as it must be to protect an array of assets such as nuclear weapons, special nuclear material in various forms, components of nuclear weapons, and classified nuclear weapons design information. Considering that the nuclear weapons complex consists of dozens of facilities that are scattered all over the US, the technology development mission is very challenging. Complicating matters further is the ever uncertain future of the DOE. Some examples of dramatic Departmental mission changes that directly impact their security technology development program are given. A few development efforts are highlighted as examples of efforts currently being sponsored. They are: automated sensor testing devices to help reduce the requirement for personnel to enter vaults containing highly radioactive nuclear materials; a vehicle inspection portal to screen vehicles for hidden passengers, nuclear material, explosives, and other contraband; non-lead and short-range ammunition as an environmentally safe alternative to lead ammunition; a complex-wide visitor access control system to allow all DOE employees to travel to all sites with a commonly recognized credential; automated nuclear material monitoring technologies to provide assurance that material in storage has not been tampered with; laser radar as a potential solution to early warning deficiencies throughout the Department; performance testing standards for many security products to include an automated and consistent standard for assessing the quality of video; low temperature pyrotechnic smoke as a possible adversary delay mechanism; modular vaults to provide temporary protection for nuclear material during D and D activities, and a protection approach for restricted passage areas such as the volume above a tiled ceiling or within a crawl space

  3. The application of security provisions in accommodation facility – hotel

    OpenAIRE

    Rotbauer, Josef

    2010-01-01

    This thesis treats of security provisions, which hotels are using to protect health and property of accommodated persons. In the opening part is caught the progress of attendance and capacities of hotels in the Czech republic during a specific time period. The next chapter focuses on possible threats, which are imminent to hotels during the operation. The third part of the thesis solves particular methods of application of security provisions, these are verified in two concrete hotels in the ...

  4. Communications and information infrastructure security

    CERN Document Server

    Voeller, John G

    2014-01-01

    Communication and Information Systems Security features articles from the Wiley Handbook of Science and Technology for Homeland Security covering strategies for protecting the telecommunications sector, wireless security, advanced web based technology for emergency situations. Science and technology for critical infrastructure consequence mitigation are also discussed.

  5. Analysis on the security of cloud computing

    Science.gov (United States)

    He, Zhonglin; He, Yuhua

    2011-02-01

    Cloud computing is a new technology, which is the fusion of computer technology and Internet development. It will lead the revolution of IT and information field. However, in cloud computing data and application software is stored at large data centers, and the management of data and service is not completely trustable, resulting in safety problems, which is the difficult point to improve the quality of cloud service. This paper briefly introduces the concept of cloud computing. Considering the characteristics of cloud computing, it constructs the security architecture of cloud computing. At the same time, with an eye toward the security threats cloud computing faces, several corresponding strategies are provided from the aspect of cloud computing users and service providers.

  6. International Conference on Information Science and Applications

    CERN Document Server

    Joukov, Nikolai

    2016-01-01

    This book contains selected papers from the 7th International Conference on Information Science and Applications (ICISA 2016) and provides a snapshot of the latest issues encountered in technical convergence and convergences of security technology. It explores how information science is core to most current research, industrial and commercial activities and consists of contributions covering topics including Ubiquitous Computing, Networks and Information Systems, Multimedia and Visualization, Middleware and Operating Systems, Security and Privacy, Data Mining and Artificial Intelligence, Software Engineering, and Web Technology. The contributions describe the most recent developments in information technology and ideas, applications and problems related to technology convergence, illustrated through case studies, and reviews converging existing security techniques. Through this volume, readers will gain an understanding of the current state-of-the-art information strategies and technologies of convergence sec...

  7. 48 CFR 352.239-72 - Security requirements for Federal information technology resources.

    Science.gov (United States)

    2010-10-01

    ..., Security Self-Assessment Guide for Information Technology Systems and FIPS 200, on an annual basis. (C) HHS... basis, the Contractor shall provide to the Contracting Officer verification that the IT-SP remains valid... Contracting Officer verification that the IT-SC&A remains valid. Evidence of a valid system accreditation...

  8. Security Issues in Cross-Organizational Peer-to-Peer Applications and Some Solutions

    Science.gov (United States)

    Gupta, Ankur; Awasthi, Lalit K.

    Peer-to-Peer networks have been widely used for sharing millions of terabytes of content, for large-scale distributed computing and for a variety of other novel applications, due to their scalability and fault-tolerance. However, the scope of P2P networks has somehow been limited to individual computers connected to the internet. P2P networks are also notorious for blatant copyright violations and facilitating several kinds of security attacks. Businesses and large organizations have thus stayed away from deploying P2P applications citing security loopholes in P2P systems as the biggest reason for non-adoption. In theory P2P applications can help fulfill many organizational requirements such as collaboration and joint projects with other organizations, access to specialized computing infrastructure and finally accessing the specialized information/content and expert human knowledge available at other organizations. These potentially beneficial interactions necessitate that the research community attempt to alleviate the security shortcomings in P2P systems and ensure their acceptance and wide deployment. This research paper therefore examines the security issues prevalent in enabling cross-organizational P2P interactions and provides some technical insights into how some of these issues can be resolved.

  9. Technology development and applications at Fernald

    International Nuclear Information System (INIS)

    Pettit, P.J.; Skriba, M.C.; Warner, R.D.

    1995-01-01

    At the Fernald Environmental Management Project (FEMP) northwest of Cincinnati, Ohio, the U.S. Department of Energy and contractor Fernald Environmental Restoration Management Corporation (FERMCO) are aggressively pursuing both the development and the application of improved, innovative technology to the environmental restoration task. Application of emerging technologies is particularly challenging in a regulatory environment that places pressure on operational managers to develop and meet tight schedules. The regulatory and operational needs make close communication essential between technology developers and technology users (CERCLA/RCRA Unit managers). At Fernald this cooperation and communication has led, not only to the development and demonstration of new technologies with applications at other sites, but also to application of new technologies directly to the Fernald clean up. New technologies have been applied to improve environmental safety and health, improve the effectiveness of restoration efforts, and to cut restoration costs. The paper will describe successful efforts to develop and apply new technologies at the FEMP and will emphasize those technologies that have been applied and are planned for use in the clean up of this former uranium production facility

  10. Nuclear security education and training at Naif Arab University for Security Sciences

    International Nuclear Information System (INIS)

    Amjad Fataftah

    2009-01-01

    Naif Arab University for Security Sciences (NAUSS) was established in 1978 as an Arab institution specialized in security sciences to fulfill the needs of the Arab law enforcement agencies for an academic institution that promotes research in security sciences, offers graduate education programs and conduct short-term training courses, which should contribute to the prevention and control of crimes in the Arab world. NAUSS and the IAEA organized the first workshop on nuclear security on November, 2006, which aimed to explore and improve the nuclear security culture awareness through the definitions of the nuclear security main pillars, Prevention, Detection and Response. In addition, NAUSS and IAEA organized a very important training course on April, 2008 on combating nuclear terrorism titled P rotection against nuclear terrorism: Protection of radioactive sources . In the past two years, IAEA has put tremendous efforts to develop an education program in nuclear security, which may lead into Master's degree in nuclear security, where NAUSS helped in this project through the participation in the IAEA organized consultancy and technical meetings for the development of this program along with many other academic, security and law enfacement experts and lawyers from many different institution in the world. NAUSS and IAEA drafted a work plan for the next coming two years which should lead into the gradual implementation of these educational programs at NAUSS. NAUSS also continues to participate in several local conferences and symposiums related to the peaceful application of nuclear power in the gulf region, and the need for a human resources development programs to fulfill the scientific and security needs which will arise from building nuclear power plants. NAUSS participated in the International Symposium on the Peaceful Application of Nuclear Technology in the GCC countries, organized by King Abdulaziz University in the city of Jeddah, Saudi Arabia. Also NAUSS

  11. Two-photon polarization data storage in bacteriorhodopsin films and its potential use in security applications

    Energy Technology Data Exchange (ETDEWEB)

    Imhof, Martin; Hampp, Norbert, E-mail: hampp@staff.uni-marburg.de [Department of Chemistry, Material Sciences Center, University of Marburg, Hans-Meerwein-Str., D-35032 Marburg (Germany); Rhinow, Daniel [Max-Planck-Institute of Biophysics, Max-von-Laue-Straße 3, D-60438 Frankfurt (Germany)

    2014-02-24

    Bacteriorhodopsin (BR) films allow write-once-read-many recording of polarization data by a two-photon-absorption (TPA) process. The optical changes in BR films induced by the TPA recording were measured and the Müller matrix of a BR film was determined. A potential application of BR films in security technology is shown. Polarization data can be angle-selective retrieved with high signal-to-noise ratio. The BR film does not only carry optical information but serves also as a linear polarizer. This enables that polarization features recorded in BR films may be retrieved by merely using polarized light from a mobile phone display.

  12. Cyber Security in Industrial Control Systems and SCADA Applications: Modbus TCP Protocol Example

    Directory of Open Access Journals (Sweden)

    Erdal IRMAK

    2017-12-01

    Full Text Available Electrical energy generation, transmission and distribution systems are evaluated in terms of national security dimension and defined as critical infrastructures. Monitoring and controlling of these systems is provided by Industrial Control Systems (ICS or Supervisory Control and Data Acquisition (SCADA systems. According to the latest advances in communication and internet technology, ICS/SCADA systems have started to become integrated with these systems. As a result of this situation, current or existing vulnerabilities in information and communication technology affect to SCADA systems directly. Therefore, this paper focuses on the cyber security of ICS/SCADA systems. It has been proved that the lack of authentication detected in Modbus TCP protocol, one of the most used in ICS/SCADA systems, can be exploited. In order to solve this security issue, a software is developed using the Python programming language for blocking or mitigating the cyber attacks. The proposed solution is subjected to several tests and results show that the attacks can be prevented successfully. Thus, it is considered that the proposed work will contribute to the security of ICS/SCADA systems and the industrial protocols using for communicating these systems.

  13. Information technology as a tool for the Italian Institute of Social Security (INPS) in the management of social security and civil disability: Pro and cons.

    Science.gov (United States)

    Sammicheli, Michele; Scaglione, Marcella

    2018-01-01

    We examine, from a medical-legal perspective, the pro and cons of the information technology procedures that the Italian Institute of Social Security (INPS) has implemented to manage the provision of social disability assistance, meaning that separate from the payment of pension contributions, being welfare, anchored to an administrative requirement by way of the compulsory payment of a minimum social security contribution.

  14. Advances in chemical sensing technologies for VOCs in breath for security/threat assessment, illicit drug detection, and human trafficking activity.

    Science.gov (United States)

    Giannoukos, S; Agapiou, A; Taylor, S

    2018-01-17

    On-site chemical sensing of compounds associated with security and terrorist attacks is of worldwide interest. Other related bio-monitoring topics include identification of individuals posing a threat from illicit drugs, explosive manufacturing, as well as searching for victims of human trafficking and collapsed buildings. The current status of field analytical technologies is directed towards the detection and identification of vapours and volatile organic compounds (VOCs). Some VOCs are associated with exhaled breath, where research is moving from individual breath testing (volatilome) to cell breath (microbiome) and most recently to crowd breath metabolites (exposome). In this paper, an overview of field-deployable chemical screening technologies (both stand-alone and those with portable characteristics) is given with application to early detection and monitoring of human exposome in security operations. On-site systems employed in exhaled breath analysis, i.e. mass spectrometry (MS), optical spectroscopy and chemical sensors are reviewed. Categories of VOCs of interest include (a) VOCs in human breath associated with exposure to threat compounds, and (b) VOCs characteristic of, and associated with, human body odour (e.g. breath, sweat). The latter are relevant to human trafficking scenarios. New technological approaches in miniaturised detection and screening systems are also presented (e.g. non-scanning digital light processing linear ion trap MS (DLP-LIT-MS), nanoparticles, mid-infrared photo-acoustic spectroscopy and hyphenated technologies). Finally, the outlook for rapid and precise, real-time field detection of threat traces in exhaled breath is revealed and discussed.

  15. Fair Secure Computation with Reputation Assumptions in the Mobile Social Networks

    Directory of Open Access Journals (Sweden)

    Yilei Wang

    2015-01-01

    Full Text Available With the rapid development of mobile devices and wireless technologies, mobile social networks become increasingly available. People can implement many applications on the basis of mobile social networks. Secure computation, like exchanging information and file sharing, is one of such applications. Fairness in secure computation, which means that either all parties implement the application or none of them does, is deemed as an impossible task in traditional secure computation without mobile social networks. Here we regard the applications in mobile social networks as specific functions and stress on the achievement of fairness on these functions within mobile social networks in the presence of two rational parties. Rational parties value their utilities when they participate in secure computation protocol in mobile social networks. Therefore, we introduce reputation derived from mobile social networks into the utility definition such that rational parties have incentives to implement the applications for a higher utility. To the best of our knowledge, the protocol is the first fair secure computation in mobile social networks. Furthermore, it finishes within constant rounds and allows both parties to know the terminal round.

  16. 76 FR 36560 - Extension of Agency Information Collection Activity Under OMB Review: Security Threat Assessment...

    Science.gov (United States)

    2011-06-22

    .... The collection involves applicant submission of biometric and biographic information for TSA's... of Information Technology (OIT), TSA-11, Transportation Security Administration, 601 South 12th..., electronic, mechanical, or other technological collection techniques or other forms of information technology...

  17. Acceptance Factors Influencing Adoption of National Institute of Standards and Technology Information Security Standards: A Quantitative Study

    Science.gov (United States)

    Kiriakou, Charles M.

    2012-01-01

    Adoption of a comprehensive information security governance model and security controls is the best option organizations may have to protect their information assets and comply with regulatory requirements. Understanding acceptance factors of the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) comprehensive…

  18. Applications for radio-frequency identification technology in the perioperative setting.

    Science.gov (United States)

    Zhao, Tiyu; Zhang, Xiaoxiang; Zeng, Lili; Xia, Shuyan; Hinton, Antentor Othrell; Li, Xiuyun

    2014-06-01

    We implemented a two-year project to develop a security-gated management system for the perioperative setting using radio-frequency identification (RFID) technology to enhance the management efficiency of the OR. We installed RFID readers beside the entrances to the OR and changing areas to receive and process signals from the RFID tags that we sewed into surgical scrub attire and shoes. The system also required integrating automatic access control panels, computerized lockers, light-emitting diode (LED) information screens, wireless networks, and an information system. By doing this, we are able to control the flow of personnel and materials more effectively, reduce OR costs, optimize the registration and attire-changing process for personnel, and improve management efficiency. We also anticipate this system will improve patient safety by reducing the risk of surgical site infection. Application of security-gated management systems is an important and effective way to help ensure a clean, convenient, and safe management process to manage costs in the perioperative area and promote patient safety. Copyright © 2014 AORN, Inc. Published by Elsevier Inc. All rights reserved.

  19. Improving the Security of Internet Banking Applications by Using Multimodal Biometrics

    Directory of Open Access Journals (Sweden)

    Cătălin Lupu

    2015-03-01

    Full Text Available Online banking applications are used by more and more people all over the world. Most of the banks are providing these services to their customers. The authentication methods varies from the basic user and password to username and a onetime password (OTP generated by a virtual or a physical digipass. The common thing among authentication methods is that the login wepage is provided through a secure channel. Some banks have introduced (especially for testing purposes the authentication using common biometric characteristics, like fingerprint, voice or keystroke recognition. This paper will present some of the most common online banking authentication methods, together with basic biometric characteristics that could be used in these applications. The security in internet banking applications can be improved by using biometrics for the authentication process. Also, the authors have developed an application for authentication of users using fingerprint as the main characteristic, which will be presented at the end of this paper.

  20. Service oriented architecture governance tools within information security

    OpenAIRE

    2012-01-01

    M.Tech. Service Oriented Architecture has many advantages. For example, organisations can align business with Information Technology, reuse the developed functionality, reduce development and maintain cost for applications. Organisations adopt Service Oriented Architecture with the aim of automating and integrating business processes. However, it has information security vulnerabilities that should be considered. For example, applications exchange information across the Internet, where it ...

  1. Applications of superconducting bolometers in security imaging

    International Nuclear Information System (INIS)

    Luukanen, A; Leivo, M M; Rautiainen, A; Grönholm, M; Toivanen, H; Grönberg, L; Helistö, P; Mäyrä, A; Aikio, M; Luukanen, A; Grossman, E N

    2012-01-01

    Millimeter-wave (MMW) imaging systems are currently undergoing deployment World-wide for airport security screening applications. Security screening through MMW imaging is facilitated by the relatively good transmission of these wavelengths through common clothing materials. Given the long wavelength of operation (frequencies between 20 GHz to ∼ 100 GHz, corresponding to wavelengths between 1.5 cm and 3 mm), existing systems are suited for close-range imaging only due to substantial diffraction effects associated with practical aperture diameters. The present and arising security challenges call for systems that are capable of imaging concealed threat items at stand-off ranges beyond 5 meters at near video frame rates, requiring substantial increase in operating frequency in order to achieve useful spatial resolution. The construction of such imaging systems operating at several hundred GHz has been hindered by the lack of submm-wave low-noise amplifiers. In this paper we summarize our efforts in developing a submm-wave video camera which utilizes cryogenic antenna-coupled microbolometers as detectors. Whilst superconducting detectors impose the use of a cryogenic system, we argue that the resulting back-end complexity increase is a favorable trade-off compared to complex and expensive room temperature submm-wave LNAs both in performance and system cost.

  2. JWIG: Yet Another Framework for Maintainable and Secure Web Applications

    DEFF Research Database (Denmark)

    Møller, Anders; Schwarz, Mathias Romme

    2009-01-01

    Although numerous frameworks for web application programming have been developed in recent years, writing web applications remains a challenging task. Guided by a collection of classical design principles, we propose yet another framework. It is based on a simple but flexible server......-oriented architecture that coherently supports general aspects of modern web applications, including dynamic XML construction, session management, data persistence, caching, and authentication, but it also simplifies programming of server-push communication and integration of XHTML-based applications and XML-based web...... services.The resulting framework provides a novel foundation for developing maintainable and secure web applications....

  3. Supporting secure programming in web applications through interactive static analysis.

    Science.gov (United States)

    Zhu, Jun; Xie, Jing; Lipford, Heather Richter; Chu, Bill

    2014-07-01

    Many security incidents are caused by software developers' failure to adhere to secure programming practices. Static analysis tools have been used to detect software vulnerabilities. However, their wide usage by developers is limited by the special training required to write rules customized to application-specific logic. Our approach is interactive static analysis, to integrate static analysis into Integrated Development Environment (IDE) and provide in-situ secure programming support to help developers prevent vulnerabilities during code construction. No additional training is required nor are there any assumptions on ways programs are built. Our work is motivated in part by the observation that many vulnerabilities are introduced due to failure to practice secure programming by knowledgeable developers. We implemented a prototype interactive static analysis tool as a plug-in for Java in Eclipse. Our technical evaluation of our prototype detected multiple zero-day vulnerabilities in a large open source project. Our evaluations also suggest that false positives may be limited to a very small class of use cases.

  4. Microsoft Windows Security Essentials

    CERN Document Server

    Gibson, Darril

    2011-01-01

    Windows security concepts and technologies for IT beginners IT security can be a complex topic, especially for those new to the field of IT. This full-color book, with a focus on the Microsoft Technology Associate (MTA) program, offers a clear and easy-to-understand approach to Windows security risks and attacks for newcomers to the world of IT. By paring down to just the essentials, beginners gain a solid foundation of security concepts upon which more advanced topics and technologies can be built. This straightforward guide begins each chapter by laying out a list of topics to be discussed,

  5. Use of Computer-Generated Holograms in Security Hologram Applications

    Directory of Open Access Journals (Sweden)

    Bulanovs A.

    2016-10-01

    Full Text Available The article discusses the use of computer-generated holograms (CGHs for the application as one of the security features in the relief-phase protective holograms. An improved method of calculating CGHs is presented, based on ray-tracing approach in the case of interference of parallel rays.

  6. A protect solution for data security in mobile cloud storage

    Science.gov (United States)

    Yu, Xiaojun; Wen, Qiaoyan

    2013-03-01

    It is popular to access the cloud storage by mobile devices. However, this application suffer data security risk, especial the data leakage and privacy violate problem. This risk exists not only in cloud storage system, but also in mobile client platform. To reduce the security risk, this paper proposed a new security solution. It makes full use of the searchable encryption and trusted computing technology. Given the performance limit of the mobile devices, it proposes the trusted proxy based protection architecture. The design basic idea, deploy model and key flows are detailed. The analysis from the security and performance shows the advantage.

  7. Security implications and governance of cognitive neuroscience.

    Science.gov (United States)

    Kosal, Margaret E; Huang, Jonathan Y

    2015-01-01

    In recent years, significant efforts have been made toward elucidating the potential of the human brain. Spanning fields as disparate as psychology, biomedicine, computer science, mathematics, electrical engineering, and chemistry, research venturing into the growing domains of cognitive neuroscience and brain research has become fundamentally interdisciplinary. Among the most interesting and consequential applications to international security are the military and defense community's interests in the potential of cognitive neuroscience findings and technologies. In the United States, multiple governmental agencies are actively pursuing such endeavors, including the Department of Defense, which has invested over $3 billion in the last decade to conduct research on defense-related innovations. This study explores governance and security issues surrounding cognitive neuroscience research with regard to potential security-related applications and reports scientists' views on the role of researchers in these areas through a survey of over 200 active cognitive neuroscientists.

  8. 76 FR 39447 - J.P. Morgan Securities LLC, et al.; Notice of Application and Temporary Order

    Science.gov (United States)

    2011-07-06

    ... SECURITIES AND EXCHANGE COMMISSION [Release No. IC-29711; File No. 812-13914] J.P. Morgan... injunction entered against J.P. Morgan Securities LLC (``J.P. Morgan Securities'') on June 29, 2011 by the... order. Applicants: J.P. Morgan Securities; Bear Stearns Asset Management Inc. (``BSAM''); Bear Stearns...

  9. 78 FR 46622 - Application of Topaz Exchange, LLC for Registration as a National Securities Exchange; Findings...

    Science.gov (United States)

    2013-08-01

    ... Exchange, LLC for Registration as a National Securities Exchange; Findings, Opinion, and Order of the... Registration as a National Securities Exchange (``Form 1 Application'') \\1\\ under Section 6 of the Securities... substantive, are consistent with the existing rules of other registered national securities exchanges, or are...

  10. Additional Security Considerations for Grid Management

    Science.gov (United States)

    Eidson, Thomas M.

    2003-01-01

    The use of Grid computing environments is growing in popularity. A Grid computing environment is primarily a wide area network that encompasses multiple local area networks, where some of the local area networks are managed by different organizations. A Grid computing environment also includes common interfaces for distributed computing software so that the heterogeneous set of machines that make up the Grid can be used more easily. The other key feature of a Grid is that the distributed computing software includes appropriate security technology. The focus of most Grid software is on the security involved with application execution, file transfers, and other remote computing procedures. However, there are other important security issues related to the management of a Grid and the users who use that Grid. This note discusses these additional security issues and makes several suggestions as how they can be managed.

  11. Science, Technology, Engineering, and Mathematics (STEM) Education Reform to Enhance Security of the Global Cyberspace

    Science.gov (United States)

    2014-05-01

    towards cloud computing technologies and capabilities demand needs for developing new tools that work in ensemble to handle security challenges. A...programs with the schools and/or hire from their pool of students. Therefore, no real STEM standards exist at the tertiary and beyond levels of education ...successful in cyber operations and network security related jobs much early on into the new STEM education model pipeline. Subjects such as computer

  12. Cyber security for remote monitoring and control of small reactors

    Energy Technology Data Exchange (ETDEWEB)

    Trask, D., E-mail: dave.trask@cnl.ca [Atomic Energy of Canada Limited, Chalk River, ON (Canada); Jung, C. [Canadian Nuclear Safety Commission, Ottawa, ON (Canada); MacDonald, M., E-mail: marienna.macdonald@cnl.ca [Atomic Energy of Canada Limited, Chalk River, ON (Canada)

    2014-07-01

    There is growing international interest and activity in the development of small nuclear reactor technology with a number of vendors interested in building small reactors in Canada to serve remote locations. A common theme of small reactor designs proposed for remote Canadian locations is the concept of a centrally located main control centre operating several remotely located reactors via satellite communications. This theme was echoed at a recent IAEA conference where a recommendation was made to study I&C for remotely controlled small modular reactors, including satellite links and cyber security. This paper summarizes the results of an AECL-CNSC research project to analyze satellite communication technologies used for remote monitoring and control functions in order to provide cyber security regulatory considerations. The scope of this research included a basic survey of existing satellite communications technology and its use in industrial control applications, a brief history of satellite vulnerabilities and a broad review of over 50 standards, guidelines, and regulations from recognized institutions covering safety, cyber security, and industrial communication networks including wireless communications in general. This paper concludes that satellite communications should not be arbitrarily excluded by standards or regulation from use for the remote control and monitoring of small nuclear reactors. Instead, reliance should be placed on processes that are independent of any particular technology, such as reducing risks by applying control measures and demonstrating required reliability through good design practices and testing. Ultimately, it is compliance to well-developed standards that yields the evidence to conclude whether a particular application that uses satellite communications is safe and secure. (author)

  13. Cyber security for remote monitoring and control of small reactors

    International Nuclear Information System (INIS)

    Trask, D.; Jung, C.; MacDonald, M.

    2014-01-01

    There is growing international interest and activity in the development of small nuclear reactor technology with a number of vendors interested in building small reactors in Canada to serve remote locations. A common theme of small reactor designs proposed for remote Canadian locations is the concept of a centrally located main control centre operating several remotely located reactors via satellite communications. This theme was echoed at a recent IAEA conference where a recommendation was made to study I&C for remotely controlled small modular reactors, including satellite links and cyber security. This paper summarizes the results of an AECL-CNSC research project to analyze satellite communication technologies used for remote monitoring and control functions in order to provide cyber security regulatory considerations. The scope of this research included a basic survey of existing satellite communications technology and its use in industrial control applications, a brief history of satellite vulnerabilities and a broad review of over 50 standards, guidelines, and regulations from recognized institutions covering safety, cyber security, and industrial communication networks including wireless communications in general. This paper concludes that satellite communications should not be arbitrarily excluded by standards or regulation from use for the remote control and monitoring of small nuclear reactors. Instead, reliance should be placed on processes that are independent of any particular technology, such as reducing risks by applying control measures and demonstrating required reliability through good design practices and testing. Ultimately, it is compliance to well-developed standards that yields the evidence to conclude whether a particular application that uses satellite communications is safe and secure. (author)

  14. 77 FR 57072 - Proposed Information Collection; Comment Request; National Security and Critical Technology...

    Science.gov (United States)

    2012-09-17

    ..., DC 20230 (or via the Internet at [email protected] ). FOR FURTHER INFORMATION CONTACT: Requests for... techniques or other forms of information technology. Comments submitted in response to this notice will be... DEPARTMENT OF COMMERCE Bureau of Industry and Security Proposed Information Collection; Comment...

  15. Cooperative monitoring and its role in regional security

    Energy Technology Data Exchange (ETDEWEB)

    Biringer, K.; Olsen, J.; Lincoln, R.; Wehling, F. [and others

    1997-03-01

    Cooperative monitoring systems can play an important part in promoting the implementation of regional cooperative security agreements. These agreements advance the national security interests of the United States in a post Cold War environment. Regional issues as widely varying as nuclear nonproliferation, trade and environmental pollution can be the source of tensions which may escalate to armed conflict which could have global implications. The Office of National Security Policy Analysis at the US Department of Energy (DOE) has an interest in seeking ways to promote regional cooperation that can reduce the threats posed by regional conflict. DOE technologies and technical expertise can contribute to developing solutions to a wide variety of these international problems. Much of this DOE expertise has been developed in support of the US nuclear weapons and arms control missions. It is now being made available to other agencies and foreign governments in their search for regional security and cooperation. This report presents two examples of interest to DOE in which monitoring technologies could be employed to promote cooperation through experimentation. The two scenarios include nuclear transparency in Northeast Asia and environmental restoration in the Black Sea. Both offer the potential for the use of technology to promote regional cooperation. The issues associated with both of these monitoring applications are presented along with examples of appropriate monitoring technologies, potential experiments and potential DOE contributions to the scenarios.

  16. Dynamic reconfiguration of security policies in wireless sensor networks.

    Science.gov (United States)

    Pinto, Mónica; Gámez, Nadia; Fuentes, Lidia; Amor, Mercedes; Horcas, José Miguel; Ayala, Inmaculada

    2015-03-04

    Providing security and privacy to wireless sensor nodes (WSNs) is very challenging, due to the heterogeneity of sensor nodes and their limited capabilities in terms of energy, processing power and memory. The applications for these systems run in a myriad of sensors with different low-level programming abstractions, limited capabilities and different routing protocols. This means that applications for WSNs need mechanisms for self-adaptation and for self-protection based on the dynamic adaptation of the algorithms used to provide security. Dynamic software product lines (DSPLs) allow managing both variability and dynamic software adaptation, so they can be considered a key technology in successfully developing self-protected WSN applications. In this paper, we propose a self-protection solution for WSNs based on the combination of the INTER-TRUST security framework (a solution for the dynamic negotiation and deployment of security policies) and the FamiWare middleware (a DSPL approach to automatically configure and reconfigure instances of a middleware for WSNs).We evaluate our approach using a case study from the intelligent transportation system domain.

  17. Dynamic Reconfiguration of Security Policies in Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Mónica Pinto

    2015-03-01

    Full Text Available Providing security and privacy to wireless sensor nodes (WSNs is very challenging, due to the heterogeneity of sensor nodes and their limited capabilities in terms of energy, processing power and memory. The applications for these systems run in a myriad of sensors with different low-level programming abstractions, limited capabilities and different routing protocols. This means that applications for WSNs need mechanisms for self-adaptation and for self-protection based on the dynamic adaptation of the algorithms used to provide security. Dynamic software product lines (DSPLs allow managing both variability and dynamic software adaptation, so they can be considered a key technology in successfully developing self-protected WSN applications. In this paper, we propose a self-protection solution for WSNs based on the combination of the INTER-TRUST security framework (a solution for the dynamic negotiation and deployment of security policies and the FamiWare middleware (a DSPL approach to automatically configure and reconfigure instances of a middleware for WSNs.We evaluate our approach using a case study from the intelligent transportation system domain.

  18. Secure E-Business applications based on the European Citizen Card

    Science.gov (United States)

    Zipfel, Christian; Daum, Henning; Meister, Gisela

    The introduction of ID cards enhanced with electronic authentication services opens up the possibility to use these for identification and authentication in e-business applications. To avoid incompatible national solutions, the specification of the European Citizen Card aims at defining interoperable services for such use cases. Especially the given device authentication methods can help to eliminate security problems with current e-business and online banking applications.

  19. An ethernet/IP security review with intrusion detection applications

    International Nuclear Information System (INIS)

    Laughter, S. A.; Williams, R. D.

    2006-01-01

    Supervisory Control and Data Acquisition (SCADA) and automation networks, used throughout utility and manufacturing applications, have their own specific set of operational and security requirements when compared to corporate networks. The modern climate of heightened national security and awareness of terrorist threats has made the security of these systems of prime concern. There is a need to understand the vulnerabilities of these systems and how to monitor and protect them. Ethernet/IP is a member of a family of protocols based on the Control and Information Protocol (CIP). Ethernet/IP allows automation systems to be utilized on and integrated with traditional TCP/IP networks, facilitating integration of these networks with corporate systems and even the Internet. A review of the CIP protocol and the additions Ethernet/IP makes to it has been done to reveal the kind of attacks made possible through the protocol. A set of rules for the SNORT Intrusion Detection software is developed based on the results of the security review. These can be used to monitor, and possibly actively protect, a SCADA or automation network that utilizes Ethernet/IP in its infrastructure. (authors)

  20. Study of Security Attributes of Smart Grid Systems- Current Cyber Security Issues

    Energy Technology Data Exchange (ETDEWEB)

    Wayne F. Boyer; Scott A. McBride

    2009-04-01

    This document provides information for a report to congress on Smart Grid security as required by Section 1309 of Title XIII of the Energy Independence and Security Act of 2007. The security of any future Smart Grid is dependent on successfully addressing the cyber security issues associated with the nation’s current power grid. Smart Grid will utilize numerous legacy systems and technologies that are currently installed. Therefore, known vulnerabilities in these legacy systems must be remediated and associated risks mitigated in order to increase the security and success of the Smart Grid. The implementation of Smart Grid will include the deployment of many new technologies and multiple communication infrastructures. This report describes the main technologies that support Smart Grid and summarizes the status of implementation into the existing U.S. electrical infrastructure.