WorldWideScience

Sample records for security test center

  1. Current status of international training center for nuclear security and security issues in Korea

    International Nuclear Information System (INIS)

    Lee, Jong-UK; Sin, Byung Woo

    2013-01-01

    During the 2010 Nuclear Security Summit (NSS) President Lee declared that Korea will establish an international training center (ITC) for nuclear security near the Korea Institute of Nuclear Nonproliferation and Control (KINAC). It will be open to the world in 2014. The government's long term goal is to make the center a hub for education and training in the nuclear field in Asia. The ITC will accomplish this by establishing facilities for practical and realistic exercises through the use of a test bed and various other experiments. The center will also provide comprehensive educational programs for nuclear newcomers. Its main programs include: a well designed educational program, customized training courses, and on-the-job training. This paper will discuss the current status of the ITC and describe practical plans for solving current security issues in Korea. (authors)

  2. Center for computer security: Computer Security Group conference. Summary

    Energy Technology Data Exchange (ETDEWEB)

    None

    1982-06-01

    Topics covered include: computer security management; detection and prevention of computer misuse; certification and accreditation; protection of computer security, perspective from a program office; risk analysis; secure accreditation systems; data base security; implementing R and D; key notarization system; DOD computer security center; the Sandia experience; inspector general's report; and backup and contingency planning. (GHT)

  3. A layered approach to user-centered security

    DEFF Research Database (Denmark)

    Bødker, Susanne

    2008-01-01

    The workshop will explore the possibilities of a user-centered perspective on security. With exceptions, existing research may be criticized for being highly system-centered, focusing on how one may change user behavior to deal with the requirements of security, or on how security aspects can...

  4. Center for Homeland Defense and Security Homeland Security Affairs Journal

    OpenAIRE

    2015-01-01

    Homeland Security Affairs is the peer-reviewed online journal of the Center for Homeland Defense and Security (CHDS). The journal provides a forum to propose and debate strategies, policies and organizational arrangements to strengthen U.S. homeland security.

  5. Chemical Security Analysis Center

    Data.gov (United States)

    Federal Laboratory Consortium — In 2006, by Presidential Directive, DHS established the Chemical Security Analysis Center (CSAC) to identify and assess chemical threats and vulnerabilities in the...

  6. Trainer module for security control center operations

    International Nuclear Information System (INIS)

    Bernard, E.A.

    1982-01-01

    An operator trainer module has been developed to be used with the security control center equipment to be installed as part of a safeguards physical protection system. The module is designed to provide improved training and testing capabilities for control center operators through the use of simulations for perimeter equipment operations. Operators, through the trainer module, can be challenged with a variety of realistic situations which require responsive action identical to that needed in an actual system. This permits a consistent evaluation and confirmation of operator capabilities prior to assignment as an operator and allows for periodic retesting to verify that adequate performance levels are maintained

  7. Integrated Support Center for Nuclear Nonproliferation and Security

    International Nuclear Information System (INIS)

    Kimura, Naohito; Naoi, Yosuke

    2010-01-01

    In April 2010, at the Nuclear Security Summit, Japan demonstrated its commitment to the strengthening of nuclear non-proliferation and nuclear security and announced the establishment of the Integrated Comprehensive Support Center for Nuclear Non-proliferation and Nuclear Security in the Japan Atomic Energy Agency (JAEA), under the guidance and authority of the Ministry of Education, Culture, Sports and Science and Technology (MEXT), and in cooperation with other ministries. The goal of the Center is to strengthen nuclear non-proliferation and security in emerging nuclear power countries by sharing Japan's accumulated experiences in its peaceful use of nuclear energy. To achieve its goal, the Center serves three functions: (1) human resource and capacity building, (2) infrastructure development and technical assistance and (3) international coordination and cooperation. The Center will offer three types of training courses to strengthen human resources and capacity building in emerging nuclear power countries. In the Training Course on Nuclear Security, the participants will learn the design and evaluation process for physical protection and detection of and response to illegal or unauthorized acts related to nuclear materials. They will learn these issues not only through lectures and training but also using mockup facilities and virtual reality systems. Second, in the Training Course on Safeguards and State System of Accounting for and Control of Nuclear Material (SSAC), the Center will teach the experience of advanced safeguards activities in Japan for its full-scale nuclear fuel cycle facilities as a non-nuclear weapon state. The participants will learn the IAEA and national safeguards systems, the material accounting system and inspector activities. Third, in the Training on the International Nuclear Nonproliferation Framework, the participants will learn the international framework of nuclear non-proliferation including the IAEA safeguards system and

  8. Anatomy of a Security Operations Center

    Science.gov (United States)

    Wang, John

    2010-01-01

    Many agencies and corporations are either contemplating or in the process of building a cyber Security Operations Center (SOC). Those Agencies that have established SOCs are most likely working on major revisions or enhancements to existing capabilities. As principle developers of the NASA SOC; this Presenters' goals are to provide the GFIRST community with examples of some of the key building blocks of an Agency scale cyber Security Operations Center. This presentation viII include the inputs and outputs, the facilities or shell, as well as the internal components and the processes necessary to maintain the SOC's subsistence - in other words, the anatomy of a SOC. Details to be presented include the SOC architecture and its key components: Tier 1 Call Center, data entry, and incident triage; Tier 2 monitoring, incident handling and tracking; Tier 3 computer forensics, malware analysis, and reverse engineering; Incident Management System; Threat Management System; SOC Portal; Log Aggregation and Security Incident Management (SIM) systems; flow monitoring; IDS; etc. Specific processes and methodologies discussed include Incident States and associated Work Elements; the Incident Management Workflow Process; Cyber Threat Risk Assessment methodology; and Incident Taxonomy. The Evolution of the Cyber Security Operations Center viII be discussed; starting from reactive, to proactive, and finally to proactive. Finally, the resources necessary to establish an Agency scale SOC as well as the lessons learned in the process of standing up a SOC viII be presented.

  9. Computer-Based Testing: Test Site Security.

    Science.gov (United States)

    Rosen, Gerald A.

    Computer-based testing places great burdens on all involved parties to ensure test security. A task analysis of test site security might identify the areas of protecting the test, protecting the data, and protecting the environment as essential issues in test security. Protecting the test involves transmission of the examinations, identifying the…

  10. Model-Based Security Testing

    Directory of Open Access Journals (Sweden)

    Ina Schieferdecker

    2012-02-01

    Full Text Available Security testing aims at validating software system requirements related to security properties like confidentiality, integrity, authentication, authorization, availability, and non-repudiation. Although security testing techniques are available for many years, there has been little approaches that allow for specification of test cases at a higher level of abstraction, for enabling guidance on test identification and specification as well as for automated test generation. Model-based security testing (MBST is a relatively new field and especially dedicated to the systematic and efficient specification and documentation of security test objectives, security test cases and test suites, as well as to their automated or semi-automated generation. In particular, the combination of security modelling and test generation approaches is still a challenge in research and of high interest for industrial applications. MBST includes e.g. security functional testing, model-based fuzzing, risk- and threat-oriented testing, and the usage of security test patterns. This paper provides a survey on MBST techniques and the related models as well as samples of new methods and tools that are under development in the European ITEA2-project DIAMONDS.

  11. CENTER FOR CYBER SECURITY STUDIES

    Data.gov (United States)

    Federal Laboratory Consortium — The mission of the Center for Cyber Security Studies is to enhance the education of midshipmen in all areas of cyber warfare, to facilitate the sharing of expertise...

  12. Model-based security testing

    OpenAIRE

    Schieferdecker, Ina; Großmann, Jürgen; Schneider, Martin

    2012-01-01

    Security testing aims at validating software system requirements related to security properties like confidentiality, integrity, authentication, authorization, availability, and non-repudiation. Although security testing techniques are available for many years, there has been little approaches that allow for specification of test cases at a higher level of abstraction, for enabling guidance on test identification and specification as well as for automated test generation. Model-based security...

  13. Classification of Security Operation Centers

    CSIR Research Space (South Africa)

    Jacobs, P

    2013-08-01

    Full Text Available Security Operation Centers (SOCs) are a necessary service for organisations that want to address compliance and threat management. While there are frameworks in existence that addresses the technology aspects of these services, a holistic framework...

  14. System security in the space flight operations center

    Science.gov (United States)

    Wagner, David A.

    1988-01-01

    The Space Flight Operations Center is a networked system of workstation-class computers that will provide ground support for NASA's next generation of deep-space missions. The author recounts the development of the SFOC system security policy and discusses the various management and technology issues involved. Particular attention is given to risk assessment, security plan development, security implications of design requirements, automatic safeguards, and procedural safeguards.

  15. Center for Coastline Security Technology, Year-2

    National Research Council Canada - National Science Library

    Glegg, Stewart; Glenn, William; Furht, Borko; Beaujean, P. P; Frisk, G; Schock, S; VonEllenrieder, K; Ananthakrishnan, P; An, E; Granata, R

    2007-01-01

    ...), the Imaging Technology Center, the Department of Computer Science and Engineering, and the University Consortium for Intermodal Transportation Safety and Security at Florida Atlantic University...

  16. 76 FR 1521 - Security Zone: Fleet Industrial Supply Center Pier, San Diego, CA

    Science.gov (United States)

    2011-01-11

    ...-AA87 Security Zone: Fleet Industrial Supply Center Pier, San Diego, CA AGENCY: Coast Guard, DHS. ACTION... Diego, CA. The existing security zone is around the former Fleet Industrial Supply Center Pier. The security zone encompasses all navigable waters within 100 feet of the former Fleet Industrial Supply Center...

  17. Proactive Security Testing and Fuzzing

    Science.gov (United States)

    Takanen, Ari

    Software is bound to have security critical flaws, and no testing or code auditing can ensure that software is flaw-less. But software security testing requirements have improved radically during the past years, largely due to criticism from security conscious consumers and Enterprise customers. Whereas in the past, security flaws were taken for granted (and patches were quietly and humbly installed), they now are probably one of the most common reasons why people switch vendors or software providers. The maintenance costs from security updates often add to become one of the biggest cost items to large Enterprise users. Fortunately test automation techniques have also improved. Techniques like model-based testing (MBT) enable efficient generation of security tests that reach good confidence levels in discovering zero-day mistakes in software. This technique is called fuzzing.

  18. Safety and Environment- Masterplan 2020 of DLR's Rocket Test Center Lampoldhausen

    Science.gov (United States)

    Haberzettl, Andreas; Dommers, Michael

    2013-09-01

    The German Aerospace Center DLR is the German research institute with approximately 7000 employees in 16 domestic locations. Among the research priorities of the German Aerospace Center DLR includes aerospace, energy and transport. DLR is institutionally supported by federal and state governments.Next funding sources arise in the context of third-party funds business (contract research and public contracts and subsidiaries). Main activities of the test center Lampoldshausen are testing of ARIANE's main and upper stage engines in the frame of ESA contracts.In the last years the test center of the DLR in Lampoldshausen has grown strongly, so that the number of employees is actually of about 230. The testing department is mainly responsible for rocket combustion testing according to customer requirements.Two kinds of test facilities are operated, sea level test benches and the altitude simulation test facilities.In addition to the DLR's growth also the activities of the industrial partner ASTRIUM has been elevated so that actually nearly 600 employees are present on site Lampoldshausen.The management of the site in relation to safety and security requires special measures with special respect to the presence of more people inside the testing area in order to guarantee trouble-free and safe experimental operation onsite the DLR's test plants. In order to meet with the future needs of continuing growth, the security and safety requirements have to be adopted.This report gives comprehensive outlook information about future possible scenarios of our coming tasks.Main driving force for future requests is the evolution of the rocket ARIANE. The testing of the new upper stage test facility for ARIANE 5 midlife evolution has been started. A new test position P5.2 is foreseen to perform the qualification of the new upper stage with the VINCI engine. This project will be very complex, in parallel running operation processes will require special procedures related to the overall

  19. (Congressional Interest) Network Information and Space Security Center

    Science.gov (United States)

    2011-09-30

    Zagreb , Croatia (City of Zagreb funding). Conducted three days of meetings with City/University of Zagreb , Croatia officials to structure terms for a...partnership with UCCS. In the short-term, UCCS will develop and deliver several courses in homeland security and assist the University of Zagreb in... Zagreb in maturing the Center of Excellence and designing, developing and delivering masters and doctoral degrees in homeland security. Hosted a group of

  20. Video calls from lay bystanders to dispatch centers - risk assessment of information security.

    Science.gov (United States)

    Bolle, Stein R; Hasvold, Per; Henriksen, Eva

    2011-09-30

    Video calls from mobile phones can improve communication during medical emergencies. Lay bystanders can be instructed and supervised by health professionals at Emergency Medical Communication Centers. Before implementation of video mobile calls in emergencies, issues of information security should be addressed. Information security was assessed for risk, based on the information security standard ISO/IEC 27005:2008. A multi-professional team used structured brainstorming to find threats to the information security aspects confidentiality, quality, integrity, and availability. Twenty security threats of different risk levels were identified and analyzed. Solutions were proposed to reduce the risk level. Given proper implementation, we found no risks to information security that would advocate against the use of video calls between lay bystanders and Emergency Medical Communication Centers. The identified threats should be used as input to formal requirements when planning and implementing video calls from mobile phones for these call centers.

  1. A framework for cyber security test

    International Nuclear Information System (INIS)

    Han, Kyungsoo; Song, Jaegu; Jung, Sungmin; Lee, Jungwoon; Lee, Cheolkwon

    2014-01-01

    The person in charge of I and C cyber security must not only perform real-time security inspections but also have the capabilities for performing vulnerability scanning and penetration testing, in order for vulnerability assessment. Vulnerability scanning and penetration testing are intended to find vulnerabilities in a digital system in order to make it more secure, and to determine whether it is vulnerable to attacks. In the IT sector, automated vulnerability scanning and penetration testing tools are being developed and continually researched. However, for a NPP I and C systems in which the method of communication is mixed (TCP/IP and serial), it is difficult to use the existing tools. This paper describes the penetration test framework for the IT sector, which is one of the cyber security test methods available. It concludes by discussing the need to develop a new penetration method for performing cyber security testing for NPP I and C systems, as well as the need for the NPP I and C test-bed. Security vulnerabilities need to be identified and continuously managed through vulnerability scans and assessments. For known vulnerabilities, the vulnerabilities of the target system can be periodically managed via a vulnerability database. These activities such as fuzzing, penetration testing, etc. must not affect the availability or the integrity of the NPP I and C systems. It is desired that a NPP I and C cyber security test-bad environment that exactly models the actual system must be first constructed and then penetration testing done

  2. A framework for cyber security test

    Energy Technology Data Exchange (ETDEWEB)

    Han, Kyungsoo; Song, Jaegu; Jung, Sungmin; Lee, Jungwoon; Lee, Cheolkwon [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

    2014-05-15

    The person in charge of I and C cyber security must not only perform real-time security inspections but also have the capabilities for performing vulnerability scanning and penetration testing, in order for vulnerability assessment. Vulnerability scanning and penetration testing are intended to find vulnerabilities in a digital system in order to make it more secure, and to determine whether it is vulnerable to attacks. In the IT sector, automated vulnerability scanning and penetration testing tools are being developed and continually researched. However, for a NPP I and C systems in which the method of communication is mixed (TCP/IP and serial), it is difficult to use the existing tools. This paper describes the penetration test framework for the IT sector, which is one of the cyber security test methods available. It concludes by discussing the need to develop a new penetration method for performing cyber security testing for NPP I and C systems, as well as the need for the NPP I and C test-bed. Security vulnerabilities need to be identified and continuously managed through vulnerability scans and assessments. For known vulnerabilities, the vulnerabilities of the target system can be periodically managed via a vulnerability database. These activities such as fuzzing, penetration testing, etc. must not affect the availability or the integrity of the NPP I and C systems. It is desired that a NPP I and C cyber security test-bad environment that exactly models the actual system must be first constructed and then penetration testing done.

  3. Cyber Security Testing and Training Programs for Industrial Control Systems

    Energy Technology Data Exchange (ETDEWEB)

    Daniel Noyes

    2012-03-01

    Service providers rely on industrial control systems (ICS) to manage the flow of water at dams, open breakers on power grids, control ventilation and cooling in nuclear power plants, and more. In today's interconnected environment, this can present a serious cyber security challenge. To combat this growing challenge, government, private industry, and academia are working together to reduce cyber risks. The Idaho National Laboratory (INL) is a key contributor to the Department of Energy National SCADA Test Bed (NSTB) and the Department of Homeland Security (DHS) Control Systems Security Program (CSSP), both of which focus on improving the overall security posture of ICS in the national critical infrastructure. In support of the NSTB, INL hosts a dedicated SCADA testing facility which consists of multiple control systems supplied by leading national and international manufacturers. Within the test bed, INL researchers systematically examine control system components and work to identify vulnerabilities. In support of the CSSP, INL develops and conducts training courses which are designed to increase awareness and defensive capabilities for IT/Control System professionals. These trainings vary from web-based cyber security trainings for control systems engineers to more advanced hands-on training that culminates with a Red Team/ Blue Team exercise that is conducted within an actual control systems environment. INL also provides staffing and operational support to the DHS Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) Security Operations Center which responds to and analyzes control systems cyber incidents across the 18 US critical infrastructure sectors.

  4. Carboy Security Testing and Training Programs for Industrial Control Systems

    International Nuclear Information System (INIS)

    Noyes, Daniel

    2012-01-01

    Service providers rely on industrial control systems (ICS) to manage the flow of water at dams, open breakers on power grids, control ventilation and cooling in nuclear power plants, and more. In today's interconnected environment, this can present a serious cyber security challenge. To combat this growing challenge, government, private industry, and academia are working together to reduce cyber risks. The Idaho National Laboratory (INL) is a key contributor to the Department of Energy National SCADA Test Bed (NSTB) and the Department of Homeland Security (DHS) Control Systems Security Program (CSSP), both of which focus on improving the overall security posture of ICS in the national critical infrastructure. In support of the NSTB, INL hosts a dedicated SCADA testing facility which consists of multiple control systems supplied by leading national and international manufacturers. Within the test bed, INL researchers systematically examine control system components and work to identify vulnerabilities. In support of the CSSP, INL develops and conducts training courses which are designed to increase awareness and defensive capabilities for IT/Control System professionals. These training vary from web-based cyber security training for control systems engineers to more advanced hands-on training that culminates with a Red Team/Blue Team exercise that is conducted within an actual control systems environment. INL also provides staffing and operational support to the DHS Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) Security Operations Center which responds to and analyzes control systems cyber incidents across the 18 US critical infrastructure sectors

  5. Cyber Security Testing and Training Programs for Industrial Control Systems

    International Nuclear Information System (INIS)

    Noyes, Daniel

    2012-01-01

    Service providers rely on industrial control systems (ICS) to manage the flow of water at dams, open breakers on power grids, control ventilation and cooling in nuclear power plants, and more. In today's interconnected environment, this can present a serious cyber security challenge. To combat this growing challenge, government, private industry, and academia are working together to reduce cyber risks. The Idaho National Laboratory (INL) is a key contributor to the Department of Energy National SCADA Test Bed (NSTB) and the Department of Homeland Security (DHS) Control Systems Security Program (CSSP), both of which focus on improving the overall security posture of ICS in the national critical infrastructure. In support of the NSTB, INL hosts a dedicated SCADA testing facility which consists of multiple control systems supplied by leading national and international manufacturers. Within the test bed, INL researchers systematically examine control system components and work to identify vulnerabilities. In support of the CSSP, INL develops and conducts training courses which are designed to increase awareness and defensive capabilities for IT/Control System professionals. These trainings vary from web-based cyber security trainings for control systems engineers to more advanced hands-on training that culminates with a Red Team/ Blue Team exercise that is conducted within an actual control systems environment. INL also provides staffing and operational support to the DHS Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) Security Operations Center which responds to and analyzes control systems cyber incidents across the 18 US critical infrastructure sectors.

  6. Carboy Security Testing and Training Programs for Industrial Control Systems

    Energy Technology Data Exchange (ETDEWEB)

    Noyes, Daniel [Idaho National Laboratory, Idaho (United States)

    2012-03-15

    Service providers rely on industrial control systems (ICS) to manage the flow of water at dams, open breakers on power grids, control ventilation and cooling in nuclear power plants, and more. In today's interconnected environment, this can present a serious cyber security challenge. To combat this growing challenge, government, private industry, and academia are working together to reduce cyber risks. The Idaho National Laboratory (INL) is a key contributor to the Department of Energy National SCADA Test Bed (NSTB) and the Department of Homeland Security (DHS) Control Systems Security Program (CSSP), both of which focus on improving the overall security posture of ICS in the national critical infrastructure. In support of the NSTB, INL hosts a dedicated SCADA testing facility which consists of multiple control systems supplied by leading national and international manufacturers. Within the test bed, INL researchers systematically examine control system components and work to identify vulnerabilities. In support of the CSSP, INL develops and conducts training courses which are designed to increase awareness and defensive capabilities for IT/Control System professionals. These training vary from web-based cyber security training for control systems engineers to more advanced hands-on training that culminates with a Red Team/Blue Team exercise that is conducted within an actual control systems environment. INL also provides staffing and operational support to the DHS Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) Security Operations Center which responds to and analyzes control systems cyber incidents across the 18 US critical infrastructure sectors.

  7. Plan for radiological security at a university health center

    International Nuclear Information System (INIS)

    Huiaman Mendoza, G.M.; Sanchez Riojas, M.M.; Felix JImenez, D.

    1998-01-01

    This work shows a radiological security plan applied to a Basic Radiological Service at a university health center. Factors taken into account were installation designs, equipment operation parameters, work procedures, image system and responsibilities

  8. Security Testing Handbook for Banking Applications

    CERN Document Server

    Doraiswamy, Arvind; Kapoor, Nilesh

    2009-01-01

    Security Testing Handbook for Banking Applications is a specialised guide to testing a wide range of banking applications. The book is intended as a companion to security professionals, software developers and QA professionals who work with banking applications.

  9. 33 CFR 165.1121 - Security Zone: Fleet Supply Center Industrial Pier, San Diego, CA.

    Science.gov (United States)

    2010-07-01

    ... Guard District § 165.1121 Security Zone: Fleet Supply Center Industrial Pier, San Diego, CA. (a... 33 Navigation and Navigable Waters 2 2010-07-01 2010-07-01 false Security Zone: Fleet Supply Center Industrial Pier, San Diego, CA. 165.1121 Section 165.1121 Navigation and Navigable Waters COAST...

  10. VIRTUAL COGNITIVE CENTERS AS INTELLIGENT SYSTEMS FOR MANAGEMENT INFORMATION SUPPORT OF REGIONAL SECURITY

    Directory of Open Access Journals (Sweden)

    A. V. Masloboev

    2014-03-01

    Full Text Available The paper deals with engineering problems and application perspectives of virtual cognitive centers as intelligent systems for information support of interagency activities in the field of complex security management of regional development. A research prototype of virtual cognitive center for regional security management in crisis situations, implemented as hybrid cloud service based on IaaS architectural framework with the usage of multi-agent and web-service technologies has been developed. Virtual cognitive center is a training simulator software system and is intended for solving on the basis of distributed simulation such problems as: strategic planning and forecasting of risk-sustainable development of regional socioeconomic systems, agents of management interaction specification synthesis for regional components security in different crisis situations within the planning stage of joint anti-crisis actions.

  11. Control and Non-Payload Communications (CNPC) Prototype Radio - Generation 2 Security Architecture Lab Test Report

    Science.gov (United States)

    Iannicca, Dennis C.; McKim, James H.; Stewart, David H.; Thadhani, Suresh K.; Young, Daniel P.

    2015-01-01

    NASA Glenn Research Center, in cooperation with Rockwell Collins, is working to develop a prototype Control and Non-Payload Communications (CNPC) radio platform as part of NASA Integrated Systems Research Program's (ISRP) Unmanned Aircraft Systems (UAS) Integration in the National Airspace System (NAS) project. A primary focus of the project is to work with the FAA and industry standards bodies to build and demonstrate a safe, secure, and efficient CNPC architecture that can be used by industry to evaluate the feasibility of deploying a system using these technologies in an operational capacity. GRC has been working in conjunction with these groups to assess threats, identify security requirements, and to develop a system of standards-based security controls that can be applied to the current GRC prototype CNPC architecture as a demonstration platform. The security controls were integrated into a lab test bed mock-up of the Mobile IPv6 architecture currently being used for NASA flight testing, and a series of network tests were conducted to evaluate the security overhead of the controls compared to the baseline CNPC link without any security. The aim of testing was to evaluate the performance impact of the additional security control overhead when added to the Mobile IPv6 architecture in various modes of operation. The statistics collected included packet captures at points along the path to gauge packet size as the sample data traversed the CNPC network, round trip latency, jitter, and throughput. The effort involved a series of tests of the baseline link, a link with Robust Header Compression (ROHC) and without security controls, a link with security controls and without ROHC, and finally a link with both ROHC and security controls enabled. The effort demonstrated that ROHC is both desirable and necessary to offset the additional expected overhead of applying security controls to the CNPC link.

  12. Implementation Support of Security Design Patterns Using Test Templates

    Directory of Open Access Journals (Sweden)

    Masatoshi Yoshizawa

    2016-06-01

    Full Text Available Security patterns are intended to support software developers as the patterns encapsulate security expert knowledge. However, these patterns may be inappropriately applied because most developers are not security experts, leading to threats and vulnerabilities. Here we propose a support method for security design patterns in the implementation phase of software development. Our method creates a test template from a security design pattern, consisting of an “aspect test template” to observe the internal processing and a “test case template”. Providing design information creates a test from the test template with a tool. Because our test template is reusable, it can easily perform a test to validate a security design pattern. In an experiment involving four students majoring in information sciences, we confirm that our method can realize an effective test, verify pattern applications, and support pattern implementation.

  13. Control and Non-Payload Communications (CNPC) Prototype Radio - Generation 2 Security Flight Test Report

    Science.gov (United States)

    Iannicca, Dennis C.; Ishac, Joseph A.; Shalkhauser, Kurt A.

    2015-01-01

    NASA Glenn Research Center (GRC), in cooperation with Rockwell Collins, is working to develop a prototype Control and Non-Payload Communications (CNPC) radio platform as part of NASA Integrated Systems Research Program's (ISRP) Unmanned Aircraft Systems (UAS) Integration in the National Airspace System (NAS) project. A primary focus of the project is to work with the Federal Aviation Administration (FAA) and industry standards bodies to build and demonstrate a safe, secure, and efficient CNPC architecture that can be used by industry to evaluate the feasibility of deploying a system using these technologies in an operational capacity. GRC has been working in conjunction with these groups to assess threats, identify security requirements, and to develop a system of standards-based security controls that can be applied to the GRC prototype CNPC architecture as a demonstration platform. The proposed security controls were integrated into the GRC flight test system aboard our S-3B Viking surrogate aircraft and several network tests were conducted during a flight on November 15th, 2014 to determine whether the controls were working properly within the flight environment. The flight test was also the first to integrate Robust Header Compression (ROHC) as a means of reducing the additional overhead introduced by the security controls and Mobile IPv6. The effort demonstrated the complete end-to-end secure CNPC link in a relevant flight environment.

  14. The National Criticality Experiments Research Center at the Device Assembly Facility, Nevada National Security Site: Status and Capabilities, Summary Report

    International Nuclear Information System (INIS)

    Bragg-Sitton, S.; Bess, J.; Werner, J.

    2011-01-01

    The National Criticality Experiments Research Center (NCERC) was officially opened on August 29, 2011. Located within the Device Assembly Facility (DAF) at the Nevada National Security Site (NNSS), the NCERC has become a consolidation facility within the United States for critical configuration testing, particularly those involving highly enriched uranium (HEU). The DAF is a Department of Energy (DOE) owned facility that is operated by the National Nuclear Security Agency/Nevada Site Office (NNSA/NSO). User laboratories include the Lawrence Livermore National Laboratory (LLNL) and Los Alamos National Laboratory (LANL). Personnel bring their home lab qualifications and procedures with them to the DAF, such that non-site specific training need not be repeated to conduct work at DAF. The NNSS Management and Operating contractor is National Security Technologies, LLC (NSTec) and the NNSS Safeguards and Security contractor is Wackenhut Services. The complete report provides an overview and status of the available laboratories and test bays at NCERC, available test materials and test support configurations, and test requirements and limitations for performing sub-critical and critical tests. The current summary provides a brief summary of the facility status and the method by which experiments may be introduced to NCERC.

  15. TOP 01-1-011B Vehicle Test Facilities at Aberdeen Test Center and Yuma Test Center

    Science.gov (United States)

    2017-12-12

    Test Center 400 Colleran Road Aberdeen Proving Ground, MD 21005-5059 U.S. Army Yuma Proving Ground Yuma Test Center 301 C. Street Yuma, AZ...22 2.6 Munson Test Area (MTA) ..................................................... 24 2.7 Land Vehicle Maintenance Facility...127 3.6 Maintenance Facilities ........................................................... 143

  16. Security Considerations and Recommendations in Computer-Based Testing

    Directory of Open Access Journals (Sweden)

    Saleh M. Al-Saleem

    2014-01-01

    Full Text Available Many organizations and institutions around the globe are moving or planning to move their paper-and-pencil based testing to computer-based testing (CBT. However, this conversion will not be the best option for all kinds of exams and it will require significant resources. These resources may include the preparation of item banks, methods for test delivery, procedures for test administration, and last but not least test security. Security aspects may include but are not limited to the identification and authentication of examinee, the risks that are associated with cheating on the exam, and the procedures related to test delivery to the examinee. This paper will mainly investigate the security considerations associated with CBT and will provide some recommendations for the security of these kinds of tests. We will also propose a palm-based biometric authentication system incorporated with basic authentication system (username/password in order to check the identity and authenticity of the examinee.

  17. Security considerations and recommendations in computer-based testing.

    Science.gov (United States)

    Al-Saleem, Saleh M; Ullah, Hanif

    2014-01-01

    Many organizations and institutions around the globe are moving or planning to move their paper-and-pencil based testing to computer-based testing (CBT). However, this conversion will not be the best option for all kinds of exams and it will require significant resources. These resources may include the preparation of item banks, methods for test delivery, procedures for test administration, and last but not least test security. Security aspects may include but are not limited to the identification and authentication of examinee, the risks that are associated with cheating on the exam, and the procedures related to test delivery to the examinee. This paper will mainly investigate the security considerations associated with CBT and will provide some recommendations for the security of these kinds of tests. We will also propose a palm-based biometric authentication system incorporated with basic authentication system (username/password) in order to check the identity and authenticity of the examinee.

  18. Health information security: a case study of three selected medical centers in iran.

    Science.gov (United States)

    Hajrahimi, Nafiseh; Dehaghani, Sayed Mehdi Hejazi; Sheikhtaheri, Abbas

    2013-03-01

    Health Information System (HIS) is considered a unique factor in improving the quality of health care activities and cost reduction, but today with the development of information technology and use of internet and computer networks, patients' electronic records and health information systems have become a source for hackers. This study aims at checking health information security of three selected medical centers in Iran using AHP fuzzy and TOPSIS compound model. To achieve that security measures were identified, based on the research literature and decision making matrix using experts' points of view. Among the 27 indicators, seven indicators were selected as effective indicators and Fuzzy AHP technique was used to determine the importance of security indicators. Based on the comparisons made between the three selected medical centers to assess the security of health information, it is concluded that Chamran hospital has the most acceptable level of security and attention in three indicators of "verification and system design, user access management, access control system", Al Zahra Hospital in two indicators of "access management and network access control" and Amin Hospital in "equipment safety and system design". In terms of information security, Chamran Hospital ranked first, Al-Zahra Hospital ranked second and Al- Zahra hospital has the third place.

  19. The Immorality of Test Security.

    Science.gov (United States)

    Wiggins, Grant

    1994-01-01

    Argues that test security in student testing is an immoral, inefficient practice rooted in medieval views of the teacher-student relationship. Secrecy practices involving testing should be scrutinized carefully and minimized through the use of explicit principles--an Assessment Bill of Rights--that put students' rights on par with the testmaker's…

  20. Good practices in provision of nuclear safeguards and security training courses at the Integrated Support Center for Nuclear Nonproliferation and Nuclear Security

    Directory of Open Access Journals (Sweden)

    Kobayashi Naoki

    2017-01-01

    Full Text Available More than five years have passed since the Integrated Support Center for Nuclear Nonproliferation and Nuclear Security (ISCN was established under the Japan Atomic Energy Agency (JAEA in December 2010 and started its activities, in response to the commitment of Japan at the Nuclear Security Summit in Washington D.C.. The ISCN has been vigorously involved in capacity building assistance on nuclear nonproliferation (safeguards and nuclear security, mainly in the Asian region. It has provided 105 training courses to 2901 participants in total as of August 2016. The ISCN plays a major role in strengthening nuclear nonproliferation and nuclear security in the region, and this can be considered one of the great results of the Nuclear Security Summit process. The ISCN has cooperated with the US Department of Energy/National Nuclear Security Administration (DOE/NNSA and Sandia National Laboratories (SNL to establish a base of instructors, particularly for the Center's flagship two-week courses, the Regional Training Course on Physical Protection of Nuclear Material and Facilities (RTC on PP and the Regional Training Course on State Systems of Accounting for and Control of Nuclear Material (RTC on SSAC. Furthermore, the ISCN has provided training courses for experts in Japan, making the best use of the Center's knowledge and experience of organizing international courses. The ISCN has also started joint synchronized training with the Joint Research Centre of the European Commission (EC JRC on nuclear safeguards. This paper describes the good practices at the ISCN through its five years of activities, focusing on its progress in nuclear safeguards and nuclear security training.

  1. Vehicle Test Facilities at Aberdeen Test Center and Yuma Test Center

    Science.gov (United States)

    2012-02-27

    fiber optic and bi-directional microwave telemetry links that provide high speed data transfer and real-time test control, and secure, single...Patton Hilly Trails is a 4.2 km (2.6 mi) loop course situated on a Basalt Hill Range site which is located on a series of relic beach terraces. The...Mountain and consists of primarily stretches of very cobbled surface interspersed with rock outcrops and bedrock. The course terrain is basalt hills

  2. IMIRSEL: a secure music retrieval testing environment

    Science.gov (United States)

    Downie, John S.

    2004-10-01

    The Music Information Retrieval (MIR) and Music Digital Library (MDL) research communities have long noted the need for formal evaluation mechanisms. Issues concerning the unavailability of freely-available music materials have greatly hindered the creation of standardized test collections with which these communities could scientifically assess the strengths and weaknesses of their various music retrieval techniques. The International Music Information Retrieval Systems Evaluation Laboratory (IMIRSEL) is being developed at the University of Illinois at Urbana-Champaign (UIUC) specifically to overcome this hindrance to the scientific evaluation of MIR/MDL systems. Together with its subsidiary Human Use of Music Information Retrieval Systems (HUMIRS) project, IMIRSEL will allow MIR/MDL researchers access to the standardized large-scale collection of copyright-sensitive music materials and standardized test queries being housed at UIUC's National Center for Supercomputing Applications (NCSA). Virtual Research Labs (VRL), based upon NCSA's Data-to-Knowledge (D2K) tool set, are being developed through which MIR/MDL researchers will interact with the music materials under a "trusted code" security model.

  3. The Johnson Space Center Management Information Systems (JSCMIS). 1: Requirements Definition and Design Specifications for Versions 2.1 and 2.1.1. 2: Documented Test Scenario Environments. 3: Security Design and Specifications

    Science.gov (United States)

    1986-01-01

    The Johnson Space Center Management Information System (JSCMIS) is an interface to computer data bases at NASA Johnson which allows an authorized user to browse and retrieve information from a variety of sources with minimum effort. This issue gives requirements definition and design specifications for versions 2.1 and 2.1.1, along with documented test scenario environments, and security object design and specifications.

  4. Control System Applicable Use Assessment of the Secure Computing Corporation - Secure Firewall (Sidewinder)

    Energy Technology Data Exchange (ETDEWEB)

    Hadley, Mark D.; Clements, Samuel L.

    2009-01-01

    Battelle’s National Security & Defense objective is, “applying unmatched expertise and unique facilities to deliver homeland security solutions. From detection and protection against weapons of mass destruction to emergency preparedness/response and protection of critical infrastructure, we are working with industry and government to integrate policy, operational, technological, and logistical parameters that will secure a safe future”. In an ongoing effort to meet this mission, engagements with industry that are intended to improve operational and technical attributes of commercial solutions that are related to national security initiatives are necessary. This necessity will ensure that capabilities for protecting critical infrastructure assets are considered by commercial entities in their development, design, and deployment lifecycles thus addressing the alignment of identified deficiencies and improvements needed to support national cyber security initiatives. The Secure Firewall (Sidewinder) appliance by Secure Computing was assessed for applicable use in critical infrastructure control system environments, such as electric power, nuclear and other facilities containing critical systems that require augmented protection from cyber threat. The testing was performed in the Pacific Northwest National Laboratory’s (PNNL) Electric Infrastructure Operations Center (EIOC). The Secure Firewall was tested in a network configuration that emulates a typical control center network and then evaluated. A number of observations and recommendations are included in this report relating to features currently included in the Secure Firewall that support critical infrastructure security needs.

  5. Engineer Research and Development Center's Materials Testing Center (MTC)

    Data.gov (United States)

    Federal Laboratory Consortium — The Engineer Research and Development Center's Materials Testing Center (MTC) is committed to quality testing and inspection services that are delivered on time and...

  6. A model based security testing method for protocol implementation.

    Science.gov (United States)

    Fu, Yu Long; Xin, Xiao Long

    2014-01-01

    The security of protocol implementation is important and hard to be verified. Since the penetration testing is usually based on the experience of the security tester and the specific protocol specifications, a formal and automatic verification method is always required. In this paper, we propose an extended model of IOLTS to describe the legal roles and intruders of security protocol implementations, and then combine them together to generate the suitable test cases to verify the security of protocol implementation.

  7. Wireless Network Penetration Testing and Security Auditing

    Directory of Open Access Journals (Sweden)

    Wang Shao-Long

    2016-01-01

    Full Text Available IEEE802.11 wireless wireless networks have security issues that are vulnerable to a variety of attacks. Due to using radio to transport data, attackers can bypass firewalls, sniff sensitive information, intercept packets and send malicious packets. Security auditing and penetration testing is expected to ensure wireless networks security. The contributions of this work are analyzed the vulnerability and types of attacks pertaining to IEEE 802.11 WLAN, performed well known attacks in a laboratory environment to conduct penetration tests to confirm whether our wireless network is hackable or not. WAIDPS is configured as auditing tool to view wireless attacks, such as WEP/WPA/WPA2 cracking, rouge access points, denial of service attack. WAIDPS is designed to detect wireless intrusion with additional features. Penetration testing and auditing will mitigate the risk and threatening to protect WALN.

  8. Electrolysis activities at FCH Test Center

    DEFF Research Database (Denmark)

    Ravn Nielsen, Eva; Nygaard, Frederik Berg

    FCH Test Center for fuel cell and hydrogen technologies was established in 2010 at Risø DTU in Denmark. Today, the test center is part of DTU Energy Conversion. The center gives industry access to advanced testing and demonstration of components and systems. A number of national projects and EU...... projects regarding water electrolysis involve FCH Test Center as a partner. This presentation gives an overview of the activities....

  9. A Secure Test Technique for Pipelined Advanced Encryption Standard

    Science.gov (United States)

    Shi, Youhua; Togawa, Nozomu; Yanagisawa, Masao; Ohtsuki, Tatsuo

    In this paper, we presented a Design-for-Secure-Test (DFST) technique for pipelined AES to guarantee both the security and the test quality during testing. Unlike previous works, the proposed method can keep all the secrets inside and provide high test quality and fault diagnosis ability as well. Furthermore, the proposed DFST technique can significantly reduce test application time, test data volume, and test generation effort as additional benefits.

  10. Strategies for online test security.

    Science.gov (United States)

    Hart, Leigh; Morgan, Lesley

    2009-01-01

    As online courses continue to increase, maintaining academic integrity in student evaluation is a challenge. The authors review several strategies, with varying degrees of cost and technology, to improve test security in the online classroom.

  11. A guide for developing an ADP security plan for Navy Finance Center, Cleveland, Ohio

    OpenAIRE

    Barber, Daniel E.; Hodnett, Elwood Thomas, Jr.

    1982-01-01

    Approved for public release; distribution is unlimited This paper is intended to be used as a guide by personnel at the Navy Finance Center (NFC) Cleveland, Ohio in developing an Automatic Data Processing (ADP) Security Plan. An effort has been made to combine the requirements for an ADP security plan established by OPNAVINST5239.1A with pertinent information from other selected readings. The importance of the devotion of personnel, time and funds to ADP security planning has been emphas...

  12. BackTrack testing wireless network security

    CERN Document Server

    Cardwell, Kevin

    2013-01-01

    Written in an easy-to-follow step-by-step format, you will be able to get started in next to no time with minimal effort and zero fuss.BackTrack: Testing Wireless Network Security is for anyone who has an interest in security and who wants to know more about wireless networks.All you need is some experience with networks and computers and you will be ready to go.

  13. A Design Methodology for Computer Security Testing

    OpenAIRE

    Ramilli, Marco

    2013-01-01

    The field of "computer security" is often considered something in between Art and Science. This is partly due to the lack of widely agreed and standardized methodologies to evaluate the degree of the security of a system. This dissertation intends to contribute to this area by investigating the most common security testing strategies applied nowadays and by proposing an enhanced methodology that may be effectively applied to different threat scenarios with the same degree of effectiveness. ...

  14. 78 FR 16471 - National Cybersecurity Center of Excellence (NCCoE) Secure Exchange of Electronic Health...

    Science.gov (United States)

    2013-03-15

    ...-02] National Cybersecurity Center of Excellence (NCCoE) Secure Exchange of Electronic Health...) National Cybersecurity Center of Excellence (NCCoE) invited organizations to provide products and technical.... companies to enter into ``National Cybersecurity Excellence Partnerships'' (NCEPs) in furtherance of the...

  15. Mastering wireless penetration testing for highly secured environments

    CERN Document Server

    Johns, Aaron

    2015-01-01

    This book is intended for security professionals who want to enhance their wireless penetration testing skills and knowledge. Since this book covers advanced techniques, you will need some previous experience in computer security and networking.

  16. Test Control Center (TCC)

    Data.gov (United States)

    Federal Laboratory Consortium — The Test Control Center (TCC) provides a consolidated facility for planning, coordinating, controlling, monitoring, and analyzing distributed test events. ,The TCC...

  17. On Security Management: Improving Energy Efficiency, Decreasing Negative Environmental Impact, and Reducing Financial Costs for Data Centers

    Directory of Open Access Journals (Sweden)

    Katarzyna Mazur

    2015-01-01

    Full Text Available Security management is one of the most significant issues in nowadays data centers. Selection of appropriate security mechanisms and effective energy consumption management together with caring for the environment enforces a profound analysis of the considered system. In this paper, we propose a specialized decision support system with a multilevel, comprehensive analysis scheme. As a result of the extensive use of mathematical methods and statistics, guidelines and indicators returned by the proposed approach facilitate the decision-making process and conserve decision-maker’s time and attention. In the paper we utilized proposed multilevel analysis scheme to manage security-based data flow in the example data center. Determining the most secure, energy-efficient, environmental friendly security mechanisms, we implemented the role-based access control method in Quality of Protection Modeling Language (QoP-ML and evaluated its performance in terms of mentioned factors.

  18. CORBASec Used to Secure Distributed Aerospace Propulsion Simulations

    Science.gov (United States)

    Blaser, Tammy M.

    2003-01-01

    The NASA Glenn Research Center and its industry partners are developing a Common Object Request Broker (CORBA) Security (CORBASec) test bed to secure their distributed aerospace propulsion simulations. Glenn has been working with its aerospace propulsion industry partners to deploy the Numerical Propulsion System Simulation (NPSS) object-based technology. NPSS is a program focused on reducing the cost and time in developing aerospace propulsion engines. It was developed by Glenn and is being managed by the NASA Ames Research Center as the lead center reporting directly to NASA Headquarters' Aerospace Technology Enterprise. Glenn is an active domain member of the Object Management Group: an open membership, not-for-profit consortium that produces and manages computer industry specifications (i.e., CORBA) for interoperable enterprise applications. When NPSS is deployed, it will assemble a distributed aerospace propulsion simulation scenario from proprietary analytical CORBA servers and execute them with security afforded by the CORBASec implementation. The NPSS CORBASec test bed was initially developed with the TPBroker Security Service product (Hitachi Computer Products (America), Inc., Waltham, MA) using the Object Request Broker (ORB), which is based on the TPBroker Basic Object Adaptor, and using NPSS software across different firewall products. The test bed has been migrated to the Portable Object Adaptor architecture using the Hitachi Security Service product based on the VisiBroker 4.x ORB (Borland, Scotts Valley, CA) and on the Orbix 2000 ORB (Dublin, Ireland, with U.S. headquarters in Waltham, MA). Glenn, GE Aircraft Engines, and Pratt & Whitney Aircraft are the initial industry partners contributing to the NPSS CORBASec test bed. The test bed uses Security SecurID (RSA Security Inc., Bedford, MA) two-factor token-based authentication together with Hitachi Security Service digital-certificate-based authentication to validate the various NPSS users. The test

  19. Kali Linux assuring security by penetration testing

    CERN Document Server

    Ali, Shakeel; Allen, Lee

    2014-01-01

    Written as an interactive tutorial, this book covers the core of Kali Linux with real-world examples and step-by-step instructions to provide professional guidelines and recommendations for you. The book is designed in a simple and intuitive manner that allows you to explore the whole Kali Linux testing process or study parts of it individually.If you are an IT security professional who has a basic knowledge of Unix/Linux operating systems, including an awareness of information security factors, and want to use Kali Linux for penetration testing, then this book is for you.

  20. Secure data exchange between intelligent devices and computing centers

    Science.gov (United States)

    Naqvi, Syed; Riguidel, Michel

    2005-03-01

    The advent of reliable spontaneous networking technologies (commonly known as wireless ad-hoc networks) has ostensibly raised stakes for the conception of computing intensive environments using intelligent devices as their interface with the external world. These smart devices are used as data gateways for the computing units. These devices are employed in highly volatile environments where the secure exchange of data between these devices and their computing centers is of paramount importance. Moreover, their mission critical applications require dependable measures against the attacks like denial of service (DoS), eavesdropping, masquerading, etc. In this paper, we propose a mechanism to assure reliable data exchange between an intelligent environment composed of smart devices and distributed computing units collectively called 'computational grid'. The notion of infosphere is used to define a digital space made up of a persistent and a volatile asset in an often indefinite geographical space. We study different infospheres and present general evolutions and issues in the security of such technology-rich and intelligent environments. It is beyond any doubt that these environments will likely face a proliferation of users, applications, networked devices, and their interactions on a scale never experienced before. It would be better to build in the ability to uniformly deal with these systems. As a solution, we propose a concept of virtualization of security services. We try to solve the difficult problems of implementation and maintenance of trust on the one hand, and those of security management in heterogeneous infrastructure on the other hand.

  1. On distributed key distribution centers and unconditionally secure proactive verifiable secret sharing schemes based on general access structure

    NARCIS (Netherlands)

    Nikov, V.S.; Nikova, S.I.; Preneel, B.; Vandewalle, J.; Menezes, A.; Sarkar, P.

    2002-01-01

    A Key Distribution Center of a network is a server enabling private communications within groups of users. A Distributed Key Distribution Center is a set of servers that jointly realizes a Key Distribution Center. In this paper we build a robust Distributed Key Distribution Center Scheme secure

  2. Authentication Test-Based the RFID Authentication Protocol with Security Analysis

    Directory of Open Access Journals (Sweden)

    Minghui Wang

    2014-08-01

    Full Text Available To the problem of many recently proposed RFID authentication protocol was soon find security holes, we analyzed the main reason, which is that protocol design is not rigorous, and the correctness of the protocol cannot be guaranteed. To this end, authentication test method was adopted in the process of the formal analysis and strict proof to the proposed RFID protocol in this paper. Authentication Test is a new type of analysis and design method of security protocols based on Strand space model, and it can be used for most types of the security protocols. After analysis the security, the proposed protocol can meet the RFID security demand: information confidentiality, data integrity and identity authentication.

  3. Assessment of Information Security Management System based on ISO/IEC 27001:2013 On Subdirectorate of Data Center and Data Recovery Center in Ministry of Internal Affairs

    Science.gov (United States)

    Kurnianto, Ari; Isnanto, Rizal; Widodo, Aris Puji

    2018-02-01

    Information security is a problem effected business process of an organization, so it needs special concern. Information security assessment which is good and has international standard is done using Information Security Management System (ISMS) ISO/IEC 27001:2013. In this research, the high level assessment has been done using ISO/IEC 27001:2013 to observe the strength of information secuity in Ministry of Internal Affairs. The research explains about the assessment of information security management which is built using PHP. The input data use primary and secondary data which passed observation. The process gets maturity using the assessment of ISO/IEC 27001:2013. GAP Analysis observes the condition now a days and then to get recommendation and road map. The result of this research gets all of the information security process which has not been already good enough in Ministry of Internal Affairs, gives recommendation and road map to improve part of all information system being running. It indicates that ISO/IEC 27001:2013 is good used to rate maturity of information security management. As the next analyzation, this research use Clause and Annex in ISO/IEC 27001:2013 which is suitable with condition of Data Center and Data Recovery Center, so it gets optimum result and solving problem of the weakness information security.

  4. Secure equality and greater-than tests with sublinear online complexity

    DEFF Research Database (Denmark)

    Lipmaa, Helger; Toft, Tomas

    2013-01-01

    Secure multiparty computation (MPC) allows multiple parties to evaluate functions without disclosing the private inputs. Secure comparisons (testing equality and greater-than) are important primitives required by many MPC applications. We propose two equality tests for ℓ-bit values with O(1) online...

  5. Handbook for the Computer Security Certification of Trusted Systems

    National Research Council Canada - National Science Library

    Weissman, Clark

    1995-01-01

    Penetration testing is required for National Computer Security Center (NCSC) security evaluations of systems and products for the B2, B3, and A1 class ratings of the Trusted Computer System Evaluation Criteria (TCSEC...

  6. Test and approval center for fuel cell and hydrogen technologies: Phase I. Initiation. Final report; Test- og godkendelsescenter for braendselscelle- og brintteknologier. Fase 1. Opstart. Slutrapport

    Energy Technology Data Exchange (ETDEWEB)

    Hagen, A. [Technical Univ. of Denmark. DTU Energy Conversion, DTU Risoe Campus, Roskilde (Denmark)

    2012-09-15

    The aim of the present project was to initialize a Test and Approval Center for Fuel Cell and Hydrogen Technologies at the sites of the project partners Risoe DTU (Fuel Cells and Solid State Chemistry Division), and DGC (work package 1). The project furthermore included start-up of first activities with focus on the development of accelerated life-time tests of fuel cell systems, preparations for standardization of these methods, and advising in relation to certification and approval of fuel cell systems (work package 2). The main achievements of the project were: Work package 1: 1) A large national and international network was established comprising of important commercial players, research institutions, and other test centers; 2) The test center is known in large part of the international Fuel Cell and Hydrogen community due to substantial efforts in 'marketing'; 3) New national and international projects have been successfully applied for, with significant roles of the test center, which secure the further establishment and development of the center. Work package 2: 1) Testing equipment was installed and commissioned at DTU (Risoe Campus); 2) A comprehensive survey among international players regarding activities on accelerated SOFC testing was carried out; 3) A test procedure for 'compressed' testing of SOFC in relation to {mu} CHP application was developed and used for one-cell stack and 50-cell-stack testing; 4) Guidelines for Danish authority handling were formulated. (Author)

  7. Assessment of Information Security Management System based on ISO/IEC 27001:2013 On Subdirectorate of Data Center and Data Recovery Center in Ministry of Internal Affairs

    Directory of Open Access Journals (Sweden)

    Kurnianto Ari

    2018-01-01

    Full Text Available Information security is a problem effected business process of an organization, so it needs special concern. Information security assessment which is good and has international standard is done using Information Security Management System (ISMS ISO/IEC 27001:2013. In this research, the high level assessment has been done using ISO/IEC 27001:2013 to observe the strength of information secuity in Ministry of Internal Affairs. The research explains about the assessment of information security management which is built using PHP. The input data use primary and secondary data which passed observation. The process gets maturity using the assessment of ISO/IEC 27001:2013. GAP Analysis observes the condition now a days and then to get recommendation and road map. The result of this research gets all of the information security process which has not been already good enough in Ministry of Internal Affairs, gives recommendation and road map to improve part of all information system being running. It indicates that ISO/IEC 27001:2013 is good used to rate maturity of information security management. As the next analyzation, this research use Clause and Annex in ISO/IEC 27001:2013 which is suitable with condition of Data Center and Data Recovery Center, so it gets optimum result and solving problem of the weakness information security.

  8. Security Testing in Agile Web Application Development - A Case Study Using the EAST Methodology

    CERN Document Server

    Erdogan, Gencer

    2010-01-01

    There is a need for improved security testing methodologies specialized for Web applications and their agile development environment. The number of web application vulnerabilities is drastically increasing, while security testing tends to be given a low priority. In this paper, we analyze and compare Agile Security Testing with two other common methodologies for Web application security testing, and then present an extension of this methodology. We present a case study showing how our Extended Agile Security Testing (EAST) performs compared to a more ad hoc approach used within an organization. Our working hypothesis is that the detection of vulnerabilities in Web applications will be significantly more efficient when using a structured security testing methodology specialized for Web applications, compared to existing ad hoc ways of performing security tests. Our results show a clear indication that our hypothesis is on the right track.

  9. Intra-site Secure Transport Vehicle test and evaluation

    International Nuclear Information System (INIS)

    Scott, S.

    1995-01-01

    In the past many DOE and DoD facilities involved in handling nuclear material realized a need to enhance the safely and security for movement of sensitive materials within their facility, or ''intra-site''. There have been prior efforts to improve on-site transportation; however, there remains a requirement for enhanced on-site transportation at a number of facilities. The requirements for on-site transportation are driven by security, safety, and operational concerns. The Intra-site Secure Transport Vehicle (ISTV) was designed to address these concerns specifically for DOE site applications with a standardized vehicle design. This paper briefly reviews the ISTV design features providing significant enhancement of onsite transportation safety and security, and also describes the test and evaluation activities either complete of underway to validate the vehicle design and operation

  10. Business of Nuclear Safety Analysis Office, Nuclear Technology Test Center

    International Nuclear Information System (INIS)

    Hayakawa, Masahiko

    1981-01-01

    The Nuclear Technology Test Center established the Nuclear Safety Analysis Office to execute newly the works concerning nuclear safety analysis in addition to the works related to the proving tests of nuclear machinery and equipments. The regulations for the Nuclear Safety Analysis Office concerning its organization, business and others were specially decided, and it started the business formally in August, 1980. It is a most important subject to secure the safety of nuclear facilities in nuclear fuel cycle as the premise of developing atomic energy. In Japan, the strict regulation of safety is executed by the government at each stage of the installation, construction, operation and maintenance of nuclear facilities, based on the responsibility for the security of installers themselves. The Nuclear Safety Analysis Office was established as the special organ to help the safety examination related to the installation of nuclear power stations and others by the government. It improves and puts in order the safety analysis codes required for the cross checking in the safety examination, and carries out safety analysis calculation. It is operated by the cooperation of the Science and Technology Agency and the Agency of Natural Resources and Energy. The purpose of establishment, the operation and the business of the Nuclear Safety Analysis Office, the plan of improving and putting in order of analysis codes, and the state of the similar organs in foreign countries are described. (Kako, I.)

  11. Implementation of a RPS Cyber Security Test-bed with Two PLCs

    International Nuclear Information System (INIS)

    Shin, Jinsoo; Heo, Gyunyoung; Son, Hanseong; An, Yongkyu; Rizwan, Uddin

    2015-01-01

    Our research team proposed the methodology to evaluate cyber security with Bayesian network (BN) as a cyber security evaluation model and help operator, licensee, licensor or regulator in granting evaluation priorities. The methodology allowed for overall evaluation of cyber security by considering architectural aspect of facility and management aspect of cyber security at the same time. In order to emphasize reality of this model by inserting true data, it is necessary to conduct a penetration test that pretends an actual cyber-attack. Through the collaboration with University of Illinois at Urbana-Champaign, which possesses the Tricon a safety programmable logic controller (PLC) used at nuclear power plants and develops a test-bed for nuclear power plant, a test-bed for reactor protection system (RPS) is being developed with the PLCs. Two PLCs are used to construct a simple test-bed for RPS, bi-stable processor (BP) and coincidence processor (CP). By using two PLCs, it is possible to examine cyber-attack against devices such as PLC, cyber-attack against communication between devices, and the effects of a PLC on the other PLC. Two PLCs were used to construct a test-bed for penetration test in this study. Advantages of using two or more PLCs instead of single PLC are as follows. 1) Results of cyber-attack reflecting characteristics among PLCs can be obtained. 2) Cyber-attack can be attempted using a method of attacking communication between PLCs. True data obtained can be applied to existing cyber security evaluation model to emphasize reality of the model

  12. Implementation of a RPS Cyber Security Test-bed with Two PLCs

    Energy Technology Data Exchange (ETDEWEB)

    Shin, Jinsoo; Heo, Gyunyoung [Kyung Hee Univ., Yongin (Korea, Republic of); Son, Hanseong [Joongbu Univ., Geumsan (Korea, Republic of); An, Yongkyu; Rizwan, Uddin [University of Illinois at Urbana-Champaign, Urbana (United States)

    2015-10-15

    Our research team proposed the methodology to evaluate cyber security with Bayesian network (BN) as a cyber security evaluation model and help operator, licensee, licensor or regulator in granting evaluation priorities. The methodology allowed for overall evaluation of cyber security by considering architectural aspect of facility and management aspect of cyber security at the same time. In order to emphasize reality of this model by inserting true data, it is necessary to conduct a penetration test that pretends an actual cyber-attack. Through the collaboration with University of Illinois at Urbana-Champaign, which possesses the Tricon a safety programmable logic controller (PLC) used at nuclear power plants and develops a test-bed for nuclear power plant, a test-bed for reactor protection system (RPS) is being developed with the PLCs. Two PLCs are used to construct a simple test-bed for RPS, bi-stable processor (BP) and coincidence processor (CP). By using two PLCs, it is possible to examine cyber-attack against devices such as PLC, cyber-attack against communication between devices, and the effects of a PLC on the other PLC. Two PLCs were used to construct a test-bed for penetration test in this study. Advantages of using two or more PLCs instead of single PLC are as follows. 1) Results of cyber-attack reflecting characteristics among PLCs can be obtained. 2) Cyber-attack can be attempted using a method of attacking communication between PLCs. True data obtained can be applied to existing cyber security evaluation model to emphasize reality of the model.

  13. Software To Secure Distributed Propulsion Simulations

    Science.gov (United States)

    Blaser, Tammy M.

    2003-01-01

    Distributed-object computing systems are presented with many security threats, including network eavesdropping, message tampering, and communications middleware masquerading. NASA Glenn Research Center, and its industry partners, has taken an active role in mitigating the security threats associated with developing and operating their proprietary aerospace propulsion simulations. In particular, they are developing a collaborative Common Object Request Broker Architecture (CORBA) Security (CORBASec) test bed to secure their distributed aerospace propulsion simulations. Glenn has been working with its aerospace propulsion industry partners to deploy the Numerical Propulsion System Simulation (NPSS) object-based technology. NPSS is a program focused on reducing the cost and time in developing aerospace propulsion engines

  14. Center for Coastline Security Technology, Year-2

    Science.gov (United States)

    2007-05-01

    cinematic film industry . For the port security application there are several research issues being addressed under this program, specifically...being the cinematic film industry . For the port security application there are several research issues being addressed under this program...the primary customers being the film industry . For the port security application there are several research issues being addressed under this program

  15. Considerations When Including Students with Disabilities in Test Security Policies. NCEO Policy Directions. Number 23

    Science.gov (United States)

    Lazarus, Sheryl; Thurlow, Martha

    2015-01-01

    Sound test security policies and procedures are needed to ensure test security and confidentiality, and to help prevent cheating. In this era when cheating on tests draws regular media attention, there is a need for thoughtful consideration of the ways in which possible test security measures may affect accessibility for some students with…

  16. Automated Security Testing of Web Widget Interactions

    NARCIS (Netherlands)

    Bezemer, C.P.; Mesbah, A.; Van Deursen, A.

    2009-01-01

    This paper is a pre-print of: Cor-Paul Bezemer, Ali Mesbah, and Arie van Deursen. Automated Security Testing of Web Widget Interactions. In Proceedings of the 7th joint meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering

  17. NOTICE OF ELECTRICAL CUT - TEST OF THE SECURED NETWORK

    CERN Multimedia

    Electrical Service ST/EL

    2001-01-01

    The electrical service ST/EL will test the switching sequence between the secured network and the diesel generators on January 8, 2002. The normal network, general services of the sites Meyrin, Prevessin, SPS, Zone Nord, LHC1 and LHC18 will be cut between 6:00am and 6:10am. The secured network will be resupplied by the diesel generators after approximately 1 minute. The UPS network will not be affected. To facilitate the restart of the electrical network and to minimize the impact of the tests on critical equipment, we would like to ask you to stop any equipment that might suffer major inconveniences during the tests (e.g. computers). For any further information, please do not hesitate to contact the Technical Control Room TCR (72201) or G. Cumer (160592).

  18. Coverage of the Test of Memory Malingering, Victoria Symptom Validity Test, and Word Memory Test on the Internet: is test security threatened?

    Science.gov (United States)

    Bauer, Lyndsey; McCaffrey, Robert J

    2006-01-01

    In forensic neuropsychological settings, maintaining test security has become critically important, especially in regard to symptom validity tests (SVTs). Coaching, which can entail providing patients or litigants with information about the cognitive sequelae of head injury, or teaching them test-taking strategies to avoid detection of symptom dissimulation has been examined experimentally in many research studies. Emerging evidence supports that coaching strategies affect psychological and neuropsychological test performance to differing degrees depending on the coaching paradigm and the tests administered. The present study sought to examine Internet coverage of SVTs because it is potentially another source of coaching, or information that is readily available. Google searches were performed on the Test of Memory Malingering, the Victoria Symptom Validity Test, and the Word Memory Test. Results indicated that there is a variable amount of information available about each test that could threaten test security and validity should inappropriately interested parties find it. Steps that could be taken to improve this situation and limitations to this exploration are discussed.

  19. 6th Annual Homeland Security and Defense Education Summit, Developing an Adaptive Homeland Security Environment

    OpenAIRE

    2013-01-01

    6th Annual Homeland Security and Defense Education Summit Developing an Adaptive Homeland Security Environment, Burlington, MA, September 26-28, 2013 2013 Summit Agenda Naval Postgraduate School Center for Homeland Defense and Security In Partnership With Northeastern University, Department of Homeland Security, Federal Emergency Management Agency, National Guard Homeland Security Institute, National Homeland Defense Foundation Naval Postgraduate School Center for Homeland Defense and S...

  20. Using secure web services to visualize poison center data for nationwide biosurveillance: a case study.

    Science.gov (United States)

    Savel, Thomas G; Bronstein, Alvin; Duck, William; Rhodes, M Barry; Lee, Brian; Stinn, John; Worthen, Katherine

    2010-01-01

    Real-time surveillance systems are valuable for timely response to public health emergencies. It has been challenging to leverage existing surveillance systems in state and local communities, and, using a centralized architecture, add new data sources and analytical capacity. Because this centralized model has proven to be difficult to maintain and enhance, the US Centers for Disease Control and Prevention (CDC) has been examining the ability to use a federated model based on secure web services architecture, with data stewardship remaining with the data provider. As a case study for this approach, the American Association of Poison Control Centers and the CDC extended an existing data warehouse via a secure web service, and shared aggregate clinical effects and case counts data by geographic region and time period. To visualize these data, CDC developed a web browser-based interface, Quicksilver, which leveraged the Google Maps API and Flot, a javascript plotting library. Two iterations of the NPDS web service were completed in 12 weeks. The visualization client, Quicksilver, was developed in four months. This implementation of web services combined with a visualization client represents incremental positive progress in transitioning national data sources like BioSense and NPDS to a federated data exchange model. Quicksilver effectively demonstrates how the use of secure web services in conjunction with a lightweight, rapidly deployed visualization client can easily integrate isolated data sources for biosurveillance.

  1. CERN tests reveal security flaws with industrial network devices

    CERN Document Server

    Lüders, Stefan

    2006-01-01

    The CERN high energy particle physics facility at Geneva, Switzerland will incorporate a wide range of COTS industrial control systems within its next generation particle collider, the LHC. In particular, the Internet will be used to facilitate the remote access for accelerator and particle physicists and system experts based at several hundred locations around the globe. The integration of Industrial Ethernet and COTS PLCs within the LHC program focuses extreme attention on the industrial network cyber-security requirement. CERN's response has been to conduct operational research on the security resilience of networked industrial devices. As test team lead Stefan Lüders reports here, industrial networked devices put through the organisation's test procedures have generally shown up unexpected vulnerabilities.

  2. Engineering test facility design center

    International Nuclear Information System (INIS)

    Anon.

    1980-01-01

    The vehicle by which the fusion program would move into the engineering testing phase of fusion power development is designated the Engineering Test Facility (ETF). The ETF would provide a test bed for reactor components in the fusion environment. In order to initiate preliminary planning for the ETF decision, the Office of Fusion Energy established the ETF Design Center activity to prepare the design of the ETF. This section describes the status of this design

  3. Cyber Security Test Strategy for Non-safety Display System

    International Nuclear Information System (INIS)

    Son, Han Seong; Kim, Hee Eun

    2016-01-01

    Cyber security has been a big issue since the instrumentation and control (I and C) system of nuclear power plant (NPP) is digitalized. A cyber-attack on NPP should be dealt with seriously because it might cause not only economic loss but also the radioactive material release. Researches on the consequences of cyber-attack onto NPP from a safety point of view have been conducted. A previous study shows the risk effect brought by initiation of event and deterioration of mitigation function by cyber terror. Although this study made conservative assumptions and simplifications, it gives an insight on the effect of cyber-attack. Another study shows that the error on a non-safety display system could cause wrong actions of operators. According to this previous study, the failure of the operator action caused by a cyber-attack on a display system might threaten the safety of the NPP by limiting appropriate mitigation actions. This study suggests a test strategy focusing on the cyber-attack on the information and display system, which might cause the failure of operator. The test strategy can be suggested to evaluate and complement security measures. Identifying whether a cyber-attack on the information and display system can affect the mitigation actions of operator, the strategy to obtain test scenarios is suggested. The failure of mitigation scenario is identified first. Then, for the test target in the scenario, software failure modes are applied to identify realistic failure scenarios. Testing should be performed for those scenarios to confirm the integrity of data and to assure effectiveness of security measures

  4. Cyber Security Test Strategy for Non-safety Display System

    Energy Technology Data Exchange (ETDEWEB)

    Son, Han Seong [Joongbu University, Geumsan (Korea, Republic of); Kim, Hee Eun [KAIST, Daejeon (Korea, Republic of)

    2016-10-15

    Cyber security has been a big issue since the instrumentation and control (I and C) system of nuclear power plant (NPP) is digitalized. A cyber-attack on NPP should be dealt with seriously because it might cause not only economic loss but also the radioactive material release. Researches on the consequences of cyber-attack onto NPP from a safety point of view have been conducted. A previous study shows the risk effect brought by initiation of event and deterioration of mitigation function by cyber terror. Although this study made conservative assumptions and simplifications, it gives an insight on the effect of cyber-attack. Another study shows that the error on a non-safety display system could cause wrong actions of operators. According to this previous study, the failure of the operator action caused by a cyber-attack on a display system might threaten the safety of the NPP by limiting appropriate mitigation actions. This study suggests a test strategy focusing on the cyber-attack on the information and display system, which might cause the failure of operator. The test strategy can be suggested to evaluate and complement security measures. Identifying whether a cyber-attack on the information and display system can affect the mitigation actions of operator, the strategy to obtain test scenarios is suggested. The failure of mitigation scenario is identified first. Then, for the test target in the scenario, software failure modes are applied to identify realistic failure scenarios. Testing should be performed for those scenarios to confirm the integrity of data and to assure effectiveness of security measures.

  5. Contemporary security management

    CERN Document Server

    Fay, John

    2010-01-01

    Contemporary Security Management, 3rd Edition teaches security professionals how to operate an efficient security department and how to integrate smoothly with other groups inside and outside their own organizations. Fay demonstrates the specifics of security management: * how to organize, plan, develop and manage a security operation. * how to identify vulnerabilities. * how to determine the protective resources required to offset threats. * how to implement all necessary physical and IT security measures. Security professionals share the responsibility for mitigating damage, serving as a resource to an Emergency Tactical Center, assisting the return of business continuity, and liaising with local response agencies such as police and fire departments, emergency medical responders, and emergency warning centers. At the organizational level, the book addresses budgeting, employee performance, counseling, hiring and termination, employee theft and other misconduct, and offers sound advice on building constructi...

  6. Development and Testing of Intelligent Alcohol Transportation Security System

    Directory of Open Access Journals (Sweden)

    Velaphi Msomi

    2018-01-01

    Full Text Available The development and testing of intelligent liquid transportation security system are being reported in this paper. The targeted fluid to be secured was ethanol alcohol and this was due to the theft cases occurring during the transportation of this product from the supplier to the customer. The system was developed such that only the radar level sensor (VEGAPULS 62 might be in contact with the fluid and the rest of the system remained outside the liquid carrying container to be secured. The system was developed such that it reports any abnormal liquid level drop through short message service (SMS. The functioning of the developed system was tested through the use of 1040 L Intermediate Bulk Container (IBC filled with water which was hauled for about 1.5 km. The liquid theft was simulated and the system sent two SMS. The first SMS reported the beginning of water level drop and the second one reported the ending of water level drop. The second SMS reported the amount of liquid that was taken out of the container.

  7. Does standard deviation matter? Using "standard deviation" to quantify security of multistage testing.

    Science.gov (United States)

    Wang, Chun; Zheng, Yi; Chang, Hua-Hua

    2014-01-01

    With the advent of web-based technology, online testing is becoming a mainstream mode in large-scale educational assessments. Most online tests are administered continuously in a testing window, which may post test security problems because examinees who take the test earlier may share information with those who take the test later. Researchers have proposed various statistical indices to assess the test security, and one most often used index is the average test-overlap rate, which was further generalized to the item pooling index (Chang & Zhang, 2002, 2003). These indices, however, are all defined as the means (that is, the expected proportion of common items among examinees) and they were originally proposed for computerized adaptive testing (CAT). Recently, multistage testing (MST) has become a popular alternative to CAT. The unique features of MST make it important to report not only the mean, but also the standard deviation (SD) of test overlap rate, as we advocate in this paper. The standard deviation of test overlap rate adds important information to the test security profile, because for the same mean, a large SD reflects that certain groups of examinees share more common items than other groups. In this study, we analytically derived the lower bounds of the SD under MST, with the results under CAT as a benchmark. It is shown that when the mean overlap rate is the same between MST and CAT, the SD of test overlap tends to be larger in MST. A simulation study was conducted to provide empirical evidence. We also compared the security of MST under the single-pool versus the multiple-pool designs; both analytical and simulation studies show that the non-overlapping multiple-pool design will slightly increase the security risk.

  8. Evaluation of a Secure Laptop-Based Testing Program in an Undergraduate Nursing Program: Students' Perspective.

    Science.gov (United States)

    Tao, Jinyuan; Gunter, Glenda; Tsai, Ming-Hsiu; Lim, Dan

    2016-01-01

    Recently, the many robust learning management systems, and the availability of affordable laptops, have made secure laptop-based testing a reality on many campuses. The undergraduate nursing program at the authors' university began to implement a secure laptop-based testing program in 2009, which allowed students to use their newly purchased laptops to take quizzes and tests securely in classrooms. After nearly 5 years' secure laptop-based testing program implementation, a formative evaluation, using a mixed method that has both descriptive and correlational data elements, was conducted to seek constructive feedback from students to improve the program. Evaluation data show that, overall, students (n = 166) believed the secure laptop-based testing program helps them get hands-on experience of taking examinations on the computer and gets them prepared for their computerized NCLEX-RN. Students, however, had a lot of concerns about laptop glitches and campus wireless network glitches they experienced during testing. At the same time, NCLEX-RN first-time passing rate data were analyzed using the χ2 test, and revealed no significant association between the two testing methods (paper-and-pencil testing and the secure laptop-based testing) and students' first-time NCLEX-RN passing rate. Based on the odds ratio, however, the odds of students passing NCLEX-RN the first time was 1.37 times higher if they were taught with the secure laptop-based testing method than if taught with the traditional paper-and-pencil testing method in nursing school. It was recommended to the institution that better quality of laptops needs to be provided to future students, measures needed to be taken to further stabilize the campus wireless Internet network, and there was a need to reevaluate the Laptop Initiative Program.

  9. Processing multilevel secure test and evaluation information

    Science.gov (United States)

    Hurlburt, George; Hildreth, Bradley; Acevedo, Teresa

    1994-07-01

    The Test and Evaluation Community Network (TECNET) is building a Multilevel Secure (MLS) system. This system features simultaneous access to classified and unclassified information and easy access through widely available communications channels. It provides the necessary separation of classification levels, assured through the use of trusted system design techniques, security assessments and evaluations. This system enables cleared T&E users to view and manipulate classified and unclassified information resources either using a single terminal interface or multiple windows in a graphical user interface. TECNET is in direct partnership with the National Security Agency (NSA) to develop and field the MLS TECNET capability in the near term. The centerpiece of this partnership is a state-of-the-art Concurrent Systems Security Engineering (CSSE) process. In developing the MLS TECNET capability, TECNET and NSA are providing members, with various expertise and diverse backgrounds, to participate in the CSSE process. The CSSE process is founded on the concepts of both Systems Engineering and Concurrent Engineering. Systems Engineering is an interdisciplinary approach to evolve and verify an integrated and life cycle balanced set of system product and process solutions that satisfy customer needs (ASD/ENS-MIL STD 499B 1992). Concurrent Engineering is design and development using the simultaneous, applied talents of a diverse group of people with the appropriate skills. Harnessing diverse talents to support CSSE requires active participation by team members in an environment that both respects and encourages diversity.

  10. Cloud Computing Security

    OpenAIRE

    Ngongang, Guy

    2011-01-01

    This project aimed to show how possible it is to use a network intrusion detection system in the cloud. The security in the cloud is a concern nowadays and security professionals are still finding means to make cloud computing more secure. First of all the installation of the ESX4.0, vCenter Server and vCenter lab manager in server hardware was successful in building the platform. This allowed the creation and deployment of many virtual servers. Those servers have operating systems and a...

  11. Process Control Systems in the Chemical Industry: Safety vs. Security

    Energy Technology Data Exchange (ETDEWEB)

    Jeffrey Hahn; Thomas Anderson

    2005-04-01

    Traditionally, the primary focus of the chemical industry has been safety and productivity. However, recent threats to our nation’s critical infrastructure have prompted a tightening of security measures across many different industry sectors. Reducing vulnerabilities of control systems against physical and cyber attack is necessary to ensure the safety, security and effective functioning of these systems. The U.S. Department of Homeland Security has developed a strategy to secure these vulnerabilities. Crucial to this strategy is the Control Systems Security and Test Center (CSSTC) established to test and analyze control systems equipment. In addition, the CSSTC promotes a proactive, collaborative approach to increase industry's awareness of standards, products and processes that can enhance the security of control systems. This paper outlines measures that can be taken to enhance the cybersecurity of process control systems in the chemical sector.

  12. Start up testing for the secure automated fabrication line

    International Nuclear Information System (INIS)

    Gerber, E.W.; Benson, E.M.; Dahl, R.E.

    1987-01-01

    The secure automated fabrication (SAF) line is a remotely operated, liquid metal reactor fuel fabrication process being built by Westinghouse Hanford Company for the Department of Energy. All process and control equipment is installed and start up testing has been initiated. Start up testing is comprised of five phases, each incorporating higher degrees of equipment integration, automation, and remote control. Testing methodology for SAF line start up is described in this report

  13. Transportation Secure Data Center: Real-World Data for Planning, Modeling, and Analysis

    Energy Technology Data Exchange (ETDEWEB)

    2018-01-19

    The Transportation Secure Data Center (TSDC) at www.nrel.gov/tsdc provides free, web-based access to detailed transportation data from a variety of travel surveys conducted across the nation. While preserving the privacy of survey participants, this online repository makes vital transportation data broadly available to users from the comfort of their own desks via a secure online connection. Data Available through the TSDC: Maintained by the U.S. Department of Energy's National Renewable Energy Laboratory (NREL) in partnership with the U.S. Department of Transportation (DOT), the TSDC houses data from travel surveys and studies conducted using global positioning system (GPS) devices. It features millions of data points - second-by-second GPS readings, vehicle characteristics (if applicable), and demographics - for all modes of travel. NREL screens the initial data for quality control, translates each data set into a consistent format, and interprets the data for spatial analysis. NREL's processing routines add information on vehicle fuel economy and road grades and join data points to the road network.

  14. National security and the comprehensive test ban treaty

    International Nuclear Information System (INIS)

    Landauer, J.K.

    1980-08-01

    For nearly three years now, the US, UK, and USSR have been working on the draft of a treaty that would ban all nuclear explosions (both peaceful applications and weapon tests) and institute verification and monitoring provisions to ensure compliance with the treaty. The status of the draft treaty is summarized. The question, Is a CTBT really in the interest of US national security. is analyzed with arguments used by both proponents and opponents of the CTBT. It is concluded that there are arguments both for and against a CTBT, but, for those whose approach to national security can be expressed as peace through preparedness, the arguments against a CTBT appear persuasive

  15. The Need and Opportunity for an Integrated Research, Development and Testing Center in the Alaskan High Arctic

    Science.gov (United States)

    Hardesty, J. O.; Ivey, M.; Helsel, F.; Dexheimer, D.; Lucero, D. A.; Cahill, C. F.; Roesler, E. L.

    2017-12-01

    This presentation will make the case for development of a permanent integrated High Arctic research and testing center at Oliktok Point, Alaska; taking advantage of existing assets and infrastructure, controlled airspace, an active UAS program and local partnerships. Arctic research stations provide critical monitoring and research on climate change for conditions and trends in the Arctic. The US Chair of the Arctic Council increased awareness of gaps in our understanding of Artic systems, scarce monitoring, lack of infrastructure and readiness for emergency response. Less sea ice brings competition for commercial shipping and resource extraction. Search and rescue, pollution mitigation and safe navigation need real-time, wide-area monitoring to respond to events. Multi-national responses for international traffic will drive a greater security presence to protect citizens and sovereign interests. To address research and technology gaps, there is a national need for a US High Arctic Center (USHARC) with an approach to partner stakeholders from science, safety and security to develop comprehensive solutions. The Station should offer year-round use, logistic support and access to varied ecological settings; phased adaptation to changing needs; and support testing of technologies such as multiple autonomous platforms, renewable energies and microgrids, and sensors in Arctic settings. We propose an Arctic Center at Oliktok Point, Alaska. Combined with the Toolik Field Station and Barrow Environmental Observatory, they form a US network of Arctic Stations. An Oliktok Point Station can provide complementary and unique assets that include: access via land, sea and air; coastal and terrestrial ecologies; controlled airspaces across land and ocean; medical and logistic support; atmospheric observations from an adjacent ARM facility; connections to Barrow and Toolik; fiber-optic communications; University of Alaska Fairbanks UAS Test Facility partnership; and an airstrip and

  16. Tonopah Test Range - Index

    Science.gov (United States)

    Capabilities Test Operations Center Test Director Range Control Track Control Communications Tracking Radars Photos Header Facebook Twitter YouTube Flickr RSS Tonopah Test Range Top TTR_TOC Tonopah is the testing range of choice for all national security missions. Tonopah Test Range (TTR) provides research and

  17. SOCIAL MEDIA SECURITY

    Science.gov (United States)

    RESPONSIBILITY CENTCOM COALITION MEDIA SOCIAL MEDIA NEWS ARTICLES PRESS RELEASES IMAGERY VIDEOS TRANSCRIPTS VISITORS AND PERSONNEL FAMILY CENTER FAMILY READINESS CENTCOM WEBMAIL SOCIAL MEDIA SECURITY ACCOUNTABILITY HomeVISITORS AND PERSONNELSOCIAL MEDIA SECURITY FAQ on Security for Social Media Due to the widespread use of

  18. A Method to Analyze Threats and Vulnerabilities by Using a Cyber Security Test-bed of an Operating NPP

    International Nuclear Information System (INIS)

    Kim, Yong Sik; Son, Choul Woong; Lee, Soo Ill

    2016-01-01

    In order to implement cyber security controls for an Operating NPP, a security assessment should conduct in advance, and it is essential to analyze threats and vulnerabilities for a cyber security risk assessment phase. It might be impossible to perform a penetration test or scanning for a vulnerability analysis because the test may cause adverse effects on the inherent functions of ones. This is the reason why we develop and construct a cyber security test-bed instead of using real I and C systems in the operating NPP. In this paper, we propose a method to analyze threats and vulnerabilities of a specific target system by using a cyber security test-bed. The test-bed is being developed considering essential functions of the selected safety and non-safety system. This paper shows the method to analyze threats and vulnerabilities of a specific target system by using a cyber security test-bed. In order to develop the cyber security test-bed with both safety and non-safety functions, test-bed functions analysis and preliminary threats and vulnerabilities identification have been conducted. We will determine the attack scenarios and conduct the test-bed based vulnerability analysis

  19. A Method to Analyze Threats and Vulnerabilities by Using a Cyber Security Test-bed of an Operating NPP

    Energy Technology Data Exchange (ETDEWEB)

    Kim, Yong Sik; Son, Choul Woong; Lee, Soo Ill [KHNP CRI, Daejeon (Korea, Republic of)

    2016-10-15

    In order to implement cyber security controls for an Operating NPP, a security assessment should conduct in advance, and it is essential to analyze threats and vulnerabilities for a cyber security risk assessment phase. It might be impossible to perform a penetration test or scanning for a vulnerability analysis because the test may cause adverse effects on the inherent functions of ones. This is the reason why we develop and construct a cyber security test-bed instead of using real I and C systems in the operating NPP. In this paper, we propose a method to analyze threats and vulnerabilities of a specific target system by using a cyber security test-bed. The test-bed is being developed considering essential functions of the selected safety and non-safety system. This paper shows the method to analyze threats and vulnerabilities of a specific target system by using a cyber security test-bed. In order to develop the cyber security test-bed with both safety and non-safety functions, test-bed functions analysis and preliminary threats and vulnerabilities identification have been conducted. We will determine the attack scenarios and conduct the test-bed based vulnerability analysis.

  20. Test and Evaluation for Enhanced Security: A Quantitative Method to Incorporate Expert Knowledge into Test Planning Decisions.

    Energy Technology Data Exchange (ETDEWEB)

    Rizzo, Davinia [Sandia National Laboratories (SNL-NM), Albuquerque, NM (United States); Blackburn, Mark [Stevens Inst. of Technology, Hoboken, NJ (United States)

    2017-03-01

    Complex systems are comprised of technical, social, political and environmental factors as well as the programmatic factors of cost, schedule and risk. Testing these systems for enhanced security requires expert knowledge in many different fields. It is important to test these systems to ensure effectiveness, but testing is limited to due cost, schedule, safety, feasibility and a myriad of other reasons. Without an effective decision framework for Test and Evaluation (T&E) planning that can take into consideration technical as well as programmatic factors and leverage expert knowledge, security in complex systems may not be assessed effectively. Therefore, this paper covers the identification of the current T&E planning problem and an approach to include the full variety of factors and leverage expert knowledge in T&E planning through the use of Bayesian Networks (BN).

  1. Control Systems Security Center Comparison Study of Industrial Control System Standards against the Control Systems Protection Framework Cyber-Security Requirements

    Energy Technology Data Exchange (ETDEWEB)

    Robert P. Evans

    2005-09-01

    Cyber security standards, guidelines, and best practices for control systems are critical requirements that have been delineated and formally recognized by industry and government entities. Cyber security standards provide a common language within the industrial control system community, both national and international, to facilitate understanding of security awareness issues but, ultimately, they are intended to strengthen cyber security for control systems. This study and the preliminary findings outlined in this report are an initial attempt by the Control Systems Security Center (CSSC) Standard Awareness Team to better understand how existing and emerging industry standards, guidelines, and best practices address cyber security for industrial control systems. The Standard Awareness Team comprised subject matter experts in control systems and cyber security technologies and standards from several Department of Energy (DOE) National Laboratories, including Argonne National Laboratory, Idaho National Laboratory, Pacific Northwest National Laboratory, and Sandia National Laboratories. This study was conducted in two parts: a standard identification effort and a comparison analysis effort. During the standard identification effort, the Standard Awareness Team conducted a comprehensive open-source survey of existing control systems security standards, regulations, and guidelines in several of the critical infrastructure (CI) sectors, including the telecommunication, water, chemical, energy (electric power, petroleum and oil, natural gas), and transportation--rail sectors and sub-sectors. During the comparison analysis effort, the team compared the requirements contained in selected, identified, industry standards with the cyber security requirements in ''Cyber Security Protection Framework'', Version 0.9 (hereafter referred to as the ''Framework''). For each of the seven sector/sub-sectors listed above, one standard was

  2. Assessment And Testing of Industrial Devices Robustness Against Cyber Security Attacks

    CERN Document Server

    Tilaro, F

    2011-01-01

    CERN (European Organization for Nuclear Research),like any organization, needs to achieve the conflicting objectives of connecting its operational network to Internet while at the same time keeping its industrial control systems secure from external and internal cyber attacks. With this in mind, the ISA-99[0F1] international cyber security standard has been adopted at CERN as a reference model to define a set of guidelines and security robustness criteria applicable to any network device. Devices robustness represents a key link in the defense-in-depth concept as some attacks will inevitably penetrate security boundaries and thus require further protection measures. When assessing the cyber security robustness of devices we have singled out control system-relevant attack patterns derived from the well-known CAPEC[1F2] classification. Once a vulnerability is identified, it needs to be documented, prioritized and reproduced at will in a dedicated test environment for debugging purposes. CERN - in collaboration ...

  3. Cyber Security Penetration Test for Digital Safety I and C Systems

    International Nuclear Information System (INIS)

    Lee, C. K.; Kim, D. H.; Kwon, K. C.; Joo, H. K.; Song, J. S.

    2010-01-01

    In the Korea Nuclear I and C Systems Development project the platforms for plant protection systems are developed, which function as a reactor shutdown, actuation of engineered safety features and a control of the related equipment. Those are fully digitalized through the use of safety-grade programmable logic controllers (PLCs) and few types of communication network. However the Regulatory Guide 1.152 (Rev. 02) was published by the U.S. NRC in 2006 and it recommended the application of a cyber security to the safety systems in the Nuclear Power Plant (NPP). Therefore to incorporate the new licensing requirement, a cyber security risk assessment is performed for the platforms. Then the vulnerabilities identified by the risk assessment are validated by penetration test. This paper summarizes test scenario, test results and their incorporation into system design

  4. Preparedness and Emergency Response Learning Centers: supporting the workforce for national health security.

    Science.gov (United States)

    Richmond, Alyson L; Sobelson, Robyn K; Cioffi, Joan P

    2014-01-01

    The importance of a competent and prepared national public health workforce, ready to respond to threats to the public's health, has been acknowledged in numerous publications since the 1980s. The Preparedness and Emergency Response Learning Centers (PERLCs) were funded by the Centers for Disease Control and Prevention in 2010 to continue to build upon a decade of focused activities in public health workforce preparedness development initiated under the Centers for Public Health Preparedness program (http://www.cdc.gov/phpr/cphp/). All 14 PERLCs were located within Council on Education for Public Health (CEPH) accredited schools of public health. These centers aimed to improve workforce readiness and competence through the development, delivery, and evaluation of targeted learning programs designed to meet specific requirements of state, local, and tribal partners. The PERLCs supported organizational and community readiness locally, regionally, or nationally through the provision of technical consultation and dissemination of specific, practical tools aligned with national preparedness competency frameworks and public health preparedness capabilities. Public health agencies strive to address growing public needs and a continuous stream of current and emerging public health threats. The PERLC network represented a flexible, scalable, and experienced national learning system linking academia with practice. This system improved national health security by enhancing individual, organizational, and community performance through the application of public health science and learning technologies to frontline practice.

  5. Verification Tools Secure Online Shopping, Banking

    Science.gov (United States)

    2010-01-01

    Just like rover or rocket technology sent into space, the software that controls these technologies must be extensively tested to ensure reliability and effectiveness. Ames Research Center invented the open-source Java Pathfinder (JPF) toolset for the deep testing of Java-based programs. Fujitsu Labs of America Inc., based in Sunnyvale, California, improved the capabilities of the JPF Symbolic Pathfinder tool, establishing the tool as a means of thoroughly testing the functionality and security of Web-based Java applications such as those used for Internet shopping and banking.

  6. Reviews of the Comprehensive Nuclear-Test-Ban Treaty and U.S. security

    Science.gov (United States)

    Jeanloz, Raymond

    2017-11-01

    Reviews of the Comprehensive Nuclear-Test-Ban Treaty (CTBT) by the National Academy of Sciences concluded that the United States has the technical expertise and physical means to i) maintain a safe, secure and reliable nuclear-weapons stockpile without nuclear-explosion testing, and ii) effectively monitor global compliance once the Treaty enters into force. Moreover, the CTBT is judged to help constrain proliferation of nuclear-weapons technology, so it is considered favorable to U.S. security. Review of developments since the studies were published, in 2002 and 2012, show that the study conclusions remain valid and that technical capabilities are better than anticipated.

  7. Idaho national laboratory - a nuclear research center

    International Nuclear Information System (INIS)

    Zaidi Mohammed, K.

    2006-01-01

    Full text: The Idaho National Laboratory (INL) is committed to providing international nuclear leadership for the 21st Century, developing and demonstrating compelling national security technologies, and delivering excellence in science and technology as one of the United States Department of Energy's (DOE) multi program national laboratories. INL runs three major programs - Nuclear, Security and Science. Nuclear programs covers the Advanced test reactor, Six Generation IV technology concepts selected for Rand D, targeting tumors - Boron Neutron Capture therapy. Homeland Security establishes the Control System Security and Test Center, Critical Infrastructure Test Range evaluates technologies on a scalable basis, INL conducts high performance computing and visualization research and science. To provide leadership in the education and training, INL has established an Institute of Nuclear Science and Engineering (INSE) under the Center for Advanced Energy Studies (CAES) and the Idaho State University (ISU). INSE will offer a four year degree based on a newly developed curriculum - two year of basic science course work and two years of participation in project planning and development. The students enrolled in this program can continue to get a masters or a doctoral degree. This summer INSE is the host for the training of the first international group selected by the World Nuclear University (WNU) - 75 fellowship holders and their 30 instructors from 40 countries. INL has been assigned to provide future global leadership in the field of nuclear science and technology. Here, at INL, we keep safety first above all things and our logo is 'Nuclear leadership synonymous with safety leadership'. (author)

  8. The International Test Commission Guidelines on the Security of Tests, Examinations, and Other Assessments

    Science.gov (United States)

    International Journal of Testing, 2016

    2016-01-01

    The amount and severity of security threats have increased considerably over the past two decades, calling into question the validity of assessments administered around the world. These threats have increased for a number of reasons, including the popular use of computerized and online technologies for test administration and the use of almost…

  9. Real time test bed development for power system operation, control and cyber security

    Science.gov (United States)

    Reddi, Ram Mohan

    The operation and control of the power system in an efficient way is important in order to keep the system secure, reliable and economical. With advancements in smart grid, several new algorithms have been developed for improved operation and control. These algorithms need to be extensively tested and validated in real time before applying to the real electric power grid. This work focuses on the development of a real time test bed for testing and validating power system control algorithms, hardware devices and cyber security vulnerability. The test bed developed utilizes several hardware components including relays, phasor measurement units, phasor data concentrator, programmable logic controllers and several software tools. Current work also integrates historian for power system monitoring and data archiving. Finally, two different power system test cases are simulated to demonstrate the applications of developed test bed. The developed test bed can also be used for power system education.

  10. Operations Security (OPSEC) Guide

    Science.gov (United States)

    2011-04-01

    Request for Proposal TAC Threat Analysis Center TECHINT Technical Intelligence TMAP Telecommunications Monitoring and Assessment Program TTP...communications security, use of secure telephones, and a robust Telecommunications Monitoring and Assessment Program ( TMAP ) prevents undetermined...and AFI 33-219, Telecommunications Monitoring and Assessment Program ( TMAP ), or Information Assurance (IA) or Communications Security (COMSEC

  11. The charging security study of electric vehicle charging spot based on automatic testing platform

    Science.gov (United States)

    Li, Yulan; Yang, Zhangli; Zhu, Bin; Ran, Shengyi

    2018-03-01

    With the increasing of charging spots, the testing of charging security and interoperability becomes more and more urgent and important. In this paper, an interface simulator for ac charging test is designed, the automatic testing platform for electric vehicle charging spots is set up and used to test and analyze the abnormal state during the charging process. On the platform, the charging security and interoperability of ac charging spots and IC-CPD can be checked efficiently, the test report can be generated automatically with No artificial reading error. From the test results, the main reason why the charging spot is not qualified is that the power supply cannot be cut off in the prescribed time when the charging anomaly occurs.

  12. Testing Challenges of Maritime Safety and Security Systems-of-Systems

    NARCIS (Netherlands)

    Gonzalez, A.; Piel, E.; Gross, H.G.

    2008-01-01

    Preprint of paper published in: TAIC PART 2008: Testing: Academic & Industrial Conference, Practice and Research Techniques, 29-31 August 2008; doi:10.1109/TAIC-PART.2008.14 Maritime Safety and Security systems represent a novel kind of large-scale distributed component-based systems in which the

  13. US Centers for Disease Control and Prevention and Its Partners' Contributions to Global Health Security.

    Science.gov (United States)

    Tappero, Jordan W; Cassell, Cynthia H; Bunnell, Rebecca E; Angulo, Frederick J; Craig, Allen; Pesik, Nicki; Dahl, Benjamin A; Ijaz, Kashef; Jafari, Hamid; Martin, Rebecca

    2017-12-01

    To achieve compliance with the revised World Health Organization International Health Regulations (IHR 2005), countries must be able to rapidly prevent, detect, and respond to public health threats. Most nations, however, remain unprepared to manage and control complex health emergencies, whether due to natural disasters, emerging infectious disease outbreaks, or the inadvertent or intentional release of highly pathogenic organisms. The US Centers for Disease Control and Prevention (CDC) works with countries and partners to build and strengthen global health security preparedness so they can quickly respond to public health crises. This report highlights selected CDC global health protection platform accomplishments that help mitigate global health threats and build core, cross-cutting capacity to identify and contain disease outbreaks at their source. CDC contributions support country efforts to achieve IHR 2005 compliance, contribute to the international framework for countering infectious disease crises, and enhance health security for Americans and populations around the world.

  14. Why SCADA security is NOT like Computer Centre Security

    CERN Multimedia

    CERN. Geneva

    2014-01-01

    Today, the industralized world lives in symbiosis with control systems (aka SCADA systems): it depends on power distribution, oil production, public transport, automatic production lines. While the convenience is at hand, still too many control systems are designed without any security in mind, lack basic security protections, and are not even robust enough to withstand basic attacks. The Stuxnet worm attacking Siemens PLCs in 2010 was another close call. Attackers currently enjoy hacking control systems, and aim to switch lights off. This presentation shall recap the current situation and discuss the differences (or not) between computer center cyber-security and control system cyber-security.

  15. Waste Receiving and Processing (WRAP) Facility PMS Test Report For Data Management System (DMS) Security Test DMS-Y2K

    Energy Technology Data Exchange (ETDEWEB)

    PALMER, M.E.

    1999-09-21

    Test Plan HNF-4351 defines testing requirements for installation of a new server in the WRAP Facility. This document shows the results of the test reports on the DMS-Y2K and DMS-F81 (Security) systems.

  16. OPNET Modeler Simulation Testing of the New Model Used to Cooperation Between QoS and Security Mechanisms

    Directory of Open Access Journals (Sweden)

    Jan Papaj

    2012-01-01

    Full Text Available In this article the performance analysis of the new model, used to integration between QoS and Security, is introduced. OPNET modeler simulation testing of the new model with comparation with the standard model is presented. This new model enables the process of cooperation between QoS and Security in MANET. The introduction how the model is implemented to the simulation OPNET modeler is also showed. Model provides possibilities to integration and cooperation of QoS and security by the cross layer design (CLD with modified security service vector (SSV. An overview of the simulation tested of the new model, comparative study in mobile ad-hoc networks, describe requirements and directions for adapted solutions are presented. Main idea of the testing is to show how QoS and Security related services could be provided simultaneously with using minimal interfering with each service.

  17. Global Health Security

    Centers for Disease Control (CDC) Podcasts

    2017-09-21

    Dr. Jordan Tappero, a CDC senior advisor on global health, discusses the state of global health security.  Created: 9/21/2017 by National Center for Emerging and Zoonotic Infectious Diseases (NCEZID), Center for Global Health (CGH).   Date Released: 9/21/2017.

  18. Homeland Security Affairs Journal (press release)

    OpenAIRE

    Naval Postgraduate School (U.S.); Center for Homeland Defense and Security

    2013-01-01

    Homeland Security Affairs (HSA) is the peer-reviewed online journal of the Center for Homeland Defense and Security (CHDS). The journal provides a forum to propose and debate strategies, policies and organizational arrangements to strengthen U.S. homeland security.

  19. The Center for Frontiers of Subsurface Energy Security (A 'Life at the Frontiers of Energy Research' contest entry from the 2011 Energy Frontier Research Centers (EFRCs) Summit and Forum)

    International Nuclear Information System (INIS)

    Pope, Gary A.

    2011-01-01

    'The Center for Frontiers of Subsurface Energy Security (CFSES)' was submitted to the 'Life at the Frontiers of Energy Research' video contest at the 2011 Science for Our Nation's Energy Future: Energy Frontier Research Centers (EFRCs) Summit and Forum. Twenty-six EFRCs created short videos to highlight their mission and their work. CFSES is directed by Gary A. Pope at the University of Texas at Austin and partners with Sandia National Laboratories. The Office of Basic Energy Sciences in the U.S. Department of Energy's Office of Science established the 46 Energy Frontier Research Centers (EFRCs) in 2009. These collaboratively-organized centers conduct fundamental research focused on 'grand challenges' and use-inspired 'basic research needs' recently identified in major strategic planning efforts by the scientific community. The overall purpose is to accelerate scientific progress toward meeting the nation's critical energy challenges.

  20. TWO-LAYER SECURE PREVENTION MECHANISM FOR REDUCING E-COMMERCE SECURITY RISKS

    OpenAIRE

    Sen-Tarng Lai

    2015-01-01

    E-commerce is an important information system in the network and digital age. However, the network intrusion, malicious users, virus attack and system security vulnerabilities have continued to threaten the operation of the e-commerce, making e-commerce security encounter serious test. How to improve ecommerce security has become a topic worthy of further exploration. Combining routine security test and security event detection procedures, this paper proposes the Two-Layer Secure ...

  1. Establishing a Secure Data Center with Remote Access: Preprint

    Energy Technology Data Exchange (ETDEWEB)

    Gonder, J.; Burton, E.; Murakami, E.

    2012-04-01

    Access to existing travel data is critical for many analysis efforts that lack the time or resources to support detailed data collection. High-resolution data sets provide particular value, but also present a challenge for preserving the anonymity of the original survey participants. To address this dilemma of providing data access while preserving privacy, the National Renewable Energy Laboratory and the U.S. Department of Transportation have launched the Transportation Secure Data Center (TSDC). TSDC data sets include those from regional travel surveys and studies that increasingly use global positioning system devices. Data provided by different collecting agencies varies with respect to formatting, elements included and level of processing conducted in support of the original purpose. The TSDC relies on a number of geospatial and other analysis tools to ensure data quality and to generate useful information outputs. TSDC users can access the processed data in two different ways. The first is by downloading summary results and second-by-second vehicle speed profiles (with latitude/longitude information removed) from a publicly-accessible website. The second method involves applying for a remote connection account to a controlled-access environment where spatial analysis can be conducted, but raw data cannot be removed.

  2. Day Care Centers

    Data.gov (United States)

    Department of Homeland Security — This database contains locations of day care centers for 50 states and Washington D.C. and Puerto Rico. The dataset only includes center based day care locations...

  3. Start up testing for the secure automated fabrication line

    International Nuclear Information System (INIS)

    Gerber, E.W.; Benson, E.M.; Dahl, R.E.

    1986-01-01

    The Secure Automated Fabrication (SAF) Line has been designed and built by Westinghouse Hanford Company for the Department of Energy at the Hanford Site near Richland, Washington. The SAF Line will provide the capability for remote manufacture of fuel for Liquid Metal Reactors, and will supply fuel for the Fast Flux Test Facility (FFTF). The SAF process is highly automated and represents a major advancement in nuclear fuel manufacturing, offering significant improvements in product quality, productivity, safety, and accountability of Special Nuclear Materials. The construction phase of the project is complete, and testing has been initiated to accomplish start up of the plant for manufacture of FFTF fuel. This paper describes the test methodology used for SAF Line start up

  4. Full Scale Drinking Water System Decontamination at the Water Security Test Bed

    Data.gov (United States)

    U.S. Environmental Protection Agency — The EPA’s Water Security Test Bed (WSTB) facility is a full-scale representation of a drinking water distribution system. In collaboration with the Idaho National...

  5. National Security Technology Incubator Business Plan

    Energy Technology Data Exchange (ETDEWEB)

    None, None

    2007-12-31

    This document contains a business plan for the National Security Technology Incubator (NSTI), developed as part of the National Security Preparedness Project (NSPP) and performed under a Department of Energy (DOE)/National Nuclear Security Administration (NNSA) grant. This business plan describes key features of the NSTI, including the vision and mission, organizational structure and staffing, services, evaluation criteria, marketing strategies, client processes, a budget, incubator evaluation criteria, and a development schedule. The purpose of the NSPP is to promote national security technologies through business incubation, technology demonstration and validation, and workforce development. The NSTI will focus on serving businesses with national security technology applications by nurturing them through critical stages of early development. The vision of the NSTI is to be a successful incubator of technologies and private enterprise that assist the NNSA in meeting new challenges in national safety, security, and protection of the homeland. The NSTI is operated and managed by the Arrowhead Center, responsible for leading the economic development mission of New Mexico State University (NMSU). The Arrowhead Center will recruit business with applications for national security technologies recruited for the NSTI program. The Arrowhead Center and its strategic partners will provide business incubation services, including hands-on mentoring in general business matters, marketing, proposal writing, management, accounting, and finance. Additionally, networking opportunities and technology development assistance will be provided.

  6. Center not liable for defamation from false-positive hepatitis test.

    Science.gov (United States)

    1997-04-18

    The Nebraska Court of Appeals ruled that [name removed] does not have a cause of action against the Lincoln Plasma Center in Lincoln, NE. The center blacklisted him as a carrier of hepatitis B virus; subsequent tests proved [name removed] was uninfected. [Name removed], a paid plasma donator, was placed on an ineligible list after he tested positive for the hepatitis B surface antigen. [Name removed] sued, alleging that Lincoln defamed him by publishing false information to blood banks about his eligibility to donate. The Court of Appeals upheld a trial court's directed verdict because there was no evidence that the plasma center acted in malice.

  7. Assessment and testing of industrial devices robustness against cyber security attacks

    International Nuclear Information System (INIS)

    Tilaro, F.; Copy, B.

    2012-01-01

    CERN (European Organization for Nuclear Research),like any organization, needs to achieve the conflicting objectives of connecting its operational network to Internet while at the same time keeping its industrial control systems secure from external and internal cyber attacks. Devices robustness represents a key link in the defense-in-depth concept as some attacks will inevitably penetrate security boundaries and thus require further protection measures. CERN - in collaboration with Siemens - has designed and implemented a dedicated working environment, the Test-bench for Robustness of Industrial Equipment. Such tests attempt to detect possible anomalies by exploiting corrupt communication channels and manipulating the normal behavior of the communication protocols, in the same way as a cyber attacker would proceed. Our approach consists of analyzing protocol implementations by injecting malformed PDUs (Protocol Data Unit) to corrupt the normal behaviour of the system. As a PDU typically has many fields, the number of possible syntactically faulty PDUs grows exponentially with the number of fields. In this document, we proposed a strategy to explore this huge test domain using a hybrid approach of fuzzing and syntax techniques, specifically developed to evaluate industrial device communication robustness. So far, not all the tests can be integrated into automatic tools, human analysis and management is necessary to discover and investigate specific possible failures

  8. PTC test bed upgrades to provide ACSES testing support capabilities at transportation technology center.

    Science.gov (United States)

    2015-06-01

    FRA Task Order 314 upgraded the Positive Train Control (PTC) Test Bed at the Transportation Technology Center to support : testing of PTC systems, components, and related equipment associated with the Advanced Civil Speed Enforcement System : (ACSES)...

  9. Maritime Cyber Security University Research

    Science.gov (United States)

    2016-05-01

    i Classification | CG-926 RDC | author | audience | month year Maritime Cyber Security University Research Phase I - Final Report...Distribution Statement A: Approved for public release; distribution is unlimited. May 2016 Report No. CG-D-06-16 Maritime Cyber Security...Director United States Coast Guard Research & Development Center 1 Chelsea Street New London, CT 06320 Maritime Cyber Security University

  10. National Security Cutter: Enhanced Oversight Needed to Ensure Problems Discovered during Testing and Operations Are Addressed

    Science.gov (United States)

    2016-01-01

    May Lead to NSCs and Future DHS Assets Deploying without Having Demonstrated Full Capabilities 22 Performance Issues Discovered Outside of IOT &E...Examples of National Security Cutter Critical Operational Issues and Key Performance Parameters 10 Table 3: National Security Cutter Major...Cutter IOT &E Initial Operational Test and Evaluation KPP Key Performance Parameter LRI-II Long-Range Interceptor II NSC National Security Cutter

  11. Measuring the Effect of Using Simulated Security Awareness Training and Testing on Members of Virtual Communities of Practice

    Directory of Open Access Journals (Sweden)

    Craig L. Tidwell

    2010-12-01

    Full Text Available Information security (Infosec has become a major challenge for all private and public organizations. The protecting of proprietary and secret data and the proper awareness of what is entailed in protecting this data is necessary in all organizations. How does simulation and training influence virtual communities of practice information security awareness over time and with a variety of security scenarios. Can members of a virtual community be significantly changed in how they respond to routine security processes and attempts to breach security or violate the security policy of their organization? How does deterrence play a role in this prevention and education? A study is planned that will train and test users of a virtual community of practice over a 3 month period of time, via a web interface, and using simulated events, to see if the planned security awareness training will be effective in changing their responses to the events and further testing.

  12. Intercorporate Security Event Correlation

    Directory of Open Access Journals (Sweden)

    D. O. Kovalev

    2010-03-01

    Full Text Available Security controls are prone to false positives and false negatives which can lead to unwanted reputation losses for the bank. The reputational database within the security operations center (SOC and intercorporate correlation of security events are offered as a solution to increase attack detection fidelity. The theses introduce the definition and structure of the reputation, architectures of reputational exchange and the place of intercorporate correlation in overall SOC correlation analysis.

  13. The Regional Test Center Data Transfer System

    Energy Technology Data Exchange (ETDEWEB)

    Riley, Daniel M. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States). Photovoltaic and Distributed Systems Dept.; Stein, Joshua S. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States). Photovoltaic and Distributed Systems Dept.

    2016-09-01

    The Regional Test Centers are a group of several sites around the US for testing photovoltaic systems and components related to photovoltaic systems. The RTCs are managed by Sandia National Laboratories. The data collected by the RTCs must be transmitted to Sandia for storage, analysis, and reporting. This document describes the methods that transfer the data between remote sites and Sandia as well as data movement within Sandia’s network. The methods described are in force as of September, 2016.

  14. Microsoft System Center 2012 R2 compliance management cookbook

    CERN Document Server

    Baumgarten, Andreas; Roesner, Susan

    2014-01-01

    Whether you are an IT manager, an administrator, or security professional who wants to learn how Microsoft Security Compliance Manager and Microsoft System Center can help fulfil compliance and security requirements, this is the book for you. Prior knowledge of Microsoft System Center is required.

  15. Homeland Security Affairs Journal, Supplement - 2012: IEEE 2011 Conference on Technology for Homeland Security: Best Papers

    OpenAIRE

    2012-01-01

    Homeland Security Affairs is the peer-reviewed online journal of the Naval Postgraduate School Center for Homeland Defense and Security (CHDS), providing a forum to propose and debate strategies, policies, and organizational arrangements to strengthen U.S. homeland security. The instructors, participants, alumni, and partners of CHDS represent the leading subject matter experts and practitioners in the field of homeland security. IEEE Supplement 2012. Supplement: IEEE 2011 Conference on Te...

  16. Security Management and Safeguards Office

    Science.gov (United States)

    Bewley, Nathaniel M.

    2004-01-01

    The Security Management and Safeguards Office at NASA is here to keep the people working in a safe environment. They also are here to protect the buildings and documents from sabotage, espionage, and theft. During the summer of 2004, I worked with Richard Soppet in Physical Security. While I was working here I helped out with updating the map that we currently use at NASA Glenn Research Center, attended meetings for homeland security, worked with the security guards and the locksmith. The meetings that I attended for homeland security talked about how to protect ourselves before something happened, they told us to always be on the guard and look for anything suspicious, and the different ways that terrorist groups operate. When I was with the security guards I was taught how to check someone into the base, showed how to use a radar gun, observed a security guard make a traffic stop for training and was with them while they patrolled NASA Glenn Research Center to make sure things were running smooth and no one was in danger. When I was with the lock smith I was taught how to make keys and locks for the employees here at NASA. The lock smith also showed me that he had inventory cabinets of files that show how many keys were out to people and who currently has access to the rooms that they keys were made for. I also helped out the open house at NASA Glenn Research Center. I helped out by showing the Army Reserves, and Brook Park's SWAT team where all the main events were going to take place a week before the open house was going to begin. Then during the open house I helped out by making sure people had there IDS, checked through there bags, and handed out a map to them that showed where the different activities were going to take place. So the main job here at NASA Glenn Research Center for the Security Management and Safeguards Office is to make sure that nothing is stolen, sabotaged, and espionaged. Also most importantly make sure all the employees here at NASA are

  17. Testing for lead in toys at day care centers.

    Science.gov (United States)

    Sanders, Martha; Stolz, Julie; Chacon-Baker, Ashley

    2013-01-01

    Exposure to lead-based paint or material has been found to impact children's cognitive and behavioral development at blood lead levels far below current standards. The purpose of the project was to screen for lead in toy items in daycare centers in order to raise awareness of inside environmental lead exposures and minimize lead-based exposures for children. Occupational therapy students in a service learning class tested for lead in ten daycare or public centers using the XRF Thermo Scientific Niton XL3t, a method accepted by the Consumer Product Safety Commission (CPSC). A total of 460 items were tested over a two-month period for an average of 66 toys per setting. Fifty six (56) items tested > 100 ppm, which represented 12% of the entire sample. Items with high lead levels included selected toys constructed with lead-based paint, lead metals, plastics using lead as a color enhancer, and decorative objects. While the actual number of lead-based products is small, the cumulative exposure or habitual use may pose an unnecessary risk to children. Indoor exposures occurred for all day care centers regardless of socio-economic levels. Recommendations to minimize exposures are provided.

  18. Virtual-Reality training system for nuclear security

    International Nuclear Information System (INIS)

    Nonaka, Nobuyuki

    2012-01-01

    At the Integrated Support Center for Nuclear Nonproliferation and Nuclear Security (ISCN) of the Japan Atomic Energy Agency, the virtual reality (VR) training system is under development for providing a practical training environment to implement experience-oriented and interactive lessons on nuclear security for wide range of participants in human resource development assistance program mainly to Asian emerging nuclear-power countries. This system electrically recreates and visualizes nuclear facilities and training conditions in stereoscopic (3D) view on a large-scale display (CAVE system) as virtual reality training facility (VR facility) and it provides training participants with effective environments to learn installation and layout of security equipment in the facility testing and verifying visually the protection performances under various situations such as changes in day-night lighting and weather conditions, which may lead to practical exercise in the design and evaluation of the physical protection system. This paper introduces basic concept of the system and outline of training programs as well as featured aspects in using the VR technology for the nuclear security. (author)

  19. New Cryogenic Optical Test Capability at Marshall Space Flight Center's Space Optics Manufacturing Technology Center

    Science.gov (United States)

    Kegley, Jeff; Burdine, Robert V. (Technical Monitor)

    2002-01-01

    A new cryogenic optical testing capability exists at Marshall Space Flight Center's Space Optics Manufacturing Technology Center (SOMTC). SOMTC has been performing optical wavefront testing at cryogenic temperatures since 1999 in the X-ray Cryogenic Test Facility's (XRCF's) large vacuum chamber. Recently the cryogenic optical testing capability has been extended to a smaller vacuum chamber. This smaller horizontal cylindrical vacuum chamber has been outfitted with a helium-cooled liner that can be connected to the facility's helium refrigeration system bringing the existing kilowatt of refrigeration capacity to bear on a 1 meter diameter x 2 meter long test envelope. Cryogenic environments to less than 20 Kelvin are now possible in only a few hours. SOMTC's existing instruments (the Instantaneous Phase-shifting Interferometer (IPI) from ADE Phase-Shift Technologies and the PhaseCam from 4D Vision Technologies) view the optic under test through a 150 mm clear aperture BK-7 window. Since activation and chamber characterization tests in September 2001, the new chamber has been used to perform a cryogenic (less than 30 Kelvin) optical test of a 22.5 cm diameter x 127 cm radius of curvature Si02 mirror, a cryogenic survival (less than 30 Kelvin) test of an adhesive, and a cryogenic cycle (less than 20 Kelvin) test of a ULE mirror. A vibration survey has also been performed on the test chamber. Chamber specifications and performance data, vibration environment data, and limited test results will be presented.

  20. Secure Cloud-Based Solutions for Different eHealth Services in Spanish Rural Health Centers.

    Science.gov (United States)

    de la Torre-Díez, Isabel; Lopez-Coronado, Miguel; Garcia-Zapirain Soto, Begonya; Mendez-Zorrilla, Amaia

    2015-07-27

    The combination of eHealth applications and/or services with cloud technology provides health care staff—with sufficient mobility and accessibility for them—to be able to transparently check any data they may need without having to worry about its physical location. The main aim of this paper is to put forward secure cloud-based solutions for a range of eHealth services such as electronic health records (EHRs), telecardiology, teleconsultation, and telediagnosis. The scenario chosen for introducing the services is a set of four rural health centers located within the same Spanish region. iCanCloud software was used to perform simulations in the proposed scenario. We chose online traffic and the cost per unit in terms of time as the parameters for choosing the secure solution on the most optimum cloud for each service. We suggest that load balancers always be fitted for all solutions in communication together with several Internet service providers and that smartcards be used to maintain identity to an appropriate extent. The solutions offered via private cloud for EHRs, teleconsultation, and telediagnosis services require a volume of online traffic calculated at being able to reach 2 Gbps per consultation. This may entail an average cost of €500/month. The security solutions put forward for each eHealth service constitute an attempt to centralize all information on the cloud, thus offering greater accessibility to medical information in the case of EHRs alongside more reliable diagnoses and treatment for telecardiology, telediagnosis, and teleconsultation services. Therefore, better health care for the rural patient can be obtained at a reasonable cost.

  1. Secure Cloud-Based Solutions for Different eHealth Services in Spanish Rural Health Centers

    Science.gov (United States)

    2015-01-01

    Background The combination of eHealth applications and/or services with cloud technology provides health care staff—with sufficient mobility and accessibility for them—to be able to transparently check any data they may need without having to worry about its physical location. Objective The main aim of this paper is to put forward secure cloud-based solutions for a range of eHealth services such as electronic health records (EHRs), telecardiology, teleconsultation, and telediagnosis. Methods The scenario chosen for introducing the services is a set of four rural health centers located within the same Spanish region. iCanCloud software was used to perform simulations in the proposed scenario. We chose online traffic and the cost per unit in terms of time as the parameters for choosing the secure solution on the most optimum cloud for each service. Results We suggest that load balancers always be fitted for all solutions in communication together with several Internet service providers and that smartcards be used to maintain identity to an appropriate extent. The solutions offered via private cloud for EHRs, teleconsultation, and telediagnosis services require a volume of online traffic calculated at being able to reach 2 Gbps per consultation. This may entail an average cost of €500/month. Conclusions The security solutions put forward for each eHealth service constitute an attempt to centralize all information on the cloud, thus offering greater accessibility to medical information in the case of EHRs alongside more reliable diagnoses and treatment for telecardiology, telediagnosis, and teleconsultation services. Therefore, better health care for the rural patient can be obtained at a reasonable cost. PMID:26215155

  2. 2014 Year End Report: Center for Development of Security Excellence

    Science.gov (United States)

    2014-01-01

    Personnel Security Adjudications In August 2014, LT Tetyana Muirhead, a U.S. Navy Nurse , earned her Certificates in Security Leadership and in...website or on the CDSE YouTube channel. Personnel can watch the webinars and download associated job aids and resources. CDSE OPEN ELEARNING COURSES

  3. Testing Methodology of Breaking into Secured Storages of Mobile Operational System Google Android

    Directory of Open Access Journals (Sweden)

    Elena Vyacheslavovna Elistratova

    2013-02-01

    Full Text Available The methodology is developed for carrying out the test of breaking into internal storages of mobile operational system Google Android in order to detect security threats for personal data.

  4. A Method to Derive Monitoring Variables for a Cyber Security Test-bed of I and C System

    Energy Technology Data Exchange (ETDEWEB)

    Han, Kyung Soo; Song, Jae Gu; Lee, Joung Woon; Lee, Cheol Kwon [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

    2013-10-15

    In the IT field, monitoring techniques have been developed to protect the systems connected by networks from cyber attacks and incidents. For the development of monitoring systems for I and C cyber security, it is necessary to review the monitoring systems in the IT field and derive cyber security-related monitoring variables among the proprietary operating information about the I and C systems. Tests for the development and application of these monitoring systems may cause adverse effects on the I and C systems. To analyze influences on the system and safely intended variables, the construction of an I and C system Test-bed should be preceded. This article proposes a method of deriving variables that should be monitored through a monitoring system for cyber security as a part of I and C Test-bed. The surveillance features and the monitored variables of NMS(Network Management System), a monitoring technique in the IT field, were reviewed in section 2. In Section 3, the monitoring variables for an I and C cyber security were derived by the of NMS and the investigation for information used for hacking techniques that can be practiced against I and C systems. The monitoring variables of NMS in the IT field and the information about the malicious behaviors used for hacking were derived as expected variables to be monitored for an I and C cyber security research. The derived monitoring variables were classified into the five functions of NMS for efficient management. For the cyber security of I and C systems, the vulnerabilities should be understood through a penetration test etc. and an assessment of influences on the actual system should be carried out. Thus, constructing a test-bed of I and C systems is necessary for the safety system in operation. In the future, it will be necessary to develop a logging and monitoring system for studies on the vulnerabilities of I and C systems with test-beds.

  5. A Method to Derive Monitoring Variables for a Cyber Security Test-bed of I and C System

    International Nuclear Information System (INIS)

    Han, Kyung Soo; Song, Jae Gu; Lee, Joung Woon; Lee, Cheol Kwon

    2013-01-01

    In the IT field, monitoring techniques have been developed to protect the systems connected by networks from cyber attacks and incidents. For the development of monitoring systems for I and C cyber security, it is necessary to review the monitoring systems in the IT field and derive cyber security-related monitoring variables among the proprietary operating information about the I and C systems. Tests for the development and application of these monitoring systems may cause adverse effects on the I and C systems. To analyze influences on the system and safely intended variables, the construction of an I and C system Test-bed should be preceded. This article proposes a method of deriving variables that should be monitored through a monitoring system for cyber security as a part of I and C Test-bed. The surveillance features and the monitored variables of NMS(Network Management System), a monitoring technique in the IT field, were reviewed in section 2. In Section 3, the monitoring variables for an I and C cyber security were derived by the of NMS and the investigation for information used for hacking techniques that can be practiced against I and C systems. The monitoring variables of NMS in the IT field and the information about the malicious behaviors used for hacking were derived as expected variables to be monitored for an I and C cyber security research. The derived monitoring variables were classified into the five functions of NMS for efficient management. For the cyber security of I and C systems, the vulnerabilities should be understood through a penetration test etc. and an assessment of influences on the actual system should be carried out. Thus, constructing a test-bed of I and C systems is necessary for the safety system in operation. In the future, it will be necessary to develop a logging and monitoring system for studies on the vulnerabilities of I and C systems with test-beds

  6. 20 CFR 638.528 - Social Security.

    Science.gov (United States)

    2010-04-01

    ... 20 Employees' Benefits 3 2010-04-01 2010-04-01 false Social Security. 638.528 Section 638.528... TITLE IV-B OF THE JOB TRAINING PARTNERSHIP ACT Center Operations § 638.528 Social Security. The Act provides that students are covered by title II of the Social Security Act (42 U.S.C. 401 et seq.) and shall...

  7. Small UAS Test Area at NASA's Dryden Flight Research Center

    Science.gov (United States)

    Bauer, Jeffrey T.

    2008-01-01

    This viewgraph presentation reviews the areas that Dryden Flight Research Center has set up for testing small Unmanned Aerial Systems (UAS). It also reviews the requirements and process to use an area for UAS test.

  8. Idaho National Laboratory - Nuclear Research Center

    International Nuclear Information System (INIS)

    Zaidi, M.K.

    2005-01-01

    Full text: The Idaho National Laboratory is committed to the providing international nuclear leadership for the 21st Century, developing and demonstrating compiling national security technologies, and delivering excellence in science and technology as one of the United States Department of Energy's (DOE) multiprogram national laboratories. INL runs three major programs - Nuclear, Security and Science. nuclear programs covers the Advanced test reactor, Six Generation technology concepts selected for R and D, Targeting tumors - Boron Neutron capture therapy. Homeland security - Homeland Security establishes the Control System Security and Test Center, Critical Infrastructure Test Range evaluates technologies on a scalable basis, INL conducts high performance computing and visualization research and science - INL facility established for Geocentrifuge Research, Idaho Laboratory, a Utah company achieved major milestone in hydrogen research and INL uses extremophile bacteria to ease bleaching's environmental cost. To provide leadership in the education and training, INL has established an Institute of Nuclear Science and Engineering (Inset). The institute will offer a four year degree based on a newly developed curriculum - two year of basic science course work and two years of participation in project planning and development. The students enrolled in this program can continue to get a masters or a doctoral degree. This summer Inset is the host for the training of the first international group selected by the World Nuclear University (WNU) - 75 fellowship holders and their 30 instructors from 40 countries. INL has been assigned to provide future global leadership in the field of nuclear science and technology. Here, at INL, we keep safety first above all things and our logo is 'Nuclear leadership synonymous with safety leadership'

  9. Secure Retrieval of FFTF Testing, Design, and Operating Information

    International Nuclear Information System (INIS)

    Butner, R. Scott; Wootan, David W.; Omberg, Ronald P.; Makenas, Bruce J.; Nielsen, Deborah

    2009-01-01

    One of the goals of the Advanced Fuel Cycle Initiative (AFCI) is to preserve the knowledge that has been gained in the United States on Liquid Metal Reactors (LMR). In addition, preserving LMR information and knowledge is part of a larger international collaborative activity conducted under the auspices of the International Atomic Energy Agency (IAEA). A similar program is being conducted for EBR-II at the Idaho Nuclear Laboratory (INL) and international programs are also in progress. Knowledge preservation at the FFTF is focused on the areas of design, construction, startup, and operation of the reactor. As the primary function of the FFTF was testing, the focus is also on preserving information obtained from irradiation testing of fuels and materials. This information will be invaluable when, at a later date, international decisions are made to pursue new LMRs. In the interim, this information may be of potential use for international exchanges with other LMR programs around the world. At least as important in the United States, which is emphasizing large-scale computer simulation and modeling, this information provides the basis for creating benchmarks for validating and testing these large scale computer programs. Although the preservation activity with respect to FFTF information as discussed below is still underway, the team of authors above is currently retrieving and providing experimental and design information to the LMR modeling and simulation efforts for use in validating their computer models. On the Hanford Site, the FFTF reactor plant is one of the facilities intended for decontamination and decommissioning consistent with the cleanup mission on this site. The reactor facility has been deactivated and is being maintained in a cold and dark minimal surveillance and maintenance mode until final decommissioning is pursued. In order to ensure protection of information at risk, the program to date has focused on sequestering and secure retrieval

  10. Daugherty Memorial Assessment Center (DMAC)

    Data.gov (United States)

    Federal Laboratory Consortium — Daugherty Memorial Assessment Center (DMAC) is a 39,000-square-foot facility that doubles the warfare center's high-secured performance assessment capabilities. DMAC...

  11. National Security Technology Incubation Project Continuation Plan

    Energy Technology Data Exchange (ETDEWEB)

    None

    2008-09-30

    This document contains a project continuation plan for the National Security Technology Incubator (NSTI). The plan was developed as part of the National Security Preparedness Project (NSPP) funded by a Department of Energy (DOE)/National Nuclear Security Administration (NNSA) grant. This continuation plan describes the current status of NSTI (staffing and clients), long-term goals, strategies, and long-term financial solvency goals.The Arrowhead Center of New Mexico State University (NMSU) is the operator and manager of the NSTI. To realize the NSTI, Arrowhead Center must meet several performance objectives related to planning, development, execution, evaluation, and sustainability. This continuation plan is critical to the success of NSTI in its mission of incubating businesses with security technology products and services.

  12. Maintenance cost control at the Pacific Missile Test Center.

    OpenAIRE

    Jenson, Richard J.

    1980-01-01

    Approved for public release; distribution is unlimited The Pacific Missile Test Center (PMTC) is the Navy's largest Major Range and Test Facility Base, with an investment of over one billion dollars. The majority of this investment is in range test equipment and facilities including radar, telemetry, communication and command/ control systems. Concern is growing over the "excessively obsolete condition of PMTC technical equipment." Improvement of factors concerned with...

  13. ICS security in maritime transportation : a white paper examining the security and resiliency of critical transportation infrastructure

    Science.gov (United States)

    2013-07-29

    The John A. Volpe National Transportation Systems Center was asked by the Office of Security of the Maritime Administration to examine the issue of industrial control systems (ICS) security in the Maritime Transportation System (MTS), and to develop ...

  14. Evaluation methodologies for security testing biometric systems beyond technological evaluation

    OpenAIRE

    Fernández Saavedra, María Belén

    2013-01-01

    The main objective of this PhD Thesis is the specification of formal evaluation methodologies for testing the security level achieved by biometric systems when these are working under specific contour conditions. This analysis is conducted through the calculation of the basic technical biometric system performance and its possible variations. To that end, the next two relevant contributions have been developed. The first contribution is the definition of two independent biometric performance ...

  15. Network systems security analysis

    Science.gov (United States)

    Yilmaz, Ä.°smail

    2015-05-01

    Network Systems Security Analysis has utmost importance in today's world. Many companies, like banks which give priority to data management, test their own data security systems with "Penetration Tests" by time to time. In this context, companies must also test their own network/server systems and take precautions, as the data security draws attention. Based on this idea, the study cyber-attacks are researched throughoutly and Penetration Test technics are examined. With these information on, classification is made for the cyber-attacks and later network systems' security is tested systematically. After the testing period, all data is reported and filed for future reference. Consequently, it is found out that human beings are the weakest circle of the chain and simple mistakes may unintentionally cause huge problems. Thus, it is clear that some precautions must be taken to avoid such threats like updating the security software.

  16. Performance Testing of Homeland Security Technologies in U.S. EPA's Environmental Technology Verification (ETV) Program

    National Research Council Canada - National Science Library

    Kelly, Thomas J; Hofacre, Kent C; Derringer, Tricia L; Riggs, Karen B; Koglin, Eric N

    2004-01-01

    ... (reports and test plans available at www.epa.gov/etv). In the aftermath of the terrorist attacks of September 11, 2001, the ETV approach has also been employed in performance tests of technologies relevant to homeland security (HS...

  17. Radioactive Sources in Medicine: Impact of Additional Security Measures

    International Nuclear Information System (INIS)

    Classic, K. L.; Vetter, R. J.; Nelson, K. L.

    2004-01-01

    For many years, medical centers and hospitals have utilized appropriate security measures to prevent theft or unauthorized use of radioactive materials. Recent anxiety about orphan sources and terrorism has heightened concern about diversion of radioactive sources for purposes of constructing a radiological dispersion device. Some medical centers and hospitals may have responded by conducting threat assessments and incorporating additional measures into their security plans, but uniform recommendations or regulations have not been promulgated by regulatory agencies. The International Atomic Energy Agency drafted interim guidance for the purpose of assisting member states in deciding what security measures should be taken for various radioactive sources. The recommendations are aimed at regulators, but suppliers and users also may find the recommendations to be helpful. The purpose of this paper is to describe threat assessments and additional security actions that were taken by one large and one medium-sized medical center and the impact these measures had on operations. Both medical centers possess blood bank irradiators, low-dose-rate therapy sources, and Mo-99/Tc-99m generators that are common to many health care organizations. Other medical devices that were evaluated include high-dose-rate after loaders, intravascular brachytherapy sources, a Co-60 stereotactic surgery unit, and self-shielded irradiators used in biomedical research. This paper will discuss the impact additional security has had on practices that utilize these sources, cost of various security alternatives, and the importance of a security culture in assuring the integrity of security measures without negatively impacting beneficial use of these sources. (Author) 10 refs

  18. SOAC - State-of-the-Art Car Engineering Tests at Department of Transportation High Speed Ground Test Center : Volume 2. Performance Tests.

    Science.gov (United States)

    1975-01-01

    The six-volume report presents the technical methodology, data samples, and results of tests conducted on the SOAC on the Rail Transit Test Track at the High Speed Ground Test Center in Pueblo, Colorado during the period April to July 1973. The Test ...

  19. LORIS: A web-based data management system for multi-center studies.

    Directory of Open Access Journals (Sweden)

    Samir eDas

    2012-01-01

    Full Text Available LORIS (Longitudinal Online Research and Imaging System is a modular and extensible web-based data management system that integrates all aspects of a multi-center study: from heterogeneous data acquisition (imaging, clinical, behavior, genetics to storage, processing and ultimately dissemination. It provides a secure, user-friendly, and streamlined platform to automate the flow of clinical trials and complex multi-center studies. A subject-centric internal organization allows researchers to capture and subsequently extract all information, longitudinal or cross-sectional, from any subset of the study cohort. Extensive error-checking and quality control procedures, security, data management, data querying and administrative functions provide LORIS with a triple capability (i continuous project coordination and monitoring of data acquisition (ii data storage/cleaning/querying, (iii interface with arbitrary external data processing pipelines. LORIS is a complete solution that has been thoroughly tested through the full life cycle of a multi-center longitudinal project# and is now supporting numerous neurodevelopment and neurodegeneration research projects internationally.

  20. The Multimodal Assessment of Adult Attachment Security: Developing the Biometric Attachment Test.

    Science.gov (United States)

    Parra, Federico; Miljkovitch, Raphaële; Persiaux, Gwenaelle; Morales, Michelle; Scherer, Stefan

    2017-04-06

    Attachment theory has been proven essential for mental health, including psychopathology, development, and interpersonal relationships. Validated psychometric instruments to measure attachment abound but suffer from shortcomings common to traditional psychometrics. Recent developments in multimodal fusion and machine learning pave the way for new automated and objective psychometric instruments for adult attachment that combine psychophysiological, linguistic, and behavioral analyses in the assessment of the construct. The aim of this study was to present a new exposure-based, automatic, and objective adult-attachment assessment, the Biometric Attachment Test (BAT), which exposes participants to a short standardized set of visual and music stimuli, whereas their immediate reactions and verbal responses, captured by several computer sense modalities, are automatically analyzed for scoring and classification. We also aimed to empirically validate two of its assumptions: its capacity to measure attachment security and the viability of using themes as placeholders for rotating stimuli. A total of 59 French participants from the general population were assessed using the Adult Attachment Questionnaire (AAQ), the Adult Attachment Projective Picture System (AAP), and the Attachment Multiple Model Interview (AMMI) as ground truth for attachment security. They were then exposed to three different BAT stimuli sets, whereas their faces, voices, heart rate (HR), and electrodermal activity (EDA) were recorded. Psychophysiological features, such as skin-conductance response (SCR) and Bayevsky stress index; behavioral features, such as gaze and facial expressions; as well as linguistic and paralinguistic features, were automatically extracted. An exploratory analysis was conducted using correlation matrices to uncover the features that are most associated with attachment security. A confirmatory analysis was conducted by creating a single composite effects index and by testing it

  1. Thallium-201 for cardiac stress tests: residual radioactivity worries patients and security.

    Science.gov (United States)

    Geraci, Matthew J; Brown, Norman; Murray, David

    2012-12-01

    A 47-year-old man presented to the Emergency Department (ED) in duress and stated he was "highly radioactive." There were no reports of nuclear disasters, spills, or mishaps in the local area. This report discusses the potential for thallium-201 (Tl-201) patients to activate passive radiation alarms days to weeks after nuclear stress tests, even while shielded inside industrial vehicles away from sensors. Characteristics of Tl-201, as used for medical imaging, are described. This patient was twice detained by Homeland Security Agents and searched after he activated radiation detectors at a seaport security checkpoint. Security agents deemed him not to be a threat, but they expressed concern regarding his health and level of personal radioactivity. The patient was subsequently barred from his job and sent to the hospital. Tl-201 is a widely used radioisotope for medical imaging. The radioactive half-life of Tl-201 is 73.1h, however, reported periods of extended personal radiation have been seen as far out as 61 days post-administration. This case describes an anxious, but otherwise asymptomatic patient presenting to the ED with detection of low-level personal radiation. Documentation should be provided to and carried by individuals receiving radionuclides for a minimum of five to six half-lives of the longest-lasting isotope provided. Patients receiving Tl-201 should understand the potential for security issues; reducing probable tense moments, confusion, and anxiety to themselves, their employers, security officials, and ED staff. Copyright © 2012 Elsevier Inc. All rights reserved.

  2. The QUANTGRID Project (RO)—Quantum Security in GRID Computing Applications

    Science.gov (United States)

    Dima, M.; Dulea, M.; Petre, M.; Petre, C.; Mitrica, B.; Stoica, M.; Udrea, M.; Sterian, R.; Sterian, P.

    2010-01-01

    The QUANTGRID Project, financed through the National Center for Programme Management (CNMP-Romania), is the first attempt at using Quantum Crypted Communications (QCC) in large scale operations, such as GRID Computing, and conceivably in the years ahead in the banking sector and other security tight communications. In relation with the GRID activities of the Center for Computing & Communications (Nat.'l Inst. Nucl. Phys.—IFIN-HH), the Quantum Optics Lab. (Nat.'l Inst. Plasma and Lasers—INFLPR) and the Physics Dept. (University Polytechnica—UPB) the project will build a demonstrator infrastructure for this technology. The status of the project in its incipient phase is reported, featuring tests for communications in classical security mode: socket level communications under AES (Advanced Encryption Std.), both proprietary code in C++ technology. An outline of the planned undertaking of the project is communicated, highlighting its impact in quantum physics, coherent optics and information technology.

  3. Network security system for health and medical information using smart IC card

    Science.gov (United States)

    Kanai, Yoichi; Yachida, Masuyoshi; Yoshikawa, Hiroharu; Yamaguchi, Masahiro; Ohyama, Nagaaki

    1998-07-01

    A new network security protocol that uses smart IC cards has been designed to assure the integrity and privacy of medical information in communication over a non-secure network. Secure communication software has been implemented as a library based on this protocol, which is called the Integrated Secure Communication Layer (ISCL), and has been incorporated into information systems of the National Cancer Center Hospitals and the Health Service Center of the Tokyo Institute of Technology. Both systems have succeeded in communicating digital medical information securely.

  4. Full-Scale Incineration System Demonstration Verification Test Burns at the Naval Battalion Construction Center, Gulfport, Mississippi. Volume 3. Treatability Tests. Part 2

    Science.gov (United States)

    1991-07-01

    treatment of TCDD in soil has great social and political appeal. Furthermore, restoration costs are reduced if excavation and transportation of the soil...tc make an informed decision. Very truly Yours, f . ..... c Naval Constructione - ic:Commanding Of2icer 3C;~ Navl CnstuctonBattalion Center Gulfoort...EfPLOYES NAME (Print) SOCIAL SECURITY NU!BER EMPLOYEE SIGNATURE • 1LOCRA0 AID * tup, .tmn 60 John Glenn Drive, Suite 104 Audubon Industrial Park, North

  5. Solar-energy heats a transportation test center--Pueblo, Colorado

    Science.gov (United States)

    1981-01-01

    Petroleum-base, thermal energy transport fluid circulating through 583 square feet of flat-plate solar collectors accumulates majority of energy for space heating and domestic hot-water of large Test Center. Report describes operation, maintenance, and performance of system which is suitable for warehouses and similar buildings. For test period from February 1979 to January 1980, solar-heating fraction was 31 percent, solar hot-water fraction 79 percent.

  6. International Education and Training Centre (Nuclear security and Nonproliferation) and Ideas for Educational Test Facilities in the centre

    Energy Technology Data Exchange (ETDEWEB)

    Seo, Hyung Min [Korea Institute of Nuclear Non-proliferation and Control, Daejeon (Korea, Republic of)

    2010-10-15

    With respect to the nuclear security-related multilateral agreements, many states and international societies recognize the importance of evaluating and improving their physical protection systems to ensure that they are capable of achieving the objectives set out in relevant IAEA Nuclear Security Series documents. Under this circumstance, finally, on April 12-13, 2010, US President Obama hosted a Nuclear Security Summit in Washington, DC, to enhance international cooperation to prevent nuclear terrorism, an issue which he has identified as the most immediate and extreme threat to global security. The goals of the Nuclear Security Summit were to come to a common understanding of the threat posed by nuclear terrorism, to agree to effective measures to secure nuclear material, and to prevent nuclear smuggling and terrorism. The Summit focused on the security of nuclear materials, nonproliferation, disarmament, and peaceful nuclear energy. At the summit, the Republic of Korea was chosen as the host of the next Summit in 2012. After President Barack Obama declared the opening of the Summit and explained the purpose of the meeting, he designated Korea as the host of the Second Nuclear Security Summit, which was unanimously approved by the participating leaders. During the Summit, President Lee introduced Korea's measures for the physical protection of nuclear materials and laid out what contributions Korea would make to the international community. He also stated that the North Korean leader would be welcomed at the next summit only if his country made substantial pledges toward nuclear disarmament during the Six-Party Talks and announced that Seoul would host the general assembly of the Global Initiative to Combat Nuclear Terrorism in 2011 and would share its expertise and support the Summit's mission by setting up an education and training center on nuclear security in 2014

  7. International Education and Training Centre (Nuclear security and Nonproliferation) and Ideas for Educational Test Facilities in the centre

    International Nuclear Information System (INIS)

    Seo, Hyung Min

    2010-01-01

    With respect to the nuclear security-related multilateral agreements, many states and international societies recognize the importance of evaluating and improving their physical protection systems to ensure that they are capable of achieving the objectives set out in relevant IAEA Nuclear Security Series documents. Under this circumstance, finally, on April 12-13, 2010, US President Obama hosted a Nuclear Security Summit in Washington, DC, to enhance international cooperation to prevent nuclear terrorism, an issue which he has identified as the most immediate and extreme threat to global security. The goals of the Nuclear Security Summit were to come to a common understanding of the threat posed by nuclear terrorism, to agree to effective measures to secure nuclear material, and to prevent nuclear smuggling and terrorism. The Summit focused on the security of nuclear materials, nonproliferation, disarmament, and peaceful nuclear energy. At the summit, the Republic of Korea was chosen as the host of the next Summit in 2012. After President Barack Obama declared the opening of the Summit and explained the purpose of the meeting, he designated Korea as the host of the Second Nuclear Security Summit, which was unanimously approved by the participating leaders. During the Summit, President Lee introduced Korea's measures for the physical protection of nuclear materials and laid out what contributions Korea would make to the international community. He also stated that the North Korean leader would be welcomed at the next summit only if his country made substantial pledges toward nuclear disarmament during the Six-Party Talks and announced that Seoul would host the general assembly of the Global Initiative to Combat Nuclear Terrorism in 2011 and would share its expertise and support the Summit's mission by setting up an education and training center on nuclear security in 2014

  8. Test and Approval Center for Fuel Cell and Hydrogen Technologies: Phase I. Initiation

    DEFF Research Database (Denmark)

    already spent on these technologies also lead to commercial success. The project ‘Test and Approval Center for Fuel Cell and Hydrogen Technologies: Phase I. Initiation’ was aiming at starting with the Establishment of such a center. The following report documents the achievements within the project...... of the fluctuating wind energy. As the fuel cell and hydrogen technologies come closer to commercialization, development of testing methodology, qualified testing and demonstration become increasingly important. Danish industrial players have expressed a strong need for support in the process to push fuel cell...... and hydrogen technologies from the research and development stage into the commercial domain. A Center to support industry with test, development, analysis, approval, certification, consultation, and training in the areas of fuel cell and hydrogen technologies was needed. Denmark has demonstrated leading...

  9. Analysis of a Hybrid Wing Body Center Section Test Article

    Science.gov (United States)

    Wu, Hsi-Yung T.; Shaw, Peter; Przekop, Adam

    2013-01-01

    The hybrid wing body center section test article is an all-composite structure made of crown, floor, keel, bulkhead, and rib panels utilizing the Pultruded Rod Stitched Efficient Unitized Structure (PRSEUS) design concept. The primary goal of this test article is to prove that PRSEUS components are capable of carrying combined loads that are representative of a hybrid wing body pressure cabin design regime. This paper summarizes the analytical approach, analysis results, and failure predictions of the test article. A global finite element model of composite panels, metallic fittings, mechanical fasteners, and the Combined Loads Test System (COLTS) test fixture was used to conduct linear structural strength and stability analyses to validate the specimen under the most critical combination of bending and pressure loading conditions found in the hybrid wing body pressure cabin. Local detail analyses were also performed at locations with high stress concentrations, at Tee-cap noodle interfaces with surrounding laminates, and at fastener locations with high bearing/bypass loads. Failure predictions for different composite and metallic failure modes were made, and nonlinear analyses were also performed to study the structural response of the test article under combined bending and pressure loading. This large-scale specimen test will be conducted at the COLTS facility at the NASA Langley Research Center.

  10. Security in cloud computing

    OpenAIRE

    Moreno Martín, Oriol

    2016-01-01

    Security in Cloud Computing is becoming a challenge for next generation Data Centers. This project will focus on investigating new security strategies for Cloud Computing systems. Cloud Computingisarecent paradigmto deliver services over Internet. Businesses grow drastically because of it. Researchers focus their work on it. The rapid access to exible and low cost IT resources on an on-demand fashion, allows the users to avoid planning ahead for provisioning, and enterprises to save money ...

  11. An analysis of patient-provider secure messaging at two Veterans Health Administration medical centers: message content and resolution through secure messaging.

    Science.gov (United States)

    Shimada, Stephanie L; Petrakis, Beth Ann; Rothendler, James A; Zirkle, Maryan; Zhao, Shibei; Feng, Hua; Fix, Gemmae M; Ozkaynak, Mustafa; Martin, Tracey; Johnson, Sharon A; Tulu, Bengisu; Gordon, Howard S; Simon, Steven R; Woods, Susan S

    2017-09-01

    We sought to understand how patients and primary care teams use secure messaging (SM) to communicate with one another by analyzing secure message threads from 2 Department of Veterans Affairs facilities. We coded 1000 threads of SM communication sampled from 40 primary care teams. Most threads (94.5%) were initiated by patients (90.4%) or caregivers (4.1%); only 5.5% were initiated by primary care team members proactively reaching out to patients. Medication renewals and refills (47.2%), scheduling requests (17.6%), medication issues (12.9%), and health issues (12.7%) were the most common patient-initiated requests, followed by referrals (7.0%), administrative issues (6.5%), test results (5.4%), test issues (5.2%), informing messages (4.9%), comments about the patient portal or SM (4.1%), appreciation (3.9%), self-reported data (2.8%), life issues (1.5%), and complaints (1.5%). Very few messages were clinically urgent (0.7%) or contained other potentially challenging content. Message threads were mostly short (2.7 messages), comprising an average of 1.35 discrete content types. A substantial proportion of issues (24.2%) did not show any evidence of being resolved through SM. Time to response and extent of resolution via SM varied by message content. Proactive SM use by teams varied, but was most often for test results (32.7%), medication-related issues (21.8%), medication renewals (16.4%), or scheduling issues (18.2%). The majority of messages were transactional and initiated by patients or caregivers. Not all content categories were fully addressed over SM. Further education and training for both patients and clinical teams could improve the quality and efficiency of SM communication. Published by Oxford University Press on behalf of the American Medical Informatics Association 2017. This work is written by US Government employees and is in the public domain in the United States.

  12. About Security Solutions in Fog Computing

    Directory of Open Access Journals (Sweden)

    Eugen Petac

    2016-01-01

    Full Text Available The key for improving a system's performance, its security and reliability is to have the dataprocessed locally in remote data centers. Fog computing extends cloud computing through itsservices to devices and users at the edge of the network. Through this paper it is explored the fogcomputing environment. Security issues in this area are also described. Fog computing providesthe improved quality of services to the user by complementing shortages of cloud in IoT (Internet ofThings environment. Our proposal, named Adaptive Fog Computing Node Security Profile(AFCNSP, which is based security Linux solutions, will get an improved security of fog node withrich feature sets.

  13. Lewis Research Center space station electric power system test facilities

    Science.gov (United States)

    Birchenough, Arthur G.; Martin, Donald F.

    1988-01-01

    NASA Lewis Research Center facilities were developed to support testing of the Space Station Electric Power System. The capabilities and plans for these facilities are described. The three facilities which are required in the Phase C/D testing, the Power Systems Facility, the Space Power Facility, and the EPS Simulation Lab, are described in detail. The responsibilities of NASA Lewis and outside groups in conducting tests are also discussed.

  14. Human-centered automation of testing, surveillance and maintenance

    International Nuclear Information System (INIS)

    Bhatt, S.C.; Sun, B.K.H.

    1991-01-01

    Manual surveillance and testing of instrumentation, control and protection systems at nuclear power plants involves system and human errors which can lead to substantial plant down time. Frequent manual testing can also contribute significantly to operation and maintenance cost. Automation technology offers potential for prudent applications at the power plant to reduce testing errors and cost. To help address the testing problems and to harness the benefit of automation application, input from utilities is obtained on suitable automation approaches. This paper includes lessens from successful past experience at a few plants where some island of automation exist. The results are summarized as a set of specifications for semi automatic testing. A human-centered automation methodology is proposed with the guidelines for optimal human/computer division of tasks given. Implementation obstacles for significant changes of testing practices are identified and methods acceptable to nuclear power plants for addressing these obstacles have been suggested

  15. Development and Testing of the Glenn Research Center Visitor's Center Grid-Tied Photovoltaic Power System

    Science.gov (United States)

    Eichenberg, Dennis J.

    2009-01-01

    The NASA Glenn Research Center (GRC) has developed, installed, and tested a 12 kW DC grid-tied photovoltaic (PV) power system at the GRC Visitor s Center. This system utilizes a unique ballast type roof mount for installing the photovoltaic panels on the roof of the Visitor s Center with no alterations or penetrations to the roof. The PV system has generated in excess of 15000 kWh since operation commenced in August 2008. The PV system is providing power to the GRC grid for use by all. Operation of the GRC Visitor s Center PV system has been completely trouble free. A grid-tied PV power system is connected directly to the utility distribution grid. Facility power can be obtained from the utility system as normal. The PV system is synchronized with the utility system to provide power for the facility, and excess power is provided to the utility. The project transfers space technology to terrestrial use via nontraditional partners. GRC personnel glean valuable experience with PV power systems that are directly applicable to various space power systems, and provides valuable space program test data. PV power systems help to reduce harmful emissions and reduce the Nation s dependence on fossil fuels. Power generated by the PV system reduces the GRC utility demand, and the surplus power aids the community. Present global energy concerns reinforce the need for the development of alternative energy systems. Modern PV panels are readily available, reliable, efficient, and economical with a life expectancy of at least 25 years. Modern electronics has been the enabling technology behind grid-tied power systems, making them safe, reliable, efficient, and economical with a life expectancy of at least 25 years. Based upon the success of the GRC Visitor s Center PV system, additional PV power system expansion at GRC is under consideration. The GRC Visitor s Center grid-tied PV power system was successfully designed and developed which served to validate the basic principles

  16. Secure ICCP Final Report

    Energy Technology Data Exchange (ETDEWEB)

    Rice, Mark J.; Bonebrake, Christopher A.; Dayley, Greg K.; Becker, Larry J.

    2017-06-30

    Inter-Control Center Communications Protocol (ICCP), defined by the IEC 60870-6 TASE.2 standard, was developed to enable data exchange over wide area networks between electric system entities, including utility control centers, Independent System Operators (ISOs), Regional Transmission Operators (RTOs) and Independent Power Producers (IPP) also known as Non-Utility Generators (NUG). ICCP is an unprotected protocol, and as a result is vulnerable to such actions as integrity violation, interception or alteration, spoofing, and eavesdropping. Because of these vulnerabilities with unprotected ICCP communication, security enhancements, referred to as Secure ICCP, have been added and are included in the ICCP products that utilities have received since 2003 when the standard was defined. This has resulted in an ICCP product whose communication can be encrypted and authenticated to address these vulnerabilities.

  17. [Formula: see text]Determination of the smoking gun of intent: significance testing of forced choice results in social security claimants.

    Science.gov (United States)

    Binder, Laurence M; Chafetz, Michael D

    2018-01-01

    Significantly below-chance findings on forced choice tests have been described as revealing "the smoking gun of intent" that proved malingering. The issues of probability levels, one-tailed vs. two-tailed tests, and the combining of PVT scores on significantly below-chance findings were addressed in a previous study, with a recommendation of a probability level of .20 to test the significance of below-chance results. The purpose of the present study was to determine the rate of below-chance findings in a Social Security Disability claimant sample using the previous recommendations. We compared the frequency of below-chance results on forced choice performance validity tests (PVTs) at two levels of significance, .05 and .20, and when using significance testing on individual subtests of the PVTs compared with total scores in claimants for Social Security Disability in order to determine the rate of the expected increase. The frequency of significant results increased with the higher level of significance for each subtest of the PVT and when combining individual test sections to increase the number of test items, with up to 20% of claimants showing significantly below-chance results at the higher p-value. These findings are discussed in light of Social Security Administration policy, showing an impact on policy issues concerning child abuse and neglect, and the importance of using these techniques in evaluations for Social Security Disability.

  18. Disruptive Ideas for Power Grid Security and Resilience With DER

    Energy Technology Data Exchange (ETDEWEB)

    Ibrahim, Erfan [National Renewable Energy Laboratory (NREL), Golden, CO (United States)

    2017-10-23

    This presentation by Erfan Ibrahim was prepared for NREL's 2017 Cybersecurity and Reslience Workshop on distributed energy resource (DER) best practices. The presentation provides an overview of NREL's Cyber-Physical Systems Security and Resilience R&D Center, the Center's approach to cybersecurity, and disruptive ideas for power grid security and resilience with DER.

  19. Kodak Mirror Assembly Tested at Marshall Space Flight Center

    Science.gov (United States)

    2003-01-01

    This photo (a frontal view) is of one of many segments of the Eastman-Kodak mirror assembly being tested for the James Webb Space Telescope (JWST) project at the X-Ray Calibration Facility at Marshall Space Flight Center (MSFC). MSFC is supporting Goddard Space Flight Center (GSFC) in developing the JWST by taking numerous measurements to predict its future performance. The tests are conducted in a vacuum chamber cooled to approximate the super cold temperatures found in space. During its 27 years of operation, the facility has performed testing in support of a wide array of projects, including the Hubble Space Telescope (HST), Solar A, Chandra technology development, Chandra High Resolution Mirror Assembly and science instruments, Constellation X-Ray Mission, and Solar X-Ray Imager, currently operating on a Geostationary Operational Environment Satellite. The JWST is NASA's next generation space telescope, a successor to the Hubble Space Telescope, named in honor of NASA's second administrator, James E. Webb. It is scheduled for launch in 2010 aboard an expendable launch vehicle. It will take about 3 months for the spacecraft to reach its destination, an orbit of 940,000 miles in space.

  20. Computer-aided dispatch--traffic management center field operational test final detailed test plan : WSDOT deployment

    Science.gov (United States)

    2003-10-01

    The purpose of this document is to expand upon the evaluation components presented in "Computer-aided dispatch--traffic management center field operational test final evaluation plan : WSDOT deployment". This document defines the objective, approach,...

  1. Security practices and regulatory compliance in the healthcare industry.

    Science.gov (United States)

    Kwon, Juhee; Johnson, M Eric

    2013-01-01

    Securing protected health information is a critical responsibility of every healthcare organization. We explore information security practices and identify practice patterns that are associated with improved regulatory compliance. We employed Ward's cluster analysis using minimum variance based on the adoption of security practices. Variance between organizations was measured using dichotomous data indicating the presence or absence of each security practice. Using t tests, we identified the relationships between the clusters of security practices and their regulatory compliance. We utilized the results from the Kroll/Healthcare Information and Management Systems Society telephone-based survey of 250 US healthcare organizations including adoption status of security practices, breach incidents, and perceived compliance levels on Health Information Technology for Economic and Clinical Health, Health Insurance Portability and Accountability Act, Red Flags rules, Centers for Medicare and Medicaid Services, and state laws governing patient information security. Our analysis identified three clusters (which we call leaders, followers, and laggers) based on the variance of security practice patterns. The clusters have significant differences among non-technical practices rather than technical practices, and the highest level of compliance was associated with hospitals that employed a balanced approach between technical and non-technical practices (or between one-off and cultural practices). Hospitals in the highest level of compliance were significantly managing third parties' breaches and training. Audit practices were important to those who scored in the middle of the pack on compliance. Our results provide security practice benchmarks for healthcare administrators and can help policy makers in developing strategic and practical guidelines for practice adoption.

  2. Regional Test Center Operations Manual

    Energy Technology Data Exchange (ETDEWEB)

    Stein, Joshua [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Burnham, Laurie [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Jones, Christian Birk [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

    2017-07-01

    The U.S. DOE Regional Test Center for Solar Technologies program was established to validate photovoltaic (PV) technologies installed in a range of different climates. The program is funded by the Energy Department's SunShot Initiative. The initiative seeks to make solar energy cost competitive with other forms of electricity by the end of the decade. Sandia National Laboratory currently manages four different sites across the country. The National Renewable Energy Laboratory manages a fifth site in Colorado. The entire PV portfolio currently includes 20 industry partners and almost 500 kW of installed systems. The program follows a defined process that outlines tasks, milestones, agreements, and deliverables. The process is broken out into four main parts: 1) planning and design, 2) installation, 3) operations, and 4) decommissioning. This operations manual defines the various elements of each part.

  3. Applied Physics Research at the Idaho Accelerator Center

    International Nuclear Information System (INIS)

    Date, D. S.; Hunt, A. W.; Chouffani, K.; Wells, D. P.

    2011-01-01

    The Idaho Accelerator Center, founded in 1996 and based at Idaho State University, supports research, education, and high technology economic development in the United States. The research center currently has eight electron linear accelerators ranging in energy from 6 to 44 MeV with the latter linear accelerator capable of picosecond pulses, a 2 MeV positive-ion Van de Graaff, a 4 MV Nec tandem Pelletron, and a pulsed-power 8 k A, 10 MeV electron induction accelerator. Current research emphases include, accelerator physics research, accelerator based medical isotope production, active interrogation techniques for homeland security and nuclear nonproliferation applications, non destructive testing and materials science studies in support of industry as well as the development of advanced nuclear fuels, pure and applied radio-biology, and medical physics. This talk will highlight three of these areas including the production of the isotopes 99 Tc and 67 Cu for medical diagnostics and therapy, as well as two new technologies currently under development for nuclear safeguards and homeland security - namely laser Compton scattering and the polarized photofission of actinides

  4. Secure Information Exchange Gateway for Electric Grid Operations

    Energy Technology Data Exchange (ETDEWEB)

    Robertson, F. Russell [Grid Protection Alliance, Chattanooga, TN (United States); Carroll, J. Ritchie [Grid Protection Alliance, Chattanooga, TN (United States); Sanders, William [Univ. of Illinois, Urbana-Champaign, IL (United States); Yardley, Timothy [Univ. of Illinois, Urbana-Champaign, IL (United States); Heine, Erich [Univ. of Illinois, Urbana-Champaign, IL (United States); Hadley, Mark [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); McKinnon, David [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Motteler, Barbara [Alstom Grid Inc., Levallois-Perret Cedex (France); Giri, Jay [Grid Protection Alliance, Chattanooga, TN (United States); Walker, William [PJM Interconnection (PJM), Norristown, PA (United States); McCartha, Esrick [PJM Interconnection (PJM), Norristown, PA (United States)

    2014-09-30

    The major objectives of the SIEGate project were to improve the security posture and minimize the cyber-attack surface of electric utility control centers and to reduce the cost of maintaining control-room-to-control-room information exchange. Major project goals included the design, development, testing, and commercialization of a single security-hardened appliance that could meet industry needs for resisting cyber-attacks while protecting the confidentiality and integrity of a growing volume of real-time information needed to ensure the reliability of the bulk electric system and interoperating with existing data formats and networking technologies. The SIEGate project has achieved its goals and objectives. The SIEGate Design Document, issued in March 2012, presented SIEGate use cases, provided SIEGate requirements, established SIEGate design principles, and prescribed design functionality of SIEGate as well as the components that make up SIEGate. SIEGate Release Version 1.0 was posted in January 2014. Release Version 1.0.83, which was posted on March 28, 2014, fixed many issues discovered by early adopters and added several new features. Release Candidate 1.1, which added additional improvements and bug fixes, was posted in June 2014. SIEGate executables have been downloaded more than 300 times. SIEGate has been tested at PJM, Entergy, TVA, and Southern. Security testing and analysis of SIEGate has been conducted at PNNL and PJM. Alstom has provided a summary of recommended steps for commercialization of the SIEGate Appliance and identified two deployment models with immediate commercial application.

  5. Computer-aided dispatch--traffic management center field operational test final test plans : state of Utah

    Science.gov (United States)

    2004-01-01

    The purpose of this document is to expand upon the evaluation components presented in "Computer-aided dispatch--traffic management center field operational test final evaluation plan : state of Utah". This document defines the objective, approach, an...

  6. (Congressional Interest) Institute for Science, Space and Security (ISSS)

    Science.gov (United States)

    2012-03-19

    Studies program between UCCS and University of Zagreb , Croatia (City of Zagreb funding). Conducted three days of meetings with City/University of Zagreb ...security and assist the University of Zagreb in establishing a regional (Eastern Europe) Center of Excellence in Homeland Security. In the long-term...UCCS will assist the University of Zagreb in maturing the Center of Excellence and designing, developing and delivering masters and doctoral degrees

  7. Center for Women Veterans

    Science.gov (United States)

    ... Business with VA Acquisition, Logistics, & Construction Small & Veteran Business Programs VetBiz.gov Financial & Asset Enterprise Management Security Investigation Center/Background Clearances Freedom of Information ...

  8. Waste Receiving and Processing Facility PMS Test Report/DMS-Y2K/System Security DMS (Data Management System)

    International Nuclear Information System (INIS)

    PALMER, M.E.

    1999-01-01

    Test Plan HNF-4351 defines testing requirements for installation of a new server in the WRAP Facility. This documents shows the results of the test reports on the DMS-Y2K and DMS-F81 (Security) systems

  9. The effect of alternative work schedules (AWS) on performance during acquisition based testing at the U.S. Army Aberdeen Test Center

    OpenAIRE

    Thomas, Alicia J.

    2014-01-01

    Approved for public release; distribution is unlimited This project analyzed the effects of an alternate work schedule (AWS) on the performance of acquisition based testing conducted at the U.S. Army Aberdeen Test Center (ATC), a subordinate test center to the U.S. Army Test and Evaluation Command. The literature review uncovered how an AWS improved employee work and life balance and performance at three separate external companies. Other potential AWS success factors such as employee abse...

  10. Distributing CMS Data between the Florida T2 and T3 Centers using Lustre and Xrootd-fs

    International Nuclear Information System (INIS)

    Kaganas, G; Rodriguez, J L; Cheng, M; Avery, P; Bourilkov, D; Fu, Y; Palencia, J

    2014-01-01

    We have developed remote data access for large volumes of data over the Wide Area Network based on the Lustre filesystem and Kerberos authentication for security. In this paper we explore a prototype for two-step data access from worker nodes at Florida Tier3 centers, located behind a firewall and using a private network, to data hosted on the Lustre filesystem at the University of Florida CMS Tier2 center. At the Tier3 center we use a client which mounts securely the Lustre filesystem and hosts an XrootD server. The worker nodes access the data from the Tier3 client using POSIX compliant tools via the XrootD-fs filesystem. We perform scalability tests with up to 200 jobs running in parallel on the Tier3 worker nodes.

  11. Generic System for Remote Testing and Calibration of Measuring Instruments: Security Architecture

    Science.gov (United States)

    Jurčević, M.; Hegeduš, H.; Golub, M.

    2010-01-01

    Testing and calibration of laboratory instruments and reference standards is a routine activity and is a resource and time consuming process. Since many of the modern instruments include some communication interfaces, it is possible to create a remote calibration system. This approach addresses a wide range of possible applications and permits to drive a number of different devices. On the other hand, remote calibration process involves a number of security issues due to recommendations specified in standard ISO/IEC 17025, since it is not under total control of the calibration laboratory personnel who will sign the calibration certificate. This approach implies that the traceability and integrity of the calibration process directly depends on the collected measurement data. The reliable and secure remote control and monitoring of instruments is a crucial aspect of internet-enabled calibration procedure.

  12. Test and Demonstration Assets of New Mexico

    Energy Technology Data Exchange (ETDEWEB)

    None

    2008-03-31

    This document was developed by the Arrowhead Center of New Mexico State University as part of the National Security Preparedness Project (NSPP), funded by a DOE/NNSA grant. The NSPP has three primary components: business incubation, workforce development, and technology demonstration and validation. The document contains a survey of test and demonstration assets in New Mexico available for external users such as small businesses with security technologies under development. Demonstration and validation of national security technologies created by incubator sources, as well as other sources, are critical phases of technology development. The NSPP will support the utilization of an integrated demonstration and validation environment.

  13. Ethnicity, Household Food Security, and Nutrition and Activity Patterns in Families With Preschool Children.

    Science.gov (United States)

    Asfour, Lila; Natale, Ruby; Uhlhorn, Susan; Arheart, Kris L; Haney, Kanathy; Messiah, Sarah E

    2015-01-01

    This study evaluated the relationship between food security and child nutritional intake, sedentary behavior, and body mass index (BMI) and potential moderation by ethnic subgroup membership. Cross-sectional data analysis from baseline data of a preschool intervention trial. Twenty-eight subsidized child care centers in Miami-Dade County, FL. Children ages 2 to 5 (n = 1,211) and their caregivers. The BMI percentile and the following 4 factors (via confirmatory factor analysis): food security, consumption of fruits/vegetables, consumption of unhealthy foods, and sedentary behaviors. Separate linear mixed models tested relationships between food security and main outcome measures with an interaction term to test for possible moderation by ethnicity. Results indicated a significant relationship (P security and child consumption of fruit/vegetables, consumption of unhealthy foods, and sedentary behavior, but not with BMI percentile. With greater food security, Haitians reported greater consumption of fruit/vegetables and sedentary behavior. With greater food security, Cubans and non-Hispanic whites reported less consumption of unhealthy foods, while Haitians reported greater consumption. Results showed higher food security was associated with higher consumption of fruit/vegetables, consumption of unhealthy foods, and sedentary behavior, but this was moderated by ethnicity. Implications for healthy weight interventions among low-income preschoolers should focus on the importance of food security and tailor intervention strategies for diverse ethnic groups accordingly. Copyright © 2015 Society for Nutrition Education and Behavior. Published by Elsevier Inc. All rights reserved.

  14. Relationship between Food Security with Sugar Level and Blood Pressure in Diabetes Type 2 in Tehran.

    Science.gov (United States)

    Moghadam, Seyed Amir Hossein Zehni; Javadi, Maryam; Mohammadpooral, Asghar

    2016-12-01

    Food security has been defined as the "availability, stability, access and utilization of safe foods". Diabetes has been known as one of the biggest health and medical problems throughout the world and is clearly related to lifestyle, and particularly, improper food consumption. The aim of this study was to determine the relationship between food security with sugar and blood pressure in patients suffering from type 2 diabetes who refer to diabetes centers in Tehran. This cross-sectional study was conducted in 2015 on type 2 diabetes patients in Tehran, Iran. From two diabetes centers in the eastern and southern parts of Tehran, 243 type 2 diabetes patients were selected. Necessary information (demographic and food security information) about all the studied persons was collected using the standard questionnaire verified by US Department of Agriculture (USDA). The data was analyzed by SPSS version 16, statistical comparisons were made using analysis of variance (ANOVA) and Chi-square and Tukey tests and a significant level of food security (p=0.372). No significant relation was observed between food security and fasting blood pressure, HbA1C, and systolic blood pressure (p>0.05), but there was a significant relationship between food security and diastolic blood pressure (p= 0.030). According to the relationship between diastolic blood pressure and food security and the role of blood pressure in the irreparable diabetic complications, it is recommended to perform appropriate food advice.

  15. Finite Element Analysis and Test Results Comparison for the Hybrid Wing Body Center Section Test Article

    Science.gov (United States)

    Przekop, Adam; Jegley, Dawn C.; Rouse, Marshall; Lovejoy, Andrew E.

    2016-01-01

    This report documents the comparison of test measurements and predictive finite element analysis results for a hybrid wing body center section test article. The testing and analysis efforts were part of the Airframe Technology subproject within the NASA Environmentally Responsible Aviation project. Test results include full field displacement measurements obtained from digital image correlation systems and discrete strain measurements obtained using both unidirectional and rosette resistive gauges. Most significant results are presented for the critical five load cases exercised during the test. Final test to failure after inflicting severe damage to the test article is also documented. Overall, good comparison between predicted and actual behavior of the test article is found.

  16. Shake-table testing of a self-centering precast reinforced concrete frame with shear walls

    Science.gov (United States)

    Lu, Xilin; Yang, Boya; Zhao, Bin

    2018-04-01

    The seismic performance of a self-centering precast reinforced concrete (RC) frame with shear walls was investigated in this paper. The lateral force resistance was provided by self-centering precast RC shear walls (SPCW), which utilize a combination of unbonded prestressed post-tensioned (PT) tendons and mild steel reinforcing bars for flexural resistance across base joints. The structures concentrated deformations at the bottom joints and the unbonded PT tendons provided the self-centering restoring force. A 1/3-scale model of a five-story self-centering RC frame with shear walls was designed and tested on a shake-table under a series of bi-directional earthquake excitations with increasing intensity. The acceleration response, roof displacement, inter-story drifts, residual drifts, shear force ratios, hysteresis curves, and local behaviour of the test specimen were analysed and evaluated. The results demonstrated that seismic performance of the test specimen was satisfactory in the plane of the shear wall; however, the structure sustained inter-story drift levels up to 2.45%. Negligible residual drifts were recorded after all applied earthquake excitations. Based on the shake-table test results, it is feasible to apply and popularize a self-centering precast RC frame with shear walls as a structural system in seismic regions.

  17. Nevada National Security Site Environmental Report Summary 2016

    Energy Technology Data Exchange (ETDEWEB)

    Wills, Cathy [National Security Technologies, LLC. (NSTec), Mercury, NV (United States)

    2017-09-07

    centers that support the National Security/Defense mission include the U1a Facility, Big Explosives Experimental Facility (BEEF), Device Assembly Facility (DAF), National Criticality Experiments Research Center (NCERC) located in the DAF, Joint Actinide Shock Physics Experimental Research (JASPER) Facility, Dense Plasma Focus (DPF) Facility located in the Los Alamos Technical Facility (LATF), and the Radiological/ Nuclear Countermeasures Test and Evaluation Complex (RNCTEC). Facilities that support the Environmental Management mission include the Area 5 Radioactive Waste Management Complex (RWMC) and the Area 3 Radioactive Waste Management Site (RWMS), which has been in cold standby since 2006.

  18. Increasing Security for Cloud Computing By Steganography in Image Edges

    Directory of Open Access Journals (Sweden)

    Hassan Hadi Saleh

    2017-03-01

    Full Text Available The security of data storage in “cloud” is big challenge because the data keep within resources that may be accessed by particular machines. The managing of these data and services may not be high reliable. Therefore, the security of data is highly challenging. To increase the security of data in data center of cloud, we have introduced good method to ensure data security in “cloud computing” by methods of data hiding using color images which is called steganography. The fundamental objective of this paper is to prevent "Data Access” by unauthorized or opponent users. This scheme stores data at data centers within edges of color images and retrieves data from it when it is wanted.

  19. Environmental control and life support testing at the Marshall Space Flight Center

    Science.gov (United States)

    Schunk, Richard G.; Humphries, William R.

    1987-01-01

    The Space Station Environmental Control and Life Support System (ECLSS) test program at the Marshall Space Flight Center (MSFC) is addressed. The immediate goals and current activities of the test program are discussed. Also described are the Core Module Integration Facility (CMIF) and the initial ECLSS test configuration. Future plans for the ECLSS test program and the CMIF are summarized.

  20. The Testing Behind The Test Facility: The Acoustic Design of the NASA Glenn Research Center's World-Class Reverberant Acoustic Test Facility

    Science.gov (United States)

    Hozman, Aron D.; Hughes, William O.; McNelis, Mark E.; McNelis, Anne M.

    2011-01-01

    The National Aeronautics and Space Administration (NASA) Glenn Research Center (GRC) is leading the design and build of the new world-class vibroacoustic test capabilities at the NASA GRC's Plum Brook Station in Sandusky, Ohio, USA. Benham Companies, LLC is currently constructing modal, base-shake sine and reverberant acoustic test facilities to support the future testing needs of NASA's space exploration program. The large Reverberant Acoustic Test Facility (RATF) will be approximately 101,000 cu ft in volume and capable of achieving an empty chamber acoustic overall sound pressure level (OASPL) of 163 dB. This combination of size and acoustic power is unprecedented amongst the world's known active reverberant acoustic test facilities. The key to achieving the expected acoustic test spectra for a range of many NASA space flight environments in the RATF is the knowledge gained from a series of ground acoustic tests. Data was obtained from several NASA-sponsored test programs, including testing performed at the National Research Council of Canada's acoustic test facility in Ottawa, Ontario, Canada, and at the Redstone Technical Test Center acoustic test facility in Huntsville, Alabama, USA. The majority of these tests were performed to characterize the acoustic performance of the modulators (noise generators) and representative horns that would be required to meet the desired spectra, as well as to evaluate possible supplemental gas jet noise sources. The knowledge obtained in each of these test programs enabled the design of the RATF sound generation system to confidently advance to its final acoustic design and subsequent on-going construction.

  1. CLASSIFICATION AND COMPLEX STATE VALUE OF SHOPPING CENTERS: PROJECT-ORIENTED APPROACH

    Directory of Open Access Journals (Sweden)

    Юрій Павлович РАК

    2016-02-01

    Full Text Available Was done the analysis of projects objects of trade and entertainment centers from the perspective of improving the life safety and is proposed the definition of "Trade and entertainment center", "Trade and entertainment center" and "Complex value of trade and entertainment center." A classification of shopping centers on the classification criteria and the criteria are characterized by increased security status and attractiveness of their operation. The classification of trade and entertainment centers on the criteria of classification features were made. It characterizes the security situation and will increase the attractiveness of their operation. In the nearest future the most secure and modern TEC will be those buildings who will have unique qualities such as safety systems, excellent customer service, and thus by a high level of trust (the client to the mall. The important role will play those TEC, who have clearly formed value oriented project management, including communication values using innovative methods and models. Trade and entertainment centers as an organization are included in the complex process of interaction management. They being both as an enterprise that serves the public and satisfying a great range of his interests and architectural site, which is leased and increases the business attractiveness of the district of TEC location. This duality of the essence of TEC center makes difficult to assess the effectiveness of its security.

  2. Materials for the information security education

    International Nuclear Information System (INIS)

    Yashiro, Shigeo; Aoki, Kazuhisa; Sato, Tomohiko; Tanji, Kazuhiro

    2014-01-01

    With the rapid progress of the utilization of Information Technology (IT), IT infrastructure (network environment and information system) became crucial as a lifeline for promoting business. At the same time, changes in the circumstances surrounding the IT infrastructure globalize the threat of cyber attacks and increase the risk of the information security such as unlawful access to an information system, viral infection, an alteration of a website, disclosure of subtlety information, destruction of an information system and so on. Information security measure is an important issue in Japan Atomic Energy Agency (JAEA). In order to protect the information property of JAEA from the threat, Center for Computational Science and e-Systems (CCSE) has been taking triadic measures for information security: (1) to lay down a set of information security rules, (2) to introduce security equipments to backbone network and (3) to provide information security education. This report is a summary of the contents of the information security education by e-learning. (author)

  3. Development of a self-navigating mobile interior robot application as a security guard/sentry

    International Nuclear Information System (INIS)

    Klarer, P.R.; Harrington, J.J.

    1986-07-01

    This paper describes a mobile robot system designed to function as part of an overall security system at a high security facility. The features of this robot system include specialized software and sensors for navigation without the need for external locator beacons or signposts, sensors for remote imaging and intruder detection, and the ability to communicate information either directly to the electronic portion of the security system or to a manned central control center. Other desirable features of the robot system include low weight, compact size, and low power consumption. The robot system can be operated either by remote manual control, or it can operate autonomously where direct human control can be limited to the global command level. The robot can act as a mobile remote sensing platform for alarm assessment or roving patrol, as a point sensor (sentry) in routine security applications, or as an exploratory device in situations potentially hazardous to humans. This robot system may also be used to ''walk-test'' intrusion detection sensors as part of a routine test and maintenance program for an interior intrusion detection system. The hardware, software, and operation of this robot system will be briefly described herein

  4. Maritime Cyber Security University Research: Phase 1

    Science.gov (United States)

    2016-05-01

    i Classification | CG-926 RDC | author | audience | month year Maritime Cyber Security University Research Phase I - Final Report...Appendices Distribution Statement A: Approved for public release; distribution is unlimited. May 2016 Report No. CG-D-07-16 Maritime ...Macesker Executive Director United States Coast Guard Research & Development Center 1 Chelsea Street New London, CT 06320 Maritime Cyber Security

  5. Global security and the impacts in nuclear matter control: Nuclear Security Summit 2016

    International Nuclear Information System (INIS)

    Lima, Martonio Mont’Alverne Barreto; Barreto, Midred Cavalcante

    2017-01-01

    Due to the current international security instability, especially resulting from traffic and nuclear terrorism threat proliferation, the Nuclear Security Summits were conceived with the objective of increasing the cooperation between States, institutions and international organisms, as well as conducting a global community in following the guidelines and action plans which have produced curious results such as the reduction and the removal of enriched uranium in some countries, the reinforcement of safeguard installations that store radioactive materials and the establishment of Excellence Centers, qualification, training and technological development in the fight against nuclear weaponry traffic. (author)

  6. Global security and the impacts in nuclear matter control: Nuclear Security Summit 2016

    Energy Technology Data Exchange (ETDEWEB)

    Lima, Martonio Mont’Alverne Barreto; Barreto, Midred Cavalcante, E-mail: barreto@unifor.br, E-mail: midredcb@hotmail.com [Universidade de Fortaleza (UNIFOR), CE (Brazil)

    2017-07-01

    Due to the current international security instability, especially resulting from traffic and nuclear terrorism threat proliferation, the Nuclear Security Summits were conceived with the objective of increasing the cooperation between States, institutions and international organisms, as well as conducting a global community in following the guidelines and action plans which have produced curious results such as the reduction and the removal of enriched uranium in some countries, the reinforcement of safeguard installations that store radioactive materials and the establishment of Excellence Centers, qualification, training and technological development in the fight against nuclear weaponry traffic. (author)

  7. Cooperative Monitoring Center Occasional Paper/7: A Generic Model for Cooperative Border Security

    Energy Technology Data Exchange (ETDEWEB)

    Netzer, Colonel Gideon

    1999-03-01

    This paper presents a generic model for dealing with security problems along borders between countries. It presents descriptions and characteristics of various borders and identifies the threats to border security, while emphasizing cooperative monitoring solutions.

  8. Test bed control center design concept for Tank Waste Retrieval Manipulator Systems

    International Nuclear Information System (INIS)

    Sundstrom, E.; Draper, J.V.; Fausz, A.

    1995-01-01

    This paper describes the design concept for the control center for the Single Shell Tank Waste Retrieval Manipulator System test bed and the design process behind the concept. The design concept supports all phases of the test bed mission, including technology demonstration, comprehensive system testing, and comparative evaluation for further development and refinement of the TWRMS for field operations

  9. Dynamic Construction Scheme for Virtualization Security Service in Software-Defined Networks.

    Science.gov (United States)

    Lin, Zhaowen; Tao, Dan; Wang, Zhenji

    2017-04-21

    For a Software Defined Network (SDN), security is an important factor affecting its large-scale deployment. The existing security solutions for SDN mainly focus on the controller itself, which has to handle all the security protection tasks by using the programmability of the network. This will undoubtedly involve a heavy burden for the controller. More devastatingly, once the controller itself is attacked, the entire network will be paralyzed. Motivated by this, this paper proposes a novel security protection architecture for SDN. We design a security service orchestration center in the control plane of SDN, and this center physically decouples from the SDN controller and constructs SDN security services. We adopt virtualization technology to construct a security meta-function library, and propose a dynamic security service composition construction algorithm based on web service composition technology. The rule-combining method is used to combine security meta-functions to construct security services which meet the requirements of users. Moreover, the RETE algorithm is introduced to improve the efficiency of the rule-combining method. We evaluate our solutions in a realistic scenario based on OpenStack. Substantial experimental results demonstrate the effectiveness of our solutions that contribute to achieve the effective security protection with a small burden of the SDN controller.

  10. Nonlinear Analysis and Preliminary Testing Results of a Hybrid Wing Body Center Section Test Article

    Science.gov (United States)

    Przekop, Adam; Jegley, Dawn C.; Rouse, Marshall; Lovejoy, Andrew E.; Wu, Hsi-Yung T.

    2015-01-01

    A large test article was recently designed, analyzed, fabricated, and successfully tested up to the representative design ultimate loads to demonstrate that stiffened composite panels with through-the-thickness reinforcement are a viable option for the next generation large transport category aircraft, including non-conventional configurations such as the hybrid wing body. This paper focuses on finite element analysis and test data correlation of the hybrid wing body center section test article under mechanical, pressure and combined load conditions. Good agreement between predictive nonlinear finite element analysis and test data is found. Results indicate that a geometrically nonlinear analysis is needed to accurately capture the behavior of the non-circular pressurized and highly-stressed structure when the design approach permits local buckling.

  11. Los Alamos Neutron Science Center

    Energy Technology Data Exchange (ETDEWEB)

    Kippen, Karen Elizabeth [Los Alamos National Lab. (LANL), Los Alamos, NM (United States)

    2016-11-08

    For more than 30 years the Los Alamos Neutron Science Center (LANSCE) has provided the scientific underpinnings in nuclear physics and material science needed to ensure the safety and surety of the nuclear stockpile into the future. In addition to national security research, the LANSCE User Facility has a vibrant research program in fundamental science, providing the scientific community with intense sources of neutrons and protons to perform experiments supporting civilian research and the production of medical and research isotopes. Five major experimental facilities operate simultaneously. These facilities contribute to the stockpile stewardship program, produce radionuclides for medical testing, and provide a venue for industrial users to irradiate and test electronics. In addition, they perform fundamental research in nuclear physics, nuclear astrophysics, materials science, and many other areas. The LANSCE User Program plays a key role in training the next generation of top scientists and in attracting the best graduate students, postdoctoral researchers, and early-career scientists. The U.S. Department of Energy (DOE), National Nuclear Security Administration (NNSA) —the principal sponsor of LANSCE—works with the Office of Science and the Office of Nuclear Energy, which have synergistic long-term needs for the linear accelerator and the neutron science that is the heart of LANSCE.

  12. Homeland Security Affairs Journal, Volume II - 2006: Issue 1, April

    OpenAIRE

    2006-01-01

    Homeland Security Affairs is the peer-reviewed online journal of the Naval Postgraduate School Center for Homeland Defense and Security (CHDS), providing a forum to propose and debate strategies, policies, and organizational arrangements to strengthen U.S. homeland security. The instructors, participants, alumni, and partners of CHDS represent the leading subject matter experts and practitioners in the field of homeland security. April 2006. Welcome to the third edition of Homeland Securit...

  13. IT security standards for the digitalization of the energy transition

    International Nuclear Information System (INIS)

    Laupichler, Dennis

    2016-01-01

    Intelligent measuring systems are important components in the intelligent net and require security and privacy by design in this critical infrastructure. The smart meter gateway as secure communication platform makes the digital sector coupling possible and becomes the driver for innovations of the digitalization. The protection profiles and the technical rules of the BSI as essential part of the law for the digitalization of the energy transition guarantee a great amount of data protection and data security and provide a unique security standard in the future energy supply system. The data -protection concept of the intelligent measuring system regards a calibration-law conformal data processing and star-shaped data dispatch of the gateway. By this both a traceability and a transparency for the final user is guaranteed and the handling of the data in the sense of the data sovereignty is also technically enforced. For the evidences of compliance of the protection profiles and the technical rules correponding tests in approved test centers with final certification by the BSI are performed. The law for the digitalization of the energy transition makes the first important step to an innovative, digital infrastructure of the intelligent net. By the legal framework additionally a base is created, in order to perform a progressive development of the security targets of the BSI both for intelligent measuring systems as for further important system components of the intelligent energy net via a roadmap for the digitalization. In connection with the technical standards of the BSI the law creates the necessary legal certainty and realizes the aim pursued in the coalition treaty to regulate binding framework conditions for the secure and data-protection conformal application of intelligent measuring systems for diversified application cases in the intelligent net.

  14. Using cyber vulnerability testing techniques to expose undocumented security vulnerabilities in DCS and SCADA equipment

    International Nuclear Information System (INIS)

    Pollet, J.

    2006-01-01

    This session starts by providing an overview of typical DCS (Distributed Control Systems) and SCADA (Supervisory Control and Data Acquisition) architectures, and exposes cyber security vulnerabilities that vendors never admit, but are found through a comprehensive cyber testing process. A complete assessment process involves testing all of the layers and components of a SCADA or DCS environment, from the perimeter firewall all the way down to the end devices controlling the process, including what to look for when conducting a vulnerability assessment of real-time control systems. The following systems are discussed: 1. Perimeter (isolation from corporate IT or other non-critical networks) 2. Remote Access (third Party access into SCADA or DCS networks) 3. Network Architecture (switch, router, firewalls, access controls, network design) 4. Network Traffic Analysis (what is running on the network) 5. Host Operating Systems Hardening 6. Applications (how they communicate with other applications and end devices) 7. End Device Testing (PLCs, RTUs, DCS Controllers, Smart Transmitters) a. System Discovery b. Functional Discovery c. Attack Methodology i. DoS Tests (at what point does the device fail) ii. Malformed Packet Tests (packets that can cause equipment failure) iii. Session Hijacking (do anything that the operator can do) iv. Packet Injection (code and inject your own SCADA commands) v. Protocol Exploitation (Protocol Reverse Engineering / Fuzzing) This paper will provide information compiled from over five years of conducting cyber security testing on control systems hardware, software, and systems. (authors)

  15. Using cyber vulnerability testing techniques to expose undocumented security vulnerabilities in DCS and SCADA equipment

    Energy Technology Data Exchange (ETDEWEB)

    Pollet, J. [PlantData Technologies, Inc., 1201 Louisiana Street, Houston, TX 77002 (United States)

    2006-07-01

    This session starts by providing an overview of typical DCS (Distributed Control Systems) and SCADA (Supervisory Control and Data Acquisition) architectures, and exposes cyber security vulnerabilities that vendors never admit, but are found through a comprehensive cyber testing process. A complete assessment process involves testing all of the layers and components of a SCADA or DCS environment, from the perimeter firewall all the way down to the end devices controlling the process, including what to look for when conducting a vulnerability assessment of real-time control systems. The following systems are discussed: 1. Perimeter (isolation from corporate IT or other non-critical networks) 2. Remote Access (third Party access into SCADA or DCS networks) 3. Network Architecture (switch, router, firewalls, access controls, network design) 4. Network Traffic Analysis (what is running on the network) 5. Host Operating Systems Hardening 6. Applications (how they communicate with other applications and end devices) 7. End Device Testing (PLCs, RTUs, DCS Controllers, Smart Transmitters) a. System Discovery b. Functional Discovery c. Attack Methodology i. DoS Tests (at what point does the device fail) ii. Malformed Packet Tests (packets that can cause equipment failure) iii. Session Hijacking (do anything that the operator can do) iv. Packet Injection (code and inject your own SCADA commands) v. Protocol Exploitation (Protocol Reverse Engineering / Fuzzing) This paper will provide information compiled from over five years of conducting cyber security testing on control systems hardware, software, and systems. (authors)

  16. Contributions of the US Centers for Disease Control and Prevention in Implementing the Global Health Security Agenda in 17 Partner Countries.

    Science.gov (United States)

    Fitzmaurice, Arthur G; Mahar, Michael; Moriarty, Leah F; Bartee, Maureen; Hirai, Mitsuaki; Li, Wenshu; Gerber, A Russell; Tappero, Jordan W; Bunnell, Rebecca

    2017-12-01

    The Global Health Security Agenda (GHSA), a partnership of nations, international organizations, and civil society, was launched in 2014 with a mission to build countries' capacities to respond to infectious disease threats and to foster global compliance with the International Health Regulations (IHR 2005). The US Centers for Disease Control and Prevention (CDC) assists partner nations to improve IHR 2005 capacities and achieve GHSA targets. To assess progress through these CDC-supported efforts, we analyzed country activity reports dating from April 2015 through March 2017. Our analysis shows that CDC helped 17 Phase I countries achieve 675 major GHSA accomplishments, particularly in the cross-cutting areas of public health surveillance, laboratory systems, workforce development, and emergency response management. CDC's engagement has been critical to these accomplishments, but sustained support is needed until countries attain IHR 2005 capacities, thereby fostering national and regional health protection and ensuring a world safer and more secure from global health threats.

  17. Martin Continues His Homeland Security Profession with New UASI Position

    OpenAIRE

    Issvoran, Heather

    2014-01-01

    Bruce Martin has found a second act in homeland security. The fire services veteran and college educator is now Project Manager of the Bay Area Urban Areas Security Initiative (UASI), overseeing its Chemical, Biological, Radiological, Nuclear Explosives (CBRNE) program. Martin is a 2010 master’s degree graduate of the Naval Postgraduate School Center for Homeland Defense and Security.

  18. FEMA Disaster Recovery Centers

    Data.gov (United States)

    Department of Homeland Security — This is a search site for FEMA's Disaster Recovery Centers (DRC). A DRC is a readily accessible facility or mobile office set up by FEMA where applicants may go for...

  19. Computer security engineering management

    International Nuclear Information System (INIS)

    McDonald, G.W.

    1988-01-01

    For best results, computer security should be engineered into a system during its development rather than being appended later on. This paper addresses the implementation of computer security in eight stages through the life cycle of the system; starting with the definition of security policies and ending with continuing support for the security aspects of the system throughout its operational life cycle. Security policy is addressed relative to successive decomposition of security objectives (through policy, standard, and control stages) into system security requirements. This is followed by a discussion of computer security organization and responsibilities. Next the paper directs itself to analysis and management of security-related risks, followed by discussion of design and development of the system itself. Discussion of security test and evaluation preparations, and approval to operate (certification and accreditation), is followed by discussion of computer security training for users is followed by coverage of life cycle support for the security of the system

  20. The Evolution of the Automated Continuous Evaluation System (ACES) for Personnel Security

    Science.gov (United States)

    2013-11-12

    to capture and transmit fingerprints . • Accurate Biometrics , a commercial Livescan fingerprinting provider, also received fingerprints electronically...FOUO). Monterey, CA: Defense Personnel Security Research Center. Herbig, K. L. (2008). Changes in espionage by American citizens , 1947-2007. (Tech...by American citizens , 1947-2001. (Tech. Rep. 02-05). Monterey, CA: Defense Personnel Security Research Center. Heuer, Jr., R. J., Crawford, K. S

  1. The Current State of the International Security System

    OpenAIRE

    Ивашов, Леонид Григорьевич

    2013-01-01

    The author examines the modern geopolitical world and assesses the threats to Russia’s security. These threats are demonstrated to be hitched to the goals of the US National Strategy and, in particular, to the US plans on deployment of anti-ballistic missile system. The author argues that in this situation the mainstay of Russia’s foreign policy should become “security through cooperation.”Key words: international security, anti-ballistic missile, preemptive war, geopolitical centers, UN Secu...

  2. Understand the Big Picture So You Can Plan for Network Security

    Science.gov (United States)

    Cervone, Frank

    2005-01-01

    This article discusses network security for libraries. It indicates that there were only six exploit (security exposure) problems, worldwide, reported to the CERT Coordination Center back in 1988. In that year, the CERT had just been established to provide a clearinghouse for exchanging information about network security problems. By 2003, the…

  3. The Center-TRACON Automation System: Simulation and field testing

    Science.gov (United States)

    Denery, Dallas G.; Erzberger, Heinz

    1995-01-01

    A new concept for air traffic management in the terminal area, implemented as the Center-TRACON Automation System, has been under development at NASA Ames in a cooperative program with the FAA since 1991. The development has been strongly influenced by concurrent simulation and field site evaluations. The role of simulation and field activities in the development process will be discussed. Results of recent simulation and field tests will be presented.

  4. Standardization of waste acceptance test methods by the Materials Characterization Center

    International Nuclear Information System (INIS)

    Slate, S.C.

    1985-01-01

    This paper describes the role of standardized test methods in demonstrating the acceptability of high-level waste (HLW) forms for disposal. Key waste acceptance tests are standardized by the Materials Characterization Center (MCC), which the US Department of Energy (DOE) has established as the central agency in the United States for the standardization of test methods for nuclear waste materials. This paper describes the basic three-step process that is used to show that waste is acceptable for disposal and discusses how standardized tests are used in this process. Several of the key test methods and their areas of application are described. Finally, future plans are discussed for using standardized tests to show waste acceptance. 9 refs., 1 tab

  5. Electronic healthcare information security

    CERN Document Server

    Dube, Kudakwashe; Shoniregun, Charles A

    2010-01-01

    The ever-increasing healthcare expenditure and pressing demand for improved quality and efficiency of patient care services are driving innovation in healthcare information management. The domain of healthcare has become a challenging testing ground for information security due to the complex nature of healthcare information and individual privacy. ""Electronic Healthcare Information Security"" explores the challenges of e-healthcare information and security policy technologies. It evaluates the effectiveness of security and privacy implementation systems for anonymization methods and techniqu

  6. The Pacific Marine Energy Center - South Energy Test Site (PMEC-SETS)

    Energy Technology Data Exchange (ETDEWEB)

    Batten, Belinda [Oregon State Univ., Corvallis, OR (United States); Hellin, Dan [Oregon State Univ., Corvallis, OR (United States)

    2018-02-07

    The overall goal of this project was to build on existing progress to establish the Pacific Marine Energy Center South Energy Test Site (PMEC-SETS) as the nation's first fully permitted test site for wave energy converter arrays. Specifically, it plays an essential role in reducing levelized cost of energy for the wave energy industry by providing both the facility and resources to address the challenges of cost reduction.

  7. Mitigations for Security Vulnerabilities Found in Control System Networks

    Energy Technology Data Exchange (ETDEWEB)

    Trent D. Nelson

    2006-05-01

    Industry is aware of the need for Control System (CS) security, but in on-site assessments, Idaho National Laboratory (INL) has observed that security procedures and devices are not consistently and effectively implemented. The Department of Homeland Security (DHS), National Cyber Security Division (NCSD), established the Control Systems Security Center (CSSC) at INL to help industry and government improve the security of the CSs used in the nation's critical infrastructures. One of the main CSSC objectives is to identify control system vulnerabilities and develop effective mitigations for them. This paper discusses common problems and vulnerabilities seen in on-site CS assessments and suggests mitigation strategies to provide asset owners with the information they need to better protect their systems from common security flows.

  8. Wave Energy Research, Testing and Demonstration Center

    Energy Technology Data Exchange (ETDEWEB)

    Batten, Belinda [Oregon State Univ., Corvallis, OR (United States)

    2014-09-30

    The purpose of this project was to build upon the research, development and testing experience of the Northwest National Marine Renewable Energy Center (NNMREC) to establish a non-grid connected open-ocean testing facility for wave energy converters (WECs) off the coast of Newport, Oregon. The test facility would serve as the first facility of its kind in the continental US with a fully energetic wave resource where WEC technologies could be proven for west coast US markets. The test facility would provide the opportunity for self-contained WEC testing or WEC testing connected via an umbilical cable to a mobile ocean test berth (MOTB). The MOTB would act as a “grid surrogate” measuring energy produced by the WEC and the environmental conditions under which the energy was produced. In order to realize this vision, the ocean site would need to be identified through outreach to community stakeholders, and then regulatory and permitting processes would be undertaken. Part of those processes would require environmental baseline studies and site analysis, including benthic, acoustic and wave resource characterization. The MOTB and its myriad systems would need to be designed and constructed.The first WEC test at the facility with the MOTB was completed within this project with the WET-NZ device in summer 2012. In summer 2013, the MOTB was deployed with load cells on its mooring lines to characterize forces on mooring systems in a variety of sea states. Throughout both testing seasons, studies were done to analyze environmental effects during testing operations. Test protocols and best management practices for open ocean operations were developed. As a result of this project, the non-grid connected fully energetic WEC test facility is operational, and the MOTB system developed provides a portable concept for WEC testing. The permitting process used provides a model for other wave energy projects, especially those in the Pacific Northwest that have similar

  9. Best Practices for the Security of Radioactive Materials

    Energy Technology Data Exchange (ETDEWEB)

    Coulter, D.T.; Musolino, S.

    2009-05-01

    This work is funded under a grant provided by the US Department of Health and Human Services, Centers for Disease Control. The Department of Health and Mental Hygiene (DOHMH) awarded a contract to Brookhaven National Laboratory (BNL) to develop best practices guidance for Office of Radiological Health (ORH) licensees to increase on-site security to deter and prevent theft of radioactive materials (RAM). The purpose of this document is to describe best practices available to manage the security of radioactive materials in medical centers, hospitals, and research facilities. There are thousands of such facilities in the United States, and recent studies suggest that these materials may be vulnerable to theft or sabotage. Their malevolent use in a radiological-dispersion device (RDD), viz., a dirty bomb, can have severe environmental- and economic- impacts, the associated area denial, and potentially large cleanup costs, as well as other effects on the licensees and the public. These issues are important to all Nuclear Regulatory Commission and Agreement State licensees, and to the general public. This document outlines approaches for the licensees possessing these materials to undertake security audits to identify vulnerabilities in how these materials are stored or used, and to describe best practices to upgrade or enhance their security. Best practices can be described as the most efficient (least amount of effort/cost) and effective (best results) way of accomplishing a task and meeting an objective, based on repeatable procedures that have proven themselves over time for many people and circumstances. Best practices within the security industry include information security, personnel security, administrative security, and physical security. Each discipline within the security industry has its own 'best practices' that have evolved over time into common ones. With respect to radiological devices and radioactive-materials security, industry best practices

  10. Best Practices for the Security of Radioactive Materials

    International Nuclear Information System (INIS)

    Coulter, D.T.; Musolino, S.

    2009-01-01

    This work is funded under a grant provided by the US Department of Health and Human Services, Centers for Disease Control. The Department of Health and Mental Hygiene (DOHMH) awarded a contract to Brookhaven National Laboratory (BNL) to develop best practices guidance for Office of Radiological Health (ORH) licensees to increase on-site security to deter and prevent theft of radioactive materials (RAM). The purpose of this document is to describe best practices available to manage the security of radioactive materials in medical centers, hospitals, and research facilities. There are thousands of such facilities in the United States, and recent studies suggest that these materials may be vulnerable to theft or sabotage. Their malevolent use in a radiological-dispersion device (RDD), viz., a dirty bomb, can have severe environmental- and economic- impacts, the associated area denial, and potentially large cleanup costs, as well as other effects on the licensees and the public. These issues are important to all Nuclear Regulatory Commission and Agreement State licensees, and to the general public. This document outlines approaches for the licensees possessing these materials to undertake security audits to identify vulnerabilities in how these materials are stored or used, and to describe best practices to upgrade or enhance their security. Best practices can be described as the most efficient (least amount of effort/cost) and effective (best results) way of accomplishing a task and meeting an objective, based on repeatable procedures that have proven themselves over time for many people and circumstances. Best practices within the security industry include information security, personnel security, administrative security, and physical security. Each discipline within the security industry has its own 'best practices' that have evolved over time into common ones. With respect to radiological devices and radioactive-materials security, industry best practices encompass

  11. Safeguards and Security progress report, January--December 1989

    Energy Technology Data Exchange (ETDEWEB)

    Smith, D.B.; Jaramillo, G.R. (comps.)

    1990-11-01

    From January to December 1989, the Los Alamos Safeguards and Security Research and Development (R D) program carried out the activities described in the first four parts of this report: Science and Technology Base Development, Basic Systems Design, Onsite Test and Evaluation and Facility Support, and International Safeguards. For the most part, these activities were sponsored by the Department of Energy's Office of Safeguards and Security. Part 1 covers development of the basic technology essential to continuing improvements in the practice of safeguards and security. It includes our computer security R D and the activities of the DOE Center for Computer Security, which provides the basis for encouraging and disseminating this important technology. Part 2 treats activities aimed at developing methods for designing and evaluating safeguards systems, with special emphasis on the integration of the several subsystems into a real safeguards system. Part 3 describes efforts of direct assistance to the DOE and its contractors and includes consultation on materials control and accounting problems, development and demonstration of specialized techniques and instruments, and comprehensive participation in the design and demonstration of advanced safeguards systems. Part 3 also reports a series of training courses in various aspects of safeguards that makes the technology more accessible to those who must apply it. Finally, Part 4 covers international safeguards activities, including both support to the International Atomic Energy Agency and bilateral exchanges. Part 5 reports several safeguards-related activities that have sponsors other than the DOE/OSS. 87 refs., 52 figs.

  12. Center for Computer Security newsletter. Volume 2, Number 3

    Energy Technology Data Exchange (ETDEWEB)

    None

    1983-05-01

    The Fifth Computer Security Group Conference was held November 16 to 18, 1982, at the Knoxville Hilton in Knoxville, Tennessee. Attending were 183 people, representing the Department of Energy, DOE contractors, other government agencies, and vendor organizations. In these papers are abridgements of most of the papers presented in Knoxville. Less than half-a-dozen speakers failed to furnish either abstracts or full-text papers of their Knoxville presentations.

  13. Experience of executing security measures

    International Nuclear Information System (INIS)

    Nakano, Hiromasa

    1995-01-01

    Japan possesses many nuclear power stations and atomic energy research and development facilities, and obtained much experience of security measures such as the inspection by the government and IAEA, the technical development and so on in respective facilities. In this report, the activities of security measures in Japan are introduced, centering around the experience of Power Reactor and Nuclear Fuel Development Corporation. Japan ratified the nuclear nonproliferation treaty (NPT) in 1976, and concluded the agreement with IAEA in 1977. It is called security measures to technically confirm that nuclear substances are not used for nuclear weapons, and to find early and prevent the production of nuclear weapons. The security measures consist of the quantity management by the balance of nuclear substances are the inspection by the government and IAEA. The present state of security measures in centrifugal uranium enrichment plants, the fabrication factories of low enriched uranium fuel, nuclear reactors, fuel reprocessing plants, and plutonium fuel factories is reported. The amount of inspection works of the government was 1861 man-day/year in 1993. As the subjects related to security measures of hereafter, the quantity management by respective facilities, the technology of verifying the measurement by inspectors, the points of beginning and finishing security measures, the security measures of hereafter and the international cooperation are described. (K.I.)

  14. Lecture 2: Software Security

    CERN Multimedia

    CERN. Geneva

    2013-01-01

    Computer security has been an increasing concern for IT professionals for a number of years, yet despite all the efforts, computer systems and networks remain highly vulnerable to attacks of different kinds. Design flaws and security bugs in the underlying software are among the main reasons for this. This lecture addresses the following question: how to create secure software? The lecture starts with a definition of computer security and an explanation of why it is so difficult to achieve. It then introduces the main security principles (like least-privilege, or defense-in-depth) and discusses security in different phases of the software development cycle. The emphasis is put on the implementation part: most common pitfalls and security bugs are listed, followed by advice on best practice for security development, testing and deployment. Sebastian Lopienski is CERN’s deputy Computer Security Officer. He works on security strategy and policies; offers internal consultancy and audit services; develops and ...

  15. Center for Leadership Development (CLD) Repository

    Data.gov (United States)

    Office of Personnel Management — The Center for Leadership Development Repository stores various data including policies, procedures, governance, guidance, security, and financial documents of the...

  16. Underground Test Area Quality Assurance Project Plan Nevada National Security Site, Nevada, Revision 0

    Energy Technology Data Exchange (ETDEWEB)

    Irene Farnham

    2011-05-01

    This Quality Assurance Project Plan (QAPP) provides the overall quality assurance (QA) program requirements and general quality practices to be applied to the U.S. Department of Energy (DOE), National Nuclear Security Administration Nevada Site Office (NNSA/NSO) Underground Test Area (UGTA) Sub-Project (hereafter the Sub-Project) activities. The requirements in this QAPP are consistent with DOE Order 414.1C, Quality Assurance (DOE, 2005); U.S. Environmental Protection Agency (EPA) Guidance for Quality Assurance Project Plans for Modeling (EPA, 2002); and EPA Guidance on the Development, Evaluation, and Application of Environmental Models (EPA, 2009). The QAPP Revision 0 supersedes DOE--341, Underground Test Area Quality Assurance Project Plan, Nevada Test Site, Nevada, Revision 4.

  17. Security for safety critical space borne systems

    Science.gov (United States)

    Legrand, Sue

    1987-01-01

    The Space Station contains safety critical computer software components in systems that can affect life and vital property. These components require a multilevel secure system that provides dynamic access control of the data and processes involved. A study is under way to define requirements for a security model providing access control through level B3 of the Orange Book. The model will be prototyped at NASA-Johnson Space Center.

  18. Autonomy-Enabled Fuel Savings for Military Vehicles: Report on 2016 Aberdeen Test Center Testing

    Energy Technology Data Exchange (ETDEWEB)

    Ragatz, Adam [National Renewable Energy Lab. (NREL), Golden, CO (United States); Prohaska, Robert [National Renewable Energy Lab. (NREL), Golden, CO (United States); Gonder, Jeff [National Renewable Energy Lab. (NREL), Golden, CO (United States)

    2017-05-26

    Fuel savings have never been the primary focus for autonomy-enabled military vehicles. However, studies have estimated that autonomy in passenger and commercial vehicles could improve fuel economy by as much as 22%-33% over various drive cycles. If even a fraction of this saving could be realized in military vehicles, significant cost savings could be realized each year through reduced fuel transport missions, reduced fuel purchases, less maintenance, fewer required personnel, and increased vehicle range. Researchers from the National Renewable Energy Laboratory installed advanced data logging equipment and instrumentation on two autonomy-enabled convoy vehicles configured with Lockheed Martin's Autonomous Mobility Applique System to determine system performance and improve on the overall vehicle control strategies of the vehicles. Initial test results from testing conducted at the U.S. Army Aberdeen Test Center at the Aberdeen Proving Grounds are included in this report. Lessons learned from in-use testing and performance results have been provided to the project partners for continued system refinement.

  19. Validity evidence for the Security Scale as a measure of perceived attachment security in adolescence.

    Science.gov (United States)

    Van Ryzin, Mark J; Leve, Leslie D

    2012-04-01

    In this study, the validity of a self-report measure of children's perceived attachment security (the Kerns Security Scale) was tested using adolescents. With regards to predictive validity, the Security Scale was significantly associated with (1) observed mother-adolescent interactions during conflict and (2) parent- and teacher-rated social competence. With regards to convergent validity, the Security Scale was significantly associated with all subscales of the Adult Attachment Scale (i.e., Depend, Anxiety, and Close) as measured 3 years later. Further, these links were found even after controlling for mother-child relationship quality as assessed by the Inventory of Parent and Peer Attachment (IPPA), and chi-square difference tests indicated that the Security Scale was generally a stronger predictor as compared to the IPPA. These results suggest that the Security Scale can be used to assess perceived attachment security across both childhood and adolescence, and thus could contribute significantly to developmental research during this period. Copyright © 2011 The Foundation for Professionals in Services for Adolescents. Published by Elsevier Ltd. All rights reserved.

  20. Status of Educational Efforts in National Security Workforce

    Energy Technology Data Exchange (ETDEWEB)

    None

    2008-03-31

    This report documents the status of educational efforts for the preparation of a national security workforce as part of the National Security Preparedness Project, being performed by the Arrowhead Center of New Mexico State University under a DOE/NNSA grant. The need to adequately train and educate a national security workforce is at a critical juncture. Even though there are an increasing number of college graduates in the appropriate fields, many of these graduates choose to work in the private sector because of more desirable salary and benefit packages. This report includes an assessment of the current educational situation for the national security workforce.

  1. Report of 'the 2014 international forum on peaceful use of nuclear energy, nuclear non-proliferation and nuclear security. Future direction toward promoting non-proliferation and the ideal method of developing human resources using Centers of Excellence (COEs) following the new strategic energy plan'

    International Nuclear Information System (INIS)

    Yamaga, Chikanobu; Tomikawa, Hirofumi; Kobayashi, Naoki; Naoi, Yosuke; Oda, Tetsuzo; Mochiji, Toshiro

    2015-10-01

    The Japan Atomic Energy Agency (JAEA) held 'International Forum on Peaceful Use of Nuclear Energy, Nuclear Non-proliferation and Nuclear Security – Future direction toward promoting non-proliferation and the ideal method of developing human resources using Centers of Excellence (COEs) following the New Strategic Energy Plan -' on 3 December 2014, with the Japan Institute of International Affairs (JIIA) and School of Engineering, The University of Tokyo, and International Nuclear Research Center, Tokyo Institute of Technology as co-hosts. In the Forum, officials and experts from Japan, the United States explained their efforts regarding peaceful use of nuclear energy, nuclear non-proliferation and nuclear security. Discussion was made in two panels, entitled 'Effective and efficient measures to ensure nuclear non-proliferation based on domestic and foreign issues and the direction and role of technology development' and 'Roles of nuclear security COEs and future expectations'. In Panel Discussion 1, as the nuclear non-proliferation regime is facing various problems and challenges under current international circumstances, how to implement effective and efficient safeguards was discussed. In Panel Discussion 2, panelists discussed the following three points: 1. Current status of Nuclear Security Training and Support Centers and COEs, and Good Practice; 2. What these centers can do to enhance nuclear security (New role for COEs); 3. Regional cooperation in the Nuclear Security Training and Support Center (NSSC) and COEs in states, which the IAEA recommends establishing, and international cooperation and partnerships with international initiatives (New Role). Officials and experts from Japan, IAEA, the United States, France, Republic of Korea, and Indonesia participated in the panel and made contributions to active discussion. This report includes abstracts of keynote speeches, summaries of two panel discussions and materials of the

  2. Validity Evidence for the Security Scale as a Measure of Perceived Attachment Security in Adolescence

    Science.gov (United States)

    Van Ryzin, Mark J.; Leve, Leslie D.

    2012-01-01

    In this study, the validity of a self-report measure of children's perceived attachment security (the Kerns Security Scale) was tested using adolescents. With regards to predictive validity, the Security Scale was significantly associated with (1) observed mother-adolescent interactions during conflict and (2) parent- and teacher-rated social…

  3. Final Report Feasibility Study for the California Wave Energy Test Center (CalWavesm)

    Energy Technology Data Exchange (ETDEWEB)

    Blakeslee, Samuel Norman [California Polytechnic State Univ. (CalPoly), San Luis Obispo, CA (United States). Inst. for Advanced Technology and Public Policy; Toman, William I. [Protean Wave Energy Ltd., Los Osos, CA (United States); Williams, Richard B. [Leidos Maritime Solutions, Reston, VA (United States); Davy, Douglas M. [CH2M, Sacramento, CA (United States); West, Anna [Kearns and West, Inc., San Francisco, CA (United States); Connet, Randy M. [Omega Power Engineers, LLC, Anaheim, CA (United States); Thompson, Janet [Kearns and West, Inc., San Francisco, CA (United States); Dolan, Dale [California Polytechnic State Univ. (CalPoly), San Luis Obispo, CA (United States); Baltimore, Craig [California Polytechnic State Univ. (CalPoly), San Luis Obispo, CA (United States); Jacobson, Paul [Electric Power Research Inst. (EPRI), Knoxville, TN (United States); Hagerman, George [Virginia Polytechnic Inst. and State Univ. (Virginia Tech), Blacksburg, VA (United States); Potter, Chris [California Natural Resources Agency, Sacramento, CA (United States); Dooher, Brendan [Pacific Gas and Electric Company, San Francisco, CA (United States); Wendt, Dean [California Polytechnic State Univ. (CalPoly), San Luis Obispo, CA (United States); Sheppard, Colin [Humboldt State Univ., Arcata, CA (United States); Harris, Andrew [Humboldt State Univ., Arcata, CA (United States); Lawson, W. Graham [Power Delivery Consultants, Inc., Albany, NY (United States)

    2017-07-31

    The California Wave Energy Test Center (CalWave) Feasibility Study project was funded over multiple phases by the Department of Energy to perform an interdisciplinary feasibility assessment to analyze the engineering, permitting, and stakeholder requirements to establish an open water, fully energetic, grid connected, wave energy test center off the coast of California for the purposes of advancing U.S. wave energy research, development, and testing capabilities. Work under this grant included wave energy resource characterization, grid impact and interconnection requirements, port infrastructure and maritime industry capability/suitability to accommodate the industry at research, demonstration and commercial scale, and macro and micro siting considerations. CalWave Phase I performed a macro-siting and down-selection process focusing on two potential test sites in California: Humboldt Bay and Vandenberg Air Force Base. This work resulted in the Vandenberg Air Force Base site being chosen as the most favorable site based on a peer reviewed criteria matrix. CalWave Phase II focused on four siting location alternatives along the Vandenberg Air Force Base coastline and culminated with a final siting down-selection. Key outcomes from this work include completion of preliminary engineering and systems integration work, a robust turnkey cost estimate, shoreside and subsea hazards assessment, storm wave analysis, lessons learned reports from several maritime disciplines, test center benchmarking as compared to existing international test sites, analysis of existing applicable environmental literature, the completion of a preliminary regulatory, permitting and licensing roadmap, robust interaction and engagement with state and federal regulatory agency personnel and local stakeholders, and the population of a Draft Federal Energy Regulatory Commission (FERC) Preliminary Application Document (PAD). Analysis of existing offshore oil and gas infrastructure was also performed

  4. Cyber Security: Big Data Think II Working Group Meeting

    Science.gov (United States)

    Hinke, Thomas; Shaw, Derek

    2015-01-01

    This presentation focuses on approaches that could be used by a data computation center to identify attacks and ensure malicious code and backdoors are identified if planted in system. The goal is to identify actionable security information from the mountain of data that flows into and out of an organization. The approaches are applicable to big data computational center and some must also use big data techniques to extract the actionable security information from the mountain of data that flows into and out of a data computational center. The briefing covers the detection of malicious delivery sites and techniques for reducing the mountain of data so that intrusion detection information can be useful, and not hidden in a plethora of false alerts. It also looks at the identification of possible unauthorized data exfiltration.

  5. Teaching introductory computer security at a Department of Defense university

    OpenAIRE

    Irvine, Cynthia E.

    1997-01-01

    The Naval Postgraduate School Center for Information Systems Security (INFOSEC) Studies and Research (NPS CISR) has developed an instructional program in computer security. Its objective is to insure that students not only understand practical aspects of computer security associated with current technology, but also learn the fundamental principles that can be applied to the development of systems for which high confidence in policy enforcement can be achieved. Introduction to Computer Sec...

  6. FEMA Disaster Recovery Centers - KML

    Data.gov (United States)

    Department of Homeland Security — This is a KML file for FEMA's Disaster Recovery Centers (DRC). A DRC is a readily accessible facility or mobile office set up by FEMA where applicants may go for...

  7. Security and Privacy in Fog Computing: Challenges

    OpenAIRE

    Mukherjee, Mithun; Matam, Rakesh; Shu, Lei; Maglaras, Leandros; Ferrag, Mohamed Amine; Choudhry, Nikumani; Kumar, Vikas

    2017-01-01

    open access article Fog computing paradigm extends the storage, networking, and computing facilities of the cloud computing toward the edge of the networks while offloading the cloud data centers and reducing service latency to the end users. However, the characteristics of fog computing arise new security and privacy challenges. The existing security and privacy measurements for cloud computing cannot be directly applied to the fog computing due to its features, such as mobility, heteroge...

  8. UN Security Council decision-making: testing the bribery hypothesis

    Directory of Open Access Journals (Sweden)

    Eugenio Pacelli Lazzarotti Diniz Costa

    2014-12-01

    Full Text Available Liberal-Institutionalism and Structural Realism expectations about international organizations are confronted by looking at if and how US-controlled international aid is granted, and particularly if it is related or not to political affinity and to United Nations Security Council (UNSC non-permanent membership. A preliminary assessment suggests that these relations only hold for the period of the Cold War, and, even then, only when UNSC non-permanent membership is in years in which the Security Council was deemed very important.

  9. Lawrence Livermore National Laboratory Safeguards and Security quarterly progress report ending March 31, 1996

    Energy Technology Data Exchange (ETDEWEB)

    Davis, B.; Davis, G.; Johnson, D.; Mansur, D.L.; Ruhter, W.D.; Strait, R.S.

    1996-04-01

    LLNL carries out safeguards and security activities for DOE Office of Safeguards and Security (OSS) and other organizations within and outside DOE. LLNL is supporting OSS in 6 areas: safeguards technology, safeguards and materials accountability, computer security--distributed systems, complex-wide access control, standardization of security systems, and information technology and security center. This report describes the activities in each of these areas.

  10. Quantitative Vulnerability Assessment of Cyber Security for Distribution Automation Systems

    Directory of Open Access Journals (Sweden)

    Xiaming Ye

    2015-06-01

    Full Text Available The distribution automation system (DAS is vulnerable to cyber-attacks due to the widespread use of terminal devices and standard communication protocols. On account of the cost of defense, it is impossible to ensure the security of every device in the DAS. Given this background, a novel quantitative vulnerability assessment model of cyber security for DAS is developed in this paper. In the assessment model, the potential physical consequences of cyber-attacks are analyzed from two levels: terminal device level and control center server level. Then, the attack process is modeled based on game theory and the relationships among different vulnerabilities are analyzed by introducing a vulnerability adjacency matrix. Finally, the application process of the proposed methodology is illustrated through a case study based on bus 2 of the Roy Billinton Test System (RBTS. The results demonstrate the reasonability and effectiveness of the proposed methodology.

  11. Nuclear security education and training at Naif Arab University for Security Sciences

    International Nuclear Information System (INIS)

    Amjad Fataftah

    2009-01-01

    Naif Arab University for Security Sciences (NAUSS) was established in 1978 as an Arab institution specialized in security sciences to fulfill the needs of the Arab law enforcement agencies for an academic institution that promotes research in security sciences, offers graduate education programs and conduct short-term training courses, which should contribute to the prevention and control of crimes in the Arab world. NAUSS and the IAEA organized the first workshop on nuclear security on November, 2006, which aimed to explore and improve the nuclear security culture awareness through the definitions of the nuclear security main pillars, Prevention, Detection and Response. In addition, NAUSS and IAEA organized a very important training course on April, 2008 on combating nuclear terrorism titled P rotection against nuclear terrorism: Protection of radioactive sources . In the past two years, IAEA has put tremendous efforts to develop an education program in nuclear security, which may lead into Master's degree in nuclear security, where NAUSS helped in this project through the participation in the IAEA organized consultancy and technical meetings for the development of this program along with many other academic, security and law enfacement experts and lawyers from many different institution in the world. NAUSS and IAEA drafted a work plan for the next coming two years which should lead into the gradual implementation of these educational programs at NAUSS. NAUSS also continues to participate in several local conferences and symposiums related to the peaceful application of nuclear power in the gulf region, and the need for a human resources development programs to fulfill the scientific and security needs which will arise from building nuclear power plants. NAUSS participated in the International Symposium on the Peaceful Application of Nuclear Technology in the GCC countries, organized by King Abdulaziz University in the city of Jeddah, Saudi Arabia. Also NAUSS

  12. Mathematical Modeling Applied to Maritime Security

    OpenAIRE

    Center for Homeland Defense and Security

    2010-01-01

    Center for Homeland Defense and Security, OUT OF THE CLASSROOM Download the paper: Layered Defense: Modeling Terrorist Transfer Threat Networks and Optimizing Network Risk Reduction” Students in Ted Lewis’ Critical Infrastructure Protection course are taught how mathematic modeling can provide...

  13. Underground Test Area (UGTA) Closure Report for Corrective Action Unit 98: Frenchman Flat Nevada National Security Site, Nevada, Revision 1 ROTC-1

    International Nuclear Information System (INIS)

    Farnham, Irene

    2016-01-01

    This Closure Report (CR) has been prepared for Corrective Action Unit (CAU) 98, Frenchman Flat, Nevada National Security Site (NNSS), Nevada. The Frenchman Flat CAU was the site of 10 underground nuclear tests, some of which have impacted groundwater near the tests. This work was performed as part of the U.S. Department of Energy, National Nuclear Security Administration Nevada Field Office (NNSA/NFO) Underground Test Area (UGTA) Activity in accordance with the Federal Facility Agreement and Consent Order (FFACO). This CR describes the selected corrective action to be implemented during closure to protect human health and the environment from the impacted groundwater

  14. Underground Test Area (UGTA) Closure Report for Corrective Action Unit 98: Frenchman Flat Nevada National Security Site, Nevada, Revision 1 ROTC-1

    Energy Technology Data Exchange (ETDEWEB)

    Farnham, Irene [Navarro-Intera, LLC (N-I), Las Vegas, NV (United States)

    2016-08-01

    This Closure Report (CR) has been prepared for Corrective Action Unit (CAU) 98, Frenchman Flat, Nevada National Security Site (NNSS), Nevada. The Frenchman Flat CAU was the site of 10 underground nuclear tests, some of which have impacted groundwater near the tests. This work was performed as part of the U.S. Department of Energy, National Nuclear Security Administration Nevada Field Office (NNSA/NFO) Underground Test Area (UGTA) Activity in accordance with the Federal Facility Agreement and Consent Order (FFACO). This CR describes the selected corrective action to be implemented during closure to protect human health and the environment from the impacted groundwater

  15. Co-infection of HIV and HBV in voluntary counseling and testing center in Abidjan

    Directory of Open Access Journals (Sweden)

    Kouassi-M ’Bengue A

    2011-12-01

    Full Text Available Objective: To evaluate the co-infection of hepatitis B virus (HBV and immune deficiency virus (HIV among clients consulting at the Voluntary Counseling and Testing Center (VCT Center of the Institut Pasteur de C ôte d ’Ivoire (IPCI. Methods: A cross-sectional study was conducted from April to June 2010 at the VCT of IPCI. All clients attending the VCT of IPCI for HIV test after having signed the informed consent form were included in the study. Venous blood samples were collected from the clients after an interview. Then the rapid tests for screening of HIV infection (Determine HIV 1/2 of Abbott and Genie II HIV-1/HIV-2, Bio-Rad were performed. As for hepatitis B surface antigen (HBsAg test, it was performed using ELISA test system using Monolisa HBsAg Ultra-Bio-Rad. Results: Of 278 samples analyzed, 30 were positive to antibody against HIV-1, giving a seroprevalence of about 10.8%, and 35 were positive to HBsAg, giving a seroprevalence of 12.6%. As for co-infection of HIV and HBV, it was 7/278 cases about 2.5%. Conclusions: It can be concluded that co-infection of HBV and HIV is relatively low among clients consulting at the VCT of the IPCI. Serological surveillance should be systematic in various HIV testing centers in the country. The use of rapid tests for detection of HBsAg allows a lot of tests to be realized. However, the choice of these tests depends on the evaluation results in reference laboratories and situation on ground.

  16. Continuous Security and Configuration Monitoring of HPC Clusters

    Energy Technology Data Exchange (ETDEWEB)

    Garcia-Lomeli, H. D. [Lawrence Livermore National Lab. (LLNL), Livermore, CA (United States); Bertsch, A. D. [Lawrence Livermore National Lab. (LLNL), Livermore, CA (United States); Fox, D. M. [Lawrence Livermore National Lab. (LLNL), Livermore, CA (United States)

    2015-05-08

    Continuous security and configuration monitoring of information systems has been a time consuming and laborious task for system administrators at the High Performance Computing (HPC) center. Prior to this project, system administrators had to manually check the settings of thousands of nodes, which required a significant number of hours rendering the old process ineffective and inefficient. This paper explains the application of Splunk Enterprise, a software agent, and a reporting tool in the development of a user application interface to track and report on critical system updates and security compliance status of HPC Clusters. In conjunction with other configuration management systems, the reporting tool is to provide continuous situational awareness to system administrators of the compliance state of information systems. Our approach consisted of the development, testing, and deployment of an agent to collect any arbitrary information across a massively distributed computing center, and organize that information into a human-readable format. Using Splunk Enterprise, this raw data was then gathered into a central repository and indexed for search, analysis, and correlation. Following acquisition and accumulation, the reporting tool generated and presented actionable information by filtering the data according to command line parameters passed at run time. Preliminary data showed results for over six thousand nodes. Further research and expansion of this tool could lead to the development of a series of agents to gather and report critical system parameters. However, in order to make use of the flexibility and resourcefulness of the reporting tool the agent must conform to specifications set forth in this paper. This project has simplified the way system administrators gather, analyze, and report on the configuration and security state of HPC clusters, maintaining ongoing situational awareness. Rather than querying each cluster independently, compliance checking

  17. Emergency Operations Center ribbon cutting

    Science.gov (United States)

    2009-01-01

    Center Director Gene Goldman and special guests celebrate the opening of the site's new Emergency Operations Center on June 2. Participants included (l t r): Steven Cooper, deputy director of the National Weather Service Southern Region; Tom Luedtke, NASA associate administrator for institutions and management; Charles Scales, NASA associate deputy administrator; Mississippi Gov. Haley Barbour; Gene Goldman, director of Stennis Space Center; Jack Forsythe, NASA assistant administrator for the Office of Security and Program Protection; Dr. Richard Williams, NASA chief health and medical officer; and Weldon Starks, president of Starks Contracting Company Inc. of Biloxi.

  18. Comparison of Routable Control System Security Approaches

    Energy Technology Data Exchange (ETDEWEB)

    Edgar, Thomas W.; Hadley, Mark D.; Carroll, Thomas E.; Manz, David O.; Winn, Jennifer D.

    2011-06-01

    This document is an supplement to the 'Secure and Efficient Routable Control Systems.' It addressed security in routable control system communication. The control system environment that monitors and manages the power grid historically has utilized serial communication mechanisms. Leased-line serial communication environments operating at 1200 to 9600 baud rates are common. However, recent trends show that communication media such as fiber, optical carrier 3 (OC-3) speeds, mesh-based high-speed wireless, and the Internet are becoming the media of choice. In addition, a dichotomy has developed between the electrical transmission and distribution environments, with more modern communication infrastructures deployed by transmission utilities. The preceding diagram represents a typical control system. The Communication Links cloud supports all of the communication mechanisms a utility might deploy between the control center and devices in the field. Current methodologies used for security implementations are primarily led by single vendors or standards bodies. However, these entities tend to focus on individual protocols. The result is an environment that contains a mixture of security solutions that may only address some communication protocols at an increasing operational burden for the utility. A single approach is needed that meets operational requirements, is simple to operate, and provides the necessary level of security for all control system communication. The solution should be application independent (e.g., Distributed Network Protocol/Internet Protocol [DNP/IP], International Electrotechnical Commission [IEC] C37.118, Object Linking and Embedding for Process Control [OPC], etc.) and focus on the transport layer. In an ideal setting, a well-designed suite of standards for control system communication will be used for vendor implementation and compliance testing. An expected outcome of this effort is an international standard.

  19. CERN Technical Training: new courses on computer security

    CERN Multimedia

    HR Department

    2009-01-01

    Two new trainings are available at CERN concerning computer security. • How to create secure software? The "Developing secure software" course (3.5 hours) is designed for software programmers, both for regular software and Web applications. It covers main aspects of security in different phases of the software development lifecycle. The last, optional hour discusses security issues of Web application developers. This course, although not hands-on, is interactive and full of real-life examples. The first session of this course will take place, in English, on 21 April in the CERN Technical Training Center. More sessions will be scheduled in 2009. • How to safely navigate and send mails? The "Secure e-mail and Web browsing" course is an entry-level 1.5-hour training aimed to show how to detect and avoid typical security pitfalls encountered when e-mailing and browsing the Web. It is designed for non-technical users of Internet Explorer and Outlook. The first sessions o...

  20. Security Engineering FY17 Systems Aware Cybersecurity

    Science.gov (United States)

    2017-12-07

    Security Engineering – FY17 Systems Aware Cybersecurity Technical Report SERC-2017-TR-114 December 7 2017 Principal Investigator: Dr...December 7, 2017 Copyright © 2017 Stevens Institute of Technology, Systems Engineering Research Center The Systems Engineering Research Center (SERC...supported, in whole or in part, by the U.S. Department of Defense through the Office of the Assistant Secretary of Defense for Research and Engineering (ASD

  1. Gerald L. Epstein, PhD: director, center for science, technology, and security policy, American Association for the Advancement of Science (AAAS). Interview by Madeline Drexler.

    Science.gov (United States)

    Epstein, Gerald L

    2009-12-01

    Over his entire career, Gerald Epstein has toiled at the nexus of science, technology, and security. From 2003 to 2009, he was Senior Fellow for Science and Security at the Center for Strategic and International Studies Homeland Security Program, where he worked on reducing biological weapons threats, improving national preparedness, and easing potential tensions between the scientific research and national security communities. Epstein came to CSIS from the Institute for Defense Analyses. From 1996 to 2001, he served in the White House Office of Science and Technology Policy. And from 1983 to 1989, and again from 1991 until its demise in 1995, Epstein worked at the Congressional Office of Technology Assessment, where he directed a study on the proliferation of weapons of mass destruction, alongside research on other global security topics. A recognized expert in biological risk reduction, Epstein was actually trained as a physicist, having received SB degrees in physics and electrical engineering from MIT, and a PhD in physics from the University of California at Berkeley. How, then, did he come to study the evolving threat from bioterrorism? "What compelled me about bioterrorism was that it was a stellar example of a topic that would lead to a train wreck between the scientific community and the security community unless they figured out how to work together," he said. "The distance between a laboratory and a very large consequence event is a lot shorter in biology than in any other field. I got into bioterrorism to help make sure that the security community doesn't get so scared of the science that it shuts it down, and that the science community isn't so oblivious of security concerns that it pays no attention to them." Epstein spoke on November 6, 2009, with contributing writer Madeline Drexler, author of Emerging Epidemics: The Menace of New Infections (Penguin, 2009), an updated version of an earlier volume. Drexler holds a visiting appointment at the

  2. Experimental Platform for Usability Testing of Secure Medical Sensor Network Protocols

    DEFF Research Database (Denmark)

    Andersen, Jacob; Lo, Benny P.; Yang, Guang-Zhong

    2008-01-01

    designed security mechanisms are essential. Several experimental sensor network platforms have emerged in recent years targeted for clinical use. However, few of them consider the importance of security issues such as privacy and access control, and how these can impact the usability of the platform, while......Implementing security mechanisms such as access control for clinical use is a challenging research issue in BSN due to its required heterogeneous operating responses ranging from chronic diseases management to emergency care. To ensure the clinical uptake of the BSN technology, appropriately...... others develop BSN security without considering how a prototype implementation would be received by clinicians in real-life situations. The purpose of this paper is to present our initial effort in building a flexible experimental platform for providing a basic infrastructure with symmetric AES...

  3. PTSD: National Center for PTSD

    Medline Plus

    Full Text Available ... Website Site Map Content Inventory Accessibility Privacy and Security Updating of Web Site Web Site Policies Important ... Immunizations Flu Vaccination Prevention / Wellness Public Health Weight Management (MOVE!) Locations Hospitals & Clinics Vet Centers Veterans Canteen ...

  4. Data Center Optimization Initiative Strategic Plans

    Data.gov (United States)

    Social Security Administration — On August 1, 2016, the Office of Management and Budget issued memorandum M-16-19, establishing the Data Center Optimization Initiative (DCOI). The DCOI, as described...

  5. Center for Advancing Microbial Risk Assessment

    Data.gov (United States)

    Federal Laboratory Consortium — The Center for Advancing Microbial Risk Assessment (CAMRA), based at Michigan State University and jointly funded by the U.S. Department of Homeland Security and the...

  6. Handbook on data centers

    CERN Document Server

    Khan, Samee Ullah

    2015-01-01

    This handbook offers a comprehensive review of the state-of-the-art research achievements in the field of data centers. Contributions from international, leading researchers and scholars offer topics in cloud computing, virtualization in data centers, energy efficient data centers, and next generation data center architecture.  It also comprises current research trends in emerging areas, such as data security, data protection management, and network resource management in data centers. Specific attention is devoted to industry needs associated with the challenges faced by data centers, such as various power, cooling, floor space, and associated environmental health and safety issues, while still working to support growth without disrupting quality of service. The contributions cut across various IT data technology domains as a single source to discuss the interdependencies that need to be supported to enable a virtualized, next-generation, energy efficient, economical, and environmentally friendly data cente...

  7. Test facilities for radioactive materials transport packages (Transportation Technology Center Inc., Pueblo, Colorado, USA)

    International Nuclear Information System (INIS)

    Conlon, P.C.L.

    2001-01-01

    Transportation Technology Center, Inc. is capable of conducting tests on rail vehicle systems designed for transporting radioactive materials including low level waste debris, transuranic waste, and spent nuclear fuel and high level waste. Services include rail vehicle dynamics modelling, on-track performance testing, full scale structural fatigue testing, rail vehicle impact tests, engineering design and technology consulting, and emergency response training. (author)

  8. Guidelines for development of NASA (National Aeronautics and Space Administration) computer security training programs

    Science.gov (United States)

    Tompkins, F. G.

    1983-01-01

    The report presents guidance for the NASA Computer Security Program Manager and the NASA Center Computer Security Officials as they develop training requirements and implement computer security training programs. NASA audiences are categorized based on the computer security knowledge required to accomplish identified job functions. Training requirements, in terms of training subject areas, are presented for both computer security program management personnel and computer resource providers and users. Sources of computer security training are identified.

  9. A Security Compliance Study of the Air Force Data Services Center Multics System

    Science.gov (United States)

    1976-12-01

    with thPpate T DErscit requiyfremns oanswe this qungeeto AFysC comsinepo netk alestdroi cosms ivtisicn Afetrs oteAF)CMtcsyswIthteapial Manualm 52ir... effect on them, since AFDSC already has a secure environment. Therefore, requirements for physical security and administrative policy are only reviewed...if the addition of Multics might have some effect on the controls already in effect at the AFDSC. The remainder of this report is divided into two

  10. Underground Test Area Activity Communication/Interface Plan, Nevada National Security Site, Nevada, Revision 0

    Energy Technology Data Exchange (ETDEWEB)

    Farnham, Irene [Navarro, Las Vegas, NV (United States); Rehfeldt, Kenneth [Navarro, Las Vegas, NV (United States)

    2016-10-01

    The purpose of this plan is to provide guidelines for effective communication and interfacing between Underground Test Area (UGTA) Activity participants, including the U.S. Department of Energy (DOE), National Nuclear Security Administration Nevada Field Office (NNSA/NFO) and its contractors. This plan specifically establishes the following: • UGTA mission, vision, and core values • Roles and responsibilities for key personnel • Communication with stakeholders • Guidance in key interface areas • Communication matrix

  11. Hydrologic Source Term Processes and Models for the Clearwater and Wineskin Tests, Rainier Mesa, Nevada National Security Site

    Energy Technology Data Exchange (ETDEWEB)

    Carle, Steven F. [Lawrence Livermore National Lab. (LLNL), Livermore, CA (United States)

    2011-05-04

    This report describes the development, processes, and results of a hydrologic source term (HST) model for the CLEARWATER (U12q) and WINESKIN (U12r) tests located on Rainier Mesa, Nevada National Security Site, Nevada (Figure 1.1). Of the 61 underground tests (involving 62 unique detonations) conducted on Rainier Mesa (Area 12) between 1957 and 1992 (USDOE, 2015), the CLEARWATER and WINESKIN tests present many unique features that warrant a separate HST modeling effort from other Rainier Mesa tests.

  12. Nuclear Security Futures Scenarios

    International Nuclear Information System (INIS)

    Keller, Elizabeth James Kistin; Warren, Drake Edward; Hayden, Nancy Kay; Passell, Howard D.; Malczynski, Leonard A.; Backus, George A.

    2017-01-01

    This report provides an overview of the scenarios used in strategic futures workshops conducted at Sandia on September 21 and 29, 2016. The workshops, designed and facilitated by analysts in Center 100, used scenarios to enable thought leaders to think collectively about the changing aspects of global nuclear security and the potential implications for the US Government and Sandia National Laboratories.

  13. Nuclear Security Futures Scenarios.

    Energy Technology Data Exchange (ETDEWEB)

    Keller, Elizabeth James Kistin [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Warren, Drake Edward [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Hayden, Nancy Kay [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Passell, Howard D. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Malczynski, Leonard A. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Backus, George A. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

    2017-01-01

    This report provides an overview of the scenarios used in strategic futures workshops conducted at Sandia on September 21 and 29, 2016. The workshops, designed and facilitated by analysts in Center 100, used scenarios to enable thought leaders to think collectively about the changing aspects of global nuclear security and the potential implications for the US Government and Sandia National Laboratories.

  14. Development of a EUV Test Facility at the Marshall Space Flight Center

    Science.gov (United States)

    West, Edward; Pavelitz, Steve; Kobayashi, Ken; Robinson, Brian; Cirtain, Johnathan; Gaskin, Jessica; Winebarger, Amy

    2011-01-01

    This paper will describe a new EUV test facility that is being developed at the Marshall Space Flight Center (MSFC) to test EUV telescopes. Two flight programs, HiC - high resolution coronal imager (sounding rocket) and SUVI - Solar Ultraviolet Imager (GOES-R), set the requirements for this new facility. This paper will discuss those requirements, the EUV source characteristics, the wavelength resolution that is expected and the vacuum chambers (Stray Light Facility, Xray Calibration Facility and the EUV test chamber) where this facility will be used.

  15. Multiparty-controlled quantum secure direct communication

    International Nuclear Information System (INIS)

    Xiu, X.-M.; Dong, L.; Gao, Y.-J.; Chi, F.

    2007-01-01

    A theoretical scheme of a multiparty-controlled quantum secure direct communication is proposed. The supervisor prepares a communication network with Einstein-Podolsky-Rosen pairs and auxiliary particles. After passing a security test of the communication network, a supervisor tells the users the network is secure and they can communicate. If the controllers allow the communicators to communicate, the controllers should perform measurements and inform the communicators of the outcomes. The communicators then begin to communicate after they perform a security test of the quantum channel and verify that it is secure. The recipient can decrypt the secret message in a classical message from the sender depending on the protocol. Any two users in the network can communicate through the above processes under the control of the supervisor and the controllers

  16. Evaluating User Experiences of the Secure Messaging Tool on the Veterans Affairs’ Patient Portal System

    Science.gov (United States)

    Lind, Jason D; Shimada, Stephanie L; Martin, Tracey L; Gosline, Robert M; Antinori, Nicole; Stewart, Max; Simon, Steven R

    2014-01-01

    Background The United States Department of Veterans Affairs has implemented an electronic asynchronous “Secure Messaging” tool within a Web-based patient portal (ie, My HealtheVet) to support patient-provider communication. This electronic resource promotes continuous and coordinated patient-centered care, but to date little research has evaluated patients’ experiences and preferences for using Secure Messaging. Objective The objectives of this mixed-methods study were to (1) characterize veterans’ experiences using Secure Messaging in the My HealtheVet portal over a 3-month period, including system usability, (2) identify barriers to and facilitators of use, and (3) describe strategies to support veterans’ use of Secure Messaging. Methods We recruited 33 veterans who had access to and had previously used the portal’s Secure Messaging tool. We used a combination of in-depth interviews, face-to-face user-testing, review of transmitted secure messages between veterans and staff, and telephone interviews three months following initial contact. We assessed participants’ computer and health literacy during initial and follow-up interviews. We used a content-analysis approach to identify dominant themes in the qualitative data. We compared inferences from each of the data sources (interviews, user-testing, and message review) to identify convergent and divergent data trends. Results The majority of veterans (27/33, 82%) reported being satisfied with Secure Messaging at initial interview; satisfaction ratings increased to 97% (31/32, 1 missing) during follow-up interviews. Veterans noted Secure Messaging to be useful for communicating with their primary care team to manage health care needs (eg, health-related questions, test requests and results, medication refills and questions, managing appointments). Four domains emerged from interviews: (1) perceived benefits of using Secure Messaging, (2) barriers to using Secure Messaging, (3) facilitators for using

  17. Evaluating user experiences of the secure messaging tool on the Veterans Affairs' patient portal system.

    Science.gov (United States)

    Haun, Jolie N; Lind, Jason D; Shimada, Stephanie L; Martin, Tracey L; Gosline, Robert M; Antinori, Nicole; Stewart, Max; Simon, Steven R

    2014-03-06

    The United States Department of Veterans Affairs has implemented an electronic asynchronous "Secure Messaging" tool within a Web-based patient portal (ie, My HealtheVet) to support patient-provider communication. This electronic resource promotes continuous and coordinated patient-centered care, but to date little research has evaluated patients' experiences and preferences for using Secure Messaging. The objectives of this mixed-methods study were to (1) characterize veterans' experiences using Secure Messaging in the My HealtheVet portal over a 3-month period, including system usability, (2) identify barriers to and facilitators of use, and (3) describe strategies to support veterans' use of Secure Messaging. We recruited 33 veterans who had access to and had previously used the portal's Secure Messaging tool. We used a combination of in-depth interviews, face-to-face user-testing, review of transmitted secure messages between veterans and staff, and telephone interviews three months following initial contact. We assessed participants' computer and health literacy during initial and follow-up interviews. We used a content-analysis approach to identify dominant themes in the qualitative data. We compared inferences from each of the data sources (interviews, user-testing, and message review) to identify convergent and divergent data trends. The majority of veterans (27/33, 82%) reported being satisfied with Secure Messaging at initial interview; satisfaction ratings increased to 97% (31/32, 1 missing) during follow-up interviews. Veterans noted Secure Messaging to be useful for communicating with their primary care team to manage health care needs (eg, health-related questions, test requests and results, medication refills and questions, managing appointments). Four domains emerged from interviews: (1) perceived benefits of using Secure Messaging, (2) barriers to using Secure Messaging, (3) facilitators for using Secure Messaging, and (4) suggestions for improving

  18. MOD control center automated information systems security evolution

    Science.gov (United States)

    Owen, Rich

    1991-01-01

    The role of the technology infusion process in future Control Center Automated Information Systems (AIS) is highlighted. The following subject areas are presented in the form of the viewgraphs: goals, background, threat, MOD's AISS program, TQM, SDLC integration, payback, future challenges, and bottom line.

  19. Secure Certificateless Signature with Revocation in the Standard Model

    Directory of Open Access Journals (Sweden)

    Tung-Tso Tsai

    2014-01-01

    previously proposed certificateless signature schemes were insecure under a considerably strong security model in the sense that they suffered from outsiders’ key replacement attacks or the attacks from the key generation center (KGC. In this paper, we propose a certificateless signature scheme without random oracles. Moreover, our scheme is secure under the strong security model and provides a public revocation mechanism, called revocable certificateless signature (RCLS. Under the standard computational Diffie-Hellman assumption, we formally demonstrate that our scheme possesses existential unforgeability against adaptive chosen-message attacks.

  20. Secure Multiparty AES

    Science.gov (United States)

    Damgård, Ivan; Keller, Marcel

    We propose several variants of a secure multiparty computation protocol for AES encryption. The best variant requires 2200 + {{400}over{255}} expected elementary operations in expected 70 + {{20}over{255}} rounds to encrypt one 128-bit block with a 128-bit key. We implemented the variants using VIFF, a software framework for implementing secure multiparty computation (MPC). Tests with three players (passive security against at most one corrupted player) in a local network showed that one block can be encrypted in 2 seconds. We also argue that this result could be improved by an optimized implementation.

  1. FJ44 Turbofan Engine Test at NASA Glenn Research Center's Aero-Acoustic Propulsion Laboratory

    Science.gov (United States)

    Lauer, Joel T.; McAllister, Joseph; Loew, Raymond A.; Sutliff, Daniel L.; Harley, Thomas C.

    2009-01-01

    A Williams International FJ44-3A 3000-lb thrust class turbofan engine was tested in the NASA Glenn Research Center s Aero-Acoustic Propulsion Laboratory. This report presents the test set-up and documents the test conditions. Farfield directivity, in-duct unsteady pressures, duct mode data, and phased-array data were taken and are reported separately.

  2. Materials Characterization Center meeting on impact testing of waste forms. Summary report

    International Nuclear Information System (INIS)

    Merz, M.D.; Atteridge, D.; Dudder, G.

    1981-10-01

    A meeting was held on March 25-26, 1981 to discuss impact test methods for waste form materials to be used in nuclear waste repositories. The purpose of the meeting was to obtain guidance for the Materials Characterization Center (MCC) in preparing the MCC-10 Impact Test Method to be approved by the Materials Review Board. The meeting focused on two essential aspects of the test method, namely the mechanical process, or impact, used to effect rapid fracture of a waste form and the analysis technique(s) used to characterize particulates generated by the impact

  3. Demographic survey centered around the Nevada Test Site, Nye County, Nevada

    International Nuclear Information System (INIS)

    Richard-Haggard, K.

    1983-03-01

    Demographic data were gathered for several small population centers on and around the Nevada Test Site (NTS). Population projections were made for the three townships that include most of the major population centers in the study area, based on the share approach. These townships were Alamo Township (Lincoln County), Beatty and Pahrump townships (Nye County). It was estimated that the total population of these three townships, plus Clark County, would reach a maximum of 934,000 people by the year 2000. It was assumed that the on-site population of the NTS would continue to be a function of activity at the site, and that this would, if anything, aid in the attainment of site objectives

  4. Gene expression programming for power system static security ...

    African Journals Online (AJOL)

    user

    Keywords: static security, gene expression programming, probabilistic neural network ... Hence digital computers are usually installed in operations control centers to gather ...... power system protection, and applications of AI in power systems.

  5. Transportation Security Institute: recruiting next generation professionals.

    Science.gov (United States)

    2012-08-01

    "The Center for Transportation Training and Research (CTTR), as part of Texas Southern University (TSU), served as host for the 2012 Transportation Security Institute (TSI) in Houston and surrounding area. The 2012 Houston TSI focuses on the mission ...

  6. Workforce Retention Study in support of the U.S. Army Aberdeen Test Center human capital management strategy

    OpenAIRE

    Fore, Richard; Hacker, Kelly; Reedy, Michael; Sanchez-Vahamonde, Kristi; Whelan, Sean

    2016-01-01

    Approved for public release; distribution is unlimited In Fiscal Year 15, the U.S. Army Aberdeen Test Center (ATC) experienced an attrition rate of 10.4% of its civilian workforce. Without mitigation, the current employee turnover could result in a loss of organizational knowledge, reduction in the number of highly skilled test center employees, and a failure for ATC to meet mission objectives, namely the execution of rigorous testing to support Department of Defense acquisition programs. ...

  7. Affairs of State: The Interagency and National Security

    National Research Council Canada - National Science Library

    Marcella, Gabriel

    2008-01-01

    The war colleges of the United States are a unique national asset. They are centers of academic excellence for preparing military and civilian officers for higher positions in the national security system...

  8. Client-Focused Security Assessment of mHealth Apps and Recommended Practices to Prevent or Mitigate Transport Security Issues

    Science.gov (United States)

    Müthing, Jannis; Jäschke, Thomas

    2017-01-01

    Background Mobile health (mHealth) apps show a growing importance for patients and health care professionals. Apps in this category are diverse. Some display important information (ie, drug interactions), whereas others help patients to keep track of their health. However, insufficient transport security can lead to confidentiality issues for patients and medical professionals, as well as safety issues regarding data integrity. mHealth apps should therefore deploy intensified vigilance to protect their data and integrity. This paper analyzes the state of security in mHealth apps. Objective The objectives of this study were as follows: (1) identification of relevant transport issues in mHealth apps, (2) development of a platform for test purposes, and (3) recommendation of practices to mitigate them. Methods Security characteristics relevant to the transport security of mHealth apps were assessed, presented, and discussed. These characteristics were used in the development of a prototypical platform facilitating streamlined tests of apps. For the tests, six lists of the 10 most downloaded free apps from three countries and two stores were selected. As some apps were part of these top 10 lists in more than one country, 53 unique apps were tested. Results Out of the 53 apps tested from three European App Stores for Android and iOS, 21/53 (40%) showed critical results. All 21 apps failed to guarantee the integrity of data displayed. A total of 18 apps leaked private data or were observable in a way that compromised confidentiality between apps and their servers; 17 apps used unprotected connections; and two apps failed to validate certificates correctly. None of the apps tested utilized certificate pinning. Many apps employed analytics or ad providers, undermining user privacy. Conclusions The tests show that many mHealth apps do not apply sufficient transport security measures. The most common security issue was the use of any kind of unprotected connection. Some apps

  9. NASA Engineering and Safety Center (NESC) Enhanced Melamine (ML) Foam Acoustic Test (NEMFAT)

    Science.gov (United States)

    McNelis, Anne M.; Hughes, William O.; McNelis, Mark E.

    2014-01-01

    The NASA Engineering and Safety Center (NESC) funded a proposal to achieve initial basic acoustic characterization of ML (melamine) foam, which could serve as a starting point for a future, more comprehensive acoustic test program for ML foam. A project plan was developed and implemented to obtain acoustic test data for both normal and enhanced ML foam. This project became known as the NESC Enhanced Melamine Foam Acoustic Test (NEMFAT). This document contains the outcome of the NEMFAT project.

  10. Security and efficiency data sharing scheme for cloud storage

    International Nuclear Information System (INIS)

    Han, Ke; Li, Qingbo; Deng, Zhongliang

    2016-01-01

    With the adoption and diffusion of data sharing paradigm in cloud storage, there have been increasing demands and concerns for shared data security. Ciphertext Policy Attribute-Based Encryption (CP-ABE) is becoming a promising cryptographic solution to the security problem of shared data in cloud storage. However due to key escrow, backward security and inefficiency problems, existing CP-ABE schemes cannot be directly applied to cloud storage system. In this paper, an effective and secure access control scheme for shared data is proposed to solve those problems. The proposed scheme refines the security of existing CP-ABE based schemes. Specifically, key escrow and conclusion problem are addressed by dividing key generation center into several distributed semi-trusted parts. Moreover, secrecy revocation algorithm is proposed to address not only back secrecy but efficient problem in existing CP-ABE based scheme. Furthermore, security and performance analyses indicate that the proposed scheme is both secure and efficient for cloud storage.

  11. Knowledge of HIV Testing Guidelines Among US Internal Medicine Residents: A Decade After the Centers for Disease Control and Prevention's Routine HIV Testing Recommendations.

    Science.gov (United States)

    Dandachi, Dima; Dang, Bich N; Wilson Dib, Rita; Friedman, Harvey; Giordano, Thomas

    2018-05-01

    Ten years after the Centers for Disease Control and Prevention recommended universal HIV screening, rates remain low. Internal medicine residents are the front-line medical providers for large groups of patients. We evaluated the knowledge of internal medicine residents about HIV testing guidelines and examined adherence to universal HIV testing in an outpatient setting. A cross-sectional survey of internal medicine residents at four residency programs in Chicago was conducted from January to March 2016. Aggregate data on HIV screening were collected from 35 federally qualified community health centers in the Chicago area after inclusion of an HIV testing best practice alert in patients' electronic medical records. Of the 192 residents surveyed, 130 (68%) completed the survey. Only 58% were aware of universal HIV screening and 49% were aware that Illinois law allows for an opt-out HIV testing strategy. Most of the residents (64%) ordered no more than 10 HIV tests in 6 months. The most frequently reported barriers to HIV testing were deferral because of urgent care issues, lack of time, and the perception that patients were uncomfortable discussing HIV testing. From July 2015 to February 2016, the average HIV testing adherence rate in the 35 health centers was 18.2%. More effort is needed to change HIV testing practices among internal medicine residents so that they will adopt this approach in their future clinical practice. Improving knowledge about HIV testing and addressing other HIV testing barriers are essential for such a successful change.

  12. IT Security Support for Spaceport Command and Control System

    Science.gov (United States)

    McLain, Jeffrey

    2013-01-01

    During the fall 2013 semester, I worked at the Kennedy Space Center as an IT Security Intern in support of the Spaceport Command and Control System under the guidance of the IT Security Lead Engineer. Some of my responsibilities included assisting with security plan documentation collection, system hardware and software inventory, and malicious code and malware scanning. Throughout the semester, I had the opportunity to work on a wide range of security related projects. However, there are three projects in particular that stand out. The first project I completed was updating a large interactive spreadsheet that details the SANS Institutes Top 20 Critical Security Controls. My task was to add in all of the new commercial of the shelf (COTS) software listed on the SANS website that can be used to meet their Top 20 controls. In total, there are 153 unique security tools listed by SANS that meet one or more of their 20 controls. My second project was the creation of a database that will allow my mentor to keep track of the work done by the contractors that report to him in a more efficient manner by recording events as they occur throughout the quarter. Lastly, I expanded upon a security assessment of the Linux machines being used on center that I began last semester. To do this, I used a vulnerability and configuration tool that scans hosts remotely through the network and presents the user with an abundance of information detailing each machines configuration. The experience I gained from working on each of these projects has been invaluable, and I look forward to returning in the spring semester to continue working with the IT Security team.

  13. Culture, Structure and Leadership Impacts on Gender Inclusion in the Security Sector

    Science.gov (United States)

    2017-09-01

    Culture, structure and leadership impacts on gender inclusion in the security sector 1 DANIEL K. INOUYE ASIA PACIFIC CENTER FOR SECURITY...STUDIES OCCASIONAL PAPER, SEPTEMBER 2017 Culture, structure and leadership impacts on gender inclusion in the security sector Canyon DV Abstract...Depending on your perspective, the primary challenge to gender inclusion is either culture, structure or leadership . The good news is that they are all

  14. Analysis of trace neptunium in the vicinity of underground nuclear tests at the Nevada National Security Site.

    Science.gov (United States)

    Zhao, P; Tinnacher, R M; Zavarin, M; Kersting, A B

    2014-11-01

    A high sensitivity analytical method for (237)Np analysis was developed and applied to groundwater samples from the Nevada National Security Site (NNSS) using short-lived (239)Np as a yield tracer and HR magnetic sector ICP-MS. The (237)Np concentrations in the vicinity of the Almendro, Cambric, Dalhart, Cheshire, and Chancellor underground nuclear test locations range from nuclear tests at very low but measureable concentrations. Copyright © 2014 The Authors. Published by Elsevier Ltd.. All rights reserved.

  15. 360 PORT MDA - A Strategy to Improve Port Security

    Science.gov (United States)

    2006-09-01

    Participating Agencies (After: Executive Briefing..........................27 Table 6. Designated Joint Operations Center Participants (From: SAFE...Investigations CGIP Coast Guard Intelligence Program CHOC Charleston Harbor Operations Center CIO Command Intelligence Officer CMT Combating Maritime... EXECUTIVE SUMMARY Ports are critical to our economy and national security. Key hubs in the international trade network, U.S. ports accounted for more than

  16. Underground Test Area Fiscal Year 2013 Annual Quality Assurance Report Nevada National Security Site, Nevada, Revision 0

    Energy Technology Data Exchange (ETDEWEB)

    Krenzien, Susan [Navarro-Intera, LLC (N-I), Las Vegas, NV (United States); Marutzky, Sam [Navarro-Intera, LLC (N-I), Las Vegas, NV (United States)

    2014-01-01

    This report is required by the Underground Test Area (UGTA) Quality Assurance Plan (QAP) and identifies the UGTA quality assurance (QA) activities for fiscal year (FY) 2013. All UGTA organizations—U.S. Department of Energy (DOE), National Nuclear Security Administration Nevada Field Office (NNSA/NFO); Desert Research Institute (DRI); Lawrence Livermore National Laboratory (LLNL); Los Alamos National Laboratory (LANL); Navarro-Intera, LLC (N-I); National Security Technologies, LLC (NSTec); and the U.S. Geological Survey (USGS)—conducted QA activities in FY 2013. The activities included conducting assessments, identifying findings and completing corrective actions, evaluating laboratory performance, and publishing documents. In addition, integrated UGTA required reading and corrective action tracking was instituted.

  17. Computer-aided dispatch--traffic management center field operational test : Washington State final report

    Science.gov (United States)

    2006-05-01

    This document provides the final report for the evaluation of the USDOT-sponsored Computer-Aided Dispatch - Traffic Management Center Integration Field Operations Test in the State of Washington. The document discusses evaluation findings in the foll...

  18. Marshall Space Flight Center's Impact Testing Facility Capabilities

    Science.gov (United States)

    Finchum, Andy; Hubbs, Whitney; Evans, Steve

    2008-01-01

    Marshall Space Flight Center s (MSFC) Impact Testing Facility (ITF) serves as an important installation for space and missile related materials science research. The ITF was established and began its research in spacecraft debris shielding in the early 1960s, then played a major role in the International Space Station debris shield development. As NASA became more interested in launch debris and in-flight impact concerns, the ITF grew to include research in a variety of impact genres. Collaborative partnerships with the DoD led to a wider range of impact capabilities being relocated to MSFC as a result of the closure of Particle Impact Facilities in Santa Barbara, California. The Particle Impact Facility had a 30 year history in providing evaluations of aerospace materials and components during flights through rain, ice, and solid particle environments at subsonic through hypersonic velocities. The facility s unique capabilities were deemed a "National Asset" by the DoD. The ITF now has capabilities including environmental, ballistic, and hypervelocity impact testing utilizing an array of air, powder, and two-stage light gas guns to accommodate a variety of projectile and target types and sizes. Numerous upgrades including new instrumentation, triggering circuitry, high speed photography, and optimized sabot designs have been implemented. Other recent research has included rain drop demise characterization tests to obtain data for inclusion in on-going model development. The current and proposed ITF capabilities range from rain to micrometeoroids allowing the widest test parameter range possible for materials investigations in support of space, atmospheric, and ground environments. These test capabilities including hydrometeor, single/multi-particle, ballistic gas guns, exploding wire gun, and light gas guns combined with Smooth Particle Hydrodynamics Code (SPHC) simulations represent the widest range of impact test capabilities in the country.

  19. RF Regional Technical Centers for MPC and A Sustainability Operations

    International Nuclear Information System (INIS)

    Lambert, L D; Toth, W J; Hendrickson, S

    2004-01-01

    The National Nuclear Security Administration (NNSA) programmatic vision to be a catalyst in Russia's assumption of responsibility for long-term system operation is exemplified in the sustainability cooperation with the RF Ministry of Defense (MOD). An identified goal for the MPC and A Program is to encourage the development of Russian Federation (RF) capabilities and commitments to operate and maintain safeguard improvements. The RF MOD Technical Support Center development fulfills the NNSA mission and MPC and A Program goal. The regional technical center concept involves a systematic approach to aid in the determination of the level of sustainability assistance required to transition operators, maintenance, training, and testing of MPC and A systems to the RF MOD. This paper describes the process used to create the RF MOD Technical support center. First are described the needs analyses conducted to determine the key system sustainability factors requiring support. These sustainability functions are then compiled to influence the form and ultimate physical design of the technical support center. Operational interfaces are described, in detail that show the benefit of the center to the individual sites. Finally, benefits relating to information accessibility and other economies of scale are described that highlight the central center concept's strengths

  20. Mastering System Center 2012 Configuration Manager

    CERN Document Server

    Rachui, Steve; Martinez, Santos; Daalmans, Peter

    2012-01-01

    Expert coverage of Microsoft's highly anticipated network software deployment tool The latest version of System Center Configuration Manager (SCCM) is a dramatic update of its predecessor Configuration Manager 2007, and this book offers intermediate-to-advanced coverage of how the new SCCM boasts a simplified hierarchy, role-based security, a new console, flexible application deployment, and mobile management. You'll explore planning and installation, migrating from SCCM 2007, deploying software and operating systems, security, monitoring and troubleshooting, and automating and customizing SCC

  1. Transmission Line Security Monitor: Final Report

    Energy Technology Data Exchange (ETDEWEB)

    John Svoboda

    2011-04-01

    The Electric Power Transmission Line Security Monitor System Operational Test is a project funded by the Technical Support Working Group (TSWG). TSWG operates under the Combating Terrorism Technical Support Office that functions under the Department of Defense. The Transmission Line Security Monitor System is based on technology developed by Idaho National Laboratory. The technology provides a means for real-time monitoring of physical threats and/or damage to electrical transmission line towers and conductors as well as providing operational parameters to transmission line operators to optimize transmission line operation. The end use is for monitoring long stretches of transmission lines that deliver electrical power from remote generating stations to cities and industry. These transmission lines are generally located in remote transmission line corridors where security infrastructure may not exist. Security and operational sensors in the sensor platform on the conductors take power from the transmission line and relay security and operational information to operations personnel hundreds of miles away without relying on existing infrastructure. Initiated on May 25, 2007, this project resulted in pre-production units tested in realistic operational environments during 2010. A technology licensee, Lindsey Manufacturing of Azusa California, is assisting in design, testing, and ultimately production. The platform was originally designed for a security monitoring mission, but it has been enhanced to include important operational features desired by electrical utilities.

  2. Center for Epidemiologic Studies Depression Scale for Children: psychometric testing of the Chinese version.

    Science.gov (United States)

    Li, Ho Cheung William; Chung, Oi Kwan Joyce; Ho, Ka Yan

    2010-11-01

    This paper is a report of psychometric testing of the Chinese version of the Center for Epidemiologic Studies Depression Scale for Children. The availability of a valid and reliable instrument that accurately detects depressive symptoms in children is crucial before any psychological intervention can be appropriately planned and evaluated. There is no such an instrument for Chinese children. A test-retest, within-subjects design was used. A total of 313 primary school students between the ages of 8 and 12 years were invited to participate in the study in 2009. Participants were asked to respond to the Chinese version of the Center for Epidemiologic Studies Depression Scale for Children, short form of the State Anxiety Scale for Children and Rosenberg's Self-Esteem Scale. The internal consistency, content validity and construct validity and test-retest reliability of the Chinese version of the Center for Epidemiologic Studies Depression Scale for Children were assessed. The newly-translated scale demonstrated adequate internal consistency, good content validity and appropriate convergent and discriminant validity. Confirmatory factor analysis added further evidence of the construct validity of the scale. Results suggest that the newly-translated scale can be used as a self-report assessment tool in detecting depressive symptoms of Chinese children aged between 8 and 12 years. © 2010 Blackwell Publishing Ltd.

  3. Strengthening nuclear security

    International Nuclear Information System (INIS)

    Kurihara, Hiroyoshi

    2003-01-01

    The international situation after the end of the Cold-War has been quite unstable, due to the occurrence of frequent regional conflicts and domestic wars based on ethnic, religious or racial reasons. Further, threats to the would peace and security by non-state actors, like international terrorist groups, have been recognized after 9.11 terrorist attacks to the World Trade Center buildings and to the Pentagon. Utilization of nuclear energy, which encompasses both peaceful uses and military ones, required an establishment of regulatory system, by which risks associated with the development of nuclear energy can be controlled. Accordingly, nuclear safety control system, and then non-proliferation control system has been developed, both in the international level and notional level. In recognition of the present unstable international situations, it is required to establish, maintain and strengthen a system which control nuclear security aspect, in addition to the present systems. (author)

  4. Security Vulnerability Profiles of NASA Mission Software: Empirical Analysis of Security Related Bug Reports

    Science.gov (United States)

    Goseva-Popstojanova, Katerina; Tyo, Jacob P.; Sizemore, Brian

    2017-01-01

    principle. Specifically, for all three datasets, from 86 to 88 the security related issues were located in two to four subsystems.- The severity levels of most security issues were moderate, in all three datasets.- Out of 21 primary security classes, five dominated: Exception Management, Memory Access, Other, Risky Values, and Unused Entities. Together, these classes contributed from around 80 to 90 of all security issues in each dataset. This again proves the Pareto principle of uneven distribution of security issues, in this case across CWE classes, and supports the fact that addressing these dominant security classes provides the most cost efficient way to improve missions' security. The findings presented in this report uncovered the security vulnerability profiles and identified the common trends and dominant classes of security issues, which in turn can be used to select the most efficient secure design and coding best practices compiled by the part of the SARP project team associated with the NASA's Johnson Space Center. In addition, these findings provide valuable input to the NASA IVV initiative aimed at identification of the two 25 CWEs of ground and flight missions.

  5. Armstrong Flight Research Center Flight Test Capabilities and Opportunities for the Applications of Wireless Data Acquisition Systems

    Science.gov (United States)

    Hang, Richard

    2015-01-01

    The presentation will overview NASA Armstrong Flight Research Centers flight test capabilities, which can provide various means for flight testing of passive and active wireless sensor systems, also, it will address the needs of the wireless data acquisition solutions for the centers flight instrumentation issues such as additional weight caused by added instrumentation wire bundles, connectors, wire cables routing, moving components, etc., that the Passive Wireless Sensor Technology Workshop may help. The presentation shows the constraints and requirements that the wireless sensor systems will face in the flight test applications.

  6. SECURE nuclear district heating plant

    International Nuclear Information System (INIS)

    Nilsson; Hannus, M.

    1978-01-01

    The role foreseen for the SECURE (Safe Environmentally Clean Urban REactor) nuclear district heating plant is to provide the baseload heating needs of primarily the larger and medium size urban centers that are outside the range of waste heat supply from conventional nuclear power stations. The rationale of the SECURE concept is that the simplicity in design and the inherent safety advantages due to the use of low temperatures and pressures should make such reactors economically feasible in much smaller unit sizes than nuclear power reactors and should make their urban location possible. It is felt that the present design should be safe enough to make urban underground location possible without restriction according to any criteria based on actual risk evaluation. From the environmental point of view, this is a municipal heat supply plant with negligible pollution. Waste heat is negligible, gaseous radioactivity release is negligible, and there is no liquid radwaste release. Economic comparisons show that the SECURE plant is competitive with current fossil-fueled alternatives. Expected future increase in energy raw material prices will lead to additional energy cost advantages to the SECURE plant

  7. CCNA Security Study Guide, Exam 640-553

    CERN Document Server

    Boyles, Tim

    2010-01-01

    A complete study guide for the new CCNA Security certification exam. In keeping with its status as the leading publisher of CCNA study guides, Sybex introduces the complete guide to the new CCNA security exam. The CCNA Security certification is the first step towards Cisco's new Cisco Certified Security Professional (CCSP) and Cisco Certified Internetworking Engineer-Security. With a foreword by CCNA networking authority Todd Lammle, CCNA Security Study Guide fully covers every exam objective. The companion CD includes the Sybex Test Engine, flashcards, and a PDF of the book.: The CCNA Securit

  8. Client-Focused Security Assessment of mHealth Apps and Recommended Practices to Prevent or Mitigate Transport Security Issues.

    Science.gov (United States)

    Müthing, Jannis; Jäschke, Thomas; Friedrich, Christoph M

    2017-10-18

    Mobile health (mHealth) apps show a growing importance for patients and health care professionals. Apps in this category are diverse. Some display important information (ie, drug interactions), whereas others help patients to keep track of their health. However, insufficient transport security can lead to confidentiality issues for patients and medical professionals, as well as safety issues regarding data integrity. mHealth apps should therefore deploy intensified vigilance to protect their data and integrity. This paper analyzes the state of security in mHealth apps. The objectives of this study were as follows: (1) identification of relevant transport issues in mHealth apps, (2) development of a platform for test purposes, and (3) recommendation of practices to mitigate them. Security characteristics relevant to the transport security of mHealth apps were assessed, presented, and discussed. These characteristics were used in the development of a prototypical platform facilitating streamlined tests of apps. For the tests, six lists of the 10 most downloaded free apps from three countries and two stores were selected. As some apps were part of these top 10 lists in more than one country, 53 unique apps were tested. Out of the 53 apps tested from three European App Stores for Android and iOS, 21/53 (40%) showed critical results. All 21 apps failed to guarantee the integrity of data displayed. A total of 18 apps leaked private data or were observable in a way that compromised confidentiality between apps and their servers; 17 apps used unprotected connections; and two apps failed to validate certificates correctly. None of the apps tested utilized certificate pinning. Many apps employed analytics or ad providers, undermining user privacy. The tests show that many mHealth apps do not apply sufficient transport security measures. The most common security issue was the use of any kind of unprotected connection. Some apps used secure connections only for selected tasks

  9. 33 CFR 55.11 - How are child development center fees established?

    Science.gov (United States)

    2010-07-01

    ... 33 Navigation and Navigable Waters 1 2010-07-01 2010-07-01 false How are child development center... HOMELAND SECURITY PERSONNEL CHILD DEVELOPMENT SERVICES General § 55.11 How are child development center fees established? (a) Fees for the provision of services at child development centers shall be set by...

  10. 77 FR 12981 - Establishment of the Interagency Trade Enforcement Center

    Science.gov (United States)

    2012-03-05

    ... order to advance U.S. foreign policy and protect the national and economic security of the United States... of Homeland Security; (vii) the Office of the Director of National Intelligence; and (viii) other... Director. The Center shall also have an Intelligence Community Liaison, who shall be a full- time senior...

  11. Underground Test Area Fiscal Year 2012 Annual Quality Assurance Report Nevada National Security Site, Nevada, Revision 0

    Energy Technology Data Exchange (ETDEWEB)

    Farnham, Irene [Navarro-Intera, LLC (N-I), Las Vegas, NV (United States); Marutzky, Sam [Navarro-Intera, LLC (N-I), Las Vegas, NV (United States)

    2013-01-01

    This report is mandated by the Underground Test Area (UGTA) Quality Assurance Project Plan (QAPP) and identifies the UGTA quality assurance (QA) activities for fiscal year (FY) 2012. All UGTA organizations—U.S. Department of Energy (DOE), National Nuclear Security Administration Nevada Site Office (NNSA/NSO); Desert Research Institute (DRI); Lawrence Livermore National Laboratory (LLNL); Los Alamos National Laboratory (LANL); Navarro-Intera, LLC (N-I); National Security Technologies, LLC (NSTec); and the U.S. Geological Survey (USGS)—conducted QA activities in FY 2012. The activities included conducting assessments, identifying findings and completing corrective actions, evaluating laboratory performance, revising the QAPP, and publishing documents. In addition, processes and procedures were developed to address deficiencies identified in the FY 2011 QAPP gap analysis.

  12. Security challenges and opportunities in adaptive and reconfigurable hardware

    OpenAIRE

    Costan, Victor Marius; Devadas, Srinivas

    2011-01-01

    We present a novel approach to building hardware support for providing strong security guarantees for computations running in the cloud (shared hardware in massive data centers), while maintaining the high performance and low cost that make cloud computing attractive in the first place. We propose augmenting regular cloud servers with a Trusted Computation Base (TCB) that can securely perform high-performance computations. Our TCB achieves cost savings by spreading functionality across two pa...

  13. Applying reliability centered maintenance analysis principles to inservice testing

    International Nuclear Information System (INIS)

    Flude, J.W.

    1994-01-01

    Federal regulations require nuclear power plants to use inservice test (IST) programs to ensure the operability of safety-related equipment. IST programs are based on American Society of Mechanical Engineers (ASME) Boiler and Pressure Vessel Code requirements. Many of these plants also use Reliability Centered Maintenance (RCM) to optimize system maintenance. ASME Code requirements are hard to change. The process for requesting authority to use an alternate strategy is long and expensive. The difficulties of obtaining this authority make the use of RCM method on safety-related systems not cost effective. An ASME research task force on Risk Based Inservice Testing is investigating changing the Code. The change will allow plants to apply RCM methods to the problem of maintenance strategy selection for safety-related systems. The research task force is working closely with the Codes and Standards sections to develop a process related to the RCM process. Some day plants will be able to use this process to develop more efficient and safer maintenance strategies

  14. The distinctive sequelae of children's coping with interparental conflict: Testing the reformulated emotional security theory.

    Science.gov (United States)

    Davies, Patrick T; Martin, Meredith J; Sturge-Apple, Melissa L; Ripple, Michael T; Cicchetti, Dante

    2016-10-01

    Two studies tested hypotheses about the distinctive psychological consequences of children's patterns of responding to interparental conflict. In Study 1, 174 preschool children (M = 4.0 years) and their mothers participated in a cross-sectional design. In Study 2, 243 preschool children (M = 4.6 years) and their parents participated in 2 annual measurement occasions. Across both studies, multiple informants assessed children's psychological functioning. Guided by the reformulated version of emotional security theory, behavioral observations of children's coping with interparental conflict assessed their tendencies to exhibit 4 patterns based on their function in defusing threat: secure (i.e., efficiently address direct instances of threat), mobilizing (i.e., react to potential threat and social opportunities), dominant (i.e., directly defeat threat), and demobilizing (i.e., reduce salience as a target of hostility). As hypothesized, each profile predicted unique patterns of adjustment. Greater security was associated with lower levels of internalizing and externalizing symptoms and greater social competence, whereas higher dominance was associated with externalizing problems and extraversion. In contrast, mobilizing patterns of reactivity predicted more problems with self-regulation, internalizing symptoms, externalizing difficulties, but also greater extraversion. Finally, higher levels of demobilizing reactivity were linked with greater internalizing problems and lower extraversion but also better self-regulation. (PsycINFO Database Record (c) 2016 APA, all rights reserved).

  15. COMPUTATIONAL SCIENCE CENTER

    Energy Technology Data Exchange (ETDEWEB)

    DAVENPORT,J.

    2004-11-01

    The Brookhaven Computational Science Center brings together researchers in biology, chemistry, physics, and medicine with applied mathematicians and computer scientists to exploit the remarkable opportunities for scientific discovery which have been enabled by modern computers. These opportunities are especially great in computational biology and nanoscience, but extend throughout science and technology and include for example, nuclear and high energy physics, astrophysics, materials and chemical science, sustainable energy, environment, and homeland security.

  16. Abramovo Counterterrorism Training Center

    International Nuclear Information System (INIS)

    Hayes, Christopher M.; Ross, Larry; Kaldenbach, Karen Yvonne; Estigneev, Yuri; Murievav, Andrey

    2011-01-01

    The U.S. government has been assisting the Russian Federation (RF) Ministry of Defense (MOD) for many years with nuclear weapons transportation security (NWTS) through the provision of specialized guard escort railcars and cargo railcars with integrated physical security and communication systems, armored transport vehicles, and armored escort vehicles. As a natural continuation of the NWTS program, a partnership has been formed to construct a training center that will provide counterterrorism training to personnel in all branches of the RF MOD. The Abramovo Counterterrorism Training Center (ACTC) is a multinational, multiagency project with funding from Canada, RF and the U.S. Departments of Defense and Energy. ACTC will be a facility where MOD personnel can conduct basic through advanced training in various security measures to protect Category IA material against the threat of terrorist attack. The training will enhance defense-in-depth principles by integrating MOD guard force personnel into the overall physical protection systems and improving their overall response time and neutralization capabilities. The ACTC project includes infrastructure improvements, renovation of existing buildings, construction of new buildings, construction of new training facilities, and provision of training and other equipment. Classroom training will be conducted in a renovated training building. Basic and intermediate training will be conducted on three different security training areas where various obstacles and static training devices will be constructed. The central element of ACTC, where advanced training will be held, is the 'autodrome,' a 3 km road along which various terrorist events can be staged to challenge MOD personnel in realistic and dynamic nuclear weapons transportation scenarios. This paper will address the ACTC project elements and the vision for training development and integrating this training into actual nuclear weapons transportation operations.

  17. Security Implications of Virtualization: A Literature Study

    NARCIS (Netherlands)

    van Cleeff, A.; Pieters, Wolter; Wieringa, Roelf J.

    2009-01-01

    Server virtualization is a key technology for today's data centers, allowing dedicated hardware to be turned into resources that can be used on demand.However, in spite of its important role, the overall security impact of virtualization is not well understood.To remedy this situation, we have

  18. Sandia National Laboratories: Microsystems Science & Technology Center

    Science.gov (United States)

    Environmental Management System Pollution Prevention History 60 impacts Diversity Locations Facts & Figures Programs Nuclear Weapons About Nuclear Weapons Safety & Security Weapons Science & Technology Robotics R&D 100 Awards Laboratory Directed Research & Development Technology Deployment Centers

  19. Human papillomavirus infection of the cervix uteri in women attending a Health Examination Center of the French social security.

    Science.gov (United States)

    Beby-Defaux, A; Bourgoin, A; Ragot, S; Battandier, D; Lemasson, J M; Renaud, O; Bouguermouh, S; Vienne Md, Maladie de la; Agius, G

    2004-06-01

    Since human papillomavirus (HPV) is the central causal factor in cervical cancer, understanding the epidemiology of this infection constitutes an important step towards development of strategies for prevention. Six hundred and fifty seven cervical samples were tested for HPV using PCR with consensus primers (MY09/MY11), by genotyping (restriction and sequencing analyses) and by cervical cytology, from women who attended a Health Examination Center of the French social security. Women with no cervical smear as well as women with cytological abnormalities within the last 3 years were recruited. HPV DNA was detected in 7.3% of the women (5.3% for high-risk, 2.4% for low-risk, and 0.5% for unknown risk types) including 6 (0.9%) mixed infections. Fifteen different genotypes were detected, of which genotypes 16 (22.2%), 58 (13.0%), 18 (11.1%), 30 (9.2%), and 33 (9.2%) were the most prevalent. In age group 17-25 years, we found the highest frequencies for both any (22.1%) and high-risk (14.7%) HPV, and prevalences gradually decreased with age. 5.2% of low-grade squamous intraepithelial lesion, 0.3% of high-grade squamous intraepithelial lesion, and 1.2% of atypical squamous cells of undetermined significance were found. The frequencies of high risk and all HPV types were significantly higher in squamous intraepithelial lesions than in those with normal and reactive/reparative changes (P < 0.0001). The prevalence of high-risk HPV in the atypical squamous cells of undetermined significance/low-grade squamous intraepithelial lesion group (28.6%) was significantly higher than in the normal and reactive/reparative changes groups (3.4%) (P < 0.0001). HPV detection was associated with younger age, single marital and non-pregnant status (P < 0.0001), premenopausal status (P = 0.0004), and contraception (P = 0.0008). Marital status (OR 4.5; 95% CI = 2.3-9.0) and tobacco consumption (OR 3.0; 95% CI = 1.6-5.7) were predictive independent factors of HPV infection. The French system

  20. The E-3 Test Facility at Stennis Space Center: Research and Development Testing for Cryogenic and Storable Propellant Combustion Systems

    Science.gov (United States)

    Pazos, John T.; Chandler, Craig A.; Raines, Nickey G.

    2009-01-01

    This paper will provide the reader a broad overview of the current upgraded capabilities of NASA's John C. Stennis Space Center E-3 Test Facility to perform testing for rocket engine combustion systems and components using liquid and gaseous oxygen, gaseous and liquid methane, gaseous hydrogen, hydrocarbon based fuels, hydrogen peroxide, high pressure water and various inert fluids. Details of propellant system capabilities will be highlighted as well as their application to recent test programs and accomplishments. Data acquisition and control, test monitoring, systems engineering and test processes will be discussed as part of the total capability of E-3 to provide affordable alternatives for subscale to full scale testing for many different requirements in the propulsion community.

  1. 76 FR 23810 - Public Safety and Homeland Security Bureau; Federal Advisory Committee Act; Emergency Response...

    Science.gov (United States)

    2011-04-28

    ... FEDERAL COMMUNICATIONS COMMISSION Public Safety and Homeland Security Bureau; Federal Advisory Committee Act; Emergency Response Interoperability Center Public Safety Advisory Committee Meeting AGENCY... Fullano, Associate Chief, Public Safety and Homeland Security Bureau, Federal Communications Commission...

  2. Security for Multimedia Space Data Distribution over the Internet

    Science.gov (United States)

    Stone, Thom; Picinich, Lou; Givens, John J. (Technical Monitor)

    1995-01-01

    Distribution of interactive multimedia to remote investigators will be required for high quality science on the International Space Station (ISS). The Internet with the World Wide Web (WWW) and the JAVA environment are a good match for distribution of data, video and voice to remote science centers. Utilizing the "open" Internet in a secure manner is the major hurdle in making use of this cost effective, off-the-shelf, universal resource. This paper examines the major security threats to an Internet distribution system for payload data and the mitigation of these threats. A proposed security environment for the Space Station Biological Research Facility (SSBRP) is presented with a short description of the tools that have been implemented or planned. Formulating and implementing a security policy, firewalls, host hardware and software security are also discussed in this paper. Security is a vast topic and this paper can only give an overview of important issues. This paper postulates that a structured approach is required and stresses that security must be built into a network from the start. Ignoring security issues or putting them off until late in the development cycle can be disastrous.

  3. Security-by-design handbook.

    Energy Technology Data Exchange (ETDEWEB)

    Snell, Mark Kamerer; Jaeger, Calvin Dell; Scharmer, Carol; Jordan, Sabina Erteza; Tanuma, Koji [Japan Atomic Energy Agency, Tokai-mura, Ibaraki, Japan; Ochiai, Kazuya [Japan Atomic Energy Agency, Tokai-mura, Ibaraki, Japan; Iida, Toru [Japan Atomic Energy Agency, Tokai-mura, Ibaraki, Japan

    2013-01-01

    This document is a draft SecuritybyDesign (SeBD) handbook produced to support the Work Plan of the Nuclear Security Summit to share best practices for nuclear security in new facility design. The Work Plan calls on States to %E2%80%9Cencourage nuclear operators and architect/engineering firms to take into account and incorporate, where appropriate, effective measures of physical protection and security culture into the planning, construction, and operation of civilian nuclear facilities and provide technical assistance, upon request, to other States in doing so.%E2%80%9D The materials for this document were generated primarily as part of a bilateral project to produce a SeBD handbook as a collaboration between the Japan Atomic Energy Agency (JAEA) Nuclear Nonproliferation Science and Technology Center and Sandia National Laboratories (SNL), which represented the US Department Energy (DOE) National Nuclear Security Administration (NNSA) under a Project Action Sheet PASPP04. Input was also derived based on tours of the Savannah River Site (SRS) and Japan Nuclear Fuel Limited (JNFL) Rokkasho Mixed Oxide Fuel fabrication facilities and associated project lessonslearned. For the purposes of the handbook, SeBD will be described as the systemlevel incorporation of the physical protection system (PPS) into a new nuclear power plant or nuclear facility resulting in a PPS design that minimizes the risk of malicious acts leading to nuclear material theft; nuclear material sabotage; and facility sabotage as much as possible through features inherent in (or intrinsic to) the design of the facility. A fourelement strategy is presented to achieve a robust, durable, and responsive security system.

  4. Laser Spot Center Detection and Comparison Test

    Science.gov (United States)

    Zhu, Jun; Xu, Zhengjie; Fu, Deli; Hu, Cong

    2018-04-01

    High efficiency and precision of the pot center detection are the foundations of avionics instrument navigation and optics measurement basis for many applications. It has noticeable impact on overall system performance. Among them, laser spot detection is very important in the optical measurement technology. In order to improve the low accuracy of the spot center position, the algorithm is improved on the basis of the circle fitting. The pretreatment is used by circle fitting, and the improved adaptive denoising filter for TV repair technology can effectively improves the accuracy of the spot center position. At the same time, the pretreatment and de-noising can effectively reduce the influence of Gaussian white noise, which enhances the anti-jamming capability.

  5. A Study on Industrial Security Experts Demanding Forecasting in Intelligent Sensor Network

    OpenAIRE

    Hyungwook Yang; Hyeri Kim; Hangbae Chang

    2015-01-01

    There have been efforts made to come up with a solution through advancement based on developing technological solution. However, it has come to the point where various forms of the leakage centering on people that are the subject of core asset leakage cannot be solved through technological method. At present time in which the limitation of information security that seeks technological security has been clearly revealed, there is an increasing interest in industrial security for establishing c...

  6. Use of the iTClamp versus standard suturing techniques for securing chest tubes: A randomized controlled cadaver study

    Directory of Open Access Journals (Sweden)

    Jessica Mckee

    2018-03-01

    Full Text Available Objectives: Tube thoracostomy (TT is a common yet potentially life-saving trauma procedure. After successful placement however, securing a TT through suturing is a skillset that requires practice, risking that the TT may become dislodged during prehospital transport. The purpose of this study was to examine if the iTClamp was a simpler technique with equivalent effectiveness for securing TTs. Materials and methods: In a cadaver model, a 1.5 inch incision was utilized along the upper border of the rib below the 5th intercostal space at the anterior axillary line. TTs (sizes 28Fr, 32Fr, 36Fr and 40Fr were inserted and secured with both suturing and iTClamp techniques according to the preset randomization. TT were then functionally tested for positive and negative pressure as well as the force required to remove the TT (pull test-up to 5 lbs. Time to secure the TT was also recorded. Results: When sutured is placed by a trained surgeon, the sutures and iTClamp were functionally equivalent for holding a positive and negative pressure. Mean pull force for both sutures and iTClamp exceeded the 5 lb threshold; there was no significant difference between the groups. Securing the TT with the iTClamp was significantly faster (p < 0.0001 with the iTClamp having a mean application time of 37.0 ± 22.8 s and using a suture had a man application time of 96.3 ± 29.0 s. Conclusion: The iTClamp was effective in securing TTs. The main benefit to the iTClamp is that minimal skill is required to adequately secure a TT to ensure that it does not become dislodged during transport to a trauma center. Keywords: Chest tube, Tube thoracostomy, Securing chest tubes

  7. North Korea’s Second Nuclear Test: Implications of U.N. Security Council Resolution 1874

    Science.gov (United States)

    2010-04-15

    butter” (or in North Korea’s case, rice ) and, in the process, creating a humanitarian disaster. The additional sanctions in U.N. Resolution 1874 target...the May 2009 North Korean nuclear test. See also CRS Report RL34327, Proliferation Security Initiative (PSI), by Mary Beth Nikitin. 72 “Nuclear Black ...Beverages 5,137,988 5,084,449 6,652,041 33 Perfumery, Cosmetic Products 1,322,454 1,672,327 1,688,481 42 Leather Art; Saddlery, Etc. 772,645 1,441,805

  8. An adaptive secret key-directed cryptographic scheme for secure transmission in wireless sensor networks

    International Nuclear Information System (INIS)

    Muhammad, K.; Jan, Z.; Khan, Z

    2015-01-01

    Wireless Sensor Networks (WSNs) are memory and bandwidth limited networks whose main goals are to maximize the network lifetime and minimize the energy consumption and transmission cost. To achieve these goals, different techniques of compression and clustering have been used. However, security is an open and major issue in WSNs for which different approaches are used, both in centralized and distributed WSNs' environments. This paper presents an adaptive cryptographic scheme for secure transmission of various sensitive parameters, sensed by wireless sensors to the fusion center for further processing in WSNs such as military networks. The proposed method encrypts the sensitive captured data of sensor nodes using various encryption procedures (bitxor operation, bits shuffling, and secret key based encryption) and then sends it to the fusion center. At the fusion center, the received encrypted data is decrypted for taking further necessary actions. The experimental results with complexity analysis, validate the effectiveness and feasibility of the proposed method in terms of security in WSNs. (author)

  9. Integrating Local Public Health Agencies into the Homeland Security Community

    National Research Council Canada - National Science Library

    Reed, Patricia D

    2007-01-01

    After more than seven years of funding through The Centers for Disease Control and Prevention, local public health agencies have made inconsistent progress in fulfilling their Homeland Security objectives...

  10. Social connectedness is associated with food security among peri-urban Peruvian Amazonian communities.

    Science.gov (United States)

    Lee, Gwenyth O; Surkan, Pamela J; Zelner, Jon; Paredes Olórtegui, Maribel; Peñataro Yori, Pablo; Ambikapathi, Ramya; Caulfield, Laura E; Gilman, Robert H; Kosek, Margaret N

    2018-04-01

    Food insecurity is a major global public health issue. Social capital has been identified as central to maintaining food security across a wide range of low- and middle-income country contexts, but few studies have examined this relationship through sociocentric network analysis. We investigated relationships between household- and community-level social connectedness, household food security, and household income; and tested the hypothesis that social connectedness modified the relationship between income and food security. A cross-sectional census with an embedded questionnaire to capture social relationships was conducted among eleven peri-urban communities. Community connectedness was related to study outcomes of food security and per-capita income through regression models. Of 1520 households identified, 1383 were interviewed (91.0%) and 1272 (83.9%) provided complete data. Households in the youngest communities had the most total contacts, and the highest proportion of contacts outside of the community. Household income was also associated with more outside-community contacts (0.05 more contacts per standard deviation increase in income, psecure households reported more contacts nearby (0.24 increase in household food insecurity access scale (HFIAS) for each additional contact, psecurity (-0.92 decrease in HFIAS for each one-unit increase in community mean degree, p=0.008). There was no evidence that social connectedness modified the relationship between income and food security such that lower-income households benefited more from community membership than higher-income households. Although households reported networks that spanned rural villages and urban centers, contacts within the community, with whom food was regularly shared, were most important to maintaining food security. Interventions that build within-community connectedness in peri-urban settings may increase food security.

  11. User-centered design and usability testing of an innovative health-related quality of life module.

    Science.gov (United States)

    Nagykaldi, Z J; Jordan, M; Quitoriano, J; Ciro, C A; Mold, J W

    2014-01-01

    Various computerized health risk appraisals (HRAs) are available, but few of them assess health-related quality of life (HRQoL) in a goal-directed framework. This study describes the user-centered development and usability testing of an innovative HRQoL module that extends a validated HRA tool in primary care settings. Systematic user-centered design, usability testing, and qualitative methods were used to develop the HRQoL module in primary care practices. Twenty two patients and 5 clinicians participated in two rounds of interactive technology think-out-loud sessions (TOLs) and semi-structured interviews (SSIs) to iteratively develop a four-step, computerized process that collects information on patient goals for meaningful life activities and current level of disability and presents a personalized and prioritized list of preventive recommendations linked to online resources. Analysis of TOLs and SSIs generated 5 categories and 11 sub-categories related to facilitators and barriers to usability and human-technology interaction. The categories included: Understanding the Purpose, Usability, Perceived Value, Literacy, and Participant Motivation. Some categories were inter-connected. The technology was continually and iteratively improved between sessions until saturation of positive feedback was achieved in 4 categories (addressing motivation will require more research). Usability of all screen units of the module was improved substantially. Clinician feedback emphasized the importance of the module's ability to translate the patient-centered HRQoL Report into actionable items for clinicians to facilitate shared decision-making. Complete integration of the HRQoL module into the existing HRA will require further development and testing. Systematic application of user-centered design and human factors principles in technology development and testing may significantly improve the usability and clinical value of health information systems. This more sophisticated

  12. Quantum Secure Direct Communication Using W State

    International Nuclear Information System (INIS)

    Dong Li; Xiu Xiaoming; Gao Yajun; Chi Feng

    2008-01-01

    A theoretical scheme of quantum secure direct communication using teleportation is proposed. In the scheme, the sender needs to prepare a class of three-particle W states to use as quantum channel. The two communicators may communicate after they test the security of the quantum channel. The security of the protocol is ensured by quantum entanglement and quantum no-cloning theorem. The receiver can obtain the secret message determinately if the quantum channel is secure

  13. State of security at US colleges and universities: a national stakeholder assessment and recommendations.

    Science.gov (United States)

    Greenberg, Sheldon F

    2007-09-01

    In 2004 the US Department of Justice, Office of Community Oriented Policing Services, sponsored a National Summit on Campus Public Safety. The summit brought together various stakeholders including campus police and security officials, local police chiefs, college and university faculty and administrators, federal officials, students and parents, and community leaders to address the issues and complexities of campus safety. Delegates to the summit identified key issues in campus safety and security, which included establishing a national center on campus safety, balancing traditional open environments with the need to secure vulnerable sites, improving coordination with state and local police, reducing internal fragmentation, elevating professionalism, and increasing eligibility of campus police and security agencies to compete for federal law enforcement funds. Focus on "active shooters" on campus, resulting from the Virginia Tech incident, should not diminish attention placed on the broader, more prevalent safety and security issues facing the nation's educational campuses. Recommendations resulting from the summit called for establishing a national agenda on campus safety, formation of a national center on campus public safety, and increased opportunity for campus police and security agencies to compete for federal and state funds.

  14. Space and Missile Systems Center Standard: Test Requirements for Launch, Upper-Stage and Space Vehicles

    Science.gov (United States)

    2014-09-05

    Aviation Blvd. El Segundo, CA 90245 4. This standard has been approved for use on all Space and Missile Systems Center/Air Force Program...140 Satellite Hardness and Survivability; Testing Rationale for Electronic Upset and Burnout Effects 30. JANNAF-GL-2012-01-RO Test and Evaluation...vehicle, subsystem, and unit lev- els . Acceptance testing shall be conducted on all subsequent flight items. The protoqualification strategy shall require

  15. Controls Over Operating System and Security Software Supporting the Defense Finance and Accounting Service

    National Research Council Canada - National Science Library

    McKinney, Terry

    1994-01-01

    This is the final in a series of three audits of management controls over the operating systems and security software used by the information processing centers that support the Defense Finance and Accounting Centers (DFAS...

  16. A study of the security technology and a new security model for WiFi network

    Science.gov (United States)

    Huang, Jing

    2013-07-01

    The WiFi network is one of the most rapidly developing wireless communication networks, which makes wireless office and wireless life possible and greatly expands the application form and scope of the internet. At the same time, the WiFi network security has received wide attention, and this is also the key factor of WiFi network development. This paper makes a systematic introduction to the WiFi network and WiFi network security problems, and the WiFi network security technology are reviewed and compared. In order to solve the security problems in WiFi network, this paper presents a new WiFi network security model and the key exchange algorithm. Experiments are performed to test the performance of the model, the results show that the new security model can withstand external network attack and ensure stable and safe operation of WiFi network.

  17. 33 CFR 106.255 - Security systems and equipment maintenance.

    Science.gov (United States)

    2010-07-01

    ... 33 Navigation and Navigable Waters 1 2010-07-01 2010-07-01 false Security systems and equipment... Shelf (OCS) Facility Security Requirements § 106.255 Security systems and equipment maintenance. (a) Security systems and equipment must be in good working order and inspected, tested, calibrated, and...

  18. Computer-aided dispatch--traffic management center field operational test : state of Utah final report

    Science.gov (United States)

    2006-07-01

    This document provides the final report for the evaluation of the USDOT-sponsored Computer-Aided Dispatch Traffic Management Center Integration Field Operations Test in the State of Utah. The document discusses evaluation findings in the followin...

  19. Network Science Center Research Team’s Visit to Kampala, Uganda

    Science.gov (United States)

    2013-04-15

    TERMS Network Analysis, Economic Networks, Entrepreneurial Ecosystems , Economic Development, Data Collection 16. SECURITY CLASSIFICATION OF: 17...the Project Synopsis, Developing Network Models of Entrepreneurial Ecosystems in Developing Economies, on the Network Science Center web site.) A...Thomas visited Kampala, Uganda in support of an ongoing Network Science Center project to develop models of entrepreneurial networks. Our Center has

  20. Autonomous Voltage Security Regions to Prevent Cascading Trip Faults in Wind Turbine Generators

    DEFF Research Database (Denmark)

    Niu, Tao; Guo, Qinglai; Sun, Hongbin

    2016-01-01

    Cascading trip faults in large-scale wind power centralized integration areas bring new challenges to the secure operation of power systems. In order to deal with the complexity of voltage security regions and the computation difficulty, this paper proposes an autonomous voltage security region...... wind farm, an AVSR is determined to guarantee the normal operation of each wind turbine generator (WTG), while in the control center, each region is designed in order to guarantee secure operation both under normal conditions and after an N-1 contingency. A real system in Northern China was used...

  1. US DOE Regional Test Centers Program - 2016 Annual Report.

    Energy Technology Data Exchange (ETDEWEB)

    Stein, Joshua [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

    2017-05-01

    The US Department of Energy’s Regional Test Center (RTC) program provides outdoor validation and bankability data for innovative solar technologies at five sites across the US representing a range of climate conditions. Data helps get new technologies to market faster and improves US industry competitiveness. Managed by Sandia National Laboratories and the National Renewable Energy Laboratory (NREL), the RTC program partners with US manufacturers of photovoltaic (PV) technologies, including modules, inverters, and balance-of-system equipment. The study is collaborative, with manufacturers (also known as RTC industry partners) and the national labs working together on a system design and validation strategy that meets a clearly defined set of performance and reliability objectives.

  2. Marketing Plan for the National Security Technology Incubator

    Energy Technology Data Exchange (ETDEWEB)

    None

    2008-03-31

    This marketing plan was developed as part of the National Security Preparedness Project by the Arrowhead Center of New Mexico State University. The vision of the National Security Technology Incubator program is to be a successful incubator of technologies and private enterprise that assist the NNSA in meeting new challenges in national safety and security. The plan defines important aspects of developing the incubator, such as defining the target market, marketing goals, and creating strategies to reach the target market while meeting those goals. The three main marketing goals of the incubator are: 1) developing marketing materials for the incubator program; 2) attracting businesses to become incubator participants; and 3) increasing name recognition of the incubator program on a national level.

  3. Human health risk assessment database, "the NHSRC toxicity value database": supporting the risk assessment process at US EPA's National Homeland Security Research Center.

    Science.gov (United States)

    Moudgal, Chandrika J; Garrahan, Kevin; Brady-Roberts, Eletha; Gavrelis, Naida; Arbogast, Michelle; Dun, Sarah

    2008-11-15

    The toxicity value database of the United States Environmental Protection Agency's (EPA) National Homeland Security Research Center has been in development since 2004. The toxicity value database includes a compilation of agent property, toxicity, dose-response, and health effects data for 96 agents: 84 chemical and radiological agents and 12 biotoxins. The database is populated with multiple toxicity benchmark values and agent property information from secondary sources, with web links to the secondary sources, where available. A selected set of primary literature citations and associated dose-response data are also included. The toxicity value database offers a powerful means to quickly and efficiently gather pertinent toxicity and dose-response data for a number of agents that are of concern to the nation's security. This database, in conjunction with other tools, will play an important role in understanding human health risks, and will provide a means for risk assessors and managers to make quick and informed decisions on the potential health risks and determine appropriate responses (e.g., cleanup) to agent release. A final, stand alone MS ACESSS working version of the toxicity value database was completed in November, 2007.

  4. Human health risk assessment database, 'the NHSRC toxicity value database': Supporting the risk assessment process at US EPA's National Homeland Security Research Center

    International Nuclear Information System (INIS)

    Moudgal, Chandrika J.; Garrahan, Kevin; Brady-Roberts, Eletha; Gavrelis, Naida; Arbogast, Michelle; Dun, Sarah

    2008-01-01

    The toxicity value database of the United States Environmental Protection Agency's (EPA) National Homeland Security Research Center has been in development since 2004. The toxicity value database includes a compilation of agent property, toxicity, dose-response, and health effects data for 96 agents: 84 chemical and radiological agents and 12 biotoxins. The database is populated with multiple toxicity benchmark values and agent property information from secondary sources, with web links to the secondary sources, where available. A selected set of primary literature citations and associated dose-response data are also included. The toxicity value database offers a powerful means to quickly and efficiently gather pertinent toxicity and dose-response data for a number of agents that are of concern to the nation's security. This database, in conjunction with other tools, will play an important role in understanding human health risks, and will provide a means for risk assessors and managers to make quick and informed decisions on the potential health risks and determine appropriate responses (e.g., cleanup) to agent release. A final, stand alone MS ACESSS working version of the toxicity value database was completed in November, 2007

  5. C-130: Results of center wing residual strength and crack propagation test program

    Science.gov (United States)

    Reeder, F. L.; Dirkin, W. J.; Snider, H. L.

    1971-01-01

    Fourteen C-130 airplane center wings which had experienced from approximately 4,000 to 13,000 hours of flight service and its associated fatigue damage were tested to destruction, seven in upbending and seven in downbending. Six wings were tested directly for static residual strength in the fatigue-damaged condition as received from field service. The other eight wings were tested in crack propagation cyclic testing at a prescribed stress level for a maximum of 10,000 cycles. Then the stress level was reduced and testing was continued up to a maximum of 20,000 total cycles. Cyclic testing was performed with constant-amplitude stresses at a stress ratio of +0.1. Maximum cyclic skin stresses were approximately 18,000 psi. At the conclusion of cyclic testing, a static test to destruction was conducted to determine the residual strength of each fatigue-damaged specimen.

  6. Threat modeling designing for security

    CERN Document Server

    Shostack, Adam

    2014-01-01

    Adam Shostack is responsible for security development lifecycle threat modeling at Microsoft and is one of a handful of threat modeling experts in the world. Now, he is sharing his considerable expertise into this unique book. With pages of specific actionable advice, he details how to build better security into the design of systems, software, or services from the outset. You'll explore various threat modeling approaches, find out how to test your designs against threats, and learn effective ways to address threats that have been validated at Microsoft and other top companies. Systems secur

  7. Material Control and Accounting (MC and A) System Upgrades and Performance Testing at the Russian Federal Nuclear Center-All-Russian Scientific Research Institute of Experimental Physics (RFNC-VNIIEF)

    International Nuclear Information System (INIS)

    Bushmelev, Vadim; Viktorov, Vladimir; Zhikharev, Stanislav; Yuferev, Vladimir; Singh, Surinder Paul; Kuzminski, Jozef; Hogan, Kevin; McKisson, Jacquelin

    2008-01-01

    The All-Russian Scientific Research Institute of Experimental Physics (VNIIEF), founded in 1946 at the historic village of Sarov, in Nizhniy Novgorod Oblast, is the largest nuclear research center in the Rosatom complex. In the framework of international collaboration, the United States (US) Department of Energy/National Nuclear Security Agency, in cooperation with US national laboratories, on the one hand, Rosatom and VNIIEF on the other hand, have focused their cooperative efforts to upgrade the existing material protection control and accountability system to prevent unauthorized access to the nuclear material. In this paper we will discuss the present status of material control and accounting (MC and A) system upgrades and the preliminary results from a pilot program on the MC and A system performance testing that was recently conducted at one technical area.

  8. Cyber Security and Resilient Systems

    Energy Technology Data Exchange (ETDEWEB)

    Robert S. Anderson

    2009-07-01

    The Department of Energy (DOE) Idaho National Laboratory (INL) has become a center of excellence for critical infrastructure protection, particularly in the field of cyber security. It is one of only a few national laboratories that have enhanced the nation’s cyber security posture by performing industrial control system (ICS) vendor assessments as well as user on-site assessments. Not only are vulnerabilities discovered, but described actions for enhancing security are suggested – both on a system-specific basis and from a general perspective of identifying common weaknesses and their corresponding corrective actions. These cyber security programs have performed over 40 assessments to date which have led to more robust, secure, and resilient monitoring and control systems for the US electrical grid, oil and gas, chemical, transportation, and many other sectors. In addition to cyber assessments themselves, the INL has been engaged in outreach to the ICS community through vendor forums, technical conferences, vendor user groups, and other special engagements as requested. Training programs have been created to help educate all levels of management and worker alike with an emphasis towards real everyday cyber hacking methods and techniques including typical exploits that are used. The asset owner or end user has many products available for its use created from these programs. One outstanding product is the US Department of Homeland Security (DHS) Cyber Security Procurement Language for Control Systems document that provides insight to the user when specifying a new monitoring and control system, particularly concerning security requirements. Employing some of the top cyber researchers in the nation, the INL can leverage this talent towards many applications other than critical infrastructure. Monitoring and control systems are used throughout the world to perform simple tasks such as cooking in a microwave to complex ones such as the monitoring and control of the

  9. Cyber Security and Resilient Systems

    International Nuclear Information System (INIS)

    Anderson, Robert S.

    2009-01-01

    The Department of Energy (DOE) Idaho National Laboratory (INL) has become a center of excellence for critical infrastructure protection, particularly in the field of cyber security. It is one of only a few national laboratories that have enhanced the nation's cyber security posture by performing industrial control system (ICS) vendor assessments as well as user on-site assessments. Not only are vulnerabilities discovered, but described actions for enhancing security are suggested - both on a system-specific basis and from a general perspective of identifying common weaknesses and their corresponding corrective actions. These cyber security programs have performed over 40 assessments to date which have led to more robust, secure, and resilient monitoring and control systems for the US electrical grid, oil and gas, chemical, transportation, and many other sectors. In addition to cyber assessments themselves, the INL has been engaged in outreach to the ICS community through vendor forums, technical conferences, vendor user groups, and other special engagements as requested. Training programs have been created to help educate all levels of management and worker alike with an emphasis towards real everyday cyber hacking methods and techniques including typical exploits that are used. The asset owner or end user has many products available for its use created from these programs. One outstanding product is the US Department of Homeland Security (DHS) Cyber Security Procurement Language for Control Systems document that provides insight to the user when specifying a new monitoring and control system, particularly concerning security requirements. Employing some of the top cyber researchers in the nation, the INL can leverage this talent towards many applications other than critical infrastructure. Monitoring and control systems are used throughout the world to perform simple tasks such as cooking in a microwave to complex ones such as the monitoring and control of the

  10. Small Radioisotope Power System Testing at NASA Glenn Research Center

    Science.gov (United States)

    Dugala, Gina; Bell, Mark; Oriti, Salvatore; Fraeman, Martin; Frankford, David; Duven, Dennis

    2013-01-01

    In April 2009, NASA Glenn Research Center (GRC) formed an integrated product team (IPT) to develop a Small Radioisotope Power System (SRPS) utilizing a single Advanced Stirling Convertor (ASC) with passive balancer. A single ASC produces approximately 80 We making this system advantageous for small distributed lunar science stations. The IPT consists of Sunpower, Inc., to provide the single ASC with a passive balancer, The Johns Hopkins University Applied Physics Laboratory (JHUAPL) to design an engineering model Single Convertor Controller (SCC) for an ASC with a passive balancer, and NASA GRC to provide technical support to these tasks and to develop a simulated lunar lander test stand. The single ASC with a passive balancer, simulated lunar lander test stand, and SCC were delivered to GRC and were tested as a system. The testing sequence at GRC included SCC fault tolerance, integration, electromagnetic interference (EMI), vibration, and extended operation testing. The SCC fault tolerance test characterized the SCCs ability to handle various fault conditions, including high or low bus power consumption, total open load or short circuit, and replacing a failed SCC card while the backup maintains control of the ASC. The integrated test characterized the behavior of the system across a range of operating conditions, including variations in cold-end temperature and piston amplitude, including the emitted vibration to both the sensors on the lunar lander and the lunar surface. The EMI test characterized the AC and DC magnetic and electric fields emitted by the SCC and single ASC. The vibration test confirms the SCCs ability to control the single ASC during launch. The extended operation test allows data to be collected over a period of thousands of hours to obtain long term performance data of the ASC with a passive balancer and the SCC. This paper will discuss the results of each of these tests.

  11. A Comparative Assesment of Facility Location Problem via fuzzy TOPSIS and fuzzy VIKOR: A Case Study on Security Services

    Directory of Open Access Journals (Sweden)

    Dilşad GÜZEL

    2015-05-01

    Full Text Available Today, law enforcement and security services are critically important for peace and prosperity of communities. The law enforcement forces serve citizens using security materials. The distribution of security materials is the dominant factor in determining the outcome of law enforcement duties. Failing to supply the required amounts of security materials properly, when and where it is needed, can lead to chaos. In this study, it is aimed to provide a decision support tool that can help to select the most appropriate location of security materials distribution center. The distribution center location problem is a complex multi-criteria problem including both quantitative and qualitative factors which may be in conflict and may also be uncertain. We proposed a comparative analysis that exploits fuzzy TOPSIS and fuzzy VIKOR techniques. Fuzzy weights of the 20 criteria and fuzzy judgments about 4 potential locations of distribution center as alternatives are employed to compute evaluation scores and ranking. Based on the evaluation criteria, Konya has been found the best alternative accourding to both techniques as well.

  12. Increases in Recent HIV Testing Among Men Who Have Sex With Men Coincide With the Centers for Disease Control and Prevention's Expanded Testing Initiative

    Science.gov (United States)

    Cooley, Laura A.; Wejnert, Cyprian; Rose, Charles E.; Paz-Bailey, Gabriela; Taussig, Jennifer; Gern, Robert; Hoyte, Tamika; Salazar, Laura; White, Jianglan; Todd, Jeff; Bautista, Greg; Flynn, Colin; Sifakis, Frangiscos; German, Danielle; Isenberg, Debbie; Driscoll, Maura; Hurwitz, Elizabeth; Doherty, Rose; Wittke, Chris; Prachand, Nikhil; Benbow, Nanette; Melville, Sharon; Pannala, Praveen; Yeager, Richard; Sayegh, Aaron; Dyer, Jim; Sheu, Shane; Novoa, Alicia; Thrun, Mark; Al-Tayyib, Alia; Wilmoth, Ralph; Higgins, Emily; Griffin, Vivian; Mokotoff, Eve; MacMaster, Karen; Wolverton, Marcia; Risser, Jan; Rehman, Hafeez; Padgett, Paige; Bingham, Trista; Sey, Ekow Kwa; LaLota, Marlene; Metsch, Lisa; Forrest, David; Beck, Dano; Cardenas, Gabriel; Nemeth, Chris; Anderson, Bridget J.; Watson, Carol-Ann; Smith, Lou; Robinson, William T.; Gruber, DeAnn; Barak, Narquis; Murrill, Chris; Neaigus, Alan; Jenness, Samuel; Hagan, Holly; Reilly, Kathleen H.; Wendel, Travis; Cross, Helene; Bolden, Barbara; D'Errico, Sally; Wogayehu, Afework; Godette, Henry; Brady, Kathleen A.; Kirkland, Althea; Sifferman, Andrea; Miguelino-Keasling, Vanessa; Velasco, Al; Tovar, Veronica; Raymond, H. Fisher; De León, Sandra Miranda; Rolón-Colón, Yadira; Marzan, Melissa; Courogen, Maria; Jaenicke, Tom; Thiede, Hanne; Burt, Richard; Jia, Yujiang; Opoku, Jenevieve; Sansone, Marie; West, Tiffany; Magnus, Manya; Kuo, Irene

    2015-01-01

    According to National HIV Behavioral Surveillance system data, human immunodeficiency virus (HIV) testing increased among gay, bisexual, and other men who have sex with men from 2008 to 2011 in cities funded by the Centers for Disease Control and Prevention's Expanded Testing Initiative, suggesting that focused HIV testing initiatives might have positive effects. PMID:25352589

  13. Field studies of safety security rescue technologies through training and response activities

    Science.gov (United States)

    Murphy, Robin R.; Stover, Sam

    2006-05-01

    This paper describes the field-oriented philosophy of the Institute for Safety Security Rescue Technology (iSSRT) and summarizes the activities and lessons learned during calendar year 2005 of its two centers: the Center for Robot-Assisted Search and Rescue and the NSF Safety Security Rescue industry/university cooperative research center. In 2005, iSSRT participated in four responses (La Conchita, CA, Mudslides, Hurricane Dennis, Hurricane Katrina, Hurricane Wilma) and conducted three field experiments (NJTF-1, Camp Hurricane, Richmond, MO). The lessons learned covered mobility, operator control units, wireless communications, and general reliability. The work has collectively identified six emerging issues for future work. Based on these studies, a 10-hour, 1 continuing education unit credit course on rescue robotics has been created and is available. Rescue robots and sensors are available for loan upon request.

  14. Energy security: between markets and sovereign politics

    Directory of Open Access Journals (Sweden)

    Dudau Radu

    2016-09-01

    Full Text Available Energy security is a constant presence in the energy-related political discourse all over the world. States strive to secure steady inflows of needed energy supplies, as well as the price affordability of those supplies. However, what are deemed to be the best means to meet such goals depends on one’s theoretical vantage point. On the one hand, economically-minded theorists maintain that energy security is only a matter of market rules and interactions. Thus, they call upon energy markets to deliver both steady supplies and competitive prices. On the other hand, politically-minded scholars emphasize the political and hard-power nature of international energy trades, especially in a global context market by the emergence of state-centered, authoritarian regimes that use large national energy companies as foreign policy instruments. These two positions delineate competing approaches to how energy security risks ought to be managed. The former approaches energy security risks by means similar to portfolio management, requiring diversification of investments in order to insulate them from market shocks. The latter approaches energy security as a matter of foreign policy, by which states envisage interest coordination and favorable alignments within countervailing alliances against the agent of energy security risk. The present paper goes beyond the uncontentious point that these two dimensions are complementary. It argues that, depending on the international context, a more market-driven or a more-politically driven behavior may be adequate.

  15. Twitter, Facebook, and Ten Red Balloons: Social Network Problem Solving and Homeland Security

    OpenAIRE

    Ford, Christopher M.

    2011-01-01

    This article appeared in Homeland Security Affairs (February 2011), v.7 no.1 This essay, the winner of the Center for Homeland Defense and Security (CHDS) Essay Contest in 2010, looks at how homeland security could benefit from crowd-sourced applications accessed through social networking tools such as Twitter and Facebook. Christopher M. Ford looks at the apparent efficacy of two such endeavors: the Defense Advanced Research Projects Agency'۪s (DARPA) competition to find ten 8-foot balloo...

  16. Development of Non-hazardous Explosives for Security Training and Testing (NESTT)

    International Nuclear Information System (INIS)

    Kury, J.W.; Simpson, R.L.; Hallowell, S.F.

    1996-01-01

    The security force at the Lawrence Livermore National Laboratory (LLNL) routinely used canines to search for explosives and other contraband substances. The use of threat quantities of explosive for realistic training in populated or sensitive Laboratory areas has not been permitted because of the hazard. To overcome this limitation a series of non-hazardous materials with authentic signatures have been prepared and evaluated. A series of materials has been prepared that have authentic properties of explosives but are non-hazardous. These NESTT materials are prepared by coating a few micron thick layer of an explosive on a non-reactive substrate. This produces a formulation with an authentic vapor and molecular signature. Authentic x-ray and oxygen/nitrogen density signatures are obtained through the appropriate choice of a substrate. The signatures of NESTT TNT and NESTT Comp. C-4 have been verified by instrument and canine (K-9) detection in a Beta Test Program

  17. Development of quantitative security optimization approach for the picture archives and carrying system between a clinic and a rehabilitation center

    Science.gov (United States)

    Haneda, Kiyofumi; Kajima, Toshio; Koyama, Tadashi; Muranaka, Hiroyuki; Dojo, Hirofumi; Aratani, Yasuhiko

    2002-05-01

    The target of our study is to analyze the level of necessary security requirements, to search for suitable security measures and to optimize security distribution to every portion of the medical practice. Quantitative expression must be introduced to our study, if possible, to enable simplified follow-up security procedures and easy evaluation of security outcomes or results. Using fault tree analysis (FTA), system analysis showed that system elements subdivided into groups by details result in a much more accurate analysis. Such subdivided composition factors greatly depend on behavior of staff, interactive terminal devices, kinds of services provided, and network routes. Security measures were then implemented based on the analysis results. In conclusion, we identified the methods needed to determine the required level of security and proposed security measures for each medical information system, and the basic events and combinations of events that comprise the threat composition factors. Methods for identifying suitable security measures were found and implemented. Risk factors for each basic event, a number of elements for each composition factor, and potential security measures were found. Methods to optimize the security measures for each medical information system were proposed, developing the most efficient distribution of risk factors for basic events.

  18. An Agile Enterprise Regulation Architecture for Health Information Security Management

    Science.gov (United States)

    Chen, Ying-Pei; Hsieh, Sung-Huai; Chien, Tsan-Nan; Chen, Heng-Shuen; Luh, Jer-Junn; Lai, Jin-Shin; Lai, Feipei; Chen, Sao-Jie

    2010-01-01

    Abstract Information security management for healthcare enterprises is complex as well as mission critical. Information technology requests from clinical users are of such urgency that the information office should do its best to achieve as many user requests as possible at a high service level using swift security policies. This research proposes the Agile Enterprise Regulation Architecture (AERA) of information security management for healthcare enterprises to implement as part of the electronic health record process. Survey outcomes and evidential experiences from a sample of medical center users proved that AERA encourages the information officials and enterprise administrators to overcome the challenges faced within an electronically equipped hospital. PMID:20815748

  19. An agile enterprise regulation architecture for health information security management.

    Science.gov (United States)

    Chen, Ying-Pei; Hsieh, Sung-Huai; Cheng, Po-Hsun; Chien, Tsan-Nan; Chen, Heng-Shuen; Luh, Jer-Junn; Lai, Jin-Shin; Lai, Feipei; Chen, Sao-Jie

    2010-09-01

    Information security management for healthcare enterprises is complex as well as mission critical. Information technology requests from clinical users are of such urgency that the information office should do its best to achieve as many user requests as possible at a high service level using swift security policies. This research proposes the Agile Enterprise Regulation Architecture (AERA) of information security management for healthcare enterprises to implement as part of the electronic health record process. Survey outcomes and evidential experiences from a sample of medical center users proved that AERA encourages the information officials and enterprise administrators to overcome the challenges faced within an electronically equipped hospital.

  20. A novel security algorithm for gsm mobile

    International Nuclear Information System (INIS)

    Minhas, A.A.; Mehmood, W.; Ijaz, A.

    2010-01-01

    Security is a crucial factor in the provision of secure mobile services. The rapid growth of harmful attacks has increased the need for higher security level, especially in the case of wireless networks. GSM security is proposed by A5/1 synchronous symmetric-key stream cipher. It has been revealed in (1), (2), and (3) that biased birthday attack, random subgraph attack and correlation attack, breach the security at the air interface. In this paper, we have proposed a high level security solution that incorporates a new Key setup routine and new feedback taps positions. We have shown that the proposed solution is more secure and efficient by simulating and application of different Statistical Tests for standard A5/1 and proposed A5/1 in MATLAB and comparing results. (author)

  1. Security research roadmap; Security-tutkimuksen roadmap

    Energy Technology Data Exchange (ETDEWEB)

    Naumanen, M.; Rouhiainen, V. (eds.)

    2006-02-15

    Requirements for increasing security have arisen in Europe after highly visible and tragic events in Madrid and in London. While responsibility for security rests largely with the national activities, the EU has also started planning a research area .Space and security. as a part of the 7th Framework Programme. As the justification for this research area it has been presented that technology alone can not assure security, but security can not be assured without the support of technology. Furthermore, the justification highlights that security and military research are becoming ever closer. The old separation between civil and military research is decreasing, because it has been noticed that both areas are nowadays utilising the same knowledge. In Finland, there is already now noteworthy entrepreneurship related to security. Although some of the companies are currently only operating in Finland, others are already international leaders in their area. The importance of the security area is increasing and remarkable potential for new growth business areas can already be identified. This however also requires an increase in research efforts. VTT has a broad range of security research ongoing in many technology areas. The main areas have been concentrating on public safety and security, but VTT is participating also in several research projects related to the defence technology. For identifying and defining in more detail the expertise and research goals, the Security research roadmap was developed. The roadmap identified three particularly significant areas related to security. The assurance of critical infrastructure emphasises the protection of energy networks, information networks, water supply, traffic and transport, and obviously also the citizens. For assuring the activities of entrepreneurship, significant areas include the security of production and services, the security of sites and assets, and information security for embedded systems. The most important

  2. INFORMATION SYSTEM SECURITY (CYBER SECURITY

    Directory of Open Access Journals (Sweden)

    Muhammad Siddique Ansari

    2016-03-01

    Full Text Available Abstract - Business Organizations and Government unequivocally relies on upon data to deal with their business operations. The most unfavorable impact on association is disappointment of friendship, goodness, trustworthiness, legitimacy and probability of data and administrations. There is an approach to ensure data and to deal with the IT framework's Security inside association. Each time the new innovation is made, it presents some new difficulties for the insurance of information and data. To secure the information and data in association is imperative on the grounds that association nowadays inside and remotely joined with systems of IT frameworks. IT structures are inclined to dissatisfaction and security infringement because of slips and vulnerabilities. These slips and vulnerabilities can be brought on by different variables, for example, quickly creating headway, human slip, poor key particulars, poor movement schedules or censuring the threat. Likewise, framework changes, new deserts and new strikes are a huge piece of the time displayed, which helpers augmented vulnerabilities, disappointments and security infringement all through the IT structure life cycle. The business went to the confirmation that it is essentially difficult to ensure a slip free, risk free and secure IT structure in perspective of the disfigurement of the disavowing security parts, human pass or oversight, and part or supplies frustration. Totally secure IT frameworks don't exist; just those in which the holders may have changing degrees of certainty that security needs of a framework are fulfilled do. The key viewpoints identified with security of data outlining are examined in this paper. From the start, the paper recommends pertinent legitimate structure and their duties including open association obligation, and afterward it returns to present and future time, system limits, structure security in business division. At long last, two key inadequacy markers

  3. Development programs of cutting-edge technologies for measurement and detection of nuclear material for safeguards and security

    International Nuclear Information System (INIS)

    Seya, Michio; Wakabayashi, Shuji; Naoi, Yosuke; Ohkubo, Michiaki; Senzaki, Masao

    2011-01-01

    The Integrated Support Center for Nuclear Nonproliferation and Nuclear Security ('ISCN', hereafter) of Japan Atomic Energy Agency (JAEA) has development programs of cutting-edge technologies for measurement and detection of nuclear materials for nuclear safeguards and security, under the sponsorship of Japanese government (MEXT: Ministry of Education, Culture, Sports, Science and Technology). ISCN started development programs of the following technologies this year. (1) NRF (Nuclear Resonance Fluorescence) NDA technology using laser Compton scattering (LCS) gamma-rays, (2) Alternative to 3 He neutron detection technology using inorganic solid scintillator. ISCN is also going to conduct a demonstration test of a spent fuel Pu-NDA system that is to be developed by LANL (Los Alamos National Laboratory) using very sophisticated neutron measurement technologies, under JAEA/USDOE cooperation agreement. This presentation shows the above programs of ISCN. (author)

  4. Official Position of the American Academy of Clinical Neuropsychology Social Security Administration Policy on Validity Testing: Guidance and Recommendations for Change.

    Science.gov (United States)

    Chafetz, M D; Williams, M A; Ben-Porath, Y S; Bianchini, K J; Boone, K B; Kirkwood, M W; Larrabee, G J; Ord, J S

    2015-01-01

    The milestone publication by Slick, Sherman, and Iverson (1999) of criteria for determining malingered neurocognitive dysfunction led to extensive research on validity testing. Position statements by the National Academy of Neuropsychology and the American Academy of Clinical Neuropsychology (AACN) recommended routine validity testing in neuropsychological evaluations. Despite this widespread scientific and professional support, the Social Security Administration (SSA) continued to discourage validity testing, a stance that led to a congressional initiative for SSA to reevaluate their position. In response, SSA commissioned the Institute of Medicine (IOM) to evaluate the science concerning the validation of psychological testing. The IOM concluded that validity assessment was necessary in psychological and neuropsychological examinations (IOM, 2015 ). The AACN sought to provide independent expert guidance and recommendations concerning the use of validity testing in disability determinations. A panel of contributors to the science of validity testing and its application to the disability process was charged with describing why the disability process for SSA needs improvement, and indicating the necessity for validity testing in disability exams. This work showed how the determination of malingering is a probability proposition, described how different types of validity tests are appropriate, provided evidence concerning non-credible findings in children and low-functioning individuals, and discussed the appropriate evaluation of pain disorders typically seen outside of mental consultations. A scientific plan for validity assessment that additionally protects test security is needed in disability determinations and in research on classification accuracy of disability decisions.

  5. Assessing Children's Appraisals of Security in the Family System: The Development of the Security in the Family System (SIFS) Scales

    Science.gov (United States)

    Forman, Evan M.; Davies, Patrick T.

    2005-01-01

    Background: Although delineating the processes by which children appraise the family as a source of security from their collective experiences in the family subsystem has assumed center stage in many conceptualizations of child development, the dearth of measures of child adaptation in the family system has hindered empirical advances. Therefore,…

  6. Evaluate Data Center Network Performance

    DEFF Research Database (Denmark)

    Pilimon, Artur

    through a data center network, which is usually built with layer 2 switches and layer 3 routers. The topology of the data center network is crucial for latency in the data communication to and from the data center and between servers in the data center. Tests can be conducted to measure latency and other...... Engineering, scientists evaluate data center network topologies with an SDN-based (Software-Defined Networking) control framework measuring network performance – primarily latency. This can be used to plan data center scaling by testing how a new topology will function before changes are made. Data center...... performance parameters for different data center network topologies. It is however important that tests can be repeated and reproduced to have comparable information from the tests. There are, of course, many topologies that can be used for data center networks. At DTU Fotonik, Department of Photonics...

  7. On Consistency Test Method of Expert Opinion in Ecological Security Assessment.

    Science.gov (United States)

    Gong, Zaiwu; Wang, Lihong

    2017-09-04

    To reflect the initiative design and initiative of human security management and safety warning, ecological safety assessment is of great value. In the comprehensive evaluation of regional ecological security with the participation of experts, the expert's individual judgment level, ability and the consistency of the expert's overall opinion will have a very important influence on the evaluation result. This paper studies the consistency measure and consensus measure based on the multiplicative and additive consistency property of fuzzy preference relation (FPR). We firstly propose the optimization methods to obtain the optimal multiplicative consistent and additively consistent FPRs of individual and group judgments, respectively. Then, we put forward a consistency measure by computing the distance between the original individual judgment and the optimal individual estimation, along with a consensus measure by computing the distance between the original collective judgment and the optimal collective estimation. In the end, we make a case study on ecological security for five cities. Result shows that the optimal FPRs are helpful in measuring the consistency degree of individual judgment and the consensus degree of collective judgment.

  8. International Security in the World Economic Relations

    Directory of Open Access Journals (Sweden)

    Otenko Iryna P

    2016-05-01

    Full Text Available The article discusses the urgent topic of the evolution of international relations, the issue of establishing international security, and the development of international economic cooperation based on the principles of security. In order to analyze the current status of international security in the world and to identify key factors that hinder the way of establishing a positive global community, researches by the international analytical centers together with the institutes for international security and cooperation have been generalized. To this end, both the status of and changes in the Global Peace Index in the recent years has been disclosed, the position of Ukraine in the world according to this index has been examined. It has been proven that the main international security problems are related to the armed conflicts, civil wars, political violence, terrorism impacting the development of humanity as a whole, the status of international relations, the evolution of the world economy as well as national economies. Further researches should be focused on how the status of peace in the countries impacts their economic status and the status of international cooperation in other areas of economic cooperation, excluding the military. It should be answered particularly, how the above indicated status affects strengthening the Ukraine's position in the world.

  9. Wide Area Measurement Based Security Assessment & Monitoring of Modern Power System: A Danish Power System Case Study

    DEFF Research Database (Denmark)

    Rather, Zakir Hussain; Chen, Zhe; Thøgersen, Paul

    2013-01-01

    Power System security has become a major concern across the global power system community. This paper presents wide area measurement system (WAMS) based security assessment and monitoring of modern power system. A new three dimensional security index (TDSI) has been proposed for online security...... monitoring of modern power system with large scale renewable energy penetration. Phasor measurement unit (PMU) based WAMS has been implemented in western Danish Power System to realize online security monitoring and assessment in power system control center. The proposed security monitoring system has been...

  10. Usability Testing, User-Centered Design, and LibGuides Subject Guides: A Case Study

    Science.gov (United States)

    Sonsteby, Alec; DeJonghe, Jennifer

    2013-01-01

    Usability testing has become a routine way for many libraries to ensure that their Web presence is user-friendly and accessible. At the same time, popular subject guide creation systems, such as LibGuides, decentralize Web content creation and put authorship into the hands of librarians who may not be trained in user-centered design principles. At…

  11. Space Environment Testing of Photovoltaic Array Systems at NASA's Marshall Space Flight Center

    Science.gov (United States)

    Phillips, Brandon S.; Schneider, Todd A.; Vaughn, Jason A.; Wright, Kenneth H., Jr.

    2015-01-01

    To successfully operate a photovoltaic (PV) array system in space requires planning and testing to account for the effects of the space environment. It is critical to understand space environment interactions not only on the PV components, but also the array substrate materials, wiring harnesses, connectors, and protection circuitry (e.g. blocking diodes). Key elements of the space environment which must be accounted for in a PV system design include: Solar Photon Radiation, Charged Particle Radiation, Plasma, and Thermal Cycling. While solar photon radiation is central to generating power in PV systems, the complete spectrum includes short wavelength ultraviolet components, which photo-ionize materials, as well as long wavelength infrared which heat materials. High energy electron radiation has been demonstrated to significantly reduce the output power of III-V type PV cells; and proton radiation damages material surfaces - often impacting coverglasses and antireflective coatings. Plasma environments influence electrostatic charging of PV array materials, and must be understood to ensure that long duration arcs do not form and potentially destroy PV cells. Thermal cycling impacts all components on a PV array by inducing stresses due to thermal expansion and contraction. Given such demanding environments, and the complexity of structures and materials that form a PV array system, mission success can only be ensured through realistic testing in the laboratory. NASA's Marshall Space Flight Center has developed a broad space environment test capability to allow PV array designers and manufacturers to verify their system's integrity and avoid costly on-orbit failures. The Marshall Space Flight Center test capabilities are available to government, commercial, and university customers. Test solutions are tailored to meet the customer's needs, and can include performance assessments, such as flash testing in the case of PV cells.

  12. IT security standards for the digitalization of the energy transition; IT-Sicherheitsstandards fuer die Digitalisierung der Energiewende

    Energy Technology Data Exchange (ETDEWEB)

    Laupichler, Dennis [Bundesamt fuer Sicherheit in der Informationstechnik, Bonn (Germany). Referat D 11, Cyber-Sicherheit in der Digitalisierung

    2016-12-15

    Intelligent measuring systems are important components in the intelligent net and require security and privacy by design in this critical infrastructure. The smart meter gateway as secure communication platform makes the digital sector coupling possible and becomes the driver for innovations of the digitalization. The protection profiles and the technical rules of the BSI as essential part of the law for the digitalization of the energy transition guarantee a great amount of data protection and data security and provide a unique security standard in the future energy supply system. The data -protection concept of the intelligent measuring system regards a calibration-law conformal data processing and star-shaped data dispatch of the gateway. By this both a traceability and a transparency for the final user is guaranteed and the handling of the data in the sense of the data sovereignty is also technically enforced. For the evidences of compliance of the protection profiles and the technical rules correponding tests in approved test centers with final certification by the BSI are performed. The law for the digitalization of the energy transition makes the first important step to an innovative, digital infrastructure of the intelligent net. By the legal framework additionally a base is created, in order to perform a progressive development of the security targets of the BSI both for intelligent measuring systems as for further important system components of the intelligent energy net via a roadmap for the digitalization. In connection with the technical standards of the BSI the law creates the necessary legal certainty and realizes the aim pursued in the coalition treaty to regulate binding framework conditions for the secure and data-protection conformal application of intelligent measuring systems for diversified application cases in the intelligent net.

  13. Survey on Security Issues in File Management in Cloud Computing Environment

    Science.gov (United States)

    Gupta, Udit

    2015-06-01

    Cloud computing has pervaded through every aspect of Information technology in past decade. It has become easier to process plethora of data, generated by various devices in real time, with the advent of cloud networks. The privacy of users data is maintained by data centers around the world and hence it has become feasible to operate on that data from lightweight portable devices. But with ease of processing comes the security aspect of the data. One such security aspect is secure file transfer either internally within cloud or externally from one cloud network to another. File management is central to cloud computing and it is paramount to address the security concerns which arise out of it. This survey paper aims to elucidate the various protocols which can be used for secure file transfer and analyze the ramifications of using each protocol.

  14. Secure and Efficient Data Transmission over Body Sensor and Wireless Networks

    Directory of Open Access Journals (Sweden)

    Madhur Sikri

    2008-09-01

    Full Text Available This paper addresses the transmission of medical and context-aware data from mobile patients to healthcare centers over heterogeneous wireless networks. A handheld device, called personal wireless hub (PWH, of each mobile patient first gathers and aggregates the vital sign and context-aware data for various telemedicine applications. PWH transmits the aggregated data to the remote healthcare center over multiple wireless interfaces such as cellular, WLAN, and WiMAX. The aggregated data contain both periodic data and those nonperiodic unpredictable emergency messages that are sporadic and delayintolerant. This paper addresses the problem of providing QoS (e.g., minimum delay, sufficient data rate, acceptable blocking, and/or dropping rate by designing a packet scheduling and channel/network allocation algorithm over wireless networks. The proposed resource-efficient QoS mechanism is simple and collaborates with an adaptive security algorithm. The QoS and security are achieved mainly with the collaboration of differentiator, delay monitor, data classifier, and scheduler modules within the PWH. This paper also discusses secure data transmission over body sensor networks by introducing key establishment and management algorithms. Simulation results show that the proposed framework achieves low-blocking probability, meets delay requirements, and provides energy-efficient secure communication for the combination of vital signs and context-aware data.

  15. Secure and Efficient Data Transmission over Body Sensor and Wireless Networks

    Directory of Open Access Journals (Sweden)

    Challa Narasimha

    2008-01-01

    Full Text Available Abstract This paper addresses the transmission of medical and context-aware data from mobile patients to healthcare centers over heterogeneous wireless networks. A handheld device, called personal wireless hub (PWH, of each mobile patient first gathers and aggregates the vital sign and context-aware data for various telemedicine applications. PWH transmits the aggregated data to the remote healthcare center over multiple wireless interfaces such as cellular, WLAN, and WiMAX. The aggregated data contain both periodic data and those nonperiodic unpredictable emergency messages that are sporadic and delayintolerant. This paper addresses the problem of providing QoS (e.g., minimum delay, sufficient data rate, acceptable blocking, and/or dropping rate by designing a packet scheduling and channel/network allocation algorithm over wireless networks. The proposed resource-efficient QoS mechanism is simple and collaborates with an adaptive security algorithm. The QoS and security are achieved mainly with the collaboration of differentiator, delay monitor, data classifier, and scheduler modules within the PWH. This paper also discusses secure data transmission over body sensor networks by introducing key establishment and management algorithms. Simulation results show that the proposed framework achieves low-blocking probability, meets delay requirements, and provides energy-efficient secure communication for the combination of vital signs and context-aware data.

  16. Karlsruhe nuclear research center. Main activities

    International Nuclear Information System (INIS)

    The article reports on problems of securing the fuel supply for nuclear power generation, on reprocessing and ultimate storage of radioactive material, on the safety of nuclear facilities, on new technologies and basic research, and on the infrastructure of the Karlsruhe nuclear research center, as well as finance and administration. (HK) [de

  17. Development of the Nordic Bioeconomy: NCM reporting: Test centers for green energy solutions - Biorefineries and business needs

    DEFF Research Database (Denmark)

    Lange, Lene; Björnsdóttir, Bryndís; Brandt, Asbjørn

    In 2014 the Nordic Council of Ministers initiated a new bioeconomy project: “Test centers for green energy solutions – Biorefineries and Busi-ness needs”. The purpose was to strengthen green growth in the area of the bioeconomy by analyzing and mapping the current status of the bio-economy in the......In 2014 the Nordic Council of Ministers initiated a new bioeconomy project: “Test centers for green energy solutions – Biorefineries and Busi-ness needs”. The purpose was to strengthen green growth in the area of the bioeconomy by analyzing and mapping the current status of the bio...

  18. ADVANCED SECURE EXAM MANAGEMENT SYSTEM THROUGH QR CODE BASED AUTHENTICATION

    OpenAIRE

    MR. OMKAR RAJENDRA URUNKAR , PROF. S. A. JOSHI

    2018-01-01

    M-Learning has enhanced the e-learning by making the learning process learner-centered. However, obligating exam security in environments which are open, every student has devices or Laptop connected to a Wi-Fi network or internet.

  19. Performance Test of CCTV in a Test Field

    Energy Technology Data Exchange (ETDEWEB)

    Seo, Hyung Min [Korea Institute of Nuclear Nonproliferation and Control, Daejeon (Korea, Republic of)

    2011-10-15

    On April 12-13, 2010, US President Obama hosted a Nuclear Security Summit in Washington, DC, to enhance international cooperation to prevent nuclear terrorism, an issue which he has identified as the most immediate and extreme threat to global security. The Summit focused on the security of nuclear materials, nonproliferation, disarmament, and peaceful nuclear energy. At the summit, the Republic of Korea was chosen as the host of the next Summit in 2012. This series of events reflects the growing global interest on 'Nuclear Security' and as the host country of the next Nuclear Summit it is the time for Korea to strengthen the physical protection regime for nuclear facilities as a first step of securing its nuclear security capability. KINAC has been operating Test field as a mean of preparing solid backup data for reviewing and revising DBT (Design Basis Threat) and to test components of the conventional physical protection system. CCTV is a key component which is used worldwide for the assessment measure of alarms. In terms of performance test of CCTV, there are several elements such as image quality, coverage and mechanical features (speed of zoom-in-out, capture, angle shift etc.). Speaking of image quality acquired by the CCTV, the quality is subject to resolution, monitor specification, camera housing, camera mounting and lightening. Thus it is clear that performance tests on image quality should consider those factors and vary the factors respectively in order to verify the influence and the interaction among those. Nevertheless due to the restrictions of the current Test field, this paper focuses on the image quality through resolution test under the various lightening conditions

  20. Tried & Tested. Ideas from Teacher Centers in the Southeast.

    Science.gov (United States)

    Bohstedt, Jinx, Ed.; Eisenmann-Donahue, Pat, Ed.

    Throughout the southeastern United States, teacher centers share much in common. The conceptual framework of teachers helping teachers inspires the development of resources and services which are similar whether the center serves a large district or only a few schools. Although the teacher centers share similar philosophies, concerns, successes,…

  1. An Evaluation of North Korea’s Nuclear Test by Belbasi Nuclear Tests Monitoring Center-KOERI

    Science.gov (United States)

    Necmioglu, O.; Meral Ozel, N.; Semin, K.

    2009-12-01

    Bogazici University and Kandilli Observatory and Earthquake Research Institute (KOERI) is acting as the Turkish National Data Center (NDC) and responsible for the operation of the International Monitoring System (IMS) Primary Seismic Station (PS-43) under Belbasi Nuclear Tests Monitoring Center for the verification of compliance with the Comprehensive Nuclear-Test-Ban Treaty (CTBT) since February 2000. The NDC is responsible for operating two arrays which are part of the IMS, as well as for transmitting data from these stations to the International Data Centre (IDC) in Vienna. The Belbasi array was established in 1951, as a four-element (Benioff 1051) seismic array as part of the United States Atomic Energy Detection System (USAEDS). Turkish General Staff (TGS) and U.S. Air Force Technical Application Center (AFTAC) under the Defense and Economic Cooperation Agreement (DECA) jointly operated this short period array. The station was upgraded and several seismometers were added to array during 1951 and 1994 and the station code was changed from BSRS (Belbasi Seismic Research Station) to BRTR-PS43 later on. PS-43 is composed of two sub-arrays (Ankara and Keskin): the medium-period array with a ~40 km radius located in Ankara and the short-period array with a ~3 km radius located in Keskin. Each array has a broadband element located at the middle of the circular geometry. Short period instruments are installed at depth 30 meters from the surface while medium and broadband instruments are installed at depth 60 meters from surface. On 25 May 2009, The Democratic People’s Republic of Korea (DPRK) claimed that it had conducted a nuclear test. Corresponding seismic event was recorded by IMS and IDC released first automatic estimation of time (00:54:43 GMT), location (41.2896°N and 129.0480°E) and the magnitude (4.52 mb) of the event in less than two hours time (USGS: 00:54:43 GMT; 41.306°N, 129.029°E; 4.7 mb) During our preliminary analysis of the 25th May 2009 DPRK

  2. Space Station Environmental Control and Life Support System Test Facility at Marshall Space Flight Center

    Science.gov (United States)

    Springer, Darlene

    1989-01-01

    Different aspects of Space Station Environmental Control and Life Support System (ECLSS) testing are currently taking place at Marshall Space Flight Center (MSFC). Unique to this testing is the variety of test areas and the fact that all are located in one building. The north high bay of building 4755, the Core Module Integration Facility (CMIF), contains the following test areas: the Subsystem Test Area, the Comparative Test Area, the Process Material Management System (PMMS), the Core Module Simulator (CMS), the End-use Equipment Facility (EEF), and the Pre-development Operational System Test (POST) Area. This paper addresses the facility that supports these test areas and briefly describes the testing in each area. Future plans for the building and Space Station module configurations will also be discussed.

  3. Health consequences of shift-work: the case of iranian hospital security personnel.

    Science.gov (United States)

    Abedini, Roghayeh; Soltanzadeh, Ahmad; Faghih, Mohammad Amin; Mohammadi, Heidar; Kamalinia, Mojtaba; Mohraz, Majid Habibi; Arassi, Maziyar; Veyseh, Peyman Piran; Aghaei, Hamed; Hosseini, Seyed Younes

    2015-01-01

    Shift-work, which is an ergonomics issue in workplaces, can negatively affect workers. The security personnel of medical centers in Iran have multiple responsibilities and consequently are exposed to such unwanted situations as observing patients, disputing with patient's attendants, unwanted shift schedules, and being away from family for long periods. This study assessed health problems of Iranian hospital security personnel (shift-worker personnel) using the Survey of Shift-workers (SOS) questionnaire (Persian version). This cross-sectional study was conducted in seven medical centers (4 hospitals and 3 clinics). A total of 416 workers were surveyed: shift-workers (exposed group) (n=209) and non-shift-workers (unexposed group) (n=207). The prevalence of adverse health effects was higher in shift-workers than day-workers. The level of education and mean Body Mass Index (BMI) in shift-workers were significantly higher compared with day-workers. The prevalence of gastrointestinal disorders, cardiovascular and psychological problems were also significantly higher in shift-workers compared with day-workers. Overall, the prevalence of health problems among the security personnel of medical centers was high. Hence, it is recommended that personnel be put under periodic monitoring and receive medical counseling and treatment if there is any disorder.

  4. A Model of Managerial Effectiveness in Information Security: From Grounded Theory to Empirical Test

    National Research Council Canada - National Science Library

    Knapp, Kenneth J

    2005-01-01

    Information security is a critical issue facing organizations worldwide. in order to mitigate risk and protect valuable information, organizations need to operate and manage effective information security programs...

  5. The Development of the Acoustic Design of NASA Glenn Research Center's New Reverberant Acoustic Test Facility

    Science.gov (United States)

    Hughes, William O.; McNelis, Mark E.; Hozman, Aron D.; McNelis, Anne M.

    2011-01-01

    The National Aeronautics and Space Administration (NASA) Glenn Research Center (GRC) is leading the design and build of the new world-class vibroacoustic test capabilities at the NASA GRC s Plum Brook Station in Sandusky, Ohio. Benham Companies, LLC is currently constructing modal, base-shake sine and reverberant acoustic test facilities to support the future testing needs of NASA s space exploration program. The large Reverberant Acoustic Test Facility (RATF) will be approximately 101,000 ft3 in volume and capable of achieving an empty chamber acoustic overall sound pressure level (OASPL) of 163 dB. This combination of size and acoustic power is unprecedented amongst the world s known active reverberant acoustic test facilities. The key to achieving the expected acoustic test spectra for a range of many NASA space flight environments in the RATF is the knowledge gained from a series of ground acoustic tests. Data was obtained from several NASA-sponsored test programs, including testing performed at the National Research Council of Canada s acoustic test facility in Ottawa, Ontario, Canada, and at the Redstone Technical Test Center acoustic test facility in Huntsville, Alabama. The majority of these tests were performed to characterize the acoustic performance of the modulators (noise generators) and representative horns that would be required to meet the desired spectra, as well as to evaluate possible supplemental gas jet noise sources. The knowledge obtained in each of these test programs enabled the design of the RATF sound generation system to confidently advance to its final acoustic design and subsequent on-going construction.

  6. 77 FR 44641 - President's National Security Telecommunications Advisory Committee

    Science.gov (United States)

    2012-07-30

    ... its business. ADDRESSES: The meeting will be held via a conference call. For access to the [[Page... of their review of the Department of Homeland Security's (DHS) National Cybersecurity and... the NSTAC's proposed Joint Collaboration Center that the NSTAC envisioned in its 2009 Cybersecurity...

  7. Test Program for Stirling Radioisotope Generator Hardware at NASA Glenn Research Center

    Science.gov (United States)

    Lewandowski, Edward J.; Bolotin, Gary S.; Oriti, Salvatore M.

    2015-01-01

    Stirling-based energy conversion technology has demonstrated the potential of high efficiency and low mass power systems for future space missions. This capability is beneficial, if not essential, to making certain deep space missions possible. Significant progress was made developing the Advanced Stirling Radioisotope Generator (ASRG), a 140-W radioisotope power system. A variety of flight-like hardware, including Stirling convertors, controllers, and housings, was designed and built under the ASRG flight development project. To support future Stirling-based power system development NASA has proposals that, if funded, will allow this hardware to go on test at the NASA Glenn Research Center. While future flight hardware may not be identical to the hardware developed under the ASRG flight development project, many components will likely be similar, and system architectures may have heritage to ASRG. Thus, the importance of testing the ASRG hardware to the development of future Stirling-based power systems cannot be understated. This proposed testing will include performance testing, extended operation to establish an extensive reliability database, and characterization testing to quantify subsystem and system performance and better understand system interfaces. This paper details this proposed test program for Stirling radioisotope generator hardware at NASA Glenn. It explains the rationale behind the proposed tests and how these tests will meet the stated objectives.

  8. Aircraft Engine Noise Research and Testing at the NASA Glenn Research Center

    Science.gov (United States)

    Elliott, Dave

    2015-01-01

    The presentation will begin with a brief introduction to the NASA Glenn Research Center as well as an overview of how aircraft engine noise research fits within the organization. Some of the NASA programs and projects with noise content will be covered along with the associated goals of aircraft noise reduction. Topics covered within the noise research being presented will include noise prediction versus experimental results, along with engine fan, jet, and core noise. Details of the acoustic research conducted at NASA Glenn will include the test facilities available, recent test hardware, and data acquisition and analysis methods. Lastly some of the actual noise reduction methods investigated along with their results will be shown.

  9. Dual-Level Security based Cyclic18 Steganographic Method and its Application for Secure Transmission of Keyframes during Wireless Capsule Endoscopy.

    Science.gov (United States)

    Muhammad, Khan; Sajjad, Muhammad; Baik, Sung Wook

    2016-05-01

    In this paper, the problem of secure transmission of sensitive contents over the public network Internet is addressed by proposing a novel data hiding method in encrypted images with dual-level security. The secret information is divided into three blocks using a specific pattern, followed by an encryption mechanism based on the three-level encryption algorithm (TLEA). The input image is scrambled using a secret key, and the encrypted sub-message blocks are then embedded in the scrambled image by cyclic18 least significant bit (LSB) substitution method, utilizing LSBs and intermediate LSB planes. Furthermore, the cover image and its planes are rotated at different angles using a secret key prior to embedding, deceiving the attacker during data extraction. The usage of message blocks division, TLEA, image scrambling, and the cyclic18 LSB method results in an advanced security system, maintaining the visual transparency of resultant images and increasing the security of embedded data. In addition, employing various secret keys for image scrambling, data encryption, and data hiding using the cyclic18 LSB method makes the data recovery comparatively more challenging for attackers. Experimental results not only validate the effectiveness of the proposed framework in terms of visual quality and security compared to other state-of-the-art methods, but also suggest its feasibility for secure transmission of diagnostically important keyframes to healthcare centers and gastroenterologists during wireless capsule endoscopy.

  10. Secure, Network-Centric Operations of a Space-Based Asset: Cisco Router in Low Earth Orbit (CLEO) and Virtual Mission Operations Center (VMOC)

    Science.gov (United States)

    Ivancic, William; Stewart, Dave; Shell, Dan; Wood, Lloyd; Paulsen, Phil; Jackson, Chris; Hodgson, Dave; Notham, James; Bean, Neville; Miller, Eric

    2005-01-01

    This report documents the design of network infrastructure to support operations demonstrating the concept of network-centric operations and command and control of space-based assets. These demonstrations showcase major elements of the Transformal Communication Architecture (TCA), using Internet Protocol (IP) technology. These demonstrations also rely on IP technology to perform the functions outlined in the Consultative Committee for Space Data Systems (CCSDS) Space Link Extension (SLE) document. A key element of these demonstrations was the ability to securely use networks and infrastructure owned and/or controlled by various parties. This is a sanitized technical report for public release. There is a companion report available to a limited audience. The companion report contains detailed networking addresses and other sensitive material and is available directly from William Ivancic at Glenn Research Center.

  11. Efficient Secure and Privacy-Preserving Route Reporting Scheme for VANETs

    Science.gov (United States)

    Zhang, Yuanfei; Pei, Qianwen; Dai, Feifei; Zhang, Lei

    2017-10-01

    Vehicular ad-hoc network (VANET) is a core component of intelligent traffic management system which could provide various of applications such as accident prediction, route reporting, etc. Due to the problems caused by traffic congestion, route reporting becomes a prospective application which can help a driver to get optimal route to save her travel time. Before enjoying the convenience of route reporting, security and privacy-preserving issues need to be concerned. In this paper, we propose a new secure and privacy-preserving route reporting scheme for VANETs. In our scheme, only an authenticated vehicle can use the route reporting service provided by the traffic management center. Further, a vehicle may receive the response from the traffic management center with low latency and without violating the privacy of the vehicle. Experiment results show that our scheme is much more efficiency than the existing one.

  12. Space Environmental Effects Testing Capability at the Marshall Space Flight Center

    Science.gov (United States)

    DeWittBurns, H.; Craven, Paul; Finckenor, Miria; Nehls, Mary; Schneider, Todd; Vaughn, Jason

    2012-01-01

    Understanding the effects of the space environment on materials and systems is fundamental and essential for mission success. If not properly understood and designed for, the effects of the environment can lead to degradation of materials, reduction of functional lifetime, and system failure. In response to this need, the Marshall Space Flight Center has developed world class Space Environmental Effects (SEE) expertise and test facilities to simulate the space environment. Capabilities include multiple unique test systems comprising the most complete SEE testing capability available. These test capabilities include charged particle radiation (electrons, protons, ions), ultraviolet radiation (UV), vacuum ultraviolet radiation (VUV), atomic oxygen, plasma effects, space craft charging, lunar surface and planetary effects, vacuum effects, and hypervelocity impacts as well as the combination of these capabilities. In addition to the uniqueness of the individual test capabilities, MSFC is the only NASA facility where the effects of the different space environments can be tested in one location. Combined with additional analytical capabilities for pre- and post-test evaluation, MSFC is a one-stop shop for materials testing and analysis. The SEE testing and analysis are performed by a team of award winning experts nationally recognized for their contributions in the study of the effects of the space environment on materials and systems. With this broad expertise in space environmental effects and the variety of test systems and equipment available, MSFC is able to customize tests with a demonstrated ability to rapidly adapt and reconfigure systems to meet customers needs. Extensive flight experiment experience bolsters this simulation and analysis capability with a comprehensive understanding of space environmental effects.

  13. The Role of the Press in Public Security

    Directory of Open Access Journals (Sweden)

    Robson Sávio Reis Souza

    2007-06-01

    Full Text Available The sensational increase in violent criminality in recent years has placed the question of public security on the social agenda. Formerly a matter restricted to a few actors, now the topic of public security has become the center of discussion in an affl icted society in the midst of a notorious increase in violence and criminality. The result of the referendum on the prohibition of the sale of fi rearms and ammunition amplifi ed an obvious popular clamor demanding consistent, lasting and clear measures in the combating and prevention of crime. The media, perceiving the importance of this historic moment (and mainly the power to vocalize this demand of the middle class – their major consumer – has deepened the discussion on this issue, organizing in an increasingly more constant way coverage of public security.

  14. Confidentiality, privacy, and security of genetic and genomic test information in electronic health records: points to consider.

    Science.gov (United States)

    McGuire, Amy L; Fisher, Rebecca; Cusenza, Paul; Hudson, Kathy; Rothstein, Mark A; McGraw, Deven; Matteson, Stephen; Glaser, John; Henley, Douglas E

    2008-07-01

    As clinical genetics evolves, and we embark down the path toward more personalized and effective health care, the amount, detail, and complexity of genetic/genomic test information within the electronic health record will increase. This information should be appropriately protected to secure the trust of patients and to support interoperable electronic health information exchange. This article discusses characteristics of genetic/genomic test information, including predictive capability, immutability, and uniqueness, which should be considered when developing policies about information protection. Issues related to "genetic exceptionalism"; i.e., whether genetic/genomic test information should be treated differently from other medical information for purposes of data access and permissible use, are also considered. These discussions can help guide policy that will facilitate the biological and clinical resource development to support the introduction of this information into health care.

  15. Analysis on the security of cloud computing

    Science.gov (United States)

    He, Zhonglin; He, Yuhua

    2011-02-01

    Cloud computing is a new technology, which is the fusion of computer technology and Internet development. It will lead the revolution of IT and information field. However, in cloud computing data and application software is stored at large data centers, and the management of data and service is not completely trustable, resulting in safety problems, which is the difficult point to improve the quality of cloud service. This paper briefly introduces the concept of cloud computing. Considering the characteristics of cloud computing, it constructs the security architecture of cloud computing. At the same time, with an eye toward the security threats cloud computing faces, several corresponding strategies are provided from the aspect of cloud computing users and service providers.

  16. Almaraz ovation control system security

    International Nuclear Information System (INIS)

    Madronal Rodriguez, E.; Anderson, E.; Jimenez Diaz, J.; Carrasco Mateos, J. A.

    2013-01-01

    Improving the security of a plant's Distributed Control System (DCS) is an important consideration for plant safety and profitability, as well as the necessity to comply with the regulation. The U.S. Nuclear Regulatory Commission has produced Regulatory Guide (RG) 5.71, and the Nuclear Energy Institute (NEI) has produced NEI 08-09 to assist plants in meeting 10 CFR 73.54, Protection of digital computer and communication systems and networks. These requirements, which address the establishment, implementation and maintenance of a cyber security program, present challenges to ensure that safety, security and emergency preparedness functions of nuclear facilities are not negatively impacted by the vulnerability scanning and testing process.

  17. Social influence in child care centers: a test of the theory of normative social behavior.

    Science.gov (United States)

    Lapinski, Maria Knight; Anderson, Jenn; Shugart, Alicia; Todd, Ewen

    2014-01-01

    Child care centers are a unique context for studying communication about the social and personal expectations about health behaviors. The theory of normative social behavior (TNSB; Rimal & Real, 2005 ) provides a framework for testing the role of social and psychological influences on handwashing behaviors among child care workers. A cross-sectional survey of child care workers in 21 centers indicates that outcome expectations and group identity increase the strength of the relationship between descriptive norms and handwashing behavior. Injunctive norms also moderate the effect of descriptive norms on handwashing behavior such that when strong injunctive norms are reported, descriptive norms are positively related to handwashing, but when weak injunctive norms are reported, descriptive norms are negatively related to handwashing. The findings suggest that communication interventions in child care centers can focus on strengthening injunctive norms in order to increase handwashing behaviors in child care centers. The findings also suggest that the theory of normative social behavior can be useful in organizational contexts.

  18. Corrective Action Investigation Plan for Corrective Action Unit 541: Small Boy Nevada National Security Site and Nevada Test and Training Range, Nevada with ROTC 1

    Energy Technology Data Exchange (ETDEWEB)

    Matthews, Patrick [Navarro-Intera, LLC (N-I), Las Vegas, NV (United States)

    2014-09-01

    Corrective Action Unit (CAU) 541 is co-located on the boundary of Area 5 of the Nevada National Security Site and Range 65C of the Nevada Test and Training Range, approximately 65 miles northwest of Las Vegas, Nevada. CAU 541 is a grouping of sites where there has been a suspected release of contamination associated with nuclear testing. This document describes the planned investigation of CAU 541, which comprises the following corrective action sites (CASs): 05-23-04, Atmospheric Tests (6) - BFa Site; 05-45-03, Atmospheric Test Site - Small Boy. These sites are being investigated because existing information on the nature and extent of potential contamination is insufficient to evaluate and recommend corrective action alternatives (CAAs). Additional information will be obtained by conducting a corrective action investigation before evaluating CAAs and selecting the appropriate corrective action for each CAS. The results of the field investigation will support a defensible evaluation of viable CAAs that will be presented in the investigation report. The sites will be investigated based on the data quality objectives (DQOs) developed on April 1, 2014, by representatives of the Nevada Division of Environmental Protection; U.S. Air Force; and the U.S. Department of Energy (DOE), National Nuclear Security Administration Nevada Field Office. The DQO process was used to identify and define the type, amount, and quality of data needed to develop and evaluate appropriate corrective actions for CAU 541. The site investigation process also will be conducted in accordance with the Soils Activity Quality Assurance Plan, which establishes requirements, technical planning, and general quality practices to be applied to this activity. The potential contamination sources associated with CASs 05-23-04 and 05-45-03 are from nuclear testing activities conducted at the Atmospheric Tests (6) - BFa Site and Atmospheric Test Site - Small Boy sites. The presence and nature of

  19. Authorization gives the personnel he/she gives the center he/she gives Isotopes for the acting he/she gives tied functions with the security and the radiological protection

    International Nuclear Information System (INIS)

    Perez Pijuan, S.; Hernandez Alvarez, R.; Peres Reyes, Y.; Venegas Bernal, M.C.

    1998-01-01

    The conception is described used in a center production labelled compound and radiopharmaceuticals for the authorization to the support, operation and supervision personnel The approaches are exposed used to define the excellent positions for the security the installation. The are described the training programs, designed starting from the indentification the specific competitions for each duty station and with particular emphasis in the development gives abilities you practice. It is used for the administration and evaluation gives the programs training the Automated System Administration Programs Training (GESAT)

  20. What is Security? A perspective on achieving security

    Energy Technology Data Exchange (ETDEWEB)

    Atencio, Julian J.

    2014-05-05

    This presentation provides a perspective on achieving security in an organization. It touches upon security as a mindset, ability to adhere to rules, cultivating awareness of the reason for a security mindset, the quality of a security program, willingness to admit fault or acknowledge failure, peer review in security, science as a model that can be applied to the security profession, the security vision, security partnering, staleness in the security program, security responsibilities, and achievement of success over time despite the impossibility of perfection.

  1. DOD/COCOM Water Security Program Strategy Document

    Science.gov (United States)

    2011-04-22

    treatment and disposal. DOD/COCOM Water Security Program Strategy 22 18. Toxic Minerals In regions where there are naturally occurring unsafe...surface hydrologic observations using remote sensing to provide data on precipitation, radiation, temperature, soil moisture, groundwater, snowcover...habitat alteration and aquaculture . 13. Centers for Disease Control (CDC) Works with partners throughout the nation and the world to monitor health

  2. Design of the national health security preparedness index.

    Science.gov (United States)

    Uzun Jacobson, Evin; Inglesby, Tom; Khan, Ali S; Rajotte, James C; Burhans, Robert L; Slemp, Catherine C; Links, Jonathan M

    2014-01-01

    The importance of health security in the United States has been highlighted by recent emergencies such as the H1N1 influenza pandemic, Superstorm Sandy, and the Boston Marathon bombing. The nation's health security remains a high priority today, with federal, state, territorial, tribal, and local governments, as well as nongovernment organizations and the private sector, engaging in activities that prevent, protect, mitigate, respond to, and recover from health threats. The Association of State and Territorial Health Officials (ASTHO), through a cooperative agreement with the Centers for Disease Control and Prevention (CDC) Office of Public Health Preparedness and Response (OPHPR), led an effort to create an annual measure of health security preparedness at the national level. The collaborative released the National Health Security Preparedness Index (NHSPI(™)) in December 2013 and provided composite results for the 50 states and for the nation as a whole. The Index results represent current levels of health security preparedness in a consistent format and provide actionable information to drive decision making for continuous improvement of the nation's health security. The overall 2013 National Index result was 7.2 on the reported base-10 scale, with areas of greater strength in the domains of health surveillance, incident and information management, and countermeasure management. The strength of the Index relies on the interdependencies of the many elements in health security preparedness, making the sum greater than its parts. Moving forward, additional health security-related disciplines and measures will be included alongside continued validation efforts.

  3. Security extension for the Canetti-Krawczyk model in identity-based systems

    Institute of Scientific and Technical Information of China (English)

    LI Xinghua; MA Jianfeng; SangJae Moon

    2005-01-01

    The Canetti-Krawczyk (CK) model is a formalism for the analysis of keyexchange protocols, which can guarantee many security properties for the protocols proved secure by this model. But we find this model lacks the ability to guarantee key generation center (KGC) forward secrecy, which is an important security property for key-agreement protocols based on Identity. The essential reason leading to this weakness is that it does not fully consider the attacker's capabilities. In this paper, the CK model is accordingly extended with a new additional attacker's capability of the KGC corruption in Identity-based systems, which enables it to support KGC forward secrecy.

  4. Evaluation of rapid HIV test kits on whole blood and development of rapid testing algorithm for voluntary testing and counseling centers in Ethiopia.

    Science.gov (United States)

    Tegbaru, Belete; Messele, Tsehaynesh; Wolday, Dawit; Meles, PhD Hailu; Tesema, Desalegn; Birhanu, Hiwot; Tesfaye, Girma; Bond, Kyle B; Martin, Robert; Rayfield, Mark A; Wuhib, Tadesse; Fekadu, Makonnen

    2004-10-01

    Five simple and rapid HIV antibody detection assays viz. Determine, Capillus, Oraquick, Unigold and Hemastrip were evaluated to examine their performance and to develop an alternative rapid test based testing algorithm for voluntary counseling and testing (VCT) in Ethiopia. All the kits were tested on whole blood, plasma and serum. The evaluation had three phases: Primary lab review, piloting at point of service and implementation. This report includes the results of the first two phases. A total of 2,693 specimens (both whole blood and plasma) were included in the evaluation. Results were compared to double Enzyme Linked Immuno-Sorbent Assay (ELISA) system. Discordant EIA results were resolved using Western Blot. The assays had very good sensitivities and specificities, 99-100%, at the two different phases of the evaluation. A 98-100% result agreement was obtained from those tested at VCT centers and National Referral Laboratory for AIDS (NRLA), in the quality control phase of the evaluation. A testing strategy yielding 100% [95% CI; 98.9-100.0] sensitivity was achieved by the sequential use of the three rapid test kits. Direct cost comparison showed serial testing algorithm reduces the cost of testing by over 30% compared to parallel testing in the current situation. Determine, Capillus/Oraquick (presence/absence of frefrigeration) and Unigold were recommended as screening, confirmation and tiebreaker tests, respectively.

  5. Quantitative security and safety analysis with attack-fault trees

    NARCIS (Netherlands)

    Kumar, Rajesh; Stoelinga, Mariëlle Ida Antoinette

    2017-01-01

    Cyber physical systems, like power plants, medical devices and data centers have to meet high standards, both in terms of safety (i.e. absence of unintentional failures) and security (i.e. no disruptions due to malicious attacks). This paper presents attack fault trees (AFTs), a formalism that

  6. Actions Needed to Ensure Scientific and Technical Information is Adequately Reviewed at Goddard Space Flight Center, Johnson Space Center, Langley Research Center, and Marshall Space Flight Center

    Science.gov (United States)

    2008-01-01

    This audit was initiated in response to a hotline complaint regarding the review, approval, and release of scientific and technical information (STI) at Johnson Space Center. The complainant alleged that Johnson personnel conducting export control reviews of STI were not fully qualified to conduct those reviews and that the reviews often did not occur until after the STI had been publicly released. NASA guidance requires that STI, defined as the results of basic and applied scientific, technical, and related engineering research and development, undergo certain reviews prior to being released outside of NASA or to audiences that include foreign nationals. The process includes technical, national security, export control, copyright, and trade secret (e.g., proprietary data) reviews. The review process was designed to preclude the inappropriate dissemination of sensitive information while ensuring that NASA complies with a requirement of the National Aeronautics and Space Act of 1958 (the Space Act)1 to provide for the widest practicable and appropriate dissemination of information resulting from NASA research activities. We focused our audit on evaluating the STI review process: specifically, determining whether the roles and responsibilities for the review, approval, and release of STI were adequately defined and documented in NASA and Center-level guidance and whether that guidance was effectively implemented at Goddard Space Flight Center, Johnson Space Center, Langley Research Center, and Marshall Space Flight Center. Johnson was included in the review because it was the source of the initial complaint, and Goddard, Langley, and Marshall were included because those Centers consistently produce significant amounts of STI.

  7. Test of Hydrogen-Oxygen PEM Fuel Cell Stack at NASA Glenn Research Center

    Science.gov (United States)

    Bents, David J.; Scullin, Vincent J.; Chang, Bei-Jiann; Johnson, Donald W.; Garcia, Christopher P.; Jakupca, Ian J.

    2003-01-01

    This paper describes performance characterization tests of a 64 cell hydrogen oxygen PEM fuel cell stack at NASA Glenn Research Center in February 2003. The tests were part of NASA's ongoing effort to develop a regenerative fuel cell for aerospace energy storage applications. The purpose of the tests was to verify capability of this stack to operate within a regenerative fuel cell, and to compare performance with earlier test results recorded by the stack developer. Test results obtained include polarization performance of the stack at 50 and 100 psig system pressure, and a steady state endurance run at 100 psig. A maximum power output of 4.8 kWe was observed during polarization runs, and the stack sustained a steady power output of 4.0 kWe during the endurance run. The performance data obtained from these tests compare reasonably close to the stack developer's results although some additional spread between best to worst performing cell voltages was observed. Throughout the tests, the stack demonstrated the consistent performance and repeatable behavior required for regenerative fuel cell operation.

  8. EH-GC: An Efficient and Secure Architecture of Energy Harvesting Green Cloud Infrastructure

    Directory of Open Access Journals (Sweden)

    Saurabh Singh

    2017-04-01

    Full Text Available Nowadays, the high power consumption of data centers is the biggest challenge to making cloud computing greener. Many researchers are still seeking effective solutions to reduce or harvest the energy produced at data centers. To address this challenge, we propose a green cloud infrastructure which provides security and efficiency based on energy harvesting (EH-GC. The EH-GC is basically focused on harvesting the heat energy produced by data centers in the Infrastructure-as-a-Service (IaaS infrastructure. A pyroelectric material is used to generate the electric current from heat using the Olsen cycle. In order to achieve efficient green cloud computing, the architecture utilizes a genetic algorithm for proper virtual machine allocation, taking into consideration less Service Level Agreement (SLA violations. The architecture utilizes Multivariate Correlation Analysis (MCA correlation analysis based on a triangular map area generation to detect Denial of Service (DoS attacks in the data center layer of the IaaS. Finally, the experimental analysis is explained based on the energy parameter, which proves that our model is efficient and secure, and that it efficiently reuses the energy emitted from the data center.

  9. Patient Centeredness in Electronic Communication: Evaluation of Patient-to-Health Care Team Secure Messaging

    Science.gov (United States)

    Luger, Tana M; Volkman, Julie E; Rocheleau, Mary; Mueller, Nora; Barker, Anna M; Nazi, Kim M; Houston, Thomas K; Bokhour, Barbara G

    2018-01-01

    Background As information and communication technology is becoming more widely implemented across health care organizations, patient-provider email or asynchronous electronic secure messaging has the potential to support patient-centered communication. Within the medical home model of the Veterans Health Administration (VA), secure messaging is envisioned as a means to enhance access and strengthen the relationships between veterans and their health care team members. However, despite previous studies that have examined the content of electronic messages exchanged between patients and health care providers, less research has focused on the socioemotional aspects of the communication enacted through those messages. Objective Recognizing the potential of secure messaging to facilitate the goals of patient-centered care, the objectives of this analysis were to not only understand why patients and health care team members exchange secure messages but also to examine the socioemotional tone engendered in these messages. Methods We conducted a cross-sectional coding evaluation of a corpus of secure messages exchanged between patients and health care team members over 6 months at 8 VA facilities. We identified patients whose medical records showed secure messaging threads containing at least 2 messages and compiled a random sample of these threads. Drawing on previous literature regarding the analysis of asynchronous, patient-provider electronic communication, we developed a coding scheme comprising a series of a priori patient and health care team member codes. Three team members tested the scheme on a subset of the messages and then independently coded the sample of messaging threads. Results Of the 711 messages coded from the 384 messaging threads, 52.5% (373/711) were sent by patients and 47.5% (338/711) by health care team members. Patient and health care team member messages included logistical content (82.6%, 308/373 vs 89.1%, 301/338), were neutral in tone (70

  10. Metamorphic Testing for Cybersecurity.

    Science.gov (United States)

    Chen, Tsong Yueh; Kuo, Fei-Ching; Ma, Wenjuan; Susilo, Willy; Towey, Dave; Voas, Jeffrey; Zhou, Zhi Quan

    2016-06-01

    Testing is a major approach for the detection of software defects, including vulnerabilities in security features. This article introduces metamorphic testing (MT), a relatively new testing method, and discusses how the new perspective of MT can help to conduct negative testing as well as to alleviate the oracle problem in the testing of security-related functionality and behavior. As demonstrated by the effectiveness of MT in detecting previously unknown bugs in real-world critical applications such as compilers and code obfuscators, we conclude that software testing of security-related features should be conducted from diverse perspectives in order to achieve greater cybersecurity.

  11. Engineering Trade-off Considerations Regarding Design-for-Security, Design-for-Verification, and Design-for-Test

    Science.gov (United States)

    Berg, Melanie; Label, Kenneth

    2018-01-01

    The United States government has identified that application specific integrated circuit (ASIC) and field programmable gate array (FPGA) hardware are at risk from a variety of adversary attacks. This finding affects system security and trust. Consequently, processes are being developed for system mitigation and countermeasure application. The scope of this tutorial pertains to potential vulnerabilities and countermeasures within the ASIC/FPGA design cycle. The presentation demonstrates how design practices can affect the risk for the adversary to: change circuitry, steal intellectual property, and listen to data operations. An important portion of the design cycle is assuring the design is working as specified or as expected. This is accomplished by exhaustive testing of the target design. Alternatively, it has been shown that well established schemes for test coverage enhancement (design-for-verification (DFV) and design-for-test (DFT)) can create conduits for adversary accessibility. As a result, it is essential to perform a trade between robust test coverage versus reliable design implementation. The goal of this tutorial is to explain the evolution of design practices; review adversary accessibility points due to DFV and DFT circuitry insertion (back door circuitry); and to describe common engineering trade-off considerations for test versus adversary threats.

  12. The Quality of Maternal Secure-Base Scripts Predicts Children's Secure-Base Behavior at Home in Three Sociocultural Groups

    Science.gov (United States)

    Vaughn, Brian E.; Coppola, Gabrielle; Verissimo, Manuela; Monteiro, Ligia; Santos, Antonio Jose; Posada, German; Carbonell, Olga A.; Plata, Sandra J.; Waters, Harriet S.; Bost, Kelly K.; McBride, Brent; Shin, Nana; Korth, Bryan

    2007-01-01

    The secure-base phenomenon is central to the Bowlby/Ainsworth theory of attachment and is also central to the assessment of attachment across the lifespan. The present study tested whether mothers' knowledge about the secure-base phenomenon, as assessed using a recently designed wordlist prompt measure for eliciting attachment-relevant stories,…

  13. Future aerospace ground test facility requirements for the Arnold Engineering Development Center

    Science.gov (United States)

    Kirchner, Mark E.; Baron, Judson R.; Bogdonoff, Seymour M.; Carter, Donald I.; Couch, Lana M.; Fanning, Arthur E.; Heiser, William H.; Koff, Bernard L.; Melnik, Robert E.; Mercer, Stephen C.

    1992-01-01

    Arnold Engineering Development Center (AEDC) was conceived at the close of World War II, when major new developments in flight technology were presaged by new aerodynamic and propulsion concepts. During the past 40 years, AEDC has played a significant part in the development of many aerospace systems. The original plans were extended through the years by some additional facilities, particularly in the area of propulsion testing. AEDC now has undertaken development of a master plan in an attempt to project requirements and to plan for ground test and computational facilities over the coming 20 to 30 years. This report was prepared in response to an AEDC request that the National Research Council (NRC) assemble a committee to prepare guidance for planning and modernizing AEDC facilities for the development and testing of future classes of aerospace systems as envisaged by the U.S. Air Force.

  14. Physical Penetration Testing: A Whole New Story in Penetration Testing

    NARCIS (Netherlands)

    Dimkov, T.; Pieters, Wolter

    2011-01-01

    Physical penetration testing plays an important role in assuring a company that the security policies are properly enforced and that the security awareness of the employees is on the appropriate level. In physical penetration tests the tester physically enters restricted locations and directly

  15. Cooperative Monitoring Center Occasional Paper/8: Cooperative Border Security for Jordan: Assessment and Options

    Energy Technology Data Exchange (ETDEWEB)

    Qojas, M.

    1999-03-01

    This document is an analysis of options for unilateral and cooperative action to improve the security of Jordan's borders. Sections describe the current political, economic, and social interactions along Jordan's borders. Next, the document discusses border security strategy for cooperation among neighboring countries and the adoption of confidence-building measures. A practical cooperative monitoring system would consist of hardware for early warning, command and control, communications, and transportation. Technical solutions can expand opportunities for the detection and identification of intruders. Sensors (such as seismic, break-wire, pressure-sensing, etc.) can warn border security forces of intrusion and contribute to the identification of the intrusion and help formulate the response. This document describes conceptual options for cooperation, offering three scenarios that relate to three hypothetical levels (low, medium, and high) of cooperation. Potential cooperative efforts under a low cooperation scenario could include information exchanges on military equipment and schedules to prevent misunderstandings and the establishment of protocols for handling emergency situations or unusual circumstances. Measures under a medium cooperation scenario could include establishing joint monitoring groups for better communications, with hot lines and scheduled meetings. The high cooperation scenario describes coordinated responses, joint border patrols, and sharing border intrusion information. Finally, the document lists recommendations for organizational, technical, and operational initiatives that could be applicable to the current situation.

  16. Report `A field test project for the disaster prevention type photovoltaic power generation (Kobe city, Hyogo prefecture)`; `Bosaigata taiyoko hatsuden field test jigyo (Hyogoken Kobeshi)` hokokusho

    Energy Technology Data Exchange (ETDEWEB)

    NONE

    1996-09-12

    An experiment was conducted on the introduction of the disaster prevention type photovoltaic power system provided with storage batteries to public facilities, etc., considering not only the use of new energy from the environmental aspect, but the emergency use. In fiscal 1995, 5kW-output photovoltaic power systems were installed on the rooftop of Hiyodori and Takamaru regional welfare centers and a 30kW photovoltaic power system on the rooftop of the Hyogo Ward Office. Demonstrative tests of these systems started for collection of various data. Now that the systems were installed at the regional welfare center managed mostly by regional citizens and the ward office which is an administrative office familiar with regional residents, the understanding of and familiarity with the photovoltaic power system were obtained from regional residents, and also people were enlightened on the use of solar energy in such a point as economization of power rates using the interconnected power system. Further, for life supports, it was made possible to secure minimum electric power in emergency and to secure functions of disaster prevention spots. 3 figs.

  17. CAPTCHA – Security affecting User Experience

    Directory of Open Access Journals (Sweden)

    Ruti Gafni

    2016-05-01

    Full Text Available CAPTCHA - Completely Automated Public Turing test to tell Computers and Humans Apart - is a test with the aim to distinguish between malicious automatic software and real users in the era of Cyber security threats. Various types of CAPTCHA tests were developed, in order to address accessibility while implementing security. This research focuses on the users’ attitudes and experiences related to use of the different kinds of tests. A questionnaire accompanied by experiencing five different CAPTCHA tests was performed among 212 users. Response times for each test and rate of success were collected automatically. The findings demonstrate that none of the existing tests are ideal. Although the participants were familiar with the Text-based test, they found it the most frustrating and non-enjoyable. Half of the participants failed in the Arithmetic-based test. While most of the participants found the picture and game based test enjoyable, their response time for those tests was the largest. The age factor was encountered as influencing both the attitude of the user and the performance, while younger users are more tolerant, have a better success rate, and are faster, the elder users found the tests annoying and time-consuming.

  18. Supporting non proliferation and global security efforts

    International Nuclear Information System (INIS)

    Pochon, E.

    2013-01-01

    CEA contributes as a major actor of France's action against nuclear proliferation and to the strengthening of nuclear security at national level as European and International levels, in particular through the support of the IAEA activities in nuclear non proliferation with the French Support Programme for the IAEA safeguards system and security with the contribution to the IAEA Nuclear Security Plan and cooperation projects with the European Commission. The CEA is a French government funded technological research organization, organized around 5 branches: Nuclear Energy, Technological Researches, Defence (DAM), Material Sciences and Life Sciences. Within the scope of its activities, CEA covers most of the research areas and techniques in nuclear non-proliferation and security. The CEA is also the advisor of the French Government on nuclear policy. Treaty monitoring and the development and implementation of non proliferation and global security programs is an important mission of DAM which rely on nuclear weapons manufacture and past testing experience. The programmes on non proliferation and global security carried out to fulfil DAM's mission cover the following areas: development of monitoring and detection methods and equipments, country profiles and nuclear stockpiles assessment, arms control instruments, proliferation resistance of nuclear fuel cycle, monitoring of nuclear tests, operation and maintenance of national detection capabilities and contribution to CTBT verification systems. (A.C.)

  19. COMPUTATIONAL SCIENCE CENTER

    Energy Technology Data Exchange (ETDEWEB)

    DAVENPORT, J.

    2005-11-01

    The Brookhaven Computational Science Center brings together researchers in biology, chemistry, physics, and medicine with applied mathematicians and computer scientists to exploit the remarkable opportunities for scientific discovery which have been enabled by modern computers. These opportunities are especially great in computational biology and nanoscience, but extend throughout science and technology and include, for example, nuclear and high energy physics, astrophysics, materials and chemical science, sustainable energy, environment, and homeland security. To achieve our goals we have established a close alliance with applied mathematicians and computer scientists at Stony Brook and Columbia Universities.

  20. Optimization of airport security lanes

    Science.gov (United States)

    Chen, Lin

    2018-05-01

    Current airport security management system is widely implemented all around the world to ensure the safety of passengers, but it might not be an optimum one. This paper aims to seek a better security system, which can maximize security while minimize inconvenience to passengers. Firstly, we apply Petri net model to analyze the steps where the main bottlenecks lie. Based on average tokens and time transition, the most time-consuming steps of security process can be found, including inspection of passengers' identification and documents, preparing belongings to be scanned and the process for retrieving belongings back. Then, we develop a queuing model to figure out factors affecting those time-consuming steps. As for future improvement, the effective measures which can be taken include transferring current system as single-queuing and multi-served, intelligently predicting the number of security checkpoints supposed to be opened, building up green biological convenient lanes. Furthermore, to test the theoretical results, we apply some data to stimulate the model. And the stimulation results are consistent with what we have got through modeling. Finally, we apply our queuing model to a multi-cultural background. The result suggests that by quantifying and modifying the variance in wait time, the model can be applied to individuals with various habits customs and habits. Generally speaking, our paper considers multiple affecting factors, employs several models and does plenty of calculations, which is practical and reliable for handling in reality. In addition, with more precise data available, we can further test and improve our models.

  1. Almaraz ovation control system security

    Energy Technology Data Exchange (ETDEWEB)

    Madronal Rodriguez, E.; Anderson, E.; Jimenez Diaz, J.; Carrasco Mateos, J. A.

    2013-07-01

    Improving the security of a plant's Distributed Control System (DCS) is an important consideration for plant safety and profitability, as well as the necessity to comply with the regulation. The U.S. Nuclear Regulatory Commission has produced Regulatory Guide (RG) 5.71, and the Nuclear Energy Institute (NEI) has produced NEI 08-09 to assist plants in meeting 10 CFR 73.54, Protection of digital computer and communication systems and networks. These requirements, which address the establishment, implementation and maintenance of a cyber security program, present challenges to ensure that safety, security and emergency preparedness functions of nuclear facilities are not negatively impacted by the vulnerability scanning and testing process.

  2. 77 FR 46099 - Clinical Center; Notice of Meeting

    Science.gov (United States)

    2012-08-02

    ... research operational and funding issues. Place: National Institutes of Health, Building 10, 10 Center Drive... person. In the interest of security, NIH has instituted stringent procedures for entrance onto the NIH campus. All visitor vehicles, including taxicabs, hotel, and airport shuttles will be inspected before...

  3. A Component-Based Approach for Securing Indoor Home Care Applications.

    Science.gov (United States)

    Agirre, Aitor; Armentia, Aintzane; Estévez, Elisabet; Marcos, Marga

    2017-12-26

    eHealth systems have adopted recent advances on sensing technologies together with advances in information and communication technologies (ICT) in order to provide people-centered services that improve the quality of life of an increasingly elderly population. As these eHealth services are founded on the acquisition and processing of sensitive data (e.g., personal details, diagnosis, treatments and medical history), any security threat would damage the public's confidence in them. This paper proposes a solution for the design and runtime management of indoor eHealth applications with security requirements. The proposal allows applications definition customized to patient particularities, including the early detection of health deterioration and suitable reaction (events) as well as security needs. At runtime, security support is twofold. A secured component-based platform supervises applications execution and provides events management, whilst the security of the communications among application components is also guaranteed. Additionally, the proposed event management scheme adopts the fog computing paradigm to enable local event related data storage and processing, thus saving communication bandwidth when communicating with the cloud. As a proof of concept, this proposal has been validated through the monitoring of the health status in diabetic patients at a nursing home.

  4. New secure communication-layer standard for medical image management (ISCL)

    Science.gov (United States)

    Kita, Kouichi; Nohara, Takashi; Hosoba, Minoru; Yachida, Masuyoshi; Yamaguchi, Masahiro; Ohyama, Nagaaki

    1999-07-01

    This paper introduces a summary of the standard draft of ISCL 1.00 which will be published by MEDIS-DC officially. ISCL is abbreviation of Integrated Secure Communication Layer Protocols for Secure Medical Image Management Systems. ISCL is a security layer which manages security function between presentation layer and TCP/IP layer. ISCL mechanism depends on basic function of a smart IC card and symmetric secret key mechanism. A symmetry key for each session is made by internal authentication function of a smart IC card with a random number. ISCL has three functions which assure authentication, confidently and integrity. Entity authentication process is done through 3 path 4 way method using functions of internal authentication and external authentication of a smart iC card. Confidentially algorithm and MAC algorithm for integrity are able to be selected. ISCL protocols are communicating through Message Block which consists of Message Header and Message Data. ISCL protocols are evaluating by applying to regional collaboration system for image diagnosis, and On-line Secure Electronic Storage system for medical images. These projects are supported by Medical Information System Development Center. These project shows ISCL is useful to keep security.

  5. Congestion management considering voltage security of power systems

    International Nuclear Information System (INIS)

    Esmaili, Masoud; Shayanfar, Heidar Ali; Amjady, Nima

    2009-01-01

    Congestion in a power network is turned up due to system operating limits. To relieve congestion in a deregulated power market, the system operator pays to market participants, GENCOs and DISCOs, to alter their active powers considering their bids. After performing congestion management, the network may be operated with a low security level because of hitting some flows their upper limit and some voltages their lower limit. In this paper, a novel congestion management method based on the voltage stability margin sensitivities is introduced. Using the proposed method, the system operator so alleviates the congestion that the network can more retain its security. The proposed method not only makes the system more secure after congestion management than other methods already presented for this purpose but also its cost of providing security is lower than the earlier methods. Test results of the proposed method along with the earlier ones on the New-England test system elaborate the efficiency of the proposed method from the viewpoint of providing a better voltage stability margin and voltage profile as well as a lower security cost. (author)

  6. Flying spin qualities testing of airplane

    Directory of Open Access Journals (Sweden)

    Kostić Čedomir J.

    2015-01-01

    Full Text Available In this paper is presented the theoretical analysis of origins and characteristics of spinning motion. There are precise explanation of every stage spin flight and basic meaning of notion. Personated equation of motion in spin and equitation of motion airplane in settled spin motion, analysis of them and general recommendation for pilots for recovering from spins. Introduced in valid military and civil specifications flight test demonstration requirements for departure resistance and flying stall and spin qualities testing of airplane. Special attention was given on predicting departure, stall and spin susceptibility and theoretical analysis in the name of magnify flight testing security. There are explanation of test equipment and methodology of flying qualities testing of airplanes. Like a support of this theme are described method and results of flight stall and spin qualities testing of airplane G-4(N-62 super see-gull with precise recommendation for pilots for recovering from spins, from TOC SLI VS (Technical testing center, department for fight testing Air Force of Serbia.

  7. A ground-based magnetic survey of Frenchman Flat, Nevada National Security Site and Nevada Test and Training Range, Nevada: data release and preliminary interpretation

    Science.gov (United States)

    Phillips, Jeffrey D.; Burton, Bethany L.; Curry-Elrod, Erika; Drellack, Sigmund

    2014-01-01

    The Nevada National Security Site (NNSS, formerly the Nevada Test Site) is located in southern Nevada approximately 105 kilometers (km) (65 miles) northwest of Las Vegas. Frenchman Flat is a sedimentary basin located on the eastern edge of NNSS and extending eastward into the adjacent Nevada Test and Training Range (NTTR).

  8. Live Operation Data Collection Optimization and Communication for the Domestic Nuclear Detection Office's Rail Test Center

    International Nuclear Information System (INIS)

    Gelston, Gariann M.

    2010-01-01

    For the Domestic Nuclear Detection Office's Rail Test Center (i.e., DNDO's RTC), port operation knowledge with flexible collection tools and technique are essential in both technology testing design and implementation intended for live operational settings. Increased contextual data, flexibility in procedures, and rapid availability of information are keys to addressing the challenges of optimization, validation, and analysis within live operational setting data collection. These concepts need to be integrated into technology testing designs, data collection, validation, and analysis processes. A modified data collection technique with a two phased live operation test method is proposed.

  9. Metamorphic Testing for Cybersecurity

    Science.gov (United States)

    Chen, Tsong Yueh; Kuo, Fei-Ching; Ma, Wenjuan; Susilo, Willy; Towey, Dave; Voas, Jeffrey

    2016-01-01

    Testing is a major approach for the detection of software defects, including vulnerabilities in security features. This article introduces metamorphic testing (MT), a relatively new testing method, and discusses how the new perspective of MT can help to conduct negative testing as well as to alleviate the oracle problem in the testing of security-related functionality and behavior. As demonstrated by the effectiveness of MT in detecting previously unknown bugs in real-world critical applications such as compilers and code obfuscators, we conclude that software testing of security-related features should be conducted from diverse perspectives in order to achieve greater cybersecurity. PMID:27559196

  10. Software for security event management: Development and utilization

    Directory of Open Access Journals (Sweden)

    Aleksandr V. Kuznetcov

    2017-11-01

    Full Text Available We address the challenge to the information security coming from the lack of algorithmic machinery for managing the security events. We start with a mathematical formulation of the problem for a tabular processor by introducing an appropriate target function. Details of corresponding algorithm can be found by following the provided links. We describe our original software module that implements the algorithm for determining the registered security events. The module is based on the tabular processor certified by the Russian Federal Service for Technical and Export Control. We present a control sample for testing the developed module. The sample has the dimension 30x20 and contains 14 choices for threshold values of security events number. The results of the tests comply with the specified boundary conditions and demonstrate a nonlinear dependence of the objective function on the number of registered security events, as well as a nonlinear dependence of the percentage of the detected security event on the total initial number of security events to be registered at the event source. The performance of the module specifically, the central processing unit usage is found acceptable (not exceeding 33%, which allows one to use the software for typical automated workplaces equipped with appropriate tabular processors. Our approach is universal with respect to the application areas.

  11. A Study of Cyber Security Activities for Development of Safety-related Controller

    Energy Technology Data Exchange (ETDEWEB)

    Lee, Myeongkyun; Song, Seunghwan; Yoo, Kwanwoo; Yun, Donghwa [Korea Univ., Seoul (Korea, Republic of)

    2014-05-15

    Nuclear Power Plant Regulatory guide describes the regulatory requirements to implement cyber security activities to ensure that design and operate to respond to cyber threats that exploited to vulnerability of digital-based technologies associated with safety-related digital instrumentation and control systems at nuclear power plants. Cyber security activities coverage is instrumentation and control systems to perform safety functions and digital-based equipment to use development, test, analysis and asset for instrumentation and control systems. Regulatory guidance is required to the cyber security activities that should be performed in each development phase of safety-related controller. Development organization should establish and implement to cyber security plans for responding to cyber threats throughout each lifecycle phase and the result of the cyber security activities should be generated to the documents. In addition, the independent verification and validation organization should perform simulated penetration test for enhancing response capabilities to cyber security threats and development organization should establish and implement response hardening solutions for the cyber security vulnerabilities identified in the simulated penetration test.

  12. A Study of Cyber Security Activities for Development of Safety-related Controller

    International Nuclear Information System (INIS)

    Lee, Myeongkyun; Song, Seunghwan; Yoo, Kwanwoo; Yun, Donghwa

    2014-01-01

    Nuclear Power Plant Regulatory guide describes the regulatory requirements to implement cyber security activities to ensure that design and operate to respond to cyber threats that exploited to vulnerability of digital-based technologies associated with safety-related digital instrumentation and control systems at nuclear power plants. Cyber security activities coverage is instrumentation and control systems to perform safety functions and digital-based equipment to use development, test, analysis and asset for instrumentation and control systems. Regulatory guidance is required to the cyber security activities that should be performed in each development phase of safety-related controller. Development organization should establish and implement to cyber security plans for responding to cyber threats throughout each lifecycle phase and the result of the cyber security activities should be generated to the documents. In addition, the independent verification and validation organization should perform simulated penetration test for enhancing response capabilities to cyber security threats and development organization should establish and implement response hardening solutions for the cyber security vulnerabilities identified in the simulated penetration test

  13. Development of human resource capacity building assistance for nuclear security

    International Nuclear Information System (INIS)

    Nakamura, Yo; Noro, Naoko

    2014-01-01

    The Integrated Support Center for Nuclear Nonproliferation and Nuclear Security (ISCN) of the Japan Atomic Energy Agency (JAEA) has been providing nuclear security human resource development projects targeting at nuclear emerging countries in Asia in cooperation with the authorities concerned including the Sandia National Laboratory (SNL) and the International Atomic Energy Agency (IAEA). In the aftermath of the attacks of Sept. 11, the threat of terrorism was internationally recognized and thus the human resource capacity building is underway as an urgent task. In order to responding to emerging threats, the human resource capacity building that ISCN has implemented thus far needs to be multilaterally analyzed in order to develop more effective training programs. This paper studies ISCN's future direction by analyzing its achievements, as well as introduces the collaborative relationships with SNL that contributes to the reflection and maintenance of international trends for the contents of nuclear security training, the nuclear security enhancement support with which Japan is to provide nuclear emerging countries in Asia, and the achievements of the nuclear security training program that ISCN implemented. (author)

  14. Computer Security: the security marathon, part 2

    CERN Multimedia

    Computer Security Team

    2014-01-01

    Do you recall our latest article on the “Security Marathon” (see here) and why it’s wrong to believe that computer security is a sprint, that a quick hack is invulnerable, that quick bug-fixing is sufficient, that plugging security measures on top of existing structures is a good idea, that once you are secure, your life is cosy?   In fact, security is a marathon for us too. Again and again, we have felt comfortable with the security situation at CERN, with dedicated protections deployed on individual hosts, with the security measures deployed by individual service managers, with the attentiveness and vigilance of our users, and with the responsiveness of the Management. Again and again, however, we subsequently detect or receive reports that this is wrong, that protections are incomplete, that security measures are incomplete, that security awareness has dropped. Thus, unfortunately, we often have to go back to square one and address similar issues over and over...

  15. Sweat test and cystic fibrosis: overview of test performance at public and private centers in the state of São Paulo, Brazil.

    Science.gov (United States)

    Servidoni, Maria Fátima; Gomez, Carla Cristina Souza; Marson, Fernando Augusto Lima; Toro, Adyléia Aparecida Dalbo Contrera; Ribeiro, Maria Ângela Gonçalves de Oliveira; Ribeiro, José Dirceu; Ribeiro, Antônio Fernando

    2017-01-01

    The sweat test (ST) measures chloride levels in sweat and is considered the gold standard for the diagnosis of cystic fibrosis (CF). However, the reliability of a ST depends on their being performed by experienced technicians and in accordance with strict guidelines. Our aim was to evaluate how sweat stimulation, sweat collection, and chloride measurement are performed at 14 centers (9 public centers and 5 private centers) that routinely perform STs in the state of São Paulo, which has the highest frequency of CF in Brazil. This was a cross-sectional cohort study, using a standardized questionnaire administered in loco to the staff responsible for conducting STs. No uniformity regarding the procedures was found among the centers. Most centers were noncompliant with the international guidelines, especially regarding the collection of sweat (the samples were insufficient in 10-50% of the subjects tested); availability of stimulation equipment (which was limited at 2 centers); modernity and certification of stimulation equipment (most of the equipment having been used for 3-23 years); and written protocols (which were lacking at 12 centers). Knowledge of ST guidelines was evaluated at only 1 center. Our results show that STs largely deviate from internationally accepted guidelines at the participating centers. Therefore, there is an urgent need for standardization of STs, training of qualified personnel, and acquisition/certification of suitable equipment. These are essential conditions for a reliable diagnosis of CF, especially with the increasing demand due to newborn screening nationwide, and for the assessment of a possible clinical benefit from the use of modulator drugs. O teste do suor (TS) mede os níveis de cloro no suor e é considerado o padrão ouro para o diagnóstico da fibrose cística (FC). Contudo, a confiabilidade do TS depende de sua realização por técnicos experientes e segundo diretrizes rígidas. Nosso objetivo foi avaliar como s

  16. A transportation security system applying RFID and GPS

    Directory of Open Access Journals (Sweden)

    Ruijian Zhang

    2013-03-01

    Full Text Available Purpose: This paper is about developing a centralized, internet based security tool which utilizes RFID and GPS technology to identify drivers and track the load integrity. Design/methodology/approach: The system will accomplish the security testing in real-time using the internet and the U.S. Customs’ database (ACE. A central database and the interfaces and communication between the database and ACE will be established. After the vehicle is loaded, all openings of the tanker are sealed with disposable RFID tag seals. Findings/value: An RFID reader and GPS tracker wirelessly connected with the databases will serve as testing grounds for the implementation of security measures that can help prevent future terrorist attacks and help in ensuring that the goods and products are not compromised while in transit. The system will also reduce the labor work of security check to its minimum. 

  17. PAPI based federation as a test-bed for a common security infrastructure in EFDA sites

    International Nuclear Information System (INIS)

    Castro, R.; Vega, J.; Portas, A.; Lopez, D.R.; Balme, S.; Theis, J.M.; Lebourg, P.; Fernandes, H.; Neto, A.; Duarte, A.; Oliveira, F.; Reis, F.; Purahoo, K.; Thomsen, K.; Schiller, W.; Kadlecsik, J.

    2008-01-01

    Federated authentication and authorization systems provide several advantages to collaborative environments, for example, easy authentication integration, simpler user management, easier security policy implementation and quicker implementation of access control elements for new type of resources. A federation integrates different aspects that have to be coordinated by all the organizations involved. The most relevant are: definition of common schemas and attributes, definition of common policies and procedures, management of keys and certificates, management of common repositories and implementation of a home location service. A federation enabling collaboration of European sites has been put into operation. Four laboratories have been integrated and two more organizations (EFDA and KFKI/HAS) are finishing their integration. The federation infrastructure is based on Point of Access to Providers of Information (PAPI), a distributed authentication and authorization system. PAPI technology gives some important features, such as, single sign on for accessing to different resources, mobility for users, and compatibility with open and standard technologies: Java, JNLP protocol, XML-RPC and web technologies among others. In this article, the test-bed of EFDA federation is presented. Some examples of resources, securely shared inside the federation, are shown. Specific issues and experience gained in deploying federated collaboration systems will be addressed as well

  18. PAPI based federation as a test-bed for a common security infrastructure in EFDA sites

    Energy Technology Data Exchange (ETDEWEB)

    Castro, R. [Asociacion EURATOM/CIEMAT para Fusion, Madrid (Spain)], E-mail: rodrigo.castro@ciemat.es; Vega, J.; Portas, A. [Asociacion EURATOM/CIEMAT para Fusion, Madrid (Spain); Lopez, D.R. [Departamento RedIRIS, Entidad publica empresarial Red.es, Madrid (Spain); Balme, S.; Theis, J.M.; Lebourg, P. [Association EURATOM-CEA, CEA/DSM/Departement de Recherches sur la Fusion Controlee DRFC, CEA-Cadarache (France); Fernandes, H.; Neto, A.; Duarte, A.; Oliveira, F.; Reis, F. [Centro de Fusao Nuclear, Associacao EURATOM/IST, Lisboa (Portugal); Purahoo, K. [EURATOM/UKAEA Fusion Association, Culham Science Centre, Abingdon OX14 3DB (United Kingdom); Thomsen, K.; Schiller, W. [EFDA Close Support Unit Garching, Max Planck Institut fuer Plasmaphysik, Boltzmannstr. 2, D-85748 Garching (Germany); Kadlecsik, J. [KFKI R.I. for Particle and Nuclear Physics of the Hungarian Academy of Sciences, and the Association EURATOM/HAS, Budapest (Hungary)

    2008-04-15

    Federated authentication and authorization systems provide several advantages to collaborative environments, for example, easy authentication integration, simpler user management, easier security policy implementation and quicker implementation of access control elements for new type of resources. A federation integrates different aspects that have to be coordinated by all the organizations involved. The most relevant are: definition of common schemas and attributes, definition of common policies and procedures, management of keys and certificates, management of common repositories and implementation of a home location service. A federation enabling collaboration of European sites has been put into operation. Four laboratories have been integrated and two more organizations (EFDA and KFKI/HAS) are finishing their integration. The federation infrastructure is based on Point of Access to Providers of Information (PAPI), a distributed authentication and authorization system. PAPI technology gives some important features, such as, single sign on for accessing to different resources, mobility for users, and compatibility with open and standard technologies: Java, JNLP protocol, XML-RPC and web technologies among others. In this article, the test-bed of EFDA federation is presented. Some examples of resources, securely shared inside the federation, are shown. Specific issues and experience gained in deploying federated collaboration systems will be addressed as well.

  19. Challenges in defining a radiologic and hydrologic source term for underground nuclear test centers, Nevada Test Site, Nye County, Nevada

    International Nuclear Information System (INIS)

    Smith, D.K.

    1995-06-01

    The compilation of a radionuclide inventory for long-lived radioactive contaminants residual from nuclear testing provides a partial measure of the radiologic source term at the Nevada Test Site. The radiologic source term also includes potentially mobile short-lived radionuclides excluded from the inventory. The radiologic source term for tritium is known with accuracy and is equivalent to the hydrologic source term within the saturated zone. Definition of the total hydrologic source term for fission and activation products that have high activities for decades following underground testing involves knowledge and assumptions which are presently unavailable. Systematic investigation of the behavior of fission products, activation products and actinides under saturated or Partially saturated conditions is imperative to define a representative total hydrologic source term. This is particularly important given the heterogeneous distribution of radionuclides within testing centers. Data quality objectives which emphasize a combination of measurements and credible estimates of the hydrologic source term are a priority for near-field investigations at the Nevada Test Site

  20. Alternative security

    International Nuclear Information System (INIS)

    Weston, B.H.

    1990-01-01

    This book contains the following chapters: The Military and Alternative Security: New Missions for Stable Conventional Security; Technology and Alternative Security: A Cherished Myth Expires; Law and Alternative Security: Toward a Just World Peace; Politics and Alternative Security: Toward a More Democratic, Therefore More Peaceful, World; Economics and Alternative Security: Toward a Peacekeeping International Economy; Psychology and Alternative Security: Needs, Perceptions, and Misperceptions; Religion and Alternative Security: A Prophetic Vision; and Toward Post-Nuclear Global Security: An Overview

  1. Facilitating Secure Sharing of Personal Health Data in the Cloud.

    Science.gov (United States)

    Thilakanathan, Danan; Calvo, Rafael A; Chen, Shiping; Nepal, Surya; Glozier, Nick

    2016-05-27

    Internet-based applications are providing new ways of promoting health and reducing the cost of care. Although data can be kept encrypted in servers, the user does not have the ability to decide whom the data are shared with. Technically this is linked to the problem of who owns the data encryption keys required to decrypt the data. Currently, cloud service providers, rather than users, have full rights to the key. In practical terms this makes the users lose full control over their data. Trust and uptake of these applications can be increased by allowing patients to feel in control of their data, generally stored in cloud-based services. This paper addresses this security challenge by providing the user a way of controlling encryption keys independently of the cloud service provider. We provide a secure and usable system that enables a patient to share health information with doctors and specialists. We contribute a secure protocol for patients to share their data with doctors and others on the cloud while keeping complete ownership. We developed a simple, stereotypical health application and carried out security tests, performance tests, and usability tests with both students and doctors (N=15). We developed the health application as an app for Android mobile phones. We carried out the usability tests on potential participants and medical professionals. Of 20 participants, 14 (70%) either agreed or strongly agreed that they felt safer using our system. Using mixed methods, we show that participants agreed that privacy and security of health data are important and that our system addresses these issues. We presented a security protocol that enables patients to securely share their eHealth data with doctors and nurses and developed a secure and usable system that enables patients to share mental health information with doctors.

  2. Privacy and security perceptions of european citizens: A test of the trade-off model

    NARCIS (Netherlands)

    Friedewald, M.; Lieshout, M. van; Rung, S.; Ooms, M.; Ypma, J.

    2015-01-01

    This paper considers the relationship between privacy and security and, in particular, the traditional “trade-off” paradigm that argues that citizens might be willing to sacrifice some privacy for more security. Academics have long argued against the trade-off paradigm, but these arguments have

  3. 76 FR 52671 - Clinical Center; Notice of Meeting

    Science.gov (United States)

    2011-08-23

    ... issues. Place: National Institutes of Health, Building 10, 10 Center Drive, CRC Medical Board Room 4-2551... applicable, the business or professional affiliation of the interested person. In the interest of security..., including taxicabs, hotel, and airport shuttles will be inspected before being allowed on campus. Visitors...

  4. Enhanced Survey and Proposal to secure the data in Cloud Computing Environment

    OpenAIRE

    MR.S.SUBBIAH; DR.S.SELVA MUTHUKUMARAN; DR.T.RAMKUMAR

    2013-01-01

    Cloud computing have the power to eliminate the cost of setting high end computing infrastructure. It is a promising area or design to give very flexible architecture, accessible through the internet. In the cloud computing environment the data will be reside at any of the data centers. Due to that, some data center may leak the data stored on there, beyond the reach and control of the users. For this kind of misbehaving data centers, the service providers should take care of the security and...

  5. Security infrastructures: towards the INDECT system security

    OpenAIRE

    Stoianov, Nikolai; Urueña, Manuel; Niemiec, Marcin; Machník, Petr; Maestro, Gema

    2012-01-01

    This paper provides an overview of the security infrastructures being deployed inside the INDECT project. These security infrastructures can be organized in five main areas: Public Key Infrastructure, Communication security, Cryptography security, Application security and Access control, based on certificates and smartcards. This paper presents the new ideas and deployed testbeds for these five areas. In particular, it explains the hierarchical architecture of the INDECT PKI...

  6. Securing your Site in Development and Beyond

    Energy Technology Data Exchange (ETDEWEB)

    Akopov, Mikhail S.

    2018-01-04

    Why wait until production deployment, or even staging and testing deployment to identify security vulnerabilities? Using tools like Burp Suite, you can find security vulnerabilities before they creep up on you. Prevent cross-site scripting attacks, and establish a firmer trust between your website and your client. Verify that Apache/Nginx have the correct SSL Ciphers set. We explore using these tools and more to validate proper Apache/Nginx configurations, and to be compliant with modern configuration standards as part of the development cycle. Your clients can use tools like https://securityheaders.io and https://ssllabs.com to get a graded report on your level of compliance with OWASP Secure Headers Project and SSLLabs recommendations. Likewise, you should always use the same sites to validate your configurations. Burp Suite will find common misconfigurations and will also perform more thorough security testing of your applications. In this session you will see examples of vulnerabilities that were detected early on, as well has how to integrate these practices into your daily workflow.

  7. Computer Security: Protect your plant: a "serious game" about control system cyber-security

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    Control system cyber-security is attracting increasing attention: from cybercriminals, from the media and from security researchers.   After the legendary “Stuxnet” attacks of 2010 against an Iranian uranium enrichment plant, the infiltration of Saudi Aramco in 2012, and most recently the hacking of German blast furnaces, we should be prepared. Just imagine what would happen if hackers turned off the lights in Geneva and the Pays-de-Gex for a month? (“Hacking control systems, switching lights off!"). Or if attackers infiltrated CERN’s accelerator or experiment control systems and stopped us from pursuing our core business: delivering beams and recording particle collisions (“Hacking control systems, switching... accelerators off?"). Now you can test your ability to protect an industrial plant against cyber-threats! The Computer Security Team, in collaboration with Kaspersky Lab, is organising a so-...

  8. 46 CFR 1.03-40 - Appeals from decisions or actions of the National Maritime Center.

    Science.gov (United States)

    2010-10-01

    ... Maritime Center. 1.03-40 Section 1.03-40 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY PROCEDURES... Appeal § 1.03-40 Appeals from decisions or actions of the National Maritime Center. Any person directly affected by a decision or action of an officer or employee of the National Maritime Center (NMC) involving...

  9. Banner prints social security numbers

    Directory of Open Access Journals (Sweden)

    Robbins RA

    2014-02-01

    Full Text Available No abstract available. Article truncated at 150 words. The Monday edition of the Arizona Republic contained a story with potential interest to our readers. On the most recent address labels of Banner Health's magazine, Smart & Healthy, the addressee's Social Security or Medicare identification numbers, which are often identical to their Social Security numbers (1. The magazine was mailed to more than 50,000 recipients in Arizona late last week. The recipients are members of the Medicare Pioneer Accountable Care Organization, a government health-care plan that Banner serves. Banner generated its mailing list from information it received from the U.S. Centers for Medicare & Medicaid Services, which is an agency within the U.S. Department of Health & Human Services (HHS responsible for administration of several federal health-care programs. Although medical information has been protected by the Health Insurance Portability and Accountability Act (HIPAA since 1996, penalties were recently increased. Civil monetary penalties were increased from a maximum of $100 ...

  10. PROBLEMS OF INFORMAT ION SECURITY: INTERNET OF THINGS

    Directory of Open Access Journals (Sweden)

    Stanislav A. Shikov

    2017-03-01

    Full Text Available Introduction: The article deals with the threats to information security in the internetworking of physical devices, also known as Internet of Things (IoT, and the security challenge in terms of home automation systems, ZigBee protocol, Tesla electric cars and Apple Pay mobile payment. Section provides the term definition and history of the Internet of Things. The IEEE 1888 IoT-related standard developed in 2011 as integrated solution based on energy-saving technologies for the Internet of Things. The author considers security challenges for the “smart home” system. Next section reviews the experiments of the author involved in testing of the Internet of Things devices. Materials and Methods: The subjects of study are the Apple Pay, the ZigBee wireless standard, Tesla Model S electric cars. The main methods for identification of security threats are analysis and comparison. Results: The companies of electronic devices simplify and reduce the price of manufacturing process. The customers and users are rarely interested in levels of electronic devices security policies. This is the weakest link of electronic products in terms of security and safety. The tests demonstrated that modern electronic-based technologies do not reach the 100-percentage security level. Apple Pay mobile payment system demonstrated the highest security rating. Discussion and Conclusions: Modern electronic devices for Internet of Things does not meet all safety requirements, from the point of view of the author. The article recommends analyzing the potential threats and developing new security standards. In addition, the logistics of electronic devices for Internet of Things need to be under control from the manufacturer to equipment installation time.

  11. Repeat HIV Testing at Voluntary Testing and Counseling Centers in Croatia: Successful HIV Prevention or Failure to Modify Risk Behaviors?

    Science.gov (United States)

    Matković Puljić, Vlatka; Kosanović Ličina, Mirjana Lana; Kavić, Marija; Nemeth Blažić, Tatjana

    2014-01-01

    HIV testing plays a critical role in preventing the spread of the virus and identifying infected individuals in need of care. Voluntary counseling and testing centers (VCTs) not only conduct testing but they also provide counseling. Since a proportion of people who test negative for HIV on their previous visit will return for retesting, the frequency of retesting and the characteristics of those who retest may provide insights into the efficacy of testing and counseling strategies. In this cross-sectional, retrospective study of 1,482 VCT clients in Croatia in 2010, 44.3% had been tested for HIV before. The rate of repeat HIV testing is lower in Croatia than in other countries. Men who have sex with men (MSM) clients, those with three or more sexual partners in the last 12 months, consistent condom users with steady partners, and intravenous drug users were more likely to be repeat testers. This finding suggests that clients presenting for repeat HIV testing are those who self-identify as being at a higher risk of infection. Our data showed that testing positive for HIV was not associated with repeat testing. However, the effects of repeat testing on HIV epidemiology needs to be explored. PMID:24705595

  12. 41 CFR 102-81.30 - What information must job applicants at child care centers reveal?

    Science.gov (United States)

    2010-07-01

    ... 41 Public Contracts and Property Management 3 2010-07-01 2010-07-01 false What information must... Management Federal Property Management Regulations System (Continued) FEDERAL MANAGEMENT REGULATION REAL PROPERTY 81-SECURITY Security § 102-81.30 What information must job applicants at child care centers reveal...

  13. INFORMATION SECURITY IN MOBILE MODULAR MEASURING SYSTEMS

    Directory of Open Access Journals (Sweden)

    A. N. Tkhishev

    2017-01-01

    Full Text Available A special aspect of aircraft test is carrying out both flight evaluation and ground operation evaluation in a structure of flying aids and special tools equipment. The specific of flight and sea tests involve metering in offshore zone, which excludes the possibility of fixed geodetically related measuring tools. In this regard, the specific role is acquired by shipbased measurement systems, in particular the mobile modular measuring systems. Information processed in the mobile modular measurement systems is a critical resource having a high level of confidentiality. When carrying out their functions, it should be implemented a proper information control of the mobile modular measurement systems to ensure their protection from the risk of data leakage, modification or loss, i.e. to ensure a certain level of information security. Due to the specific of their application it is difficult to solve the problems of information security in such complexes. The intruder model, the threat model, the security requirements generated for fixed informatization objects are not applicable to mobile systems. It was concluded that the advanced mobile modular measuring systems designed for flight experiments monitoring and control should be created due to necessary information protection measures and means. The article contains a diagram of security requirements formation, starting with the data envelopment analysis and ending with the practical implementation. The information security probabilistic model applied to mobile modular measurement systems is developed. The list of current security threats based on the environment and specific of the mobile measurement system functioning is examined. The probabilistic model of the information security evaluation is given. The problems of vulnerabilities transformation of designed information system into the security targets with the subsequent formation of the functional and trust requirements list are examined.

  14. Nation State as Security Provider in Human Security Issue

    OpenAIRE

    Maya Padmi, Made Fitri

    2015-01-01

    Human Security notion is emphasizing on human as the central of security studies, challenging the position of state as the core of security. Some studies are tried to separate the state security and human security, however there are strong connection between these two notions. State has important role in establishing and maintaining the security of its own citizens. Through social contract and social security protection, state are oblige to set the security of its own people as their security...

  15. Security Policy and Developments in Central Asia : Security Documents Compared with Security Challenges

    NARCIS (Netherlands)

    Haas, de M.

    2016-01-01

    This article examines the security policy of the Central Asian (CA) states, by comparing theory (security documents) with practice (the actual security challenges). The lack of CA regional (security) cooperation and authoritarian rule puts political and economic stability at stake. The internal and

  16. Corrective Action Investigation Plan for Corrective Action Unit 105: Area 2 Yucca Flat Atmospheric Test Sites Nevada National Security Site, Nevada, Revision 0

    Energy Technology Data Exchange (ETDEWEB)

    Patrick Matthews

    2012-09-01

    Corrective Action Unit (CAU) 105 is located in Area 2 of the Nevada National Security Site, which is approximately 65 miles northwest of Las Vegas, Nevada. CAU 105 is a geographical grouping of sites where there has been a suspected release of contamination associated with atmospheric nuclear testing. This document describes the planned investigation of CAU 105, which comprises the following corrective action sites (CASs): • 02-23-04, Atmospheric Test Site - Whitney • 02-23-05, Atmospheric Test Site T-2A • 02-23-06, Atmospheric Test Site T-2B • 02-23-08, Atmospheric Test Site T-2 • 02-23-09, Atmospheric Test Site - Turk These sites are being investigated because existing information on the nature and extent of potential contamination is insufficient to evaluate and recommend corrective action alternatives (CAAs). Additional information will be obtained by conducting a corrective action investigation before evaluating CAAs and selecting the appropriate corrective action for each CAS. The results of the field investigation will support a defensible evaluation of viable CAAs that will be presented in the Corrective Action Decision Document. The sites will be investigated based on the data quality objectives (DQOs) developed on April 30, 2012, by representatives of the Nevada Division of Environmental Protection and the U.S. Department of Energy (DOE), National Nuclear Security Administration Nevada Site Office. The DQO process was used to identify and define the type, amount, and quality of data needed to develop and evaluate appropriate corrective actions for CAU 105. The site investigation process will also be conducted in accordance with the Soils Activity Quality Assurance Plan, which establishes requirements, technical planning, and general quality practices to be applied to this activity. The potential contamination sources associated with all CAU 105 CASs are from atmospheric nuclear testing activities. The presence and nature of contamination at CAU

  17. CASP CompTIA Advanced Security Practitioner Study Guide Exam CAS-001

    CERN Document Server

    Gregg, Michael

    2012-01-01

    Get Prepared for CompTIA Advanced Security Practitioner (CASP) Exam Targeting security professionals who either have their CompTIA Security+ certification or are looking to achieve a more advanced security certification, this CompTIA Authorized study guide is focused on the new CompTIA Advanced Security Practitioner (CASP) Exam CAS-001. Veteran IT security expert and author Michael Gregg details the technical knowledge and skills you need to conceptualize, design, and engineer secure solutions across complex enterprise environments. He prepares you for aspects of the certification test that as

  18. Internet Banking Security Strategy: Securing Customer Trust

    OpenAIRE

    Frimpong Twum; Kwaku Ahenkora

    2012-01-01

    Internet banking strategies should enhance customers¡¯ online experiences which are affected by trust and security issues. This study provides perspectives of users and nonusers on internet banking security with a view to understanding trust and security factors in relation to adoption and continuous usage. Perception of internet banking security influenced usage intentions. Nonusers viewed internet banking to be insecure but users perceived it to be secure with perceived ease of use influenc...

  19. Graded Exercise Testing in a Pediatric Weight Management Center: The DeVos Protocol.

    Science.gov (United States)

    Eisenmann, Joey C; Guseman, Emily Hill; Morrison, Kyle; Tucker, Jared; Smith, Lucie; Stratbucker, William

    2015-12-01

    In this article, we describe a protocol used to test the functional capacity of the obese pediatric patient and describe the peak oxygen consumption (VO2peak) of patients seeking treatment at a pediatric weight management center. One hundred eleven (mean age, 12.5 ± 3.0 years) patients performed a multistage exercise test on a treadmill, of which 90 (81%) met end-test criteria and provided valid VO2peak data. Peak VO2 was expressed: (1) in absolute terms (L·min(-1)); (2) as the ratio of the volume of oxygen consumed per minute relative to total body mass (mL·kg(-1)·min(-1)); and (3) as the ratio of the volume of oxygen consumed per minute relative to fat-free mass (mL·FFM·kg(-1)·min(-1)). Mean BMI z-score was 2.4 ± 0.3 and the mean percent body fat was 36.5 ± 9.7%. Absolute VO2peak (L·min(-1)) was significantly different between sexes; however, relative values were similar between sexes. Mean VO2peak was 25.7 ± 4.8 mL·kg(-1)·min(-1) with a range of 13.5-36.7 mL·kg(-1)·min(-1). Obese youth seeking treatment at a stage 3 pediatric weight management center exhibit low VO2peak. The protocol outlined here should serve as a model for similar programs interested in the submaximal and peak responses to exercise in obese pediatric patients.

  20. Attachment security and obesity in US preschool-aged children.

    Science.gov (United States)

    Anderson, Sarah E; Whitaker, Robert C

    2011-03-01

    To estimate the association between attachment security in children aged 24 months and their risk for obesity at 4½ years of age. Insecure attachment is associated with unhealthy physiologic and behavioral responses to stress, which could lead to development of obesity. Cohort study. National sample of US children born in 2001. Children and mothers participating in the 2003 and 2005-2006 waves of the Early Childhood Longitudinal Study, Birth Cohort, conducted by the National Center for Education Statistics. Our analytic sample included 6650 children (76.0% of children assessed in both waves). Attachment security at 24 months was assessed by trained interviewers during observation in the child's home. Insecure attachment was defined as lowest quartile of attachment security, based on the security score from the Toddler Attachment Sort-45 Item. Obesity at 4½ years of age (sex-specific body mass index ≥95th percentile for age). The prevalence of obesity was 23.1% in children with insecure attachment and 16.6% in those with secure attachment. For children with insecure attachment, the odds of obesity were 1.30 (95% confidence interval, 1.05-1.62) times higher than for children with secure attachment after controlling for the quality of mother-child interaction during play, parenting practices related to obesity, maternal body mass index, and sociodemographic characteristics. Insecure attachment in early childhood may be a risk factor for obesity. Interventions to increase children's attachment security should examine the effects on children's weight.

  1. Security incidents on the Internet, 1989--1995

    Energy Technology Data Exchange (ETDEWEB)

    Howard, J.D.

    1995-12-31

    This paper presents an analysis of trends in Internet security based on an investigation of 4,299 Internet security-related incidents reported to the CERT{reg_sign} Coordination Center (CERT{reg_sign}/CC) from 1989 through 1995. Prior to this research, knowledge of actual Internet security incidents was limited and primarily anecdotal. This research: (1) developed a taxonomy to classify Internet attacks and incidents, (2) organized, classified, and analyzed CERT{reg_sign}/CC incident records, (3) summarized the relative frequency of the use of tools and vulnerabilities, success in achieving access, and results of attacks, (4) estimated total Internet incident activity, (5) developed recommendations for Internet users and suppliers, and (6) developed recommendations for future research. With the exception of denial-of-service attacks, security incidents were found to be increasing at a rate less than Internet growth. Estimates showed that most, if not all, severe incidents were reported to the CERT{reg_sign}/CC, and that more than one out of three above average incidents (in terms of duration and number of sites) were reported. Estimates also indicated that a typical Internet site was involved in, at most, around one incident (of any kind) per year, and a typical Internet host in, at most, around one incident in 45 years. The probability of unauthorized privileged access was around an order of magnitude less likely. As a result, simple and reasonable security precautions should be sufficient for most Internet users.

  2. User-centered design

    International Nuclear Information System (INIS)

    Baik, Joo Hyun; Kim, Hyeong Heon

    2008-01-01

    The simplification philosophy, as an example, that both of EPRI-URD and EUR emphasize is treated mostly for the cost reduction of the nuclear power plants, but not for the simplification of the structure of user's tasks, which is one of the principles of user-centered design. A user-centered design is a philosophy based on the needs and interests of the user, with an emphasis on making products usable and understandable. However, the nuclear power plants offered these days by which the predominant reactor vendors are hardly user-centered but still designer-centered or technology-centered in viewpoint of fulfilling user requirements. The main goal of user-centered design is that user requirements are elicited correctly, reflected properly into the system requirements, and verified thoroughly by the tests. Starting from the user requirements throughout to the final test, each requirement should be traceable. That's why requirement traceability is a key to the user-centered design, and main theme of a requirement management program, which is suggested to be added into EPRI-URD and EUR in the section of Design Process. (author)

  3. Infectious Disease and National Security: Strategic Information Needs

    Science.gov (United States)

    2006-01-01

    to the National Security Council. Most current federal employees we interviewed offered one or more specific sugges- tions for a centralized, time...and preparedness information for health professionals Open 156 Ministry of Health Malaysia Government of Malaysia http://dph.gov.my/ddc/index. html...Open 206 Asian Network for Surveillance of Resistant Pathogens (ANSORP) Various (primary: Samsung Medical Center, Sungkyunkwan University, Seoul

  4. Measuring energy security performance within China: Toward an inter-provincial prospective

    International Nuclear Information System (INIS)

    Zhang, Long; Yu, Jing; Sovacool, Benjamin K.; Ren, Jingzheng

    2017-01-01

    China has been the world's largest energy consumer and producer for many years, yet while myriad studies have investigated Chinese performance on energy metrics compared to other countries, few to none have looked internally at Chinese provinces. This paper firstly develops a five-dimensional evaluation system centered on the energy security dimensions of availability and diversity, affordability and equality, technology and efficiency, environmental sustainability, and governance and innovation. It then correlates these dimensions to 20 distinct energy security metrics that are used to assess the energy security performance of 30 Chinese provinces, divided into eight regions. Our results reveal both trends in energy policy and practice as well as provincial status of comparative energy security for the year 2013. We find, for instance, that there is no province which performs well in all five of the energy security dimensions, and that all provinces confronted threats related to energy availability and diversity. We also demonstrate that in comparative terms, the Middle Reaches of Yellow River and the Northwest were the most energy-secure, while the Middle Reaches of Yangtze River and the Northeast were least energy-secure. - Highlights: • We assessed energy security for 30 Chinese provinces across five dimensions. • Fuzzy AHP, PROMETHEE and Sensitivity Analysis are used to investigate. • Western provinces perform better performance than eastern provinces in 2013. • Energy availability and diversity is the most severe threat facing China's energy security. • Developing renewable energy will help improve China's Provincial energy security significantly.

  5. Protecting intellectual property in space; Proceedings of the Aerospace Computer Security Conference, McLean, VA, March 20, 1985

    Science.gov (United States)

    1985-01-01

    The primary purpose of the Aerospace Computer Security Conference was to bring together people and organizations which have a common interest in protecting intellectual property generated in space. Operational concerns are discussed, taking into account security implications of the space station information system, Space Shuttle security policies and programs, potential uses of probabilistic risk assessment techniques for space station development, key considerations in contingency planning for secure space flight ground control centers, a systematic method for evaluating security requirements compliance, and security engineering of secure ground stations. Subjects related to security technologies are also explored, giving attention to processing requirements of secure C3/I and battle management systems and the development of the Gemini trusted multiple microcomputer base, the Restricted Access Processor system as a security guard designed to protect classified information, and observations on local area network security.

  6. A dynamic mathematical test of international property securities bubbles and crashes

    Science.gov (United States)

    Hui, Eddie C. M.; Zheng, Xian; Wang, Hui

    2010-04-01

    This study investigates property securities bubbles and crashes by using a dynamic mathematical methodology developed from the previous research (Watanabe et al. 2007a, b [31,32]). The improved model is used to detect the bubble and crash periods in five international countries/cities (namely, United States, United Kingdom, Japan, Hong Kong and Singapore) from Jan, 2000 to Oct, 2008. By this model definition, we are able to detect the beginning of each bubble period even before it bursts. Meanwhile, the empirical results show that most of property securities markets experienced bubble periods between 2003 and 2007, and crashes happened in Apr 2008 triggered by the Subprime Mortgage Crisis of US. In contrast, Japan suffered the shortest bubble period and no evidence has documented the existence of crash there.

  7. Final Report Feasibility Study for the California Wave Energy Test Center (CalWavesm) - Volume #2 - Appendices #16-17

    Energy Technology Data Exchange (ETDEWEB)

    Dooher, Brendan [Pacific Gas and Electric Company, San Ramon, CA (United States). Applied Technical Services; Toman, William I. [California Polytechnic State Univ. (CalPoly), San Luis Obispo, CA (United States). Inst. of Advanced Technology and Public Policy; Davy, Doug M. [CH2M Hill Engineers, Inc., Sacramento, CA (United States); Blakslee, Samuel N. [California Polytechnic State Univ. (CalPoly), San Luis Obispo, CA (United States)

    2017-07-31

    The California Wave Energy Test Center (CalWave) Feasibility Study project was funded over multiple phases by the Department of Energy to perform an interdisciplinary feasibility assessment to analyze the engineering, permitting, and stakeholder requirements to establish an open water, fully energetic, grid connected, wave energy test center off the coast of California for the purposes of advancing U.S. wave energy research, development, and testing capabilities. Work under this grant included wave energy resource characterization, grid impact and interconnection requirements, port infrastructure and maritime industry capability/suitability to accommodate the industry at research, demonstration and commercial scale, and macro and micro siting considerations. CalWave Phase I performed a macro-siting and down-selection process focusing on two potential test sites in California: Humboldt Bay and Vandenberg Air Force Base. This work resulted in the Vandenberg Air Force Base site being chosen as the most favorable site based on a peer reviewed criteria matrix. CalWave Phase II focused on four siting location alternatives along the Vandenberg Air Force Base coastline and culminated with a final siting down-selection. Key outcomes from this work include completion of preliminary engineering and systems integration work, a robust turnkey cost estimate, shoreside and subsea hazards assessment, storm wave analysis, lessons learned reports from several maritime disciplines, test center benchmarking as compared to existing international test sites, analysis of existing applicable environmental literature, the completion of a preliminary regulatory, permitting and licensing roadmap, robust interaction and engagement with state and federal regulatory agency personnel and local stakeholders, and the population of a Draft Federal Energy Regulatory Commission (FERC) Preliminary Application Document (PAD). Analysis of existing offshore oil and gas infrastructure was also performed

  8. Security Data Warehouse Application

    Science.gov (United States)

    Vernon, Lynn R.; Hennan, Robert; Ortiz, Chris; Gonzalez, Steve; Roane, John

    2012-01-01

    The Security Data Warehouse (SDW) is used to aggregate and correlate all JSC IT security data. This includes IT asset inventory such as operating systems and patch levels, users, user logins, remote access dial-in and VPN, and vulnerability tracking and reporting. The correlation of this data allows for an integrated understanding of current security issues and systems by providing this data in a format that associates it to an individual host. The cornerstone of the SDW is its unique host-mapping algorithm that has undergone extensive field tests, and provides a high degree of accuracy. The algorithm comprises two parts. The first part employs fuzzy logic to derive a best-guess host assignment using incomplete sensor data. The second part is logic to identify and correct errors in the database, based on subsequent, more complete data. Host records are automatically split or merged, as appropriate. The process had to be refined and thoroughly tested before the SDW deployment was feasible. Complexity was increased by adding the dimension of time. The SDW correlates all data with its relationship to time. This lends support to forensic investigations, audits, and overall situational awareness. Another important feature of the SDW architecture is that all of the underlying complexities of the data model and host-mapping algorithm are encapsulated in an easy-to-use and understandable Perl language Application Programming Interface (API). This allows the SDW to be quickly augmented with additional sensors using minimal coding and testing. It also supports rapid generation of ad hoc reports and integration with other information systems.

  9. Aftermath of World Trade Center Attack

    Science.gov (United States)

    2002-01-01

    This true-color image was taken by the Enhanced Thematic Mapper Plus (ETM+) aboard the Landsat 7 satellite on September 12, 2001, at roughly 11:30 a.m. Eastern Daylight Savings Time. Visit the NASA home page for photos from the space station and MODIS, and GlobalSecurity.org for images from other satellites. Image courtesy USGS Landsat 7 team, at the EROS Data Center.

  10. THE EXPERIENCE OF COMPARISON OF STATIC SECURITY CODE ANALYZERS

    Directory of Open Access Journals (Sweden)

    Alexey Markov

    2015-09-01

    Full Text Available This work presents a methodological approach to comparison of static security code analyzers. It substantiates the comparison of the static analyzers as to efficiency and functionality indicators, which are stipulated in the international regulatory documents. The test data for assessment of static analyzers efficiency is represented by synthetic sets of open-source software, which contain vulnerabilities. We substantiated certain criteria for quality assessment of the static security code analyzers subject to standards NIST SP 500-268 and SATEC. We carried out experiments that allowed us to assess a number of the Russian proprietary software tools and open-source tools. We came to the conclusion that it is of paramount importance to develop Russian regulatory framework for testing software security (firstly, for controlling undocumented features and evaluating the quality of static security code analyzers.

  11. Testing of the Advanced Stirling Radioisotope Generator Engineering Unit at NASA Glenn Research Center

    Science.gov (United States)

    Lewandowski, Edward J.

    2013-01-01

    The Advanced Stirling Radioisotope Generator (ASRG) is a high-efficiency generator being developed for potential use on a Discovery 12 space mission. Lockheed Martin designed and fabricated the ASRG Engineering Unit (EU) under contract to the Department of Energy. This unit was delivered to NASA Glenn Research Center in 2008 and has been undergoing extended operation testing to generate long-term performance data for an integrated system. It has also been used for tests to characterize generator operation while varying control parameters and system inputs, both when controlled with an alternating current (AC) bus and with a digital controller. The ASRG EU currently has over 27,000 hours of operation. This paper summarizes all of the tests that have been conducted on the ASRG EU over the past 3 years and provides an overview of the test results and what was learned.

  12. Centers for Disease Control and Prevention Funding for HIV Testing Associated With Higher State Percentage of Persons Tested.

    Science.gov (United States)

    Hayek, Samah; Dietz, Patricia M; Van Handel, Michelle; Zhang, Jun; Shrestha, Ram K; Huang, Ya-Lin A; Wan, Choi; Mermin, Jonathan

    2015-01-01

    To assess the association between state per capita allocations of Centers for Disease Control and Prevention (CDC) funding for HIV testing and the percentage of persons tested for HIV. We examined data from 2 sources: 2011 Behavioral Risk Factor Surveillance System and 2010-2011 State HIV Budget Allocations Reports. Behavioral Risk Factor Surveillance System data were used to estimate the percentage of persons aged 18 to 64 years who had reported testing for HIV in the last 2 years in the United States by state. State HIV Budget Allocations Reports were used to calculate the state mean annual per capita allocations for CDC-funded HIV testing reported by state and local health departments in the United States. The association between the state fixed-effect per capita allocations for CDC-funded HIV testing and self-reported HIV testing in the last 2 years among persons aged 18 to 64 years was assessed with a hierarchical logistic regression model adjusting for individual-level characteristics. The percentage of persons tested for HIV in the last 2 years. In 2011, 18.7% (95% confidence interval = 18.4-19.0) of persons reported being tested for HIV in last 2 years (state range, 9.7%-28.2%). During 2010-2011, the state mean annual per capita allocation for CDC-funded HIV testing was $0.34 (state range, $0.04-$1.04). A $0.30 increase in per capita allocation for CDC-funded HIV testing was associated with an increase of 2.4 percentage points (14.0% vs 16.4%) in the percentage of persons tested for HIV per state. Providing HIV testing resources to health departments was associated with an increased percentage of state residents tested for HIV.

  13. Patient Centeredness in Electronic Communication: Evaluation of Patient-to-Health Care Team Secure Messaging.

    Science.gov (United States)

    Hogan, Timothy P; Luger, Tana M; Volkman, Julie E; Rocheleau, Mary; Mueller, Nora; Barker, Anna M; Nazi, Kim M; Houston, Thomas K; Bokhour, Barbara G

    2018-03-08

    As information and communication technology is becoming more widely implemented across health care organizations, patient-provider email or asynchronous electronic secure messaging has the potential to support patient-centered communication. Within the medical home model of the Veterans Health Administration (VA), secure messaging is envisioned as a means to enhance access and strengthen the relationships between veterans and their health care team members. However, despite previous studies that have examined the content of electronic messages exchanged between patients and health care providers, less research has focused on the socioemotional aspects of the communication enacted through those messages. Recognizing the potential of secure messaging to facilitate the goals of patient-centered care, the objectives of this analysis were to not only understand why patients and health care team members exchange secure messages but also to examine the socioemotional tone engendered in these messages. We conducted a cross-sectional coding evaluation of a corpus of secure messages exchanged between patients and health care team members over 6 months at 8 VA facilities. We identified patients whose medical records showed secure messaging threads containing at least 2 messages and compiled a random sample of these threads. Drawing on previous literature regarding the analysis of asynchronous, patient-provider electronic communication, we developed a coding scheme comprising a series of a priori patient and health care team member codes. Three team members tested the scheme on a subset of the messages and then independently coded the sample of messaging threads. Of the 711 messages coded from the 384 messaging threads, 52.5% (373/711) were sent by patients and 47.5% (338/711) by health care team members. Patient and health care team member messages included logistical content (82.6%, 308/373 vs 89.1%, 301/338), were neutral in tone (70.2%, 262/373 vs 82.0%, 277/338), and

  14. Threats or threads: from usable security to secure experience

    DEFF Research Database (Denmark)

    Bødker, Susanne; Mathiasen, Niels Raabjerg

    2008-01-01

    While the domain of security dependent technologies brings new challenges to HCI research it seems that the results and breakthroughs of HCI have not been used in design of security dependent technologies. With exceptions, work in the research field of usable security may be criticized for focusing...... mainly on adjusting user behavior to behave securely. With our background in newer HCI perspectives we address secure interaction from the perspective of security technology as experience. We analyze a number of collected user stories to understand what happens when everyday users encounter security...... dependent technologies. We apply McCarthy & Wright's [12] experience framework to the security domain and our collected stories. We point out that there are significant differences between being secure and having a secure experience, and conclude that classical usable security, focus on people's immediate...

  15. CERN to offer secure grid, published in itWorldCanada

    CERN Multimedia

    Broersma, Matthew

    2006-01-01

    CERN, the Geneva-based nuclear physics research center, has launched a collaborative effort with some of the biggest name in IT to tighten up security on its landmark Large Hadron Collider (LHC) project, as well as working on platform virtualization and the interoperability of grid software (1 page)

  16. A Component-Based Approach for Securing Indoor Home Care Applications

    Science.gov (United States)

    Estévez, Elisabet

    2017-01-01

    eHealth systems have adopted recent advances on sensing technologies together with advances in information and communication technologies (ICT) in order to provide people-centered services that improve the quality of life of an increasingly elderly population. As these eHealth services are founded on the acquisition and processing of sensitive data (e.g., personal details, diagnosis, treatments and medical history), any security threat would damage the public’s confidence in them. This paper proposes a solution for the design and runtime management of indoor eHealth applications with security requirements. The proposal allows applications definition customized to patient particularities, including the early detection of health deterioration and suitable reaction (events) as well as security needs. At runtime, security support is twofold. A secured component-based platform supervises applications execution and provides events management, whilst the security of the communications among application components is also guaranteed. Additionally, the proposed event management scheme adopts the fog computing paradigm to enable local event related data storage and processing, thus saving communication bandwidth when communicating with the cloud. As a proof of concept, this proposal has been validated through the monitoring of the health status in diabetic patients at a nursing home. PMID:29278370

  17. A Component-Based Approach for Securing Indoor Home Care Applications

    Directory of Open Access Journals (Sweden)

    Aitor Agirre

    2017-12-01

    Full Text Available eHealth systems have adopted recent advances on sensing technologies together with advances in information and communication technologies (ICT in order to provide people-centered services that improve the quality of life of an increasingly elderly population. As these eHealth services are founded on the acquisition and processing of sensitive data (e.g., personal details, diagnosis, treatments and medical history, any security threat would damage the public’s confidence in them. This paper proposes a solution for the design and runtime management of indoor eHealth applications with security requirements. The proposal allows applications definition customized to patient particularities, including the early detection of health deterioration and suitable reaction (events as well as security needs. At runtime, security support is twofold. A secured component-based platform supervises applications execution and provides events management, whilst the security of the communications among application components is also guaranteed. Additionally, the proposed event management scheme adopts the fog computing paradigm to enable local event related data storage and processing, thus saving communication bandwidth when communicating with the cloud. As a proof of concept, this proposal has been validated through the monitoring of the health status in diabetic patients at a nursing home.

  18. Security an introduction

    CERN Document Server

    Purpura, Philip P

    2011-01-01

    Section I The History and Profession of SecurityDefinition, Role, and History of Security Security Defined The Contexts of Security The Roles of Security The History of Security Security in an Environment of Threats, Terrorism, and All-Hazards Threats and Hazards Terrorism National Strategies The Profession and Business of Security The Business of Security Professionalism and Security Associations Ethics Regulation of the Security Industry Security Training Higher Education Careers Section II Protecting People and AssetsSecurity Methodology Methodology Defined Security Business Proposals Secur

  19. Closure Report for Corrective Action Unit 116: Area 25 Test Cell C Facility, Nevada National Security Site, Nevada

    Energy Technology Data Exchange (ETDEWEB)

    NSTec Environmental Restoration

    2011-09-29

    This Closure Report (CR) presents information supporting closure of Corrective Action Unit (CAU) 116, Area 25 Test Cell C Facility. This CR complies with the requirements of the Federal Facility Agreement and Consent Order (FFACO) that was agreed to by the State of Nevada; the U.S. Department of Energy (DOE), Environmental Management; the U.S. Department of Defense; and DOE, Legacy Management (FFACO, 1996 [as amended March 2010]). CAU 116 consists of the following two Corrective Action Sites (CASs), located in Area 25 of the Nevada National Security Site: (1) CAS 25-23-20, Nuclear Furnace Piping and (2) CAS 25-41-05, Test Cell C Facility. CAS 25-41-05 consisted of Building 3210 and the attached concrete shield wall. CAS 25-23-20 consisted of the nuclear furnace piping and tanks. Closure activities began in January 2007 and were completed in August 2011. Activities were conducted according to Revision 1 of the Streamlined Approach for Environmental Restoration Plan for CAU 116 (U.S. Department of Energy, National Nuclear Security Administration Nevada Site Office [NNSA/NSO], 2008). This CR provides documentation supporting the completed corrective actions and provides data confirming that closure objectives for CAU 116 were met. Site characterization data and process knowledge indicated that surface areas were radiologically contaminated above release limits and that regulated and/or hazardous wastes were present in the facility.

  20. ORDER SECURITY – NATIONAL SECURITY ADMINISTRATION. NATIONAL SECURITY DEFENSE AS SPECIAL ADMINISTRATION

    OpenAIRE

    Zoltán BALLA

    2009-01-01

    National security administration is the special executivedisposal activity of the national security agencies, the section of the state administration that helps the governmental work by reconnoitering and preventing with secret-servicing methods of the risks that shall harm or endanger the national security’s interests. The main operational principles of national security governing are the followings among others: - controlling the operation of national security organization belongs to the ex...

  1. Computer Security: Security operations at CERN (4/4)

    CERN Document Server

    CERN. Geneva

    2012-01-01

    Stefan Lueders, PhD, graduated from the Swiss Federal Institute of Technology in Zurich and joined CERN in 2002. Being initially developer of a common safety system used in all four experiments at the Large Hadron Collider, he gathered expertise in cyber-security issues of control systems. Consequently in 2004, he took over responsibilities in securing CERN's accelerator and infrastructure control systems against cyber-threats. Subsequently, he joined the CERN Computer Security Incident Response Team and is today heading this team as CERN's Computer Security Officer with the mandate to coordinate all aspects of CERN's computer security --- office computing security, computer centre security, GRID computing security and control system security --- whilst taking into account CERN's operational needs. Dr. Lueders has presented on these topics at many different occasions to international bodies, governments, and companies, and published several articles. With the prevalence of modern information technologies and...

  2. Centers for manufacturing technology: Industrial Advisory Committee Review

    Energy Technology Data Exchange (ETDEWEB)

    NONE

    1995-10-01

    An advisory committee, composed of senior managers form industrial- sector companies and major manufacturing trade associations and representatives from appropriate educational institutions, meets semi-annually to review and advise the Oak Ridge Centers for Manufacturing Technology (ORCMT) on its economic security program. Individual papers have been indexed separately for the database.

  3. Russian Federal Nuclear Center VNIIEF - possibilities of international cooperation

    International Nuclear Information System (INIS)

    Shaburov, V.M.; Mozharov, R.V.

    2000-01-01

    The Russian Federation Nuclear Center - the All-Russian Experimental Physics Research Institute (RFNC-AREPRI; VNIIEF) is a major scientific-technical center of Russia capable of solving the most difficult problems in the interests of defense, science and the national economy. There was a time when the RFNC-AREPRI played a decisive role in liquidating the U.S. monopoly on nuclear weapons and ensuring half a century of world civilization without global political and military conflicts. Today, RFNC-AREPRI specialists are entrusted with the mission of maintaining and perfecting Russia's nuclear shield that ensures its security and independence. As well as defense-oriented projects, the Institute is busy developing and implementing a number of projects in the most diverse fields of science and technology. At present, the Institute possesses an experimental and testing base that includes: a gas dynamic complex for testing manufactured products and explosives, irradiation facilities, nuclear reactors, laser systems, complexes for mechanical, temperature and climatic testing of specific manufactured products and instruments, and an aero-ballistic testing complex. The Institute's material base, with its mathematical support, is one of the most powerful in Russia. The RFNC-AREPRI employs about 20,000 workers, including 9,500 scientists and engineers. Today, the RFNC-AREPRI is engaged in activities in the following principal directions: - properties of material under extreme pressure and temperature; - gas dynamics; - nuclear physics; - radiation physics; - laser physics and equipment; - super-powerful magnetic fields; - high-temperature plasma physics; - development of physical models of complex physical processes and the creation of mathematical methodologies and software based on these models; - energy; - medicine; - ecology; - progressive technologies for various sectors of the economy. International cooperation of the RFNC-AREPRI is reviewed. (authors)

  4. CHANGES IN THE SECURITY AGENDA: CRITICAL SECURITY STUDIES AND HUMAN SECURITY. THE CASE OF CHINA

    Directory of Open Access Journals (Sweden)

    Nguyen THI THUY HANG

    2012-06-01

    Full Text Available Since the end of the Cold War the meaning of security has fundamentally changed. Issues which are labeled as non-traditional security namely human development, economic crises, environmental degradation, natural disaster, poverty, epidemics… have become a crucial part of the security agenda. These changes have been intensified with the development of the two approaches: Critical Security Studies and Human Security. This article explores how the meaning of security has changed and how the boundaries between traditional and non-traditional security have become blurred. The case of China is taken as empirical evidence to support the assertion that security has evolved beyond its traditional focus on the state.

  5. Infectious disease protection for healthcare security officers.

    Science.gov (United States)

    D'Angelo, Michael S; Arias, Jean

    2015-01-01

    Healthcare Security should be considered an active component in an infectious disease event, the authors maintain, and security officers must be included in an Employee Health screening and N95 fit testing initiative to safely welcome the incoming infected patients. In this article, they spell out the different levels of precautions officers should become familiar with in order to protect themselves.

  6. Solutions for a food-secure future | IDRC - International ...

    International Development Research Centre (IDRC) Digital Library (Canada)

    2016-10-05

    Oct 5, 2016 ... ... of people in developing countries lift themselves out of hunger and poverty. Through the Centre's Agriculture and Food Security program, IDRC invested more than CAD$179 million from 2009-2015 to develop, test, and scale up solutions that improve food security and nutrition in the developing world.

  7. Generating WS-SecurityPolicy documents via security model transformation

    DEFF Research Database (Denmark)

    Jensen, Meiko

    2009-01-01

    When SOA-based business processes are to be enhanced with security properties, the model-driven business process development approach enables an easier and more reliable security definition compared to manually crafting the security realizations afterwards. In this paper, we outline an appropriat...... security model definition and transformation approach, targeting the WS-SecurityPolicy and WS-BPEL specifications, in order to enable a Web-Service-based secure business process development.......When SOA-based business processes are to be enhanced with security properties, the model-driven business process development approach enables an easier and more reliable security definition compared to manually crafting the security realizations afterwards. In this paper, we outline an appropriate...

  8. Security Engine Management of Router based on Security Policy

    OpenAIRE

    Su Hyung Jo; Ki Young Kim; Sang Ho Lee

    2007-01-01

    Security management has changed from the management of security equipments and useful interface to manager. It analyzes the whole security conditions of network and preserves the network services from attacks. Secure router technology has security functions, such as intrusion detection, IPsec(IP Security) and access control, are applied to legacy router for secure networking. It controls an unauthorized router access and detects an illegal network intrusion. This paper re...

  9. Determinants of domestic violence among women attending an human immunodeficiency virus voluntary counseling and testing center in Bangalore, India.

    Science.gov (United States)

    Chandrasekaran, Varalakshmi; Krupp, Karl; George, Ruja; Madhivanan, Purnima

    2007-05-01

    Violence against women is a global phenomenon that cuts across all social and economic classes. This study was designed to measure the prevalence and correlates of domestic violence (DV) among women seeking services at a voluntary counseling and testing (VCT) center in Bangalore, India. A cross-sectional survey was conducted among women visiting an human immunodeficiency virus (HIV) VCT center in Bangalore, between September and November 2005. An interviewer-administered questionnaire was used to collect information about violence and other variables. Univariable associations with DV were made using Pearson Chi-squared test for categorical variables and Student t-test or the Mann-Whitney test for continuous variables. Forty-two percent of respondents reported DV, including physical abuse (29%), psychological abuse (69%) and sexual abuse (1%). Among the women who reported violence of any kind, 67% also reported that they were HIV seropositive. The most common reasons reported for DV included financial problems (38%), husband's alcohol use (29%) and woman's HIV status (18%). Older women (P around the world. The findings highlight the need for additional training among health care providers in VCT centers in screening for DV, detection of signs of physical abuse and provisions and referrals for women suffering from domestic partner violence.

  10. Development of security engineering curricula at US universities

    Energy Technology Data Exchange (ETDEWEB)

    Garcia, M.L.

    1998-08-01

    The Southwest Surety Institute was formed in June 1996 by Arizona State University (ASU), New Mexico Institute of Mining and Technology (NM Tech), New Mexico State University (NMSU), and Sandia National Laboratories (SNL) to provide educational programs in Security Engineering, and to conduct research and development in security technologies. This is the first science-based program of its kind in the US, focused on educating Security Engineers to help government and industry address their security needs. Each member brings a unique educational capability to the Institute. NM Tech has a formidable explosives testing and evaluation facility. ASU is developing a Masters program in Security Engineering at their School of Technology located on a new campus in Mesa, Arizona. NMSU provides a Security Technology minor, merging programs in Criminal Justice and Engineering Technology. The Sandia National Laboratories security system design and evaluation process forms the basis for the Security Engineering curricula. In an effort to leverage the special capabilities of each university, distance education will be used to share courses among Institute members and eventually with other sites across the country.

  11. Pragmatic security metrics applying metametrics to information security

    CERN Document Server

    Brotby, W Krag

    2013-01-01

    Other books on information security metrics discuss number theory and statistics in academic terms. Light on mathematics and heavy on utility, PRAGMATIC Security Metrics: Applying Metametrics to Information Security breaks the mold. This is the ultimate how-to-do-it guide for security metrics.Packed with time-saving tips, the book offers easy-to-follow guidance for those struggling with security metrics. Step by step, it clearly explains how to specify, develop, use, and maintain an information security measurement system (a comprehensive suite of metrics) to

  12. Using clinical simulation centers to test design interventions: a pilot study of lighting and color modifications.

    Science.gov (United States)

    Gray, Whitney Austin; Kesten, Karen S; Hurst, Stephen; Day, Tama Duffy; Anderko, Laura

    2012-01-01

    The aim of this pilot study was to test design interventions such as lighting, color, and spatial color patterning on nurses' stress, alertness, and satisfaction, and to provide an example of how clinical simulation centers can be used to conduct research. The application of evidence-based design research in healthcare settings requires a transdisciplinary approach. Integrating approaches from multiple fields in real-life settings often proves time consuming and experimentally difficult. However, forums for collaboration such as clinical simulation centers may offer a solution. In these settings, identical operating and patient rooms are used to deliver simulated patient care scenarios using automated mannequins. Two identical rooms were modified in the clinical simulation center. Nurses spent 30 minutes in each room performing simulated cardiac resuscitation. Subjective measures of nurses' stress, alertness, and satisfaction were collected and compared between settings and across time using matched-pair t-test analysis. Nurses reported feeling less stressed after exposure to the experimental room than nurses who were exposed to the control room (2.22, p = .03). Scores post-session indicated a significant reduction in stress and an increase in alertness after exposure to the experimental room as compared to the control room, with significance levels below .10. (Change in stress scores: 3.44, p = .069); (change in alertness scores: 3.6, p = .071). This study reinforces the use of validated survey tools to measure stress, alertness, and satisfaction. Results support human-centered design approaches by evaluating the effect on nurses in an experimental setting.

  13. 78 FR 2953 - National Cybersecurity Center of Excellence (NCCoE) Secure Exchange of Electronic Health...

    Science.gov (United States)

    2013-01-15

    ... transport standards adopted by the Department of Health and Human Services at 45 CFR 170.202; 3. Access by... violations; and performing system health checks; 5. Support for standardized security automation technologies...

  14. An Analysis of Cloud Model-Based Security for Computing Secure Cloud Bursting and Aggregation in Real Environment

    OpenAIRE

    Pritesh Jain; Vaishali Chourey; Dheeraj Rane

    2011-01-01

    Cloud Computing has emerged as a major information and communications technology trend and has been proved as a key technology for market development and analysis for the users of several field. The practice of computing across two or more data centers separated by the Internet is growing in popularity due to an explosion in scalable computing demands. However, one of the major challenges that faces the cloud computing is how to secure and protect the data and processes the data of the user. ...

  15. Major issues in the training of security personnel

    International Nuclear Information System (INIS)

    Knauf, W.M.; Robertson, L.P.

    1982-01-01

    The effectiveness of the response component of a physical protection system depends greatly upon the training received by the security personnel. The issues and problems in the area of training which were of greatest concern to the attendees of the 1980 and 1981 INMM sponsored Technical Workshops on Guard Training are discussed. The attendees were training supervisors of managers of security personnel and represented a variety of organizations and companies including DOE facilities, NRC licensees, the military, private security contractors, and governmental agencies. Major categories of concern include: professionalism in security, legal constraints and obligations, physical and psychological testing and standards, governmental requirements, morale and motivation, and tactical training techniques

  16. Secure Web Developers Needed!

    CERN Multimedia

    Computer Security Team

    2012-01-01

    You’re about to launch a new website? Cool!! With today’s web programming languages like PHP, Java, Python or Perl, complex websites can be created, easily fulfilling all your use cases. But hold on. Did you ever think about how easily this can be abused? Attackers today are already using automatic tools which can quickly and easily find and exploit vulnerable web applications.   Web applications often suffer from security vulnerabilities, i.e. design flaws or programming bugs that remained undetected during the whole software development cycle. In production these vulnerabilities become security holes, providing an opportunity for exploitation, and can pose immense security risks (and there is no reason to believe that CERN is immune to this). The costs associated with eliminating these bugs could be loosely described by the "1:10:100 rule", i.e. the relative costs for fixing are 1:10:100 for fixing them in the programming:testing:production phases. Thus, the...

  17. A Framework for the Governance of Information Security

    Science.gov (United States)

    Edwards, Charles K.

    2013-01-01

    Information security is a complex issue, which is very critical for success of modern businesses. It can be implemented with the help of well-tested global standards and best practices. However, it has been studied that the human aspects of information security compliance pose significant challenge to its practitioners. There has been significant…

  18. Semi-device-independent security of one-way quantum key distribution

    OpenAIRE

    Pawlowski, Marcin; Brunner, Nicolas

    2011-01-01

    By testing nonlocality, the security of entanglement-based quantum key distribution (QKD) can be enhanced to being 'device-independent'. Here we ask whether such a strong form of security could also be established for one-way (prepare and measure) QKD. While fully device-independent security is impossible, we show that security can be guaranteed against individual attacks in a semi-device-independent scenario. In the latter, the devices used by the trusted parties are non-characterized, but t...

  19. Strategic information security

    CERN Document Server

    Wylder, John

    2003-01-01

    Introduction to Strategic Information SecurityWhat Does It Mean to Be Strategic? Information Security Defined The Security Professional's View of Information Security The Business View of Information SecurityChanges Affecting Business and Risk Management Strategic Security Strategic Security or Security Strategy?Monitoring and MeasurementMoving Forward ORGANIZATIONAL ISSUESThe Life Cycles of Security ManagersIntroductionThe Information Security Manager's Responsibilities The Evolution of Data Security to Information SecurityThe Repository Concept Changing Job Requirements Business Life Cycles

  20. Security Expertise

    DEFF Research Database (Denmark)

    systematic study of security expertise and opens up a productive dialogue between science and technology studies and security studies to investigate the character and consequences of this expertise. In security theory, the study of expertise is crucial to understanding whose knowledge informs security making......This volume brings together scholars from different fields to explore the power, consequences and everyday practices of security expertise. Expertise mediates between different forms of knowledge: scientific and technological, legal, economic and political knowledge. This book offers the first...... and to reflect on the impact and responsibility of security analysis. In science and technology studies, the study of security politics adds a challenging new case to the agenda of research on expertise and policy. The contributors investigate cases such as academic security studies, security think tanks...