Nuclear security. Improving correction of security deficiencies at DOE's weapons facilities

International Nuclear Information System (INIS)

Wells, James E.; Cannon, Doris E.; Fenzel, William F.; Lightner, Kenneth E. Jr.; Curtis, Lois J.; DuBois, Julia A.; Brown, Gail W.; Trujillo, Charles S.; Tumler, Pamela K.

1992-11-01

The US nuclear weapons research, development, and production are conducted at 10 DOE nuclear weapons facilities by contractors under the guidance and oversight of 9 DOE field offices. Because these facilities house special nuclear materials used in making nuclear weapons and nuclear weapons components, DOE administers a security program to protect (1) against theft, sabotage, espionage, terrorism, or other risks to national security and (2) the safety and health of DOE employees and the public. DOE spends almost $1 billion a year on this security program. DOE administers the security program through periodic inspections that evaluate and monitor the effectiveness of facilities' safeguards and security. Security inspections identify deficiencies, instances of noncompliance with safeguards and security requirements or poor performance of the systems being evaluated, that must be corrected to maintain adequate security. The contractors and DOE share responsibility for correcting deficiencies. Contractors, in correcting deficiencies, must comply with several DOE orders. The contractors' performances were not adequate in conducting four of the eight procedures considered necessary in meeting DOE's deficiency correction requirements. For 19 of the 20 deficiency cases we reviewed, contractors could not demonstrate that they had conducted three critical deficiency analyses (root cause, risk assessment, and cost-benefit) required by DOE. Additionally, the contractors did not always adequately verify that corrective actions taken were appropriate, effective, and complete. The contractors performed the remaining four procedures (reviewing deficiencies for duplication, entering deficiencies into a data base, tracking the status of deficiencies, and preparing and implementing a corrective action plan) adequately in all 20 cases. DOE's oversight of the corrective action process could be improved in three areas. The computerized systems used to track the status of security

Empowerment and BYOx: Towards Improved IS Security Compliance

DEFF Research Database (Denmark)

Welck, Maximilian von; Trenz, Manuel; Jensen, Tina Blegind

2017-01-01

Non-compliant employees continue to pose a serious threat to information systems security. Most attempts to increase compliant behavior rely on measures that reduce employees’ latitude. However, recent studies suggest that this indeed eventuates in less compliance due to adverse behaviors...... outline how this novel approach to improve IS security compliance can be developed and investigated further....

BIOTECHNOLOGY CAN IMPROVE FOOD SECURITY IN AFRICA ...

African Journals Online (AJOL)

BIOTECHNOLOGY CAN IMPROVE FOOD SECURITY IN AFRICA. ... and capacity to innovate and patent new materials as well as enforce biosafety requirements. In order for countries to access biotechnology products or technologies, it will ...

Security improvement by using a modified coherent state for quantum cryptography

International Nuclear Information System (INIS)

Lu, Y.J.; Zhu, Luobei; Ou, Z.Y.

2005-01-01

Weak coherent states as a photon source for quantum cryptography have a limit in secure data rate and transmission distance because of the presence of multiphoton events and loss in transmission line. Two-photon events in a coherent state can be taken out by a two-photon interference scheme. We investigate the security issue of utilizing this modified coherent state in quantum cryptography. A 4-dB improvement in the secure data rate or a nearly twofold increase in transmission distance over the coherent state are found. With a recently proposed and improved encoding strategy, further improvement is possible

IAEA-EU Joint Action Partnership in Improving Nuclear Security

International Nuclear Information System (INIS)

2011-12-01

Nuclear and other radioactive material is on the move and in demand. Used in peaceful applications such as energy, medicine, research and industry, it improves the daily lives of individuals worldwide. Nonetheless, the risk posed by it falling into the wrong hands is a real and growing concern of the international community and one that demands improved nuclear security. Steps to bolster nuclear security and mitigate this risk include accounting for and securing nuclear and radioactive material as well as their related facilities, and helping to prevent theft, sabotage and use with malicious intent. Strong legislative, regulatory and enforcement frameworks, enhanced national capacity, and increased international cooperation in protecting against, and preparing for, any scenario strengthens these measures further. As a result, the Board of Governors of the International Atomic Energy Agency (IAEA) approved a plan of activities in 2002 to improve nuclear security worldwide. In 2003, the Council of the European Union (EU) adopted its Strategy against Proliferation of Weapons of Mass Destruction. Since then, five Contribution Agreements between the European Commission (EC) and the IAEA have been undertaken to provide financial support to IAEA activities in the areas of nuclear security and verification. These 'Joint Actions' assist States in strengthening their nuclear security infrastructure and underscore both the EU and IAEA's commitment to effective cooperation. IAEA-EU JOINT ACTION. The IAEA works to improve and strengthen national nuclear security programmes worldwide. EU support helps to advance the IAEA's efforts by raising awareness and improving understanding of nuclear security and its many component parts. Priority is given to those States that need to determine what radioactive and nuclear material they have, how to control it and how to reduce the risk it poses. Efforts focus on three main areas, strengthening: (i) States' legislative and regulatory

Communications and Integration Enhancements to Improve Homeland Security

National Research Council Canada - National Science Library

Sando, Terrance W

2007-01-01

.... Homeland Security responses. These technology enhancements and processes combined with the force capabilities that the National Guard has recently created, when integrated with other national capabilities, will greatly improve...

Improving the security of quantum protocols via commit-and-open

NARCIS (Netherlands)

I.B. Damgård (Ivan); S. Fehr (Serge); C. Luneman; L. Salvail (Louis); C. Schaffner (Christian)

2009-01-01

htmlabstractWe consider two-party quantum protocols starting with a transmission of some random BB84 qubits followed by classical messages. We show a general compiler improving the security of such protocols: if the original protocol is secure against an almost honest adversary, then the

Environmental and climate security: improving scenario methodologies for science and risk assessment

Science.gov (United States)

Briggs, C. M.; Carlsen, H.

2010-12-01

Governments and popular discussions have increasingly referred to concepts of ‘climate security’, often with reference to IPCC data. Development of effective methodologies to translate complex, scientific data into risk assessments has lagged, resulting in overly simplistic political assumptions of potential impacts. Climate security scenarios have been developed for use by security and military agencies, but effective engagement by scientific communities requires an improved framework. Effective use of data requires improvement both of climate projections, and the mapping of cascading impacts across interlinked, complex systems. In this research we propose a process for systematic generation of subsets of scenarios (of arbitrary size) from a given set of variables with possible interlinkages. The variables could include climatic changes as well as other global changes of concerns in a security context. In coping with possible challenges associated with the nexus of climate change and security - where deep structural uncertainty and possible irreversible changes are of primary interest - it is important to explore the outer limits of the relevant uncertainties. Therefore the proposed process includes a novel method that will help scenario developers in generating scenario sets where the scenarios are in a quantifiable sense maximally different and therefore best ‘span’ the whole set of scenarios. When downscaled onto a regional level, this process can provide guidance to potentially significant and abrupt geophysical changes, where high uncertainty has often prevented communication of risks. Potential physical changes can then be used as starting points for mapping cascading effects across networks, including topological analysis to identify critically vulnerable nodes and fragile systems, the existence of positive or negative feedback loops, and possible intervention points. Advanced knowledge of both potential geo-physical shifts and related non

Seeking A Breakthrough: The Improvement of The Asia-Pacific Security Structure From the Perspective of “One Belt One Road” Initiative

Directory of Open Access Journals (Sweden)

Zhang Zhaoxi

2016-12-01

Full Text Available The U.S alliance in the Asia-Pacific region has exerted significant influence on Asia-Pacific security architecture for a long time. While with the deepening of interdependence among Asia-Pacific countries, the development of regional international relations has outdated the existing security architecture in this region. It is imperative to improve the architecture in that there are plenty of structural hurdles, such as the obsolescence of security concepts, the fragmentation of security mechanism and the dearth of public goods on security affairs. OBOR, which is exemplary as a new multilateral cooperative initiative and has interacted profoundly with the regional security of the Asia-Pacific, holds endogenous relations with the Asia-Pacific security architecture. OBOR could improve the Asia-Pacific security architecture in the following ways: to create a new model of security maintenance in light of the advanced ideas given by OBOR; to design new institutional frameworks which are more normative and effective with mechanical innovations stemming from OBOR; to enrich the security public goods in the Asia-Pacific region under the reference of co-construction and sharing the idea of OBOR. However, the practice of improvement will face tremendous challenges both internally and externally. These challenges should be prudently analyzed and treated in order to better fulfill the co-evolution in the process of the construction of OBOR and the improvement of the Asia-Pacific security architecture, for the promotion of long-termed prosperity and stability in this region.

Improving the security of the Hwang-Su protocol for mobile networks

African Journals Online (AJOL)

user

Improving the security of the Hwang-Su protocol for mobile networks. Miloud Ait Hemad, My ... Furthermore, the wireless data channel is low data rate. These restrictions have an ..... Research in Security and Privacy. Wu T. Y. and Tsen Y. M., ...

Report: EPA Improved Its National Security Information Program, but Some Improvements Still Needed

Science.gov (United States)

Report #16-P-0196, June 2, 2016. The EPA will continue to improve its national security information program by completing information classification guides that can be used uniformly and consistently throughout the agency.

Seeking A Breakthrough: The Improvement of The Asia-Pacific Security Structure From the Perspective of “One Belt One Road” Initiative

OpenAIRE

Zhang Zhaoxi

2016-01-01

The U.S alliance in the Asia-Pacific region has exerted significant influence on Asia-Pacific security architecture for a long time. While with the deepening of interdependence among Asia-Pacific countries, the development of regional international relations has outdated the existing security architecture in this region. It is imperative to improve the architecture in that there are plenty of structural hurdles, such as the obsolescence of security concepts, the fragmentation of security mech...

Citizen-based Strategies to Improve Community Security: Working ...

International Development Research Centre (IDRC) Digital Library (Canada)

Citizen-based Strategies to Improve Community Security: Working with Vulnerable Populations to Address Urban Violence in Medellin ... Water Resources Association, in close collaboration with IDRC, is holding a webinar titled “Climate change and adaptive water management: Innovative solutions from the Global South”.

Information and technology: Improving food security in Uganda ...

International Development Research Centre (IDRC) Digital Library (Canada)

2014-06-23

Jun 23, 2014 ... Information and technology: Improving food security in Uganda ... knowledge to make decisions about planting, harvesting, and managing livestock, but ... to be effective for minimizing risks and increasing agricultural productivity. ... In time, this network of information – made possible by digital technology ...

Improving method for calculating integral index of personnel security of company

Directory of Open Access Journals (Sweden)

Chjan Khao Yui

2016-06-01

Full Text Available The paper improves the method of calculating the integral index of personnel security of a company. The author has identified four components of personnel security (social and motivational safety, occupational safety, not confliction security, life safety which are characterized by certain indicators. Integral index of personnel security is designed for the enterprises of machine-building sector in Kharkov region, taking into account theweight coefficients j-th component of bj, and weighting factors that determine the degree of contribution of the ith parameter in the integral index aіj as defined by experts.

Healthier, more nutritious potatoes improve food security in Colombia

International Development Research Centre (IDRC) Digital Library (Canada)

2016-04-26

Apr 26, 2016 ... Healthier, more nutritious potatoes improve food security in Colombia ... farmers, have high commercial potential, and are popular with consumers. ... children and adolescents is an alarming trend throughout the Caribbean.

New bean products to improve food security | IDRC - International ...

International Development Research Centre (IDRC) Digital Library (Canada)

2016-04-21

... Agricultural Research Organisation and the Kenya Agricultural and Livestock Research ... New bean products to improve food security. April 21, 2016. Image ... more lucrative market for smallholder bean farmers, most of whom are women.

Improvement of economic security management system of municipalities with account of transportation system development: methods of assessment

Science.gov (United States)

Khe Sun, Pak; Vorona-Slivinskaya, Lubov; Voskresenskay, Elena

2017-10-01

The article highlights the necessity of a complex approach to assess economic security of municipalities, which would consider municipal management specifics. The approach allows comparing the economic security level of municipalities, but it does not describe parameter differences between compared municipalities. Therefore, there is a second method suggested: parameter rank order method. Applying these methods allowed to figure out the leaders and outsiders of the economic security among municipalities and rank all economic security parameters according to the significance level. Complex assessment of the economic security of municipalities, based on the combination of the two approaches, allowed to assess the security level more accurate. In order to assure economic security and equalize its threshold values, one should pay special attention to transportation system development in municipalities. Strategic aims of projects in the area of transportation infrastructure development in municipalities include the following issues: contribution into creating and elaborating transportation logistics and manufacture transport complexes, development of transportation infrastructure with account of internal and external functions of the region, public transport development, improvement of transport security and reducing its negative influence on the environment.

Cryptanalysis and security improvements of 'two-factor user authentication in wireless sensor networks'.

Science.gov (United States)

Khan, Muhammad Khurram; Alghathbar, Khaled

2010-01-01

User authentication in wireless sensor networks (WSN) is a critical security issue due to their unattended and hostile deployment in the field. Since sensor nodes are equipped with limited computing power, storage, and communication modules; authenticating remote users in such resource-constrained environments is a paramount security concern. Recently, M.L. Das proposed a two-factor user authentication scheme in WSNs and claimed that his scheme is secure against different kinds of attack. However, in this paper, we show that the M.L. Das-scheme has some critical security pitfalls and cannot be recommended for real applications. We point out that in his scheme: users cannot change/update their passwords, it does not provide mutual authentication between gateway node and sensor node, and is vulnerable to gateway node bypassing attack and privileged-insider attack. To overcome the inherent security weaknesses of the M.L. Das-scheme, we propose improvements and security patches that attempt to fix the susceptibilities of his scheme. The proposed security improvements can be incorporated in the M.L. Das-scheme for achieving a more secure and robust two-factor user authentication in WSNs.

Improving Reliability, Security, and Efficiency of Reconfigurable Hardware Systems (Habilitation)

NARCIS (Netherlands)

Ziener, Daniel

2017-01-01

In this treatise,  my research on methods to improve efficiency, reliability, and security of reconfigurable hardware systems, i.e., FPGAs, through partial dynamic reconfiguration is outlined. The efficiency of reconfigurable systems can be improved by loading optimized data paths on-the-fly on an

The significance of enset culture and biodiversity for rural household food and livelihood security in southwestern Ethiopia

NARCIS (Netherlands)

Negash, A.; Niehof, A.

2004-01-01

The significance of enset (Ensete ventricosum Welw. Cheesman) for the food and livelihood security of rural households in Southwestern Ethiopia, where this crop is the main staple, raises two major questions. The first concerns the related issues of household food security and livelihood security

Improving Food and Nutrition Security in the Philippines through ...

International Development Research Centre (IDRC) Digital Library (Canada)

Improving food and nutrition security in the Philippines through school ... Implementation of the Community Health Assessment Program in the Philippines ... This project will address the effects of fast-paced economic growth in the Greater ...

Trade and commerce in improved crops and food: an essay on food security.

Science.gov (United States)

Kershen, Drew L

2010-11-30

Agricultural trade between nations is a significant proportion of total international trade. Agricultural trade in transgenic crops faces extra complications due to the existence of domestic and international regimes that focus specifically on agricultural biotechnology. These specialized regimes create legal and commercial challenges for trade in transgenic crops that have significant implications for the food security of the nations of the world. By food security, one should understand not just the available supply of food, but also the quality of the food and the environmental impact of agricultural production systems. These specialized regimes for transgenic crops can either encourage or hinder the adoption of agricultural biotechnology as a sustainable intensive agriculture. Sustainable intensive agriculture offers hope for agronomic improvements for agricultural production, socio-economic betterment for farmers and environmental benefits for societies. Sustainable intensive agriculture offers particular hope for the poorest farmers of the world because agricultural biotechnology is a technology in the seed. Copyright © 2010 Elsevier B.V. All rights reserved.

Improved security detection strategy in quantum secure direct communication protocol based on four-particle Green-Horne-Zeilinger state

Energy Technology Data Exchange (ETDEWEB)

Li, Jian; Nie, Jin-Rui; Li, Rui-Fan [Beijing Univ. of Posts and Telecommunications, Beijing (China). School of Computer; Jing, Bo [Beijing Univ. of Posts and Telecommunications, Beijing (China). School of Computer; Beijing Institute of Applied Meteorology, Beijing (China). Dept. of Computer Science

2012-06-15

To enhance the efficiency of eavesdropping detection in the quantum secure direct communication protocol, an improved quantum secure direct communication protocol based on a four-particle Green-Horne-Zeilinger (GHZ) state is presented. In the protocol, the four-particle GHZ state is used to detect eavesdroppers, and quantum dense coding is used to encode the message. In the security analysis, the method of entropy theory is introduced, and two detection strategies are compared quantitatively by using the constraint between the information that the eavesdroppers can obtain and the interference that has been introduced. If the eavesdropper wants to obtain all the information, the detection rate of the quantum secure direct communication using an Einstein-Podolsky-Rosen (EPR) pair block will be 50% and the detection rate of the presented protocol will be 87%. At last, the security of the proposed protocol is discussed. The analysis results indicate that the protocol proposed is more secure than the others. (orig.)

Towards improving security measures in Nigeria University Libraries ...

African Journals Online (AJOL)

A questionnaire designed by the researchers titled “Towards Improving Security Measures in Nigerian University Libraries (TISMINUL)” was used to collect the needed data. The questionnaire was designed in two parts. Part one was to gather information on the size of collection, frequency of stock taking and book loss.

Sustainability impact assessment to improve food security of smallholders in Tanzania

International Nuclear Information System (INIS)

Schindler, Jana; Graef, Frieder; König, Hannes Jochen; Mchau, Devotha; Saidia, Paul; Sieber, Stefan

2016-01-01

The objective of this paper was to assess the sustainability impacts of planned agricultural development interventions, so called upgrading strategies (UPS), to enhance food security and to identify what advantages and risks are assessed from the farmer's point of view in regards to social life, the economy and the environment. We developed a participatory methodological procedure that links food security and sustainable development. Farmers in four different case study villages in rural Tanzania chose their priority UPS. For these UPS, they assessed the impacts on locally relevant food security criteria. The positive impacts identified were mainly attributed to increased agricultural production and its related positive impacts such as increased income and improved access to necessary means to diversify the diet. However, several risks of certain UPS were also indicated by farmers, such as increased workload, high maintenance costs, higher competition among farmers, loss of traditional knowledge and social conflicts. We discussed the strong interdependence of socio-economic and environmental criteria to improve food security for small-scale farmers and analysed several trade-offs in regards to UPS choices and food security criteria. We also identified and discussed the advantages and challenges of our methodological approach. In conclusion, the participatory impact assessment on the farmer level allowed a locally specific analysis of the various positive and negative impacts of UPS on social life, the economy and the environment. We emphasize that only a development approach that considers social, economic and environmental challenges simultaneously can enhance food security.

78 FR 69433 - Executive Order 13650 Improving Chemical Facility Safety and Security Listening Sessions

Science.gov (United States)

2013-11-19

... Chemical Facility Safety and Security Listening Sessions AGENCY: National Protection and Programs... from stakeholders on issues pertaining to Improving Chemical Facility Safety and Security (Executive... regulations, guidance, and policies; and identifying best practices in chemical facility safety and security...

Security research roadmap

Energy Technology Data Exchange (ETDEWEB)

Rouhiainen, V. (ed.)

2007-02-15

VTT has a broad range of security research ongoing in many areas of technology. The main areas have been concentrating on public safety and security, but VTT is also participating in several research projects related to defence technology. To identify and define expertise and research goals in more detail, the Security research roadmap was developed. The roadmap identified three particularly significant areas related to security. The assurance of a critical infrastructure emphasises the protection of energy networks, information networks, water supply, traffic and transport, and obviously also the citizens. For assuring the activities of entrepreneurship, significant areas include the security of production and services, the security of sites and assets, and information security for embedded systems. The most important security products and technologies needed are, for example, management of total security, detection, identification, localisation and communication, protection of information networks and systems, as well as physical protection. In the EU's Security programme, which aims at ensuring the security of society and its vital functions, it is stated that. Technology alone can not assure security, but security can not be assured without the support of technology. VTT is conducting security research in all its areas of expertise and clusters. The area has a significant research potential. The development of products and systems designed for the improvement of security has just started. There is still room for innovation. This report presents knowledge and development needs in more detail, as well as future development potential seen in the area of security. (orig.)

Security analysis and improvements to the PsychoPass method.

Science.gov (United States)

Brumen, Bostjan; Heričko, Marjan; Rozman, Ivan; Hölbl, Marko

2013-08-13

In a recent paper, Pietro Cipresso et al proposed the PsychoPass method, a simple way to create strong passwords that are easy to remember. However, the method has some security issues that need to be addressed. To perform a security analysis on the PsychoPass method and outline the limitations of and possible improvements to the method. We used the brute force analysis and dictionary attack analysis of the PsychoPass method to outline its weaknesses. The first issue with the Psychopass method is that it requires the password reproduction on the same keyboard layout as was used to generate the password. The second issue is a security weakness: although the produced password is 24 characters long, the password is still weak. We elaborate on the weakness and propose a solution that produces strong passwords. The proposed version first requires the use of the SHIFT and ALT-GR keys in combination with other keys, and second, the keys need to be 1-2 distances apart. The proposed improved PsychoPass method yields passwords that can be broken only in hundreds of years based on current computing powers. The proposed PsychoPass method requires 10 keys, as opposed to 20 keys in the original method, for comparable password strength.

A Video Based System and Method for Improving Aircraft Security

National Research Council Canada - National Science Library

Meitzler, Tom; Ebenstein, Sam; Smith, Greg; Rodin, Yelena; Zorka, Nick

2004-01-01

In late September of 2001 the Commercial Airline Pilots Association (CAPA) endorsed president Bush's plan for improved airline security but expressed concern that it did not address many critical issues...

Information Technology Management: Social Security Administration Practices Can Be Improved

National Research Council Canada - National Science Library

Shaw, Clay

2001-01-01

To improve SSAs IT management practices, we recommend that the Acting Commissioner of Social Security direct the Chief Information Officer and the Deputy Commissioner for Systems to complete the following actions...

Sustainability impact assessment to improve food security of smallholders in Tanzania

Energy Technology Data Exchange (ETDEWEB)

Schindler, Jana, E-mail: jana.schindler@zalf.de [Leibniz Centre for Agricultural Landscape Research (ZALF), Institute of Land Use Systems, Eberswalder Straße 84, 15374 Müncheberg (Germany); Humboldt Universität zu Berlin, Faculty of Agriculture and Horticulture, Invalidenstr. 42, 10099 Berlin (Germany); Graef, Frieder, E-mail: graef@zalf.de [Leibniz Centre for Agricultural Landscape Research (ZALF), Institute of Land Use Systems, Eberswalder Straße 84, 15374 Müncheberg (Germany); König, Hannes Jochen, E-mail: hkoenig@zalf.de [Leibniz Centre for Agricultural Landscape Research (ZALF), Institute of Land Use Systems, Eberswalder Straße 84, 15374 Müncheberg (Germany); Mchau, Devotha, E-mail: dvtmchau@yahoo.com [Agricultural Research Institute (ARI Hombolo/Makutupora), P. O. Box 1676, Dodoma (Tanzania, United Republic of); Saidia, Paul, E-mail: saidiapaul@gmail.com [Sokoine University of Agriculture (SUA) Morogoro, Department of Crop Science and Production, P O. Box 3005, Morogoro (Tanzania, United Republic of); Sieber, Stefan, E-mail: stefan.sieber@zalf.de [Leibniz Centre for Agricultural Landscape Research (ZALF), Institute of Socio-Economics, Eberswalder Straße 84, 15374 Müncheberg (Germany)

2016-09-15

The objective of this paper was to assess the sustainability impacts of planned agricultural development interventions, so called upgrading strategies (UPS), to enhance food security and to identify what advantages and risks are assessed from the farmer's point of view in regards to social life, the economy and the environment. We developed a participatory methodological procedure that links food security and sustainable development. Farmers in four different case study villages in rural Tanzania chose their priority UPS. For these UPS, they assessed the impacts on locally relevant food security criteria. The positive impacts identified were mainly attributed to increased agricultural production and its related positive impacts such as increased income and improved access to necessary means to diversify the diet. However, several risks of certain UPS were also indicated by farmers, such as increased workload, high maintenance costs, higher competition among farmers, loss of traditional knowledge and social conflicts. We discussed the strong interdependence of socio-economic and environmental criteria to improve food security for small-scale farmers and analysed several trade-offs in regards to UPS choices and food security criteria. We also identified and discussed the advantages and challenges of our methodological approach. In conclusion, the participatory impact assessment on the farmer level allowed a locally specific analysis of the various positive and negative impacts of UPS on social life, the economy and the environment. We emphasize that only a development approach that considers social, economic and environmental challenges simultaneously can enhance food security.

Cryptanalysis and Security Improvements of ‘Two-Factor User Authentication in Wireless Sensor Networks’

Directory of Open Access Journals (Sweden)

Muhammad Khurram Khan

2010-03-01

Full Text Available User authentication in wireless sensor networks (WSN is a critical security issue due to their unattended and hostile deployment in the field. Since sensor nodes are equipped with limited computing power, storage, and communication modules; authenticating remote users in such resource-constrained environments is a paramount security concern. Recently, M.L. Das proposed a two-factor user authentication scheme in WSNs and claimed that his scheme is secure against different kinds of attack. However, in this paper, we show that the M.L. Das-scheme has some critical security pitfalls and cannot be recommended for real applications. We point out that in his scheme: users cannot change/update their passwords, it does not provide mutual authentication between gateway node and sensor node, and is vulnerable to gateway node bypassing attack and privileged-insider attack. To overcome the inherent security weaknesses of the M.L. Das-scheme, we propose improvements and security patches that attempt to fix the susceptibilities of his scheme. The proposed security improvements can be incorporated in the M.L. Das-scheme for achieving a more secure and robust two-factor user authentication in WSNs.

Improving Control System Security through the Evaluation of Current Trends in Computer Security Research

Energy Technology Data Exchange (ETDEWEB)

Rolston

2005-03-01

At present, control system security efforts are primarily technical and reactive in nature. What has been overlooked is the need for proactive efforts, focused on the IT security research community from which new threats might emerge. Evaluating cutting edge IT security research and how it is evolving can provide defenders with valuable information regarding what new threats and tools they can anticipate in the future. Only known attack methodologies can be blocked, and there is a gap between what is known to the general security community and what is being done by cutting edge researchers --both those trying to protect systems and those trying to compromise them. The best security researchers communicate with others in their field; they know what cutting edge research is being done; what software can be penetrated via this research; and what new attack techniques and methodologies are being circulated in the black hat community. Standardization of control system applications, operating systems, and networking protocols is occurring at a rapid rate, following a path similar to the standardization of modern IT networks. Many attack methodologies used on IT systems can be ported over to the control system environment with little difficulty. It is extremely important to take advantage of the lag time between new research, its use on traditional IT networks, and the time it takes to port the research over for use on a control system network. Analyzing nascent trends in IT security and determining their applicability to control system networks provides significant information regarding defense mechanisms needed to secure critical infrastructure more effectively. This work provides the critical infrastructure community with a better understanding of how new attacks might be launched, what layers of defense will be needed to deter them, how the attacks could be detected, and how their impact could be limited.

PV in Japan - improving energy security?

International Nuclear Information System (INIS)

Anon

2002-01-01

Currently, almost 80% of Japan's primary energy is imported and about 50% of this comes from politically unstable countries. The Japanese are now working hard to improve energy security in a clean and sustainable fashion. Since the wind patterns are not favourable for wind power, the emphasis is on photovoltaics (PVs), and many companies that once manufactured integrated circuits are now working on solar cells where their knowledge and experience of mass production, quality control, sales and marketing stand them in good stead. It is expected that the Japanese will be world leaders in the making and export of solar equipment, as well as one of the world's greatest users

Additional improvements needed in physical security at nuclear powerplants

International Nuclear Information System (INIS)

1983-01-01

Since the middle 1970's, the Nuclear Regulatory Commission and powerplant operators have taken measures to reduce the vulnerability of powerplants to attempted acts of sabotage. GAO's evaluation disclosed that further improvements can be made by screening nuclear plant employees to reduce the number of potential saboteurs and strengthening the physical security systems to ensure their compatibility with other plant safety systems. The Commission has taken two initiatives addressing these improvements. Therefore, GAO is not making recommendations at this time

State regulation as a tool for improving the economic security of the regions

Directory of Open Access Journals (Sweden)

Yu. M. Sokolinskaya

2017-01-01

Full Text Available Providing economic security for the development of regions, increasing their competitiveness, risk-free and sustainable activities are the main tasks of the regional program of social and economic development, which occupies a special place in the system of instruments for public management of these processes. The program of social and economic development is a unique strategy of the region aimed at security and optimization of the spatial structure and relations between the center and the regions in order to ensure economic security and growth by maximizing the effective use of existing internal and external factors. The institutional influence of the state in order to improve the economic security of regions and enterprises occurs palliatively when the business of the region is supported in direct – subsidies, and more often indirectly – compliance with the laws and regulations of the Russian Federation and the region, on the principles of institutional and market synergies. Adaptation of enterprises in the region to the market is difficult, when specific socio-organizational, economic, technical and technological, scientific, information activities in their interrelations function in the field of Russian laws. The search for ways to improve the economic security of the Russian Federation, regions and enterprises takes place in the context of global integration through the improvement of the mechanism of state regulation. An important task of the current stage of economic security of the country and regions is the construction of a system of its institutional organization that would be able to balance the levers of government with the opportunities of private enterprises, provide a quality level of providing the business with protection from terrorism, predation, financial risks, legal competition etc.

Improved Asymmetric Cipher Based on Matrix Power Function with Provable Security

Directory of Open Access Journals (Sweden)

Eligijus Sakalauskas

2017-01-01

Full Text Available The improved version of the author’s previously declared asymmetric cipher protocol based on matrix power function (MPF is presented. Proposed modification avoids discrete logarithm attack (DLA which could be applied to the previously declared protocol. This attack allows us to transform the initial system of MPF equations to so-called matrix multivariate quadratic (MMQ system of equations, which is a system representing a subclass of multivariate quadratic (MQ systems of equations. We are making a conjecture that avoidance of DLA in protocol, presented here, should increase its security, since an attempt to solve the initial system of MPF equations would appear to be no less complex than solving the system of MMQ equations. No algorithms are known to solve such a system of equations. Security parameters and their secure values are defined. Security analysis against chosen plaintext attack (CPA and chosen ciphertext attack (CCA is presented. Measures taken to prevent DLA attack increase the security of this protocol with respect to the previously declated protocol.

Improving the security of multiparty quantum secret sharing against Trojan horse attack

International Nuclear Information System (INIS)

Deng Fuguo; Li Xihan; Zhou Hongyu; Zhang Zhanjun

2005-01-01

We analyzed the security of the multiparty quantum secret sharing (MQSS) protocol recently proposed by Zhang, Li, and Man [Phys. Rev. A 71, 044301 (2005)] and found that this protocol is secure for any other eavesdropper except for the agent Bob who prepares the quantum signals as he can attack the quantum communication with a Trojan horse. That is, Bob replaces the single-photon signal with a multiphoton one and the other agent Charlie cannot find this cheating as she does not measure the photons before they run back from the boss Alice, which reveals that this MQSS protocol is not secure for Bob. Finally, we present a possible improvement of the MQSS protocol security with two single-photon measurements and four unitary operations

Foraging Is Determinant to Improve Smallholders’ Food Security in Rural Areas in Mali, West Africa

Directory of Open Access Journals (Sweden)

Sognigbe N’Danikou

2017-11-01

Full Text Available Studies on the enabling factors for household food security (HFS most often used simplified econometric models looking into the links with a selected set of variables. In this research, a livelihood approach of HFS was used and aimed at determining the most significant livelihood assets for HFS in dryland agricultural systems. Elements of the five livelihood assets were assessed through questionnaire surveys with a random sample of 180 households, and six focus group discussions in three communities along the rural-urban continuum, in Southern Mali. The coping strategy index approach was used to evaluate household food security status. Non-parametric and parametric statistical tests were combined, as appropriate, to identify the most significant determinants of HFS status. Findings indicated that most determinant factors of HFS were the diversity of wild and cultivated food plants, and hunting (natural capital; access to clean water and irrigation (infrastructural capital; and off-farm employment (financial capital. HFS also improved along the urban-rural continuum and rural households with high natural capital seemed to be more food secure. Findings call for important investment to expand the natural capital (e.g., domestication of new crops and agricultural diversification and infrastructural capital (irrigation facilities, clean water of the rural households.

Nuclear security. DOE actions to improve the personnel clearance program

International Nuclear Information System (INIS)

Fultz, Keith O.; Bannerman, Carl J.; Daniel, Beverly A.

1988-11-01

The status of the Department of Energy's (DOE) implementation of recommendations in our two reports on DOE's personnel security clearance program was determined. The recommendations were aimed at improving the timeliness, accuracy, and efficiency of personnel security clearance decisions. Specifically, the objective was to determine and report on steps DOE is taking to implement these recommendations. In summary, it was found that DOE has either initiated action or is studying ways to address all the recommendations, but none of the recommendations have been completely implemented. The effectiveness of the DOE actions will depend, in part, on the adequacy of its internal control system for overseeing and evaluating program operations. DOE's personnel security clearance program is intended to provide reasonable assurance that personnel with access to classified information and materials are trustworthy. The Department requests that the Office of Personnel Management or the Federal Bureau of Investigation collect personal data on each person who requires such access to do his or her job. Based on these background investigations, DOE officials authorize individuals whose personal histories indicate that they are trustworthy to have access to classified information, secured facilities, and controlled materials as needed to perform their jobs. DOE has five types of these authorizations or personnel security clearances and must update information on personnel holding each type at 5-year intervals to confirm their continuing reliability. The five types are based on the types of security interests to which the person needs access, e.g., persons needing nuclear weapons-related data must have a Q clearance, and persons with a top secret clearance can have access to national security data classified as top secret

Improving an Anonymous and Provably Secure Authentication Protocol for a Mobile User

Directory of Open Access Journals (Sweden)

Jongho Moon

2017-01-01

Full Text Available Recently many authentication protocols using an extended chaotic map were suggested for a mobile user. Many researchers demonstrated that authentication protocol needs to provide key agreement, mutual authentication, and user anonymity between mobile user and server and resilience to many possible attacks. In this paper, we cautiously analyzed chaotic-map-based authentication scheme and proved that it is still insecure to off-line identity guessing, user and server impersonation, and on-line identity guessing attacks. To address these vulnerabilities, we proposed an improved protocol based on an extended chaotic map and a fuzzy extractor. We proved the security of the proposed protocol using a random oracle and AVISPA (Automated Validation of Internet Security Protocols and Applications tool. Furthermore, we present an informal security analysis to make sure that the improved protocol is invulnerable to possible attacks. The proposed protocol is also computationally efficient when compared to other previous protocols.

75 FR 56858 - Improvements to the Supplemental Security Income Program-Heroes Earnings Assistance and Relief...

Science.gov (United States)

2010-09-17

... number, 1-800-772-1213, or TTY 1-800-325-0778, or visit our Internet site, Social Security Online, at... SOCIAL SECURITY ADMINISTRATION 20 CFR Part 416 [Docket No. SSA-2009-0017] RIN 0960-AH00 Improvements to the Supplemental Security Income Program--Heroes Earnings Assistance and Relief Tax Act of 2008...

Analysis and improvement of security of energy smart grids

International Nuclear Information System (INIS)

Halimi, Halim

2014-01-01

The Smart grid is the next generation power grid, which is a new self-healing, self-activating form of electricity network, and integrates power-flow control, increased quality of electricity, and energy reliability, energy efficiency and energy security using information and communication technologies. Communication networks play a critical role in smart grid, as the intelligence of smart grid is built based on information exchange across the power grid. Its two-way communication and electricity flow enable to monitor, predict and manage the energy usage. To upgrade an existing power grid into a smart grid, it requires an intelligent and secure communication infrastructure. Because of that, the main goal of this dissertation is to propose new architecture and implementation of algorithms for analysis and improvement of the security and reliability in smart grid. In power transmission segments of smart grid, wired communications are usually adopted to ensure robustness of the backbone power network. In contrast, for a power distribution grid, wireless communications provide many benefits such as low cost high speed links, easy setup of connections among different devices/appliances, and so on. Wireless communications are usually more vulnerable to security attacks than wired ones. Developing appropriate wireless communication architecture and its security measures is extremely important for a smart grid system. This research addresses physical layer security in a Wireless Smart Grid. Hence a defense Quorum- based algorithm is proposed to ensure physical security in wireless communication. The new security architecture for smart grid that supports privacy-preserving, data aggregation and access control is defined. This architecture consists of two parts. In the first part we propose to use an efficient and privacy-preserving aggregation scheme (EPPA), which aggregates real-time data of consumers by Local Gateway. During aggregation the privacy of consumers is

Securing General Aviation

National Research Council Canada - National Science Library

Elias, Bart

2005-01-01

.... Because GA plays a small but important role in the U.S. economy, improving upon GA security without unduly impeding air commerce or limiting the freedom of movement by air remains a significant challenge...

Sustaining Operational Resiliency: A Process Improvement Approach to Security Management

National Research Council Canada - National Science Library

Caralli, Richard A

2006-01-01

... potential to significantly disrupt an organization's pursuit of its mission. Security, business continuity, and IT operations management are activities that traditionally support operational risk management...

Impersonation attack on a quantum secure direct communication and authentication protocol with improvement

Science.gov (United States)

Amerimehr, Ali; Hadain Dehkordi, Massoud

2018-03-01

We analyze the security of a quantum secure direct communication and authentication protocol based on single photons. We first give an impersonation attack on the protocol. The cryptanalysis shows that there is a gap in the authentication procedure of the protocol so that an opponent can reveal the secret information by an undetectable attempt. We then propose an improvement for the protocol and show it closes the gap by applying a mutual authentication procedure. In the improved protocol single photons are transmitted once in a session, so it is easy to implement as the primary protocol. Furthermore, we use a novel technique for secret order rearrangement of photons by which not only quantum storage is eliminated also a secret key can be reused securely. So the new protocol is applicable in practical approaches like embedded system devices.

What's under the hood? Improving SCADA security with process awareness

NARCIS (Netherlands)

Chromik, Justyna Joanna; Remke, Anne Katharina Ingrid; Haverkort, Boudewijn R.H.M.

2016-01-01

SCADA networks are an essential part of monitoring and controlling physical infrastructures, such as the power grid. Recent news item show that tampering with the data exchanged in a SCADA network occurs and has severe consequences. A possible way of improving the security of SCADA networks is to

Sustaining Operational Resiliency: A Process Improvement Approach to Security Management

National Research Council Canada - National Science Library

Caralli, Richard A

2006-01-01

.... Coordinating these efforts to sustain operational resiliency requires a process-oriented approach that can be defined, measured, and actively managed. This report describes the fundamental elements and benefits of a process approach to security and operational resiliency and provides a notional view of a framework for process improvement.

Improving the security of the Hwang-Su protocol for mobile networks

African Journals Online (AJOL)

user

Improving the security of the Hwang-Su protocol for mobile networks. Miloud Ait ... But, it is threatened by weak ... Wireless networks (IEEE standard 802.11 1996, Gast 2005) have allowed computer systems to exchange data without cable.

49 CFR 1580.203 - Reporting significant security concerns.

Science.gov (United States)

2010-10-01

... TRANSPORTATION SECURITY Passenger Rail Including Passenger Railroad Carriers, Rail Transit Systems, Tourist... railroad carrier hosting an operation described in paragraph (a)(1) of this section. (3) Each tourist... transit line, and route, as applicable. (4) Origination and termination locations for the affected...

RFID security a lightweight paradigm

CERN Document Server

Khattab, Ahmed; Amini, Esmaeil; Bayoumi, Magdy

2017-01-01

This book provides a comprehensive treatment of security in the widely adopted, Radio Frequency Identification (RFID) technology. The authors present the fundamental principles of RFID cryptography in a manner accessible to a broad range of readers, enabling them to improve their RFID security design. This book also offers the reader a range of interesting topics portraying the current state-of-the-art in RFID technology and how it can be integrated with today’s Internet of Things (IoT) vision. The authors describe a first-of-its-kind, lightweight symmetric authenticated encryption cipher called Redundant Bit Security (RBS), which enables significant, multi-faceted performance improvements compared to existing cryptosystems. This book is a must-read for anyone aiming to overcome the constraints of practical implementation in RFID security technologies.

Improving industrial process control systems security

CERN Document Server

Epting, U; CERN. Geneva. TS Department

2004-01-01

System providers are today creating process control systems based on remote connectivity using internet technology, effectively exposing these systems to the same threats as corporate computers. It is becoming increasingly difficult and costly to patch/maintain the technical infrastructure monitoring and control systems to remove these vulnerabilities. A strategy including risk assessment, security policy issues, service level agreements between the IT department and the controls engineering groups must be defined. In addition an increased awareness of IT security in the controls system engineering domain is needed. As consequence of these new factors the control system architectures have to take into account security requirements, that often have an impact on both operational aspects as well as on the project and maintenance cost. Manufacturers of industrial control system equipment do however also propose progressively security related solutions that can be used for our active projects. The paper discusses ...

The development and significance of the DOE Safeguards and Security standards and criteria

International Nuclear Information System (INIS)

Toman, J.

1987-01-01

In October 1985, the DOE Assistant Secretary for Defense Programs created a task force to develop inspection standards and criteria for Safeguards and Security. These standards and criteria (S/C) would provide the DOE Inspection and Evaluation (I and E) teams with the guidance needed to assess the security posture of DOE's nuclear and other important facilities. The Lawrence Livermore National Laboratory was designated the lead management organization for the structuring, administration, and execution of the overall task force effort and appointed the Executive Secretary. The Office of Security Evaluations (OSE) became the responsible DOE organization, and its Director assumed the role of Chairman of the Task Force Executive Committee. At its peak, the Task Force consisted of approximately 200 people who were considered to be experts in eight major topical areas. The composition of the experts was almost evenly divided between DOE and contractor employees. The collective wisdom of these experts was used in a consensus process to develop the S/C that are now published in draft form. These S/C have been used in more than ten inspections since May 1986 with much success. This paper discusses the process used to achieve the desired end result and the significance of the Task Force's accomplishments

[Formula: see text]Determination of the smoking gun of intent: significance testing of forced choice results in social security claimants.

Science.gov (United States)

Binder, Laurence M; Chafetz, Michael D

2018-01-01

Significantly below-chance findings on forced choice tests have been described as revealing "the smoking gun of intent" that proved malingering. The issues of probability levels, one-tailed vs. two-tailed tests, and the combining of PVT scores on significantly below-chance findings were addressed in a previous study, with a recommendation of a probability level of .20 to test the significance of below-chance results. The purpose of the present study was to determine the rate of below-chance findings in a Social Security Disability claimant sample using the previous recommendations. We compared the frequency of below-chance results on forced choice performance validity tests (PVTs) at two levels of significance, .05 and .20, and when using significance testing on individual subtests of the PVTs compared with total scores in claimants for Social Security Disability in order to determine the rate of the expected increase. The frequency of significant results increased with the higher level of significance for each subtest of the PVT and when combining individual test sections to increase the number of test items, with up to 20% of claimants showing significantly below-chance results at the higher p-value. These findings are discussed in light of Social Security Administration policy, showing an impact on policy issues concerning child abuse and neglect, and the importance of using these techniques in evaluations for Social Security Disability.

Results of special security inspection on improvement of security management setup in Head Office and Tsuruga Nuclear Power Station of the Japan Atomic Power Company and improvement of facilities in Tsuruga Nuclear Power Station

International Nuclear Information System (INIS)

1982-01-01

In connection with the series of accidents in the Tsuruga Nuclear Power Station, the Agency of Natural Resources and Energy had instructed JAPC to make comprehensive inspection on the security management setup and to take improvement measures in the nuclear power station. The results of the subsequent inspection by ANRE confirmed that the improvements made by JAPC are adequate, and the following items are described: improvement of security management setup - communication and reporting in emergency, the management of inspection and maintenance records, work control and supervision in repair, improvement, etc., functional authority and responsibility in maintenance management, operation management, radiation control, personnel education; improvement of facilities - feed water heaters, laundry waste-water filter room, radioactive waste treatment facility, general drainage, concentrated waste liquid storage tanks in newly-built waste treatment building, etc. (J.P.N.)

CRYPTO-STEG: A Hybrid Cryptology - Steganography Approach for Improved Data Security

Directory of Open Access Journals (Sweden)

Atif Bin Mansoor

2012-04-01

Full Text Available Internet is a widely used medium for transfer of information due to its reach and ease of availability. However, internet is an insecure medium and any information might be easily intercepted and viewed during its transfer. Different mechanisms like cryptology and steganography are adopted to secure the data communication over an inherently insecure medium like internet. Cryptology scrambles the information in a manner that an unintended recipient cannot easily extract the information, while steganography hides the information in a cover object so that it is transferred unnoticed in the cover. Encrypted data may not be extracted easily but causes a direct suspicion to any observer, while data hidden using steganographic techniques go inconspicuous. Cryptanalysis is the process of attacking the encrypted text to extract the information, while steganalysis is the process of detecting the disguised messages. In literature, both cryptology and steganography are treated separately. In this paper, we present our research on an improved data security paradigm, where data is first encrypted using AES (Advanced Encryption Standard and DES (Data Encryption Standard cryptology algorithms. Both plain and encrypted data is hidden in the images using Model Based and F5 steganographic techniques. Features are extracted in DWT (Discrete Wavelet Transform and DCT (Discrete Cosine Transform domains using higher order statistics for steganalysis, and subsequently used to train a FLD (Fisher Linear Discriminant classifier which is employed to categorize a separate set of images as clean or stego (containing hidden messages. Experimental results demonstrate improved data security using proposed CRYPTO-STEG approach compared to plain text steganography. Results also demonstrate that the Model Based steganography is more secure than the F5 steganography.

National Institute of Justice (NIJ): improving the effectiveness of law enforcement via homeland security technology improvements (Keynote Address)

Science.gov (United States)

Morgan, John S.

2005-05-01

Law enforcement agencies play a key role in protecting the nation from and responding to terrorist attacks. Preventing terrorism and promoting the nation"s security is the Department of Justice"s number one strategic priority. This is reflected in its technology development efforts, as well as its operational focus. The National Institute of Justice (NIJ) is the national focal point for the research, development, test and evaluation of technology for law enforcement. In addition to its responsibilities in supporting day-to-day criminal justice needs in areas such as less lethal weapons and forensic science, NIJ also provides critical support for counter-terrorism capacity improvements in state and local law enforcement in several areas. The most important of these areas are bomb response, concealed weapons detection, communications and information technology, which together offer the greatest potential benefit with respect to improving the ability to law enforcement agencies to respond to all types of crime including terrorist acts. NIJ coordinates its activities with several other key federal partners, including the Department of Homeland Security"s Science and Technology Directorate, the Technical Support Working Group, and the Department of Defense.

Improved Optical Document Security Techniques Based on Volume Holography and Lippmann Photography

Science.gov (United States)

Bjelkhagen, Hans I.

Optical variable devices (OVDs), such as holograms, are now common in the field of document security. Up until now mass-produced embossed holograms or other types of mass-produced OVDs are used not only for banknotes but also for personalized documents, such as passports, ID cards, travel documents, driving licenses, credit cards, etc. This means that identical OVDs are used on documents issued to individuals. Today, there is need for a higher degree of security on such documents and this chapter covers new techniques to make improved mass-produced or personalized OVDs.

Assessing Community Readiness to Reduce Childhood Diarrheal Disease and Improve Food Security in Dioro, Mali

Directory of Open Access Journals (Sweden)

Erica C. Borresen

2016-06-01

Full Text Available Diarrhea and malnutrition represent leading causes of death for children in Mali. Understanding a community’s needs and ideas are critical to ensure the success of prevention and treatment interventions for diarrheal disease, as well as to improve food security to help reduce malnutrition. The objective of this study was to incorporate the Community Readiness Model (CRM for the issues of childhood diarrheal disease and food security in Mali to measure baseline community readiness prior to any program implementation. Thirteen key respondents residing in Dioro, Mali were selected based on varied social roles and demographics and completed two questionnaires on these public health issues. The overall readiness score to reduce childhood diarrheal disease was 5.75 ± 1.0 standard deviation (preparation stage. The overall readiness score to improve food security was 5.5 ± 0.5 standard deviation (preparation stage. The preparation stage indicates that at least some of the community have basic knowledge regarding these issues, and want to act locally to reduce childhood diarrhea and improve food security and nutrition. Proposed activities to increase community readiness on these issues are provided and are broad enough to allow opportunities to implement community- and culturally-specific activities by the Dioro community.

Determinants of Household Food Security in Urban Areas

Directory of Open Access Journals (Sweden)

Sarah Ayu Mutiah

2017-03-01

Full Text Available Food security at household level is a very important precondition to foster the national and regional food security. Many people migrate to urban areas in the hope of improving their welfare. Generally people think that in the city there are more opportunities, but the opposite is true. The problem is more complex in the city especially for people who do not have adequate skills and education. This study aims to address whether  age of household head, household size, education level of household head, income, and distribution of subsidized rice policy affect the food security of urban poor households in Purbalingga district. A hundred respondents were selected from four top villages in urban areas of Purbalingga with the highest level of poverty. Using binary logistic regression, this study finds significant positive effect of education of household head and household income and significant negative effect of household size and raskin on household food security, while age of household head has no significant effect on household food security. The results imply the need for increased awareness of family planning, education, improved skills, and increased control of the implementation of subsidized rice for the poor.

Security assessment in harbours: parameters to be considered

Energy Technology Data Exchange (ETDEWEB)

Romero Faz, D.; Camarero Orive, A.

2016-07-01

The ports are the main node in the supply chain and freight transportation. The terrorist attacks of September 11, 2001 marked a turning point in global security. Following this event, and from then on, there is a widespread fear of an attack on commercial ports. The development of the International Ship and Port Facility Security (ISPS) Code of the International Maritime Organization (IMO), and the implementation of the measures derived from it, have significantly improved security at port facilities. However, the experience in recent decades indicates the need for adjustments in the security assessment, in order to improve risk assessment, which is sometimes either underestimated or overestimated. As a first result of the investigation, new parameters for assessing security are proposed considering new aspects on the basis of an analysis of the main methodologies specific to port facilities, the analysis of surveys of the responsible managers for the security of the Spanish port system, and the analysis of the security statistics obtained through security forces. (Author)

Security Analysis and Improvement of 'a More Secure Anonymous User Authentication Scheme for the Integrated EPR Information System'.

Directory of Open Access Journals (Sweden)

S K Hafizul Islam

Full Text Available Over the past few years, secure and privacy-preserving user authentication scheme has become an integral part of the applications of the healthcare systems. Recently, Wen has designed an improved user authentication system over the Lee et al.'s scheme for integrated electronic patient record (EPR information system, which has been analyzed in this study. We have found that Wen's scheme still has the following inefficiencies: (1 the correctness of identity and password are not verified during the login and password change phases; (2 it is vulnerable to impersonation attack and privileged-insider attack; (3 it is designed without the revocation of lost/stolen smart card; (4 the explicit key confirmation and the no key control properties are absent, and (5 user cannot update his/her password without the help of server and secure channel. Then we aimed to propose an enhanced two-factor user authentication system based on the intractable assumption of the quadratic residue problem (QRP in the multiplicative group. Our scheme bears more securities and functionalities than other schemes found in the literature.

Reducing food wastage, improving food security? An inventory study on stakeholders’ perspectives and the current state

NARCIS (Netherlands)

Tielens, J.; Candel, J.J.L.

2014-01-01

This study is concerned with the relation between food wastage reduction and the improvement of food security. The central question of this inventory study is to what extent interventions to reduce food wastage are effective contributions for food security, in particular for local access in

The Remote Security Station (RSS) final report

International Nuclear Information System (INIS)

Pletta, J.B.; Amai, W.A.; Klarer, P.; Frank, D.; Carlson, J.; Byrne, R.

1992-10-01

The Remote Security Station (RSS) was developed by Sandia National Laboratories for the Defense Nuclear Agency to investigate issues pertaining to robotics and sensor fusion in physical security systems. This final report documents the status of the RSS program at its completion in April 1992. The RSS system consists of the Man Portable Security Station (MaPSS) and the Telemanaged Mobile Security Station (TMSS), which are integrated by the Operator's Control Unit (OCU) into a flexible exterior perimeter security system. The RSS system uses optical, infrared, microwave, and acoustic intrusion detection sensors in conjunction with sensor fusion techniques to increase the probability of detection and to decrease the nuisance alarm rate of the system. Major improvements to the system developed during the final year are an autonomous patrol capability, which allows TMSS to execute security patrols with limited operator interaction, and a neural network approach to sensor fusion, which significantly improves the system's ability to filter out nuisance alarms due to adverse weather conditions

Breaking a chaos-based secure communication scheme designed by an improved modulation method

Energy Technology Data Exchange (ETDEWEB)

Li Shujun [Department of Electronic Engineering, City University of Hong Kong, Kowloon, Hong Kong (China)]. E-mail: hooklee@mail.com; Alvarez, Gonzalo [Instituto de Fisica Aplicada, Consejo Superior de Investigaciones Cientificas, Serrano 144-28006 Madrid (Spain); Chen Guanrong [Department of Electronic Engineering, City University of Hong Kong, Kowloon, Hong Kong (China)

2005-07-01

Recently Bu and Wang [Bu S, Wang B-H. Chaos, Solitons and Fractals 2004;19(4):919-24] proposed a simple modulation method aiming to improve the security of chaos-based secure communications against return-map-based attacks. Soon this modulation method was independently cryptanalyzed by Chee et al. [Chee CY, Xu D, Bishop SR. Chaos, Solitons and Fractals 2004;21(5):1129-34], Wu et al. [Wu X, Hu H, Zhang B. Chaos, Solitons and Fractals 2004;22(2):367-73], and Alvarez et al. [Alvarez G, Montoya F, Romera M, Pastor G. Chaos, Solitons and Fractals, in press, arXiv:nlin/0406065] via different attacks. As an enhancement to the Bu-Wang method, an improving scheme was suggested by Wu et al. by removing the relationship between the modulating function and the zero-points. The present paper points out that the improved scheme proposed by Wu et al. is still insecure against a new attack. Compared with the existing attacks, the proposed attack is more powerful and can also break the original Bu-Wang scheme. Furthermore, it is pointed out that the security of the modulation-based schemes proposed by Wu et al. is not so satisfactory from a pure cryptographical point of view. The synchronization performance of this class of modulation-based schemes is also discussed.

Breaking a chaos-based secure communication scheme designed by an improved modulation method

International Nuclear Information System (INIS)

Li Shujun; Alvarez, Gonzalo; Chen Guanrong

2005-01-01

Recently Bu and Wang [Bu S, Wang B-H. Chaos, Solitons and Fractals 2004;19(4):919-24] proposed a simple modulation method aiming to improve the security of chaos-based secure communications against return-map-based attacks. Soon this modulation method was independently cryptanalyzed by Chee et al. [Chee CY, Xu D, Bishop SR. Chaos, Solitons and Fractals 2004;21(5):1129-34], Wu et al. [Wu X, Hu H, Zhang B. Chaos, Solitons and Fractals 2004;22(2):367-73], and Alvarez et al. [Alvarez G, Montoya F, Romera M, Pastor G. Chaos, Solitons and Fractals, in press, arXiv:nlin/0406065] via different attacks. As an enhancement to the Bu-Wang method, an improving scheme was suggested by Wu et al. by removing the relationship between the modulating function and the zero-points. The present paper points out that the improved scheme proposed by Wu et al. is still insecure against a new attack. Compared with the existing attacks, the proposed attack is more powerful and can also break the original Bu-Wang scheme. Furthermore, it is pointed out that the security of the modulation-based schemes proposed by Wu et al. is not so satisfactory from a pure cryptographical point of view. The synchronization performance of this class of modulation-based schemes is also discussed

Critical Conversations and the Role of Dialogue in Delivering Meaningful Improvements in Safety and Security Culture

International Nuclear Information System (INIS)

Brissette, S.

2016-01-01

Significant scholarship has been devoted to research into safety culture assessment methodologies. These focus on the development, delivery and interpretations of safety culture surveys and other assessment techniques to assure reliable outcomes that provide insights into the safety culture of an organization across multiple dimensions. The lessons from this scholarship can be applied to the emerging area of security culture assessments as the nuclear industry broadens its focus on this topic. The aim of this paper is to discuss the value of establishing mechanisms, immediately after an assessment and regularly between assessments, to facilitate a structured dialogue among leaders around insights derived from an assessment, to enable ongoing improvements in safety and security culture. The leader’s role includes both understanding the current state of culture, the “what is”, and creating regular, open and informed dialogue around their role in shaping the culture to achieve “what should be”.

Improving organisational resilience through enterprise security risk management.

Science.gov (United States)

Petruzzi, John; Loyear, Rachelle

Enterprise Security Risk Management (ESRM) is a new philosophy and method of managing security programmes through the use of traditional risk principles. As a philosophy and life cycle, ESRM is focused on creating a business partnership between security practitioners and business leaders to more effectively provide protection against security risks in line with acceptable risk tolerances as defined by business asset owners and stakeholders. This paper explores the basics of the ESRM philosophy and life cycle and also shows how embracing the ESRM philosophy and implementing a risk-based security management model in the business organisation can lead to higher levels of organisational resilience as desired by organisation leaders, executives and the board of directors.

Security dialogues: building better relationships between security and business

OpenAIRE

Ashenden, Debi; Lawrence, Darren

2016-01-01

In the real world, there's often a discrepancy between an organization's mandated security processes and what actually happens. The social practice of security flourishes in the space between and around formal organizational security processes. By recognizing the value of risk management as a communication tool, security practitioners can tap opportunities to improve the security dialogue with staff.

Security analysis and improvements of authentication and access control in the Internet of Things.

Science.gov (United States)

Ndibanje, Bruce; Lee, Hoon-Jae; Lee, Sang-Gon

2014-08-13

Internet of Things is a ubiquitous concept where physical objects are connected over the internet and are provided with unique identifiers to enable their self-identification to other devices and the ability to continuously generate data and transmit it over a network. Hence, the security of the network, data and sensor devices is a paramount concern in the IoT network as it grows very fast in terms of exchanged data and interconnected sensor nodes. This paper analyses the authentication and access control method using in the Internet of Things presented by Jing et al. (Authentication and Access Control in the Internet of Things. In Proceedings of the 2012 32nd International Conference on Distributed Computing Systems Workshops, Macau, China, 18-21 June 2012, pp. 588-592). According to our analysis, Jing et al.'s protocol is costly in the message exchange and the security assessment is not strong enough for such a protocol. Therefore, we propose improvements to the protocol to fill the discovered weakness gaps. The protocol enhancements facilitate many services to the users such as user anonymity, mutual authentication, and secure session key establishment. Finally, the performance and security analysis show that the improved protocol possesses many advantages against popular attacks, and achieves better efficiency at low communication cost.

An improved smartcard for the South African Social Security Agency (SASSA): A proof of life based solution

CSIR Research Space (South Africa)

Mthethwa, Sthembile

2016-12-01

Full Text Available Conference on Information Science and Security, Pattaya, Thailand, 19 - 22 December 2016 An improved smartcard for the South African Social Security Agency (SASSA): A proof of life based solution Mthethwa, S. Barbour, G. Thinyane, M...

Information Security Service Branding – beyond information security awareness

Directory of Open Access Journals (Sweden)

Rahul Rastogi

2012-12-01

Full Text Available End-users play a critical role in the effective implementation and running of an information security program in any organization. The success of such a program depends primarily on the effective implementation and execution of associated information security policies and controls and the resultant behavior and actions of end-users. However, end-users often have negative perception of information security in the organization and exhibit non-compliance. In order to improve compliance levels, it is vital to improve the image of information security in the minds of end-users. This paper borrows the concepts of brands and branding from the domain of marketing to achieve this objective and applies these concepts to information security. The paper also describes a process for creating the information security service brand in the organization.

Transboundary Water: Improving Methodologies and Developing Integrated Tools to Support Water Security

Science.gov (United States)

Hakimdavar, Raha; Wood, Danielle; Eylander, John; Peters-Lidard, Christa; Smith, Jane; Doorn, Brad; Green, David; Hummel, Corey; Moore, Thomas C.

2018-01-01

River basins for which transboundary coordination and governance is a factor are of concern to US national security, yet there is often a lack of sufficient data-driven information available at the needed time horizons to inform transboundary water decision-making for the intelligence, defense, and foreign policy communities. To address this need, a two-day workshop entitled Transboundary Water: Improving Methodologies and Developing Integrated Tools to Support Global Water Security was held in August 2017 in Maryland. The committee that organized and convened the workshop (the Organizing Committee) included representatives from the National Aeronautics and Space Administration (NASA), the US Army Corps of Engineers Engineer Research and Development Center (ERDC), and the US Air Force. The primary goal of the workshop was to advance knowledge on the current US Government and partners' technical information needs and gaps to support national security interests in relation to transboundary water. The workshop also aimed to identify avenues for greater communication and collaboration among the scientific, intelligence, defense, and foreign policy communities. The discussion around transboundary water was considered in the context of the greater global water challenges facing US national security.

Formulation, computation and improvement of steady state security margins in power systems. Part II: Results

International Nuclear Information System (INIS)

Echavarren, F.M.; Lobato, E.; Rouco, L.; Gomez, T.

2011-01-01

A steady state security margin for a particular operating point can be defined as the distance from this initial point to the secure operating limits of the system. Four of the most used steady state security margins are the power flow feasibility margin, the contingency feasibility margin, the load margin to voltage collapse, and the total transfer capability between system areas. This is the second part of a two part paper. Part I has proposed a novel framework of a general model able to formulate, compute and improve any steady state security margin. In Part II the performance of the general model is validated by solving a variety of practical situations in modern real power systems. Actual examples of the Spanish power system will be used for this purpose. The same computation and improvement algorithms outlined in Part I have been applied for the four security margins considered in the study, outlining the convenience of defining a general framework valid for the four of them. The general model is used here in Part II to compute and improve: (a) the power flow feasibility margin (assessing the influence of the reactive power generation limits in the Spanish power system), (b) the contingency feasibility margin (assessing the influence of transmission and generation capacity in maintaining a correct voltage profile), (c) the load margin to voltage collapse (assessing the location and quantity of loads that must be shed in order to be far away from voltage collapse) and (d) the total transfer capability (assessing the export import pattern of electric power between different areas of the Spanish system). (author)

Formulation, computation and improvement of steady state security margins in power systems. Part II: Results

Energy Technology Data Exchange (ETDEWEB)

Echavarren, F.M.; Lobato, E.; Rouco, L.; Gomez, T. [School of Engineering of Universidad Pontificia Comillas, C/Alberto Aguilera, 23, 28015 Madrid (Spain)

2011-02-15

A steady state security margin for a particular operating point can be defined as the distance from this initial point to the secure operating limits of the system. Four of the most used steady state security margins are the power flow feasibility margin, the contingency feasibility margin, the load margin to voltage collapse, and the total transfer capability between system areas. This is the second part of a two part paper. Part I has proposed a novel framework of a general model able to formulate, compute and improve any steady state security margin. In Part II the performance of the general model is validated by solving a variety of practical situations in modern real power systems. Actual examples of the Spanish power system will be used for this purpose. The same computation and improvement algorithms outlined in Part I have been applied for the four security margins considered in the study, outlining the convenience of defining a general framework valid for the four of them. The general model is used here in Part II to compute and improve: (a) the power flow feasibility margin (assessing the influence of the reactive power generation limits in the Spanish power system), (b) the contingency feasibility margin (assessing the influence of transmission and generation capacity in maintaining a correct voltage profile), (c) the load margin to voltage collapse (assessing the location and quantity of loads that must be shed in order to be far away from voltage collapse) and (d) the total transfer capability (assessing the export import pattern of electric power between different areas of the Spanish system). (author)

Security Analysis and Improvement of ‘a More Secure Anonymous User Authentication Scheme for the Integrated EPR Information System’

Science.gov (United States)

Islam, SK Hafizul; Khan, Muhammad Khurram; Li, Xiong

2015-01-01

Over the past few years, secure and privacy-preserving user authentication scheme has become an integral part of the applications of the healthcare systems. Recently, Wen has designed an improved user authentication system over the Lee et al.’s scheme for integrated electronic patient record (EPR) information system, which has been analyzed in this study. We have found that Wen’s scheme still has the following inefficiencies: (1) the correctness of identity and password are not verified during the login and password change phases; (2) it is vulnerable to impersonation attack and privileged-insider attack; (3) it is designed without the revocation of lost/stolen smart card; (4) the explicit key confirmation and the no key control properties are absent, and (5) user cannot update his/her password without the help of server and secure channel. Then we aimed to propose an enhanced two-factor user authentication system based on the intractable assumption of the quadratic residue problem (QRP) in the multiplicative group. Our scheme bears more securities and functionalities than other schemes found in the literature. PMID:26263401

Collaborating toward improving food security in Nunavut.

Science.gov (United States)

Wakegijig, Jennifer; Osborne, Geraldine; Statham, Sara; Issaluk, Michelle Doucette

2013-01-01

Community members, Aboriginal organizations, public servants and academics have long been describing a desperate situation of food insecurity in the Eastern Canadian Arctic. The Nunavut Food Security Coalition, a partnership of Inuit Organizations and the Government of Nunavut, is collaborating to develop a territorial food security strategy to address pervasive food insecurity in the context of poverty reduction. The Nunavut Food Security Coalition has carried out this work using a community consultation model. The research was collected through community visits, stakeholder consultation and member checking at the Nunavut Food Security Symposium. In this paper, we describe a continuous course of action, based on community engagement and collective action, that has led to sustained political interest in and public mobilization around the issue of food insecurity in Nunavut. The process described in this article is a unique collaboration between multiple organizations that has led to the development of a sustainable partnership that will inform policy development while representing the voice of Nunavummiut.

Biofuels and food security: Micro-evidence from Ethiopia

International Nuclear Information System (INIS)

Negash, Martha; Swinnen, Johan F.M.

2013-01-01

There is considerable controversy about the impact of biofuels on food security in developing countries. A major concern is that biofuels reduce food security by increasing food prices. In this paper we use survey evidence to assess the impact of castor production on poor and food insecure rural households in Ethiopia. About 1/3 of poor farmers have allocated on average 15% of their land to the production of castor beans under contract in biofuel supply chains. Castor production significantly improves their food security: they have fewer months without food and the amount of food they consume increases. Castor cultivation is beneficial for participating households’ food security in several ways: by generating cash income from castor contracts, they can store food for the lean season; castor beans preserve well on the field which allows sales when farmers are in need of cash (or food); spillover effects of castor contracts increases the productivity of food crops. Increased food crop productivity offsets the amount of land used for castor so that the total local food supply is not affected. - Highlights: • We evaluate the impact of biofuel production contracts on farmers’ food security. • We apply endogenous switching regression method on survey data from Ethiopia. • Impact is heterogeneous across groups. • Food security significantly improved for contract participants by 25%. • Spillover effects improve food productivity that offsets the amount of land diverted to biofuel

Analysis and Improvement of Large Payload Bidirectional Quantum Secure Direct Communication Without Information Leakage

Science.gov (United States)

Liu, Zhi-Hao; Chen, Han-Wu

2018-02-01

As we know, the information leakage problem should be avoided in a secure quantum communication protocol. Unfortunately, it is found that this problem does exist in the large payload bidirectional quantum secure direct communication (BQSDC) protocol (Ye Int. J. Quantum. Inf. 11(5), 1350051 2013) which is based on entanglement swapping between any two Greenberger-Horne-Zeilinger (GHZ) states. To be specific, one half of the information interchanged in this protocol is leaked out unconsciously without any active attack from an eavesdropper. Afterward, this BQSDC protocol is revised to the one without information leakage. It is shown that the improved BQSDC protocol is secure against the general individual attack and has some obvious features compared with the original one.

Nuclear safeguards and security: we can do better.

Energy Technology Data Exchange (ETDEWEB)

Johnston, R. G. (Roger G.); Warner, Jon S.; Garcia, A. R. E. (Anthony R. E.); Martinez, R. K. (Ronald K.); Lopez, L. N. (Leon N.); Pacheco, A. N. (Adam N.); Trujillo, S. J. (Sonia J.); Herrera, A. M. (Alicia M.); Bitzer, E. G. (Edward G.), III

2005-01-01

There are a number of practical ways to significantly improve nuclear safeguards and security. These include recognizing and minimizing the insider threat; using adversarial vulnerability assessments to find vulnerabilities and countermeasures; fully appreciating the disparate nature of domestic and international nuclear safeguards; improving tamper detection and tamper-indicating seals; not confusing the inventory and security functions; and recognizing the limitations of GPS tracking, contact memory buttons, and RFID tags. The efficacy of nuclear safeguards depends critically on employing sophisticated security strategies and effective monitoring hardware. The Vulnerability Assessment Team (VAT) at Los Alamos National Laboratory has extensively researched issues associated with nuclear safeguards, especially in the areas of tamper/intrusion detection, transport security, and vulnerability assessments. This paper discusses some of our findings, recommendations, and warnings.

Cryptanalysis and improvement of quantum secure communication network protocol with entangled photons for mobile communications

International Nuclear Information System (INIS)

Gao, Gan

2014-01-01

Recently, a communication protocol called controlled bidirectional quantum secret direct communication for mobile networks was proposed by Chou et al (2014 Mobile Netw. Appl. 19 121). We study the security of the proposed communication protocol and find that it is not secure. The controller, Telecom Company, may eavesdrop secret messages from mobile devices without being detected. Finally, we give a possible improvement of the communication protocol. (paper)

Improving food and nutritional security of small and marginal coconut growers through diversification of crops and enterprises

Directory of Open Access Journals (Sweden)

Maria Luz George

2010-10-01

Full Text Available This paper presents the impact of integrating interventions like nutrition gardening, livestock rearing, product diversification and allied income generation activities in small and marginal coconut homesteads along with nutrition education in improving the food and nutritional security as well as the income of the family members. The activities were carried out through registered Community Based Organizations (CBOs in three locations in Kerala, India during 2005-2008. Data was collected before and after the project periods through interviews using a pre-tested questionnaire containing statements indicating the adequacy, quality and diversity of food materials. Fifty respondents each were randomly selected from the three communities, thereby resulting in a total sample size of 150. The data was analysed using SPSS by adopting statistical tools like frequency, average, percentage analysis, t – test and regression. Participatory planning and implementation of diverse interventions notably intercropping and off-farm activities along with nutrition education brought out significant improvements in the food and nutritional security, in terms of frequency and quantity of consumption as well as diet diversity. At the end of the project, 96%of the members became completely food secure and 72% nutritionally secure. The overall consumption of fruits, vegetables and milk by both children and adults and egg by children recorded increase over the project period. Consumption of fish was more than the Recommended Dietary Intake (RDI level during pre and post project periods. Project interventions like nutrition gardening could bring in surplus consumption of vegetables (35% and fruits (10% than RDI. In spite of the increased consumption of green leafy vegetables and milk and milk products over the project period, the levels of consumption were still below the RDI levels. CBO-wise analysis of the consumption patterns revealed the need for location

Process Control/SCADA system vendor security awareness and security posture.

NARCIS (Netherlands)

Luiijf, H.A.M.; Lüders, S.

2009-01-01

A starting point for the adequate security of process control/SCADA systems is the security awareness and security posture by the manufacturers, vendors, system integrators, and service organisations. The results of a short set of questions indicate that major security improvements are required in

Understanding How the "Open" of Open Source Software (OSS) Will Improve Global Health Security.

Science.gov (United States)

Hahn, Erin; Blazes, David; Lewis, Sheri

2016-01-01

Improving global health security will require bold action in all corners of the world, particularly in developing settings, where poverty often contributes to an increase in emerging infectious diseases. In order to mitigate the impact of emerging pandemic threats, enhanced disease surveillance is needed to improve early detection and rapid response to outbreaks. However, the technology to facilitate this surveillance is often unattainable because of high costs, software and hardware maintenance needs, limited technical competence among public health officials, and internet connectivity challenges experienced in the field. One potential solution is to leverage open source software, a concept that is unfortunately often misunderstood. This article describes the principles and characteristics of open source software and how it may be applied to solve global health security challenges.

What's under the hood? Improving SCADA security with process awareness

OpenAIRE

Chromik, Justyna Joanna; Remke, Anne Katharina Ingrid; Haverkort, Boudewijn R.H.M.

2016-01-01

SCADA networks are an essential part of monitoring and controlling physical infrastructures, such as the power grid. Recent news item show that tampering with the data exchanged in a SCADA network occurs and has severe consequences. A possible way of improving the security of SCADA networks is to use intrusion detection systems. By monitoring and analysing the traffic, it is possible to detect whether information has a legitimate source or was tampered with. However, in many cases the knowled...

Security Analysis and Improvements of Authentication and Access Control in the Internet of Things

Science.gov (United States)

Ndibanje, Bruce; Lee, Hoon-Jae; Lee, Sang-Gon

2014-01-01

Internet of Things is a ubiquitous concept where physical objects are connected over the internet and are provided with unique identifiers to enable their self-identification to other devices and the ability to continuously generate data and transmit it over a network. Hence, the security of the network, data and sensor devices is a paramount concern in the IoT network as it grows very fast in terms of exchanged data and interconnected sensor nodes. This paper analyses the authentication and access control method using in the Internet of Things presented by Jing et al (Authentication and Access Control in the Internet of Things. In Proceedings of the 2012 32nd International Conference on Distributed Computing Systems Workshops, Macau, China, 18–21 June 2012, pp. 588–592). According to our analysis, Jing et al.'s protocol is costly in the message exchange and the security assessment is not strong enough for such a protocol. Therefore, we propose improvements to the protocol to fill the discovered weakness gaps. The protocol enhancements facilitate many services to the users such as user anonymity, mutual authentication, and secure session key establishment. Finally, the performance and security analysis show that the improved protocol possesses many advantages against popular attacks, and achieves better efficiency at low communication cost. PMID:25123464

Fundamental quantitative security in quantum key generation

International Nuclear Information System (INIS)

Yuen, Horace P.

2010-01-01

We analyze the fundamental security significance of the quantitative criteria on the final generated key K in quantum key generation including the quantum criterion d, the attacker's mutual information on K, and the statistical distance between her distribution on K and the uniform distribution. For operational significance a criterion has to produce a guarantee on the attacker's probability of correctly estimating some portions of K from her measurement, in particular her maximum probability of identifying the whole K. We distinguish between the raw security of K when the attacker just gets at K before it is used in a cryptographic context and its composition security when the attacker may gain further information during its actual use to help get at K. We compare both of these securities of K to those obtainable from conventional key expansion with a symmetric key cipher. It is pointed out that a common belief in the superior security of a quantum generated K is based on an incorrect interpretation of d which cannot be true, and the security significance of d is uncertain. Generally, the quantum key distribution key K has no composition security guarantee and its raw security guarantee from concrete protocols is worse than that of conventional ciphers. Furthermore, for both raw and composition security there is an exponential catch-up problem that would make it difficult to quantitatively improve the security of K in a realistic protocol. Some possible ways to deal with the situation are suggested.

Control system security in nuclear power plant

International Nuclear Information System (INIS)

Li Jianghai; Huang Xiaojin

2012-01-01

The digitalization and networking of control systems in nuclear power plants has brought significant improvements in system control, operation and maintenance. However, the highly digitalized control system also introduces additional security vulnerabilities. Moreover, the replacement of conventional proprietary systems with common protocols, software and devices makes these vulnerabilities easy to be exploited. Through the interaction between control systems and the physical world, security issues in control systems impose high risks on health, safety and environment. These security issues may even cause damages of critical infrastructures and threaten national security. The importance of control system security by reviewing several control system security incidents that happened in nuclear power plants was showed in recent years. Several key difficulties in addressing these security issues were described. Finally, existing researches on control system security and propose several promising research directions were reviewed. (authors)

Overview of security culture

International Nuclear Information System (INIS)

Matulanya, M. A.

2014-04-01

Nuclear Security culture concept has been aggressively promoted over the past several years as a tool to improve the physical protection of the nuclear and radioactive materials due to growing threats of catastrophic terrorism and other new security challenges. It is obvious that, the scope of nuclear security and the associated cultures need to be extended beyond the traditional task of protecting weapons-usable materials. The role of IAEA is to strengthen the nuclear security framework globally and in leading the coordination of international activities in this field. Therefore all governments should work closely with the IAEA to take stronger measures to ensure the physical protection, the safety and security of the nuclear and radioactive materials. In the effort to reflect this new realities and concerns, the IAEA in 2008 came up with the document, the Nuclear Security Culture, Nuclear Security Series No. 7, Implementing Guide to the member states which urged every member state to take appropriate measures to promote security culture with respect to nuclear and radioactive materials. The document depicted this cultural approach as the way to protect individual, society and the environment. Among other things, the document defined nuclear security culture as characteristics and attitudes in organizations and of individuals which establishes that, nuclear security issues receives attention warranted by their significance. (au)

Collaborating toward improving food security in Nunavut

Directory of Open Access Journals (Sweden)

Jennifer Wakegijig

2013-08-01

Full Text Available Background. Community members, Aboriginal organizations, public servants and academics have long been describing a desperate situation of food insecurity in the Eastern Canadian Arctic. Objective. The Nunavut Food Security Coalition, a partnership of Inuit Organizations and the Government of Nunavut, is collaborating to develop a territorial food security strategy to address pervasive food insecurity in the context of poverty reduction. Design. The Nunavut Food Security Coalition has carried out this work using a community consultation model. The research was collected through community visits, stakeholder consultation and member checking at the Nunavut Food Security Symposium. Results. In this paper, we describe a continuous course of action, based on community engagement and collective action, that has led to sustained political interest in and public mobilization around the issue of food insecurity in Nunavut. Conclusions. The process described in this article is a unique collaboration between multiple organizations that has led to the development of a sustainable partnership that will inform policy development while representing the voice of Nunavummiut.

Improving food security empowerment in Indonesia- Timor Leste border

Science.gov (United States)

Dewi, G. D. P.; Yustikaningrum, R. V.

2018-03-01

Post Referendum 1999, Indonesia and Timor Leste have a strategic challenge to provide food consistently around the border. This research intended to discover an appropriate strategy to tackle fragility of food security in the land border of Indonesia-Timor Leste, to improve collaborative actions between parties, as well as, opportunity to actualize food cross-border trading between local farmers and factories. For the result, there are two approaches will be applied. First, the empowerment term refers to the strategy of empowerment in strengthening the capability and capacity of human capital as one of the determinant factors of the resilience and self-sufficiency achievement. Second, the gender approach looks at the women and men build confidence, resilience, and independence which one of them through an educational intervention that enable the local people to manage food chain. Atambua is a region count as relatively as high poverty, poor human capital, weak quality and competitiveness of agriculture products, livestock and fishery, SMEs, and infrastructure. Thus, field study research is applied to find the actual and strategic effort aim to lead the achievement of food security and to engage Atambua over food trade to Timor Leste.

The state of improvement of security management setup in the Japan Atomic Power Company and improvement of facilities in its Tsuruga Nuclear Power Station

International Nuclear Information System (INIS)

1982-01-01

In connection with the series of accidents in the Tsuruga Nuclear Power Station of the Japan Atomic Power Company, the state of security management in JAPC and the safety of facilities in the Tsuruga Nuclear Power Station, which have resulted from improvement efforts, are described on the following items: security management setup - communication and reporting in emergency, the management of inspection and maintenance records, work control and supervision in repair, improvement, etc., functional authority and responsibility in maintenance management, operation management, radiation control, personnel education; improvement of facilities - feed water heaters, laundry waste-water filter room, radioactive waste treatment facility, general drainage, concentrated waste liquid storage tanks in newly-built waste treatment building, etc. (Mori, K.)

Improving Timeliness in Real-Time Secure Database Systems

National Research Council Canada - National Science Library

Son, Sang H; David, Rasikan; Thuraisingham, Bhavani

2006-01-01

.... In addition to real-time requirements, security is usually required in many applications. Multilevel security requirements introduce a new dimension to transaction processing in real-time database systems...

Improving the security of optoelectronic delayed feedback system by parameter modulation and system coupling

Science.gov (United States)

Liu, Lingfeng; Miao, Suoxia; Cheng, Mengfan; Gao, Xiaojing

2016-02-01

A coupled system with varying parameters is proposed to improve the security of optoelectronic delayed feedback system. This system is coupled by two parameter-varied optoelectronic delayed feedback systems with chaotic modulation. Dynamics performance results show that this system has a higher complexity compared to the original one. Furthermore, this system can conceal the time delay effectively against the autocorrelation function and delayed mutual information method and can increase the dimension space of secure parameters to resist brute-force attack by introducing the digital chaotic systems.

EFFICIENCY INDICATORS INFORMATION MANAGEMENT IN INTEGRATED SECURITY SYSTEMS

Directory of Open Access Journals (Sweden)

N. S. Rodionova

2014-01-01

Full Text Available Summary. Introduction of information technology to improve the efficiency of security activity leads to the need to consider a number of negative factors associated with in consequence of the use of these technologies as a key element of modern security systems. One of the most notable factor is the exposure to information processes in protection systems security threats. This largely relates to integrated security systems (ISS is the system of protection with the highest level of informatization security functions. Significant damage to protected objects that they could potentially incur as a result of abnormal operation ISS, puts a very actual problem of assessing factors that reduce the efficiency of the ISS to justify the ways and methods to improve it. Because of the nature of threats and blocking distortion of information in the ISS of interest are: the volume undistorted ISF working environment, as a characteristic of data integrity; time access to information as a feature of its availability. This in turn leads to the need to use these parameters as the performance characteristics of information processes in the ISS - the completeness and timeliness of information processing. The article proposes performance indicators of information processes in integrated security systems in terms of optimal control procedures to protect information from unauthorized access. Set the considered parameters allows to conduct comprehensive security analysis of integrated security systems, and to provide recommendations to improve the management of information security procedures in them.

Process Security in Chemical Engineering Education

Science.gov (United States)

Piluso, Cristina; Uygun, Korkut; Huang, Yinlun; Lou, Helen H.

2005-01-01

The threats of terrorism have greatly alerted the chemical process industries to assure plant security at all levels: infrastructure-improvement-focused physical security, information-protection-focused cyber security, and design-and-operation-improvement-focused process security. While developing effective plant security methods and technologies…

Security research roadmap; Security-tutkimuksen roadmap

Energy Technology Data Exchange (ETDEWEB)

Naumanen, M.; Rouhiainen, V. (eds.)

2006-02-15

Requirements for increasing security have arisen in Europe after highly visible and tragic events in Madrid and in London. While responsibility for security rests largely with the national activities, the EU has also started planning a research area .Space and security. as a part of the 7th Framework Programme. As the justification for this research area it has been presented that technology alone can not assure security, but security can not be assured without the support of technology. Furthermore, the justification highlights that security and military research are becoming ever closer. The old separation between civil and military research is decreasing, because it has been noticed that both areas are nowadays utilising the same knowledge. In Finland, there is already now noteworthy entrepreneurship related to security. Although some of the companies are currently only operating in Finland, others are already international leaders in their area. The importance of the security area is increasing and remarkable potential for new growth business areas can already be identified. This however also requires an increase in research efforts. VTT has a broad range of security research ongoing in many technology areas. The main areas have been concentrating on public safety and security, but VTT is participating also in several research projects related to the defence technology. For identifying and defining in more detail the expertise and research goals, the Security research roadmap was developed. The roadmap identified three particularly significant areas related to security. The assurance of critical infrastructure emphasises the protection of energy networks, information networks, water supply, traffic and transport, and obviously also the citizens. For assuring the activities of entrepreneurship, significant areas include the security of production and services, the security of sites and assets, and information security for embedded systems. The most important

Water System Security and Resilience in Homeland Security Research

Science.gov (United States)

EPA's water security research provides tools needed to improve infrastructure security and to recover from an attack or contamination incident involving chemical, biological, or radiological (CBR) agents or weapons.

A Container-based Trusted Multi-level Security Mechanism

Directory of Open Access Journals (Sweden)

Li Xiao-Yong

2017-01-01

Full Text Available Multi-level security mechanism has been widely applied in the military, government, defense and other domains in which information is required to be divided by security-level. Through this type of security mechanism, users at different security levels are provided with information at corresponding security levels. Traditional multi-level security mechanism which depends on the safety of operating system finally proved to be not practical. We propose a container-based trusted multi-level security mechanism in this paper to improve the applicability of the multi-level mechanism. It guarantees multi-level security of the system through a set of multi-level security policy rules and trusted techniques. The technical feasibility and application scenarios are also discussed. The ease of realization, strong practical significance and low cost of our method will largely expand the application of multi-level security mechanism in real life.

TWO-LAYER SECURE PREVENTION MECHANISM FOR REDUCING E-COMMERCE SECURITY RISKS

OpenAIRE

Sen-Tarng Lai

2015-01-01

E-commerce is an important information system in the network and digital age. However, the network intrusion, malicious users, virus attack and system security vulnerabilities have continued to threaten the operation of the e-commerce, making e-commerce security encounter serious test. How to improve ecommerce security has become a topic worthy of further exploration. Combining routine security test and security event detection procedures, this paper proposes the Two-Layer Secure ...

SAFETY AND SECURITY IMPROVEMENT IN PUBLIC TRANSPORTATION BASED ON PUBLIC PERCEPTION IN DEVELOPING COUNTRIES

Directory of Open Access Journals (Sweden)

Tri Basuki JOEWONO

2006-01-01

Three aspects of an improvement agenda are proposed based on the perception data, namely technology, management, and institution. This agenda is clarified by a set of action plans incorporating the responsible parties and a time frame. The action plan is divided into three terms to define a clear goal for each step. The short-term action focuses on the hardware and on preparing further steps, whereas the medium-term action focuses on developing and improving the standard of safety and security. The long-term action focuses on advancing safety and security practices. The effectiveness of this agenda and action plan rests upon a set of assumptions, such as the degree of seriousness from the authoritative institution, fair distribution of information, the availability of reasonable resources, and coordinated and collaborative action from all parties involved to reach the objective.

Improving Information Security Risk Management

Science.gov (United States)

Singh, Anand

2009-01-01

manaOptimizing risk to information to protect the enterprise as well as to satisfy government and industry mandates is a core function of most information security departments. Risk management is the discipline that is focused on assessing, mitigating, monitoring and optimizing risks to information. Risk assessments and analyses are critical…

Nuclear Regulatory Systems in Africa: Improving Safety and Security Culture Through Education and Training

International Nuclear Information System (INIS)

Kazadi Kabuya, F.

2016-01-01

The purpose of this paper is to address the important issue of supporting safety and security culture through an educational and training course program designed both for regulatory staff and licensees. Enhancing the safety and security of nuclear facilities may involve assessing the overall effectiveness of the organization's safety culture. Safety Culture implies steps such as identifying and targeting areas requiring attention, putting emphasis on organizational strengths and weaknesses, human attitudes and behaviours that may positively impact an organization's safety culture, resulting in improving workplace safety and developing and maintaining a high level of awareness within these facilities. Following the terrorist attacks of September 11, 2001, international efforts were made towards achieving such goals. This was realized through meetings, summits and training courses events, with main aim to enhance security at facilities whose activities, if attacked, could impact public health and safety. During regulatory oversight inspections undertaken on some licensee's premises, violations of security requirements were identified. They mostly involved inadequate management oversight of security, lack of a questioning attitude, complacency and mostly inadequate training in both security and safety issues. Using training and education approach as a support to raise awareness on safety and security issues in the framework of improving safety and security culture, a tentative training program in nuclear and radiological safety was started in 2002 with the main aim of vulgarizing the regulatory framework. Real first needs for a training course program were identified among radiographers and radiologists with established working experience but with limited knowledge in radiation safety. In the field of industrial uses of radiation the triggering events for introducing and implementing a training program were: the loss of a radioactive source in a mining

Effect of Policy Interventions on Food Security in Tigray, Northern Ethiopia

Directory of Open Access Journals (Sweden)

Anne van der Veen

2011-03-01

Full Text Available Following the design of a conservation-based agricultural development strategy and food security strategy, the Tigray government has implemented different pro-poor development programs over the past years to address the problems of food security. This study attempts to investigate the effectiveness of government policy interventions at different scales addressed to improve food security. Food security both at the regional and district level was investigated by deriving food balance sheets for the period 2000-2008. An empirical analysis based on a logit model was also employed to analyze household level food security status. The results of the logit model reveal that government policy interventions such as water harvesting schemes, employment generation schemes, and promotion of technology adoption significantly contribute to a higher likelihood of household food security status. The findings of the food balance sheet also indicate that the region has made some impressive development gains in improving regional food self-sufficiency, indicating the importance of government interventions in improving food security both at the household and regional level.

Cloud Computing Security Model with Combination of Data Encryption Standard Algorithm (DES) and Least Significant Bit (LSB)

Science.gov (United States)

Basri, M.; Mawengkang, H.; Zamzami, E. M.

2018-03-01

Limitations of storage sources is one option to switch to cloud storage. Confidentiality and security of data stored on the cloud is very important. To keep up the confidentiality and security of such data can be done one of them by using cryptography techniques. Data Encryption Standard (DES) is one of the block cipher algorithms used as standard symmetric encryption algorithm. This DES will produce 8 blocks of ciphers combined into one ciphertext, but the ciphertext are weak against brute force attacks. Therefore, the last 8 block cipher will be converted into 8 random images using Least Significant Bit (LSB) algorithm which later draws the result of cipher of DES algorithm to be merged into one.

Forensic nursing in secure environments.

Science.gov (United States)

Shelton, Deborah

2009-01-01

There are few well-designed studies of corrections or prison nursing roles. This study seeks to describe the corrections or prison role of forensic nurses in the United States who provide care in secure environments. National data detailing the scope of practice in secure environments are limited. This pencil and paper survey describes the roles of 180 forensic nurses from 14 states who work in secure environments. Descriptive statistics are utilized. A repeated measures ANOVA with post hoc analyses was implemented. These nurses were older than average in age, but had 10 years or less experience in forensic nursing practice. Two significant roles emerged to "promote and implement principles that underpin effective quality and practice" and to "assess, develop, implement, and improve programs of care for individuals." Significant roles varied based upon the security classification of the unit or institution in which the nurses were employed. Access to information about these nurses and their nursing practice was difficult in these closed systems. Minimal data are available nationally, indicating a need for collection of additional data over time to examine changes in role. It is through such developments that forensic nursing provided in secure environments will define its specialization and attract the attention it deserves.

Leveraging Safety Programs to Improve and Support Security Programs

Energy Technology Data Exchange (ETDEWEB)

Leach, Janice [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Snell, Mark K. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Pratt, R. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Sandoval, S. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

2015-10-01

There has been a long history of considering Safety, Security, and Safeguards (3S) as three functions of nuclear security design and operations that need to be properly and collectively integrated with operations. This paper specifically considers how safety programmes can be extended directly to benefit security as part of an integrated facility management programme. The discussion will draw on experiences implementing such a programme at Sandia National Laboratories’ Annular Research Reactor Facility. While the paper focuses on nuclear facilities, similar ideas could be used to support security programmes at other types of high-consequence facilities and transportation activities.

Improvement on Quantum Secure Direct Communication with W State in Noisy Channel

International Nuclear Information System (INIS)

Dong Li; Xiu Xiaoming; Gao Yajun; Chi Feng

2009-01-01

An improvement (Y-protocol) [Commun. Theor. Phys. 49 (2008) 103] on the quantum secure direct communication with W state (C-protocol) [Chin. Phys. Lett. 23 (2006) 290] is proposed by Yuan et al. The quantum bit error rate induced by eavesdropper is 4.17% in C-protocol and 6.25% in Y-protocol. In this paper, another improvement on C-protocol is given. The quantum bit error rate of the eavesdropping will increase to 8.75%, which is 1.1 times larger than that in C-protocol and 0.4 times larger than that in Y-protocol.

Improving the Security of Internet Banking Applications by Using Multimodal Biometrics

Directory of Open Access Journals (Sweden)

Cătălin Lupu

2015-03-01

Full Text Available Online banking applications are used by more and more people all over the world. Most of the banks are providing these services to their customers. The authentication methods varies from the basic user and password to username and a onetime password (OTP generated by a virtual or a physical digipass. The common thing among authentication methods is that the login wepage is provided through a secure channel. Some banks have introduced (especially for testing purposes the authentication using common biometric characteristics, like fingerprint, voice or keystroke recognition. This paper will present some of the most common online banking authentication methods, together with basic biometric characteristics that could be used in these applications. The security in internet banking applications can be improved by using biometrics for the authentication process. Also, the authors have developed an application for authentication of users using fingerprint as the main characteristic, which will be presented at the end of this paper.

Using automatic identification system technology to improve maritime border security

OpenAIRE

Lindstrom, Tedric R.

2014-01-01

Approved for public release; distribution is unlimited Our coastal waters are the United States’ most open and vulnerable borders. This vast maritime domain harbors critical threats from terrorism, criminal activities, and natural disasters. Maritime borders pose significant security challenges, as nefarious entities have used small boats to conduct illegal activities for years, and they continue to do so today. Illegal drugs, money, weapons, and migrants flow both directions across our ma...

Urban Ecological Security Simulation and Prediction Using an Improved Cellular Automata (CA) Approach-A Case Study for the City of Wuhan in China.

Science.gov (United States)

Gao, Yuan; Zhang, Chuanrong; He, Qingsong; Liu, Yaolin

2017-06-15

Ecological security is an important research topic, especially urban ecological security. As highly populated eco-systems, cities always have more fragile ecological environments. However, most of the research on urban ecological security in literature has focused on evaluating current or past status of the ecological environment. Very little literature has carried out simulation or prediction of future ecological security. In addition, there is even less literature exploring the urban ecological environment at a fine scale. To fill-in the literature gap, in this study we simulated and predicted urban ecological security at a fine scale (district level) using an improved Cellular Automata (CA) approach. First we used the pressure-state-response (PSR) method based on grid-scale data to evaluate urban ecological security. Then, based on the evaluation results, we imported the geographically weighted regression (GWR) concept into the CA model to simulate and predict urban ecological security. We applied the improved CA approach in a case study-simulating and predicting urban ecological security for the city of Wuhan in Central China. By comparing the simulated ecological security values from 2010 using the improved CA model to the actual ecological security values of 2010, we got a relatively high value of the kappa coefficient, which indicates that this CA model can simulate or predict well future development of ecological security in Wuhan. Based on the prediction results for 2020, we made some policy recommendations for each district in Wuhan.

Urban Ecological Security Simulation and Prediction Using an Improved Cellular Automata (CA) Approach—A Case Study for the City of Wuhan in China

Science.gov (United States)

Gao, Yuan; Zhang, Chuanrong; He, Qingsong; Liu, Yaolin

2017-01-01

Ecological security is an important research topic, especially urban ecological security. As highly populated eco-systems, cities always have more fragile ecological environments. However, most of the research on urban ecological security in literature has focused on evaluating current or past status of the ecological environment. Very little literature has carried out simulation or prediction of future ecological security. In addition, there is even less literature exploring the urban ecological environment at a fine scale. To fill-in the literature gap, in this study we simulated and predicted urban ecological security at a fine scale (district level) using an improved Cellular Automata (CA) approach. First we used the pressure-state-response (PSR) method based on grid-scale data to evaluate urban ecological security. Then, based on the evaluation results, we imported the geographically weighted regression (GWR) concept into the CA model to simulate and predict urban ecological security. We applied the improved CA approach in a case study—simulating and predicting urban ecological security for the city of Wuhan in Central China. By comparing the simulated ecological security values from 2010 using the improved CA model to the actual ecological security values of 2010, we got a relatively high value of the kappa coefficient, which indicates that this CA model can simulate or predict well future development of ecological security in Wuhan. Based on the prediction results for 2020, we made some policy recommendations for each district in Wuhan. PMID:28617348

Securing Chinese nuclear power development: further strengthening nuclear security

International Nuclear Information System (INIS)

Zhang Hui

2014-01-01

Chinese President Xi Jinping addresses China's new concept of nuclear security with four 'equal emphasis' at the third Nuclear Security Summit, and makes four commitments to strengthen nuclear security in the future. To convert President Xi's political commitments into practical, sustainable reality, China should take further steps to install a complete, reliable, and effective security system to ensure that all its nuclear materials and nuclear facilities are effectively protected against the full spectrum of plausible terrorist and criminal threats. This paper suggests the following measures be taken to improve China's existing nuclear security system, including updating and clarifying the requirements for a national level DBT; updating and enforcing existing regulations; further promoting nuclear security culture; balancing the costs of nuclear security, and further strengthening international cooperation on nuclear security. (author)

An improved and effective secure password-based authentication and key agreement scheme using smart cards for the telecare medicine information system.

Science.gov (United States)

Das, Ashok Kumar; Bruhadeshwar, Bezawada

2013-10-01

Recently Lee and Liu proposed an efficient password based authentication and key agreement scheme using smart card for the telecare medicine information system [J. Med. Syst. (2013) 37:9933]. In this paper, we show that though their scheme is efficient, their scheme still has two security weaknesses such as (1) it has design flaws in authentication phase and (2) it has design flaws in password change phase. In order to withstand these flaws found in Lee-Liu's scheme, we propose an improvement of their scheme. Our improved scheme keeps also the original merits of Lee-Liu's scheme. We show that our scheme is efficient as compared to Lee-Liu's scheme. Further, through the security analysis, we show that our scheme is secure against possible known attacks. In addition, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool to show that our scheme is secure against passive and active attacks.

Parliamentary control of security information agency in terms of security culture: State and problems

Directory of Open Access Journals (Sweden)

Radivojević Nenad

2013-01-01

Full Text Available Even though security services have the same function as before, today they have different tasks and significantly more work than before. Modern security problems of the late 20th and early 21st century require states to reorganize their security services, adapting them to the new changes. The reorganization involves, among other things, giving wider powers of the security services, in order to effectively counter the growing and sophisticated security threats, which may also lead to violations of human rights and freedoms. It is therefore necessary to define the right competence, organization, authority and control of these services. In democratic countries, there are several institutions with different levels of control of security services. Parliament is certainly one of the most important institutions in that control, both in the world and in our country. Powers, finance, the use of special measures and the nature and scope of work of the Security Information Agency are certainly object of the control of the National Assembly. What seems to be the problem is achieving a balance between the need for control of security services and security services to have effective methods for combating modern security problems. This paper presents the legal framework related to the National Assembly control of the Security Intelligence Agency, as well as the practical problems associated with this type of control. We analyzed the role of security culture as one of the factors of that control. In this regard, it provides guidance for the practical work of the members of parliament who control the Security Intelligence Agency, noting in particular the importance of and the need for continuous improvement of security culture representatives.

A case for avoiding security-enhanced HTTP tools to improve security for Web-based applications

Energy Technology Data Exchange (ETDEWEB)

Wood, B.

1996-03-01

This paper describes some of the general weaknesses of the current popular Hypertext Transmission Protocol (HTTP) security standards and products in an effort to show that these standards are not appealing for many applications. The author will then show how one can treat HTTP browsers and servers as untrusted elements in the network so that one can rely on other mechanisms to achieve better overall security than can be attained through today`s security-enhanced HTTP tools.

Teaching Information Security with Workflow Technology--A Case Study Approach

Science.gov (United States)

He, Wu; Kshirsagar, Ashish; Nwala, Alexander; Li, Yaohang

2014-01-01

In recent years, there has been a significant increase in the demand from professionals in different areas for improving the curricula regarding information security. The use of authentic case studies in teaching information security offers the potential to effectively engage students in active learning. In this paper, the authors introduce the…

Cryptanalyzing an improved security modulated chaotic encryption scheme using ciphertext absolute value

International Nuclear Information System (INIS)

Alvarez, G.; Montoya, F.; Romera, M.; Pastor, G.

2005-01-01

This paper describes the security weakness of a recently proposed improved chaotic encryption method based on the modulation of a signal generated by a chaotic system with an appropriately chosen scalar signal. The aim of the improvement is to avoid the breaking of chaotic encryption schemes by means of the return map attack introduced by Perez and Cerdeira. A method of attack based on taking the absolute value of the ciphertext is presented, that allows for the cancellation of the modulation scalar signal and the determination of some system parameters that play the role of system key. The proposed improved method is shown to be compromised without any knowledge of the chaotic system parameter values and even without knowing the transmitter structure

Analysis of Security Protocols for Mobile Healthcare.

Science.gov (United States)

Wazid, Mohammad; Zeadally, Sherali; Das, Ashok Kumar; Odelu, Vanga

2016-11-01

Mobile Healthcare (mHealth) continues to improve because of significant improvements and the decreasing costs of Information Communication Technologies (ICTs). mHealth is a medical and public health practice, which is supported by mobile devices (for example, smartphones) and, patient monitoring devices (for example, various types of wearable sensors, etc.). An mHealth system enables healthcare experts and professionals to have ubiquitous access to a patient's health data along with providing any ongoing medical treatment at any time, any place, and from any device. It also helps the patient requiring continuous medical monitoring to stay in touch with the appropriate medical staff and healthcare experts remotely. Thus, mHealth has become a major driving force in improving the health of citizens today. First, we discuss the security requirements, issues and threats to the mHealth system. We then present a taxonomy of recently proposed security protocols for mHealth system based on features supported and possible attacks, computation cost and communication cost. Our detailed taxonomy demonstrates the strength and weaknesses of recently proposed security protocols for the mHealth system. Finally, we identify some of the challenges in the area of security protocols for mHealth systems that still need to be addressed in the future to enable cost-effective, secure and robust mHealth systems.

Technologies to counter aviation security threats

Science.gov (United States)

Karoly, Steve

2017-11-01

The Aviation and Transportation Security Act (ATSA) makes TSA responsible for security in all modes of transportation, and requires that TSA assess threats to transportation, enforce security-related regulations and requirements, and ensure the adequacy of security measures at airports and other transportation facilities. Today, TSA faces a significant challenge and must address a wide range of commercial, military grade, and homemade explosives and these can be presented in an infinite number of configurations and from multiple vectors. TSA screens 2 million passengers and crew, and screens almost 5 million carry-on items and 1.2 million checked bags daily. As TSA explores new technologies for improving efficiency and security, those on the forefront of research and development can help identify unique and advanced methods to combat terrorism. Research and Development (R&D) drives the development of future technology investments that can address an evolving adversary and aviation threat. The goal is to rethink the aviation security regime in its entirety, and rather than focusing security at particular points in the enterprise, distribute security from the time a reservation is made to the time a passenger boards the aircraft. The ultimate objective is to reengineer aviation security from top to bottom with a continued focus on increasing security throughout the system.

Mobile communication security

NARCIS (Netherlands)

Broek, F.M.J. van den

2016-01-01

Security of the mobile network Fabian van den Broek We looked at the security of the wireless connection between mobile phone and cell towers and suggested possible improvements. The security was analysed on a design level, by looking at the protocols and encryption techniques, but also on an

Multimedia Security System for Security and Medical Applications

Science.gov (United States)

Zhou, Yicong

2010-01-01

This dissertation introduces a new multimedia security system for the performance of object recognition and multimedia encryption in security and medical applications. The system embeds an enhancement and multimedia encryption process into the traditional recognition system in order to improve the efficiency and accuracy of object detection and…

Information Security: USDA Needs to Implement Its Departmentwide Information Security Plan

National Research Council Canada - National Science Library

2000-01-01

USDA has taken positive steps to begin improving its information security by developing its August 1999 Action Plan with recommendations to strengthen department-wide information security and hiring...

When Information Improves Information Security

Science.gov (United States)

Grossklags, Jens; Johnson, Benjamin; Christin, Nicolas

This paper presents a formal, quantitative evaluation of the impact of bounded-rational security decision-making subject to limited information and externalities. We investigate a mixed economy of an individual rational expert and several naïve near-sighted agents. We further model three canonical types of negative externalities (weakest-link, best shot and total effort), and study the impact of two information regimes on the threat level agents are facing.

Hill Cipher and Least Significant Bit for Image Messaging Security

Directory of Open Access Journals (Sweden)

Muhammad Husnul Arif

2016-02-01

Full Text Available Exchange of information through cyberspace has many benefits as an example fast estimated time, unlimited physical distance and space limits, etc. But in these activities can also pose a security risk for confidential information. It is necessary for the safety that can be used to protect data transmitted through the Internet. Encryption algorithm that used to encrypt message to be sent (plaintext into messages that have been randomized (ciphertext is cryptography and steganography algorithms. In application of cryptographic techniques that will be used is Hill Cipher. The technique is combined with steganography techniques Least Significant Bit. The result of merging techniques can maintain the confidentiality of messages because people who do not know the secret key used will be difficult to get the message contained in the stego-image and the image that has been inserted can not be used as a cover image. Message successfully inserted and extracted back on all samples with a good image formats * .bmp, * .png , * .jpg at a resolution of 512 x 512 pixels , 256 x 256 pixels. MSE and PSNR results are not influenced file format or file size, but influenced by dimensions of image. The larger dimensions of the image, then the smaller MSE that means error of image gets smaller.

[Tourism ecological security early warning of Zhangjiajie, China based on the improved TOPSIS method and the grey GM (1,1)model].

Science.gov (United States)

Xu, Mei; Liu, Chun la; Li, Dan; Zhong, Xiao Lin

2017-11-01

Tourism ecological security early warning is of great significance both to the coordination of ecological environment protection and tourism industry rapid development in tourism destination, and the sustainable and healthy development of regional social and economy. Firstly, based on the DPSIR model, the tourism ecological security early warning index system of Zhangjiajie was constructed from 5 aspects, which were driving force, pressure, state, impact and response. Then, by using the improved TOPSIS method, the tourism ecological security situation of Zhangjiajie from 2001 to 2014 was analyzed. Lastly, by using the grey GM (1,1) model, the tourism ecological security evolution trend of 2015-2020 was predicted. The results indicated that, on the whole, the close degree of Zhangjiajie's tourism ecological security showed a slightly upward trend during 2001-2014, the warning degree was the moderate warning. In terms of each subsystem, warning degree of the driving force system and the pressure system of Zhangjiajie's tourism ecological secu-rity were on the rise, which evolved from light warning to heavy warning; warning degree of the state system and the impact system had not changed so much, and had been in the moderate warning; warning degree of the response system was on the decline, which changed from huge warning to no warning during 2001-2014. According to the current development trend, the close degree of Zhangjiajie's tourism ecological security would rise further in 2015-2020, and the warning degree would turn from moderate warning into light warning, but the task of coordinating the relationship between tourism development and ecological construction and environmental protection would be still arduous.

An Analysis Of Wireless Security

OpenAIRE

Salendra Prasad

2017-01-01

The WLAN security includes Wired Equivalent Primary WEP and WI-FI protected Access WPA. Today WEP is regarded as very poor security standard. WEP was regarded as very old security standard and has many security issues which users need to be addressed. In this Paper we will discuss Wireless Security and ways to improve on wireless security.

About Security Solutions in Fog Computing

Directory of Open Access Journals (Sweden)

Eugen Petac

2016-01-01

Full Text Available The key for improving a system's performance, its security and reliability is to have the dataprocessed locally in remote data centers. Fog computing extends cloud computing through itsservices to devices and users at the edge of the network. Through this paper it is explored the fogcomputing environment. Security issues in this area are also described. Fog computing providesthe improved quality of services to the user by complementing shortages of cloud in IoT (Internet ofThings environment. Our proposal, named Adaptive Fog Computing Node Security Profile(AFCNSP, which is based security Linux solutions, will get an improved security of fog node withrich feature sets.

A Stochastic Model for Improving Information Security in Supply Chain Systems

OpenAIRE

Ibrahim Al Kattan; Ahmed Al Nunu; Kassem Saleh

2009-01-01

This article presents a probabilistic security model for supply chain management systems (SCM) in which the basic goals of security (including confidentiality, integrity, availability and accountability, CIAA) are modeled and analyzed. Consequently, the weak points in system security are identified. A stochastic model using measurable values to describe the information system security of a SCM is introduced. Information security is a crucial and integral part of the network of supply chains. ...

Security Analysis of Dynamic SDN Architectures Based on Game Theory

Directory of Open Access Journals (Sweden)

Chao Qi

2018-01-01

Full Text Available Security evaluation of SDN architectures is of critical importance to develop robust systems and address attacks. Focused on a novel-proposed dynamic SDN framework, a game-theoretic model is presented to analyze its security performance. This model can represent several kinds of players’ information, simulate approximate attack scenarios, and quantitatively estimate systems’ reliability. And we explore several typical game instances defined by system’s capability, players’ objects, and strategies. Experimental results illustrate that the system’s detection capability is not a decisive element to security enhancement as introduction of dynamism and redundancy into SDN can significantly improve security gain and compensate for its detection weakness. Moreover, we observe a range of common strategic actions across environmental conditions. And analysis reveals diverse defense mechanisms adopted in dynamic systems have different effect on security improvement. Besides, the existence of equilibrium in particular situations further proves the novel structure’s feasibility, flexibility, and its persistent ability against long-term attacks.

Threats or threads: from usable security to secure experience

DEFF Research Database (Denmark)

Bødker, Susanne; Mathiasen, Niels Raabjerg

2008-01-01

While the domain of security dependent technologies brings new challenges to HCI research it seems that the results and breakthroughs of HCI have not been used in design of security dependent technologies. With exceptions, work in the research field of usable security may be criticized for focusing...... mainly on adjusting user behavior to behave securely. With our background in newer HCI perspectives we address secure interaction from the perspective of security technology as experience. We analyze a number of collected user stories to understand what happens when everyday users encounter security...... dependent technologies. We apply McCarthy & Wright's [12] experience framework to the security domain and our collected stories. We point out that there are significant differences between being secure and having a secure experience, and conclude that classical usable security, focus on people's immediate...

Computer Security: improve software, avoid blunder

CERN Multimedia

Computer Security Team

2014-01-01

Recently, a severe vulnerability has been made public about how Apple devices are wrongly handling encryption. This vulnerability rendered SSL/TLS protection useless, and permitted attackers checking out a wireless network to capture or modify data in encrypted sessions.   In other words, all confidential data like passwords, banking information, etc. could have been siphoned off by a targeted attack. While Apple has been quick in providing adequate security patches for iOS devices and Macs, it is an excellent example of how small mistakes can lead to big security holes. Here is the corresponding code from Apple’s Open Source repository. Can you spot the issue? 1 static OSStatus 2 SSLVerifySignedServerKeyExchange(SSLContext *ctx, bool isRsa, SSLBuffer signedParams, uint8_t *signature, UInt16 signatureLen) 3 { 4              OSStatus &nb...

Simple algorithm for improved security in the FDDI protocol

Science.gov (United States)

Lundy, G. M.; Jones, Benjamin

1993-02-01

We propose a modification to the Fiber Distributed Data Interface (FDDI) protocol based on a simple algorithm which will improve confidential communication capability. This proposed modification provides a simple and reliable system which exploits some of the inherent security properties in a fiber optic ring network. This method differs from conventional methods in that end to end encryption can be facilitated at the media access control sublayer of the data link layer in the OSI network model. Our method is based on a variation of the bit stream cipher method. The transmitting station takes the intended confidential message and uses a simple modulo two addition operation against an initialization vector. The encrypted message is virtually unbreakable without the initialization vector. None of the stations on the ring will have access to both the encrypted message and the initialization vector except the transmitting and receiving stations. The generation of the initialization vector is unique for each confidential transmission and thus provides a unique approach to the key distribution problem. The FDDI protocol is of particular interest to the military in terms of LAN/MAN implementations. Both the Army and the Navy are considering the standard as the basis for future network systems. A simple and reliable security mechanism with the potential to support realtime communications is a necessary consideration in the implementation of these systems. The proposed method offers several advantages over traditional methods in terms of speed, reliability, and standardization.

Integrating Visual Mnemonics and Input Feedback With Passphrases to Improve the Usability and Security of Digital Authentication.

Science.gov (United States)

Juang, Kevin; Greenstein, Joel

2018-04-01

We developed a new authentication system based on passphrases instead of passwords. Our new system incorporates a user-generated mnemonic picture displayed during login, definition tooltips, error correction to reduce typographical errors, a decoy-based input masking technique, and random passphrase generation using either a specialized wordlist or a sentence template. Passphrases exhibit a greater level of security than traditional passwords, but their wider adoption has been hindered by human factors issues. Our assertion is that the added features of our system work particularly well with passphrases and help address these shortcomings. We conducted a study to evaluate our new system with a customized 1,450-word list and our new system with a 6-word sentence structure against the control conditions of a user-created passphrase of at least 24 characters and a system-generated passphrase using a 10,326-word list. Fifty participants completed two sessions so that we could measure the usability and security of the authentication schemes. With the new system conditions, memorability was improved, and security was equivalent to or better than the control conditions. Usability and overall ratings also favored the new system conditions over the control conditions. Our research presents a new authentication system using innovative techniques that improve on the usability and security of existing password and passphrase authentication systems. In computer security, drastic changes should never happen overnight, but we recommend that our contributions be incorporated into current authentication systems to help facilitate a transition from passwords to usable passphrases.

Security and SCADA protocols

International Nuclear Information System (INIS)

Igure, V. M.; Williams, R. D.

2006-01-01

Supervisory control and data acquisition (SCADA) networks have replaced discrete wiring for many industrial processes, and the efficiency of the network alternative suggests a trend toward more SCADA networks in the future. This paper broadly considers SCADA to include distributed control systems (DCS) and digital control systems. These networks offer many advantages, but they also introduce potential vulnerabilities that can be exploited by adversaries. Inter-connectivity exposes SCADA networks to many of the same threats that face the public internet and many of the established defenses therefore show promise if adapted to the SCADA differences. This paper provides an overview of security issues in SCADA networks and ongoing efforts to improve the security of these networks. Initially, a few samples from the range of threats to SCADA network security are offered. Next, attention is focused on security assessment of SCADA communication protocols. Three challenges must be addressed to strengthen SCADA networks. Access control mechanisms need to be introduced or strengthened, improvements are needed inside of the network to enhance security and network monitoring, and SCADA security management improvements and policies are needed. This paper discusses each of these challenges. This paper uses the Profibus protocol as an example to illustrate some of the vulnerabilities that arise within SCADA networks. The example Profibus security assessment establishes a network model and an attacker model before proceeding to a list of example attacks. (authors)

Information security management: a proposal to improve the effectiveness of information security in the scientific research environment

International Nuclear Information System (INIS)

Alexandria, Joao Carlos Soares de

2009-01-01

The increase of the connectivity in the business environment, combined with the growing dependency of information systems, has become the information security management an important governance tool. Information security has as main goal to protect the business transactions in order to work normally. In this way, It will be safeguarding the business continuity. The threats of information come from hackers' attacks, electronic frauds and spying, as well as fire, electrical energy interruption and humans fault. Information security is made by implementation of a set of controls, including of the others politics, processes, procedures, organizational structures, software and hardware, which require a continuous management and a well established structure to be able to face such challenges. This work tried to search the reasons why the organizations have difficulties to make a practice of information security management. Many of them just limit to adopt points measures, sometimes they are not consistent with their realities. The market counts on enough quantity of standards and regulations related to information security issues, for example, ISO/IEC 27002, American Sarbanes-Oxley act, Basel capital accord, regulations from regulatory agency (such as the Brazilians ones ANATEL, ANVISA and CVM). The market researches have showed that the information security implementation is concentrated on a well-defined group of organization mainly formed by large companies and from specifics sectors of economy, for example, financial and telecommunication. However, information security must be done by all organizations that use information systems to carry out their activities, independently of its size or economic area that it belongs. The situation of information security in the governmental sector of Brazil, and inside its research institutions, is considered worrying by the Brazilian Court of Accounts (TCU). This research work presents an assessment and diagnostic proposal of

Genetically Engineered Crops and Certified Organic Agriculture for Improving Nutrition Security in Africa and South Asia.

Science.gov (United States)

Pray, Carl; Ledermann, Samuel

2016-01-01

In Africa and South Asia, where nutrition insecurity is severe, two of the most prominent production technologies are genetically modified (GM) crops and certified organic agriculture. We analyze the potential impact pathways from agricultural production to nutrition. Our review of data and the literature reveals increasing farm-level income from cash crop production as the main pathway by which organic agriculture and GM agriculture improve nutrition. Potential secondary pathways include reduced prices of important food crops like maize due to GM maize production and increased food production using organic technology. Potential tertiary pathways are improvements in health due to reduced insecticide use. Challenges to the technologies achieving their impact include the politics of GM agriculture and the certification costs of organic agriculture. Given the importance of agricultural production in addressing nutrition security, accentuated by the post-2015 sustainable development agenda, the chapter concludes by stressing the importance of private and public sector research in improving the productivity and adoption of both GM and organic crops. In addition, the chapter reminds readers that increased farm income and productivity require complementary investments in health, education, food access and women's empowerment to actually improve nutrition security. © 2016 S. Karger AG, Basel.

Grid Security

CERN Multimedia

CERN. Geneva

2004-01-01

The aim of Grid computing is to enable the easy and open sharing of resources between large and highly distributed communities of scientists and institutes across many independent administrative domains. Convincing site security officers and computer centre managers to allow this to happen in view of today's ever-increasing Internet security problems is a major challenge. Convincing users and application developers to take security seriously is equally difficult. This paper will describe the main Grid security issues, both in terms of technology and policy, that have been tackled over recent years in LCG and related Grid projects. Achievements to date will be described and opportunities for future improvements will be addressed.

Hacking and securing the AR.Drone 2.0 quadcopter: investigations for improving the security of a toy

Science.gov (United States)

Pleban, Johann-Sebastian; Band, Ricardo; Creutzburg, Reiner

2014-02-01

In this article we describe the security problems of the Parrot AR.Drone 2.0 quadcopter. Due to the fact that it is promoted as a toy with low acquisition costs, it may end up being used by many individuals which makes it a target for harmful attacks. In addition, the videostream of the drone could be of interest for a potential attacker due to its ability of revealing confidential information. Therefore, we will perform a security threat analysis on this particular drone. We will set the focus mainly on obvious security vulnerabilities like the unencrypted Wi-Fi connection or the user management of the GNU/Linux operating system which runs on the drone. We will show how the drone can be hacked in order to hijack the AR.Drone 2.0. Our aim is to sensitize the end-user of AR.Drones by describing the security vulnerabilities and to show how the AR.Drone 2.0 could be secured from unauthorized access. We will provide instructions to secure the drones Wi-Fi connection and its operation with the official Smartphone App and third party PC software.

Pattern and security requirements engineering-based establishment of security standards

CERN Document Server

Beckers, Kristian

2015-01-01

Security threats are a significant problem for information technology companies today. This book focuses on how to mitigate these threats by using security standards and provides ways to address associated problems faced by engineers caused by ambiguities in the standards. The security standards are analysed, fundamental concepts of the security standards presented, and the relations to the elementary concepts of security requirements engineering (SRE) methods explored. Using this knowledge, engineers can build customised methods that support the establishment of security standards. Standard

The Efficiency of Improvement of the Economic Security System of Ukraine

Directory of Open Access Journals (Sweden)

Klunko Nataliya S.

2017-09-01

Full Text Available An analysis of approaches to the formation of efficiency of ensuring economic security was carried out. The essence of economic security has been defined and its material base has been described. Threats to the economic security of Ukraine have been systematized and their structure analyzed. Both internal and external measures to prevent threats to the economic security of Ukraine have been allocated. Dynamics of the factors on which the economic security of Ukraine depends has been considered. It has been determined that the socio-economic development strategy formulated makes the country’s economic security system efficient. Two approaches to the strategic development of the Ukrainian economy have been allocated: enhancing competitiveness and integration into the international economic associations.

DATA SECURITY ISSUES IN CLOUD COMPUTING: REVIEW

Directory of Open Access Journals (Sweden)

Hussam Alddin Shihab Ahmed

2016-02-01

Full Text Available Cloud computing is an internet based model that empower on demand ease of access and pay for the usage of each access to shared pool of networks. It is yet another innovation that fulfills a client's necessity for computing resources like systems, stockpiling, servers, administrations and applications. Securing the Data is considered one of the principle significant challenges and concerns for cloud computing. This persistent problem is getting more affective due to the changes in improving cloud computing technology. From the perspective of the Clients, cloud computing is a security hazard especially when it comes to assurance affirmation issues and data security, remain the most basically which backs off for appropriation of Cloud Computing administrations. This paper audits and breaks down the essential issue of cloud computing and depicts the information security and protection of privacy issues in cloud.

The Personal Information Security Assistant

NARCIS (Netherlands)

Kegel, Roeland Hendrik,Pieter

The human element is often found to be the weakest link in the information security chain. The Personal Information Security Assistant project aims to address this by improving the privacy and security awareness of end-users and by aligning the user's personal IT environment to the user's security

Proactive Security Testing and Fuzzing

Science.gov (United States)

Takanen, Ari

Software is bound to have security critical flaws, and no testing or code auditing can ensure that software is flaw-less. But software security testing requirements have improved radically during the past years, largely due to criticism from security conscious consumers and Enterprise customers. Whereas in the past, security flaws were taken for granted (and patches were quietly and humbly installed), they now are probably one of the most common reasons why people switch vendors or software providers. The maintenance costs from security updates often add to become one of the biggest cost items to large Enterprise users. Fortunately test automation techniques have also improved. Techniques like model-based testing (MBT) enable efficient generation of security tests that reach good confidence levels in discovering zero-day mistakes in software. This technique is called fuzzing.

Economic security of modern Russia: the current state and prospects

Directory of Open Access Journals (Sweden)

Karanina Elena

2018-01-01

Full Text Available In the conditions of instability of the world economy and the introduction of sanctions against Russia by a number of countries, the problem of ensuring national economic security has become particularly relevant. This topic also has a high scientific, practical and social significance, as it allows to identify possible gaps in the economic security of modern Russia and timely develop mechanisms to eliminate them to protect the national interests of the state. The purpose of this article is to determine the state and prospects of improving the economic security of modern Russia. This can be achieved by solving the following tasks: review of existing methods to evaluate the economic security of country, conduct a SWOT analysis of economic security of modern Russia, the development of suggestions for its improvement. This research analyzes various aspects of the economic security of modern Russia. As a result, the author developed an integrated method to ensuring the economic security of the country, as well as a matrix of economic security within this method. The way of increase of economic security of modern Russia is offered. Thus, to overcome the threats for the economic security of modern Russia, it is necessary to implement the recommendations developed by the authors, including the establishment of their own production and the construction of an innovatively oriented model of the economy. This will ensure the economic security of modern Russia and its stable development in the future.

The experience of clinical supervision for nurses and healthcare assistants in a secure adolescent service: Affecting service improvement.

Science.gov (United States)

McCarron, R H; Eade, J; Delmage, E

2018-04-01

WHAT IS KNOWN ON THE SUBJECT?: Regular and effective clinical supervision for mental health nurses and healthcare assistants (HCAs) is an important tool in helping to reduce stress and burnout, and in ensuring safe, effective and high-quality mental health care. Previous studies of clinical supervision within secure mental health environments have found both a low availability of clinical supervision, and a low level of staff acceptance of its value, particularly for HCAs. WHAT DOES THIS PAPER ADD TO EXISTING KNOWLEDGE?: In previous studies, the understanding shown by HCAs and nurses around the benefits of clinical supervision may have been limited by the methods used. This study was specifically designed to help them best express their views. In contrast to previous studies, both nurses and HCAs showed a good understanding of the function and value of clinical supervision. Significant improvements in the experience of, and access to, clinical supervision for nurses and HCAs working in secure mental health services may be achieved by raising staff awareness, demonstrating organizational support and increasing monitoring of clinical supervision. WHAT ARE THE IMPLICATIONS FOR PRACTICE?: Organizations should consider reviewing their approach to supervision to include raising staff awareness, multidisciplinary supervision, group supervision, and recording and tracking of supervision rates. Organizations should be mindful of the need to provide effective clinical supervision to HCAs as well as nurses. Introduction Studies have found a low availability and appreciation of clinical supervision, especially for healthcare assistants (HCAs). Qualitative research is needed to further understand this. Aims Increase understanding of nurses' and HCAs' experiences of, and access to, clinical supervision. Identify nurses' and HCAs' perceptions of the value and function of clinical supervision. Assess how interventions affect staff's experiences of clinical supervision. Methods In

Information Security Governance: When Compliance Becomes More Important than Security

OpenAIRE

Tan , Terence C. C.; Ruighaver , Anthonie B.; Ahmad , Atif

2010-01-01

International audience; Current security governance is often based on a centralized decision making model and still uses an ineffective 20th century risk management approach to security. This approach is relatively simple to manage since it needs almost no security governance below the top enterprise level where most decisions are made. However, while there is a role for more corporate governance, new regulations, and improved codes of best practice to address current weak organizational secu...

Improving the Security and Performance of the BaBar Detector Controls System

International Nuclear Information System (INIS)

Kotturi, Karen D.

2003-01-01

It starts out innocently enough--users want to monitor Online data and so run their own copies of the detector control GUIs in their offices and at home. But over time, the number of processes making requests for values to display on GUIs, webpages and stripcharts can grow, and affect the performance of an Input/Output Controller (IOC) such that it is unable to respond to requests from requests critical to data-taking. At worst, an IOC can hang, its CPU having been allocated 100% to responding to network requests. For the BaBar Online Detector Control System, we were able to eliminate this problem and make great gains in security by moving all of the IOCs to a non-routed, virtual LAN and by enlisting a workstation with two network interface cards to act as the interface between the virtual LAN and the public BaBar network. On the interface machine, we run the Experimental Physics Industrial Control System (EPICS) Channel Access (CA) gateway software (originating from Advanced Photon Source). This software accepts as inputs, all the channels which are loaded into the EPICS databases on all the IOCs. It polls them to update its copy of the values. It answers requests from applications by sending them the currently cached value. We adopted the requirement that data-taking would be independent of the gateway, so that, in the event of a gateway failure, data-taking would be uninterrupted. In this way, we avoided introducing any new risk elements to data-taking. Security rules already in use by the IOC were propagated to the gateway's own security rules and the security of the IOCs themselves was improved by removing them from the public BaBar network

POLICE OFFICE MODEL IMPROVEMENT FOR SECURITY OF SWARM ROBOTIC SYSTEMS

Directory of Open Access Journals (Sweden)

I. A. Zikratov

2014-09-01

Full Text Available This paper focuses on aspects of information security for group of mobile robotic systems with swarm intellect. The ways for hidden attacks realization by the opposing party on swarm algorithm are discussed. We have fulfilled numerical modeling of potentially destructive information influence on the ant shortest path algorithm. We have demonstrated the consequences of attacks on the ant algorithm with different concentration in a swarm of subversive robots. Approaches are suggested for information security mechanisms in swarm robotic systems, based on the principles of centralized security management for mobile agents. We have developed the method of forming a self-organizing information security management system for robotic agents in swarm groups implementing POM (Police Office Model – a security model based on police offices, to provide information security in multi-agent systems. The method is based on the usage of police station network in the graph nodes, which have functions of identification and authentication of agents, identifying subversive robots by both their formal characteristics and their behavior in the swarm. We have suggested a list of software and hardware components for police stations, consisting of: communication channels between the robots in police office, nodes register, a database of robotic agents, a database of encryption and decryption module. We have suggested the variants of logic for the mechanism of information security in swarm systems with different temporary diagrams of data communication between police stations. We present comparative analysis of implementation of protected swarm systems depending on the functioning logic of police offices, integrated in swarm system. It is shown that the security model saves the ability to operate in noisy environments, when the duration of the interference is comparable to the time necessary for the agent to overcome the path between police stations.

Salus: Kernel Support for Secure Process Compartments

Directory of Open Access Journals (Sweden)

Raoul Strackx

2015-01-01

Full Text Available Consumer devices are increasingly being used to perform security and privacy critical tasks. The software used to perform these tasks is often vulnerable to attacks, due to bugs in the application itself or in included software libraries. Recent work proposes the isolation of security-sensitive parts of applications into protected modules, each of which can be accessed only through a predefined public interface. But most parts of an application can be considered security-sensitive at some level, and an attacker who is able to gain inapplication level access may be able to abuse services from protected modules. We propose Salus, a Linux kernel modification that provides a novel approach for partitioning processes into isolated compartments sharing the same address space. Salus significantly reduces the impact of insecure interfaces and vulnerable compartments by enabling compartments (1 to restrict the system calls they are allowed to perform, (2 to authenticate their callers and callees and (3 to enforce that they can only be accessed via unforgeable references. We describe the design of Salus, report on a prototype implementation and evaluate it in terms of security and performance. We show that Salus provides a significant security improvement with a low performance overhead, without relying on any non-standard hardware support.

Control System Applicable Use Assessment of the Secure Computing Corporation - Secure Firewall (Sidewinder)

Energy Technology Data Exchange (ETDEWEB)

Hadley, Mark D.; Clements, Samuel L.

2009-01-01

Battelle’s National Security & Defense objective is, “applying unmatched expertise and unique facilities to deliver homeland security solutions. From detection and protection against weapons of mass destruction to emergency preparedness/response and protection of critical infrastructure, we are working with industry and government to integrate policy, operational, technological, and logistical parameters that will secure a safe future”. In an ongoing effort to meet this mission, engagements with industry that are intended to improve operational and technical attributes of commercial solutions that are related to national security initiatives are necessary. This necessity will ensure that capabilities for protecting critical infrastructure assets are considered by commercial entities in their development, design, and deployment lifecycles thus addressing the alignment of identified deficiencies and improvements needed to support national cyber security initiatives. The Secure Firewall (Sidewinder) appliance by Secure Computing was assessed for applicable use in critical infrastructure control system environments, such as electric power, nuclear and other facilities containing critical systems that require augmented protection from cyber threat. The testing was performed in the Pacific Northwest National Laboratory’s (PNNL) Electric Infrastructure Operations Center (EIOC). The Secure Firewall was tested in a network configuration that emulates a typical control center network and then evaluated. A number of observations and recommendations are included in this report relating to features currently included in the Secure Firewall that support critical infrastructure security needs.

From Serpent to CEO: Improving First-Term Security Forces Airman Performance Through Neuroscience Education

Science.gov (United States)

2017-06-09

support procedures and decision - making processes. Creating awareness that limitations are present creates a natural motivation to want to reduce...law enforcement decision - making ? What cultural norms within Security Forces should be challenged to improve responses of young adults faced with...enforcement and combat decision - making processes is available. However, it is not uncommon for laboratory discoveries to enter clinical practice, not to

Big data, little security: Addressing security issues in your platform

Science.gov (United States)

Macklin, Thomas; Mathews, Joseph

2017-05-01

This paper describes some patterns for information security problems that consistently emerge among traditional enterprise networks and applications, both with respect to cyber threats and data sensitivity. We draw upon cases from qualitative studies and interviews of system developers, network operators, and certifiers of military applications. Specifically, the problems discussed involve sensitivity of data aggregates, training efficacy, and security decision support in the human machine interface. While proven techniques can address many enterprise security challenges, we provide additional recommendations on how to further improve overall security posture, and suggest additional research thrusts to address areas where known gaps remain.

Auditing Organizational Security

Science.gov (United States)

2017-01-01

Organi- zation for Standardiza- tion ( ISO ): ISO 27000 : Information Systems Se- curity Management. A robust program of internal auditing of a...improvement is the basis and underpinning of the ISO . All processes must be considered ongoing and never at an “end state.” Top management develops a...security management system, including security policies and security objectives, plus threats and risks. Orga- nizations already working with ISO 9000

IAEA nuclear security program

Energy Technology Data Exchange (ETDEWEB)

Ek, D. [International Atomic Energy Agency, Vienna (Austria)

2006-07-01

Although nuclear security is a State responsibility, it is nevertheless an international concern, as the consequences of a nuclear security incident would have worldwide impact. These concerns have resulted in the development of numerous international instruments on nuclear security since the terrorist events in the USA on September 11, 2001. The IAEA Office of Nuclear Security has been charged to assist Member States to improvement their nuclear security and to meet the intent of these international obligations in order to ensure a cohesive thread of nuclear security protects the global community. The programs underway and planned by the Office of Nuclear Security will be discussed in this paper. (author)

IAEA nuclear security program

International Nuclear Information System (INIS)

Ek, D.

2006-01-01

Although nuclear security is a State responsibility, it is nevertheless an international concern, as the consequences of a nuclear security incident would have worldwide impact. These concerns have resulted in the development of numerous international instruments on nuclear security since the terrorist events in the USA on September 11, 2001. The IAEA Office of Nuclear Security has been charged to assist Member States to improvement their nuclear security and to meet the intent of these international obligations in order to ensure a cohesive thread of nuclear security protects the global community. The programs underway and planned by the Office of Nuclear Security will be discussed in this paper. (author)

Competitive Cyber-Insurance and Internet Security

Science.gov (United States)

Shetty, Nikhil; Schwartz, Galina; Felegyhazi, Mark; Walrand, Jean

This paper investigates how competitive cyber-insurers affect network security and welfare of the networked society. In our model, a user's probability to incur damage (from being attacked) depends on both his security and the network security, with the latter taken by individual users as given. First, we consider cyberinsurers who cannot observe (and thus, affect) individual user security. This asymmetric information causes moral hazard. Then, for most parameters, no equilibrium exists: the insurance market is missing. Even if an equilibrium exists, the insurance contract covers only a minor fraction of the damage; network security worsens relative to the no-insurance equilibrium. Second, we consider insurers with perfect information about their users' security. Here, user security is perfectly enforceable (zero cost); each insurance contract stipulates the required user security. The unique equilibrium contract covers the entire user damage. Still, for most parameters, network security worsens relative to the no-insurance equilibrium. Although cyber-insurance improves user welfare, in general, competitive cyber-insurers fail to improve network security.

Intra-site Secure Transport Vehicle test and evaluation

International Nuclear Information System (INIS)

Scott, S.

1995-01-01

In the past many DOE and DoD facilities involved in handling nuclear material realized a need to enhance the safely and security for movement of sensitive materials within their facility, or ''intra-site''. There have been prior efforts to improve on-site transportation; however, there remains a requirement for enhanced on-site transportation at a number of facilities. The requirements for on-site transportation are driven by security, safety, and operational concerns. The Intra-site Secure Transport Vehicle (ISTV) was designed to address these concerns specifically for DOE site applications with a standardized vehicle design. This paper briefly reviews the ISTV design features providing significant enhancement of onsite transportation safety and security, and also describes the test and evaluation activities either complete of underway to validate the vehicle design and operation

An Improved and Secure Biometric Authentication Scheme for Telecare Medicine Information Systems Based on Elliptic Curve Cryptography.

Science.gov (United States)

Chaudhry, Shehzad Ashraf; Mahmood, Khalid; Naqvi, Husnain; Khan, Muhammad Khurram

2015-11-01

Telecare medicine information system (TMIS) offers the patients convenient and expedite healthcare services remotely anywhere. Patient security and privacy has emerged as key issues during remote access because of underlying open architecture. An authentication scheme can verify patient's as well as TMIS server's legitimacy during remote healthcare services. To achieve security and privacy a number of authentication schemes have been proposed. Very recently Lu et al. (J. Med. Syst. 39(3):1-8, 2015) proposed a biometric based three factor authentication scheme for TMIS to confiscate the vulnerabilities of Arshad et al.'s (J. Med. Syst. 38(12):136, 2014) scheme. Further, they emphasized the robustness of their scheme against several attacks. However, in this paper we establish that Lu et al.'s scheme is vulnerable to numerous attacks including (1) Patient anonymity violation attack, (2) Patient impersonation attack, and (3) TMIS server impersonation attack. Furthermore, their scheme does not provide patient untraceability. We then, propose an improvement of Lu et al.'s scheme. We have analyzed the security of improved scheme using popular automated tool ProVerif. The proposed scheme while retaining the plusses of Lu et al.'s scheme is also robust against known attacks.

Improving Tamper Detection for Hazardous Waste Security

International Nuclear Information System (INIS)

Johnston, R. G.; Garcia, A. R. E.; Pacheco, N.; Martinez, R. K.; Martinez, D. D.; Trujillo, S. J.; Lopez, L. N.

2003-01-01

Since September 11, waste managers are increasingly expected to provide effective security for their hazardous wastes. Tamper-indicating seals can help. This paper discusses seals, and offers recommendations for how to choose and use them

7 CFR 1822.269 - Security.

Science.gov (United States)

2010-01-01

... 7 Agriculture 12 2010-01-01 2010-01-01 false Security. 1822.269 Section 1822.269 Agriculture..., Procedures, and Authorizations § 1822.269 Security. Each loan will be secured by a mortgage on the property purchased or improved with the loan, and a security interest in the funds held by the corporation in trust...

A security scheme of SMS system

Science.gov (United States)

Zhang, Fangzhou; Yang, Hong-Wei; Song, Chuck

2005-02-01

With the prosperous development and the use of SMS, more and more important information need to be transferred through the wireless and mobile networks by the users. But in the GSM/GPRS network, the SMS messages are transferred in text mode through the signaling channel and there is no integrality for SMS messages. Because of the speciality of the mobile communications, the security of signaling channel is very weak. So we need to improve and enhance the security and integrality of SMS. At present, developed investigation based on SMS security is still incomplete. The key distribution and management is not perfect to meet the usability in a wide area. This paper introduces a high-level security method to solve this problem. We design the Secure SMS of GSM/GPRS in order to improve the security of the important information that need to be transferred by the mobile networks. Using this method, we can improve the usability of E-payment and other mobile electronic commerce.

On Security Management: Improving Energy Efficiency, Decreasing Negative Environmental Impact, and Reducing Financial Costs for Data Centers

Directory of Open Access Journals (Sweden)

Katarzyna Mazur

2015-01-01

Full Text Available Security management is one of the most significant issues in nowadays data centers. Selection of appropriate security mechanisms and effective energy consumption management together with caring for the environment enforces a profound analysis of the considered system. In this paper, we propose a specialized decision support system with a multilevel, comprehensive analysis scheme. As a result of the extensive use of mathematical methods and statistics, guidelines and indicators returned by the proposed approach facilitate the decision-making process and conserve decision-maker’s time and attention. In the paper we utilized proposed multilevel analysis scheme to manage security-based data flow in the example data center. Determining the most secure, energy-efficient, environmental friendly security mechanisms, we implemented the role-based access control method in Quality of Protection Modeling Language (QoP-ML and evaluated its performance in terms of mentioned factors.

Improving Control System Cyber-State Awareness using Known Secure Sensor Measurements

Energy Technology Data Exchange (ETDEWEB)

Ondrej Linda; Milos Manic; Miles McQueen

2012-09-01

Abstract—This paper presents design and simulation of a low cost and low false alarm rate method for improved cyber-state awareness of critical control systems - the Known Secure Sensor Measurements (KSSM) method. The KSSM concept relies on physical measurements to detect malicious falsification of the control systems state. The KSSM method can be incrementally integrated with already installed control systems for enhanced resilience. This paper reviews the previously developed theoretical KSSM concept and then describes a simulation of the KSSM system. A simulated control system network is integrated with the KSSM components. The effectiveness of detection of various intrusion scenarios is demonstrated on several control system network topologies.

Information technology - Security techniques - Information security management systems - Requirements

CERN Document Server

International Organization for Standardization. Geneva

2005-01-01

ISO/IEC 27001:2005 covers all types of organizations (e.g. commercial enterprises, government agencies, not-for profit organizations). ISO/IEC 27001:2005 specifies the requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented Information Security Management System within the context of the organization's overall business risks. It specifies requirements for the implementation of security controls customized to the needs of individual organizations or parts thereof. ISO/IEC 27001:2005 is designed to ensure the selection of adequate and proportionate security controls that protect information assets and give confidence to interested parties. ISO/IEC 27001:2005 is intended to be suitable for several different types of use, including the following: use within organizations to formulate security requirements and objectives; use within organizations as a way to ensure that security risks are cost effectively managed; use within organizations to ensure comp...

Secure it now or secure it later: the benefits of addressing cyber-security from the outset

Science.gov (United States)

Olama, Mohammed M.; Nutaro, James

2013-05-01

The majority of funding for research and development (R&D) in cyber-security is focused on the end of the software lifecycle where systems have been deployed or are nearing deployment. Recruiting of cyber-security personnel is similarly focused on end-of-life expertise. By emphasizing cyber-security at these late stages, security problems are found and corrected when it is most expensive to do so, thus increasing the cost of owning and operating complex software systems. Worse, expenditures on expensive security measures often mean less money for innovative developments. These unwanted increases in cost and potential slowing of innovation are unavoidable consequences of an approach to security that finds and remediate faults after software has been implemented. We argue that software security can be improved and the total cost of a software system can be substantially reduced by an appropriate allocation of resources to the early stages of a software project. By adopting a similar allocation of R&D funds to the early stages of the software lifecycle, we propose that the costs of cyber-security can be better controlled and, consequently, the positive effects of this R&D on industry will be much more pronounced.

Reasons in Support of Data Security and Data Security Management as Two Independent Concepts: A New Model.

Science.gov (United States)

Moghaddasi, Hamid; Sajjadi, Samad; Kamkarhaghighi, Mehran

2016-01-01

Any information which is generated and saved needs to be protected against accidental or intentional losses and manipulations if it is to be used by the intended users in due time. As such, information managers have adopted numerous measures to achieve data security within data storage systems, along with the spread of information technology. The "data security models" presented thus far have unanimously highlighted the significance of data security management. For further clarification, the current study first introduces the "needs and improvement" cycle; the study will then present some independent definitions, together with a support umbrella, in an attempt to shed light on the data security management. Data security focuses on three features or attributes known as integrity, identity of sender(s) and identity of receiver(s). Management in data security follows an endless evolutionary process, to keep up with new developments in information technology and communication. In this process management develops new characteristics with greater capabilities to achieve better data security. The characteristics, continuously increasing in number, with a special focus on control, are as follows: private zone, confidentiality, availability, non-repudiation, possession, accountability, authenticity, authentication and auditability. Data security management steadily progresses, resulting in more sophisticated features. The developments are in line with new developments in information and communication technology and novel advances in intrusion detection systems (IDS). Attention to differences between data security and data security management by international organizations such as the International Standard Organization (ISO), and International Telecommunication Union (ITU) is necessary if information quality is to be enhanced.

Security and Emergency Management Division

Data.gov (United States)

Federal Laboratory Consortium — Volpe's Security and Emergency Management Division identifies vulnerabilities, risks, and opportunities to improve the security of transportation systems, critical...

Electronic healthcare information security

CERN Document Server

Dube, Kudakwashe; Shoniregun, Charles A

2010-01-01

The ever-increasing healthcare expenditure and pressing demand for improved quality and efficiency of patient care services are driving innovation in healthcare information management. The domain of healthcare has become a challenging testing ground for information security due to the complex nature of healthcare information and individual privacy. ""Electronic Healthcare Information Security"" explores the challenges of e-healthcare information and security policy technologies. It evaluates the effectiveness of security and privacy implementation systems for anonymization methods and techniqu

Insider Threat Security Reference Architecture

Science.gov (United States)

2012-04-01

this challenge. CMU/SEI-2012-TR-007 | 2 2 The Components of the ITSRA Figure 2 shows the four layers of the ITSRA. The Business Security layer......organizations improve their level of preparedness to address the insider threat. Business Security Architecture Data Security Architecture

Statistical security for Social Security.

Science.gov (United States)

Soneji, Samir; King, Gary

2012-08-01

The financial viability of Social Security, the single largest U.S. government program, depends on accurate forecasts of the solvency of its intergenerational trust fund. We begin by detailing information necessary for replicating the Social Security Administration's (SSA's) forecasting procedures, which until now has been unavailable in the public domain. We then offer a way to improve the quality of these procedures via age- and sex-specific mortality forecasts. The most recent SSA mortality forecasts were based on the best available technology at the time, which was a combination of linear extrapolation and qualitative judgments. Unfortunately, linear extrapolation excludes known risk factors and is inconsistent with long-standing demographic patterns, such as the smoothness of age profiles. Modern statistical methods typically outperform even the best qualitative judgments in these contexts. We show how to use such methods, enabling researchers to forecast using far more information, such as the known risk factors of smoking and obesity and known demographic patterns. Including this extra information makes a substantial difference. For example, by improving only mortality forecasting methods, we predict three fewer years of net surplus, $730 billion less in Social Security Trust Funds, and program costs that are 0.66% greater for projected taxable payroll by 2031 compared with SSA projections. More important than specific numerical estimates are the advantages of transparency, replicability, reduction of uncertainty, and what may be the resulting lower vulnerability to the politicization of program forecasts. In addition, by offering with this article software and detailed replication information, we hope to marshal the efforts of the research community to include ever more informative inputs and to continue to reduce uncertainties in Social Security forecasts.

A Key Generation Model for Improving the Security of Cryptographic ...

African Journals Online (AJOL)

Cryptography is a mathematical technique that plays an important role in information security techniques for addressing authentication, interactive proofs, data origination, sender/receiver identity, non-repudiation, secure computation, data integrity and confidentiality, message integrity checking and digital signatures.

Economic foundation and importance of non-state security sector within the national security system

Directory of Open Access Journals (Sweden)

Anđelković Slobodan

2016-01-01

Full Text Available The main purpose of this paper was to present the causes (for, role (played by and the growing importance of the non-state actors within the national security sector, while analyzing the economic interest of individuals, organizations and the state itself that were favoring such a development. In the course of our research we established how, as the state narrowed its activities down to more vital and more dangerous fields of work, this opened up space for independent contractors to enter those fields which carried less systemic risk. Such change was made possible in the post-Cold War context, when many of the former service members were hired by private companies. The economic motive had a role to play as well, given the need for additional security going beyond what state offered to its citizens, as many doubted the ability (efficiency of state to provide it in the first place; and private sector's willingness to provide it for a price. In Serbia, position of non-state security sector is still very much limited by the traditional notion of security as well as the division of competences, both left-overs from socialist times. This goes against positive tendencies within the sector itself (improvement of types and specialization of the security as service; strengthening of legal regulation; flexibility of services being offered. By conducting its basic service and improving the security of its clients, representatives of non-state security sector are - indirectly - improving the security of society as a whole, ensuring economic stability, which presents one of key national interests.

Marketing and reputation aspects of neonatal safeguards and hospital-security systems.

Science.gov (United States)

Smith, Alan D

2009-01-01

Technological advancements have migrated from personal-use electronics into the healthcare setting for security enhancements. Within maternity wards and nurseries, technology was seen as one of best way to protect newborns from abduction. The present study is a focus on what systems and methods are used in neonatal security, the security arrangements, staff training, and impacts outside the control of the hospital, customer satisfaction and customer relations management. Through hypothesis-testing and exploratory analysis, gender biases and extremely high levels of security were found within a web-enabled and professional sample of 200 respondents. The factor-based constructs were found to be, in order of the greatest explained variance: security concerns, personal technology usage, work technology applications, and demographic maturity concerns, resulting in four factor-based scores with significant combined variance of 61.5%. It was found that through a better understanding on the importance and vital need for hospitals to continue to improve on their technology-based security policies significantly enhanced their reputation in the highly competitive local healthcare industry.

Improving Mental Health Reporting Practices in Between Personnel Security Investigations

Science.gov (United States)

2017-06-01

derogatory information, unfavorable administrative actions, and adverse actions to the appropriate personnel security, human resources , and...national security clearance? What type of clearances do people typically have (e.g., Secret, Top Secret, TS/SCI, SAP , etc.)? (2) Does [the

Don't Drop Your Guard: Securing Nuclear Facilities

International Nuclear Information System (INIS)

Lööf, Susanna

2013-01-01

You're never quite finished with nuclear security. ''Even the most advanced security system for radioactive or nuclear material needs to be continuously updated to ensure that it remains effective,'' says Arvydas Stadalnikas, an IAEA Senior Nuclear Security Officer. ''Security can always be improved. Even if you think you have the best system for today, it may require enhancements because of the changing environment,'' he said. To help States with this daunting task, the IAEA offers support through its International Physical Protection Advisory Service (IPPAS) which includes in-depth analysis of the physical protection and nuclear security followed by expert advice. The IAEA has carried out 58 missions to 37 countries since the IPPAS programme was launched in 1996, helping States translate international conventions, codes and guidance on nuclear security into practice. Although each mission focuses on improving the security in a specific country, ''the programme has benefits that reach far beyond the recipient State's national borders,'' Stadalnikas noted. ''Each IPPAS mission helps improve global nuclear security because enhanced security in one country means that you improve globally. Deficiencies in one country could open the way for malicious acts, which can have worldwide effects,'' he said

METHOD FOR SECURITY SPECIFICATION SOFTWARE REQUIREMENTS AS A MEANS FOR IMPLEMENTING A SOFTWARE DEVELOPMENT PROCESS SECURE - MERSEC

Directory of Open Access Journals (Sweden)

Castro Mecías, L.T.

2015-06-01

Full Text Available Often security incidents that have the object or use the software as a means of causing serious damage and legal, economic consequences, etc. Results of a survey by Kaspersky Lab reflectvulnerabilities in software are the main cause of security incidents in enterprises, the report shows that 85% of them have reported security incidents and vulnerabilities in software are the main reason is further estimated that incidents can cause significant losses estimated from 50,000 to $ 649.000. (1 In this regard academic and industry research focuses on proposals based on reducing vulnerabilities and failures of technology, with a positive influence on how the software is developed. A development process for improved safety practices and should include activities from the initial phases of the software; so that security needs are identified, manage risk and appropriate measures are implemented. This article discusses a method of analysis, acquisition and requirements specification of the software safety analysis on the basis of various proposals and deficiencies identified from participant observation in software development teams. Experiments performed using the proposed yields positive results regarding the reduction of security vulnerabilities and compliance with the safety objectives of the software.

Perspectives on Energy Security

International Nuclear Information System (INIS)

Carlsson-Kanyama, Annika; Holmgren, Aake J.; Joensson, Thomas; Larsson, Robert L.

2007-05-01

A common notion of 'Energy Security' is that it includes access to energy resources without risking the the survival of the state. 'Security of supply' is most often the concept emphasized in the political discourse on energy security and it includes both production as well as secure and safe delivery of energy to the end consumers. Another aspect of energy security is the need for reducing energy consumption by improving energy efficiency. In this report, eight chapters covering these and other perspectives on energy security are presented. Six of the chapters deal with the supply perspective. Included topics cover power politics and geopolitical perspectives regarding large infrastructure projects and the ambitions of the EU in this regard. Further, methods and approaches for conducting risk analyses of electricity supply systems as well as for improving the security of digital control systems are discussed. As climate change will affect the supply and distribution of energy, one chapter presents an overview of this topic. The consumption perspective is discussed against the backdrop of research about household consumption practices and the role of climate change for future consumption levels. Finally, the role of armed forces as a large energy users is touched upon, as well as how so-called 'future studies' have dealt with energy as a topic

Significant improvement in the thermal annealing process of optical resonators

Science.gov (United States)

Salzenstein, Patrice; Zarubin, Mikhail

2017-05-01

Thermal annealing performed during process improves the quality of the roughness of optical resonators reducing stresses at the periphery of their surface thus allowing higher Q-factors. After a preliminary realization, the design of the oven and the electronic method were significantly improved thanks to nichrome resistant alloy wires and chopped basalt fibers for thermal isolation during the annealing process. Q-factors can then be improved.

Effects of renewables penetration on the security of Portuguese electricity supply

International Nuclear Information System (INIS)

Gouveia, João Pedro; Dias, Luís; Martins, Inês; Seixas, Júlia

2014-01-01

Highlights: • We assess the importance of the electricity sector in energy security in Portugal. • We compare energy security indicators for 2004 and 2011. • Strong wind penetration has an important role on the country energy security. • Infrastructure is the weaker component in electricity sector supply chain. - Abstract: The increase of renewables in power sector, together with the increase of their electricity share in final energy consumption, is changing our perception about energy security with diverse and contradictory statements. The Portuguese security of electricity supply is analyzed in this study by comparing selected indicators for 2 years before and after the high increase of onshore wind since 2005. Our goal is to find how the security of electricity supply was impacted by the penetration of renewables, taking a supply chain approach. Our analysis highlights that the penetration of renewables has decreased the energy dependence of the power sector by more than 20% between 2004 and 2011, while risks related to the concentration of natural gas suppliers and to the still-high share of fossil fuels suffering from price volatility are discussed. We observed a significant improvement in power interconnections with Spain, as well as an increase of the de-rated generation capacity margin, allowing proper management of renewable power intermittency if necessary, thereby improving power security. Although the share of intermittent renewables almost quadrupled in total installed capacity between those years, the indicators reveal an improvement in the quality of transport and distribution when delivering electricity to end-users. Although electricity prices increased, mainly due to taxes, the lack of energy efficiency is an aspect deserving improvement to alleviate the pressure on electricity security, mainly at high peak demands

Nuclear security

International Nuclear Information System (INIS)

1991-12-01

This paper reports that despite their crucial importance to national security, safeguards at the Department of Energy's (DOE) weapons facilities may be falling short. DOE security inspections have identified many weaknesses, including poor performance by members of DOE's security force, poor accountability for quantities of nuclear materials, and the inability of personnel to locate documents containing classified information. About 13 percent of the 2,100 identified weakness resulted in DOE inspectors giving out unsatisfactory security ratings; another 38 percent led to marginal ratings. In addition, DOE's centralized safeguards and security information tracking system lacks current data on whether DOE field offices have corrected the identified weaknesses. Without reliable information, DOE has no way of knowing whether timely action was taken to correct problems, nor can it determine whether weaknesses are systematic. DOE has tried to minimize the impact of these security weaknesses at its facilities by establishing multiple layers of protection measures and instituting interim and compensatory measures for identified weaknesses. DOE is planning enhancements to the centralized tracking system that should improve its reliability and increase its effectiveness

Quantitative analysis of the security performance in wireless LANs

Directory of Open Access Journals (Sweden)

Poonam Jindal

2017-07-01

Full Text Available A comprehensive experimental study to analyze the security performance of a WLAN based on IEEE 802.11 b/g/n standards in various network scenarios is presented in this paper. By setting-up an experimental testbed we have measured results for a layered security model in terms of throughput, response time, encryption overheads, frame loss and jitter. Through numerical results obtained from the testbed, we have presented quantitative as well as realistic findings for both security mechanisms and network performance. It establishes the fact that there is always a tradeoff between the security strength and the associated network performance. It is observed that the non-roaming network always performs better than the roaming network under all network scenarios. To analyze the benefits offered by a particular security protocol a relative security strength index model is demonstrated. Further we have presented the statistical analysis of our experimental data. We found that different security protocols have different robustness against mobility. By choosing the robust security protocol, network performance can be improved. The presented analysis is significant and useful with reference to the assessment of the suitability of security protocols for given real time application.

A REGIONAL PARTNERSHIP ON RADIOLOGICAL SECURITY

International Nuclear Information System (INIS)

Morris, Fred A.; Murray, A.; Dickerson, S.; Tynan, Douglas M.; Rawl, Richard R.; Hoo, Mark S.

2007-01-01

In 2004, Australia, through the Australian Nuclear Science and Technology Organisation (ANSTO) created the Regional Security of Radioactive Sources (RSRS) project and partnered with the U.S. Department of Energy's National Nuclear Security Administration (NNSA) and the International Atomic Energy Agency (IAEA) to form the Southeast Asian Regional Radiological Security Partnership (RRSP). The intent of the RRSP/RSRS partnership is to cooperate with regional neighbors in Southeast Asia to improve the security of their radioactive sources. This Southeast Asian Partnership supports NNSA and IAEA objectives to improve the security of high risk radioactive sources by raising awareness of the need, and developing national programs, to: protect and control such materials; improve the security of such materials and recover and condition the materials no longer in use. To date, agreed upon joint activities have included assistance with the improvement of regulatory infrastructure for the control of radioactive sources, training on the physical protection of radioactive sources, training and assistance with the search, location, identification and securing of orphan radioactive sources and overall assistance with implementing the IAEA Code of Conduct on the Safety and Security of Radioactive Sources. Since the inception of the partnership, ten Southeast Asian nations have participated in a range of activities from receiving general training on the security of radioactive sources to receiving specialized equipment and training to locate orphan or abandoned radioactive sources. By having a shared vision and objectives for radioactive source security in the Southeast Asian region, ANSTO and NNSA have been able to develop a successful partnership which has effectively utilized the technical, financial and political resources of each contributing partner. An example of how this partnership works is the cooperation with the Nuclear Energy Regulatory Agency, Indonesia (BAPETEN) to

Security analysis and improvements of two-factor mutual authentication with key agreement in wireless sensor networks.

Science.gov (United States)

Kim, Jiye; Lee, Donghoon; Jeon, Woongryul; Lee, Youngsook; Won, Dongho

2014-04-09

User authentication and key management are two important security issues in WSNs (Wireless Sensor Networks). In WSNs, for some applications, the user needs to obtain real-time data directly from sensors and several user authentication schemes have been recently proposed for this case. We found that a two-factor mutual authentication scheme with key agreement in WSNs is vulnerable to gateway node bypassing attacks and user impersonation attacks using secret data stored in sensor nodes or an attacker's own smart card. In this paper, we propose an improved scheme to overcome these security weaknesses by storing secret data in unique ciphertext form in each node. In addition, our proposed scheme should provide not only security, but also efficiency since sensors in a WSN operate with resource constraints such as limited power, computation, and storage space. Therefore, we also analyze the performance of the proposed scheme by comparing its computation and communication costs with those of other schemes.

Security Analysis and Improvements of Two-Factor Mutual Authentication with Key Agreement in Wireless Sensor Networks

Directory of Open Access Journals (Sweden)

Jiye Kim

2014-04-01

Full Text Available User authentication and key management are two important security issues in WSNs (Wireless Sensor Networks. In WSNs, for some applications, the user needs to obtain real-time data directly from sensors and several user authentication schemes have been recently proposed for this case. We found that a two-factor mutual authentication scheme with key agreement in WSNs is vulnerable to gateway node bypassing attacks and user impersonation attacks using secret data stored in sensor nodes or an attacker’s own smart card. In this paper, we propose an improved scheme to overcome these security weaknesses by storing secret data in unique ciphertext form in each node. In addition, our proposed scheme should provide not only security, but also efficiency since sensors in a WSN operate with resource constraints such as limited power, computation, and storage space. Therefore, we also analyze the performance of the proposed scheme by comparing its computation and communication costs with those of other schemes.

Omega-3 fatty acid therapy dose-dependently and significantly decreased triglycerides and improved flow-mediated dilation, however, did not significantly improve insulin sensitivity in patients with hypertriglyceridemia.

Science.gov (United States)

Oh, Pyung Chun; Koh, Kwang Kon; Sakuma, Ichiro; Lim, Soo; Lee, Yonghee; Lee, Seungik; Lee, Kyounghoon; Han, Seung Hwan; Shin, Eak Kyun

2014-10-20

Experimental studies demonstrate that higher intake of omega-3 fatty acids (n-3 FA) improves insulin sensitivity, however, we reported that n-3 FA 2g therapy, most commonly used dosage did not significantly improve insulin sensitivity despite reducing triglycerides by 21% in patients. Therefore, we investigated the effects of different dosages of n-3 FA in patients with hypertriglyceridemia. This was a randomized, single-blind, placebo-controlled, parallel study. Age, sex, and body mass index were matched among groups. All patients were recommended to maintain a low fat diet. Forty-four patients (about 18 had metabolic syndrome/type 2 diabetes mellitus) in each group were given placebo, n-3 FA 1 (O1), 2 (O2), or 4 g (O4), respectively daily for 2 months. n-3 FA therapy dose-dependently and significantly decreased triglycerides and triglycerides/HDL cholesterol and improved flow-mediated dilation, compared with placebo (by ANOVA). However, each n-3 FA therapy did not significantly decrease high-sensitivity C-reactive protein and fibrinogen, compared with placebo. O1 significantly increased insulin levels and decreased insulin sensitivity (determined by QUICKI) and O2 significantly decreased plasma adiponectin levels relative to baseline measurements. Of note, when compared with placebo, each n-3 FA therapy did not significantly change insulin, glucose, adiponectin, glycated hemoglobin levels and insulin sensitivity (by ANOVA). We observed similar results in a subgroup of patients with the metabolic syndrome. n-3 FA therapy dose-dependently and significantly decreased triglycerides and improved flow-mediated dilation. Nonetheless, n-3 FA therapy did not significantly improve acute-phase reactants and insulin sensitivity in patients with hypertriglyceridemia, regardless of dosages. Copyright © 2014. Published by Elsevier Ireland Ltd.

Integrated security systems design a complete reference for building enterprise-wide digital security systems

CERN Document Server

Norman, Thomas L

2014-01-01

Integrated Security Systems Design, 2nd Edition, is recognized as the industry-leading book on the subject of security systems design. It explains how to design a fully integrated security system that ties together numerous subsystems into one complete, highly coordinated, and highly functional system. With a flexible and scalable enterprise-level system, security decision makers can make better informed decisions when incidents occur and improve their operational efficiencies in ways never before possible. The revised edition covers why designing an integrated security system is essential a

Review of the model of technological pragmatism considering privacy and security

Directory of Open Access Journals (Sweden)

Kovačević-Lepojević Marina M.

2013-01-01

Full Text Available The model of technological pragmatism assumes awareness that technological development involves both benefits and dangers. Most modern security technologies represent citizens' mass surveillance tools, which can lead to compromising a significant amount of personal data due to the lack of institutional monitoring and control. On the other hand, people are interested in improving crime control and reducing the fear of potential victimization which this framework provides as a rational justification for the apparent loss of privacy, personal rights and freedoms. Citizens' perception on the categories of security and privacy, and their balancing, can provide the necessary guidelines to regulate the application of security technologies in the actual context. The aim of this paper is to analyze the attitudes of students at the University of Belgrade (N = 269 toward the application of security technology and identification of the key dimensions. On the basis of the relevant research the authors have formed assumptions about the following dimensions: security, privacy, trust in institutions and concern about the misuse of security technology. The Prise Questionnaire on Security Technology and Privacy was used for data collection. Factor analysis abstracted eight factors which together account for 58% of variance, with the highest loading of the four factors that are identified as security, privacy, trust and concern. The authors propose a model of technological pragmatism considering security and privacy. The data also showed that students are willing to change their privacy for the purpose of improving security and vice versa.

EU Failing FAO Challenge to Improve Global Food Security.

Science.gov (United States)

Smyth, Stuart J; Phillips, Peter W B; Kerr, William A

2016-07-01

The announcement that the European Union (EU) had reached an agreement allowing Member States (MS) to ban genetically modified (GM) crops confirms that the EU has chosen to ignore the food security challenge issued to the world by the Food and Agriculture Organization of the United Nations (FAO) in 2009. The FAO suggests that agricultural biotechnology has a central role in meeting the food security challenge. Copyright © 2016 Elsevier Ltd. All rights reserved.

Bio-Security Measures Employed by Poultry Farmers in Enugu State ...

African Journals Online (AJOL)

User

In spite of this, food security, improved livelihood and attainment of self- ..... experience in farm business management enables farmers to set realistic time and ... had no significant effect on biosecurity practices of poultry farmers is inconsistent.

The Global Trends in the Alternative Energetics and Improvement of the State Policy in the Sphere of Fiscal Security: in Search for Equilibrium and Markets

Directory of Open Access Journals (Sweden)

Hnedina Kateryna V.

2017-12-01

Full Text Available Alternative energetics is an important component of the competitiveness and security of the national economy. Its rapid development over the past 10 years is caused by both the attempts of individual countries to maintain and strengthen their competitive advantage in the world markets and the efforts of international organizations (UN, IRENA, IEA to consolidate different stakeholders to achieve energy and fiscal security, protection of environment and improvement of climate conditions. The article is aimed at generalizing global trends in alternative energetics in the context of development of the State policy in the sphere of fiscal security. A brief overview of the latest trends in the alternative energetics development, most of which focus on identifying the basic sectoral trends, has been provided. However, the issues of fiscal security in the energy sector remain poorly researched, especially in terms of formation of the State policy, consolidating interests of different groups of stakeholders. It has been determined that in the developed countries a significant growth of alternative energetics is caused by the consistent State policy on creation of conditions for formation of effective branch markets and the solving of so-called energy trilemma.

Managing Cisco network security

CERN Document Server

Knipp, Eric

2002-01-01

An in-depth knowledge of how to configure Cisco IP network security is a MUST for anyone working in today''s internetworked world"There''s no question that attacks on enterprise networks are increasing in frequency and sophistication..."-Mike Fuhrman, Cisco Systems Manager, Security ConsultingManaging Cisco Network Security, Second Edition offers updated and revised information covering many of Cisco''s security products that provide protection from threats, detection of network security incidents, measurement of vulnerability and policy compliance and management of security policy across an extended organization. These are the tools that network administrators have to mount defenses against threats. Chapters also cover the improved functionality and ease of the Cisco Secure Policy Manger software used by thousands of small-to-midsized businesses and a special section on the Cisco Aironet Wireless Security Solutions.Security from a real-world perspectiveKey coverage of the new technologies offered by the Cisc...

Applications and Security of Next-Generation, User-Centric Wireless Systems

Directory of Open Access Journals (Sweden)

Danfeng Yao

2010-07-01

Full Text Available Pervasive wireless systems have significantly improved end-users’ quality of life. As manufacturing costs decrease, communications bandwidth increases, and contextual information is made more readily available, the role of next generation wireless systems in facilitating users’ daily activities will grow. Unique security and privacy issues exist in these wireless, context-aware, often decentralized systems. For example, the pervasive nature of such systems allows adversaries to launch stealthy attacks against them. In this review paper, we survey several emergent personal wireless systems and their applications. These systems include mobile social networks, active implantable medical devices, and consumer products. We explore each system’s usage of contextual information and provide insight into its security vulnerabilities. Where possible, we describe existing solutions for defendingagainst these vulnerabilities. Finally, we point out promising future research directions for improving these systems’ robustness and security

International Nuclear Security Education Network (INSEN): Promoting nuclear security education

International Nuclear Information System (INIS)

Muhamad Samudi Yasir

2013-01-01

Full-text: The need for human resource development programmes in nuclear security was underlined at several International Atomic Energy Agency (IAEA) General Conferences and Board of Governors Meetings. Successive IAEA Nuclear Security Plans, the most recent of which was agreed by the Board of Governors in September 2009, give high priority to assisting States in establishing educational programmes in nuclear security in order to ensure the sustainability of nuclear security improvements. The current Nuclear Security Plan 1 covering 2010-2013 emphasizes on the importance of considering existing capacities at international, regional and national levels while designing nuclear security academic programmes. In the course of implementing the Plan, the IAEA developed a guide entitled Educational Programme in Nuclear Security (IAEA Nuclear Security Series No. 12) that consists of a model of a MAster of Science (M.Sc.) and a Certificate Programme in Nuclear Security. This guide was aims at assisting universities or other educational institutes to developed academic programmes in nuclear security. Independently, some universities already offered academic programmes covering some areas of nuclear security, while other universities have asked the IAEA to support the implementation of these programmes. In order to better address current and future request for assistance in this area, the IAEA establish a collaboration network-International Nuclear Security Education Network (INSEN), among universities who are providing nuclear security education or who are interested in starting an academic programme/ course(s) in nuclear security. Universiti Kebangsaan Malaysia (UKM) is a first local university became a member of INSEN since the beginning of the establishment. (author)

24 CFR 201.51 - Proceeding against the loan security.

Science.gov (United States)

2010-04-01

....51 Proceeding against the loan security. (a) Property improvement loans. (1) After acceleration of maturity on a secured property improvement loan, the lender may either proceed against the loan security... proceeds against the loan security, it may submit an insurance claim only if it complies with the...

Transforming Security Screening With Biometrics

National Research Council Canada - National Science Library

Hearnsberger, Brian J

2003-01-01

... and identity theft to dramatically improve physical security. Today, biometric technology could be implemented to transform physical security by enhancing screening procedures currently in use at U.S...

Improved E-Banking System With Advanced Encryption Standards And Security Models

Directory of Open Access Journals (Sweden)

Sharaaf N. A.

2015-08-01

Full Text Available Emerging new Technologies and large scale businesses have made this world a global village. Many business organizations provide online services targeting global consumer bases. Transaction in international scale has been enabled by banks all around the world through E-banking in order to supply the needs of above business organizations. E-banking serves lots of benefits to both customers of banks and banks itself. It adds value to customers satisfaction with better service quality and enables banks to gain a competitive advantage over other competitors. Online banking need to possess high level security in order to provide safe consistent and robust online environment which guarantees secure data transmission and identity of both bank and customer. Lack of security may lead to less trust or hard to trust attitude towards online banking. Although customers are attracted by online banking convenience they seem largely in concern about identity theft and phishing. Analysis of many research papers on e-banking security models and their respective advantages and disadvantages have been discussed in literature review. Username password E-banking dongles fractal images biometric scans and advanced encryption standards are some of the suggested solutions for E-banking security. This study focuses on the security beyond above mechanisms. This paper ensures security of online banking at three levels. At client side using internet dongle integrated with finger print scanning technology at banking sever side and data transmission level. This model also includes username password and advanced encryption for further security. Complete description on the model has been discussed in methodology section. Future works on this topic and Conclusion are covered in separate sections.

Security practices and regulatory compliance in the healthcare industry.

Science.gov (United States)

Kwon, Juhee; Johnson, M Eric

2013-01-01

Securing protected health information is a critical responsibility of every healthcare organization. We explore information security practices and identify practice patterns that are associated with improved regulatory compliance. We employed Ward's cluster analysis using minimum variance based on the adoption of security practices. Variance between organizations was measured using dichotomous data indicating the presence or absence of each security practice. Using t tests, we identified the relationships between the clusters of security practices and their regulatory compliance. We utilized the results from the Kroll/Healthcare Information and Management Systems Society telephone-based survey of 250 US healthcare organizations including adoption status of security practices, breach incidents, and perceived compliance levels on Health Information Technology for Economic and Clinical Health, Health Insurance Portability and Accountability Act, Red Flags rules, Centers for Medicare and Medicaid Services, and state laws governing patient information security. Our analysis identified three clusters (which we call leaders, followers, and laggers) based on the variance of security practice patterns. The clusters have significant differences among non-technical practices rather than technical practices, and the highest level of compliance was associated with hospitals that employed a balanced approach between technical and non-technical practices (or between one-off and cultural practices). Hospitals in the highest level of compliance were significantly managing third parties' breaches and training. Audit practices were important to those who scored in the middle of the pack on compliance. Our results provide security practice benchmarks for healthcare administrators and can help policy makers in developing strategic and practical guidelines for practice adoption.

Analysis of the nexus between population, water resources and Global Food Security highlights significance of governance and research investments and policy priorities.

Science.gov (United States)

Yunusa, Isa A M; Zerihun, Ayalsew; Gibberd, Mark R

2018-05-10

Analyses of sensitivity of Global Food Security (GFS) score to a key set of supply or demand factors often suggest population and water supply as being the most critical and on which policies tend to focus. To explore other policy options, we characterised the nexus between GFS and a set of supply or demand factors including defining including population, agricultural and industrial water-use, agricultural publications (as a surrogate for investment in agricultural research and development [R&D]), and corruption perception index (CPI), to reveal opportunities for attaining enduring GFS. We found that despite being the primary driver of demand for food, population showed no significant correlation with GFS scores. Similarly agricultural water-use was poorly correlated with GFS scores, except in countries where evaporation exceeds precipitation and irrigation is significant. However, GFS had a strong positive association with industrial water-use as a surrogate for overall industrialisation. Recent expansions in cultivated land area failed to yield concomitant improvements in GFS score since such expansions have been mostly into marginal lands with low productivity and also barely compensated for lands retired from cropping in several developed economies. However, GFS was positively associated with agricultural R&D investments, as it was with the CPI scores. The apparent and relative strengths of these drivers on GFS outcome amongst countries were in the order: industrial water-use ≈ publication rate ≈ corruption perception > agricultural water-use > population. We concluded by suggesting that to enshrine enduring food security, policies should prioritise (1) increased R&D investments that address farmer needs, and (2) governance mechanisms that promote accountability in both research and production value chains. This article is protected by copyright. All rights reserved. This article is protected by copyright. All rights reserved.

Information Security in Education: Are We Continually Improving?

Directory of Open Access Journals (Sweden)

Dennis Bialaszewski

2015-06-01

Full Text Available This paper will shed light on the lack of the development of appropriate monitoring systems in the field of education. Test banks can be easily purchased. Smart phones can take and share pictures of exams. A video of an exam given through Blackboard can easily be made. A survey to determine the extent of cheating using technology was given to several university students. Evidence is provided that shows security is lacking as evidenced by the number of students who have made use of technological advances to cheat on exams. The findings and conclusion may serve as evidence for administrators and policy makers to re-assess efforts being made to increase security in online testing.

Significant Improvement of Catalytic Efficiencies in Ionic Liquids

International Nuclear Information System (INIS)

Song, Choong Eui; Yoon, Mi Young; Choi, Doo Seong

2005-01-01

The use of ionic liquids as reaction media can confer many advantages upon catalytic reactions over reactions in organic solvents. In ionic liquids, catalysts having polar or ionic character can easily be immobilized without additional structural modification and thus the ionic solutions containing the catalyst can easily be separated from the reagents and reaction products, and then, be reused. More interestingly, switching from an organic solvent to an ionic liquid often results in a significant improvement in catalytic performance (e.g., rate acceleration, (enantio)selectivity improvement and an increase in catalyst stability). In this review, some recent interesting results which can nicely demonstrate these positive 'ionic liquid effect' on catalysis are discussed

A Development Framework for Software Security in Nuclear Safety Systems: Integrating Secure Development and System Security Activities

Energy Technology Data Exchange (ETDEWEB)

Park, Jaekwan; Suh, Yongsuk [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

2014-02-15

The protection of nuclear safety software is essential in that a failure can result in significant economic loss and physical damage to the public. However, software security has often been ignored in nuclear safety software development. To enforce security considerations, nuclear regulator commission recently issued and revised the security regulations for nuclear computer-based systems. It is a great challenge for nuclear developers to comply with the security requirements. However, there is still no clear software development process regarding security activities. This paper proposes an integrated development process suitable for the secure development requirements and system security requirements described by various regulatory bodies. It provides a three-stage framework with eight security activities as the software development process. Detailed descriptions are useful for software developers and licensees to understand the regulatory requirements and to establish a detailed activity plan for software design and engineering.

VMware vCloud security

CERN Document Server

Sarkar, Prasenjit

2013-01-01

VMware vCloud Security provides the reader with in depth knowledge and practical exercises sufficient to implement a secured private cloud using VMware vCloud Director and vCloud Networking and Security.This book is primarily for technical professionals with system administration and security administration skills with significant VMware vCloud experience who want to learn about advanced concepts of vCloud security and compliance.

Exploring the association of urban or rural county status and environmental, nutrition- and lifestyle-related resources with the efficacy of SNAP-Ed (Supplemental Nutrition Assistance Program-Education) to improve food security.

Science.gov (United States)

Rivera, Rebecca L; Dunne, Jennifer; Maulding, Melissa K; Wang, Qi; Savaiano, Dennis A; Nickols-Richardson, Sharon M; Eicher-Miller, Heather A

2018-04-01

To investigate the association of policy, systems and environmental factors with improvement in household food security among low-income Indiana households with children after a Supplemental Nutrition Assistance Program-Education (SNAP-Ed) direct nutrition education intervention. Household food security scores measured by the eighteen-item US Household Food Security Survey Module in a longitudinal randomized and controlled SNAP-Ed intervention study conducted from August 2013 to April 2015 were the response variable. Metrics to quantify environmental factors including classification of urban or rural county status; the number of SNAP-authorized stores, food pantries and recreational facilities; average fair market housing rental price; and natural amenity rank were collected from government websites and data sets covering the years 2012-2016 and used as covariates in mixed multiple linear regression modelling. Thirty-seven Indiana counties, USA, 2012-2016. SNAP-Ed eligible adults from households with children (n 328). None of the environmental factors investigated were significantly associated with changes in household food security in this exploratory study. SNAP-Ed improves food security regardless of urban or rural location or the environmental factors investigated. Expansion of SNAP-Ed in rural areas may support food access among the low-income population and reduce the prevalence of food insecurity in rural compared with urban areas. Further investigation into policy, systems and environmental factors of the Social Ecological Model are warranted to better understand their relationship with direct SNAP-Ed and their impact on diet-related behaviours and food security.

Health Information Security in Hospitals: the Application of Security Safeguards.

Science.gov (United States)

Mehraeen, Esmaeil; Ayatollahi, Haleh; Ahmadi, Maryam

2016-02-01

A hospital information system has potentials to improve the accessibility of clinical information and the quality of health care. However, the use of this system has resulted in new challenges, such as concerns over health information security. This paper aims to assess the status of information security in terms of administrative, technical and physical safeguards in the university hospitals. This was a survey study in which the participants were information technology (IT) managers (n=36) who worked in the hospitals affiliated to the top ranked medical universities (university A and university B). Data were collected using a questionnaire. The content validity of the questionnaire was examined by the experts and the reliability of the questionnaire was determined using Cronbach's coefficient alpha (α=0.75). The results showed that the administrative safeguards were arranged at a medium level. In terms of the technical safeguards and the physical safeguards, the IT managers rated them at a strong level. According to the results, among three types of security safeguards, the administrative safeguards were assessed at the medium level. To improve it, developing security policies, implementing access control models and training users are recommended.

Evaluation of Ecological Environment Security in Contiguous Poverty Alleviation Area of Sichuan Province

Science.gov (United States)

Xian, W.; Chen, Y.; Chen, J.; Luo, X.; Shao, H.

2018-04-01

According to the overall requirements of ecological construction and environmental protection, rely on the national key ecological engineering, strengthen ecological environmental restoration and protection, improve forest cover, control soil erosion, construct important ecological security barrier in poor areas, inhibit poverty alleviation through ecological security in this area from environmental damage to the vicious cycle of poverty. Obviously, the dynamic monitoring of ecological security in contiguous destitute areas of Sichuan province has a policy sense of urgency and practical significance. This paper adopts RS technology and GIS technology to select the Luhe region of Jinchuan county and Ganzi prefecture as the research area, combined with the characteristics of ecological environment in poor areas, the impact factors of ecological environment are determined as land use type, terrain slope, vegetation cover, surface water, soil moisture and other factors. Using the ecological environmental safety assessment model, the ecological environment safety index is calculated. According to the index, the ecological environment safety of the research area is divided into four levels. The ecological environment safety classification map of 1990 in 2009 is obtained. It can be seen that with the human modern life and improve their economic level, the surrounding environment will be destroyed, because the research area ecological environment is now in good, the ecological environment generally tends to be stable. We should keep its ecological security good and improve local economic income. The relationship between ecological environmental security and economic coordinated development in poor areas has very important strategic significance.

Assessing and comparing information security in swiss hospitals.

Science.gov (United States)

Landolt, Sarah; Hirschel, Jürg; Schlienger, Thomas; Businger, Walter; Zbinden, Alex M

2012-11-07

Availability of information in hospitals is an important prerequisite for good service. Significant resources have been invested to improve the availability of information, but it is also vital that the security of this information can be guaranteed. The goal of this study was to assess information security in hospitals through a questionnaire based on the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) standard ISO/IEC 27002, evaluating Information technology - Security techniques - Code of practice for information-security management, with a special focus on the effect of the hospitals' size and type. The survey, set up as a cross-sectional study, was conducted in January 2011. The chief information officers (CIOs) of 112 hospitals in German-speaking Switzerland were invited to participate. The online questionnaire was designed to be fast and easy to complete to maximize participation. To group the analyzed controls of the ISO/IEC standard 27002 in a meaningful way, a factor analysis was performed. A linear score from 0 (not implemented) to 3 (fully implemented) was introduced. The scores of the hospitals were then analyzed for significant differences in any of the factors with respect to size and type of hospital. The participating hospitals were offered a benchmark report about their status. The 51 participating hospitals had an average score of 51.1% (range 30.6% - 81.9%) out of a possible 100% where all items in the questionnaire were fully implemented. Room for improvement could be identified, especially for the factors covering "process and quality management" (average score 1.3 ± 0.8 out of a maximum of 3) and "organization and risk management" (average score 1.3 ± 0.7 out of a maximum of 3). Private hospitals scored significantly higher than university hospitals in the implementation of "security zones" and "backup" (P = .008). Half (50.00%, 8588/17,177) of all assessed hospital beds

Training directionally selective motion pathways can significantly improve reading efficiency

Science.gov (United States)

Lawton, Teri

2004-06-01

This study examined whether perceptual learning at early levels of visual processing would facilitate learning at higher levels of processing. This was examined by determining whether training the motion pathways by practicing leftright movement discrimination, as found previously, would improve the reading skills of inefficient readers significantly more than another computer game, a word discrimination game, or the reading program offered by the school. This controlled validation study found that practicing left-right movement discrimination 5-10 minutes twice a week (rapidly) for 15 weeks doubled reading fluency, and significantly improved all reading skills by more than one grade level, whereas inefficient readers in the control groups barely improved on these reading skills. In contrast to previous studies of perceptual learning, these experiments show that perceptual learning of direction discrimination significantly improved reading skills determined at higher levels of cognitive processing, thereby being generalized to a new task. The deficits in reading performance and attentional focus experienced by the person who struggles when reading are suggested to result from an information overload, resulting from timing deficits in the direction-selectivity network proposed by Russell De Valois et al. (2000), that following practice on direction discrimination goes away. This study found that practicing direction discrimination rapidly transitions the inefficient 7-year-old reader to an efficient reader.

Improving Land Dry Farmer Capacity Toward Adequate Food Security

Directory of Open Access Journals (Sweden)

Sitti Aminah

2015-09-01

Full Text Available Land dry farmers have not enrolled in supporting food security. Most of the farmer are the peasants with low capacity to produce food. The purpose of the research is to formulate policy recommendation to increase capacity of the peasants for support food security. The data were collected using following techniques: questionnaire, interview and focus group discussion. The data were analyzed using descriptive statistics and structural equation modelling (SEM. The research results showed that the peasant characteristics and the peasants capacity are within low category, influencing the level of food security. The Government are expected actively to increase the peasant’s capacity by optimizing efforts: providing extension and training in participatory ways; increasing role of facilitator and researcher in empowerment process, increasing the peasants’ access to production input, credit facilities and wider markets, give incentive to the peasants so that they can do double working, as well as increasing coordination between government institutions and stakeholder.

Information Security for Compliance with Select Agent Regulations

Science.gov (United States)

Lewis, Nick; Campbell, Mark J.

2015-01-01

The past decade has seen a significant rise in research on high-consequence human and animal pathogens, many now known as “select agents.” While physical security around these agents is tightly regulated, information security standards are still lagging. The understanding of the threats unique to the academic and research environment is still evolving, in part due to poor communication between the various stakeholders. Perhaps as a result, information security guidelines published by select agent regulators lack the critical details and directives needed to achieve even the lowest security level of the Federal Information Security Management Act (FISMA). While only government agencies are currently required to abide by the provisions of FISMA (unless specified as preconditions for obtaining government grants or contracts—still a relatively rare or narrowly scoped occurrence), the same strategies were recently recommended by executive order for others. We propose that information security guidelines for select agent research be updated to promulgate and detail FISMA standards and processes and that the latter be ultimately incorporated into select agent regulations. We also suggest that information security in academic and research institutions would greatly benefit from active efforts to improve communication among the biosecurity, security, and information technology communities, and from a secure venue for exchange of timely information on emerging threats and solutions in the research environment. PMID:26042864

Information security for compliance with select agent regulations.

Science.gov (United States)

Lewis, Nick; Campbell, Mark J; Baskin, Carole R

2015-01-01

The past decade has seen a significant rise in research on high-consequence human and animal pathogens, many now known as "select agents." While physical security around these agents is tightly regulated, information security standards are still lagging. The understanding of the threats unique to the academic and research environment is still evolving, in part due to poor communication between the various stakeholders. Perhaps as a result, information security guidelines published by select agent regulators lack the critical details and directives needed to achieve even the lowest security level of the Federal Information Security Management Act (FISMA). While only government agencies are currently required to abide by the provisions of FISMA (unless specified as preconditions for obtaining government grants or contracts--still a relatively rare or narrowly scoped occurrence), the same strategies were recently recommended by executive order for others. We propose that information security guidelines for select agent research be updated to promulgate and detail FISMA standards and processes and that the latter be ultimately incorporated into select agent regulations. We also suggest that information security in academic and research institutions would greatly benefit from active efforts to improve communication among the biosecurity, security, and information technology communities, and from a secure venue for exchange of timely information on emerging threats and solutions in the research environment.

Security force effectiveness and technology

International Nuclear Information System (INIS)

Seaton, M.B.

1988-01-01

No one would propose ineffective security forces. Applied technology always has, as its purpose, to increase effectiveness. Evidence exists, however, that poorly conceived or executed technological solutions can actually do more harm than good. The author argues for improved human factor considerations in physical security applied technology -- especially in the area of security console operations

Home blood pressure monitoring, secure electronic messaging and medication intensification for improving hypertension control: a mediation analysis.

Science.gov (United States)

Ralston, J D; Cook, A J; Anderson, M L; Catz, S L; Fishman, P A; Carlson, J; Johnson, R; Green, B B

2014-01-01

We evaluated the role of home monitoring, communication with pharmacists, medication intensification, medication adherence and lifestyle factors in contributing to the effectiveness of an intervention to improve blood pressure control in patients with uncontrolled essential hypertension. We performed a mediation analysis of a published randomized trial based on the Chronic Care Model delivered over a secure patient website from June 2005 to December 2007. Study arms analyzed included usual care with a home blood pressure monitor and usual care with home blood pressure monitor and web-based pharmacist care. Mediator measures included secure messaging and telephone encounters; home blood pressure monitoring; medications intensification and adherence and lifestyle factors. Overall fidelity to the Chronic Care Model was assessed with the Patient Assessment of Chronic Care (PACIC) instrument. The primary outcome was percent of participants with blood pressure (BP) <140/90 mm Hg. At 12 months follow-up, patients in the web-based pharmacist care group were more likely to have BP <140/90 mm Hg (55%) compared to patients in the group with home blood pressure monitors only (37%) (p = 0.001). Home blood pressure monitoring accounted for 30.3% of the intervention effect, secure electronic messaging accounted for 96%, and medication intensification for 29.3%. Medication adherence and self-report of fruit and vegetable intake and weight change were not different between the two study groups. The PACIC score accounted for 22.0 % of the main intervention effect. The effect of web-based pharmacist care on improved blood pressure control was explained in part through a combination of home blood pressure monitoring, secure messaging, and antihypertensive medication intensification.

Improving DNS security : a measurement-based approach

NARCIS (Netherlands)

van Rijswijk-Deij, Roland

2017-01-01

The Domain Name System (DNS) is a vital part of the core infrastructure of the Internet. It maps human readable names (such as www.example.com) to machine readable information (such as 93.184.216.34). This thesis studies two aspects of the DNS. First, it studies problems in the DNS Security

Lemnos Interoperable Security Program

Energy Technology Data Exchange (ETDEWEB)

Stewart, John [Tennessee Valley Authority, Knoxville, TN (United States); Halbgewachs, Ron [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Chavez, Adrian [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Smith, Rhett [Schweitzer Engineering Laboratories, Chattanooga, TN (United States); Teumim, David [Teumim Technical, Allentown, PA (United States)

2012-01-31

The manner in which the control systems are being designed and operated in the energy sector is undergoing some of the most significant changes in history due to the evolution of technology and the increasing number of interconnections to other system. With these changes however come two significant challenges that the energy sector must face; 1) Cyber security is more important than ever before, and 2) Cyber security is more complicated than ever before. A key requirement in helping utilities and vendors alike in meeting these challenges is interoperability. While interoperability has been present in much of the discussions relating to technology utilized within the energy sector and especially the Smart Grid, it has been absent in the context of cyber security. The Lemnos project addresses these challenges by focusing on the interoperability of devices utilized within utility control systems which support critical cyber security functions. In theory, interoperability is possible with many of the cyber security solutions available to utilities today. The reality is that the effort required to achieve cyber security interoperability is often a barrier for utilities. For example, consider IPSec, a widely-used Internet Protocol to define Virtual Private Networks, or tunnels , to communicate securely through untrusted public and private networks. The IPSec protocol suite has a significant number of configuration options and encryption parameters to choose from, which must be agreed upon and adopted by both parties establishing the tunnel. The exercise in getting software or devices from different vendors to interoperate is labor intensive and requires a significant amount of security expertise by the end user. Scale this effort to a significant number of devices operating over a large geographical area and the challenge becomes so overwhelming that it often leads utilities to pursue solutions from a single vendor. These single vendor solutions may inadvertently lock

The Security of Energy Supply and the Contribution of Nuclear Energy

International Nuclear Information System (INIS)

2011-01-01

What contribution can nuclear energy make to improve the security of energy supply? This study, which examines a selection of OECD member countries, qualitatively and quantitatively validates the often intuitive assumption that, as a largely domestic source of electricity with stable costs and no greenhouse gas emissions during production, nuclear energy can make a positive contribution. Following an analysis of the meaning and context of security of supply, the study uses transparent and policy-relevant indicators to show that, together with improvements in energy efficiency, nuclear energy has indeed contributed significantly to enhanced energy supply security in OECD countries over the past 40 years. Content: Foreword; Executive Summary; 1. The Security of Energy Supply and the Contribution of Nuclear Energy - Concepts and Issues: - Energy supply security: An introduction, - Why security of energy supply remains a policy issue in OECD countries, - The external dimension: import dependence, resource exhaustion and carbon policy, - The internal dimension: economic, financial and technical considerations for energy supply security - Orientations for government policies to enhance the security of energy supply, - Conclusions; 2. Indicators and Models for Measuring Security of Energy Supply Risks: - Introduction, - Different approaches towards designing the Supply/Demand Index, - A detailed review of selected security of supply indicators, - Comprehensive models for assessing the security of energy supply, - The Supply/Demand Index, - Concluding observations; 3. Evolution of the Security of Energy Supply in OECD Countries: - Time-dependent quantification of the security of energy supply, - Changes in security of supply in selected OECD countries, - Electricity generation and the security of energy supply, - The contribution of nuclear energy and energy intensity to the security of energy supply, - The geographical distribution of SSDI values, - Conclusions; 4. Public

Argumentation-Based Security Requirements Elicitation: The Next Round

NARCIS (Netherlands)

Ionita, Dan; Bullee, Jan-Willem; Wieringa, Roelf J.

2014-01-01

Information Security Risk Assessment can be viewed as part of requirements engineering because it is used to translate security goals into security requirements, where security requirements are the desired system properties that mitigate threats to security goals. To improve the defensibility of

Physical-Layer Security of a Buffer-Aided Full-Duplex Relaying System

KAUST Repository

El Shafie, Ahmed

2016-07-07

This letter proposes a novel hybrid half-/full-duplex relaying scheme to enhance the relay channel security. A source node (Alice) communicates with her destination node (Bob) in the presence of a buffer-aided full-duplex relay node (Rooney) and a potential eavesdropper (Eve). Rooney adopts two different relaying, namely randomize-and-forward and decode-andforward relaying strategies, to improve the security of the legitimate system. In the first relaying strategy, Rooney uses a codebook different from that used at Alice. In the second relaying strategy, Rooney and Alice use the same codebooks. In addition, Rooney switches between half-duplex and full-duplex modes to further enhance the security of the legitimate system. The numerical results demonstrate that our proposed scheme achieves a significant average secrecy end-to-end throughput improvement relative to the conventional bufferless full-duplex relaying scheme.

Physical-Layer Security of a Buffer-Aided Full-Duplex Relaying System

KAUST Repository

El Shafie, Ahmed; Salem, Ahmed Sultan; Al-Dhahir, Naofal

2016-01-01

This letter proposes a novel hybrid half-/full-duplex relaying scheme to enhance the relay channel security. A source node (Alice) communicates with her destination node (Bob) in the presence of a buffer-aided full-duplex relay node (Rooney) and a potential eavesdropper (Eve). Rooney adopts two different relaying, namely randomize-and-forward and decode-andforward relaying strategies, to improve the security of the legitimate system. In the first relaying strategy, Rooney uses a codebook different from that used at Alice. In the second relaying strategy, Rooney and Alice use the same codebooks. In addition, Rooney switches between half-duplex and full-duplex modes to further enhance the security of the legitimate system. The numerical results demonstrate that our proposed scheme achieves a significant average secrecy end-to-end throughput improvement relative to the conventional bufferless full-duplex relaying scheme.

Information security improving blocklist driven firewall implementation

OpenAIRE

Kylmänen, J. (Juha)

2013-01-01

Abstract The Internet has become a commodity and with it information security and privacy issues have appeared. Common threats against the end users include malware and phishing. Phishing is a social engineering technique used to mimic legit banking or social networking websites in an attempt to gain sensitive information from the user and malware is software with malicious intent. ...

Construction of Monitoring Model and Algorithm Design on Passenger Security during Shipping Based on Improved Bayesian Network

Science.gov (United States)

Wang, Jiali; Zhang, Qingnian; Ji, Wenfeng

2014-01-01

A large number of data is needed by the computation of the objective Bayesian network, but the data is hard to get in actual computation. The calculation method of Bayesian network was improved in this paper, and the fuzzy-precise Bayesian network was obtained. Then, the fuzzy-precise Bayesian network was used to reason Bayesian network model when the data is limited. The security of passengers during shipping is affected by various factors, and it is hard to predict and control. The index system that has the impact on the passenger safety during shipping was established on basis of the multifield coupling theory in this paper. Meanwhile, the fuzzy-precise Bayesian network was applied to monitor the security of passengers in the shipping process. The model was applied to monitor the passenger safety during shipping of a shipping company in Hainan, and the effectiveness of this model was examined. This research work provides guidance for guaranteeing security of passengers during shipping. PMID:25254227

Enhancing the Safety and Security of Radioactive Sources

International Nuclear Information System (INIS)

Hickey, J.

2004-01-01

The NRC initiatives to improve safety and security of sources began before 091101 and include both international and domestic activities. They supported the development and implementation of the IAEA Code of Conduct, which provides categorization of sources of concern, based on risk, improvement of regulatory programs of all member countries and improvement of safety and security of sources. International activities include the IAEA International Conference on Security of Sources (Vienna, Austria, March, 2003), the trilateral cooperation with Canada and Mexico, the assistance to individual countries to improve security and the proposed rule on export and import of radioactive material. The domestic initiatives are to issue the security orders and advisories to licensees, issue the panoramic irradiator orders (June 2003), issue the manufacturer orders (January 2004), complete the interim national source inventory, develop the national source tracking system, maintain the orphan source registration and retrieval program and upgrade the emergency preparedness

Status and determinants of small farming households' food security and role of market access in enhancing food security in rural Pakistan.

Directory of Open Access Journals (Sweden)

Umar Ijaz Ahmed

Full Text Available In most of the developing countries, lack of resources and little market accessibility are among the major factors that affect small farming household food security. This study aims to investigate the status of small farming households' food security, and its determinants including the role of market accessibility factors in enhancing food security at household level. In addition, this study also determines the households' perception about different kinds of livelihoods risks. This study is based on a household survey of 576 households conducted through face-to-face interviews using structured interviews in Punjab, Pakistan. Food security status is calculated using dietary intake method. The study findings show that one-fourth of the households are food insecure. The study findings reveal that farm households perceive increase in food prices, crop diseases, lack of irrigation water and increase in health expenses as major livelihood risks. Further, the results of logistic regression show that family size, monthly income, food prices, health expenses and debt are main factors influencing the food security status of rural households. Furthermore, the market accessibility factors (road distance and transportation cost do significantly affect the small farming household food security. The results suggest that local food security can be enhanced by creating off-farm employment opportunities, improved transportation facilities and road infrastructure.

Microsoft Windows Server 2003: Security Enhancements and New Features

National Research Council Canada - National Science Library

Montehermoso, Ronald

2004-01-01

.... Windows NT and Windows 2000 were known to have numerous security vulnerabilities; hence Microsoft focused on improving security by making Windows Server 2003 secure by design, secure by default, secure in deployment...

Human factors in network security

OpenAIRE

Jones, Francis B.

1991-01-01

Human factors, such as ethics and education, are important factors in network information security. This thesis determines which human factors have significant influence on network security. Those factors are examined in relation to current security devices and procedures. Methods are introduced to evaluate security effectiveness by incorporating the appropriate human factors into network security controls

Improving food security and nutrition through research | IDRC ...

International Development Research Centre (IDRC) Digital Library (Canada)

2016-10-06

Oct 6, 2016 ... In Canada, the 2012 federal budget highlighted CIFSRF's success, noting how the ... New animal vaccines could keep more African farmers in business ... Research on food security makes a difference for African women.

Public perspectives on nuclear security. US national security surveys, 1993--1997

Energy Technology Data Exchange (ETDEWEB)

Herron, K.G.; Jenkins-Smith, H.C. [Univ. of New Mexico, Albuquerque, NM (United States). UNM Inst. for Public Policy

1998-08-01

This is the third report in a series of studies to examine how US attitudes about nuclear security are evolving in the post-Cold War era and to identify trends in public perceptions and preferences relevant to the evolution of US nuclear security policy. It presents findings from three surveys: a nationwide telephone survey of randomly selected members of the US general public; a written survey of randomly selected members of American Men and Women of Science; and a written survey of randomly selected state legislators from all fifty US states. Key areas of investigation included nuclear security, cooperation between US and Russian scientists about nuclear issues, vulnerabilities of critical US infrastructures and responsibilities for their protection, and broad areas of US national science policy. While international and US national security were seen to be slowly improving, the primary nuclear threat to the US was perceived to have shifted from Russia to China. Support was found for nuclear arms control measures, including mutual reductions in stockpiles. However, respondents were pessimistic about eliminating nuclear armaments, and nuclear deterrence continued to be highly values. Participants favored decreasing funding f/or developing and testing new nuclear weapons, but supported increased investments in nuclear weapons infrastructure. Strong concerns were expressed about nuclear proliferation and the potential for nuclear terrorism. Support was evident for US scientific cooperation with Russia to strengthen security of Russian nuclear assets. Elite and general public perceptions of external and domestic nuclear weapons risks and external and domestic nuclear weapons benefits were statistically significantly related to nuclear weapons policy options and investment preferences. Demographic variables and individual belief systems were systematically related both to risk and benefit perceptions and to policy and spending preferences.

Securing the Vista Environment

CERN Document Server

Gregory, Peter

2007-01-01

"Securing the Vista Environment" takes you on a quick tour of the most significant security features in Vista, Microsoft's first revision of Windows in almost six years. You'll get background on threats and vulnerabilities that will make you think differently about security. Security is more than just the technology and configurations--it's about how we use the system that makes it secure or not. Then we'll cover Vista's security features, from user privileges to Windows Defender, User Account Control, and BitLocker, as well as strategies for protecting your information from unwanted disclo

Significance of the institute of appeals under the conditions of increasing threats to national security

Directory of Open Access Journals (Sweden)

A. V. Kapulovskyi

2015-03-01

Full Text Available The article deals with the regulatory and scientific foundation for the development of the institute of citizens’ treatments in terms of obvious internal and external threats to national security. An attempt to construct an applicable model of management of public processes in terms of threats to national security, in which public opinion plays a key value. The fact that a successful resolution of problem of public participation in the preparation and acceptance of political decisions requires not only the presence of the constitutionally enshrined rights and duties and political institutions formed democratically, but also a variety of forms and ways of influencing in the activities of public authorities. At the same time, in a not declared, the so-called »hybrid» war, in which warfare are conducted locally - in some parts of the state and all other public and private institutions function in usual mode, tracking of possible threats to national security and factors that give rise to such threats should be carried out by means of both cleanly military, and civil means and methods. Thus, one of the most effective civil means of tracking such threats are the reception of citizens’ treatments, their processing and the adoption of appropriate response measures, in my opinion. Keywords: national security, public safety, human rights, public authorities, public interest.

Secure Multiparty AES

Science.gov (United States)

Damgård, Ivan; Keller, Marcel

We propose several variants of a secure multiparty computation protocol for AES encryption. The best variant requires 2200 + {{400}over{255}} expected elementary operations in expected 70 + {{20}over{255}} rounds to encrypt one 128-bit block with a 128-bit key. We implemented the variants using VIFF, a software framework for implementing secure multiparty computation (MPC). Tests with three players (passive security against at most one corrupted player) in a local network showed that one block can be encrypted in 2 seconds. We also argue that this result could be improved by an optimized implementation.

Unconditionally Secure Protocols

DEFF Research Database (Denmark)

Meldgaard, Sigurd Torkel

This thesis contains research on the theory of secure multi-party computation (MPC). Especially information theoretically (as opposed to computationally) secure protocols. It contains results from two main lines of work. One line on Information Theoretically Secure Oblivious RAMS, and how....... We construct an oblivious RAM that hides the client's access pattern with information theoretic security with an amortized $\\log^3 N$ query overhead. And how to employ a second server that is guaranteed not to conspire with the first to improve the overhead to $\\log^2 N$, while also avoiding...... they are used to speed up secure computation. An Oblivious RAM is a construction for a client with a small $O(1)$ internal memory to store $N$ pieces of data on a server while revealing nothing more than the size of the memory $N$, and the number of accesses. This specifically includes hiding the access pattern...

Masters in Nuclear Security

International Nuclear Information System (INIS)

Rickwood, Peter

2013-01-01

Continuing global efforts to improve the security of nuclear and other radioactive material against the threat of malicious acts are being assisted by a new initiative, the development of a corps of professional experts to strengthen nuclear security. The IAEA, the European Commission, universities, research institutions and other bodies working in collaboration have established an International Nuclear Security Education Network (INSEN). In 2011, six European academic institutions, the Vienna University of Technology, the Brandenburg University of Applied Sciences, the Demokritos National Centre for Scientific Research in Greece, the Reactor Institute Delft of the Delft University of Technology in the Netherlands, the University of Oslo, and the University of Manchester Dalton Nuclear Institute, started developing a European Master of Science Programme in Nuclear Security Management. In March 2013, the masters project was inaugurated when ten students commenced studies at the Brandenburg University of Applied Sciences in Germany for two weeks. In April, they moved to the Delft University of Technology in the Netherlands for a further two weeks of studies. The pilot programme consists of six teaching sessions in different academic institutions. At the inauguration in Delft, IAEA Director General Yukiya Amano commended this effort to train a new generation of experts who can help to improve global nuclear security. ''It is clear that we will need a new generation of policy-makers and nuclear professionals - people like you - who will have a proper understanding of the importance of nuclear security,'' Mr. Amano told students and faculty members. ''The IAEA's goal is to support the development of such programmes on a global basis,'' said David Lambert, Senior Training Officer in the IAEA's Office of Nuclear Security. ''An existing postgraduate degree programme focused on nuclear security at Naif Arab University for Security Sciences (NAUSS) is currently supported by

Validity evidence for the Security Scale as a measure of perceived attachment security in adolescence.

Science.gov (United States)

Van Ryzin, Mark J; Leve, Leslie D

2012-04-01

In this study, the validity of a self-report measure of children's perceived attachment security (the Kerns Security Scale) was tested using adolescents. With regards to predictive validity, the Security Scale was significantly associated with (1) observed mother-adolescent interactions during conflict and (2) parent- and teacher-rated social competence. With regards to convergent validity, the Security Scale was significantly associated with all subscales of the Adult Attachment Scale (i.e., Depend, Anxiety, and Close) as measured 3 years later. Further, these links were found even after controlling for mother-child relationship quality as assessed by the Inventory of Parent and Peer Attachment (IPPA), and chi-square difference tests indicated that the Security Scale was generally a stronger predictor as compared to the IPPA. These results suggest that the Security Scale can be used to assess perceived attachment security across both childhood and adolescence, and thus could contribute significantly to developmental research during this period. Copyright © 2011 The Foundation for Professionals in Services for Adolescents. Published by Elsevier Ltd. All rights reserved.

While Working Around Security

DEFF Research Database (Denmark)

Mathiasen, Niels Raabjerg

Users of technology encounter various IT security mechanisms in their everyday lives. If these mechanisms fail to support everyday activities, they either get in the way, or the users find a way to work around them. Even though users manage to carry out everyday activities by using substandard...... IT security mechanisms or via workarounds, it will influence their experience of security. If researchers and designers only focus on IT security artifacts and fail to take the user experience into account, incorrect processes or workarounds will occur. Accordingly, to get users to follow the correct process...... may seem to be a criterion of success, even though it may yield a less appropriate experience of security. This dissertation deals with an improved understanding of IT security sensitive IT artifacts and presents three design methods, and a framework for addressing the complexities and contingencies...

Natural gas to improve energy security in Small Island Developing States: A techno-economic analysis

Directory of Open Access Journals (Sweden)

Pravesh Raghoo

Full Text Available There is a paucity of studies on natural gas-based energy production in Small Island Developing States (SIDS even though technological improvements today are likely to make the application of natural gas more and more feasible. The development of natural gas in some of the regions of the Pacific, Africa, Indian Ocean and Caribbean attracts nearby countries and the coming up of the compressed natural gas (CNG technology which can serve regional markets are two motivations for SIDS to develop natural gas-based energy provision. A third factor concerns long-term energy security. Due to continued reliance on fossil fuels and slow uptake of renewable energy, there is a need to diversify SIDS’ energy mix for a sustainable electricity industry. Comparing the opportunities and constraints of liquefied natural gas (LNG and compressed natural gas (CNG in a SIDS-specific context, this paper discusses how to improve the integration of natural gas in prevailing energy regimes in SIDS as an alternative fuel to oil and complementary to renewable energy sources. To illustrate feasibility in practice, a techno-economic analysis is carried out using the island of Mauritius as an example. Keywords: Energy security, Natural gas, Small Island Developing States

EVALUATION OF ECOLOGICAL ENVIRONMENT SECURITY IN CONTIGUOUS POVERTY ALLEVIATION AREA OF SICHUAN PROVINCE

Directory of Open Access Journals (Sweden)

W. Xian

2018-04-01

Full Text Available According to the overall requirements of ecological construction and environmental protection, rely on the national key ecological engineering, strengthen ecological environmental restoration and protection, improve forest cover, control soil erosion, construct important ecological security barrier in poor areas, inhibit poverty alleviation through ecological security in this area from environmental damage to the vicious cycle of poverty. Obviously, the dynamic monitoring of ecological security in contiguous destitute areas of Sichuan province has a policy sense of urgency and practical significance. This paper adopts RS technology and GIS technology to select the Luhe region of Jinchuan county and Ganzi prefecture as the research area, combined with the characteristics of ecological environment in poor areas, the impact factors of ecological environment are determined as land use type, terrain slope, vegetation cover, surface water, soil moisture and other factors. Using the ecological environmental safety assessment model, the ecological environment safety index is calculated. According to the index, the ecological environment safety of the research area is divided into four levels. The ecological environment safety classification map of 1990 in 2009 is obtained. It can be seen that with the human modern life and improve their economic level, the surrounding environment will be destroyed, because the research area ecological environment is now in good, the ecological environment generally tends to be stable. We should keep its ecological security good and improve local economic income. The relationship between ecological environmental security and economic coordinated development in poor areas has very important strategic significance.

Study to Improve Security for IoT Smart Device Controller: Drawbacks and Countermeasures

Directory of Open Access Journals (Sweden)

Xin Su

2018-01-01

Full Text Available Including mobile environment, conventional security mechanisms have been adapted to satisfy the needs of users. However, the device environment-IoT-based number of connected devices is quite different to the previous traditional desktop PC- or mobile-based environment. Based on the IoT, different kinds of smart and mobile devices are fully connected automatically via device controller, such as smartphone. Therefore, controller must be secure compared to conventional security mechanism. According to the existing security threats, these are quite different from the previous ones. Thus, the countermeasures applied should be changed. However, the smart device-based authentication techniques that have been proposed to date are not adequate in terms of usability and security. From the viewpoint of usability, the environment is based on mobility, and thus devices are designed and developed to enhance their owners’ efficiency. Thus, in all applications, there is a need to consider usability, even when the application is a security mechanism. Typically, mobility is emphasized over security. However, considering that the major characteristic of a device controller is deeply related to its owner’s private information, a security technique that is robust to all kinds of attacks is mandatory. In this paper, we focus on security. First, in terms of security achievement, we investigate and categorize conventional attacks and emerging issues and then analyze conventional and existing countermeasures, respectively. Finally, as countermeasure concepts, we propose several representative methods.

What we talk about when we talk about cybersecurity: security in internet governance debates

Directory of Open Access Journals (Sweden)

Josephine Wolff

2016-09-01

Full Text Available At meetings of internet governance organisations, participants generally agree that improving security is an important goal, but these conversations rarely yield consensus around how to achieve this outcome. One reason security plays this paradoxical role—as both a universal point of agreement and a continued source of contention—in these debates is that it has significantly different meanings to different stakeholders involved in these governance forums. In this paper, we discuss how different stakeholders define and frame internet security issues in the context of governance debates and analyse how these conflicting notions of security continue to shape emerging controversies.

Assessment of Performance Measures for Security of the Maritime Transportation Network, Port Security Metrics : Proposed Measurement of Deterrence Capability

Science.gov (United States)

2007-01-03

This report is the thirs in a series describing the development of performance measures pertaining to the security of the maritime transportation network (port security metrics). THe development of measures to guide improvements in maritime security ...

Symmetric Stream Cipher using Triple Transposition Key Method and Base64 Algorithm for Security Improvement

Science.gov (United States)

Nurdiyanto, Heri; Rahim, Robbi; Wulan, Nur

2017-12-01

Symmetric type cryptography algorithm is known many weaknesses in encryption process compared with asymmetric type algorithm, symmetric stream cipher are algorithm that works on XOR process between plaintext and key, to improve the security of symmetric stream cipher algorithm done improvisation by using Triple Transposition Key which developed from Transposition Cipher and also use Base64 algorithm for encryption ending process, and from experiment the ciphertext that produced good enough and very random.

Efficient and Provable Secure Pairing-Free Security-Mediated Identity-Based Identification Schemes

Directory of Open Access Journals (Sweden)

Ji-Jian Chin

2014-01-01

Full Text Available Security-mediated cryptography was first introduced by Boneh et al. in 2001. The main motivation behind security-mediated cryptography was the capability to allow instant revocation of a user’s secret key by necessitating the cooperation of a security mediator in any given transaction. Subsequently in 2003, Boneh et al. showed how to convert a RSA-based security-mediated encryption scheme from a traditional public key setting to an identity-based one, where certificates would no longer be required. Following these two pioneering papers, other cryptographic primitives that utilize a security-mediated approach began to surface. However, the security-mediated identity-based identification scheme (SM-IBI was not introduced until Chin et al. in 2013 with a scheme built on bilinear pairings. In this paper, we improve on the efficiency results for SM-IBI schemes by proposing two schemes that are pairing-free and are based on well-studied complexity assumptions: the RSA and discrete logarithm assumptions.

Efficient and provable secure pairing-free security-mediated identity-based identification schemes.

Science.gov (United States)

Chin, Ji-Jian; Tan, Syh-Yuan; Heng, Swee-Huay; Phan, Raphael C-W

2014-01-01

Security-mediated cryptography was first introduced by Boneh et al. in 2001. The main motivation behind security-mediated cryptography was the capability to allow instant revocation of a user's secret key by necessitating the cooperation of a security mediator in any given transaction. Subsequently in 2003, Boneh et al. showed how to convert a RSA-based security-mediated encryption scheme from a traditional public key setting to an identity-based one, where certificates would no longer be required. Following these two pioneering papers, other cryptographic primitives that utilize a security-mediated approach began to surface. However, the security-mediated identity-based identification scheme (SM-IBI) was not introduced until Chin et al. in 2013 with a scheme built on bilinear pairings. In this paper, we improve on the efficiency results for SM-IBI schemes by proposing two schemes that are pairing-free and are based on well-studied complexity assumptions: the RSA and discrete logarithm assumptions.

Security and gain improvement of a practical quantum key distribution using a gated single-photon source and probabilistic photon-number resolution

International Nuclear Information System (INIS)

Horikiri, Tomoyuki; Sasaki, Hideki; Wang, Haibo; Kobayashi, Takayoshi

2005-01-01

We propose a high security quantum key distribution (QKD) scheme utilizing one mode of spontaneous parametric downconversion gated by a photon number resolving detector. This photon number measurement is possible by using single-photon detectors operating at room temperature and optical fibers. By post selection, the multiphoton probability in this scheme can be reduced to lower than that of a scheme using an attenuated coherent light resulting in improvement of security. Furthermore, if distillation protocol (error correction and privacy amplification) is performed, the gain will be increased. Hence a QKD system with higher security and bit rate than the laser-based QKD system can be attained using present available technologies

How to improve nuclear security worldwide: Three young women win IAEA essay contest

International Nuclear Information System (INIS)

Li, Jeremy

2016-01-01

Three essays that provided actionable and innovative recommendations to strengthen nuclear security through stronger border controls, closer international cooperation and public education won the IAEA’s first ever nuclear security essay contest. In preparation for the International Conference on Nuclear Security: Commitments and Actions, the IAEA invited students and young professionals to submit essays focusing on challenges and recommendations to strengthen nuclear security. A panel of experts from the IAEA and the International Nuclear Security Education Network selected three winners from among the 353 submissions received. The winners will present their papers at the conference, taking place in Vienna in December 2016

How to improve nuclear security worldwide: Three young women win IAEA essay contest

International Nuclear Information System (INIS)

Li, Jeremy

2016-01-01

Three essays that provided actionable and innovative recommendations to strengthen nuclear security through stronger border controls, closer international cooperation and public education won the IAEA’s first ever nuclear security essay contest. In preparation for the International Conference on Nuclear Security: Commitments and Actions, the IAEA invited students and young professionals to submit essays focusing on challenges and recommendations to strengthen nuclear security. A panel of experts from the IAEA and the International Nuclear Security Education Network selected three winners from among the 353 submissions received. The winners will present their papers at the conference, taking place in Vienna in December 2016.

Conseptual framework of ensuring food security in the Ural federal district

Directory of Open Access Journals (Sweden)

Aleksandr Samvelovich Beletskiy

2011-12-01

Full Text Available The paper reviews the risks and threats to food security of the Ural Federal District which can significantly reduce its the level. The most significant risks are grouped according to the following classification: macroeconomic, technological, climatic, agro-ecological and foreign trade risks. The main directions of economic policy of the Ural Federal District in the area of food security are defined. Particular attention is paid to the improvement of economic and physical availability of food for all groups of population and to the problems of formation of the state material reserves and food safety. Strategic development priorities in the field of agricultural and fishery products, raw materials and food, sustainable development of rural areas in the field of foreign policy are formulated. Conceptual bases for the implementation mechanism of economic policies to ensure food security in the region are suggested.

Metaphors for cyber security.

Energy Technology Data Exchange (ETDEWEB)

Moore, Judy Hennessey; Parrott, Lori K.; Karas, Thomas H.

2008-08-01

This report is based upon a workshop, called 'CyberFest', held at Sandia National Laboratories on May 27-30, 2008. Participants in the workshop came from organizations both outside and inside Sandia. The premise of the workshop was that thinking about cyber security from a metaphorical perspective could lead to a deeper understanding of current approaches to cyber defense and perhaps to some creative new approaches. A wide range of metaphors was considered, including those relating to: military and other types of conflict, biological, health care, markets, three-dimensional space, and physical asset protection. These in turn led to consideration of a variety of possible approaches for improving cyber security in the future. From the proposed approaches, three were formulated for further discussion. These approaches were labeled 'Heterogeneity' (drawing primarily on the metaphor of biological diversity), 'Motivating Secure Behavior' (taking a market perspective on the adoption of cyber security measures) and 'Cyber Wellness' (exploring analogies with efforts to improve individual and public health).

Security Analysis and the Contribution of UPFC for Improving Voltage Stability

Directory of Open Access Journals (Sweden)

Asma Meddeb

2018-02-01

Full Text Available The occurrence of many failures in the power system can lead to power instability and affects the system parameters to go beyond its operating limits. It may lead to obstructing the secure operations and reliability of power systems. Ensuring power system security needs proper actions to be taken for the undesirable contingency. Thus, security analysis is important tasks in modern energy management systems. This paper proposes an approach based on the Newton Raphson power flow method for power system security analysis. Firstly, the contingencies will be specified to assess their impact on the transient stability. Secondly, the selected contingencies will be classified in the order of severity. In addition, the integration of the Unified Power Flow Controller (UPFC to enhance the transient stability of the power system is considered. The proposed method is implemented on the IEEE-14 bus system. We performed this case study using the well-known software EUROSTAG.

While working around security

DEFF Research Database (Denmark)

Mathiasen, Niels Raabjerg; Bødker, Susanne; Petersen, Marianne Graves

This paper describes our work at two levels. First of all the paper discusses how users of IT deal with issues of IT security in their everyday life. Secondly, we discuss how the kind of understanding of IT security that comes out of careful analyses of use confronts the ways in which usable...... IT security is established in the literature. Recent literature has called for better conceptual models as a starting point for improving IT security. In contrast to such models we propose to dress up designers by helping them better understand the work that goes into everyday security. The result...... is a methodological toolbox that helps address and design for usable and useful IT security. We deploy examples of analyses and design, carried out by ourselves and by others to fine-tune our design perspective; in particular we use examples from three current research projects....

Secure Enclaves: An Isolation-centric Approach for Creating Secure High Performance Computing Environments

Energy Technology Data Exchange (ETDEWEB)

Aderholdt, Ferrol [Tennessee Technological Univ., Cookeville, TN (United States); Caldwell, Blake A. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Hicks, Susan Elaine [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Koch, Scott M. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Naughton, III, Thomas J. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Pelfrey, Daniel S. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Pogge, James R [Tennessee Technological Univ., Cookeville, TN (United States); Scott, Stephen L [Tennessee Technological Univ., Cookeville, TN (United States); Shipman, Galen M. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Sorrillo, Lawrence [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States)

2017-01-01

High performance computing environments are often used for a wide variety of workloads ranging from simulation, data transformation and analysis, and complex workflows to name just a few. These systems may process data at various security levels but in so doing are often enclaved at the highest security posture. This approach places significant restrictions on the users of the system even when processing data at a lower security level and exposes data at higher levels of confidentiality to a much broader population than otherwise necessary. The traditional approach of isolation, while effective in establishing security enclaves poses significant challenges for the use of shared infrastructure in HPC environments. This report details current state-of-the-art in virtualization, reconfigurable network enclaving via Software Defined Networking (SDN), and storage architectures and bridging techniques for creating secure enclaves in HPC environments.

Security Sector Reform in Albania

OpenAIRE

Abazi, Enika; Bumci, Aldo; Hide, Enri; Rakipi, Albert

2009-01-01

International audience; This paper analyses security sector reform (SSR) in Albania. In all its enterprises in reforming the security sector,Albania is assisted by different initiatives and projects that provide expertise and financial support. To assesswhether reforms improved the overall security environment (national and human) of the country, it is necessaryto measure the effectiveness of the various initiatives and projects. This is gauged by how well the initiatives andprojects achieved...

Smart grid security

CERN Document Server

Goel, Sanjay; Papakonstantinou, Vagelis; Kloza, Dariusz

2015-01-01

This book on smart grid security is meant for a broad audience from managers to technical experts. It highlights security challenges that are faced in the smart grid as we widely deploy it across the landscape. It starts with a brief overview of the smart grid and then discusses some of the reported attacks on the grid. It covers network threats, cyber physical threats, smart metering threats, as well as privacy issues in the smart grid. Along with the threats the book discusses the means to improve smart grid security and the standards that are emerging in the field. The second part of the b

Improving ward environments and developing skills for discharge with the implementation of self-catering on a low secure forensic unit.

Science.gov (United States)

O'Reilly, Alison

2016-01-01

The opportunities for service users to develop skills for more independent living and take control of their environments are limited in secure mental health units. This paper will outline a quality improvement project that changed how the catering services were delivered in a low secure unit in East London NHS Foundation Trust (ELFT). A Quality Improvement methodology was adopted incorporating the Plan, Do, Study, Act (PDSA) cycle which included the trial of service users preparing their own meals on a daily basis. The participation rates were measured and functional daily living skills were recorded. Following success of the trial, long-term implementation of self-catering was agreed, with service users being supported to prepare a shared evening meal every day on the ward with an average of 60% participation. Functional living skills indicated an improvement in the area of process skills. The project aligned with ELFT's aims of service users working in collaboration with staff to implement changes in service delivery.

Physical Layer Built-In Security Analysis and Enhancement Algorithms for CDMA Systems

Directory of Open Access Journals (Sweden)

Li Tongtong

2007-01-01

Full Text Available Historically developed for secure communication and military use, CDMA has been identified as a major modulation and multiple-access technique for 3G systems and beyond. In addition to the wide bandwidth and low power-spectrum density which make CDMA signals robust to narrowband jamming and easy to be concealed within the noise floor, the physical layer built-in information privacy of CDMA system is provided by pseudorandom scrambling. In this paper, first, security weakness of the operational and proposed CDMA airlink interfaces is analyzed. Second, based on the advanced encryption standard (AES, we propose to enhance the physical layer built-in security of CDMA systems through secure scrambling. Performance analysis demonstrates that while providing significantly improved information privacy, CDMA systems with secure scrambling have comparable computational complexity and overall system performance with that of conventionally scrambled systems. Moreover, it is shown that by scrambling the training sequence and the message sequence separately with two independent scrambling sequences, both information privacy and system performance can be further improved. The proposed scheme can readily be applied to 3G systems and beyond.

Measurable Control System Security through Ideal Driven Technical Metrics

Energy Technology Data Exchange (ETDEWEB)

Miles McQueen; Wayne Boyer; Sean McBride; Marie Farrar; Zachary Tudor

2008-01-01

The Department of Homeland Security National Cyber Security Division supported development of a small set of security ideals as a framework to establish measurable control systems security. Based on these ideals, a draft set of proposed technical metrics was developed to allow control systems owner-operators to track improvements or degradations in their individual control systems security posture. The technical metrics development effort included review and evaluation of over thirty metrics-related documents. On the bases of complexity, ambiguity, or misleading and distorting effects the metrics identified during the reviews were determined to be weaker than necessary to aid defense against the myriad threats posed by cyber-terrorism to human safety, as well as to economic prosperity. Using the results of our metrics review and the set of security ideals as a starting point for metrics development, we identified thirteen potential technical metrics - with at least one metric supporting each ideal. Two case study applications of the ideals and thirteen metrics to control systems were then performed to establish potential difficulties in applying both the ideals and the metrics. The case studies resulted in no changes to the ideals, and only a few deletions and refinements to the thirteen potential metrics. This led to a final proposed set of ten core technical metrics. To further validate the security ideals, the modifications made to the original thirteen potential metrics, and the final proposed set of ten core metrics, seven separate control systems security assessments performed over the past three years were reviewed for findings and recommended mitigations. These findings and mitigations were then mapped to the security ideals and metrics to assess gaps in their coverage. The mappings indicated that there are no gaps in the security ideals and that the ten core technical metrics provide significant coverage of standard security issues with 87% coverage. Based

Inhaler Reminders Significantly Improve Asthma Patients' Use of Controller Medications

Science.gov (United States)

... controller medications Share | Inhaler reminders significantly improve asthma patients’ use of controller medications Published Online: July 22, ... the burden and risk of asthma, but many patients do not use them regularly. This poor adherence ...

Improving computer security for authentication of users: influence of proactive password restrictions.

Science.gov (United States)

Proctor, Robert W; Lien, Mei-Ching; Vu, Kim-Phuong L; Schultz, E Eugene; Salvendy, Gavriel

2002-05-01

Entering a username-password combination is a widely used procedure for identification and authentication in computer systems. However, it is a notoriously weak method, in that the passwords adopted by many users are easy to crack. In an attempt to improve security, proactive password checking may be used, in which passwords must meet several criteria to be more resistant to cracking. In two experiments, we examined the influence of proactive password restrictions on the time that it took to generate an acceptable password and to use it subsequently to long in. The required length was a minimum of five characters in Experiment 1 and eight characters in Experiment 2. In both experiments, one condition had only the length restriction, and the other had additional restrictions. The additional restrictions greatly increased the time it took to generate the password but had only a small effect on the time it took to use it subsequently to long in. For the five-character passwords, 75% were cracked when no other restrictions were imposed, and this was reduced to 33% with the additional restrictions. For the eight-character passwords, 17% were cracked with no other restrictions, and 12.5% with restrictions. The results indicate that increasing the minimum character length reduces crackability and increases security, regardless of whether additional restrictions are imposed.

Security Testing in Agile Web Application Development - A Case Study Using the EAST Methodology

CERN Document Server

Erdogan, Gencer

2010-01-01

There is a need for improved security testing methodologies specialized for Web applications and their agile development environment. The number of web application vulnerabilities is drastically increasing, while security testing tends to be given a low priority. In this paper, we analyze and compare Agile Security Testing with two other common methodologies for Web application security testing, and then present an extension of this methodology. We present a case study showing how our Extended Agile Security Testing (EAST) performs compared to a more ad hoc approach used within an organization. Our working hypothesis is that the detection of vulnerabilities in Web applications will be significantly more efficient when using a structured security testing methodology specialized for Web applications, compared to existing ad hoc ways of performing security tests. Our results show a clear indication that our hypothesis is on the right track.

Network Security Visualization

National Research Council Canada - National Science Library

1999-01-01

The application of interactive, three-dimensional viewing techniques to the representation of security-related, computer network status and events is expected to improve the timeliness and efficiency...

Genetically modified crops and food security.

Directory of Open Access Journals (Sweden)

Matin Qaim

Full Text Available The role of genetically modified (GM crops for food security is the subject of public controversy. GM crops could contribute to food production increases and higher food availability. There may also be impacts on food quality and nutrient composition. Finally, growing GM crops may influence farmers' income and thus their economic access to food. Smallholder farmers make up a large proportion of the undernourished people worldwide. Our study focuses on this latter aspect and provides the first ex post analysis of food security impacts of GM crops at the micro level. We use comprehensive panel data collected over several years from farm households in India, where insect-resistant GM cotton has been widely adopted. Controlling for other factors, the adoption of GM cotton has significantly improved calorie consumption and dietary quality, resulting from increased family incomes. This technology has reduced food insecurity by 15-20% among cotton-producing households. GM crops alone will not solve the hunger problem, but they can be an important component in a broader food security strategy.

Genetically Modified Crops and Food Security

Science.gov (United States)

Qaim, Matin; Kouser, Shahzad

2013-01-01

The role of genetically modified (GM) crops for food security is the subject of public controversy. GM crops could contribute to food production increases and higher food availability. There may also be impacts on food quality and nutrient composition. Finally, growing GM crops may influence farmers’ income and thus their economic access to food. Smallholder farmers make up a large proportion of the undernourished people worldwide. Our study focuses on this latter aspect and provides the first ex post analysis of food security impacts of GM crops at the micro level. We use comprehensive panel data collected over several years from farm households in India, where insect-resistant GM cotton has been widely adopted. Controlling for other factors, the adoption of GM cotton has significantly improved calorie consumption and dietary quality, resulting from increased family incomes. This technology has reduced food insecurity by 15–20% among cotton-producing households. GM crops alone will not solve the hunger problem, but they can be an important component in a broader food security strategy. PMID:23755155

Genetically modified crops and food security.

Science.gov (United States)

Qaim, Matin; Kouser, Shahzad

2013-01-01

The role of genetically modified (GM) crops for food security is the subject of public controversy. GM crops could contribute to food production increases and higher food availability. There may also be impacts on food quality and nutrient composition. Finally, growing GM crops may influence farmers' income and thus their economic access to food. Smallholder farmers make up a large proportion of the undernourished people worldwide. Our study focuses on this latter aspect and provides the first ex post analysis of food security impacts of GM crops at the micro level. We use comprehensive panel data collected over several years from farm households in India, where insect-resistant GM cotton has been widely adopted. Controlling for other factors, the adoption of GM cotton has significantly improved calorie consumption and dietary quality, resulting from increased family incomes. This technology has reduced food insecurity by 15-20% among cotton-producing households. GM crops alone will not solve the hunger problem, but they can be an important component in a broader food security strategy.

Audit for Information Systems Security

Directory of Open Access Journals (Sweden)

Ana-Maria SUDUC

2010-01-01

Full Text Available The information and communication technologies advances made available enormous and vast amounts of information. This availability generates also significant risks to computer systems, information and to the critical operations and infrastructures they support. In spite of significant advances in the information security area many information systems are still vulnerable to inside or outside attacks. The existence of an internal audit for information system security increases the probability of adopting adequate security measures and preventing these attacks or lowering the negative consequences. The paper presents an exploratory study on informatics audit for information systems security.

Automated Information Security Will Not Improve until Effectively Supported by IRM.

Science.gov (United States)

Chick, Morey J.

1989-01-01

The first of two articles on the nature of the growing problem of automated information systems security, especially in the federal government, this article presents a brief history of the problem and describes the need for integrating security activities into overall policies and programs to help reduce system vulnerabilities and risks. (23…

Evaluation of the nuclear security culture

International Nuclear Information System (INIS)

Spitalnik, Jorge

2003-01-01

The security culture of an organization resides in its workers and it is expressed by the way the personnel that works in a particular organization practice daily its activities. The security culture can be practice in a high or in a low level, but it always exists and it can always be improved. It is based on the security condition and procedures that have been established in the planning phase and in the implementation of a project. After its implantation, in order to avoid deterioration, basically it is necessary to maintain and to bring updated those conditions and procedures through strategies of follow up and control. This process establishes the basis of a program of maintenance and improvement of the Security Culture. Many self-evaluations that have been accomplished at nuclear organizations based on workers perception concerning working conditions and management environment, have permitted objectively determine if the security doctrine, which the organization assure to follow rigorously into its dally activities, is really so (LS)

Organizational Commitment and Job Satisfaction of Security Operatives in Selected Tertiary Institutions In Kwara State

Directory of Open Access Journals (Sweden)

Alade Y. Saliu

2015-11-01

Full Text Available The prevalence of civil disorder and cultism in higher institutions of learning in Nigeria and the apparent inability of security operatives to stem the tide has continued to be a source of concern to both the Government and Individuals in recent times. This study examines the effect of organisational commitment on job satisfaction among security operatives working in Nigeria universities. In this study a sample of three hundred (300 security operatives were selected from both public and private universities in Kwara State. Data were collected through self-administered questionnaire and analysed through Descriptive, Comparative, Regression analysis and Spearman Rank Correlation. The findings revealed that these security operatives, a positive relationship exists between organisational commitment and job satisfaction with affective commitment having little or no significant relationship and continuance commitment having significant positive relationship. The study also found that the level of affective commitment was significantly lower than the other components. The study thus concludes that there is a significant positive relationship between organisation commitment and job satisfaction amongst the security operatives. Based on the findings, it was recommended that the selected Universities should focus on improving affective and normative commitment among security operatives in order to be able to deal with the problem of high job turnover and poor performance.

Understanding food security issues in remote Western Australian Indigenous communities.

Science.gov (United States)

Pollard, Christina M; Nyaradi, Anett; Lester, Matthew; Sauer, Kay

2014-08-01

Food insecurity in remote Western Australian (WA) Indigenous communities. This study explored remote community store managers' views on issues related to improving food security in order to inform health policy. A census of all remote WA Indigenous community store managers was conducted in 2010. Telephone interviews sought managers' perceptions of community food insecurity, problems with their store, and potential policy options for improving the supply, accessibility, affordability and consumption of nutritious foods. Descriptive analyses were conducted using SPSS for Windows version 17.0. Managers stated that freight costs and irregular deliveries contributed to high prices and a limited range of foods. Poor store infrastructure, compromised cold chain logistics, and commonly occurring power outages affected food quality. Half of the managers said there was hunger in their community because people did not have enough money to buy food. The role of nutritionists beyond a clinical and educational role was not understood. Food security interventions in remote communities need to take into consideration issues such as freight costs, transport and low demand for nutritious foods. Store managers provide important local knowledge regarding the development and implementation of food security interventions. SO WHAT? Agencies acting to address the issue of food insecurity in remote WA Indigenous communities should heed the advice of community store managers that high food prices, poor quality and limited availability are mainly due to transport inefficiencies and freight costs. Improving healthy food affordability in communities where high unemployment and low household income abound is fundamental to improving food security, yet presents a significant challenge.

Selecting Optimal Subset of Security Controls

OpenAIRE

Yevseyeva, I.; Basto-Fernandes, V.; Michael, Emmerich, T. M.; Moorsel, van, A.

2015-01-01

Open Access journal Choosing an optimal investment in information security is an issue most companies face these days. Which security controls to buy to protect the IT system of a company in the best way? Selecting a subset of security controls among many available ones can be seen as a resource allocation problem that should take into account conflicting objectives and constraints of the problem. In particular, the security of the system should be improved without hindering productivity, ...

Human security from paradigm shift to operationalisation: job description for a human security worker

NARCIS (Netherlands)

Glasius, M.

2008-01-01

This article shows how human security has functioned as both a paradigm-shifting and a bridging concept, with its most significant implications being, first, the shift from a focus on state security to one on human rights, and, second, the indivisibility of physical and material security. The

Feasibility of a novel participatory multi-sector continuous improvement approach to enhance food security in remote Indigenous Australian communities.

Science.gov (United States)

Brimblecombe, J; Bailie, R; van den Boogaard, C; Wood, B; Liberato, S C; Ferguson, M; Coveney, J; Jaenke, R; Ritchie, J

2017-12-01

Food insecurity underlies and compounds many of the development issues faced by remote Indigenous communities in Australia. Multi-sector approaches offer promise to improve food security. We assessed the feasibility of a novel multi-sector approach to enhance community food security in remote Indigenous Australia. A longitudinal comparative multi-site case study, the Good Food Systems Good Food for All Project, was conducted (2009-2013) with four Aboriginal communities. Continuous improvement meetings were held in each community. Data from project documents and store sales were used to assess feasibility according to engagement, uptake and sustainability of action, and impact on community diet, as well as identifying conditions facilitating or hindering these. Engagement was established where: the community perceived a need for the approach; where trust was developed between the community and facilitators; where there was community stability; and where flexibility was applied in the timing of meetings. The approach enabled stakeholders in each community to collectively appraise the community food system and plan action. Actions that could be directly implemented within available resources resulted from developing collaborative capacity. Actions requiring advocacy, multi-sectoral involvement, commitment or further resources were less frequently used. Positive shifts in community diet were associated with key areas where actions were implemented. A multi-sector participatory approach seeking continuous improvement engaged committed Aboriginal and non-Aboriginal stakeholders and was shown to have potential to shift community diet. Provision of clear mechanisms to link this approach with higher level policy and decision-making structures, clarity of roles and responsibilities, and processes to prioritise and communicate actions across sectors should further strengthen capacity for food security improvement. Integrating this approach enabling local decision-making into

Homomorphic encryption and secure comparison

DEFF Research Database (Denmark)

Damgård, Ivan Bjerre; Geisler, Martin; Krøigaard, Mikkel

2008-01-01

Computation (MPC). We show how our comparison protocol can be used to improve security of online auctions, and demonstrate that it is efficient enough to be used in practice. For comparison of 16 bits numbers with security based on 1024 bits RSA (executed by two parties), our implementation takes 0.28 sec......We propose a protocol for secure comparison of integers based on homomorphic encryption.We also propose a homomorphic encryption scheme that can be used in our protocol, makes it more efficient than previous solutions, and can also be used as the basis of efficient and general secure Multiparty...

Energy security and the IEA ExCo on combustion

Energy Technology Data Exchange (ETDEWEB)

Hutchinson, P. [Hutchinson Consultant (United Kingdom)

2009-07-01

Energy security is an issue for those nations which consume more energy than is available from indigenous sources. A failure to secure adequate energy supplies at an acceptable price prejudices both national and economic security. Energy security is therefore a significant policy issue. A discussion of energy security and the International Energy Agency ExCo on combustion was offered in this presentation. The purpose of the discussion was to determine if a task or set of tasks on combustion research related to energy security should be launched; the structure of such a task; topics of interest; who would wish to participate; who would lead the collaboration; and the next steps. The presentation discussed the proper understanding and analysis of energy security and the interactions between international politics; defence; economics and economic development; present and future technologies; national infrastructure; resource distribution; and environmental science and politics. The presentation also discussed whether there was a shortage of energy, world reserves of crude oil, coal, and hydrocarbons. Oil supply disruptions and nominal and real world oil prices were also discussed. Options for addressing energy security were presented, with particular reference to increasing the energy intensity of the economy; using a wide range of different fuels such as coal; developing indigenous supplies such as renewables; and developing a reliable long life energy source. It was concluded that imports of energy can be reduced when energy security improves. tabs., figs.

Re-designing the PhEDEx Security Model

Science.gov (United States)

C-H, Huang; Wildish, T.; X, Zhang

2014-06-01

PhEDEx, the data-placement tool used by the CMS experiment at the LHC, was conceived in a more trusting time. The security model provided a safe environment for site agents and operators, but offerred little more protection than that. Data was not sufficiently protected against loss caused by operator error or software bugs or by deliberate manipulation of the database. Operators were given high levels of access to the database, beyond what was actually needed to accomplish their tasks. This exposed them to the risk of suspicion should an incident occur. Multiple implementations of the security model led to difficulties maintaining code, which can lead to degredation of security over time. In order to meet the simultaneous goals of protecting CMS data, protecting the operators from undue exposure to risk, increasing monitoring capabilities and improving maintainability of the security model, the PhEDEx security model was redesigned and re-implemented. Security was moved from the application layer into the database itself, fine-grained access roles were established, and tools and procedures created to control the evolution of the security model over time. In this paper we describe this work, we describe the deployment of the new security model, and we show how these enhancements improve security on several fronts simultaneously.

Re-designing the PhEDEx security model

International Nuclear Information System (INIS)

Huang C-H; Wildish, T; Zhang X

2014-01-01

PhEDEx, the data-placement tool used by the CMS experiment at the LHC, was conceived in a more trusting time. The security model provided a safe environment for site agents and operators, but offerred little more protection than that. Data was not sufficiently protected against loss caused by operator error or software bugs or by deliberate manipulation of the database. Operators were given high levels of access to the database, beyond what was actually needed to accomplish their tasks. This exposed them to the risk of suspicion should an incident occur. Multiple implementations of the security model led to difficulties maintaining code, which can lead to degredation of security over time. In order to meet the simultaneous goals of protecting CMS data, protecting the operators from undue exposure to risk, increasing monitoring capabilities and improving maintainability of the security model, the PhEDEx security model was redesigned and re-implemented. Security was moved from the application layer into the database itself, fine-grained access roles were established, and tools and procedures created to control the evolution of the security model over time. In this paper we describe this work, we describe the deployment of the new security model, and we show how these enhancements improve security on several fronts simultaneously.

The remote security station (RSS)

International Nuclear Information System (INIS)

Pletta, J.B.

1991-01-01

This paper reports that, as an outgrowth of research into physical security systems, Sandia is investigating robotic technologies for improving physical security performance and flexibility. Robotic systems have the potential to allow more effective utilization of security personnel, especially in scenarios where they might be exposed to harm. They also can supplement fixed site installations where sensors have failed or where transient assets are present. The Remote Security Station (RSS) program for the defense Nuclear Agency is developing a proof-of-principle robotic system which will be used to evaluate the role, and associated cost, of robotic technologies in exterior physical security systems. The RSS consists of three primary elements: a fixed but quickly moveable tripod with intrusion detection sensors and assessment camera; a mobile robotic platform with a functionally identical security module; and a control console which allows an operator to perform security functions and teleoperate the mobile platform

Security Vulnerability Profiles of NASA Mission Software: Empirical Analysis of Security Related Bug Reports

Science.gov (United States)

Goseva-Popstojanova, Katerina; Tyo, Jacob P.; Sizemore, Brian

2017-01-01

NASA develops, runs, and maintains software systems for which security is of vital importance. Therefore, it is becoming an imperative to develop secure systems and extend the current software assurance capabilities to cover information assurance and cybersecurity concerns of NASA missions. The results presented in this report are based on the information provided in the issue tracking systems of one ground mission and one flight mission. The extracted data were used to create three datasets: Ground mission IVV issues, Flight mission IVV issues, and Flight mission Developers issues. In each dataset, we identified the software bugs that are security related and classified them in specific security classes. This information was then used to create the security vulnerability profiles (i.e., to determine how, why, where, and when the security vulnerabilities were introduced) and explore the existence of common trends. The main findings of our work include:- Code related security issues dominated both the Ground and Flight mission IVV security issues, with 95 and 92, respectively. Therefore, enforcing secure coding practices and verification and validation focused on coding errors would be cost effective ways to improve mission's security. (Flight mission Developers issues dataset did not contain data in the Issue Category.)- In both the Ground and Flight mission IVV issues datasets, the majority of security issues (i.e., 91 and 85, respectively) were introduced in the Implementation phase. In most cases, the phase in which the issues were found was the same as the phase in which they were introduced. The most security related issues of the Flight mission Developers issues dataset were found during Code Implementation, Build Integration, and Build Verification; the data on the phase in which these issues were introduced were not available for this dataset.- The location of security related issues, as the location of software issues in general, followed the Pareto

Cyber crisis management: a decision-support framework for disclosing security incident information

NARCIS (Netherlands)

Kulikova, Olga; Heil, Ronald; van den Berg, Jan; Pieters, Wolter

2012-01-01

The growing sophistication and frequency of cyber attacks force modern companies to be prepared beforehand for potential cyber security incidents and data leaks. A proper incident disclosure strategy can significantly improve timeliness and effectiveness of incident response activities, reduce legal

FINANCIAL STABILITY AS A FACTOR ECONOMIC SECURITY

Directory of Open Access Journals (Sweden)

A. V. Endovitskaya

2015-01-01

Full Text Available Summary. The article examines the linkages between financial stability and the level of its economic security. Considered the content of financial stability, represented by its own definition, we studied the basic conditions to achieve it. The logic diagram showing the location of financial stability and financial security to ensure the economic security of the business entity. A system of internal and external factors affecting the financial stability and endanger financial stability and financial security company. It has been established that it is the internal factors such as the availability of financial resources and financial position, capital structure, the company's ability to generate profits determine the level of economic security and its ability to withstand the negative impact of external and internal threats. The necessity of improving the financial sustainability in order to improve the economic security of the enterprise. On the basis of the research proposed matrix of risks affecting the financial stability and economic security, which allows to determine the probability of their occurrence and impact. It presents the economic, social, human, financial, organizational, economic, innovative and productive tools to increase the stability and financial security of an economic entity. List considered standard measures will make a plan of action to minimize the adverse impacts and enhance financial stability and security. Therefore, a prerequisite for the economic security of the enterprise is the attainment of financial stability.

Embedding security messages in existing processes: a pragmatic and effective approach to information security culture change

CERN Document Server

Lopienski, Sebastian

Companies and organizations world-wide depend more and more on IT infrastructure and operations. Computer systems store vital information and sensitive data; computing services are essential for main business processes. This high dependency comes with a number of security risks, which have to be managed correctly on technological, organizational and human levels. Addressing the human aspects of information security often boils down just to procedures, training and awareness raising. On the other hand, employees and collaborators do not adopt security attitude and habits simply when told to do so – a real change in behaviour requires an established security culture. But how to introduce a security culture? This thesis outlines the need of developing or improving security culture, and discusses how this can be done. The proposed approach is to gradually build security knowledge and awareness, and influence behaviours. The way to achieve this is to make security communication pervasive by embedding security me...

Latvian Security and Defense Policy within the Twenty-First Century Security Environment

Directory of Open Access Journals (Sweden)

Rublovskis Raimonds

2014-12-01

Full Text Available The aim of this paper is to analyze fundamental factors which form and profoundly shape security and defense policy of the Republic of Latvia. One can argue that historical background, geographical location, common institutional history within the former Soviet Union, the Russia factor, the relative smallness of the territory of state and the population, the ethnic composition of the population, the low density of the population and rather limited financial and manpower resources available for the defense of the Republic of Latvia are the key factors of influence on the state security and defense policy. The core principles of the security and defense policy of Latvia are the membership in powerful global military alliance of NATO and bilateral strategic partnership with the United States. However, security and defense cooperation among the three Baltic States as well as enhanced cooperation within the Baltic-Nordic framework is seen as an important supplementary factor for the increased security of the Republic of Latvia. Latvia has developed a sustainable legal and institutional framework in order to contribute to state security and defense; however, security challenges and significant changes within the global security environment of the twenty-first century will further challenge the ability of the Republic of Latvia to sustain its current legal framework, and more importantly, current institutional structure of Latvian security and defense architecture. Significant internal and external challenges will impact the fundamental pillars of Latvian security and defense policy, such as American strategic shift to the Pacific, and lack of political will to increase defense budgets in European part of NATO. It has to be clear that very independence, security and defense of the Republic of Latvia depend on the ability of NATO to remain an effective organization with timely and efficient decision-making, and the ability of the United States to remain

Water security evaluation in Yellow River basin

Science.gov (United States)

Jiang, Guiqin; He, Liyuan; Jing, Juan

2018-03-01

Water security is an important basis for making water security protection strategy, which concerns regional economic and social sustainable development. In this paper, watershed water security evaluation index system including 3 levels of 5 criterion layers (water resources security, water ecological security and water environment security, water disasters prevention and control security and social economic security) and 24 indicators were constructed. The entropy weight method was used to determine the weights of the indexes in the system. The water security index of 2000, 2005, 2010 and 2015 in Yellow River basin were calculated by linear weighting method based on the relative data. Results show that the water security conditions continue to improve in Yellow River basin but still in a basic security state. There is still a long way to enhance the water security in Yellow River basin, especially the water prevention and control security, the water ecological security and water environment security need to be promoted vigorously.

ICT-Based Framework for Improved Food Security in Nigeria ...

African Journals Online (AJOL)

The six regional decision support systems in this model is a comprehensive database ... from research findings and innovations, inputs from agricultural extension officers, ... Keywords: Food Security, Interactive websites, National Internet host, ...

Data Security

OpenAIRE

Lopez, Diego

2013-01-01

Training specialists in the field of data security and security administrators for the information systems represents a significant priority demanded by both governmental environments and the central and local administrations, as well as by the private sector - companies, banks. They are responsible for implementing information services and systems, but they are also their beneficiaries, with applicability in fields such as: e government, e-administration, e-banking, e-commerce, e-payment, wh...

Food assistance is associated with improved body mass index, food security and attendance at clinic in an HIV program in central Haiti: a prospective observational cohort study

Directory of Open Access Journals (Sweden)

Ivers Louise C

2010-08-01

Full Text Available Abstract Background Few data are available to guide programmatic solutions to the overlapping problems of undernutrition and HIV infection. We evaluated the impact of food assistance on patient outcomes in a comprehensive HIV program in central Haiti in a prospective observational cohort study. Methods Adults with HIV infection were eligible for monthly food rations if they had any one of: tuberculosis, body mass index (BMI 2, CD4 cell count 3 (in the prior 3 months or severe socio-economic conditions. A total of 600 individuals (300 eligible and 300 ineligible for food assistance were interviewed before rations were distributed, at 6 months and at 12 months. Data collected included demographics, BMI and food insecurity score (range 0 - 20. Results At 6- and 12-month time-points, 488 and 340 subjects were eligible for analysis. Multivariable analysis demonstrated that at 6 months, food security significantly improved in those who received food assistance versus who did not (-3.55 vs -0.16; P Conclusions Food assistance was associated with improved food security, increased BMI, and improved adherence to clinic visits at 6 and 12 months among people living with HIV in Haiti and should be part of routine care where HIV and food insecurity overlap.

Socio-economic determinants of household food security and women's dietary diversity in rural Bangladesh: a cross-sectional study.

Science.gov (United States)

Harris-Fry, Helen; Azad, Kishwar; Kuddus, Abdul; Shaha, Sanjit; Nahar, Badrun; Hossen, Munir; Younes, Leila; Costello, Anthony; Fottrell, Edward

2015-07-10

There has been limited decline in undernutrition rates in South Asia compared with the rest of Asia and one reason for this may be low levels of household food security. However, the evidence base on the determinants of household food security is limited. To develop policies intended to improve household food security, improved knowledge of the determinants of household food security is required. Household data were collected in 2011 from a randomly selected sample of 2,809 women of reproductive age. The sample was drawn from nine unions in three districts of rural Bangladesh. Multinomial logistic regression was conducted to measure the relationship between selected determinants of household food security and months of adequate household food provisioning, and a linear regression to measure the association between the same determinants and women's dietary diversity score. The analyses found that land ownership, adjusted relative risk ratio (RRR) 0.28 (CI 0.18, 0.42); relative wealth (middle tertile 0.49 (0.29, 0.84) and top tertile 0.18 (0.10, 0.33)); women's literacy 0.64 (0.46, 0.90); access to media 0.49 (0.33, 0.72); and women's freedom to access the market 0.56 (0.36, 0.85) all significantly reduced the risk of food insecurity. Larger households increased the risk of food insecurity, adjusted RRR 1.46 (CI 1.02, 2.09). Households with vegetable gardens 0.20 (0.11, 0.31), rich households 0.46 (0.24, 0.68) and literate women 0.37 (0.20, 0.54) were significantly more likely to have better dietary diversity scores. Household food insecurity remains a key public health problem in Bangladesh, with households suffering food shortages for an average of one quarter of the year. Simple survey and analytical methods are able to identify numerous interlinked factors associated with household food security, but wealth and literacy were the only two determinants associated with both improved food security and dietary diversity. We cannot conclude whether improvements in all

Speaker identification for the improvement of the security communication between law enforcement units

Science.gov (United States)

Tovarek, Jaromir; Partila, Pavol

2017-05-01

This article discusses the speaker identification for the improvement of the security communication between law enforcement units. The main task of this research was to develop the text-independent speaker identification system which can be used for real-time recognition. This system is designed for identification in the open set. It means that the unknown speaker can be anyone. Communication itself is secured, but we have to check the authorization of the communication parties. We have to decide if the unknown speaker is the authorized for the given action. The calls are recorded by IP telephony server and then these recordings are evaluate using classification If the system evaluates that the speaker is not authorized, it sends a warning message to the administrator. This message can detect, for example a stolen phone or other unusual situation. The administrator then performs the appropriate actions. Our novel proposal system uses multilayer neural network for classification and it consists of three layers (input layer, hidden layer, and output layer). A number of neurons in input layer corresponds with the length of speech features. Output layer then represents classified speakers. Artificial Neural Network classifies speech signal frame by frame, but the final decision is done over the complete record. This rule substantially increases accuracy of the classification. Input data for the neural network are a thirteen Mel-frequency cepstral coefficients, which describe the behavior of the vocal tract. These parameters are the most used for speaker recognition. Parameters for training, testing and validation were extracted from recordings of authorized users. Recording conditions for training data correspond with the real traffic of the system (sampling frequency, bit rate). The main benefit of the research is the system developed for text-independent speaker identification which is applied to secure communication between law enforcement units.

Human Factors in Coast Guard Computer Security - An Analysis of Current Awareness and Potential Techniques to Improve Security Program Viability

National Research Council Canada - National Science Library

Whalen, Timothy

2001-01-01

.... As such, our ability to ensure the security of those systems is also increasing in import. Traditional information security measures tend to be system-oriented and often fail to address the human element that is critical to system success...

Practices in security and confidentiality of HIV/AIDS patients' information: A national survey among staff at HIV outpatient clinics in Vietnam.

Directory of Open Access Journals (Sweden)

Nguyen Khac Hai

Full Text Available Breach of confidentiality or invasion of privacy from the collection and use of medical records, particularly those of patients with HIV/AIDS or other diseases sensitive to stigmatization, should be prevented by all related stakeholders in healthcare settings. The main focus of this study was to assess practices regarding security and confidentiality of HIV-related information among staff at HIV outpatient clinics (HIV-OPCs in Vietnam.A descriptive cross-sectional study was conducted at all 312 HIV-OPCs across the country using an online survey technique.In general, the staff practices for securing and protecting patient information were at acceptable levels. Most staff had proper measures and practices for maintaining data security; however, the protection of patient confidentiality, particularly for data access, sharing, and transfer still required improvement. Most HIV-OPC staff had good or moderate knowledge and positive perceptions towards security and confidentiality issues. Staff who were not trained in the practice of security measures differed significantly from those who were trained (OR: 3.74; 95%CI: 1.44-9.67; staff needing improved knowledge levels differed significantly from those with good (OR: 5.20; 95%CI: 2.39-11.32 and moderate knowledge levels (OR: 5.10; 95%CI: 2.36-11.00; and staff needing improved perception levels differed significantly from those with good (i.e., with 100% proper practices and moderate perception levels (OR: 5.67; 95%CI: 2.93-10.95. Staff who were not trained in the protection of data confidentiality differed significantly from those who were trained (OR: 2.18; 95%CI: 1.29-3.65.Training is an important factor to help raise the levels of proper practices regarding confidentiality and security, to improve knowledge and raise awareness about change among staff. The operation and management of HIV treatment and care in Vietnam are currently transitioning from separate healthcare clinics (HIV-OPC into units

Practices in security and confidentiality of HIV/AIDS patients' information: A national survey among staff at HIV outpatient clinics in Vietnam.

Science.gov (United States)

Khac Hai, Nguyen; Lawpoolsri, Saranath; Jittamala, Podjanee; Thi Thu Huong, Phan; Kaewkungwal, Jaranit

2017-01-01

Breach of confidentiality or invasion of privacy from the collection and use of medical records, particularly those of patients with HIV/AIDS or other diseases sensitive to stigmatization, should be prevented by all related stakeholders in healthcare settings. The main focus of this study was to assess practices regarding security and confidentiality of HIV-related information among staff at HIV outpatient clinics (HIV-OPCs) in Vietnam. A descriptive cross-sectional study was conducted at all 312 HIV-OPCs across the country using an online survey technique. In general, the staff practices for securing and protecting patient information were at acceptable levels. Most staff had proper measures and practices for maintaining data security; however, the protection of patient confidentiality, particularly for data access, sharing, and transfer still required improvement. Most HIV-OPC staff had good or moderate knowledge and positive perceptions towards security and confidentiality issues. Staff who were not trained in the practice of security measures differed significantly from those who were trained (OR: 3.74; 95%CI: 1.44-9.67); staff needing improved knowledge levels differed significantly from those with good (OR: 5.20; 95%CI: 2.39-11.32) and moderate knowledge levels (OR: 5.10; 95%CI: 2.36-11.00); and staff needing improved perception levels differed significantly from those with good (i.e., with 100% proper practices) and moderate perception levels (OR: 5.67; 95%CI: 2.93-10.95). Staff who were not trained in the protection of data confidentiality differed significantly from those who were trained (OR: 2.18; 95%CI: 1.29-3.65). Training is an important factor to help raise the levels of proper practices regarding confidentiality and security, to improve knowledge and raise awareness about change among staff. The operation and management of HIV treatment and care in Vietnam are currently transitioning from separate healthcare clinics (HIV-OPC) into units integrated

Practices in security and confidentiality of HIV/AIDS patients’ information: A national survey among staff at HIV outpatient clinics in Vietnam

Science.gov (United States)

Khac Hai, Nguyen; Lawpoolsri, Saranath; Jittamala, Podjanee; Thi Thu Huong, Phan

2017-01-01

Introduction Breach of confidentiality or invasion of privacy from the collection and use of medical records, particularly those of patients with HIV/AIDS or other diseases sensitive to stigmatization, should be prevented by all related stakeholders in healthcare settings. The main focus of this study was to assess practices regarding security and confidentiality of HIV-related information among staff at HIV outpatient clinics (HIV-OPCs) in Vietnam. Methods A descriptive cross-sectional study was conducted at all 312 HIV-OPCs across the country using an online survey technique. Results In general, the staff practices for securing and protecting patient information were at acceptable levels. Most staff had proper measures and practices for maintaining data security; however, the protection of patient confidentiality, particularly for data access, sharing, and transfer still required improvement. Most HIV-OPC staff had good or moderate knowledge and positive perceptions towards security and confidentiality issues. Staff who were not trained in the practice of security measures differed significantly from those who were trained (OR: 3.74; 95%CI: 1.44–9.67); staff needing improved knowledge levels differed significantly from those with good (OR: 5.20; 95%CI: 2.39–11.32) and moderate knowledge levels (OR: 5.10; 95%CI: 2.36–11.00); and staff needing improved perception levels differed significantly from those with good (i.e., with 100% proper practices) and moderate perception levels (OR: 5.67; 95%CI: 2.93–10.95). Staff who were not trained in the protection of data confidentiality differed significantly from those who were trained (OR: 2.18; 95%CI: 1.29–3.65). Conclusions Training is an important factor to help raise the levels of proper practices regarding confidentiality and security, to improve knowledge and raise awareness about change among staff. The operation and management of HIV treatment and care in Vietnam are currently transitioning from separate

An Improved and Secure Anonymous Biometric-Based User Authentication with Key Agreement Scheme for the Integrated EPR Information System.

Science.gov (United States)

Jung, Jaewook; Kang, Dongwoo; Lee, Donghoon; Won, Dongho

2017-01-01

Nowadays, many hospitals and medical institutes employ an authentication protocol within electronic patient records (EPR) services in order to provide protected electronic transactions in e-medicine systems. In order to establish efficient and robust health care services, numerous studies have been carried out on authentication protocols. Recently, Li et al. proposed a user authenticated key agreement scheme according to EPR information systems, arguing that their scheme is able to resist various types of attacks and preserve diverse security properties. However, this scheme possesses critical vulnerabilities. First, the scheme cannot prevent off-line password guessing attacks and server spoofing attack, and cannot preserve user identity. Second, there is no password verification process with the failure to identify the correct password at the beginning of the login phase. Third, the mechanism of password change is incompetent, in that it induces inefficient communication in communicating with the server to change a user password. Therefore, we suggest an upgraded version of the user authenticated key agreement scheme that provides enhanced security. Our security and performance analysis shows that compared to other related schemes, our scheme not only improves the security level, but also ensures efficiency.

An Improved and Secure Anonymous Biometric-Based User Authentication with Key Agreement Scheme for the Integrated EPR Information System.

Directory of Open Access Journals (Sweden)

Jaewook Jung

Full Text Available Nowadays, many hospitals and medical institutes employ an authentication protocol within electronic patient records (EPR services in order to provide protected electronic transactions in e-medicine systems. In order to establish efficient and robust health care services, numerous studies have been carried out on authentication protocols. Recently, Li et al. proposed a user authenticated key agreement scheme according to EPR information systems, arguing that their scheme is able to resist various types of attacks and preserve diverse security properties. However, this scheme possesses critical vulnerabilities. First, the scheme cannot prevent off-line password guessing attacks and server spoofing attack, and cannot preserve user identity. Second, there is no password verification process with the failure to identify the correct password at the beginning of the login phase. Third, the mechanism of password change is incompetent, in that it induces inefficient communication in communicating with the server to change a user password. Therefore, we suggest an upgraded version of the user authenticated key agreement scheme that provides enhanced security. Our security and performance analysis shows that compared to other related schemes, our scheme not only improves the security level, but also ensures efficiency.

An Improved and Secure Anonymous Biometric-Based User Authentication with Key Agreement Scheme for the Integrated EPR Information System

Science.gov (United States)

Kang, Dongwoo; Lee, Donghoon; Won, Dongho

2017-01-01

Nowadays, many hospitals and medical institutes employ an authentication protocol within electronic patient records (EPR) services in order to provide protected electronic transactions in e-medicine systems. In order to establish efficient and robust health care services, numerous studies have been carried out on authentication protocols. Recently, Li et al. proposed a user authenticated key agreement scheme according to EPR information systems, arguing that their scheme is able to resist various types of attacks and preserve diverse security properties. However, this scheme possesses critical vulnerabilities. First, the scheme cannot prevent off-line password guessing attacks and server spoofing attack, and cannot preserve user identity. Second, there is no password verification process with the failure to identify the correct password at the beginning of the login phase. Third, the mechanism of password change is incompetent, in that it induces inefficient communication in communicating with the server to change a user password. Therefore, we suggest an upgraded version of the user authenticated key agreement scheme that provides enhanced security. Our security and performance analysis shows that compared to other related schemes, our scheme not only improves the security level, but also ensures efficiency. PMID:28046075

Secure Coding for Safety I and C Systems on Nuclear Power Plants

International Nuclear Information System (INIS)

Kim, Y. M.; Park, H. S.; Kim, T. H.

2015-01-01

This paper addresses secure coding technologies which can reduce the software vulnerabilities and provides secure coding application guidelines for nuclear safety I and C systems. The use of digital equipment may improve their reliability and reduce maintenance costs. But, the design characteristics of nuclear I and C systems are becoming more complex and the possibility of cyber-attacks using software vulnerabilities has been increased. Software defects, bugs and logic flaws have been consistently the primary causes of software vulnerabilities which can introduce security vulnerabilities. In this study, we described a applying methods for secure coding which can reduce the software vulnerabilities. Software defects lists, countermeasures for each defect and coding rules can be applied properly depending on target system's condition. We expect that the results of this study can help developing the secure coding guidelines and significantly reducing or eliminating vulnerabilities in nuclear safety I and C software

Secure Coding for Safety I and C Systems on Nuclear Power Plants

Energy Technology Data Exchange (ETDEWEB)

Kim, Y. M.; Park, H. S. [Korea Institute of Nuclear Safety, Daejeon (Korea, Republic of); Kim, T. H. [Formal Works Inc., Seoul (Korea, Republic of)

2015-10-15

This paper addresses secure coding technologies which can reduce the software vulnerabilities and provides secure coding application guidelines for nuclear safety I and C systems. The use of digital equipment may improve their reliability and reduce maintenance costs. But, the design characteristics of nuclear I and C systems are becoming more complex and the possibility of cyber-attacks using software vulnerabilities has been increased. Software defects, bugs and logic flaws have been consistently the primary causes of software vulnerabilities which can introduce security vulnerabilities. In this study, we described a applying methods for secure coding which can reduce the software vulnerabilities. Software defects lists, countermeasures for each defect and coding rules can be applied properly depending on target system's condition. We expect that the results of this study can help developing the secure coding guidelines and significantly reducing or eliminating vulnerabilities in nuclear safety I and C software.

Preventive Security-Constrained Optimal Power Flow Considering UPFC Control Modes

Directory of Open Access Journals (Sweden)

Xi Wu

2017-08-01

Full Text Available The successful application of the unified power flow controller (UPFC provides a new control method for the secure and economic operation of power system. In order to make the full use of UPFC and improve the economic efficiency and static security of a power system, a preventive security-constrained power flow optimization method considering UPFC control modes is proposed in this paper. Firstly, an iterative method considering UPFC control modes is deduced for power flow calculation. Taking into account the influence of different UPFC control modes on the distribution of power flow after N-1 contingency, the optimization model is then constructed by setting a minimal system operation cost and a maximum static security margin as the objective. Based on this model, the particle swarm optimization (PSO algorithm is utilized to optimize power system operating parameters and UPFC control modes simultaneously. Finally, a standard IEEE 30-bus system is utilized to demonstrate that the proposed method fully exploits the potential of static control of UPFC and significantly increases the economic efficiency and static security of the power system.

Quantifying privacy and security of biometric fuzzy commitment

NARCIS (Netherlands)

Zhou, Xuebing; Kuijper, Arjan; Veldhuis, Raymond N.J.; Busch, Christoph

2011-01-01

Fuzzy commitment is an efficient template protection algorithm that can improve security and safeguard privacy of biometrics. Existing theoretical security analysis has proved that although privacy leakage is unavoidable, perfect security from information-theoretical points of view is possible when

IAEA Nuclear Security Human Resource Development Program

International Nuclear Information System (INIS)

Braunegger-Guelich, A.

2009-01-01

The IAEA is at the forefront of international efforts to strengthen the world's nuclear security framework. The current Nuclear Security Plan for 2006-2009 was approved by the IAEA Board of Governors in September 2005. This Plan has three main points of focus: needs assessment, prevention, detection and response. Its overall objective is to achieve improved worldwide security of nuclear and other radioactive material in use, storage and transport, and of their associated facilities. This will be achieved, in particular, through the provision of guidelines and recommendations, human resource development, nuclear security advisory services and assistance for the implementation of the framework in States, upon request. The presentation provides an overview of the IAEA nuclear security human resource development program that is divided into two parts: training and education. Whereas the training program focuses on filling gaps between the actual performance of personnel working in the area of nuclear security and the required competencies and skills needed to meet the international requirements and recommendations described in UN and IAEA documents relating to nuclear security, the Educational Program in Nuclear Security aims at developing nuclear security experts and specialists, at fostering a nuclear security culture and at establishing in this way sustainable knowledge in this field within a State. The presentation also elaborates on the nuclear security computer based learning component and provides insights into the use of human resource development as a tool in achieving the IAEA's long term goal of improving sustainable nuclear security in States. (author)

The National Security Strategy of the United Kingdom: Security in an Interdependent World

Science.gov (United States)

2008-03-01

security architecture has yet to adapt satisfactorily to the new landscape. The UN Security Council has failed to adapt to the rise of new powers. Across...including cinemas , theatres, pubs, nightclubs, restaurants, hotels and commercial centres, hospitals, schools and places of worship); work with architects...and export control regimes, and improving the international monitoring architecture . Countering the threat of nuclear weapons and other weapons of

Value of Cooperative Relationships for Security of a Safer World

International Nuclear Information System (INIS)

Malollari, Ilirjan; Civici, Nikolla; Hirsch, Kristin; Randolph, John David

2010-01-01

Cooperation of countries for improving security of radioactive and nuclear assets is clearly the key to success in establishing a more safe and secure world. Over the past few years the United States Department of Energy s Global Threat Reduction Initiatives (GTRI) program has been actively engaged with many countries of the world to identify, account for, and support enhancements to security and accounting measures for these materials. The Republic of Albania has demonstrated its willingness and desire to work closely with the United States to achieve and implement the GTRI goals for security of their assets. The GTRI program has assisted the International Atomic Energy Agency (IAEA) in development on a variety of subject areas related to security of sources and nuclear materials. Albania, a Member State of the IAEA, received training and information support from the agency. The leadership of the Albanian nuclear program has changed but the commitment of Albania to work closely with GTRI continues. The GTRI/Albania global partnership made significant accomplishments in security and safe storage of Albania's nuclear assets. This paper will describe a brief history of the Albanian program and the achievements resulting from the cooperative program with GTRI, which have resulted in a more secure Albania.

Bedtime Blood Pressure Chronotherapy Significantly Improves Hypertension Management.

Science.gov (United States)

Hermida, Ramón C; Ayala, Diana E; Fernández, José R; Mojón, Artemio; Crespo, Juan J; Ríos, María T; Smolensky, Michael H

2017-10-01

Consistent evidence of numerous studies substantiates the asleep blood pressure (BP) mean derived from ambulatory BP monitoring (ABPM) is both an independent and a stronger predictor of cardiovascular disease (CVD) risk than are daytime clinic BP measurements or the ABPM-determined awake or 24-hour BP means. Hence, cost-effective adequate control of sleep-time BP is of marked clinical relevance. Ingestion time, according to circadian rhythms, of hypertension medications of 6 different classes and their combinations significantly improves BP control, particularly sleep-time BP, and reduces adverse effects. Copyright © 2017 Elsevier Inc. All rights reserved.

Close to Optimally Secure Variants of GCM

Directory of Open Access Journals (Sweden)

Ping Zhang

2018-01-01

Full Text Available The Galois/Counter Mode of operation (GCM is a widely used nonce-based authenticated encryption with associated data mode which provides the birthday-bound security in the nonce-respecting scenario; that is, it is secure up to about 2n/2 adversarial queries if all nonces used in the encryption oracle are never repeated, where n is the block size. It is an open problem to analyze whether GCM security can be improved by using some simple operations. This paper presents a positive response for this problem. Firstly, we introduce two close to optimally secure pseudorandom functions and derive their security bound by the hybrid technique. Then, we utilize these pseudorandom functions that we design and a universal hash function to construct two improved versions of GCM, called OGCM-1 and OGCM-2. OGCM-1 and OGCM-2 are, respectively, provably secure up to approximately 2n/67(n-12 and 2n/67 adversarial queries in the nonce-respecting scenario if the underlying block cipher is a secure pseudorandom permutation. Finally, we discuss the properties of OGCM-1 and OGCM-2 and describe the future works.

National Emergency Preparedness and Response: Improving for Incidents of National Significance

National Research Council Canada - National Science Library

Clayton, Christopher M

2006-01-01

The national emergency management system has need of significant improvement in its contingency planning and early consolidation of effort and coordination between federal, state, and local agencies...

Smartphone users: Understanding how security mechanisms are perceived and new persuasive methods

Science.gov (United States)

Alsaleh, Mansour; Alomar, Noura; Alarifi, Abdulrahman

2017-01-01

Protecting smartphones against security threats is a multidimensional problem involving human and technological factors. This study investigates how smartphone users’ security- and privacy-related decisions are influenced by their attitudes, perceptions, and understanding of various security threats. In this work, we seek to provide quantified insights into smartphone users’ behavior toward multiple key security features including locking mechanisms, application repositories, mobile instant messaging, and smartphone location services. To the best of our knowledge, this is the first study that reveals often unforeseen correlations and dependencies between various privacy- and security-related behaviors. Our work also provides evidence that making correct security decisions might not necessarily correlate with individuals’ awareness of the consequences of security threats. By comparing participants’ behavior and their motives for adopting or ignoring certain security practices, we suggest implementing additional persuasive approaches that focus on addressing social and technological aspects of the problem. On the basis of our findings and the results presented in the literature, we identify the factors that might influence smartphone users’ security behaviors. We then use our understanding of what might drive and influence significant behavioral changes to propose several platform design modifications that we believe could improve the security levels of smartphones. PMID:28297719

Smartphone users: Understanding how security mechanisms are perceived and new persuasive methods.

Directory of Open Access Journals (Sweden)

Mansour Alsaleh

Full Text Available Protecting smartphones against security threats is a multidimensional problem involving human and technological factors. This study investigates how smartphone users' security- and privacy-related decisions are influenced by their attitudes, perceptions, and understanding of various security threats. In this work, we seek to provide quantified insights into smartphone users' behavior toward multiple key security features including locking mechanisms, application repositories, mobile instant messaging, and smartphone location services. To the best of our knowledge, this is the first study that reveals often unforeseen correlations and dependencies between various privacy- and security-related behaviors. Our work also provides evidence that making correct security decisions might not necessarily correlate with individuals' awareness of the consequences of security threats. By comparing participants' behavior and their motives for adopting or ignoring certain security practices, we suggest implementing additional persuasive approaches that focus on addressing social and technological aspects of the problem. On the basis of our findings and the results presented in the literature, we identify the factors that might influence smartphone users' security behaviors. We then use our understanding of what might drive and influence significant behavioral changes to propose several platform design modifications that we believe could improve the security levels of smartphones.

Prospects for the use of blockchain algorithms to ensure security in the management of the educational organization

Directory of Open Access Journals (Sweden)

Алексей Андреевич Заславский

2018-12-01

Full Text Available The article introduces the basic definitions and concepts of blockchain technology are summarized, collected and refracted to educational organizations. Offers concrete options and directions for expanding the use of blockchain technology for interacting with external contractors and partners. Outlines the possibilities of bringing blockchain technology to improve the competitiveness of educational organizations through improved level of security, increasing investment attractiveness and increase marketing power. The following list of possible areas to use blockchain technology for internal processes of educational institutions, whose security can be significantly improved. Described the positive aspects of using corporate blockchain in an educational institution.

Assessment of energy security in China based on ecological network analysis: A perspective from the security of crude oil supply

International Nuclear Information System (INIS)

Lu, Weiwei; Su, Meirong; Zhang, Yan; Yang, Zhifeng; Chen, Bin; Liu, Gengyuan

2014-01-01

Energy security usually considers both the stability of energy supply and security of energy use and it is receiving increasing attention globally. Considering the strategic importance and sensitivity to international change of the crude oil supply, we decided to examine China’s energy security. An original network model was established based on ecological network analysis to holistically evaluate the security of the crude oil supply in China. Using this model, we found that the security of the crude oil supply in China generally increased from 2001 to 2010. The contribution of different compartments in the network to the overall energy security resembled a pyramid structure, with supply sources at the bottom, the consumption sector at the top, and the refining and transfer sectors in the middle. North and South America made the largest contribution to the security of the crude oil supply in China. We provide suggestions to improve the security of the crude oil supply in China based on our results and further scenario analysis. The original network model provides a new perspective for energy security assessment, which can be used as a baseline to develop other models and policy. - Highlights: • Ecological network analysis (ENA) is introduced into energy security assessment. • A model of crude oil supply network in China is established based on ENA. • A pyramid structure of the contributions of different compartments to energy security was found. • Suggestions for forming a stable network are given to improve energy security

Radioactive Waste SECURITY

International Nuclear Information System (INIS)

Brodowski, R.; Drapalik, M.; Gepp, C.; Gufler, K.; Sholly, S.

2010-01-01

The purpose of this work is to investigate the safety requirements for a radioactive waste repository, the fundamental problems involved and the legislative rules and arrangements for doing so. As the title already makes clear, the focus of this work is on aspects that can be assigned to the security sector - ie the security against the influence of third parties - and are to be distinguished from safety measures for the improvement of the technical safety aspects. In this context, mention is made of events such as human intrusion into guarded facilities, whereas e.g. a geological analysis on seismic safety is not discussed. For a variety of reasons, the consideration of security nuclear waste repositories in public discussions is increasingly taking a back seat, as ia. Terrorist threats can be considered as negligible risk or well calculable. Depending on the type of storage, different security aspects still have to be considered. (roessner)

Validity Evidence for the Security Scale as a Measure of Perceived Attachment Security in Adolescence

Science.gov (United States)

Van Ryzin, Mark J.; Leve, Leslie D.

2012-01-01

In this study, the validity of a self-report measure of children's perceived attachment security (the Kerns Security Scale) was tested using adolescents. With regards to predictive validity, the Security Scale was significantly associated with (1) observed mother-adolescent interactions during conflict and (2) parent- and teacher-rated social…

Game Theory Based Security in Wireless Body Area Network with Stackelberg Security Equilibrium.

Science.gov (United States)

Somasundaram, M; Sivakumar, R

2015-01-01

Wireless Body Area Network (WBAN) is effectively used in healthcare to increase the value of the patient's life and also the value of healthcare services. The biosensor based approach in medical care system makes it difficult to respond to the patients with minimal response time. The medical care unit does not deploy the accessing of ubiquitous broadband connections full time and hence the level of security will not be high always. The security issue also arises in monitoring the user body function records. Most of the systems on the Wireless Body Area Network are not effective in facing the security deployment issues. To access the patient's information with higher security on WBAN, Game Theory with Stackelberg Security Equilibrium (GTSSE) is proposed in this paper. GTSSE mechanism takes all the players into account. The patients are monitored by placing the power position authority initially. The position authority in GTSSE is the organizer and all the other players react to the organizer decision. Based on our proposed approach, experiment has been conducted on factors such as security ratio based on patient's health information, system flexibility level, energy consumption rate, and information loss rate. Stackelberg Security considerably improves the strength of solution with higher security.

Game Theory Based Security in Wireless Body Area Network with Stackelberg Security Equilibrium

Science.gov (United States)

Somasundaram, M.; Sivakumar, R.

2015-01-01

Wireless Body Area Network (WBAN) is effectively used in healthcare to increase the value of the patient's life and also the value of healthcare services. The biosensor based approach in medical care system makes it difficult to respond to the patients with minimal response time. The medical care unit does not deploy the accessing of ubiquitous broadband connections full time and hence the level of security will not be high always. The security issue also arises in monitoring the user body function records. Most of the systems on the Wireless Body Area Network are not effective in facing the security deployment issues. To access the patient's information with higher security on WBAN, Game Theory with Stackelberg Security Equilibrium (GTSSE) is proposed in this paper. GTSSE mechanism takes all the players into account. The patients are monitored by placing the power position authority initially. The position authority in GTSSE is the organizer and all the other players react to the organizer decision. Based on our proposed approach, experiment has been conducted on factors such as security ratio based on patient's health information, system flexibility level, energy consumption rate, and information loss rate. Stackelberg Security considerably improves the strength of solution with higher security. PMID:26759829

Improving the security of electricity supply - report by a rapporteur ad int

International Nuclear Information System (INIS)

Forsten, J.; Lehtonen, M.

2002-07-01

The storms 'Pyry' and 'Janika', which swept over Finland in October-November 2001, caused serious damages to the operability of electric systems and led to long-term and extensive interruptions in electricity supply especially in Pirkanmaa, Central Home, Poijat-Hame and in the Uusimaa region. Although the security of electricity supply in Finland has in general been on a high level, the needs of customers concerning the quality of electrical power are constantly growing, and the operational reliability of the distribution networks will thereby have to be developed. The Rapporteur ad int. appointed by the Ministry of Trade and Industry on 21 November 2001 considers that such a scheme complementing the price reduction under the Electricity Market Act should be set up that would require a fixed compensation from the distribution network operators in the case of non deliverance of electricity. The fixed compensation should be paid automatically for e.g. interruptions lasting over 12 hours. The sum would depend on the length of the interruption and on the customer's annual rate of the network service fee. The Rapporteur also gives a number of other recommendations for improving the situation. Each distribution network operator is to choose the means of improvement on a technical-economical basis. The required level in the design, construction, operation and maintenance of an electrical network should guarantee that the interruptions in electricity supply would not exceed six hours even in exceptional circumstances. Ensuring electrical safety is of prime importance in disturbance situations. Shortening the interruption times and improving the quality of electricity call for sustained investment planning and activities. The distribution network operators should draw up a ten-year action plan. including measures aiming to reduce interruptions and the related timetables. To be able to keep the interruption times short in extensive cases of disturbance, the distribution

Risk assessment techniques for civil aviation security

Energy Technology Data Exchange (ETDEWEB)

Tamasi, Galileo, E-mail: g.tamasi@enac.rupa.i [Ente Nazionale per l' Aviazione Civile-Direzione Progetti, Studi e Ricerche, Via di Villa Ricotti, 42, 00161 Roma (Italy); Demichela, Micaela, E-mail: micaela.demichela@polito.i [SAfeR-Centro Studi su Sicurezza, Affidabilita e Rischi, Dipartimento di Scienza dei Materiali e Ingegneria Chimica, Politecnico di Torino, Corso Duca degli Abruzzi, 24, 10129 Torino (Italy)

2011-08-15

Following the 9/11 terrorists attacks in New York a strong economical effort was made to improve and adapt aviation security, both in infrastructures as in airplanes. National and international guidelines were promptly developed with the objective of creating a security management system able to supervise the identification of risks and the definition and optimization of control measures. Risk assessment techniques are thus crucial in the above process, since an incorrect risk identification and quantification can strongly affect both the security level as the investments needed to reach it. The paper proposes a set of methodologies to qualitatively and quantitatively assess the risk in the security of civil aviation and the risk assessment process based on the threats, criticality and vulnerabilities concepts, highlighting their correlation in determining the level of risk. RAMS techniques are applied to the airport security system in order to analyze the protection equipment for critical facilities located in air-side, allowing also the estimation of the importance of the security improving measures vs. their effectiveness.

Risk assessment techniques for civil aviation security

International Nuclear Information System (INIS)

Tamasi, Galileo; Demichela, Micaela

2011-01-01

Following the 9/11 terrorists attacks in New York a strong economical effort was made to improve and adapt aviation security, both in infrastructures as in airplanes. National and international guidelines were promptly developed with the objective of creating a security management system able to supervise the identification of risks and the definition and optimization of control measures. Risk assessment techniques are thus crucial in the above process, since an incorrect risk identification and quantification can strongly affect both the security level as the investments needed to reach it. The paper proposes a set of methodologies to qualitatively and quantitatively assess the risk in the security of civil aviation and the risk assessment process based on the threats, criticality and vulnerabilities concepts, highlighting their correlation in determining the level of risk. RAMS techniques are applied to the airport security system in order to analyze the protection equipment for critical facilities located in air-side, allowing also the estimation of the importance of the security improving measures vs. their effectiveness.

Application of the Concept of Intrusion Tolerant System for Evaluating Cyber Security Enhancements

Energy Technology Data Exchange (ETDEWEB)

Lee, Chanyoung; Seong, Poong Hyun [KAIST, Daejeon (Korea, Republic of)

2016-10-15

One of the major problems is that nuclear industry is in very early stage in dealing with cyber security issues. It is because that cyber security has received less attention compared to other safety problems. In addition, late adoption of digital I and C systems has resulted in lower level of cyber security advancements in nuclear industry than ones in other industries. For the cyber security of NPP I and C systems, many regulatory documents, guides and standards were already published. These documents include cyber security plans, methods for cyber security assessments and comprehensive set of security controls. However, methods which can help assess how much security is improved if a specific security control is applied are not included in these documents. Hence, NPP I and C system designers may encounter difficulties when trying to apply security controls with limited structure and cost. In order to provide useful information about cyber security issues including cyber security enhancements, this paper suggests a framework to evaluate how much cyber security is improved when a specific cyber security enhancement is applied in NPPs. In order to provide useful information about cyber security issues including cyber security enhancements, this paper suggests a framework to evaluate how much cyber security is improved when a specific cyber security enhancement is applied in NPPs. The extent of cyber security improvement caused by security enhancement was defined as reduction ratio of the failure probability to secure the system from cyber-attack as Eq.1. The concept of 'intrusion tolerant system' was applied to not only prevent cyber-attacks but also limit the extent of damage in this study. For applying the concept of intrusion tolerant system to NPP, the event tree was constructed with some assumptions. Cyber security improvement caused by cyber security enhancement can be estimated as Eq.3. By comparing current system to the enhanced system, it is

Application of the Concept of Intrusion Tolerant System for Evaluating Cyber Security Enhancements

International Nuclear Information System (INIS)

Lee, Chanyoung; Seong, Poong Hyun

2016-01-01

One of the major problems is that nuclear industry is in very early stage in dealing with cyber security issues. It is because that cyber security has received less attention compared to other safety problems. In addition, late adoption of digital I and C systems has resulted in lower level of cyber security advancements in nuclear industry than ones in other industries. For the cyber security of NPP I and C systems, many regulatory documents, guides and standards were already published. These documents include cyber security plans, methods for cyber security assessments and comprehensive set of security controls. However, methods which can help assess how much security is improved if a specific security control is applied are not included in these documents. Hence, NPP I and C system designers may encounter difficulties when trying to apply security controls with limited structure and cost. In order to provide useful information about cyber security issues including cyber security enhancements, this paper suggests a framework to evaluate how much cyber security is improved when a specific cyber security enhancement is applied in NPPs. In order to provide useful information about cyber security issues including cyber security enhancements, this paper suggests a framework to evaluate how much cyber security is improved when a specific cyber security enhancement is applied in NPPs. The extent of cyber security improvement caused by security enhancement was defined as reduction ratio of the failure probability to secure the system from cyber-attack as Eq.1. The concept of 'intrusion tolerant system' was applied to not only prevent cyber-attacks but also limit the extent of damage in this study. For applying the concept of intrusion tolerant system to NPP, the event tree was constructed with some assumptions. Cyber security improvement caused by cyber security enhancement can be estimated as Eq.3. By comparing current system to the enhanced system, it is possible to

Primer Control System Cyber Security Framework and Technical Metrics

Energy Technology Data Exchange (ETDEWEB)

Wayne F. Boyer; Miles A. McQueen

2008-05-01

The Department of Homeland Security National Cyber Security Division supported development of a control system cyber security framework and a set of technical metrics to aid owner-operators in tracking control systems security. The framework defines seven relevant cyber security dimensions and provides the foundation for thinking about control system security. Based on the developed security framework, a set of ten technical metrics are recommended that allow control systems owner-operators to track improvements or degradations in their individual control systems security posture.

Retail E-Commerce Security Status among Fortune 500 Corporations

Science.gov (United States)

Zhao, Jensen J.; Zhao, Sherry Y.

2012-01-01

The authors assessed the "Fortune 500" corporations' retail e-commerce security to identify their strengths and weaknesses for improvement. They used online content analysis, information security auditing, and network security mapping for data collection and analysis. The findings indicate that most sites posted security policies; however, only…

Cryptanalyzing a discrete-time chaos synchronization secure communication system

International Nuclear Information System (INIS)

Alvarez, G.; Montoya, F.; Romera, M.; Pastor, G.

2004-01-01

This paper describes the security weakness of a recently proposed secure communication method based on discrete-time chaos synchronization. We show that the security is compromised even without precise knowledge of the chaotic system used. We also make many suggestions to improve its security in future versions

Security analysis and improvement of a privacy authentication scheme for telecare medical information systems.

Science.gov (United States)

Wu, Fan; Xu, Lili

2013-08-01

Nowadays, patients can gain many kinds of medical service on line via Telecare Medical Information Systems(TMIS) due to the fast development of computer technology. So security of communication through network between the users and the server is very significant. Authentication plays an important part to protect information from being attacked by malicious attackers. Recently, Jiang et al. proposed a privacy enhanced scheme for TMIS using smart cards and claimed their scheme was better than Chen et al.'s. However, we have showed that Jiang et al.'s scheme has the weakness of ID uselessness and is vulnerable to off-line password guessing attack and user impersonation attack if an attacker compromises the legal user's smart card. Also, it can't resist DoS attack in two cases: after a successful impersonation attack and wrong password input in Password change phase. Then we propose an improved mutual authentication scheme used for a telecare medical information system. Remote monitoring, checking patients' past medical history record and medical consultant can be applied in the system where information transmits via Internet. Finally, our analysis indicates that the suggested scheme overcomes the disadvantages of Jiang et al.'s scheme and is practical for TMIS.

Shaping China's energy security: The impact of domestic reforms

International Nuclear Information System (INIS)

Yao, Lixia; Chang, Youngho

2015-01-01

This paper is a subsequent study of China's energy security situation which concludes that China's energy security has not improved over 30 years of economic reform. The objective of the study is to explore qualitatively why the energy security situation has not improved. To answer the ‘why’ question, the study opens up a new perspective by analyzing the relationship between energy security and energy policies from the macroeconomic reform perspective. This study discusses major reforms that took place over 30 years. It is found that China's macroeconomic reform has restricted the formation of China's energy policies and determined its energy security situation. In essence, China's energy policies are only a reaction to the macroeconomic measures. In other words, China's energy policies are not originally intended to improve energy security, but passive reactions to China's macroeconomic reform. This explains why China did not improve its energy security situation despite 30 years of reform. - Highlights: • This study identifies relationship between China's reform and energy policy. • This study identifies the key variable that has affected China's energy security. • Policy implication of the identification is drawn. • A new perspective to analyze energy security is provided

Gross anatomy of network security

Science.gov (United States)

Siu, Thomas J.

2002-01-01

Information security involves many branches of effort, including information assurance, host level security, physical security, and network security. Computer network security methods and implementations are given a top-down description to permit a medically focused audience to anchor this information to their daily practice. The depth of detail of network functionality and security measures, like that of the study of human anatomy, can be highly involved. Presented at the level of major gross anatomical systems, this paper will focus on network backbone implementation and perimeter defenses, then diagnostic tools, and finally the user practices (the human element). Physical security measures, though significant, have been defined as beyond the scope of this presentation.

The 'virtual' national securities commission

International Nuclear Information System (INIS)

Campbell, G.A.; Benham, B.J.

1998-01-01

This paper describes the mandate of the Canadian Securities Administrators (CSA), a body established to ensure that Canada has an efficient and effective securities regulatory system to protect investors and a fair and efficient securities market. The CSA was created in 1937 and is comprised of the twelve provincial and territorial securities regulatory authorities. Some of the measures that the CSA has taken to improve regulatory efficiency are discussed. Among the measures highlighted are the creation of a task force on operational efficiencies in the administration of securities regulation, the development of a mutual reliance review system and a system for electronic document analysis and retrieval (SEDAR) to electronically file information to a central computer database. The CSA also adopted a system to expedite the review and receipt of short form prospectuses

Macro Security Methodology for Conducting Facility Security and Sustainability Assessments

International Nuclear Information System (INIS)

Herdes, Greg A.; Freier, Keith D.; Wright, Kyle A.

2007-01-01

Pacific Northwest National Laboratory (PNNL) has developed a macro security strategy that not only addresses traditional physical protection systems, but also focuses on sustainability as part of the security assessment and management process. This approach is designed to meet the needs of virtually any industry or environment requiring critical asset protection. PNNL has successfully demonstrated the utility of this macro security strategy through its support to the NNSA Office of Global Threat Reduction implementing security upgrades at international facilities possessing high activity radioactive sources that could be used in the assembly of a radiological dispersal device, commonly referred to as a 'dirty bomb'. Traditional vulnerability assessments provide a snap shot in time of the effectiveness of a physical protection system without significant consideration to the sustainability of the component elements that make up the system. This paper describes the approach and tools used to integrate technology, plans and procedures, training, and sustainability into a simple, quick, and easy-to-use security assessment and management tool.

Problems and solutions of information security management in Latvia

Directory of Open Access Journals (Sweden)

Deruma S.

2014-01-01

Security cannot exist as a standalone function, it should be integrated in the associated processes continuously supervising and improving the security management programme based on predefined criteria. Adopting a holistic approach with regard to security has proven to be a critical contributing factor to effective security in organizations.

Infant nutrition in Saskatoon: barriers to infant food security.

Science.gov (United States)

Partyka, Brendine; Whiting, Susan; Grunerud, Deanna; Archibald, Karen; Quennell, Kara

2010-01-01

We explored infant nutrition in Saskatoon by assessing current accessibility to all forms of infant nourishment, investigating challenges in terms of access to infant nutrition, and determining the use and effectiveness of infant nutrition programs and services. We also examined recommendations to improve infant food security in Saskatoon. Semi-structured community focus groups and stakeholder interviews were conducted between June 2006 and August 2006. Thematic analysis was used to identify themes related to infant feeding practices and barriers, as well as recommendations to improve infant food security in Saskatoon. Our study showed that infant food security is a concern among lower-income families in Saskatoon. Barriers that limited breastfeeding sustainability or nourishing infants through other means included knowledge of feeding practices, lack of breastfeeding support, access and affordability of infant formula, transportation, and poverty. Infant nutrition and food security should be improved by expanding education and programming opportunities, increasing breastfeeding support, and identifying acceptable ways to provide emergency formula. If infant food security is to be addressed successfully, discussion and change must occur in social policy and family food security contexts.

FlySec: a risk-based airport security management system based on security as a service concept

Science.gov (United States)

Kyriazanos, Dimitris M.; Segou, Olga E.; Zalonis, Andreas; Thomopoulos, Stelios C. A.

2016-05-01

Complementing the ACI/IATA efforts, the FLYSEC European H2020 Research and Innovation project (http://www.fly-sec.eu/) aims to develop and demonstrate an innovative, integrated and end-to-end airport security process for passengers, enabling a guided and streamlined procedure from the landside to airside and into the boarding gates, and offering for an operationally validated innovative concept for end-to-end aviation security. FLYSEC ambition turns through a well-structured work plan into: (i) innovative processes facilitating risk-based screening; (ii) deployment and integration of new technologies and repurposing existing solutions towards a risk-based Security paradigm shift; (iii) improvement of passenger facilitation and customer service, bringing security as a real service in the airport of tomorrow;(iv) achievement of measurable throughput improvement and a whole new level of Quality of Service; and (v) validation of the results through advanced "in-vitro" simulation and "in-vivo" pilots. On the technical side, FLYSEC achieves its ambitious goals by integrating new technologies on video surveillance, intelligent remote image processing and biometrics combined with big data analysis, open-source intelligence and crowdsourcing. Repurposing existing technologies is also in the FLYSEC objectives, such as mobile application technologies for improved passenger experience and positive boarding applications (i.e. services to facilitate boarding and landside/airside way finding) as well as RFID for carry-on luggage tracking and quick unattended luggage handling. In this paper, the authors will describe the risk based airport security management system which powers FLYSEC intelligence and serves as the backend on top of which FLYSEC's front end technologies reside for security services management, behaviour and risk analysis.

Video motion detection for physical security applications

International Nuclear Information System (INIS)

Matter, J.C.

1990-01-01

Physical security specialists have been attracted to the concept of video motion detection for several years. Claimed potential advantages included additional benefit from existing video surveillance systems, automatic detection, improved performance compared to human observers, and cost-effectiveness. In recent years, significant advances in image-processing dedicated hardware and image analysis algorithms and software have accelerated the successful application of video motion detection systems to a variety of physical security applications. Early video motion detectors (VMDs) were useful for interior applications of volumetric sensing. Success depended on having a relatively well-controlled environment. Attempts to use these systems outdoors frequently resulted in an unacceptable number of nuisance alarms. Currently, Sandia National Laboratories (SNL) is developing several advanced systems that employ image-processing techniques for a broader set of safeguards and security applications. The Target Cueing and Tracking System (TCATS), the Video Imaging System for Detection, Tracking, and Assessment (VISDTA), the Linear Infrared Scanning Array (LISA); the Mobile Intrusion Detection and Assessment System (MIDAS), and the Visual Artificially Intelligent Surveillance (VAIS) systems are described briefly

Leveraging multi-channel x-ray detector technology to improve quality metrics for industrial and security applications

Science.gov (United States)

Jimenez, Edward S.; Thompson, Kyle R.; Stohn, Adriana; Goodner, Ryan N.

2017-09-01

Sandia National Laboratories has recently developed the capability to acquire multi-channel radio- graphs for multiple research and development applications in industry and security. This capability allows for the acquisition of x-ray radiographs or sinogram data to be acquired at up to 300 keV with up to 128 channels per pixel. This work will investigate whether multiple quality metrics for computed tomography can actually benefit from binned projection data compared to traditionally acquired grayscale sinogram data. Features and metrics to be evaluated include the ability to dis- tinguish between two different materials with similar absorption properties, artifact reduction, and signal-to-noise for both raw data and reconstructed volumetric data. The impact of this technology to non-destructive evaluation, national security, and industry is wide-ranging and has to potential to improve upon many inspection methods such as dual-energy methods, material identification, object segmentation, and computer vision on radiographs.

IPv6 Security

Science.gov (United States)

Babik, M.; Chudoba, J.; Dewhurst, A.; Finnern, T.; Froy, T.; Grigoras, C.; Hafeez, K.; Hoeft, B.; Idiculla, T.; Kelsey, D. P.; López Muñoz, F.; Martelli, E.; Nandakumar, R.; Ohrenberg, K.; Prelz, F.; Rand, D.; Sciabà, A.; Tigerstedt, U.; Traynor, D.; Wartel, R.

2017-10-01

IPv4 network addresses are running out and the deployment of IPv6 networking in many places is now well underway. Following the work of the HEPiX IPv6 Working Group, a growing number of sites in the Worldwide Large Hadron Collider Computing Grid (WLCG) are deploying dual-stack IPv6/IPv4 services. The aim of this is to support the use of IPv6-only clients, i.e. worker nodes, virtual machines or containers. The IPv6 networking protocols while they do contain features aimed at improving security also bring new challenges for operational IT security. The lack of maturity of IPv6 implementations together with the increased complexity of some of the protocol standards raise many new issues for operational security teams. The HEPiX IPv6 Working Group is producing guidance on best practices in this area. This paper considers some of the security concerns for WLCG in an IPv6 world and presents the HEPiX IPv6 working group guidance for the system administrators who manage IT services on the WLCG distributed infrastructure, for their related site security and networking teams and for developers and software engineers working on WLCG applications.

Standard format and content for a licensee physical security plan for the protection of special nuclear material of moderate or low strategic significance (Revision 1, Feb. 1983)

International Nuclear Information System (INIS)

Anon.

1983-01-01

This regulatory guide describes the information required in the physical security plan submitted as part of an application for a license to possess, use, or transport Special Nuclear Materials (SNM) of moderate strategic significance or 10 kg or more of SNM of low strategic significance and recommends a standard format for presenting the information in an orderly arrangement. This standard format will thus serve as an aid to uniformity and completeness in the preparation and review of the physical security plan of the license application. This document can also be used as guidance by licensees possessing or transporting less than 10 kg of SNM of low strategic significance in understanding the intent and implementing the requirements of paragraphs 73.67(a), 73.67(f), and 73.67(g) of 10 CFR Part 73

Enabling food security by verifying agricultural carbon

DEFF Research Database (Denmark)

Kahiluoto, H; Smith, P; Moran, D

2014-01-01

Rewarding smallholders for sequestering carbon in agricultural land can improve food security while mitigating climate change. Verification of carbon offsets in food-insecure regions is possible and achievable through rigorously controlled monitoring......Rewarding smallholders for sequestering carbon in agricultural land can improve food security while mitigating climate change. Verification of carbon offsets in food-insecure regions is possible and achievable through rigorously controlled monitoring...

Report: Information Security Series: Security Practices Comprehensive Environmental Response, Compensation, and Liability Information System

Science.gov (United States)

Report #2006-P-00019, March 28, 2006. OSWER’s implemented practices to ensure production servers were being monitored for known vulnerabilities and personnel with significant security responsibility completed the Agency’s recommended security training.

MEMS and MOEMS for national security applications

Science.gov (United States)

Scott, Marion W.

2003-01-01

Major opportunities for microsystem insertion into commercial applications, such as telecommunications and medical prosthesis, are well known. Less well known are applications that ensure the security of our nation, the protection of its armed forces, and the safety of its citizens. Microsystems enable entirely new possibilities to meet National Security needs, which can be classed along three lines: anticipating security needs and threats, deterring the efficacy of identified threats, and defending against the application of these threats. In each of these areas, specific products that are enabled by MEMS and MOEMS are discussed. In the area of anticipating needs and threats, sensored microsystems designed for chem/bio/nuclear threats, and sensors for border and asset protection can significantly secure our borders, ports, and transportation systems. Key features for these applications include adaptive optics and spectroscopic capabilities. Microsystems to monitor soil and water quality can be used to secure critical infrastructure, food safety can be improved by in-situ identification of pathogens, and sensored buildings can ensure the architectural safety of our homes and workplaces. A challenge to commercializing these opportunities, and thus making them available for National Security needs, is developing predictable markets and predictable technology roadmaps. The integrated circuit manufacturing industry provides an example of predictable technology maturation and market insertion, primarily due to the existence of a "unit cell" that allows volume manufacturing. It is not clear that microsystems can follow an analogous path. The possible paths to affordable low-volume production, as well as the prospects of a microsystems unit cell, are discussed.

An approach to improve the match-on-card fingerprint authentication system security

CSIR Research Space (South Africa)

Nair, Kishor Krishnan

2016-07-01

Full Text Available -on-Card (TOC), Match-on- Card (MOC), Work-Sharing On-Card (WSOC), and System-on-Card (SOC). Out of these four approaches, the SOC is considered as the most secure and expensive, whereas the TOC is considered as the least secure and least expensive. The MOC...

An Approach to Improve the Match-on-Card ngerprint Authentication System Security

CSIR Research Space (South Africa)

Nair, Kishor Krishnan

2016-08-18

Full Text Available -on-Card (TOC), Match-on-Card (MOC), Work-Sharing On-Card (WSOC), and System-on-Card (SOC). Out of these four approaches, the SOC is considered as the most secure and expensive, whereas the TOC is considered as the least secure and least expensive. The MOC...

Multi-perspective analysis of China's energy supply security

International Nuclear Information System (INIS)

Geng, Jiang-Bo; Ji, Qiang

2014-01-01

China's energy supply security has faced many challenges such as the drastic change of the international energy environment and the domestic energy situation and so on. This paper constructs a multi-dimensional indicator system for the main risks deriving from four aspects to evaluate the situation of China's energy supply security and analyze its evolution characteristics from 1994 to 2011. The results indicate that the situation of China's energy supply security generally presented a downtrend during 1994–2008, as a result of increasing international energy market monopoly and high volatility of international crude oil prices. After 2008, the overall level of China's energy supply security has improved to the level of 2003, which is attributed to the relatively stable international energy environment as well as the effective implementation of energy policies. - Highlights: • A multi-dimensional index system for energy supply security is constructed. • The dynamic influences of external and internal risks are analyzed. • China's energy supply security presents a downward trend during 1994–2008. • The level of China's energy supply security has improved since 2009

Critical Perspective on ASEAN's Security Policy Under ASEAN Political and Security Community

Directory of Open Access Journals (Sweden)

Irawan Jati

2016-03-01

Full Text Available   Despite economic integration challenges, ASEAN faces greater security challenges. It is obvious to assert that a stable economic development requires a secure regional atmosphere. The most probable threats against ASEAN are ranging from hostile foreign entities infiltration, intra and inter states disputes, radical religious movements, human trafficking, drugs and narcotics smuggling, cybercrimes and environmental disasters. In 2009, ASEAN established the ASEAN Political and Security Community as the umbrella of ASEAN’s political and security initiatives. APSC slots in some significant fora; ASEAN Intergovernmental Commission on Human Rights (AICHR, ASEAN Foreign Ministers Meeting (AMM,  ASEAN Regional Forum (ARF, ASEAN Defense Minister’s Meeting (ADMM, ASEAN Law Ministers Meeting (ALAWMM, and ASEAN Ministerial Meeting on Transnational Crimes (AMMTC. The wide array of these forums signify ASEAN efforts to confront double features of security; the traditional and nontraditional or critical security. The traditional security considers state security as the primary object security. While the critical security tends to focus on non-state aspects such as individual human being as its referent object. Even though some argue that APSC has been able to preserve the stability in the region, it still lack of confidence in solving critical issues such as territorial disputes and irregular migrants problems.Therefore, this piece would examine the fundamental questions: How does ASEAN address beyond state security issues in its security policy through APSC? To search for the answer this paper would apply critical security studies approach. Critical security posits that threats are not always for the states but in many cases for the people. Based on the examination of ASEAN security policies, this paper argues that ASEAN’s security policy has touched the non-traditional security issues but showing slow progress on its development and application. 

Feasibility of a novel participatory multi-sector continuous improvement approach to enhance food security in remote Indigenous Australian communities

Directory of Open Access Journals (Sweden)

J. Brimblecombe

2017-12-01

Conclusion: A multi-sector participatory approach seeking continuous improvement engaged committed Aboriginal and non-Aboriginal stakeholders and was shown to have potential to shift community diet. Provision of clear mechanisms to link this approach with higher level policy and decision-making structures, clarity of roles and responsibilities, and processes to prioritise and communicate actions across sectors should further strengthen capacity for food security improvement. Integrating this approach enabling local decision-making into community governance structures with adequate resourcing is an imperative.

Homeland security: what are the advantages and disadvantages of different local homeland security organizational structures?

OpenAIRE

Fitzpatrick, William Mark

2015-01-01

Approved for public release; distribution is unlimited After the attacks of September 11, 2001, and the creation of the federal Department of Homeland Security in 2002, many local agencies formed their own homeland security entity. Since that time, significant economic downturns have resulted in reductions in the amount of homeland security funding available to local jurisdictions. Another issue involves the lack of a common definition of homeland security and what it entails and how daily...

FORESEE: Fully Outsourced secuRe gEnome Study basEd on homomorphic Encryption.

Science.gov (United States)

Zhang, Yuchen; Dai, Wenrui; Jiang, Xiaoqian; Xiong, Hongkai; Wang, Shuang

2015-01-01

The increasing availability of genome data motivates massive research studies in personalized treatment and precision medicine. Public cloud services provide a flexible way to mitigate the storage and computation burden in conducting genome-wide association studies (GWAS). However, data privacy has been widely concerned when sharing the sensitive information in a cloud environment. We presented a novel framework (FORESEE: Fully Outsourced secuRe gEnome Study basEd on homomorphic Encryption) to fully outsource GWAS (i.e., chi-square statistic computation) using homomorphic encryption. The proposed framework enables secure divisions over encrypted data. We introduced two division protocols (i.e., secure errorless division and secure approximation division) with a trade-off between complexity and accuracy in computing chi-square statistics. The proposed framework was evaluated for the task of chi-square statistic computation with two case-control datasets from the 2015 iDASH genome privacy protection challenge. Experimental results show that the performance of FORESEE can be significantly improved through algorithmic optimization and parallel computation. Remarkably, the secure approximation division provides significant performance gain, but without missing any significance SNPs in the chi-square association test using the aforementioned datasets. Unlike many existing HME based studies, in which final results need to be computed by the data owner due to the lack of the secure division operation, the proposed FORESEE framework support complete outsourcing to the cloud and output the final encrypted chi-square statistics.

Rethinking Ethiopian Secured Transactions Law through ...

African Journals Online (AJOL)

Various countries have reformed their secured transaction laws recognizing the significance of modern secured transactions law in enhancing access to credit and economic development. Ethiopia has not undertaken comprehensive secured transactions law reform, despite the demonstrable mismatch between the legal ...

OT-Combiners Via Secure Computation

DEFF Research Database (Denmark)

Harnik, Danny; Ishai, Yuval; Kushilevitz, Eyal

2008-01-01

of faulty candidates (t = Ω(n)). Previous OT-combiners required either ω(n) or poly(k) calls to the n candidates, where k is a security parameter, and produced only a single secure OT. We demonstrate the usefulness of the latter result by presenting several applications that are of independent interest......An OT-combiner implements a secure oblivious transfer (OT) protocol using oracle access to n OT-candidates of which at most t may be faulty. We introduce a new general approach for combining OTs by making a simple and modular use of protocols for secure computation. Specifically, we obtain an OT......, strengthen the security, and improve the efficiency of previous OT-combiners. In particular, we obtain the first constant-rate OT-combiners in which the number of secure OTs being produced is a constant fraction of the total number of calls to the OT-candidates, while still tolerating a constant fraction...

Statistical methods applied to gamma-ray spectroscopy algorithms in nuclear security missions.

Science.gov (United States)

Fagan, Deborah K; Robinson, Sean M; Runkle, Robert C

2012-10-01

Gamma-ray spectroscopy is a critical research and development priority to a range of nuclear security missions, specifically the interdiction of special nuclear material involving the detection and identification of gamma-ray sources. We categorize existing methods by the statistical methods on which they rely and identify methods that have yet to be considered. Current methods estimate the effect of counting uncertainty but in many cases do not address larger sources of decision uncertainty, which may be significantly more complex. Thus, significantly improving algorithm performance may require greater coupling between the problem physics that drives data acquisition and statistical methods that analyze such data. Untapped statistical methods, such as Bayes Modeling Averaging and hierarchical and empirical Bayes methods, could reduce decision uncertainty by rigorously and comprehensively incorporating all sources of uncertainty. Application of such methods should further meet the needs of nuclear security missions by improving upon the existing numerical infrastructure for which these analyses have not been conducted. Copyright © 2012 Elsevier Ltd. All rights reserved.

Demarcation of Security in Authentication Protocols

DEFF Research Database (Denmark)

Ahmed, Naveed; Jensen, Christian D.

2011-01-01

Security analysis of communication protocols is a slippery business; many “secure” protocols later turn out to be insecure. Among many, two complains are more frequent: inadequate definition of security and unstated assumptions in the security model. In our experience, one principal cause...... for such state of affairs is an apparent overlap of security and correctness, which may lead to many sloppy security definitions and security models. Although there is no inherent need to separate security and correctness requirements, practically, such separation is significant. It makes security analysis...... easier, and enables us to define security goals with a fine granularity. We present one such separation, by introducing the notion of binding sequence as a security primitive. A binding sequence, roughly speaking, is the only required security property of an authentication protocol. All other...

Improving Podcast Distribution on Gwanda using PrivHab: a Multiagent Secure Georouting Protocol.

Directory of Open Access Journals (Sweden)

Adrián SÁNCHEZ-CARMONA

2015-12-01

Full Text Available We present PrivHab, a multiagent secure georouting protocol that improves podcast distribution on Gwanda, Zimbabwe. PrivHab learns the whereabouts of the nodes of the network to select an itinerary for each agent carrying a piece of data. PrivHab makes use of cryptographic techniques to make the decisions while preserving nodes' privacy. PrivHab uses a waypoint-based georouting that achieves a high performance and low overhead in rugged terrain areas that are plenty of physical obstacles. The store-carry-and-forward approach used is based on mobile agents and is designed to operate in areas that lack network infrastructure. The PrivHab protocol is compared with a set of well-known delay-tolerant routing algorithms and shown to outperform them.

Advanced Interface for Tactical Security (AITS) Problem Analysis and Concept Definition

National Research Council Canada - National Science Library

Murray, S

1999-01-01

The Advanced Interface for Tactical Security (AITS) project was initiated to improve the task performance of security forces through technology and design improvements to information display systems...

Evaluation of Data Security Measures in a Network Environment Towards Developing Cooperate Data Security Guidelines

OpenAIRE

Ayub Hussein Shirandula; Dr. G. Wanyembi; Mr. Maina karume

2012-01-01

Data security in a networked environment is a topic that has become significant in organizations. As companies and organizations rely more on technology to run their businesses, connecting system to each other in different departments for efficiency data security is the concern for administrators. This research assessed the data security measures put in place at Mumias Sugar Company and the effort it was using to protect its data. The researcher also highlighted major security issues that wer...

A Forward-secure Grouping-proof Protocol for Multiple RFID Tags

Directory of Open Access Journals (Sweden)

Liu Ya-li

2012-09-01

Full Text Available Designing secure and robust grouping-proof protocols based on RFID characteristics becomes a hotspot in the research of security in Internet of Things (IOT. The proposed grouping-proof protocols recently have security and/or privacy omission and these schemes afford order-dependence by relaying message among tags through an RFID reader. In consequence, aiming at enhancing the robustness, improving scalability, reducing the computation costs on resource-constrained devices, and meanwhile combing Computational Intelligence (CI with Secure Multi-party Communication (SMC, a Forward-Secure Grouping-Proof Protocol (FSGP for multiple RFID tags based on Shamir's (, secret sharing is proposed. In comparison with the previous grouping-proof protocols, FSGP has the characteristics of forward-security and order-independence addressing the scalability issue by avoiding relaying message. Our protocol provides security enhancement, performance improvement, and meanwhile controls the computation cost, which equilibrates both security and low cost requirements for RFID tags.

Information Security Policy Modeling for Network Security Systems

Directory of Open Access Journals (Sweden)

Dmitry Sergeevich Chernyavskiy

2014-12-01

Full Text Available Policy management for network security systems (NSSs is one of the most topical issues of network security management. Incorrect configurations of NSSs lead to system outages and appearance of vulnerabilities. Moreover, policy management process is a time-consuming task, which includes significant amount of manual work. These factors reduce efficiency of NSSs’ utilization. The paper discusses peculiarities of policy management process and existing approaches to policy modeling, presents a model aimed to formalize policies for NSSs independently on NSSs’ platforms and select the most effective NSSs for implementation of the policies.

Measuring energy security performance within China: Toward an inter-provincial prospective

International Nuclear Information System (INIS)

Zhang, Long; Yu, Jing; Sovacool, Benjamin K.; Ren, Jingzheng

2017-01-01

China has been the world's largest energy consumer and producer for many years, yet while myriad studies have investigated Chinese performance on energy metrics compared to other countries, few to none have looked internally at Chinese provinces. This paper firstly develops a five-dimensional evaluation system centered on the energy security dimensions of availability and diversity, affordability and equality, technology and efficiency, environmental sustainability, and governance and innovation. It then correlates these dimensions to 20 distinct energy security metrics that are used to assess the energy security performance of 30 Chinese provinces, divided into eight regions. Our results reveal both trends in energy policy and practice as well as provincial status of comparative energy security for the year 2013. We find, for instance, that there is no province which performs well in all five of the energy security dimensions, and that all provinces confronted threats related to energy availability and diversity. We also demonstrate that in comparative terms, the Middle Reaches of Yellow River and the Northwest were the most energy-secure, while the Middle Reaches of Yangtze River and the Northeast were least energy-secure. - Highlights: • We assessed energy security for 30 Chinese provinces across five dimensions. • Fuzzy AHP, PROMETHEE and Sensitivity Analysis are used to investigate. • Western provinces perform better performance than eastern provinces in 2013. • Energy availability and diversity is the most severe threat facing China's energy security. • Developing renewable energy will help improve China's Provincial energy security significantly.

China’s oil security from the supply chain perspective: A review

International Nuclear Information System (INIS)

Zhao, Chunfu; Chen, Bin

2014-01-01

Highlights: • The development phase of China’s oil industry is detailed. • Risk to oil industry in China is identified along the supply chain. • Policy aimed at improving oil security is examined. - Abstract: Oil security has become a major issue in China. This paper analyzes China’s oil security from the supply chain perspective, as the country faces challenges from an increasing reliance on imported oil, a fast-growing economy, the Malacca dilemma, and volatile international oil prices. To clarify the issue of oil security, we first review the development phase of China’s oil industry and previous research related to its energy security. Then a framework from the supply chain perspective is constructed to identify the current risk from three aspects: energy flow, financial and environmental. Finally, policies aimed at improving the country’s energy security are examined and potential problems presented. From this analysis, we conclude that the potential risk arising from China’s oil system is inherently interconnected. There is still great potential for the country to improve oil security by strengthening its strategic oil reserves, improving energy efficiency, and developing its domestic oil tanker fleet

Multimedia security watermarking, steganography, and forensics

CERN Document Server

Shih, Frank Y

2012-01-01

Multimedia Security: Watermarking, Steganography, and Forensics outlines essential principles, technical information, and expert insights on multimedia security technology used to prove that content is authentic and has not been altered. Illustrating the need for improved content security as the Internet and digital multimedia applications rapidly evolve, this book presents a wealth of everyday protection application examples in fields including multimedia mining and classification, digital watermarking, steganography, and digital forensics. Giving readers an in-depth overview of different asp

How to implement security controls for an information security program at CBRN facilities

International Nuclear Information System (INIS)

Lenaeus, Joseph D.; O'Neil, Lori Ross; Leitch, Rosalyn M.; Glantz, Clifford S.; Landine, Guy P.; Bryant, Janet L.; Lewis, John; Mathers, Gemma; Rodger, Robert; Johnson, Christopher

2015-01-01

This document was prepared by PNNL within the framework of Project 19 of the European Union Chemical Biological Radiological and Nuclear Risk Mitigation Centres of Excellence Initiative entitled, ''Development of procedures and guidelines to create and improve secure information management systems and data exchange mechanisms for CBRN materials under regulatory control.'' It provides management and workers at CBRN facilities, parent organization managers responsible for those facilities, and regulatory agencies (governmental and nongovernmental) with guidance on the best practices for protecting information security. The security mitigation approaches presented in this document were chosen because they present generally accepted guidance in an easy-to-understand manner, making it easier for facility personnel to grasp key concepts and envision how security controls could be implemented by the facility. This guidance is presented from a risk management perspective.

How to implement security controls for an information security program at CBRN facilities

Energy Technology Data Exchange (ETDEWEB)

Lenaeus, Joseph D. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); O' Neil, Lori Ross [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Leitch, Rosalyn M. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Glantz, Clifford S. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Landine, Guy P. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Bryant, Janet L. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Lewis, John [National Nuclear Lab., Workington (United Kingdom); Mathers, Gemma [National Nuclear Lab., Workington (United Kingdom); Rodger, Robert [National Nuclear Lab., Workington (United Kingdom); Johnson, Christopher [National Nuclear Lab., Workington (United Kingdom)

2015-12-01

This document was prepared by PNNL within the framework of Project 19 of the European Union Chemical Biological Radiological and Nuclear Risk Mitigation Centres of Excellence Initiative entitled, ''Development of procedures and guidelines to create and improve secure information management systems and data exchange mechanisms for CBRN materials under regulatory control.'' It provides management and workers at CBRN facilities, parent organization managers responsible for those facilities, and regulatory agencies (governmental and nongovernmental) with guidance on the best practices for protecting information security. The security mitigation approaches presented in this document were chosen because they present generally accepted guidance in an easy-to-understand manner, making it easier for facility personnel to grasp key concepts and envision how security controls could be implemented by the facility. This guidance is presented from a risk management perspective.

South Asia energy security: Challenges and opportunities

International Nuclear Information System (INIS)

Kumar Singh, Bhupendra

2013-01-01

South Asia has witnessed a growing imbalance between energy demand and its supply from indigenous sources resulting in increased import dependence. Energy endowments differ among the South Asian countries. However, access to the significant energy resources in the neighboring countries is denied, which increases the cost of energy supply and reduces energy security of the individual countries and of the region as a whole. The countries in the region could benefit significantly only by strengthening the mechanism of energy trade through improved connectivity. Therefore, greater cooperation within South Asia could be one of the most effective ways to deal with this Regional Energy deficit and ensure Energy Security of the Region. - Highlights: • No South Asian country is going to be able to meet its energy needs domestically. • Fostering cross border energy trade and promotion of investments opportunities are key solutions. • India’s neighbors have huge potential in hydroelectricity. • Co-operation among nations to tap the energy resource can be a win–win situation for all. • However it faces certain challenges

Safety and Security Interface Technology Initiative

International Nuclear Information System (INIS)

Dr. Michael A. Lehto; Kevin J. Carroll; Dr. Robert Lowrie

2007-01-01

Earlier this year, the Energy Facility Contractors Group (EFCOG) was asked to assist in developing options related to acceleration deployment of new security-related technologies to assist meeting design base threat (DBT) needs while also addressing the requirements of 10 CFR 830. NNSA NA-70, one of the working group participants, designated this effort the Safety and Security Interface Technology Initiative (SSIT). Relationship to Workshop Theme. ''Supporting Excellence in Operations Through Safety Analysis'', (workshop theme) includes security and safety personnel working together to ensure effective and efficient operations. One of the specific workshop elements listed in the call for papers is ''Safeguards/Security Integration with Safety''. This paper speaks directly to this theme. Description of Work. The EFCOG Safety Analysis Working Group (SAWG) and the EFCOG Security Working Group formed a core team to develop an integrated process involving both safety basis and security needs allowing achievement of the DBT objectives while ensuring safety is appropriately considered. This effort garnered significant interest, starting with a two day breakout session of 30 experts at the 2006 Safety Basis Workshop. A core team was formed, and a series of meetings were held to develop that process, including safety and security professionals, both contractor and federal personnel. A pilot exercise held at Idaho National Laboratory (INL) in mid-July 2006 was conducted as a feasibility of concept review. Work Results. The SSIT efforts resulted in a topical report transmitted from EFCOG to DOE/NNSA in August 2006. Elements of the report included: Drivers and Endstate, Control Selections Alternative Analysis Process, Terminology Crosswalk, Safety Basis/Security Documentation Integration, Configuration Control, and development of a shared ''tool box'' of information/successes. Specific Benefits. The expectation or end state resulting from the topical report and associated

Genesis of enterprise financial security

Directory of Open Access Journals (Sweden)

Davydenko N. M.

2015-05-01

Full Text Available The article analyzes the scientific approaches to the definition of «financial security of entities», advantages and disadvantages of these approaches are highlighted. The own definition of financial security of entities is given. The composition of elements of enterprise financial security and principles of its provision are defined. Тhe role of individual elements of financial security to ensure high efficiency operation and development of enterprises is significant and has a direct impact on their solvency, liquidity and profitability.

Social security for seafarers globally

DEFF Research Database (Denmark)

Jensen, Olaf; Canals, Luisa; Haarløv, Erik

2013-01-01

Social security for seafarers globally Background: Social security protection is one of the essential elements of decent work. The issue is complex and no previous epidemiological studies of the coverage among seafarers have yet been performed. Objectives: The aim was to overcome the gap...... of knowledge to promote the discussion and planning of the implementation of social security for all seafarers. Methods: The seafarers completed a short questionnaire concerning their knowledge about their social security status. Results: Significant disparities of coverage of social security were pointed out...... comes from poorer countries without substantial social security systems. The solutions suggested are to implement the minimum requirements as recommended by the ILO 2006 Convention, to survey the implementation and in the long term to struggle for global social equality. Key words: Social security...

Managing Wetlands for Improved Food Security in Uganda | CRDI ...

International Development Research Centre (IDRC) Digital Library (Canada)

Researchers will determine the food security status of households adjacent to wetlands and the part that wetlands resources contribute to it. They will analyze the tradeoffs in using wetlands for crop production. And, they will test, adapt and promote agricultural technologies that enhance productivity while minimizing ...

Information fusion for cyber-security analytics

CERN Document Server

Karabatis, George; Aleroud, Ahmed

2017-01-01

This book highlights several gaps that have not been addressed in existing cyber security research. It first discusses the recent attack prediction techniques that utilize one or more aspects of information to create attack prediction models. The second part is dedicated to new trends on information fusion and their applicability to cyber security; in particular, graph data analytics for cyber security, unwanted traffic detection and control based on trust management software defined networks, security in wireless sensor networks & their applications, and emerging trends in security system design using the concept of social behavioral biometric. The book guides the design of new commercialized tools that can be introduced to improve the accuracy of existing attack prediction models. Furthermore, the book advances the use of Knowledge-based Intrusion Detection Systems (IDS) to complement existing IDS technologies. It is aimed towards cyber security researchers. .

Improving the security of a quantum secret sharing protocol between multiparty and multiparty without entanglement

International Nuclear Information System (INIS)

Han Lianfang; Liu Yimin; Shi Shouhua; Zhang Zhanjun

2007-01-01

Recently Yan and Gao [F.L. Yan, T. Gao, Phys. Rev. A 72 (2005) 012304] have proposed a quantum secret sharing protocol which allows a secret message to be shared between one group of m parties and another group of n parties. The protocol is claimed to be secure. In this Letter, first we show that any subgroup consisting of evil cooperative parties (or one and only one evil party) can successfully cheat other parties to obtain the secret message without being detected. Then we improve the original Yan-Gao protocol such that the insider's cheats are prevented

Securing Gateways within Clustered Power Centric Network of Nodes

Directory of Open Access Journals (Sweden)

Qaisar Javaid

2016-01-01

Full Text Available Knowledge Networks are gaining momentum within cyber world. Knowledge leads to innovation and for this reason organizations focus on research and information gathering in order to gain and improve existing knowledge. This of information era, which is primarily based on world wide web technologies, enables significantly expanded networks of people to communicate and collaborate 'virtually' across teams, across entire organizations and across the world, anytime and anywhere. Innovations in computing and telecommunications have transformed the corporations from structured and manageable types to interwoven network of blurred boundaries such as; ad hoc networks and mobile wireless networks, etc. This study explores knowledge networks in Information Technology and security leaks that are found, as well as measures that are taken to counter this menace which is coming up with optimal Secure Clustered Power Centric node network. The paper concludes these measures, evaluating and integrating them to come up with a secured network design.

Contribution of Food Crops to Household Food Security Among ...

African Journals Online (AJOL)

The study also showed that farmers in the study area are relatively food secure. Inputs such as fertilizer, processing and storage facilities, improved seedlings, tractor, access to credit loan etc. should be made available to encourage farmers to improve household food security and raise their living standard. In addition ...

Agencies Need Improved Financial Data Reporting for Private Security Contractors

National Research Council Canada - National Science Library

Warren, David R; Bianco, Michael A; Nasser, Waheed; Kusman, Richard R; Shafer, James; Venner, Jason; Walls, Lovell Q; Wright, Samson J

2008-01-01

.... The objective of this report was to determine the extent to which federal agencies have systematically captured financial data for private security services in Iraq since 2003, and to identify...

[Improvement of Phi bodies stain and its clinical significance].

Science.gov (United States)

Gong, Xu-Bo; Lu, Xing-Guo; Yan, Li-Juan; Xiao, Xi-Bin; Wu, Dong; Xu, Gen-Bo; Zhang, Xiao-Hong; Zhao, Xiao-Ying

2009-02-01

The aim of this study was to improve the dyeing method of hydroperoxidase (HPO), to analyze the morphologic features of Phi bodies and to evaluate the clinical application of this method. 128 bone marrow or peripheral blood smears from patients with myeloid and lymphoid malignancies were stained by improved HPO staining. The Phi bodies were observed with detection rate of Phi bodies in different leukemias. 69 acute myeloid leukemia (AML) specimens were chosen randomly, the positive rate and the number of Phi bodies between the improved HPO and POX stain based on the same substrate of 3, 3'diaminobenzidine were compared. The results showed that the shape of bundle-like Phi bodies was variable, long or short. while the nubbly Phi bodies often presented oval and smooth. Club-like Phi bodies were found in M(3). The detection rates of bundle-like Phi bodies in AML M(1)-M(5) were 42.9% (6/14), 83.3% (15/18), 92.0% (23/25), 52.3% (11/21), 33.3% (5/15) respectively, and those of nubbly Phi bodies were 28.6% (4/14), 66.7% (12/18), 11.1% (3/25), 33.3% (7/21), 20.0% (3/15) respectively. The detection rate of bundle-like Phi bodies in M(3) was significantly higher than that in (M(1) + M(2)) or (M(4) + M(5)) groups. The detection rate of nubbly Phi bodies in (M(1) + M(2)) group was higher than that in M(3) group. In conclusion, after improvement of staining method, the HPO stain becomes simple, the detection rate of Phi bodies is higher than that by the previous method, the positive granules are more obvious, and the results become stable. This improved method plays an important role in differentiating AML from ALL, subtyping AML, and evaluating the therapeutic results.

Managing Wetlands for Improved Food Security in Uganda | IDRC ...

International Development Research Centre (IDRC) Digital Library (Canada)

However, little is known about the contribution of wetland resources to household food security or the environmental impact of using wetlands for agriculture or other purposes. Researchers will ... IDRC is pleased to announce the results of its 2017 call for proposals to establish Cyber Policy Centres in the Global South.

The significance of interconnector counter-trading in a security constrained electricity market

International Nuclear Information System (INIS)

Higgins, P.; Li, K.; Devlin, J.; Foley, A.M.

2015-01-01

Throughout the European Union there is an increasing amount of wind generation being dispatched-down due to the binding of power system operating constraints from high levels of wind generation. This paper examines the impact a system non-synchronous penetration limit has on the dispatch-down of wind and quantifies the significance of interconnector counter-trading to the priority dispatching of wind power. A fully coupled economic dispatch and security constrained unit commitment model of the Single Electricity Market of the Republic of Ireland and Northern Ireland and the British Electricity Trading and Transmission Arrangement was used in this study. The key finding was interconnector counter-trading reduces the impact the system non-synchronous penetration limit has on the dispatch-down of wind. The capability to counter-trade on the interconnectors and an increase in system non-synchronous penetration limit from 50% to 55% reduces the dispatch-down of wind by 311 GW h and decreases total electricity payments to the consumer by €1.72/MW h. In terms of the European Union electricity market integration, the results show the importance of developing individual electricity markets that allow system operators to counter-trade on interconnectors to ensure the priority dispatch of the increasing levels of wind generation. - Highlights: • Interconnector counter-trading reduces the system marginal price in the SEM. • Dispatch-down of wind power is reduced due to interconnector counter-trading. • A 5% increase in the SNSP limit can reduce wind power dispatched-down by 50%. • An increase in the SNSP limit and installed wind capacity reduces the SMP.

Economic security, 1935-85.

Science.gov (United States)

Reno, V P; Grad, S

1985-12-01

The economic well-being of both working and retired persons has improved significantly since the Social Security Act was passed in 1935. More people are employed now than at any time since then, despite declining employment among the aged and more years of school attendance among the young. The ratio of non-workers to workers--a broad measure of dependency--is lower now than at any time since the 1930's. Social security has grown and matured to become a strong foundation of retirement income, and other work-related employee benefits have grown in tandem with social security. Employer contributions for social insurance and related employee benefits have grown from being about a 1-percent supplement to aggregate wages and salaries in 1929 to nearly 20 percent today. Social security and Medicare account for just over a fourth of employer contributions, while other public and private retirement systems represent just over another fourth. The balance of benefits for active workers includes group health and life insurance, unemployment insurance, workers' compensation, temporary disability insurance, and related benefits. Pay for holidays, vacations, and sick leave is estimated to have increased from less than 1 percent of aggregate pay in 1929 to about 10 percent today. The improved economic status of the aged has been documented by a series of surveys beginning in 1941-42 and carried out from time to time until 1972 and biennially since 1976. The earlier surveys were supplemented with estimates from record data and tables from the Bureau of the Census. The income of the aged as a whole has grown by about 75 percent over the past 2 decades after taking inflation into account. The income of the aged as a whole grew faster than that of the nonaged in the 1970's and early 1980's when real social security benefits increased faster than inflation and wages lagged behind it. New beneficiaries in 1982 were in better health and were more likely to retire because they wanted to

Report: Improvements Needed in Key EPA Information System Security Practices

Science.gov (United States)

Report #10-P-0146, June 15, 2010. Williams Adley found that EPA program offices lacked evidence that they planned and executed tests of information system security controls as required by federal requirements.

Perceived and geographic food access and food security status among households with children.

Science.gov (United States)

Ma, Xiaoguang; Liese, Angela D; Bell, Bethany A; Martini, Lauren; Hibbert, James; Draper, Carrie; Burke, Michael P; Jones, Sonya J

2016-10-01

To examine the association of both perceived and geographic neighbourhood food access with food security status among households with children. This was a cross-sectional study in which participants' perceptions of neighbourhood food access were assessed by a standard survey instrument, and geographic food access was evaluated by distance to the nearest supermarket. Multinomial logistic regression models were used to examine the associations. The Midlands Family Study included 544 households with children in eight counties in South Carolina, USA. Food security status among participants was classified into three categories: food secure (FS), food insecure (FI) and very low food security among children (VLFS-C). Compared with FS households, VLFS-C households had lower odds of reporting easy access to adequate food shopping. VLFS-C households also had lower odds of reporting neighbourhood access to affordable fruits and vegetables compared with FS households and reported worse selection of fruits and vegetables, quality of fruits and vegetables, and selection of low-fat products. FI households had lower odds of reporting fewer opportunities to purchase fast food. None of the geographic access measures was significantly associated with food security status. Caregivers with children who experienced hunger perceived that they had less access to healthy affordable food in their community, even though grocery stores were present. Approaches to improve perceived access to healthy affordable food should be considered as part of the overall approach to improving food security and eliminating child hunger.

Perceived and Geographic Food Access and Food Security Status among Households with Children

Science.gov (United States)

Ma, Xiaoguang; Liese, Angela D.; Bell, Bethany; Martini, Lauren; Hibbert, James; Draper, Carrie; Jones, Sonya J.

2017-01-01

Objective To examine the association of both perceived and geographic neighborhood food access with food security status among households with children. Design This was a cross-sectional study in which participants’ perceptions of neighborhood food access were assessed by a standard survey instrument, and geographic food access was evaluated by distance to the nearest supermarket. Multinomial logistic regression models were used to examine the associations. Subjects The Midlands Family Study included 544 households with children in eight counties in South Carolina. Food security status among participants was classified into three categories: food secure (FS), food insecure (FI) and very low food security among children (VLFS-C). Results Compared to FS households, VLFS-C households had lower odds of reporting easy access to adequate food shopping. VLFS-C households also had lower odds of reporting neighborhood access to affordable fruits and vegetables compared to FS households and reported worse selection of fruits and vegetables, quality of fruits and vegetables and selection of low-fat products. FI households had lower odds of reporting fewer opportunities to purchase fast food. None of the geographic access measures was significantly associated with food security status. Conclusions Caregivers with children that experienced hunger perceived that they had less access to healthy affordably food in their community, even though grocery stores were present. Approaches to improve perceived access to healthy affordable food should be considered as part of the overall approach to improving food security and eliminating child hunger. PMID:27133939

Safeguards and security progress report, January-December 1984

Energy Technology Data Exchange (ETDEWEB)

Smith, D.B. (comp.)

1986-01-01

From January to December 1984, the Los Alamos Safeguards and Security Program was involved in the activities described in the first four parts of this report: Nuclear Facility Support, Security Development and Support, Safeguards Technology Development, and International Safeguards. Part 1 covers efforts of direct assistance to the Department of Energy (DOE) and Nuclear Regulatory Commission (NRC) licensee facilities. Part 2 treats activities aimed at the security of information and computer systems. was Part 3 describes the broad development efforts essential to continuing improvements in the practice of safeguards. Although these projects are properly classified as developmental, they address recognized problems that commonly occur in operating facilities. Finally, Part 4 covers international safeguards activities, including both support to the International Atomic Energy Agency and bilateral exchanges. Enrichment plant safeguards, especially those concerning the Gas Centrifuge Enrichment Plant, required a significant portion of our resources. These efforts are beginning to provide substantial returns on our investment in technology transfer, not only in raising the level of safeguards effectiveness but also in benefiting from field experiences in operating environments.

Safeguards and security progress report, January-December 1984

International Nuclear Information System (INIS)

Smith, D.B.

1986-01-01

From January to December 1984, the Los Alamos Safeguards and Security Program was involved in the activities described in the first four parts of this report: Nuclear Facility Support, Security Development and Support, Safeguards Technology Development, and International Safeguards. Part 1 covers efforts of direct assistance to the Department of Energy (DOE) and Nuclear Regulatory Commission (NRC) licensee facilities. Part 2 treats activities aimed at the security of information and computer systems. was Part 3 describes the broad development efforts essential to continuing improvements in the practice of safeguards. Although these projects are properly classified as developmental, they address recognized problems that commonly occur in operating facilities. Finally, Part 4 covers international safeguards activities, including both support to the International Atomic Energy Agency and bilateral exchanges. Enrichment plant safeguards, especially those concerning the Gas Centrifuge Enrichment Plant, required a significant portion of our resources. These efforts are beginning to provide substantial returns on our investment in technology transfer, not only in raising the level of safeguards effectiveness but also in benefiting from field experiences in operating environments

Multi-energy x-ray detectors to improve air-cargo security

Science.gov (United States)

Paulus, Caroline; Moulin, Vincent; Perion, Didier; Radisson, Patrick; Verger, Loïck

2017-05-01

X-ray based systems have been used for decades to screen luggage or cargo to detect illicit material. The advent of energy-sensitive photon-counting x-ray detectors mainly based on Cd(Zn)Te semi-conductor technology enables to improve discrimination between materials compared to single or dual energy technology. The presented work is part of the EUROSKY European project to develop a Single European Secure Air-Cargo Space. "Cargo" context implies the presence of relatively heavy objects and with potentially high atomic number. All the study is conducted on simulations with three different detectors: a typical dual energy sandwich detector, a realistic model of the commercial ME100 multi-energy detector marketed by MULTIX, and a ME100 "Cargo": a not yet existing modified multi-energy version of the ME100 more suited to air freight cargo inspection. Firstly, a comparison on simulated measurements shows the performances improvement of the new multi-energy detectors compared to the current dual-energy one. The relative performances are evaluated according to different criteria of separability or contrast-to-noise ratio and the impact of different parameters is studied (influence of channel number, type of materials and tube voltage). Secondly, performances of multi-energy detectors for overlaps processing in a dual-view system is accessed: the case of orthogonal projections has been studied, one giving dimensional values, the other one providing spectral data to assess effective atomic number. A method of overlap correction has been proposed and extended to multi-layer objects case. Therefore, Calibration and processing based on bi-material decomposition have been adapted for this purpose.

Computer Security: professionalism in security, too

CERN Multimedia

Stefan Lueders, Computer Security Team

2015-01-01

At CERN, we apply a great deal of dedication and professionalism to all the work we do. This is necessary because of the complexity and sophistication of the devices we deal with. However, when it comes to computer security, we can all agree that there is room for improvement.   In some cases, we’ve observed devices that are connected to our Intranet networks without the adequate level of protection. Also, in order to allow it to be disseminated easily with peers, information is often disclosed on public webpages, sometimes without appropriate consideration of important security-related aspects. Program code is lost due to a lack of proper version control or the use of central storage systems. Systems are brought down by “finger trouble”, confusing the right and wrong IP addresses. Software or system development is done directly on production devices, impinging on their proper operation up to the point where the system grinds to a halt. Applications full of useful fe...

Radiation Detection for Homeland Security Applications

Science.gov (United States)

Ely, James

2008-05-01

In the past twenty years or so, there have been significant changes in the strategy and applications for homeland security. Recently there have been significant at deterring and interdicting terrorists and associated organizations. This is a shift in the normal paradigm of deterrence and surveillance of a nation and the `conventional' methods of warfare to the `unconventional' means that terrorist organizations resort to. With that shift comes the responsibility to monitor international borders for weapons of mass destruction, including radiological weapons. As a result, countries around the world are deploying radiation detection instrumentation to interdict the illegal shipment of radioactive material crossing international borders. These efforts include deployments at land, rail, air, and sea ports of entry in the US and in European and Asian countries. Radioactive signatures of concern include radiation dispersal devices (RDD), nuclear warheads, and special nuclear material (SNM). Radiation portal monitors (RPMs) are used as the main screening tool for vehicles and cargo at borders, supplemented by handheld detectors, personal radiation detectors, and x-ray imaging systems. This talk will present an overview of radiation detection equipment with emphasis on radiation portal monitors. In the US, the deployment of radiation detection equipment is being coordinated by the Domestic Nuclear Detection Office within the Department of Homeland Security, and a brief summary of the program will be covered. Challenges with current generation systems will be discussed as well as areas of investigation and opportunities for improvements. The next generation of radiation portal monitors is being produced under the Advanced Spectroscopic Portal program and will be available for deployment in the near future. Additional technologies, from commercially available to experimental, that provide additional information for radiation screening, such as density imaging equipment, will

Computer Security Issues in Online Banking: An Assessment from the Context of Usable Security

Science.gov (United States)

Mahmadi, FN; Zaaba, ZF; Osman, A.

2016-11-01

Today's online banking is a convenient mode of finance management. Despite the ease of doing online banking, there are people that still sceptical in utilizing it due to perception and its security. This paper highlights the subject of online banking security in Malaysia, especially from the perspective of the end-users. The study is done by assessing human computer interaction, usability and security. An online survey utilising 137 participants was previously conducted to gain preliminary insights on security issues of online banking in Malaysia. Following from those results, 37 participants were interviewed to gauge deeper understanding about end-users perception on online banking within the context of usable security. The results suggested that most of the end-users are continuingly experiencing significant difficulties especially in relation to the technical terminologies, security features and other technical issues. Although the security features are provided to provide a shield or protection, users are still incapable to cope with the technical aspects of such implementation.

Three Essays on Information Security Policies

Science.gov (United States)

Yang, Yubao

2011-01-01

Information security breaches pose a significant and increasing threat to national security and economic well-being. In the Symantec Internet Security Threat Report (2003), companies surveyed experienced an average of about 30 attacks per week. Anecdotal evidence suggests that losses from cyber-attacks can run into millions of dollars. The CSI-FBI…

Report: EPA’s National Security Information Program Could Be Improved

Science.gov (United States)

Report #12-P-0543, June 18, 2012. Under its classified NSI program, EPA has assigned responsibilities and provided guidance, training, and oversight. EPA program offices provide secure equipment and space, following NSI program specifications.

Exploring the impact of the 2008 global food crisis on food security among vulnerable households in rural South Africa.

Science.gov (United States)

Nawrotzki, Raphael J; Robson, Kristin; Gutilla, Margaret J; Hunter, Lori M; Twine, Wayne; Norlund, Petra

2014-04-01

Recurring food crises endanger the livelihoods of millions of households in developing countries around the globe. Owing to the importance of this issue, we explore recent changes in food security between the years 2004 and 2010 in a rural district in Northeastern South Africa. Our study window spans the time of the 2008 global food crises and allows the investigation of its impacts on rural South African populations. Grounded in the sustainable livelihood framework, we examine differences in food security trajectories among vulnerable sub populations. A unique panel data set of 8,147 households, provided by the Agincourt Health and Demographic Surveillance System (Agincourt HDSS), allows us to employ a longitudinal multilevel modeling approach to estimate adjusted growth curves for the differential change in food security across time. We observe an overall improvement in food security that leveled off after 2008, most likely resulting from the global food crisis. In addition, we discover significant differences in food security trajectories for various sub populations. For example, female-headed households and those living in areas with better access to natural resources differentially improved their food security situation, compared to male-headed households and those households with lower levels of natural resource access. However, former Mozambican refugees witnessed a decline in food security. Therefore, poverty alleviation programs for the Agincourt region should work to improve the food security of vulnerable households, such as former Mozambican refugees.

Secure system design and trustable computing

CERN Document Server

Potkonjak, Miodrag

2016-01-01

This book provides the foundations for understanding hardware security and trust, which have become major concerns for national security over the past decade.  Coverage includes issues related to security and trust in a variety of electronic devices and systems related to the security of hardware, firmware and software, spanning system applications, online transactions, and networking services.  This serves as an invaluable reference to the state-of-the-art research that is of critical significance to the security of, and trust in, modern society’s microelectronic-supported infrastructures.

78 FR 14101 - Homeland Security Science and Technology Advisory Committee (HSSTAC)

Science.gov (United States)

2013-03-04

... Secretary for Science and Technology, such as new developments in systems engineering, cyber-security... HSSTAC input on how to improve that collaboration. --Cyber Security and the evolution of the Cyber... DEPARTMENT OF HOMELAND SECURITY [Docket No. DHS-2013-0014] Homeland Security Science and...

A Student Information Management System Based on Fingerprint Identification and Data Security Transmission

Directory of Open Access Journals (Sweden)

Pengtao Yang

2017-01-01

Full Text Available A new type of student information management system is designed to implement student information identification and management based on fingerprint identification. In order to ensure the security of data transmission, this paper proposes a data encryption method based on an improved AES algorithm. A new S-box is cleverly designed, which can significantly reduce the encryption time by improving ByteSub, ShiftRow, and MixColumn in the round transformation of the traditional AES algorithm with the process of look-up table. Experimental results show that the proposed algorithm can significantly improve the encryption time compared with the traditional AES algorithm.

Systems analysis of a security alarm system

International Nuclear Information System (INIS)

Schiff, A.

1975-01-01

When the Lawrence Livermore Laboratory found that its security alarm system was causing more false alarms and maintenance costs than LLL felt was tolerable, a systems analysis was undertaken to determine what should be done about the situation. This report contains an analysis of security alarm systems in general and ends with a review of the existing Security Alarm Control Console (SACC) and recommendations for its improvement, growth and change. (U.S.)

RISK MANAGEMENT FROM THE INFORMATION SECURITY PERSPECTIVE

Directory of Open Access Journals (Sweden)

Riza Ionuț

2017-11-01

Full Text Available Risk management has emerged ever since the appearance of human communities and it has developed at a slow rate. Over time, a significant improvement was made, from accepting hazards to the identification, evaluation and control of unwanted events, threat prevention and exploitation of opportunities through scientific risk management actions. The fundamental role of research in cyber security is to concentrate the efforts on those contexts and conditions which determine the way in which key players reach a common understanding of the way to conceive and eventually answer to certain challenges in cyber security. In order to build a clear perception of these effects, this work presents the main elements which define cyber space, to come to the aid of turning the management process into an efficient one, especially when talking about cyber space as a space for conflicts, both economic and political.

Security Issues Model on Cloud Computing: A Case of Malaysia

OpenAIRE

Komeil Raisian; Jamaiah Yahaya

2015-01-01

By developing the cloud computing, viewpoint of many people regarding the infrastructure architectures, software distribution and improvement model changed significantly. Cloud computing associates with the pioneering deployment architecture, which could be done through grid calculating, effectiveness calculating and autonomic calculating. The fast transition towards that, has increased the worries regarding a critical issue for the effective transition of cloud computing. From the security v...

Linking consumer energy efficiency with security of supply

International Nuclear Information System (INIS)

Rutherford, J.P.; Scharpf, E.W.; Carrington, C.G.

2007-01-01

Most modern energy policies seek to achieve systematic ongoing incremental increases in consumer energy efficiency, since this contributes to improved security of supply, favourable environmental outcomes and increased economic efficiency. Yet realised levels of efficiency are typically well below the most cost-effective equilibrium due to variety of behavioural and organisational barriers, which are often linked to information constraints. In addition efficient users are normally unrewarded for collective benefits to system security and to the environment, thus reducing the incentives for energy consumers to invest in efficiency improvements. This paper examines the dichotomies and symmetries between supply- and demand-side solutions to energy security concerns and reviews opportunities to overcome barriers to improved consumer efficiency. A security market is identified as a mechanism to promote both demand- and supply-side investments that support electricity system security. Such a market would assist in setting the optimal quantity of reserves while achieving an efficient balance between supply- and demand-side initiatives. It would also help to smooth overall investment throughout the energy system by encouraging incremental approaches, such as distributed generation and demand-side alternatives where they provide competitive value. Although the discussion is applicable to energy systems in general, it focuses primarily on electricity in New Zealand

Ontario Hydro looks at security

International Nuclear Information System (INIS)

Green, B.J.; Kee, B.

1995-01-01

Ontario Hydro operates 20 CANDU reactors on three different sites. Since 1984, a review of security arrangements on all the sites has taken place on a five-yearly basis. The review process for 1995 is outlined. The three objectives were as follows: to assess current security threats and risks to the stations; to assess the adequacy of the existing programme to protect against current threats; by comparing the security programme against those of comparable entities to establish benchmarks for good practice as a basis for improvements at Ontario Hydro. Valuable insights gained through the review are listed. These could be useful to other utilities. (UK)

Almaraz ovation control system security

International Nuclear Information System (INIS)

Madronal Rodriguez, E.; Anderson, E.; Jimenez Diaz, J.; Carrasco Mateos, J. A.

2013-01-01

Improving the security of a plant's Distributed Control System (DCS) is an important consideration for plant safety and profitability, as well as the necessity to comply with the regulation. The U.S. Nuclear Regulatory Commission has produced Regulatory Guide (RG) 5.71, and the Nuclear Energy Institute (NEI) has produced NEI 08-09 to assist plants in meeting 10 CFR 73.54, Protection of digital computer and communication systems and networks. These requirements, which address the establishment, implementation and maintenance of a cyber security program, present challenges to ensure that safety, security and emergency preparedness functions of nuclear facilities are not negatively impacted by the vulnerability scanning and testing process.

Agencies Need Improved Financial Data Reporting for Private Security Contractors

National Research Council Canada - National Science Library

Warren, David R; Bianco, Michael A; Nasser, Waheed; Kusman, Richard R; Shafer, James; Venner, Jason; Walls, Lovell Q; Wright, Samson J

2008-01-01

Section 842 of the National Defense Authorization Act of 2008 (Public Law 110-181), required SIGIR to, among other things, develop a plan to evaluate various characteristics of contracting for private security contractor services in Iraq...

Security Analysis and Improvement of an Anonymous Authentication Scheme for Roaming Services

Directory of Open Access Journals (Sweden)

Youngsook Lee

2014-01-01

Full Text Available An anonymous authentication scheme for roaming services in global mobility networks allows a mobile user visiting a foreign network to achieve mutual authentication and session key establishment with the foreign-network operator in an anonymous manner. In this work, we revisit He et al.’s anonymous authentication scheme for roaming services and present previously unpublished security weaknesses in the scheme: (1 it fails to provide user anonymity against any third party as well as the foreign agent, (2 it cannot protect the passwords of mobile users due to its vulnerability to an offline dictionary attack, and (3 it does not achieve session-key security against a man-in-the-middle attack. We also show how the security weaknesses of He et al.’s scheme can be addressed without degrading the efficiency of the scheme.

360 PORT MDA - A Strategy to Improve Port Security

Science.gov (United States)

2006-09-01

Participating Agencies (After: Executive Briefing..........................27 Table 6. Designated Joint Operations Center Participants (From: SAFE...Investigations CGIP Coast Guard Intelligence Program CHOC Charleston Harbor Operations Center CIO Command Intelligence Officer CMT Combating Maritime... EXECUTIVE SUMMARY Ports are critical to our economy and national security. Key hubs in the international trade network, U.S. ports accounted for more than

​Improving potato production for increased food security of ...

International Development Research Centre (IDRC) Digital Library (Canada)

The challenge. In Colombia, food security is a national concern, and indigenous communities of Nariño are among the most food insecure in the country. Potato is the staple food crop and main source of family income for the region's smallholder farms — many of which are headed by women. One of the biggest threats to ...

Natural Resources Management for Sustainable Food Security in ...

International Development Research Centre (IDRC) Digital Library (Canada)

Natural Resources Management for Sustainable Food Security in the Sahel ... as well as strategies for managing the resource base with a view to improving food security. ... InnoVet-AMR grants to support development of innovative veterinary ...

Information security risk management for computerized health information systems in hospitals: a case study of Iran.

Science.gov (United States)

Zarei, Javad; Sadoughi, Farahnaz

2016-01-01

In recent years, hospitals in Iran - similar to those in other countries - have experienced growing use of computerized health information systems (CHISs), which play a significant role in the operations of hospitals. But, the major challenge of CHIS use is information security. This study attempts to evaluate CHIS information security risk management at hospitals of Iran. This applied study is a descriptive and cross-sectional research that has been conducted in 2015. The data were collected from 551 hospitals of Iran. Based on literature review, experts' opinion, and observations at five hospitals, our intensive questionnaire was designed to assess security risk management for CHISs at the concerned hospitals, which was then sent to all hospitals in Iran by the Ministry of Health. Sixty-nine percent of the studied hospitals pursue information security policies and procedures in conformity with Iran Hospitals Accreditation Standards. At some hospitals, risk identification, risk evaluation, and risk estimation, as well as risk treatment, are unstructured without any specified approach or methodology. There is no significant structured approach to risk management at the studied hospitals. Information security risk management is not followed by Iran's hospitals and their information security policies. This problem can cause a large number of challenges for their CHIS security in future. Therefore, Iran's Ministry of Health should develop practical policies to improve information security risk management in the hospitals of Iran.

Hotel Security Management : Case: Original Sokos Hotel Vaakuna Vaasa

OpenAIRE

Koskela, Jere

2016-01-01

This thesis studied hotel security management and examined one case hotel more closely on matters of security management. The case hotel in this research was Original Sokos Hotel Vaakuna Vaasa. The aim of the thesis was to find out how security aspects are managed and how they could be developed in the case hotel. This research was conducted to help the case hotel’s security supervisor to develop and improve security. The thesis consists of a theoretical framework and an empirical study. The ...

Improving Student Engagement in the Study of Professional Ethics: Concepts and an Example in Cyber Security.

Science.gov (United States)

Bustard, John D

2018-04-01

In spite of the acknowledged importance of professional ethics, technical students often show little enthusiasm for studying the subject. This paper considers how such engagement might be improved. Four guiding principles for promoting engagement are identified: (1) aligning teaching content with student interests; (2) taking a pragmatic rather than a philosophical approach to issue resolution; (3) addressing the full complexity of real-world case studies; and (4) covering content in a way that students find entertaining. The use of these principles is then discussed with respect to the specific experience of developing and presenting a master's module in Ethical and Legal Issues in Cyber Security at Queens University Belfast. One significant aspect of the resulting design is that it encourages students to see ethical issues in systemic terms rather than from an individual perspective, with issues emerging from a conflict between different groups with different vested interests. Case studies are used to examine how personal and business priorities create conflicts that can lead to negative press, fines and punitive legal action. The module explores the reasons why organisations may be unaware of the risks associated with their actions and how an inappropriate response to an ethical issue can significantly aggravate a situation. The module has been delivered in three successive years since 2014 and been well received on each occasion. The paper describes the design of the module and the experience of delivering it, concluding with a discussion of the effectiveness of the approach.

Energy Security and Sub-Saharan Africa

Directory of Open Access Journals (Sweden)

Emily Meierding

2013-02-01

Full Text Available Published by Palgrave MacmillanOver the last decade the topic of energy security has reappeared on global policy agendas. Most analyses of international energy geopolitics examine the interests and behaviour of powerful energy-importing countries like the US and China. This chapter begins by examining foreign powers’ expanded exploitation of oil and uranium resources in Sub-Saharan Africa. It goes on to examine how energy importers’ efforts to enhance their energy security through Africa are impacting energy security within Africa. It assesses Sub-Saharan states’ attempts to increase consumption of local oil and uranium reserves. Observing the constraints on these efforts, it then outlines some alternative strategies that have been employed to enhance African energy security. It concludes that, while local community-based development projects have improved the well-being of many households, they are not a sufficient guarantor of energy security. Inadequate petroleum access, in particular, remains a development challenge. Foreign powers’ efforts to increase their oil security are undermining the energy security of Sub-Saharan African citizens.