WorldWideScience

Sample records for unix security mailig

  1. Unix Security Cookbook

    Science.gov (United States)

    Rehan, S. C.

    This document has been written to help Site Managers secure their Unix hosts from being compromised by hackers. I have given brief introductions to the security tools along with downloading, configuring and running information. I have also included a section on my recommendations for installing these security tools starting from an absolute minimum security requirement.

  2. Practical Unix and Internet Security

    CERN Document Server

    Garfinkel, Simson; Spafford, Gene

    2003-01-01

    When Practical Unix Security was first published more than a decade ago, it became an instant classic. Crammed with information about host security, it saved many a Unix system administrator from disaster. The second edition added much-needed Internet security coverage and doubled the size of the original volume. The third edition is a comprehensive update of this very popular book - a companion for the Unix/Linux system administrator who needs to secure his or her organization's system, networks, and web presence in an increasingly hostile world. Focusing on the four most popular Unix varia

  3. A secure file manager for UNIX

    Energy Technology Data Exchange (ETDEWEB)

    DeVries, R.G.

    1990-12-31

    The development of a secure file management system for a UNIX-based computer facility with supercomputers and workstations is described. Specifically, UNIX in its usual form does not address: (1) Operation which would satisfy rigorous security requirements. (2) Online space management in an environment where total data demands would be many times the actual online capacity. (3) Making the file management system part of a computer network in which users of any computer in the local network could retrieve data generated on any other computer in the network. The characteristics of UNIX can be exploited to develop a portable, secure file manager which would operate on computer systems ranging from workstations to supercomputers. Implementation considerations making unusual use of UNIX features, rather than requiring extensive internal system changes, are described, and implementation using the Cray Research Inc. UNICOS operating system is outlined.

  4. UNIX secure server : a free, secure, and functional server example

    OpenAIRE

    Sastre, Hugo

    2016-01-01

    The purpose of this thesis work was to introduce UNIX server as a personal server but also as a start point for investigation and developing at a professional level. The objective of this thesis was to build a secure server providing not only a FTP server but also an HTTP server and a cloud system for remote backups. OpenBSD was used as the operating system. OpenBSD is a UNIX-like operating system made by hackers for hackers. The difference with other systems that might partially provid...

  5. In-Depth Modeling of the UNIX Operating System for Architectural Cyber Security Analysis

    OpenAIRE

    Vernotte, Alexandre; Johnson, Pontus; Ekstedt, Mathias; Lagerström, Robert

    2017-01-01

    ICT systems have become an integral part of business and life. At the same time, these systems have become extremely complex. In such systems exist numerous vulnerabilities waiting to be exploited by potential threat actors. pwnPr3d is a novel modelling approach that performs automated architectural analysis with the objective of measuring the cyber security of the modeled architecture. Its integrated modelling language allows users to model software and hardware components with great level o...

  6. Utilities in UNIX; Programas de Utilidad UNIX

    Energy Technology Data Exchange (ETDEWEB)

    Perez, L

    2002-07-01

    This manual goes to the users with some or much experience in the unix operating system. In such manner that they can get more efficiency using the unix of the most vendors. Include the majority of UNIX commands, shell built-in functions to create scripts, and a brief explication of the variables in several environments. In addition, other products are included, more and more integrated in the most of the unix operating systems. For example; the scanning and processing language awk, the print server LPRng, GNU utilities, batch subsystem, etc. The manual was initially based in an specific unix. But it had been written for use of the most unix that exist: Tru64 unix, aix, iris, hpux, solaris y linux. In this way, many examples in the chapter had been included. The purpose of this manual is to provide an UNIX reference for advanced users in any of the unix operating systems family. (Author)

  7. Utilities in UNIX

    International Nuclear Information System (INIS)

    Perez, L.

    2002-01-01

    This manual goes to the users with some or much experience in the unix operating system. In such manner that they can get more efficiency using the unix of the most vendors. Include the majority of UNIX commands, shell built-in functions to create scripts, and a brief explication of the variables in several environments. In addition, other products are included, more and more integrated in the most of the unix operating systems. For example: the scanning and processing language awk, the print server LPRng, GNU Utilities, batch subsystem, etc. The manual was initially based in an specific unix. But it and been written for use of the most unix that exist: Tru64 unix, aix, iris, hpux. solaris y linux. In this way, many examples in the chapter had been included. The purpose of this manual is to provide an UNIX reference for advanced users in any of the unix operating systems family. (Author)

  8. Fermi UNIX trademark environment

    International Nuclear Information System (INIS)

    Nicholls, J.

    1991-03-01

    The introduction of UNIX at Fermilab involves multiple platforms and multiple vendors. Additionally, a single user may have to use more than one platform. This heterogeneity and multiplicity makes it necessary to define a Fermilab environment for UNIX so that as much as possible the systems ''look and feel'' the same. We describe our environment, including both the commercial products and the local tools used to support it. Other products designed for the UNIX environment are also described. 19 refs

  9. A unix configuration engine

    International Nuclear Information System (INIS)

    Burgess, M.

    1994-06-01

    A high level description language is presented for the purpose of automatically configuring large heterogeneous networked unix environments, based on class-oriented abstractions. The configuration engine is portable and easily extensible

  10. UNIX by examples

    International Nuclear Information System (INIS)

    Nee, F.

    1990-10-01

    This report discusses the following topics on UNIX basis programming: file structure; frequently used commands/utilities; control structures used in shell script; c-shell programming; and bourne shell programming

  11. Unix Application Migration Guide

    CERN Document Server

    Microsoft. Redmond

    2003-01-01

    Drawing on the experience of Microsoft consultants working in the field, as well as external organizations that have migrated from UNIX to Microsoft® Windows®, this guide offers practical, prescriptive guidance on the issues you are likely to face when porting existing UNIX applications to the Windows operating system environment. Senior IT decision makers, network managers, and operations managers will get real-world guidance and best practices on planning and implementation issues to understand the different methods through which migration or co-existence can be accomplished. Also detailing

  12. Unix Domain Sockets Applied in Android Malware Should Not Be Ignored

    Directory of Open Access Journals (Sweden)

    Xu Jiang

    2018-03-01

    Full Text Available Increasingly, malicious Android apps use various methods to steal private user data without their knowledge. Detecting the leakage of private data is the focus of mobile information security. An initial investigation found that none of the existing security analysis systems can track the flow of information through Unix domain sockets to detect the leakage of private data through such sockets, which can result in zero-day exploits in the information security field. In this paper, we conduct the first systematic study on Unix domain sockets as applied in Android apps. Then, we identify scenarios in which such apps can leak private data through Unix domain sockets, which the existing dynamic taint analysis systems do not catch. Based on these insights, we propose and implement JDroid, a taint analysis system that can track information flows through Unix domain sockets effectively to detect such privacy leaks.

  13. Mac OS X for Unix Geeks (Leopard)

    CERN Document Server

    Rothman, Ernest E; Rosen, Rich

    2009-01-01

    If you've been lured to Mac OS X because of its Unix roots, this invaluable book serves as a bridge between Apple's Darwin OS and the more traditional Unix systems. The new edition offers a complete tour of Mac OS X's Unix shell for Leopard and Tiger, and helps you find the facilities that replace or correspond to standard Unix utilities. Learn how to compile code, link to libraries, and port Unix software to Mac OS X and much more with this concise guide.

  14. Mac OS X Tiger for Unix Geeks

    CERN Document Server

    Jepson, Brian

    2005-01-01

    If you're one of the many Unix developers drawn to Mac OS X for its Unix core, you'll find yourself in surprisingly unfamiliar territory. Unix and Mac OS X are kissing cousins, but there are enough pitfalls and minefields in going from one to another that even a Unix guru can stumble, and most guides to Mac OS X are written for Mac aficionados. For a Unix developer, approaching Tiger from the Mac side is a bit like learning Russian by reading the Russian side of a Russian-English dictionary. Fortunately, O'Reilly has been the Unix authority for over 25 years, and in Mac OS X Tiger for Unix Gee

  15. UNIX code management and distribution

    International Nuclear Information System (INIS)

    Hung, T.; Kunz, P.F.

    1992-09-01

    We describe a code management and distribution system based on tools freely available for the UNIX systems. At the master site, version control is managed with CVS, which is a layer on top of RCS, and distribution is done via NFS mounted file systems. At remote sites, small modifications to CVS provide for interactive transactions with the CVS system at the master site such that remote developers are true peers in the code development process

  16. Multimedia Synchronization and UNIX-or-If Multimedia Support is the Problem, Is UNIX the Solution?

    NARCIS (Netherlands)

    D.C.A. Bulterman (Dick); G. van Rossum (Guido); D.T. Winter (Dik)

    1991-01-01

    htmlabstractThis paper considers the role of UNIX in supporting multimedia applications. In particular, we consider the ability of the UNIX operating system (in general) and the UNIX I/O system (in particular) to support the synchronization of a number of high-bandwidth data sets that must be

  17. Protection against hostile algorithms in UNIX software

    Science.gov (United States)

    Radatti, Peter V.

    1996-03-01

    Protection against hostile algorithms contained in Unix software is a growing concern without easy answers. Traditional methods used against similar attacks in other operating system environments such as MS-DOS or Macintosh are insufficient in the more complex environment provided by Unix. Additionally, Unix provides a special and significant problem in this regard due to its open and heterogeneous nature. These problems are expected to become both more common and pronounced as 32 bit multiprocess network operating systems become popular. Therefore, the problems experienced today are a good indicator of the problems and the solutions that will be experienced in the future, no matter which operating system becomes predominate.

  18. Learning Unix for Mac OS X Tiger Unlock the Power of Unix

    CERN Document Server

    Taylor, Dave

    2005-01-01

    Thoroughly revised and updated for Mac OS X Tiger, this new edition introduces Mac users to the Terminal application and shows you how to navigate the command interface, explore hundreds of Unix applications that come with the Mac, and, most importantly, how to take advantage of both the Mac and Unix interfaces. If you want to master the command-line, this gentle guide to using Unix on Mac OS X Tiger is well worth its cover price

  19. CERN's common Unix and X terminal environment

    International Nuclear Information System (INIS)

    Cass, Tony

    1996-01-01

    The Desktop Infrastructure Group of CERN's Computing and Networks Division has developed a Common Unix and X Terminal Environment to case the migration to Unix based Interactive Computing. The CUTE architecture relies on a distributed flesystem - currently Transarc's AFS - to enable essentially interchangeable client workstation to access both home directory and program files transparently. Additionally, we provide a suite of programs to configure workstations for CUTE and to ensure continued compatibility. This paper describes the different components and the development of the CUTE architecture. (author)

  20. Python for Unix and Linux system administration

    CERN Document Server

    Gift, Noah

    2007-01-01

    Python is an ideal language for solving problems, especially in Linux and Unix networks. With this pragmatic book, administrators can review various tasks that often occur in the management of these systems, and learn how Python can provide a more efficient and less painful way to handle them. Each chapter in Python for Unix and Linux System Administration presents a particular administrative issue, such as concurrency or data backup, and presents Python solutions through hands-on examples. Once you finish this book, you'll be able to develop your own set of command-line utilities with Pytho

  1. The Fermi Unix Environment - Dealing with Adolescence

    Science.gov (United States)

    Pordes, Ruth; Nicholls, Judy; Wicks, Matt

    Fermilab's Computing Division started early in the definition implemention and promulgation of a common environment for Users across the Laboratory's UNIX platforms and installations. Based on our experience over nearly five years, we discuss the status of the effort ongoing developments and needs, some analysis of where we could have done better, and identify future directions to allow us to provide better and more complete service to our customers. In particular, with the power of the new PCs making enthusiastic converts of physicists to the pc world, we are faced with the challenge of expanding the paradigm to non-UNIX platforms in a uniform and consistent way.

  2. Script-viruses Attacks on UNIX OS

    Directory of Open Access Journals (Sweden)

    D. M. Mikhaylov

    2010-06-01

    Full Text Available In this article attacks on UNIX OS are considered. Currently antivirus developers are concentrated on protecting systems from viruses that are most common and attack popular operating systems. If the system or its components are not often attacked then the antivirus products are not protecting these components as it is not profitable. The same situation is with script-viruses for UNIX OS as most experts consider that it is impossible for such viruses to get enough rights to attack. Nevertheless the main conclusion of this article is the fact that such viruses can be very powerful and can attack systems and get enough rights.

  3. UNIX at high energy physics Laboratories

    Energy Technology Data Exchange (ETDEWEB)

    Silverman, Alan

    1994-03-15

    With more and more high energy physics Laboratories ''downsizing'' from large central proprietary mainframe computers towards distributed networks, usually involving UNIX operating systems, the need was expressed at the 1991 Computers in HEP (CHEP) Conference to create a group to consider the implications of this trend and perhaps work towards some common solutions to ease the transition for HEP users worldwide.

  4. UNIX at high energy physics Laboratories

    International Nuclear Information System (INIS)

    Silverman, Alan

    1994-01-01

    With more and more high energy physics Laboratories ''downsizing'' from large central proprietary mainframe computers towards distributed networks, usually involving UNIX operating systems, the need was expressed at the 1991 Computers in HEP (CHEP) Conference to create a group to consider the implications of this trend and perhaps work towards some common solutions to ease the transition for HEP users worldwide

  5. Development of a UNIX network compatible reactivity computer

    International Nuclear Information System (INIS)

    Sanchez, R.F.; Edwards, R.M.

    1996-01-01

    A state-of-the-art UNIX network compatible controller and UNIX host workstation with MATLAB/SIMULINK software were used to develop, implement, and validate a digital reactivity calculation. An objective of the development was to determine why a Macintosh-based reactivity computer reactivity output drifted intolerably

  6. Use of UNIX in large online processor farms

    Science.gov (United States)

    Biel, Joseph R.

    1990-08-01

    There has been a recent rapid increase in the power of RISC computers running the UNIX operating system. Fermilab has begun to make use of these computers in the next generation of offline computer farms. It is also planning to use such computers in online computer farms. Issues involved in constructing online UNIX farms are discussed.

  7. Evaluation of Unix-Based Integrated Office Automation Products.

    Science.gov (United States)

    1994-04-01

    recipient preferences of networked UNIX users. An e-mail directory contains the preferred applications (e.g., FrameMaker , Excel) for each user, and e...Future Not Available (B) FrameMaker (UNIX) E-Optional I/E-Standard Future* (B) Interleaf (UNIX) I/E-Optional I/E-Standard Future* (B) IslandWrite Not...Optional Future Not Available DXF I-Optional Future Not Available (B) EPSI I-Standard Not Available Future (B) FrameMaker (MIF) E-Optional I/E-Standard Not

  8. Work with Apple's Rhapsody Operating System which Allows Simultaneous UNIX Program Development, UNIX Program Execution, and PC Application Execution

    OpenAIRE

    Summers, Don; Riley, Chris; Cremaldi, Lucien; Sanders, David

    2001-01-01

    Over the past decade, UNIX workstations have provided a very powerful program development environment. However, workstations are more expensive than PCs and Macintoshes and require a system manager for day-to-day tasks such as disk backup, adding users, and setting up print queues. Native commercial software for system maintenance and "PC applications" has been lacking under UNIX. Apple's new Rhapsody operating system puts the current MacOS on a NeXT UNIX foundation and adds an enhanced NeXTS...

  9. A UNIX device driver for a Translink II Transputer board

    International Nuclear Information System (INIS)

    Wiley, J.C.

    1991-01-01

    A UNIX device driver for a TransLink II Transputer board is described. A complete listing of the code is presented. The device driver allows a transputer array to be used with the A/UX operating system

  10. Introduction of the UNIX International Performance Management Work Group

    Science.gov (United States)

    Newman, Henry

    1993-01-01

    In this paper we presented the planned direction of the UNIX International Performance Management Work Group. This group consists of concerned system developers and users who have organized to synthesize recommendations for standard UNIX performance management subsystem interfaces and architectures. The purpose of these recommendations is to provide a core set of performance management functions and these functions can be used to build tools by hardware system developers, vertical application software developers, and performance application software developers.

  11. UNIX-based operating systems robustness evaluation

    Science.gov (United States)

    Chang, Yu-Ming

    1996-01-01

    Robust operating systems are required for reliable computing. Techniques for robustness evaluation of operating systems not only enhance the understanding of the reliability of computer systems, but also provide valuable feed- back to system designers. This thesis presents results from robustness evaluation experiments on five UNIX-based operating systems, which include Digital Equipment's OSF/l, Hewlett Packard's HP-UX, Sun Microsystems' Solaris and SunOS, and Silicon Graphics' IRIX. Three sets of experiments were performed. The methodology for evaluation tested (1) the exception handling mechanism, (2) system resource management, and (3) system capacity under high workload stress. An exception generator was used to evaluate the exception handling mechanism of the operating systems. Results included exit status of the exception generator and the system state. Resource management techniques used by individual operating systems were tested using programs designed to usurp system resources such as physical memory and process slots. Finally, the workload stress testing evaluated the effect of the workload on system performance by running a synthetic workload and recording the response time of local and remote user requests. Moderate to severe performance degradations were observed on the systems under stress.

  12. FEAT - FAILURE ENVIRONMENT ANALYSIS TOOL (UNIX VERSION)

    Science.gov (United States)

    Pack, G.

    1994-01-01

    saved as a library file which represents a generic digraph structure for a class of components. The Generate Model feature can then use library files to generate digraphs for every component listed in the modeling tables, and these individual digraph files can be used in a variety of ways to speed generation of complete digraph models. FEAT contains a preprocessor which performs transitive closure on the digraph. This multi-step algorithm builds a series of phantom bridges, or gates, that allow accurate bi-directional processing of digraphs. This preprocessing can be time-consuming, but once preprocessing is complete, queries can be answered and displayed within seconds. A UNIX X-Windows port of version 3.5 of FEAT, XFEAT, is also available to speed the processing of digraph models created on the Macintosh. FEAT v3.6, which is only available for the Macintosh, has some report generation capabilities which are not available in XFEAT. For very large integrated systems, FEAT can be a real cost saver in terms of design evaluation, training, and knowledge capture. The capability of loading multiple digraphs and schematics into FEAT allows modelers to build smaller, more focused digraphs. Typically, each digraph file will represent only a portion of a larger failure scenario. FEAT will combine these files and digraphs from other modelers to form a continuous mathematical model of the system's failure logic. Since multiple digraphs can be cumbersome to use, FEAT ties propagation results to schematic drawings produced using MacDraw II (v1.1v2 or later) or MacDraw Pro. This makes it easier to identify single and double point failures that may have to cross several system boundaries and multiple engineering disciplines before creating a hazardous condition. FEAT v3.6 for the Macintosh is written in C-language using Macintosh Programmer's Workshop C v3.2. It requires at least a Mac II series computer running System 7 or System 6.0.8 and 32 Bit QuickDraw. It also requires a math

  13. DB2 9 for Linux, Unix, and Windows database administration certification study guide

    CERN Document Server

    Sanders, Roger E

    2007-01-01

    In DB2 9 for Linux, UNIX, and Windows Database Administration Certification Study Guide, Roger E. Sanders-one of the world's leading DB2 authors and an active participant in the development of IBM's DB2 certification exams-covers everything a reader needs to know to pass the DB2 9 UDB DBA Certification Test (731).This comprehensive study guide steps you through all of the topics that are covered on the test, including server management, data placement, database access, analyzing DB2 activity, DB2 utilities, high availability, security, and much more. Each chapter contains an extensive set of p

  14. SPAM- SPECTRAL ANALYSIS MANAGER (UNIX VERSION)

    Science.gov (United States)

    Solomon, J. E.

    1994-01-01

    machine environments. There is a DEC VAX/VMS version with a central memory requirement of approximately 242K of 8 bit bytes and a machine independent UNIX 4.2 version. The display device currently supported is the Raster Technologies display processor. Other 512 x 512 resolution color display devices, such as De Anza, may be added with minor code modifications. This program was developed in 1986.

  15. Real-time UNIX in HEP data acquisition

    International Nuclear Information System (INIS)

    Buono, S.; Gaponenko, I.; Jones, R.; Mapelli, L.; Mornacchi, G.; Prigent, D.; Sanchez-Corral, E.; Skiadelli, M.; Toppers, A.; Duval, P.Y.; Ferrato, D.; Le Van Suu, A.; Qian, Z.; Rondot, C.; Ambrosini, G.; Fumagalli, G.; Aguer, M.; Huet, M.

    1994-01-01

    Today's experimentation in high energy physics is characterized by an increasing need for sensitivity to rare phenomena and complex physics signatures, which require the use of huge and sophisticated detectors and consequently a high performance readout and data acquisition. Multi-level triggering, hierarchical data collection and an always increasing amount of processing power, distributed throughout the data acquisition layers, will impose a number of features on the software environment, especially the need for a high level of standardization. Real-time UNIX seems, today, the best solution for the platform independence, operating system interface standards and real-time features necessary for data acquisition in HEP experiments. We present the results of the evaluation, in a realistic application environment, of a Real-Time UNIX operating system: the EP/LX real-time UNIX system. ((orig.))

  16. Real-time on a standard UNIX workstation?

    International Nuclear Information System (INIS)

    Glanzman, T.

    1992-09-01

    This is a report of an ongoing R ampersand D project which is investigating the use of standard UNIX workstations for the real-time data acquisition from a major new experimental initiative, the SLAC B Factory (PEP II). For this work an IBM RS/6000 workstation running the AIX operating system is used. Real-time extensions to the UNIX operating system are explored and performance measured. These extensions comprise a set of AIX-specific and POSIX-compliant system services. Benchmark comparisons are made with embedded processor technologies. Results are presented for a simple prototype on-line system for laboratory-testing of a new prototype drift chamber

  17. Unix version of CALOR89 for calorimeter applications

    International Nuclear Information System (INIS)

    Handler, T.

    1992-01-01

    CALOR89 is a system of coupled Monte Carlo particle transport computer codes which has been successfully employed for the estimation of calorimeter parameters in High Energy Physics. In the past CALOR89 has been running on various IBM machines and on CRAY X-MP at Lawrence Livermore Lab. These machines had non-unix operating systems. In this report we present a UNIX version of CALOR89, which is especially suited for the UNIX work stations. Moreover CALOR89 is also been supplemented with two new program packages which makes it more user friendly. CALPREP is a program for the preparation of the input files for CALOR89 in general geometry and ANALYZ is an analysis package to extract the final results from CALOR89 relevant to calorimeters. This report also provides two script files LCALOR and PCALOR. LCALOR runs CALOR89 sequences of programs and EGS4 for a given configuration sequentially on a single processor and PCALOR concurrently on a multiprocessor unix workstation

  18. The UNIX/XENIX Advantage: Applications in Libraries.

    Science.gov (United States)

    Gordon, Kelly L.

    1988-01-01

    Discusses the application of the UNIX/XENIX operating system to support administrative office automation functions--word processing, spreadsheets, database management systems, electronic mail, and communications--at the Central Michigan University Libraries. Advantages and disadvantages of the XENIX operating system and system configuration are…

  19. UNIX and Linux system administration handbook

    CERN Document Server

    Nemeth, Evi; Hein, Trent R; Whaley, Ben; Mackin, Dan; Garnett, James; Branca, Fabrizio; Mouat, Adrian

    2018-01-01

    Now fully updated for today’s Linux distributions and cloud environments, it details best practices for every facet of system administration, including storage management, network design and administration, web hosting and scale-out, automation, configuration management, performance analysis, virtualization, DNS, security, management of IT service organizations, and much more. For modern system and network administrators, this edition contains indispensable new coverage of cloud deployments, continuous delivery, Docker and other containerization solutions, and much more.

  20. Internet security information system implement method

    International Nuclear Information System (INIS)

    Liu Baoxu; Mei Jie; Xu Rongsheng; An Dehai; Yu Mingjian; Chen Xiangyang; Zheng Peng

    1999-01-01

    On the basis of analysis of the key elements that will affect the Internet Security Information System, the author takes UNIX Operating System as an example, and provides the important stages that must be considered when implementing the Internet Security Information System. An implemental model of the Internet Security Information System is given

  1. DB2 9 for Linux, Unix, and Windows database administration upgrade certification study guide

    CERN Document Server

    Sanders, Roger E

    2007-01-01

    Written by one of the world's leading DB2 authors who is an active participant in the development of the DB2 certification exams, this resource covers everything a database adminstrator needs to know to pass the DB2 9 for Linux, UNIX, and Windows Database Administration Certification Upgrade exam (Exam 736). This comprehensive study guide discusses all exam topics: server management, data placement, XML concepts, analyzing activity, high availability, database security, and much more. Each chapter contains an extensive set of practice questions along with carefully explained answers. Both information-technology professionals who have experience as database administrators and have a current DBA certification on version 8 of DB2 and individuals who would like to learn the new features of DB2 9 will benefit from the information in this reference guide.

  2. ADAM (Affordable Desktop Application Manager): a Unix desktop application manager

    International Nuclear Information System (INIS)

    Liebana, M.; Marquina, M.; Ramos, R.

    1996-01-01

    ADAM stands for Affordable Desktop Application Manager. It is a GUI developed at CERN with the aim to ease access to applications. The motivation to develop ADAM came from the unavailability of environments like COSE/CDE and their heavy resource consumption. ADAM has proven to be user friendly: new users are able to customize it to their needs in few minutes. Groups of users may share through ADAM a common application environment. ADAM also integrates the Unix and the PC world. PC users can excess Unix applications in the same way as their usual Windows applications. This paper describes all the ADAM features, how they are used at CERN Public Services, and the future plans for ADAM. (author)

  3. HUMPF [Heterogeneous Unix Montecarlo Production Facility] users guide

    International Nuclear Information System (INIS)

    Cahill, P.; Edgecock, R.; Fisher, S.M.; Gee, C.N.P.; Gordon, J.C.; Kidd, T.; Leake, J.; Rigby, D.J.; Roberts, J.H.C.

    1992-11-01

    The Heterogenous Unix Monte Carlo Production Facility (HUMPF) simplifies the running of particle physics simulation programs on Unix workstations. Monte Carlo is the largest consumer of IBM (CPU) capacity within the Atlas centre at Rutherford Appleton Laboratory (RAL). It is likely that the future computing requirements of the LEP and HERA experiments cannot be satisfied by the IBM 3090 system. HUMPF adds extra capacity, and can be expanded with minimal effort. Monte Carlo programs are CPU-bound, and make little use of the vector or the input/output capacity of the IBM 3090. Such programs are therefore excellent candidates to use the spare capacity of powerful workstations. The main data storage is still handled centrally by the IBM 3090 and its peripherals. The HUMPF facility is suitable for any program with a similar profile. (author)

  4. A small Unix-based data acquisition system

    International Nuclear Information System (INIS)

    Engberg, D.; Glanzman, T.

    1993-06-01

    The proposed SLAC B Factory detector plans to use Unix-based machines for all aspects of computing, including real-time data acquisition and experimental control. An R ampersand D program has been established to investigate the use of Unix in the various aspects of experimental computation. Earlier R ampersand D work investigated the basic real-time aspects of the IBM RS/6000 workstation running AIX. The next step in this R ampersand D is the construction of prototype data acquisition system which attempts to exercise many of the features needed in the final on-line system in a realistic situation. For this project, we have combined efforts with a team studying the use of novel cell designs and gas mixtures in a new prototype drift chamber

  5. UNIX-a solution to the compatibility problem

    International Nuclear Information System (INIS)

    Gulbranson, R.L.

    1983-01-01

    The UNIX operating system (TM Bell Laboratories) has achieved a high degree of popularity in recent years. It is rapidly becoming a defacto standard as the operating system for 16 and 32 bit microcomputers. The adoption of this operating system by the physics community offers several substantial advantages; a portable software environment (editors, file system, etc.), freedom to choose among a variety of higher-level languages for software applications, and computer hardware vendor independence

  6. Montecarlo Simulations for a Lep Experiment with Unix Workstation Clusters

    Science.gov (United States)

    Bonesini, M.; Calegari, A.; Rossi, P.; Rossi, V.

    Modular systems of RISC CPU based computers have been implemented for large productions of Montecarlo simulated events for the DELPHI experiment at CERN. From a pilot system based on DEC 5000 CPU’s, a full size system based on a CONVEX C3820 UNIX supercomputer and a cluster of HP 735 workstations has been put into operation as a joint effort between INFN Milano and CILEA.

  7. gLExec: gluing grid computing to the Unix world

    Science.gov (United States)

    Groep, D.; Koeroo, O.; Venekamp, G.

    2008-07-01

    The majority of compute resources in todays scientific grids are based on Unix and Unix-like operating systems. In this world, user and user-group management are based around the concepts of a numeric 'user ID' and 'group ID' that are local to the resource. In contrast, grid concepts of user and group management are centered around globally assigned identifiers and VO membership, structures that are independent of any specific resource. At the fabric boundary, these 'grid identities' have to be translated to Unix user IDs. New job submission methodologies, such as job-execution web services, community-deployed local schedulers, and the late binding of user jobs in a grid-wide overlay network of 'pilot jobs', push this fabric boundary ever further down into the resource. gLExec, a light-weight (and thereby auditable) credential mapping and authorization system, addresses these issues. It can be run both on fabric boundary, as part of an execution web service, and on the worker node in a late-binding scenario. In this contribution we describe the rationale for gLExec, how it interacts with the site authorization and credential mapping frameworks such as LCAS, LCMAPS and GUMS, and how it can be used to improve site control and traceability in a pilot-job system.

  8. gLExec: gluing grid computing to the Unix world

    International Nuclear Information System (INIS)

    Groep, D; Koeroo, O; Venekamp, G

    2008-01-01

    The majority of compute resources in todays scientific grids are based on Unix and Unix-like operating systems. In this world, user and user-group management are based around the concepts of a numeric 'user ID' and 'group ID' that are local to the resource. In contrast, grid concepts of user and group management are centered around globally assigned identifiers and VO membership, structures that are independent of any specific resource. At the fabric boundary, these 'grid identities' have to be translated to Unix user IDs. New job submission methodologies, such as job-execution web services, community-deployed local schedulers, and the late binding of user jobs in a grid-wide overlay network of 'pilot jobs', push this fabric boundary ever further down into the resource. gLExec, a light-weight (and thereby auditable) credential mapping and authorization system, addresses these issues. It can be run both on fabric boundary, as part of an execution web service, and on the worker node in a late-binding scenario. In this contribution we describe the rationale for gLExec, how it interacts with the site authorization and credential mapping frameworks such as LCAS, LCMAPS and GUMS, and how it can be used to improve site control and traceability in a pilot-job system

  9. Doing accelerator physics using SDDS, UNIX, and EPICS

    International Nuclear Information System (INIS)

    Borland, M.; Emery, L.; Sereno, N.

    1995-01-01

    The use of the SDDS (Self-Describing Data Sets) file protocol, together with the UNIX operating system and EPICS (Experimental Physics and Industrial Controls System), has proved powerful during the commissioning of the APS (Advanced Photon Source) accelerator complex. The SDDS file protocol has permitted a tool-oriented approach to developing applications, wherein generic programs axe written that function as part of multiple applications. While EPICS-specific tools were written for data collection, automated experiment execution, closed-loop control, and so forth, data processing and display axe done with the SDDS Toolkit. Experiments and data reduction axe implemented as UNIX shell scripts that coordinate the execution of EPICS specific tools and SDDS tools. Because of the power and generic nature of the individual tools and of the UNIX shell environment, automated experiments can be prepared and executed rapidly in response to unanticipated needs or new ideas. Examples are given of application of this methodology to beam motion characterization, beam-position-monitor offset measurements, and klystron characterization

  10. The hybrid UNIX controller for real-time data acquisition

    International Nuclear Information System (INIS)

    Huesman, R.H.; Klein, G.J.; Fleming, T.K.

    1996-01-01

    The authors describe a hybrid data acquisition architecture integrating a conventional UNIX workstation with CAMAC-based real-time hardware. The system combines the high-level programming simplicity and user interface of a UNIX workstation with the low-level timing control available from conventional real-time hardware. They detail this architecture as it has been implemented for control of the Donner 600-Crystal Positron Tomograph (PET600). Low-level data acquisition is carried out in this system using eight LeCroy 3588 histogrammers, which together after derandomization, acquire events at rates up to 4 MHz, and two dedicated Motorola 6809 microprocessors, which arbitrate fine timing control during acquisition. A SUN Microsystems UNIX workstation is used for high-level control, allowing an easily extensible user interface in an X-Windows environment, as well as real-time communications to the low-level acquisition units. Communication between the high- and low-level units is carried out via a Jorway 73A SCSI-CAMAC crate controller and a serial interface. For this application, the hybrid configuration segments low from high-level control for ease of maintenance and provided a low-cost upgrade from dated high-level control hardware

  11. MULTITASKER, Multitasking Kernel for C and FORTRAN Under UNIX

    International Nuclear Information System (INIS)

    Brooks, E.D. III

    1988-01-01

    1 - Description of program or function: MULTITASKER implements a multitasking kernel for the C and FORTRAN programming languages that runs under UNIX. The kernel provides a multitasking environment which serves two purposes. The first is to provide an efficient portable environment for the development, debugging, and execution of production multiprocessor programs. The second is to provide a means of evaluating the performance of a multitasking program on model multiprocessor hardware. The performance evaluation features require no changes in the application program source and are implemented as a set of compile- and run-time options in the kernel. 2 - Method of solution: The FORTRAN interface to the kernel is identical in function to the CRI multitasking package provided for the Cray XMP. This provides a migration path to high speed (but small N) multiprocessors once the application has been coded and debugged. With use of the UNIX m4 macro preprocessor, source compatibility can be achieved between the UNIX code development system and the target Cray multiprocessor. The kernel also provides a means of evaluating a program's performance on model multiprocessors. Execution traces may be obtained which allow the user to determine kernel overhead, memory conflicts between various tasks, and the average concurrency being exploited. The kernel may also be made to switch tasks every cpu instruction with a random execution ordering. This allows the user to look for unprotected critical regions in the program. These features, implemented as a set of compile- and run-time options, cause extra execution overhead which is not present in the standard production version of the kernel

  12. Interfacing ANSYS to user's programs using UNIX shell program

    Energy Technology Data Exchange (ETDEWEB)

    Kim, In Yong; Kim, Beom Shig [Korea Atomic Energy Research Institute, Taejon (Korea, Republic of)

    1994-01-01

    It has been considered to be impossible to interface the ANSYS, which is the commercial finite element code and whose program is not open to public, to the other user's program. When the analysis need to be iterated, the user should wait until the analysis is finished and read the ANSYS result to make the input data for every iteration. In this report the direct interfacing techniques between the ANSYS and the other program using UNIX shell programming are proposed. The detail program lists and the application example are also provided. (Author) 19 refs., 6 figs., 7 tabs.

  13. GEMPAK 5.1 - A GENERAL METEOROLOGICAL PACKAGE (UNIX VERSION)

    Science.gov (United States)

    Desjardins, M. L.

    1994-01-01

    GEMPAK is a general meteorological software package developed at NASA/Goddard Space Flight Center. It includes programs to analyze and display surface, upper-air, and gridded data, including model output. There are very general programs to list, edit, and plot data on maps, to display profiles and time series, to draw and fill contours, to draw streamlines, to plot symbols for clouds, sky cover, and pressure tendency, and draw cross sections in the case of gridded data and sounding data. In addition, there are Barnes objective analysis programs to grid surface and upper-air data. The programs include the capabilities to derive meteorological parameters from those found in the dataset, to perform vertical interpolations of sounding data to different coordinate systems, and to compute an extensive set of gridded diagnostic quantities by specifying various nested combinations of scalars and vector arithmetic, algebraic, and differential operators. The GEMPAK 5.1 graphics/transformation subsystem, GEMPLT, provides device-independent graphics. GEMPLT also has the capability to display output in a variety of map projections or overlaid on satellite imagery. GEMPAK 5.1 is written in FORTRAN 77 and C-language and has been implemented on VAX computers under VMS and on computers running the UNIX operating system. During installation and normal use, this package occupies approximately 100Mb of hard disk space. The UNIX version of GEMPAK includes drivers for several graphic output systems including MIT's X Window System (X11,R4), Sun GKS, PostScript (color and monochrome), Silicon Graphics, and others. The VMS version of GEMPAK also includes drivers for several graphic output systems including PostScript (color and monochrome). The VMS version is delivered with the object code for the Transportable Applications Environment (TAE) program, version 4.1 which serves as a user interface. A color monitor is recommended for displaying maps on video display devices. Data for rendering

  14. Web Security, Privacy & Commerce

    CERN Document Server

    Garfinkel, Simson

    2011-01-01

    Since the first edition of this classic reference was published, World Wide Web use has exploded and e-commerce has become a daily part of business and personal life. As Web use has grown, so have the threats to our security and privacy--from credit card fraud to routine invasions of privacy by marketers to web site defacements to attacks that shut down popular web sites. Web Security, Privacy & Commerce goes behind the headlines, examines the major security risks facing us today, and explains how we can minimize them. It describes risks for Windows and Unix, Microsoft Internet Exp

  15. Understanding Unix/Linux programming a guide to theory and practice

    CERN Document Server

    Molay, Bruce

    2003-01-01

    This book explains in a clear and coherent manner how Unix works, how to understand existing Unix programs, and how to design and create new Unix programs. The book is organized by subsystem, each presented in visual terms and explained using vivid metaphors. It breaks the information into manageable parts that can be presented, explained, and mastered. By using case studies and an extremely reader-friendly manner to illustrate complex ideas and concepts, the book covers the basics of systems programming, users, files and manuals, how to read a directory, using 1S, writing PWD, studying STTY, writing a video game, studying SH, environment and shell variables, I/O redirection and pipes, servers and sockets, writing a web server, license servers, and concurrent functions. For Unix system administrators and programmers, network programmers, and others who have used other operating systems and need to learn Unix programming to expand their skill sets.

  16. The transition of GTDS to the Unix workstation environment

    Science.gov (United States)

    Carter, D.; Metzinger, R.; Proulx, R.; Cefola, P.

    1995-01-01

    Future Flight Dynamics systems should take advantage of the possibilities provided by current and future generations of low-cost, high performance workstation computing environments with Graphical User Interface. The port of the existing mainframe Flight Dynamics systems to the workstation environment offers an economic approach for combining the tremendous engineering heritage that has been encapsulated in these systems with the advantages of the new computing environments. This paper will describe the successful transition of the Draper Laboratory R&D version of GTDS (Goddard Trajectory Determination System) from the IBM Mainframe to the Unix workstation environment. The approach will be a mix of historical timeline notes, descriptions of the technical problems overcome, and descriptions of associated SQA (software quality assurance) issues.

  17. Implementation of a control system test environment in UNIX

    International Nuclear Information System (INIS)

    Brittain, C.R.; Otaduy, P.J.; Rovere, L.A.

    1990-01-01

    This paper discusses how UNIX features such as shared memory, remote procedure calls, and signalling have been used to implement a distributed computational environment ideal for the development and testing of digital control systems. The resulting environment -based on features commonly available in commercial workstations- is flexible, allows process simulation and controller development to proceed in parallel, and provides for testing and validation in a realistic environment. In addition, the use of shared memory to exchange data allows other tasks such as user interfaces and recorders to be added without affecting the process simulation or controllers. A library of functions is presented which provides a simple interface to using the features described. These functions can be used in either C or FORTRAN programs and have been tested on a network of Sun workstations and an ENCORE parallel computer. 6 refs., 2 figs

  18. FASTRAN II - FATIGUE CRACK GROWTH STRUCTURAL ANALYSIS (UNIX VERSION)

    Science.gov (United States)

    Newman, J. C.

    1994-01-01

    loads may be either tensile or compressive. Several standardized aircraft flight-load histories, such as TWIST, Mini-TWIST, FALSTAFF, Inverted FALSTAFF, Felix and Gaussian, are included as options. FASTRAN II also includes two other methods that will help the user input spectrum load histories. The two methods are: (1) a list of stress points, and (2) a flight-by-flight history of stress points. Examples are provided in the user manual. Developed as a research program, FASTRAN II has successfully predicted crack growth in many metallic materials under various aircraft spectrum loading. A computer program DKEFF which is a part of the FASTRAN II package was also developed to analyze crack growth rate data from laboratory specimens to obtain the effective stress-intensity factor against crack growth rate relations used in FASTRAN II. FASTRAN II is written in standard FORTRAN 77. It has been successfully compiled and implemented on Sun4 series computers running SunOS and on IBM PC compatibles running MS-DOS using the Lahey F77L FORTRAN compiler. Sample input and output data are included with the FASTRAN II package. The UNIX version requires 660K of RAM for execution. The standard distribution medium for the UNIX version (LAR-14865) is a .25 inch streaming magnetic tape cartridge in UNIX tar format. It is also available on a 3.5 inch diskette in UNIX tar format. The standard distribution medium for the MS-DOS version (LAR-14944) is a 5.25 inch 360K MS-DOS format diskette. The contents of the diskette are compressed using the PKWARE archiving tools. The utility to unarchive the files, PKUNZIP.EXE, is included. The program was developed in 1984 and revised in 1992. Sun4 and SunOS are trademarks of Sun Microsystems, Inc. IBM PC is a trademark of International Business Machines Corp. MS-DOS is a trademark of Microsoft, Inc. F77L is a trademark of the Lahey Computer Systems, Inc. UNIX is a registered trademark of AT&T Bell Laboratories. PKWARE and PKUNZIP are trademarks of PKWare

  19. INVITATION TO PERFORM Y2K TESTING UNDER UNIX

    CERN Multimedia

    CERN Y2K Co-ordinator

    1999-01-01

    IntroductionA special AFS cell Ôy2k.cern.chÕ has been established to allow service managers and users to test y2k compliance.In addition to AFS, the cluster consists of machines representing all the Unix flavours in use at CERN (AIX, DUNIX, HP-UX, IRIX, LINUX, and SOLARIS).More information can be obtained from the page: http://wwwinfo.cern.ch/pdp/bis/y2k/y2kplus.htmlTesting scheduleThe cluster will be set to 25 December 1999 on fixed days and then left running for three weeks. This gives people one week to prepare test programs in 1999 and two weeks to check the consequences of passing into year 2000. These fixed dates are set as follows:— 19 May 1999, date set to 25/12/99 (year 2000 starts on 26 May) — 9 June1999, date set to 25/12/99 (year 2000 starts on 16 June)— 30 June 1999, date set to 25/12/99 (year 2000 starts on 7 July)If more than these three sessions are needed an announcement will be made later. RegistrationThe following Web page should be used for r...

  20. A UNIX-based prototype biomedical virtual image processor

    International Nuclear Information System (INIS)

    Fahy, J.B.; Kim, Y.

    1987-01-01

    The authors have developed a multiprocess virtual image processor for the IBM PC/AT, in order to maximize image processing software portability for biomedical applications. An interprocess communication scheme, based on two-way metacode exchange, has been developed and verified for this purpose. Application programs call a device-independent image processing library, which transfers commands over a shared data bridge to one or more Autonomous Virtual Image Processors (AVIP). Each AVIP runs as a separate process in the UNIX operating system, and implements the device-independent functions on the image processor to which it corresponds. Application programs can control multiple image processors at a time, change the image processor configuration used at any time, and are completely portable among image processors for which an AVIP has been implemented. Run-time speeds have been found to be acceptable for higher level functions, although rather slow for lower level functions, owing to the overhead associated with sending commands and data over the shared data bridge

  1. From a UNIX to a PC Based SCADA System

    CERN Document Server

    Momal, F

    1999-01-01

    In order to facilitate the development of supervisory applications involved in slow process control (such as cryogenic control), the LHC/IAS Group (Equipment Controls Group) opted, a few years ago, for an industrial SCADA package which runs on UNIXÒ platforms. However, to reduce costs and following market trends, it has been decided to move over to a PC-based package. Several processes relating to the testing of the prototypes of the LHC magnets are already controlled in this way. However, it was still necessary to provide all the services previously available to the users, for example, data archiving in central databases, real-time access through the Web, automatic GSM calls, etc. This paper presents the advantages and drawbacks of a PC-based package versus a Unix-based system. It also lists the criteria used in the market survey to arrive at the final selection, as well as, the overall architecture, highlighting the developments needed to integrate the package into the global computing environment.

  2. The Newcastle connection: A software subsystem for constructing distributed UNIX systems

    International Nuclear Information System (INIS)

    Randell, B.

    1985-01-01

    The Newcastle connection is a software subsystem that can be added to each of a set of physically interconnected UNIX or UNIX look-alike systems, so as to construct a distributed system which is functionally indistinguishable at both the user and the program level from a conventional single-processor UNIX system. The techniques used are applicable to a variety and multiplicity of both local and wide area networks, and enable all issues of inter-processor communication, network protocols, etc., to be hidden. A brief account is given of experience with such distributed systems, the first of which was constructed in 1982 using a set of PDP11s running UNIX Version 7, and connected by a Cambridge Ring - since this date the Connection has been used to construct distributed systems based on various other computers and versions of UNIX, both at Newcastle and elsewhere. The final sections compare our scheme to various precursor schemes and discuss its potential relevance to other operating systems. (orig.)

  3. Implementation of the ALEPH detector simulation code using UNIX with on-line graphics display

    International Nuclear Information System (INIS)

    Corden, M.J.; Georgiopoulos, C.H.; Mermikides, M.E.; Streets, J.

    1989-01-01

    GALEPH, the detector simulation program of the ALEPH detector was ported to an ETA10 running under ATandT UNIX System 5. The program on the ETA10 can be driven using standard UNIX socket connections between the ETA and a Silicon Graphics Iris-3020 workstation. The simulated data on the ETA are transferred, using the machine independent binary format EPIO, and displayed on the workstation using a locally developed software package for the visualization of the ALEPH detector. The client (Iris-3020) can also pass parameters to the server (ETA10) and thus interactively change the type of events produced using the same socket connection. (orig.)

  4. UNIX trademark in high energy physics: What we can learn from the initial experiences at Fermilab

    International Nuclear Information System (INIS)

    Butler, J.N.

    1991-03-01

    The reasons why Fermilab decided to support the UNIX operating system are reviewed and placed in the content of an overall model for high energy physics data analysis. The strengths and deficiencies of the UNIX environment for high energy physics are discussed. Fermilab's early experience in dealing with a an ''open'' multivendor environment, both for computers and for peripherals, is described. The human resources required to fully exploit the opportunities are clearly growing. The possibility of keeping the development and support efforts within reasonable bounds may depend on our ability to collaborate or at least to share information even more effectively than we have in the past. 7 refs., 4 figs., 5 tabs

  5. Addressing the Digital Divide in Contemporary Biology: Lessons from Teaching UNIX.

    Science.gov (United States)

    Mangul, Serghei; Martin, Lana S; Hoffmann, Alexander; Pellegrini, Matteo; Eskin, Eleazar

    2017-10-01

    Life and medical science researchers increasingly rely on applications that lack a graphical interface. Scientists who are not trained in computer science face an enormous challenge analyzing high-throughput data. We present a training model for use of command-line tools when the learner has little to no prior knowledge of UNIX. Copyright © 2017 Elsevier Ltd. All rights reserved.

  6. Integrating UNIX workstation into existing online data acquisition systems for Fermilab experiments

    International Nuclear Information System (INIS)

    Oleynik, G.

    1991-03-01

    With the availability of cost effective computing prior from multiple vendors of UNIX workstations, experiments at Fermilab are adding such computers to their VMS based online data acquisition systems. In anticipation of this trend, we have extended the software products available in our widely used VAXONLINE and PANDA data acquisition software systems, to provide support for integrating these workstations into existing distributed online systems. The software packages we are providing pave the way for the smooth migration of applications from the current Data Acquisition Host and Monitoring computers running the VMS operating systems, to UNIX based computers of various flavors. We report on software for Online Event Distribution from VAXONLINE and PANDA, integration of Message Reporting Facilities, and a framework under UNIX for experiments to monitor and view the raw event data produced at any level in their DA system. We have developed software that allows host UNIX computers to communicate with intelligent front-end embedded read-out controllers and processor boards running the pSOS operating system. Both RS-232 and Ethernet control paths are supported. This enables calibration and hardware monitoring applications to be migrated to these platforms. 6 refs., 5 figs

  7. FORTRAN data files transference from VAX/VMS to ALPHA/UNIX; Traspaso de ficheros FORTRAN de datos de VAX/VMS a ALPHA/UNIX

    Energy Technology Data Exchange (ETDEWEB)

    Sanchez, E.; Milligen, B. Ph van [CIEMAT (Spain)

    1997-09-01

    Several tools have been developed to access the TJ-IU databases, which currently reside in VAX/VMS servers, from the TJ-II Data Acquisition System DEC ALPHA 8400 server. The TJ-I/TJ-IU databases are not homogeneous and contain several types of data files, namely, SADE, CAMAC and FORTRAN unformatted files. The tools presented in this report allow one to transfer CAMAC and those FORTRAN unformatted files defined herein, from a VAX/VMS server, for data manipulation on the ALPHA/Digital UNIX server. (Author)

  8. UNIX trademark in high energy physics: What we can learn from the initial experiences at Fermilab

    Energy Technology Data Exchange (ETDEWEB)

    Butler, J.N.

    1991-03-01

    The reasons why Fermilab decided to support the UNIX operating system are reviewed and placed in the content of an overall model for high energy physics data analysis. The strengths and deficiencies of the UNIX environment for high energy physics are discussed. Fermilab's early experience in dealing with a an open'' multivendor environment, both for computers and for peripherals, is described. The human resources required to fully exploit the opportunities are clearly growing. The possibility of keeping the development and support efforts within reasonable bounds may depend on our ability to collaborate or at least to share information even more effectively than we have in the past. 7 refs., 4 figs., 5 tabs.

  9. Access to CAMAC from VxWorks and UNIX in DART

    International Nuclear Information System (INIS)

    Streets, J.; Meadows, J.; Moore, C.

    1995-05-01

    As part of the DART Project the authors have developed a package of software for CAMAC access from UNIX and VxWorks platforms, with support for several hardware interfaces. They report on developments for the CES CBD8210 VME to parallel CAMAC, the Hytec VSD2992 VME to serial CAMAC and Jorway 411S SCSI to parallel and serial CAMAC branch drivers, and give a summary of the timings obtained

  10. San Onofre 2/3 simulator: The move from Unix to Windows

    International Nuclear Information System (INIS)

    Paquette, C.; Desouky, C.; Gagnon, V.

    2006-01-01

    CAE has been developing nuclear power plant (NPP) simulators for over 30 years for customers around the world. While numerous operating systems are used today for simulators, many of the existing simulators were developed to run on workstation-type computers using a variant of the Unix operating system. Today, thanks to the advances in the power and capabilities of Personal Computers (PC's), and because most simulators will eventually need to be upgraded, more and more of these RISC processor-based simulators will be converted to PC-based platforms running either the Windows or Linux operating systems. CAE's multi-platform simulation environment runs on the UNIX Linux and Windows operating systems, enabling simulators to be 'open' and highly interoperable systems using industry-standard software components and methods. The result is simulators that are easier to maintain and modify as reference plants evolve. In early January 2003, CAE set out to upgrade Southern California Edison's San Onofre Unit 2/3 UNIX-based simulator with its latest integrated simulation environment. This environment includes CAE's instructor station Isis, the latest ROSE modeling and runtime tool, as well as the deployment of a new reactor kinetics model (COMET) and new nuclear steam supply system (ANTHEM2000). The chosen simulation platform is PC-based and runs the Windows XP operating system. The main features and achievements of the San Onofre 2/3 Simulator's modernization from RISC/Unix to Intel/Windows XP, running CAE's current simulation environment, is the subject of this paper. (author)

  11. Migration of the UNIX Application for eFAST CANDU Nuclear Power Plant Analyzer

    International Nuclear Information System (INIS)

    Suh, Jae Seung; Sohn, Dae Seong; Kim, Sang Jae; Jeun, Gyoo Dong

    2006-01-01

    Since the mid 1980s, corporate data centers have been moving away from mainframes running dedicated operating systems to mini-computers, often using one or other of the myriad flavors of UNIX. At the same time, the users' experience of these systems has, in many cases, stayed the same, involving text-based interaction with dumb terminals or a terminal-emulation session on a Personal Computer. More recently, IT managers have questioned this approach, and have been looking at changes in the UNIX marketplace and the increasing expense of being tied in to single-vendor software and hardware solutions. The growth of Linux as a lightweight version of UNIX has fueled this interest, raising the number of organizations that are considering a migration to alternative platforms. The various implementations of the UNIX operating system have served industry well, as witnessed by the very large base both of installed systems and large-scale applications installed on those systems. However, there are increasing signs of dissatisfaction with expensive, often proprietary solutions and a growing sense that perhaps the concept of 'big iron' has had its day in the same way as it has for most of the mainframes of the type portrayed in 1970s science fiction films. One of the most extraordinary and unexpected successes of the Intel PC architecture is the extent to which this basic framework has been extended to encompass very large server and data center environments. Large-scale hosting companies are now offering enterprise level services to multiple client companies at availability levels of over 99.99 percent on what are simply racks of relatively cheap PCs. Technologies such as clustering, Network Load Balancing, and Component Load Balancing enable the personal computer to take on and match the levels of throughput, availability, and reliability of all but the most expensive 'big iron' solutions and the supercomputers

  12. Kali Linux assuring security by penetration testing

    CERN Document Server

    Ali, Shakeel; Allen, Lee

    2014-01-01

    Written as an interactive tutorial, this book covers the core of Kali Linux with real-world examples and step-by-step instructions to provide professional guidelines and recommendations for you. The book is designed in a simple and intuitive manner that allows you to explore the whole Kali Linux testing process or study parts of it individually.If you are an IT security professional who has a basic knowledge of Unix/Linux operating systems, including an awareness of information security factors, and want to use Kali Linux for penetration testing, then this book is for you.

  13. FORTRAN data files transference from VAX/VMS to ALPHA/UNIX

    International Nuclear Information System (INIS)

    Sanchez, E.; Milligen, B.Ph. van

    1997-01-01

    Several tools have been developed to access the TJ-I and TJ-IU databases, which currently reside in VAX/VMS servers, from the TJ-II Data Acquisition System DEC ALPHA 8400 server. The TJ-I/TJ-IU databases are not homogeneous and contain several types of data files, namely, SADE. CAMAC and FORTRAN un formatted files. The tools presented in this report allow one to transfer CAMAC and those FORTRAN un formatted files defined herein. from a VAX/VMS server, for data manipulation on the ALPHA/Digital UNIX server. (Author) 5 refs

  14. The equipment access software for a distributed UNIX-based accelerator control system

    International Nuclear Information System (INIS)

    Trofimov, Nikolai; Zelepoukine, Serguei; Zharkov, Eugeny; Charrue, Pierre; Gareyte, Claire; Poirier, Herve

    1994-01-01

    This paper presents a generic equipment access software package for a distributed control system using computers with UNIX or UNIX-like operating systems. The package consists of three main components, an application Equipment Access Library, Message Handler and Equipment Data Base. An application task, which may run in any computer in the network, sends requests to access equipment through Equipment Library calls. The basic request is in the form Equipment-Action-Data and is routed via a remote procedure call to the computer to which the given equipment is connected. In this computer the request is received by the Message Handler. According to the type of the equipment connection, the Message Handler either passes the request to the specific process software in the same computer or forwards it to a lower level network of equipment controllers using MIL1553B, GPIB, RS232 or BITBUS communication. The answer is then returned to the calling application. Descriptive information required for request routing and processing is stored in the real-time Equipment Data Base. The package has been written to be portable and is currently available on DEC Ultrix, LynxOS, HPUX, XENIX, OS-9 and Apollo domain. ((orig.))

  15. Progress of data processing system in JT-60 utilizing the UNIX-based workstations

    International Nuclear Information System (INIS)

    Sakata, Shinya; Kiyono, Kimihiro; Oshima, Takayuki; Sato, Minoru; Ozeki, Takahisa

    2007-07-01

    JT-60 data processing system (DPS) possesses three-level hierarchy. At the top level of hierarchy is JT-60 inter-shot processor (MSP-ISP), which is a mainframe computer, provides communication with the JT-60 supervisory control system and supervises the internal communication inside the DPS. The middle level of hierarchy has minicomputers and the bottom level of hierarchy has individual diagnostic subsystems, which consist of the CAMAC and VME modules. To meet the demand for advanced diagnostics, the DPS has been progressed in stages from a three-level hierarchy system, which was dependent on the processing power of the MSP-ISP, to a two-level hierarchy system, which is decentralized data processing system (New-DPS) by utilizing the UNIX-based workstations and network technology. This replacement had been accomplished, and the New-DPS has been started to operate in October 2005. In this report, we describe the development and improvement of the New-DPS, whose functions were decentralized from the MSP-ISP to the UNIX-based workstations. (author)

  16. CLIPS 6.0 - C LANGUAGE INTEGRATED PRODUCTION SYSTEM, VERSION 6.0 (UNIX VERSION)

    Science.gov (United States)

    Donnell, B.

    1994-01-01

    COOL (that is, a rule can pattern match on objects created using COOL). CLIPS 6.0 provides the capability to define functions, overloaded functions, and global variables interactively. In addition, CLIPS can be embedded within procedural code, called as a subroutine, and integrated with languages such as C, FORTRAN and Ada. CLIPS can be easily extended by a user through the use of several well-defined protocols. CLIPS provides several delivery options for programs including the ability to generate stand alone executables or to load programs from text or binary files. CLIPS 6.0 provides support for the modular development and execution of knowledge bases with the defmodule construct. CLIPS modules allow a set of constructs to be grouped together such that explicit control can be maintained over restricting the access of the constructs by other modules. This type of control is similar to global and local scoping used in languages such as C or Ada. By restricting access to deftemplate and defclass constructs, modules can function as blackboards, permitting only certain facts and instances to be seen by other modules. Modules are also used by rules to provide execution control. The CRSV (Cross-Reference, Style, and Verification) utility included with previous version of CLIPS is no longer supported. The capabilities provided by this tool are now available directly within CLIPS 6.0 to aid in the development, debugging, and verification of large rule bases. COSMIC offers four distribution versions of CLIPS 6.0: UNIX (MSC-22433), VMS (MSC-22434), MACINTOSH (MSC-22429), and IBM PC (MSC-22430). Executable files, source code, utilities, documentation, and examples are included on the program media. All distribution versions include identical source code for the command line version of CLIPS 6.0. This source code should compile on any platform with an ANSI C compiler. Each distribution version of CLIPS 6.0, except that for the Macintosh platform, includes an executable for the

  17. UNIX veida mikrokodola operētājsistēma FPGA procesoram

    OpenAIRE

    Liepkalns, Ansis

    2012-01-01

    Risinājumos, kuros izmanto programmējamo loģisko mezglu masīvu (FPGA) procesorus, programmatūras pieejamība ir svarīga, lai samazinātu galaprodukta iegūšanai nepieciešamo laiku. Plašu programmatūras atbalstu ir ieguvušas UNIX veida operētājsistēmas. To kombinācija ar FPGA procesoriem spēj nodrošināt vēlamo izstrādes ātrumu. Lai apmierinātu kvalitātes prasības, tiek piedāvāts izmantot mikrokodola operētājsistēmu. Darbā tiek apskatīta sistēmas mikroshēmā izveide darbībai ar „Minix 3“ mikrokodol...

  18. A real-time data-acquisition and analysis system with distributed UNIX workstations

    International Nuclear Information System (INIS)

    Yamashita, H.; Miyamoto, K.; Maruyama, K.; Hirosawa, H.; Nakayoshi, K.; Emura, T.; Sumi, Y.

    1996-01-01

    A compact data-acquisition system using three RISC/UNIX TM workstations (SUN TM /SPARCstation TM ) with real-time capabilities of monitoring and analysis has been developed for the study of photonuclear reactions with the large-acceptance spectrometer TAGX. One workstation acquires data from memory modules in the front-end electronics (CAMAC and TKO) with a maximum speed of 300 Kbytes/s, where data size times instantaneous rate is 1 Kbyte x 300 Hz. Another workstation, which has real-time capability for run monitoring, gets the data with a buffer manager called NOVA. The third workstation analyzes the data and reconstructs the event. In addition to a general hardware and software description, priority settings and run control by shell scripts are described. This system has recently been used successfully in a two month long experiment. (orig.)

  19. With Unix under the hood, the Mac has a toehold in the geophysical sector

    Energy Technology Data Exchange (ETDEWEB)

    Roche, P.

    2004-05-01

    A new lease on life in the geophysical sector is predicted for Apple Computer as result of the company's decision first to convert to the Unix System, and then to develop a new operating system called OS X (O-S-Ten) which runs under a version of Unix called Free BSD. While Apple shows no indication of interest to market its hardware and software to the oil industry, at least one oil company, Houston-based Seitel Inc., is using Apple products for its high performance computing and technical desktop applications, such as storing its onshore and offshore 3-D seismic data on Apple's Xserve RAID rack storage system. In another application, Virginia Polytechnic Institute built a supercomputer using 1,100 64-bit G5 Power Macs. The result is the third fastest super-computer in the world, running at a blazing 10.28 teraflops, or 10.28 trillion calculations per second. By all accounts, it is well suited to oilpatch tasks such as seismic data processing and running large-scale simulations such as fluid flow through porous media. Seitel is also interested in Apple's 64-bit G5 computers to run its seismic data processing operations which require large amounts of computing power. While Apple's hardware and software appear to be well adopted to perform oilpatch tasks, proliferation of use of Apple products by oilpatch companies is hindered by the almost complete absence of oilpatch software. Parallel Geoscience Corporation which had long been interested in creating Mac-based software for geoscience applications, is in the process of filling that gap by refocusing its attention on an O-S-Ten version of its Seismic Precessing Workshop{sup T}M{sup (}SPW). How long it will take to make the conversion will depend on customer demand. 2 figs.

  20. TkPl_SU: An Open-source Perl Script Builder for Seismic Unix

    Science.gov (United States)

    Lorenzo, J. M.

    2017-12-01

    TkPl_SU (beta) is a graphical user interface (GUI) to select parameters for Seismic Unix (SU) modules. Seismic Unix (Stockwell, 1999) is a widely distributed free software package for processing seismic reflection and signal processing. Perl/Tk is a mature, well-documented and free object-oriented graphical user interface for Perl. In a classroom environment, shell scripting of SU modules engages students and helps focus on the theoretical limitations and strengths of signal processing. However, complex interactive processing stages, e.g., selection of optimal stacking velocities, killing bad data traces, or spectral analysis requires advanced flows beyond the scope of introductory classes. In a research setting, special functionality from other free seismic processing software such as SioSeis (UCSD-NSF) can be incorporated readily via an object-oriented style to programming. An object oriented approach is a first step toward efficient extensible programming of multi-step processes, and a simple GUI simplifies parameter selection and decision making. Currently, in TkPl_SU, Perl 5 packages wrap 19 of the most common SU modules that are used in teaching undergraduate and first-year graduate student classes (e.g., filtering, display, velocity analysis and stacking). Perl packages (classes) can advantageously add new functionality around each module and clarify parameter names for easier usage. For example, through the use of methods, packages can isolate the user from repetitive control structures, as well as replace the names of abbreviated parameters with self-describing names. Moose, an extension of the Perl 5 object system, greatly facilitates an object-oriented style. Perl wrappers are self-documenting via Perl programming document markup language.

  1. Secure Programming Cookbook for C and C++ Recipes for Cryptography, Authentication, Input Validation & More

    CERN Document Server

    Viega, John

    2009-01-01

    Secure Programming Cookbook for C and C++ is an important new resource for developers serious about writing secure code for Unix® (including Linux®) and Windows® environments. This essential code companion covers a wide range of topics, including safe initialization, access control, input validation, symmetric and public key cryptography, cryptographic hashes and MACs, authentication and key exchange, PKI, random numbers, and anti-tampering.

  2. Privacy and Security Research Group workshop on network and distributed system security: Proceedings

    Energy Technology Data Exchange (ETDEWEB)

    1993-05-01

    This report contains papers on the following topics: NREN Security Issues: Policies and Technologies; Layer Wars: Protect the Internet with Network Layer Security; Electronic Commission Management; Workflow 2000 - Electronic Document Authorization in Practice; Security Issues of a UNIX PEM Implementation; Implementing Privacy Enhanced Mail on VMS; Distributed Public Key Certificate Management; Protecting the Integrity of Privacy-enhanced Electronic Mail; Practical Authorization in Large Heterogeneous Distributed Systems; Security Issues in the Truffles File System; Issues surrounding the use of Cryptographic Algorithms and Smart Card Applications; Smart Card Augmentation of Kerberos; and An Overview of the Advanced Smart Card Access Control System. Selected papers were processed separately for inclusion in the Energy Science and Technology Database.

  3. Contribution to data acquisition software of Eurogram and Diamant multi detectors in an Unix/VXWorks environment; Contribution aux logiciels d`acquisition de donnees des multidetecteurs Eurogam et Diamant dans un environnement reparti Unix/VXWorks

    Energy Technology Data Exchange (ETDEWEB)

    Diarra, C

    1994-06-01

    Questions on nuclear matter, need to have new performant equipments. Eurogram is a 4 PI gamma radiations multi detector and a precious tool in gamma spectroscopy, but it is necessary to use a charged particles detector and in this aim Diamant is an Eurogram partner. These two multi detectors needed special software data acquisition systems. The whole of acquisition control and management is based on sun stations with unix system. 56 figs., 64 refs.

  4. Improved operating scenarios of the DIII-D tokamak as a result of the addition of UNIX computer systems

    International Nuclear Information System (INIS)

    Henline, P.A.

    1995-10-01

    The increased use of UNIX based computer systems for machine control, data handling and analysis has greatly enhanced the operating scenarios and operating efficiency of the DRI-D tokamak. This paper will describe some of these UNIX systems and their specific uses. These include the plasma control system, the electron cyclotron heating control system, the analysis of electron temperature and density measurements and the general data acquisition system (which is collecting over 130 Mbytes of data). The speed and total capability of these systems has dramatically affected the ability to operate DIII-D. The improved operating scenarios include better plasma shape control due to the more thorough MHD calculations done between shots and the new ability to see the time dependence of profile data as it relates across different spatial locations in the tokamak. Other analysis which engenders improved operating abilities will be described

  5. Contribution to data acquisition software of Eurogram and Diamant multi detectors in an Unix/VXWorks environment

    International Nuclear Information System (INIS)

    Diarra, C.

    1994-06-01

    Questions on nuclear matter, need to have new performant equipments. Eurogram is a 4 PI gamma radiations multi detector and a precious tool in gamma spectroscopy, but it is necessary to use a charged particles detector and in this aim Diamant is an Eurogram partner. These two multi detectors needed special software data acquisition systems. The whole of acquisition control and management is based on sun stations with unix system. 56 figs., 64 refs

  6. Unix Philosophy and the Real World: Control Software for Humanoid Robots

    Directory of Open Access Journals (Sweden)

    Neil Thomas Dantam

    2016-03-01

    Full Text Available Robot software combines the challenges of general purpose and real-time software, requiring complex logic and bounded resource use. Physical safety, particularly for dynamic systems such as humanoid robots, depends on correct software. General purpose computation has converged on unix-like operating systems -- standardized as POSIX, the Portable Operating System Interface -- for devices from cellular phones to supercomputers. The modular, multi-process design typical of POSIX applications is effective for building complex and reliable software. Absent from POSIX, however, is an interproccess communication mechanism that prioritizes newer data as typically desired for control of physical systems. We address this need in the Ach communication library which provides suitable semantics and performance for real-time robot control. Although initially designed for humanoid robots, Ach has broader applicability to complex mechatronic devices -- humanoid and otherwise -- that require real-time coupling of sensors, control, planning, and actuation. The initial user space implementation of Ach was limited in the ability to receive data from multiple sources. We remove this limitation by implementing Ach as a Linux kernel module, enabling Ach's high-performance and latest-message-favored semantics within conventional POSIX communication pipelines. We discuss how these POSIX interfaces and design principles apply to robot software, and we present a case study using the Ach kernel module for communication on the Baxter robot.

  7. Practical Computer Security through Cryptography

    Science.gov (United States)

    McNab, David; Twetev, David (Technical Monitor)

    1998-01-01

    The core protocols upon which the Internet was built are insecure. Weak authentication and the lack of low level encryption services introduce vulnerabilities that propagate upwards in the network stack. Using statistics based on CERT/CC Internet security incident reports, the relative likelihood of attacks via these vulnerabilities is analyzed. The primary conclusion is that the standard UNIX BSD-based authentication system is by far the most commonly exploited weakness. Encryption of Sensitive password data and the adoption of cryptographically-based authentication protocols can greatly reduce these vulnerabilities. Basic cryptographic terminology and techniques are presented, with attention focused on the ways in which technology such as encryption and digital signatures can be used to protect against the most commonly exploited vulnerabilities. A survey of contemporary security software demonstrates that tools based on cryptographic techniques, such as Kerberos, ssh, and PGP, are readily available and effectively close many of the most serious security holes. Nine practical recommendations for improving security are described.

  8. Alternative security

    International Nuclear Information System (INIS)

    Weston, B.H.

    1990-01-01

    This book contains the following chapters: The Military and Alternative Security: New Missions for Stable Conventional Security; Technology and Alternative Security: A Cherished Myth Expires; Law and Alternative Security: Toward a Just World Peace; Politics and Alternative Security: Toward a More Democratic, Therefore More Peaceful, World; Economics and Alternative Security: Toward a Peacekeeping International Economy; Psychology and Alternative Security: Needs, Perceptions, and Misperceptions; Religion and Alternative Security: A Prophetic Vision; and Toward Post-Nuclear Global Security: An Overview

  9. Homeland Security

    Science.gov (United States)

    Provides an overview of EPA's homeland security roles and responsibilities, and links to specific homeland security issues: water security, research, emergency response, recovery, and waste management.

  10. Security Dilemma

    DEFF Research Database (Denmark)

    Wivel, Anders

    2011-01-01

    What is a security dilemma? What are the consequences of security dilemmas in international politics?......What is a security dilemma? What are the consequences of security dilemmas in international politics?...

  11. DET/MPS - THE GSFC ENERGY BALANCE PROGRAM, DIRECT ENERGY TRANSFER/MULTIMISSION SPACECRAFT MODULAR POWER SYSTEM (UNIX VERSION)

    Science.gov (United States)

    Jagielski, J. M.

    1994-01-01

    The DET/MPS programs model and simulate the Direct Energy Transfer and Multimission Spacecraft Modular Power System in order to aid both in design and in analysis of orbital energy balance. Typically, the DET power system has the solar array directly to the spacecraft bus, and the central building block of MPS is the Standard Power Regulator Unit. DET/MPS allows a minute-by-minute simulation of the power system's performance as it responds to various orbital parameters, focusing its output on solar array output and battery characteristics. While this package is limited in terms of orbital mechanics, it is sufficient to calculate eclipse and solar array data for circular or non-circular orbits. DET/MPS can be adjusted to run one or sequential orbits up to about one week, simulated time. These programs have been used on a variety of Goddard Space Flight Center spacecraft projects. DET/MPS is written in FORTRAN 77 with some VAX-type extensions. Any FORTRAN 77 compiler that includes VAX extensions should be able to compile and run the program with little or no modifications. The compiler must at least support free-form (or tab-delineated) source format and 'do do-while end-do' control structures. DET/MPS is available for three platforms: GSC-13374, for DEC VAX series computers running VMS, is available in DEC VAX Backup format on a 9-track 1600 BPI tape (standard distribution) or TK50 tape cartridge; GSC-13443, for UNIX-based computers, is available on a .25 inch streaming magnetic tape cartridge in UNIX tar format; and GSC-13444, for Macintosh computers running AU/X with either the NKR FORTRAN or AbSoft MacFORTRAN II compilers, is available on a 3.5 inch 800K Macintosh format diskette. Source code and test data are supplied. The UNIX version of DET requires 90K of main memory for execution. DET/MPS was developed in 1990. A/UX and Macintosh are registered trademarks of Apple Computer, Inc. VMS, DEC VAX and TK50 are trademarks of Digital Equipment Corporation. UNIX is a

  12. STAR- A SIMPLE TOOL FOR AUTOMATED REASONING SUPPORTING HYBRID APPLICATIONS OF ARTIFICIAL INTELLIGENCE (UNIX VERSION)

    Science.gov (United States)

    Borchardt, G. C.

    1994-01-01

    /output required, and displays the results. The STAR interpreter is written in the C language for interactive execution. It has been implemented on a VAX 11/780 computer operating under VMS, and the UNIX version has been implemented on a Sun Microsystems 2/170 workstation. STAR has a memory requirement of approximately 200K of 8 bit bytes, excluding externally compiled functions and application-dependent symbolic definitions. This program was developed in 1985.

  13. Switching the JLab Accelerator Operations Environment from an HP-UX Unix-based to a PC/Linux-based environment

    International Nuclear Information System (INIS)

    Mcguckin, Theodore

    2008-01-01

    The Jefferson Lab Accelerator Controls Environment (ACE) was predominantly based on the HP-UX Unix platform from 1987 through the summer of 2004. During this period the Accelerator Machine Control Center (MCC) underwent a major renovation which included introducing Redhat Enterprise Linux machines, first as specialized process servers and then gradually as general login servers. As computer programs and scripts required to run the accelerator were modified, and inherent problems with the HP-UX platform compounded, more development tools became available for use with Linux and the MCC began to be converted over. In May 2008 the last HP-UX Unix login machine was removed from the MCC, leaving only a few Unix-based remote-login servers still available. This presentation will explore the process of converting an operational Control Room environment from the HP-UX to Linux platform as well as the many hurdles that had to be overcome throughout the transition period

  14. Security Evolution.

    Science.gov (United States)

    De Patta, Joe

    2003-01-01

    Examines how to evaluate school security, begin making schools safe, secure schools without turning them into fortresses, and secure schools easily and affordably; the evolution of security systems into information technology systems; using schools' high-speed network lines; how one specific security system was developed; pros and cons of the…

  15. Security of OS-level virtualization technologies: Technical report

    OpenAIRE

    Reshetova, Elena; Karhunen, Janne; Nyman, Thomas; Asokan, N.

    2014-01-01

    The need for flexible, low-overhead virtualization is evident on many fronts ranging from high-density cloud servers to mobile devices. During the past decade OS-level virtualization has emerged as a new, efficient approach for virtualization, with implementations in multiple different Unix-based systems. Despite its popularity, there has been no systematic study of OS-level virtualization from the point of view of security. In this report, we conduct a comparative study of several OS-level v...

  16. Interface and integration of a silicon graphics UNIX computer with the Encore based SCE SONGS 2/3 simulator

    International Nuclear Information System (INIS)

    Olmos, J.; Lio, P.; Chan, K.S.

    1991-01-01

    The SONGS Unit 2/3 simulator was originally implemented in 1983 on a Master/Slave 32/7780 Encore MPX platform by the Singer-Link Company. In 1986, a 32/9780 MPX Encore computer was incorporated into the simulator computer system to provide the additional CPU processing needed to install the PACE plant monitoring system and to enable the upgrade of the NSSS Simulation to the advanced RETACT/STK models. Since the spring of 1990, the SCE SONGS Nuclear Training Division simulator technical staff, in cooperation with Micro Simulation Inc., has undertaken a project to integrate a Silicon Graphics UNIX based computer with the Encore MPX SONGS 2/3 simulation computer system. In this paper the authors review the objectives, advantages to be gained, software and hardware approaches utilized, and the results so far achieved by the authors' project

  17. Financial security

    NARCIS (Netherlands)

    de Goede, M.; Burgess, J.P.

    2010-01-01

    1. Introduction J. Peter Burgess Part 1: New Security Concepts 2. Civilizational Security Brett Bowden 3. Risk Oliver Kessler 4. Small Arms Keith Krause 5. Critical Human Security Taylor Owen 6. Critical Geopolitics Simon Dalby Part 2: New Security Subjects 7. Biopolitics Michael Dillon 8. Gendered

  18. Cyber security

    CERN Document Server

    Voeller, John G

    2014-01-01

    Cyber Security features articles from the Wiley Handbook of Science and Technology for Homeland Security covering topics related to cyber security metrics and measure  and related technologies that meet security needs. Specific applications to web services, the banking and the finance sector, and industrial process control systems are discussed.

  19. Security negotiation

    OpenAIRE

    Mitrović, Miroslav M.; Ivaniš, Željko

    2013-01-01

    Contemporary security challenges, risks and threats represent a resultant of the achieved level of interaction between various entities within the paradigm of global security relations. Asymmetry and nonlinearity are main features of contemporary challenges in the field of global security. Negotiation in the area of security, namely the security negotiation, thus goes beyond just the domain of negotiation in conflicts and takes into consideration particularly asymmetric forms of possible sour...

  20. DB2 9 for Linux, UNIX, and Windows Advanced Database Administration Certification Certification Study Guide

    CERN Document Server

    Sanders, Roger E

    2008-01-01

    Database administrators versed in DB2 wanting to learn more about advanced database administration activities and students wishing to gain knowledge to help them pass the DB2 9 UDB Advanced DBA certification exam will find this exhaustive reference invaluable. Written by two individuals who were part of the team that developed the certification exam, this comprehensive study guide prepares the student for challenging questions on database design; data partitioning and clustering; high availability diagnostics; performance and scalability; security and encryption; connectivity and networking; a

  1. Security Expertise

    DEFF Research Database (Denmark)

    systematic study of security expertise and opens up a productive dialogue between science and technology studies and security studies to investigate the character and consequences of this expertise. In security theory, the study of expertise is crucial to understanding whose knowledge informs security making......This volume brings together scholars from different fields to explore the power, consequences and everyday practices of security expertise. Expertise mediates between different forms of knowledge: scientific and technological, legal, economic and political knowledge. This book offers the first...... and to reflect on the impact and responsibility of security analysis. In science and technology studies, the study of security politics adds a challenging new case to the agenda of research on expertise and policy. The contributors investigate cases such as academic security studies, security think tanks...

  2. Watermarking security

    CERN Document Server

    Bas, Patrick; Cayre, François; Doërr, Gwenaël; Mathon, Benjamin

    2016-01-01

    This book explains how to measure the security of a watermarking scheme, how to design secure schemes but also how to attack popular watermarking schemes. This book gathers the most recent achievements in the field of watermarking security by considering both parts of this cat and mouse game. This book is useful to industrial practitioners who would like to increase the security of their watermarking applications and for academics to quickly master this fascinating domain.

  3. Security Locks

    Science.gov (United States)

    Hart, Kevin

    2010-01-01

    According to a 2008 "Year in Review" report by Educational Security Incidents, an online repository that collects data on higher education security issues, the total number of security incidents reported at universities and colleges worldwide rose to 173 in 2008, a 24.5 percent increase over 2007. The number of institutions…

  4. Development of a new discharge control system utilizing UNIX workstations and VME-bus systems for JT-60

    Energy Technology Data Exchange (ETDEWEB)

    Akasaka, Hiromi; Sueoka, Michiharu; Takano, Shoji; Totsuka, Toshiyuki; Yonekawa, Izuru; Kurihara, Kenichi; Kimura, Toyoaki [Japan Atomic Energy Research Inst., Naka, Ibaraki (Japan). Naka Fusion Research Establishment

    2002-01-01

    The JT-60 discharge control system, which had used HIDIC-80E 16 bit mini-computers and CAMAC systems since the start of JT-60 experiment in 1985, was renewed in March, 2001. The new system consists of a UNIX workstation and a VME-bus system, and features a distributed control system. The workstation performs message communication with a VME-bus system and controllers of JT-60 sub-systems and processing for discharge control because of its flexibility to construction of a new network and modifications of software. The VME-bus system performs discharge sequence control because it is suitable for fast real time control and flexible to the hardware extension. The replacement has improved the control function and reliability of the discharge control system and also has provided sufficient performance necessary for future modifications of JT-60. The new system has been running successfully since April 2001. The data acquisition speed was confirmed to be twice faster than the previous one. This report describes major functions of the discharge control system, technical ideas for developing the system and results of the initial operation in detail. (author)

  5. Securing Hadoop

    CERN Document Server

    Narayanan, Sudheesh

    2013-01-01

    This book is a step-by-step tutorial filled with practical examples which will focus mainly on the key security tools and implementation techniques of Hadoop security.This book is great for Hadoop practitioners (solution architects, Hadoop administrators, developers, and Hadoop project managers) who are looking to get a good grounding in what Kerberos is all about and who wish to learn how to implement end-to-end Hadoop security within an enterprise setup. It's assumed that you will have some basic understanding of Hadoop as well as be familiar with some basic security concepts.

  6. Grid Security

    CERN Multimedia

    CERN. Geneva

    2004-01-01

    The aim of Grid computing is to enable the easy and open sharing of resources between large and highly distributed communities of scientists and institutes across many independent administrative domains. Convincing site security officers and computer centre managers to allow this to happen in view of today's ever-increasing Internet security problems is a major challenge. Convincing users and application developers to take security seriously is equally difficult. This paper will describe the main Grid security issues, both in terms of technology and policy, that have been tackled over recent years in LCG and related Grid projects. Achievements to date will be described and opportunities for future improvements will be addressed.

  7. Social Security.

    Science.gov (United States)

    Social and Labour Bulletin, 1983

    1983-01-01

    This group of articles discusses a variety of studies related to social security and retirement benefits. These studies are related to both developing and developed nations and are also concerned with studying work conditions and government role in administering a democratic social security system. (SSH)

  8. Security management

    International Nuclear Information System (INIS)

    Adams, H.W.

    1990-01-01

    Technical progress is moving more and more quickly and the systems thus produced are so complex and have become so unclear to the individual that he can no longer estimate the consequences: Faith in progress has given way to deep mistrust. Companies have adjusted to this change in consciousness. An interesting tendency can be identified: technical security is already available - now the organization of security has become an important objective for companies. The key message of the book is: If outworn technical systems are no longer adequate, the organization must be thoroughly overhauled. Five chapters deal with the following themes: organization as an aspect of society; risk control; aspects of security; is there security in ADP; the broader concept of security. (orig./HP) [de

  9. INFORMATION SYSTEM SECURITY (CYBER SECURITY

    Directory of Open Access Journals (Sweden)

    Muhammad Siddique Ansari

    2016-03-01

    Full Text Available Abstract - Business Organizations and Government unequivocally relies on upon data to deal with their business operations. The most unfavorable impact on association is disappointment of friendship, goodness, trustworthiness, legitimacy and probability of data and administrations. There is an approach to ensure data and to deal with the IT framework's Security inside association. Each time the new innovation is made, it presents some new difficulties for the insurance of information and data. To secure the information and data in association is imperative on the grounds that association nowadays inside and remotely joined with systems of IT frameworks. IT structures are inclined to dissatisfaction and security infringement because of slips and vulnerabilities. These slips and vulnerabilities can be brought on by different variables, for example, quickly creating headway, human slip, poor key particulars, poor movement schedules or censuring the threat. Likewise, framework changes, new deserts and new strikes are a huge piece of the time displayed, which helpers augmented vulnerabilities, disappointments and security infringement all through the IT structure life cycle. The business went to the confirmation that it is essentially difficult to ensure a slip free, risk free and secure IT structure in perspective of the disfigurement of the disavowing security parts, human pass or oversight, and part or supplies frustration. Totally secure IT frameworks don't exist; just those in which the holders may have changing degrees of certainty that security needs of a framework are fulfilled do. The key viewpoints identified with security of data outlining are examined in this paper. From the start, the paper recommends pertinent legitimate structure and their duties including open association obligation, and afterward it returns to present and future time, system limits, structure security in business division. At long last, two key inadequacy markers

  10. Information security management handbook

    CERN Document Server

    Tipton, Harold F

    2006-01-01

    Access Control Systems and Methodology. Telecommunications and Network Security. Security Management Practices. Application Program Security. Cryptography. Computer, System, and Security Architecture. Operations Security. Business Continuity Planning and Disaster Recovery Planning. Law, Investigation and Ethics. Physical Security.

  11. Strategic information security

    CERN Document Server

    Wylder, John

    2003-01-01

    Introduction to Strategic Information SecurityWhat Does It Mean to Be Strategic? Information Security Defined The Security Professional's View of Information Security The Business View of Information SecurityChanges Affecting Business and Risk Management Strategic Security Strategic Security or Security Strategy?Monitoring and MeasurementMoving Forward ORGANIZATIONAL ISSUESThe Life Cycles of Security ManagersIntroductionThe Information Security Manager's Responsibilities The Evolution of Data Security to Information SecurityThe Repository Concept Changing Job Requirements Business Life Cycles

  12. Security Bingo

    CERN Multimedia

    Computer Security Team

    2011-01-01

    Want to check your security awareness and win one of three marvellous books on computer security? Just print out this page, mark which of the 25 good practices below you already follow, and send the sheet back to us by 31 October 2011 at either Computer.Security@cern.ch or P.O. Box G19710.   Winners[1] must show that they fulfil at least five good practices in a continuous vertical, horizontal or diagonal row. For details on CERN Computer Security, please consult http://cern.ch/security. I personally…   …am concerned about computer security. …run my computer with an anti-virus software and up-to-date signature files. …lock my computer screen whenever I leave my office. …have chosen a reasonably complex password. …have restricted access to all my files and data. …am aware of the security risks and threats to CERN’s computing facilities. &hell...

  13. Computer security

    CERN Document Server

    Gollmann, Dieter

    2011-01-01

    A completely up-to-date resource on computer security Assuming no previous experience in the field of computer security, this must-have book walks you through the many essential aspects of this vast topic, from the newest advances in software and technology to the most recent information on Web applications security. This new edition includes sections on Windows NT, CORBA, and Java and discusses cross-site scripting and JavaScript hacking as well as SQL injection. Serving as a helpful introduction, this self-study guide is a wonderful starting point for examining the variety of competing sec

  14. Secure PVM

    Energy Technology Data Exchange (ETDEWEB)

    Dunigan, T.H.; Venugopal, N.

    1996-09-01

    This research investigates techniques for providing privacy, authentication, and data integrity to PVM (Parallel Virtual Machine). PVM is extended to provide secure message passing with no changes to the user`s PVM application, or, optionally, security can be provided on a message-by message basis. Diffe-Hellman is used for key distribution of a single session key for n-party communication. Keyed MD5 is used for message authentication, and the user may select from various secret-key encryption algorithms for message privacy. The modifications to PVM are described, and the performance of secure PVM is evaluated.

  15. Junos Security

    CERN Document Server

    Cameron, Rob; Giecco, Patricio; Eberhard, Timothy; Quinn, James

    2010-01-01

    Junos® Security is the complete and authorized introduction to the new Juniper Networks SRX hardware series. This book not only provides a practical, hands-on field guide to deploying, configuring, and operating SRX, it also serves as a reference to help you prepare for any of the Junos Security Certification examinations offered by Juniper Networks. Network administrators and security professionals will learn how to use SRX Junos services gateways to address an array of enterprise data network requirements -- including IP routing, intrusion detection, attack mitigation, unified threat manag

  16. Collective Security

    DEFF Research Database (Denmark)

    Galster, Kjeld

    in worldwide market conditions left perceptible ripples in Danish economy, budget discussions grew in importance over this period. The pacifist stance entailed disinclination to accept that the collective security concept and international treaties and accords signed by Denmark should necessitate credible...... and other international treaties provided arguments for adjusting the foreign and security policy ambitions, and since the general flux in worldwide market conditions left perceptible ripples in Danish economy, budget discussions grew in importance over this period. The pacifist stance entailed......Collective Security: National Egotism (Abstract) In Danish pre-World War I defence debate the notion of collective security is missing. During the early years of the 19th century, the political work is influenced by a pervasive feeling of rising tension and danger on the continent of Europe...

  17. Security Transformation

    National Research Council Canada - National Science Library

    Metz, Steven

    2003-01-01

    ... adjustment. With American military forces engaged around the world in both combat and stabilization operations, the need for rigorous and critical analysis of security transformation has never been greater...

  18. European Security

    DEFF Research Database (Denmark)

    Møller, Bjørn

    Theoretical chapters on "Security", "Organisations" and "Regions," Historical Chapters on "Europe and Its Distinguishing Features" and on "The United Nations," "NATO," "The CSCE/OSCE and the Council of Europe" and "The European Union"......Theoretical chapters on "Security", "Organisations" and "Regions," Historical Chapters on "Europe and Its Distinguishing Features" and on "The United Nations," "NATO," "The CSCE/OSCE and the Council of Europe" and "The European Union"...

  19. Data Security

    OpenAIRE

    Lopez, Diego

    2013-01-01

    Training specialists in the field of data security and security administrators for the information systems represents a significant priority demanded by both governmental environments and the central and local administrations, as well as by the private sector - companies, banks. They are responsible for implementing information services and systems, but they are also their beneficiaries, with applicability in fields such as: e government, e-administration, e-banking, e-commerce, e-payment, wh...

  20. Nuclear security

    International Nuclear Information System (INIS)

    1991-12-01

    This paper reports that despite their crucial importance to national security, safeguards at the Department of Energy's (DOE) weapons facilities may be falling short. DOE security inspections have identified many weaknesses, including poor performance by members of DOE's security force, poor accountability for quantities of nuclear materials, and the inability of personnel to locate documents containing classified information. About 13 percent of the 2,100 identified weakness resulted in DOE inspectors giving out unsatisfactory security ratings; another 38 percent led to marginal ratings. In addition, DOE's centralized safeguards and security information tracking system lacks current data on whether DOE field offices have corrected the identified weaknesses. Without reliable information, DOE has no way of knowing whether timely action was taken to correct problems, nor can it determine whether weaknesses are systematic. DOE has tried to minimize the impact of these security weaknesses at its facilities by establishing multiple layers of protection measures and instituting interim and compensatory measures for identified weaknesses. DOE is planning enhancements to the centralized tracking system that should improve its reliability and increase its effectiveness

  1. FOOD SECURITY

    Directory of Open Access Journals (Sweden)

    Dorina Ardelean

    2013-12-01

    Full Text Available The assurance of food security at the individual level doesn’t implicitly provide for the one at family level as the concepts of hunger, malnutrition and food insecurity are the steps of the same process of access restricted to a sufficient supply of food. In order to achieve food security at the individual level the following is necessary: ensuring food availability (production, reserve stocks; redistribution of food availability within the country or out through international exchanges; effective access of the population to purchase food consumer goods, by ensuring its effective demand as required. Food security of families (FFS is required for assuring individual food security (IFS, but it is not sufficient because the food available may be unevenly distributed between family members. National food security (NFS corresponds to the possibilities that different countries have to ensure both FFS and IFS without sacrificing other important objectives. Under the name of GAS is defined the global food security which represents permanent access for the entire population of the globe to the necessary food for a healthy and active life.

  2. Security an introduction

    CERN Document Server

    Purpura, Philip P

    2011-01-01

    Section I The History and Profession of SecurityDefinition, Role, and History of Security Security Defined The Contexts of Security The Roles of Security The History of Security Security in an Environment of Threats, Terrorism, and All-Hazards Threats and Hazards Terrorism National Strategies The Profession and Business of Security The Business of Security Professionalism and Security Associations Ethics Regulation of the Security Industry Security Training Higher Education Careers Section II Protecting People and AssetsSecurity Methodology Methodology Defined Security Business Proposals Secur

  3. DIRAC Security

    CERN Document Server

    Casajús Ramo, A

    2006-01-01

    DIRAC is the LHCb Workload and Data Management System. Based on a service-oriented architecture, it enables generic distributed computing with lightweight Agents and Clients for job execution and data transfers. DIRAC implements a client-server architecture exposing server methods through XML Remote Procedure Call (XML-RPC) protocol. DIRAC is mostly coded in python. DIRAC security infrastructure has been designed to be a completely generic XML-RPC transport over a SSL tunnel. This new security layer is able to handle standard X509 certificates as well as grid-proxies to authenticate both sides of the connection. Serve and client authentication relies over OpenSSL and py-Open SSL, but to be able to handle grid proxies some modifications have been added to those libraries. DIRAC security infrastructure handles authorization and authorization as well as provides extended capabilities like secure connection tunneling and file transfer. Using this new security infrastructure all LHCb users can safely make use o...

  4. Privatising Security

    Directory of Open Access Journals (Sweden)

    Irina Mindova-Docheva

    2016-06-01

    Full Text Available The article proposes an analysis of the different approaches towards employing the international legal framework in the regulation and oversight of private military and security companies’ operation in armed conflicts and in peace time security systems. It proposes a partnership-based approach for public and private actors aiming at creating and sharing common values under the principles of solidarity, protection of human rights and rule of law. A focus of further research should be the process of shaping those common values.

  5. Information Security

    NARCIS (Netherlands)

    Hartel, Pieter H.; Suryana Herman, Nanna; Leukfeldt, E.R.; Stol, W.Ph.

    2012-01-01

    Information security is all about the protection of digital assets, such as digital content, personal health records, state secrets etc. These assets can be handled by a party who is authorised to access and control the asset or a party who is not authorised to do so. Authorisation determines who is

  6. Food security

    NARCIS (Netherlands)

    Ridder, M. de

    2011-01-01

    Food security is back on the agenda as a top priority for policy makers. In January 2011, record high food prices resulted in protests in Tunisia, which subsequently led to the spread of the revolutions in other North African and Middle Eastern countries. Although experts have asserted that no

  7. Improving Security in the ATLAS PanDA System

    International Nuclear Information System (INIS)

    Caballero, J; Maeno, T; Potekhin, M; Wenaus, T; Nilsson, P; Stewart, G

    2011-01-01

    The security challenges faced by users of the grid are considerably different to those faced in previous environments. The adoption of pilot jobs systems by LHC experiments has mitigated many of the problems associated with the inhomogeneities found on the grid and has greatly improved job reliability; however, pilot jobs systems themselves must then address many security issues, including the execution of multiple users' code under a common 'grid' identity. In this paper we describe the improvements and evolution of the security model in the ATLAS PanDA (Production and Distributed Analysis) system. We describe the security in the PanDA server which is in place to ensure that only authorized members of the VO are allowed to submit work into the system and that jobs are properly audited and monitored. We discuss the security in place between the pilot code itself and the PanDA server, ensuring that only properly authenticated workload is delivered to the pilot for execution. When the code to be executed is from a 'normal' ATLAS user, as opposed to the production system or other privileged actor, then the pilot may use an EGEE developed identity switching tool called gLExec. This changes the grid proxy available to the job and also switches the UNIX user identity to protect the privileges of the pilot code proxy. We describe the problems in using this system and how they are overcome. Finally, we discuss security drills which have been run using PanDA and show how these improved our operational security procedures.

  8. Computer Security: the security marathon

    CERN Multimedia

    Computer Security Team

    2014-01-01

    If you believe that “security” is a sprint, that a quick hack is invulnerable, that quick bug fixing is sufficient, that plugging security measures on top of existing structures is good, that once you are secure your life will be easy... then let me convince you otherwise.   An excellent example of this is when the summer students join us at CERN. As the summer period is short, software projects must be accomplished quickly, like a sprint. Rush, rush! But often, this sprint ends with aching muscles. Regularly, these summer students approach us to have their project or web server made visible to the Internet. Regularly, quick security reviews of those web servers diagnose severe underperformance with regards to security: the web applications are flawed or use insecure protocols; the employed software tools, databases or web frameworks are sub-optimal and not adequately chosen for that project; the operating system is non-standard and has never been brought up-to-date; and ...

  9. Security Administration Reports Application

    Data.gov (United States)

    Social Security Administration — Contains SSA Security Reports that allow Information Security Officers (ISOs) to access, review and take appropriate action based on the information contained in the...

  10. Security Investigation Database (SID)

    Data.gov (United States)

    US Agency for International Development — Security Investigation & Personnel Security Clearance - COTS personnel security application in a USAID virtualized environement that can support USAID's business...

  11. Nuclear security

    International Nuclear Information System (INIS)

    1991-07-01

    This paper reports that despite an Executive Order limiting the authority to make original classification decisions to government officials, DOE has delegated this authority to a number of contractor employees. Although the number of original classification decisions made by these contractors is small, this neither negates nor diminishes the significance of the improper delegation of authority. If misclassification were to occur, particularly at the Top Secret level, U.S. national security interests could potentially be seriously affected and threatened. DOE's argument that the delegation of such authority is a long-standing policy and done on a selective basis does not legitimize the practice and does not relieve DOE of its responsibility to meet the requirements of the Executive Order. DOE needs to independently assess all original classification determinations made by contractors; otherwise, it cannot be sure that U.S. national security interests have been or are being adequately protected

  12. Security seal

    Science.gov (United States)

    Gobeli, Garth W.

    1985-01-01

    Security for a package or verifying seal in plastic material is provided by a print seal with unique thermally produced imprints in the plastic. If tampering is attempted, the material is irreparably damaged and thus detectable. The pattern of the imprints, similar to "fingerprints" are recorded as a positive identification for the seal, and corresponding recordings made to allow comparison. The integrity of the seal is proved by the comparison of imprint identification records made by laser beam projection.

  13. Security system

    Science.gov (United States)

    Baumann, Mark J.; Kuca, Michal; Aragon, Mona L.

    2016-02-02

    A security system includes a structure having a structural surface. The structure is sized to contain an asset therein and configured to provide a forceful breaching delay. The structure has an opening formed therein to permit predetermined access to the asset contained within the structure. The structure includes intrusion detection features within or associated with the structure that are activated in response to at least a partial breach of the structure.

  14. Security studies

    International Nuclear Information System (INIS)

    Venot, R.

    2001-01-01

    Full text: Security studies constitute one of the major tools for evaluating the provisions implemented at facilities to protect and control Nuclear Material against unauthorized removal. Operators use security studies to demonstrate that they are complying with objectives set by the Competent Authority to counter internal or external acts aimed at unauthorized removal of NM. The paper presents the context of security studies carried out in France. The philosophy of these studies is based on a postulated unauthorized removal of NM and the study of the behavior of the systems implemented to control and protect NM in a facility. The potential unauthorized removal of NM usually may take place in two stages. The first stage involves the sequence leading to handling of the NM. It occurs inside the physical barriers of a facility and may include action involving the documents corresponding to Material Control and Accounting systems. At this stage it is possible to limit the risk of unauthorized removal of NM by means of detection capabilities of the MC and A systems. The second stage is more specific to theft and involves removing the NM out of the physical barriers of a facility in which they are being held, notably by affecting the Physical Protection System. Operators have to study, from a quantity and time lapse point of view, the ability of the installed systems to detect unauthorized removal, as well as the possibility of tampering with the systems to mask unlawful operations. Operators have also to analyze the sequences during which NM are accessed, removed from their containment and further removed from the facility in which they are stored. At each stage in the process, the probability of detection and the time taken to carry out the above actions have to be estimated. Of course, these two types of studies complement each other. Security studies have begun, in France, for more than fifteen years. Up to now more than fifty security studies are available in the

  15. National Cyber Security Policy

    Indian Academy of Sciences (India)

    National Cyber Security Policy. Salient Features: Caters to ... Creating a secure cyber ecosystem. Creating an assurance framework. Encouraging Open Standards. Strengthening the Regulatory framework. Creating mechanisms for security threat early warning, vulnerability management and response to security threats.

  16. Statistical security for Social Security.

    Science.gov (United States)

    Soneji, Samir; King, Gary

    2012-08-01

    The financial viability of Social Security, the single largest U.S. government program, depends on accurate forecasts of the solvency of its intergenerational trust fund. We begin by detailing information necessary for replicating the Social Security Administration's (SSA's) forecasting procedures, which until now has been unavailable in the public domain. We then offer a way to improve the quality of these procedures via age- and sex-specific mortality forecasts. The most recent SSA mortality forecasts were based on the best available technology at the time, which was a combination of linear extrapolation and qualitative judgments. Unfortunately, linear extrapolation excludes known risk factors and is inconsistent with long-standing demographic patterns, such as the smoothness of age profiles. Modern statistical methods typically outperform even the best qualitative judgments in these contexts. We show how to use such methods, enabling researchers to forecast using far more information, such as the known risk factors of smoking and obesity and known demographic patterns. Including this extra information makes a substantial difference. For example, by improving only mortality forecasting methods, we predict three fewer years of net surplus, $730 billion less in Social Security Trust Funds, and program costs that are 0.66% greater for projected taxable payroll by 2031 compared with SSA projections. More important than specific numerical estimates are the advantages of transparency, replicability, reduction of uncertainty, and what may be the resulting lower vulnerability to the politicization of program forecasts. In addition, by offering with this article software and detailed replication information, we hope to marshal the efforts of the research community to include ever more informative inputs and to continue to reduce uncertainties in Social Security forecasts.

  17. Network security

    CERN Document Server

    Perez, André

    2014-01-01

    This book introduces the security mechanisms deployed in Ethernet, Wireless-Fidelity (Wi-Fi), Internet Protocol (IP) and MultiProtocol Label Switching (MPLS) networks. These mechanisms are grouped throughout the book according to the following four functions: data protection, access control, network isolation, and data monitoring. Data protection is supplied by data confidentiality and integrity control services. Access control is provided by a third-party authentication service. Network isolation is supplied by the Virtual Private Network (VPN) service. Data monitoring consists of applying

  18. Information Security

    OpenAIRE

    2005-01-01

    Information security is all about the protection of digital assets, such as digital content, personal health records, state secrets etc. These assets can be handled by a party who is authorised to access and control the asset or a party who is not authorised to do so. Authorisation determines who is trusted to actually handle an asset. Two concepts complement authorisation. Authentication deter-mines who makes a request to handle an asset. To decide who is authorised, a system needs to au-the...

  19. Security infrastructures: towards the INDECT system security

    OpenAIRE

    Stoianov, Nikolai; Urueña, Manuel; Niemiec, Marcin; Machník, Petr; Maestro, Gema

    2012-01-01

    This paper provides an overview of the security infrastructures being deployed inside the INDECT project. These security infrastructures can be organized in five main areas: Public Key Infrastructure, Communication security, Cryptography security, Application security and Access control, based on certificates and smartcards. This paper presents the new ideas and deployed testbeds for these five areas. In particular, it explains the hierarchical architecture of the INDECT PKI...

  20. Internet Banking Security Strategy: Securing Customer Trust

    OpenAIRE

    Frimpong Twum; Kwaku Ahenkora

    2012-01-01

    Internet banking strategies should enhance customers¡¯ online experiences which are affected by trust and security issues. This study provides perspectives of users and nonusers on internet banking security with a view to understanding trust and security factors in relation to adoption and continuous usage. Perception of internet banking security influenced usage intentions. Nonusers viewed internet banking to be insecure but users perceived it to be secure with perceived ease of use influenc...

  1. Planning security for supply security

    International Nuclear Information System (INIS)

    Spies von Buellesheim.

    1994-01-01

    The situation of the hardcoal mining industry is still difficult, however better than last year. Due to better economic trends in the steel industry, though on a lower level, sales in 1994 have stabilised. Stocks are being significantly reduced. As to the production, we have nearly reached a level which has been politically agreed upon in the long run. Due to the determined action of the coalmining companies, a joint action of management and labour, the strong pressure has been mitigated. On the energy policy sector essential targets have been achieved: First of all the ECSC decision on state aid which will be in force up to the year 2002 and which will contribute to accomplish the results of the 1991 Coal Round. Furthermore, the 1994 Act on ensuring combustion of hardcoal in electricity production up to the year 2005. The hardcoal mining industry is grateful to all political decision makers for the achievements. The industry demands, however, that all questions still left open, including the procurement of financial means after 1996, should be settled soon on the basis of the new act and in accordance with the 1991 Coal Round and the energy concept of the Federal Government. German hardcoal is an indispensable factor within a balanced energy mix which guarantees the security of our energy supply, the security of the price structure and the respect of the environment. (orig.) [de

  2. Information security fundamentals

    CERN Document Server

    Peltier, Thomas R

    2013-01-01

    Developing an information security program that adheres to the principle of security as a business enabler must be the first step in an enterprise's effort to build an effective security program. Following in the footsteps of its bestselling predecessor, Information Security Fundamentals, Second Edition provides information security professionals with a clear understanding of the fundamentals of security required to address the range of issues they will experience in the field.The book examines the elements of computer security, employee roles and r

  3. ORACLE DATABASE SECURITY

    OpenAIRE

    Cristina-Maria Titrade

    2011-01-01

    This paper presents some security issues, namely security database system level, data level security, user-level security, user management, resource management and password management. Security is a constant concern in the design and database development. Usually, there are no concerns about the existence of security, but rather how large it should be. A typically DBMS has several levels of security, in addition to those offered by the operating system or network. Typically, a DBMS has user a...

  4. Computer Security: the security marathon, part 2

    CERN Multimedia

    Computer Security Team

    2014-01-01

    Do you recall our latest article on the “Security Marathon” (see here) and why it’s wrong to believe that computer security is a sprint, that a quick hack is invulnerable, that quick bug-fixing is sufficient, that plugging security measures on top of existing structures is a good idea, that once you are secure, your life is cosy?   In fact, security is a marathon for us too. Again and again, we have felt comfortable with the security situation at CERN, with dedicated protections deployed on individual hosts, with the security measures deployed by individual service managers, with the attentiveness and vigilance of our users, and with the responsiveness of the Management. Again and again, however, we subsequently detect or receive reports that this is wrong, that protections are incomplete, that security measures are incomplete, that security awareness has dropped. Thus, unfortunately, we often have to go back to square one and address similar issues over and over...

  5. Information Systems Security Audit

    OpenAIRE

    Gheorghe Popescu; Veronica Adriana Popescu; Cristina Raluca Popescu

    2007-01-01

    The article covers:Defining an information system; benefits obtained by introducing new information technologies; IT management;Defining prerequisites, analysis, design, implementation of IS; Information security management system; aspects regarding IS security policy; Conceptual model of a security system; Auditing information security systems and network infrastructure security.

  6. Security for grids

    Energy Technology Data Exchange (ETDEWEB)

    Humphrey, Marty; Thompson, Mary R.; Jackson, Keith R.

    2005-08-14

    Securing a Grid environment presents a distinctive set of challenges. This paper groups the activities that need to be secured into four categories: naming and authentication; secure communication; trust, policy, and authorization; and enforcement of access control. It examines the current state of the art in securing these processes and introduces new technologies that promise to meet the security requirements of Grids more completely.

  7. Quality of Security Service: Adaptive Security

    National Research Council Canada - National Science Library

    Levin, Timothy E; Irvine, Cynthia E; Spyropoulou, Evdoxia

    2004-01-01

    The premise of Quality of Security Service is that system and network management functions can be more effective if variable levels of security services and requirements can be presented to users or network tasks...

  8. Social Security Bulletin

    Data.gov (United States)

    Social Security Administration — The Social Security Bulletin (ISSN 1937-4666) is published quarterly by the Social Security Administration. The Bulletin is prepared in the Office of Retirement and...

  9. Transportation Security Administration

    Science.gov (United States)

    ... content Official website of the Department of Homeland Security Transportation Security Administration A - Z Index Blog What Can I ... Search form Search the Site Main menu Travel Security Screening Special Procedures TSA Pre✓® Passenger Support Travel ...

  10. Security, Fraud Detection

    Indian Academy of Sciences (India)

    First page Back Continue Last page Overview Graphics. Secure. Secure. Server – Intruder prevention/detection; Network – Encryption, PKI; Client - Secure. Fraud detection based on audit trails. Automatic alerts like credit-card alerts based on suspicious patterns.

  11. Computer security engineering management

    International Nuclear Information System (INIS)

    McDonald, G.W.

    1988-01-01

    For best results, computer security should be engineered into a system during its development rather than being appended later on. This paper addresses the implementation of computer security in eight stages through the life cycle of the system; starting with the definition of security policies and ending with continuing support for the security aspects of the system throughout its operational life cycle. Security policy is addressed relative to successive decomposition of security objectives (through policy, standard, and control stages) into system security requirements. This is followed by a discussion of computer security organization and responsibilities. Next the paper directs itself to analysis and management of security-related risks, followed by discussion of design and development of the system itself. Discussion of security test and evaluation preparations, and approval to operate (certification and accreditation), is followed by discussion of computer security training for users is followed by coverage of life cycle support for the security of the system

  12. USCG Security Plan Review

    Data.gov (United States)

    Department of Homeland Security — The Security Plan Review module is intended for vessel and facility operators to check on the status of their security plans submitted to the US Coast Guard. A MISLE...

  13. Kyrgyzstan's security problems today

    OpenAIRE

    Abduvalieva, Ryskul

    2009-01-01

    Regional stability and security consist of two levels-the external security of each country at the regional level and the internal security of each of them individually. A state's external and internal security are closely interrelated concepts. It stands to reason that ensuring internal security and stability is the primary and most important task. But the external aspect also requires attention. This article takes a look at the most important problems of ensuring Kyrgyzstan's security.

  14. Information Security Maturity Model

    OpenAIRE

    Information Security Maturity Model

    2011-01-01

    To ensure security, it is important to build-in security in both the planning and the design phases andadapt a security architecture which makes sure that regular and security related tasks, are deployedcorrectly. Security requirements must be linked to the business goals. We identified four domains thataffect security at an organization namely, organization governance, organizational culture, thearchitecture of the systems, and service management. In order to identify and explore the strengt...

  15. Security By Design

    OpenAIRE

    Tanner, M. James

    2009-01-01

    Securing a computer from unwanted intrusion requires astute planning and effort to effectively minimize the security invasions computers are plagued with today. While all of the efforts to secure a computer are needed, it seems that the underlying issue of what is being secured has been overlooked. The operating system is at the core of the security issue. Many applications and devices have been put into place to add layers of protection to an already weak operating system. Security did not u...

  16. Foundational aspects of security

    DEFF Research Database (Denmark)

    Chatzikokolakis, Konstantinos; Mödersheim, Sebastian Alexander; Palamidessi, Catuscia

    2014-01-01

    This Special Issue of the Journal of Computer Security focuses on foundational aspects of security, which in recent years have helped change much of the way we think about and approach system security.......This Special Issue of the Journal of Computer Security focuses on foundational aspects of security, which in recent years have helped change much of the way we think about and approach system security....

  17. Security guide for subcontractors

    Energy Technology Data Exchange (ETDEWEB)

    Adams, R.C.

    1991-01-01

    This security guide of the Department of Energy covers contractor and subcontractor access to DOE and Mound facilities. The topics of the security guide include responsibilities, physical barriers, personnel identification system, personnel and vehicular access controls, classified document control, protecting classified matter in use, storing classified matter repository combinations, violations, security education clearance terminations, security infractions, classified information nondisclosure agreement, personnel security clearances, visitor control, travel to communist-controlled or sensitive countries, shipment security, and surreptitious listening devices.

  18. Redefining security.

    Science.gov (United States)

    Mathews, J T

    1989-01-01

    The concept of US national security was redefined in the 1970s to include international economics, and lately environmental degradation has also become a factor, as pollution transcends boundaries. By 2100 another 5-6 billion people may be added to the world's population requiring dramatic production and technology transformation with the resultant expanded energy use, emissions, and waste impacting the ecosystem. Climate change through global warming is in the offing. The exponential growth of the population in the developing world poses a crucial challenge for food production, housing, and employment. At a 1% growth rate population doubles in 72 years, while at 3% it doubles in 24 years. Africa's growth rate is almost 3%, it is close to 2% in Latin America, and it is somewhat less in Asia. Renewable resources such as overfished fishing grounds can become nonrenewable, and vanished species can never be resurrected. Deforestation leads to soil erosion, damage to water resources through floods and silting of irrigation networks, and accelerated loss of species. 20% of species could disappear by 2000 thereby losing genetic resources for chemicals, drugs, and food sources. Overcultivation has caused major erosion and decline of agricultural productivity in Haiti, Guatemala, Turkey, and India. Lopsided land ownership in Latin America requires land reform for sustainable agricultural production in the face of the majority of people cultivating plots for bare subsistence. Human practices that have caused environmental damage include concessions granted to logging companies in the Philippines, mismanagement of natural resources in sub-Saharan Africa, the ozone hole, and the greenhouse effect with potential climate changes. Solutions include family planning, efficient energy use, sustainable agroforestry techniques, and environmental accounting of goods and services.

  19. Personnel Security Investigations -

    Data.gov (United States)

    Department of Transportation — This data set contains the types of background investigations, decisions, level of security clearance, date of security clearance training, and credentials issued to...

  20. A contribution to the test software for the VXI electronic cards of the Eurogam multidetector in a Unix/VXWorks distributed environment

    International Nuclear Information System (INIS)

    Kadionik, P.

    1992-01-01

    The Eurogam gamma ray multidetector involves, in a first phase, 45 hyper pure Ge detectors, each surrounded by an Anti Compton shield of 10 BGO detectors. In order to ensure the highest reliability and an easy upgrade of the array, the electronic cards have been designed in the new VXI (VME Bus Extension to Instrumentation) standard; this allows to drive the 495 detectors with 4300 parameters to be adjusted by software. The data acquisition architecture is distributed on an Ethernet network. The software for set up and tests of the VXI cards have been written in C, it uses a real time kernel (VxWorks from Wind River Systems) interfaced to the Sun Unix environment. The inter-tasks communications use the Remote Procedure Calls protocol. The inner-shell of the software is connected to a data base and to a graphic interface which allows the engineers or physicists to have a very easy set-up for so many parameters to adjust

  1. Security 2020 Reduce Security Risks This Decade

    CERN Document Server

    Howard, Doug; Schneier, Bruce

    2010-01-01

    Identify real security risks and skip the hype After years of focusing on IT security, we find that hackers are as active and effective as ever. This book gives application developers, networking and security professionals, those that create standards, and CIOs a straightforward look at the reality of today's IT security and a sobering forecast of what to expect in the next decade. It debunks the media hype and unnecessary concerns while focusing on the knowledge you need to combat and prioritize the actual risks of today and beyond.IT security needs are constantly evolving; this guide examine

  2. The corporate security professional

    DEFF Research Database (Denmark)

    Petersen, Karen Lund

    2013-01-01

    In our age of globalization and complex threat environments, every business is called upon to manage security. This tendency is reflected in the fact that a wide range of businesses increasingly think about security in broad terms and strive to translate national security concerns into corporate...... speech. This article argues that the profession of the security manager has become central for understanding how the relationship between national and corporate security is currently negotiated. The national security background of most private sector security managers makes the corporate security...... professional inside the company a powerful hybrid agent. By zooming in on the profession and the practice of national security inside companies, the article raises questions about where to draw the line between corporate security and national security along with the political consequences of the constitution...

  3. Security guide for subcontractors

    Energy Technology Data Exchange (ETDEWEB)

    Adams, R.C.

    1993-06-01

    This guide is provided to aid in the achievement of security objectives in the Department of Energy (DOE) contractor/subcontractor program. The objectives of security are to protect information that, if released, would endanger the common defense and security of the nation and to safeguard plants and installations of the DOE and its contractors to prevent the interruption of research and production programs. The security objective and means of achieving the objective are described. Specific security measures discussed in this guide include physical barriers, personnel identification systems, personnel and vehicular access control, classified document control, protection of classified matter in use, storing classified matter, and repository combinations. Means of dealing with security violations and security infractions are described. Maintenance of a security education program is discussed. Also discussed are methods of handling clearance terminations, visitor control, travel to sensitive countries, and shipment security. The Technical Surveillance Countermeasures Program (TSCM), the Computer Security Program, and the Operations Security Plan (OPSEC) are examined.

  4. Security research roadmap; Security-tutkimuksen roadmap

    Energy Technology Data Exchange (ETDEWEB)

    Naumanen, M.; Rouhiainen, V. (eds.)

    2006-02-15

    Requirements for increasing security have arisen in Europe after highly visible and tragic events in Madrid and in London. While responsibility for security rests largely with the national activities, the EU has also started planning a research area .Space and security. as a part of the 7th Framework Programme. As the justification for this research area it has been presented that technology alone can not assure security, but security can not be assured without the support of technology. Furthermore, the justification highlights that security and military research are becoming ever closer. The old separation between civil and military research is decreasing, because it has been noticed that both areas are nowadays utilising the same knowledge. In Finland, there is already now noteworthy entrepreneurship related to security. Although some of the companies are currently only operating in Finland, others are already international leaders in their area. The importance of the security area is increasing and remarkable potential for new growth business areas can already be identified. This however also requires an increase in research efforts. VTT has a broad range of security research ongoing in many technology areas. The main areas have been concentrating on public safety and security, but VTT is participating also in several research projects related to the defence technology. For identifying and defining in more detail the expertise and research goals, the Security research roadmap was developed. The roadmap identified three particularly significant areas related to security. The assurance of critical infrastructure emphasises the protection of energy networks, information networks, water supply, traffic and transport, and obviously also the citizens. For assuring the activities of entrepreneurship, significant areas include the security of production and services, the security of sites and assets, and information security for embedded systems. The most important

  5. Untangle network security

    CERN Document Server

    El-Bawab, Abd El-Monem A

    2014-01-01

    If you are a security engineer or a system administrator and want to secure your server infrastructure with the feature-rich Untangle, this book is for you. For individuals who want to start their career in the network security field, this book would serve as a perfect companion to learn the basics of network security and how to implement it using Untangle NGFW.

  6. Arguing Against Security Communitarianism

    DEFF Research Database (Denmark)

    Bilgin, Pinar

    2016-01-01

    Anthony Burke’s ‘security cosmopolitanism’ is a fresh and thought-provoking contribution to critical theorizing about security. In this discussion piece, I would like to join Burke’s call for ‘security cosmopolitanism’ by way of arguing against ‘security communitarianism’. I understand the latter...

  7. Security research roadmap

    Energy Technology Data Exchange (ETDEWEB)

    Rouhiainen, V. (ed.)

    2007-02-15

    VTT has a broad range of security research ongoing in many areas of technology. The main areas have been concentrating on public safety and security, but VTT is also participating in several research projects related to defence technology. To identify and define expertise and research goals in more detail, the Security research roadmap was developed. The roadmap identified three particularly significant areas related to security. The assurance of a critical infrastructure emphasises the protection of energy networks, information networks, water supply, traffic and transport, and obviously also the citizens. For assuring the activities of entrepreneurship, significant areas include the security of production and services, the security of sites and assets, and information security for embedded systems. The most important security products and technologies needed are, for example, management of total security, detection, identification, localisation and communication, protection of information networks and systems, as well as physical protection. In the EU's Security programme, which aims at ensuring the security of society and its vital functions, it is stated that. Technology alone can not assure security, but security can not be assured without the support of technology. VTT is conducting security research in all its areas of expertise and clusters. The area has a significant research potential. The development of products and systems designed for the improvement of security has just started. There is still room for innovation. This report presents knowledge and development needs in more detail, as well as future development potential seen in the area of security. (orig.)

  8. IAEA nuclear security program

    Energy Technology Data Exchange (ETDEWEB)

    Ek, D. [International Atomic Energy Agency, Vienna (Austria)

    2006-07-01

    Although nuclear security is a State responsibility, it is nevertheless an international concern, as the consequences of a nuclear security incident would have worldwide impact. These concerns have resulted in the development of numerous international instruments on nuclear security since the terrorist events in the USA on September 11, 2001. The IAEA Office of Nuclear Security has been charged to assist Member States to improvement their nuclear security and to meet the intent of these international obligations in order to ensure a cohesive thread of nuclear security protects the global community. The programs underway and planned by the Office of Nuclear Security will be discussed in this paper. (author)

  9. IAEA nuclear security program

    International Nuclear Information System (INIS)

    Ek, D.

    2006-01-01

    Although nuclear security is a State responsibility, it is nevertheless an international concern, as the consequences of a nuclear security incident would have worldwide impact. These concerns have resulted in the development of numerous international instruments on nuclear security since the terrorist events in the USA on September 11, 2001. The IAEA Office of Nuclear Security has been charged to assist Member States to improvement their nuclear security and to meet the intent of these international obligations in order to ensure a cohesive thread of nuclear security protects the global community. The programs underway and planned by the Office of Nuclear Security will be discussed in this paper. (author)

  10. Professional Cocoa Application Security

    CERN Document Server

    Lee, Graham J

    2010-01-01

    The first comprehensive security resource for Mac and iPhone developers. The Mac platform is legendary for security, but consequently, Apple developers have little appropriate security information available to help them assure that their applications are equally secure. This Wrox guide provides the first comprehensive go-to resource for Apple developers on the available frameworks and features that support secure application development.: While Macs are noted for security, developers still need to design applications for the Mac and the iPhone with security in mind; this guide offers the first

  11. Lecture 2: Software Security

    CERN Multimedia

    CERN. Geneva

    2013-01-01

    Computer security has been an increasing concern for IT professionals for a number of years, yet despite all the efforts, computer systems and networks remain highly vulnerable to attacks of different kinds. Design flaws and security bugs in the underlying software are among the main reasons for this. This lecture addresses the following question: how to create secure software? The lecture starts with a definition of computer security and an explanation of why it is so difficult to achieve. It then introduces the main security principles (like least-privilege, or defense-in-depth) and discusses security in different phases of the software development cycle. The emphasis is put on the implementation part: most common pitfalls and security bugs are listed, followed by advice on best practice for security development, testing and deployment. Sebastian Lopienski is CERN’s deputy Computer Security Officer. He works on security strategy and policies; offers internal consultancy and audit services; develops and ...

  12. Defining Information Security.

    Science.gov (United States)

    Lundgren, Björn; Möller, Niklas

    2017-11-15

    This article proposes a new definition of information security, the 'Appropriate Access' definition. Apart from providing the basic criteria for a definition-correct demarcation and meaning concerning the state of security-it also aims at being a definition suitable for any information security perspective. As such, it bridges the conceptual divide between so-called 'soft issues' of information security (those including, e.g., humans, organizations, culture, ethics, policies, and law) and more technical issues. Because of this it is also suitable for various analytical purposes, such as analysing possible security breaches, or for studying conflicting attitudes on security in an organization. The need for a new definition is demonstrated by pointing to a number of problems for the standard definition type of information security-the so-called CIA definition. Besides being too broad as well as too narrow, it cannot properly handle the soft issues of information security, nor recognize the contextual and normative nature of security.

  13. Managing Cisco network security

    CERN Document Server

    Knipp, Eric

    2002-01-01

    An in-depth knowledge of how to configure Cisco IP network security is a MUST for anyone working in today''s internetworked world"There''s no question that attacks on enterprise networks are increasing in frequency and sophistication..."-Mike Fuhrman, Cisco Systems Manager, Security ConsultingManaging Cisco Network Security, Second Edition offers updated and revised information covering many of Cisco''s security products that provide protection from threats, detection of network security incidents, measurement of vulnerability and policy compliance and management of security policy across an extended organization. These are the tools that network administrators have to mount defenses against threats. Chapters also cover the improved functionality and ease of the Cisco Secure Policy Manger software used by thousands of small-to-midsized businesses and a special section on the Cisco Aironet Wireless Security Solutions.Security from a real-world perspectiveKey coverage of the new technologies offered by the Cisc...

  14. Securing the Vista Environment

    CERN Document Server

    Gregory, Peter

    2007-01-01

    "Securing the Vista Environment" takes you on a quick tour of the most significant security features in Vista, Microsoft's first revision of Windows in almost six years. You'll get background on threats and vulnerabilities that will make you think differently about security. Security is more than just the technology and configurations--it's about how we use the system that makes it secure or not. Then we'll cover Vista's security features, from user privileges to Windows Defender, User Account Control, and BitLocker, as well as strategies for protecting your information from unwanted disclo

  15. Digital security technology simplified.

    Science.gov (United States)

    Scaglione, Bernard J

    2007-01-01

    Digital security technology is making great strides in replacing analog and other traditional security systems including CCTV card access, personal identification and alarm monitoring applications. Like any new technology, the author says, it is important to understand its benefits and limitations before purchasing and installing, to ensure its proper operation and effectiveness. This article is a primer for security directors on how digital technology works. It provides an understanding of the key components which make up the foundation for digital security systems, focusing on three key aspects of the digital security world: the security network, IP cameras and IP recorders.

  16. ICT security management

    OpenAIRE

    SCHREURS, Jeanne; MOREAU, Rachel

    2007-01-01

    Security becomes more and more important and companies are aware that it has become a management problem. It’s critical to know what are the critical resources and processes of the company and their weaknesses. A security audit can be a handy solution. We have developed BEVA, a method to critically analyse the company and to uncover the weak spots in the security system. BEVA results also in a general security score and security scores for each security factor. These will be used in the risk ...

  17. Android apps security

    CERN Document Server

    Gunasekera, Sheran

    2012-01-01

    Android Apps Security provides guiding principles for how to best design and develop Android apps with security in mind. It explores concepts that can be used to secure apps and how developers can use and incorporate these security features into their apps. This book will provide developers with the information they need to design useful, high-performing, and secure apps that expose end-users to as little risk as possible.  Overview of Android OS versions, features, architecture and security.  Detailed examination of areas where attacks on applications can take place and what controls should b

  18. Smart security proven practices

    CERN Document Server

    Quilter, J David

    2014-01-01

    Smart Security: Understanding and Contributing to the Business is a video presentation. Length: 68 minutes. In Smart Security: Understanding and Contributing to the Business, presenter J. David Quilter demonstrates the benefits of how a fully integrated security program increases business profits and delivers smart security practices at the same time. The presentation does away with the misconception that security is only an expense. In fact, a well-integrated security program can protect business interests, thereby enhancing productivity and net income. Quilter covers cost analysis and secu

  19. Nation State as Security Provider in Human Security Issue

    OpenAIRE

    Maya Padmi, Made Fitri

    2015-01-01

    Human Security notion is emphasizing on human as the central of security studies, challenging the position of state as the core of security. Some studies are tried to separate the state security and human security, however there are strong connection between these two notions. State has important role in establishing and maintaining the security of its own citizens. Through social contract and social security protection, state are oblige to set the security of its own people as their security...

  20. Modelling security and trust with Secure Tropos

    NARCIS (Netherlands)

    Giorgini, P.; Mouratidis, H.; Zannone, N.; Mouratidis, H.; Giorgini, P.

    2006-01-01

    Although the concepts of security and trust play an important issue in the development of information systems, they have been mainly neglected by software engineering methodologies. In this chapter we present an approach that considers security and trust throughout the software development process.

  1. Securing abundance : The politics of energy security

    NARCIS (Netherlands)

    Kester, Johannes

    2016-01-01

    Energy Security is a concept that is known in the literature for its ‘slippery’ nature and subsequent wide range of definitions. Instead of another attempt at grasping the essence of this concept, Securing Abundance reformulates the problem and moves away from a definitional problem to a theoretical

  2. Embedded Java security security for mobile devices

    CERN Document Server

    Debbabi, Mourad; Talhi, Chamseddine

    2007-01-01

    Java brings more functionality and versatility to the world of mobile devices, but it also introduces new security threats. This book contains a presentation of embedded Java security and presents the main components of embedded Java. It gives an idea of the platform architecture and is useful for researchers and practitioners.

  3. Security of pipeline facilities

    Energy Technology Data Exchange (ETDEWEB)

    Lee, S.C. [Alberta Energy and Utilities Board, Calgary, AB (Canada); Van Egmond, C.; Duquette, L. [National Energy Board, Calgary, AB (Canada); Revie, W. [Canada Centre for Mineral and Energy Technology, Ottawa, ON (Canada)

    2005-07-01

    This working group provided an update on provincial, federal and industry directions regarding the security of pipeline facilities. The decision to include security issues in the NEB Act was discussed as well as the Pipeline Security Management Assessment Project, which was created to establish a better understanding of existing security management programs as well as to assist the NEB in the development and implementation of security management regulations and initiatives. Amendments to the NEB were also discussed. Areas of pipeline security management assessment include physical safety management; cyber and information security management; and personnel security. Security management regulations were discussed, as well as implementation policies. Details of the Enbridge Liquids Pipelines Security Plan were examined. It was noted that the plan incorporates flexibility for operations and is integrated with Emergency Response and Crisis Management. Asset characterization and vulnerability assessments were discussed, as well as security and terrorist threats. It was noted that corporate security threat assessment and auditing are based on threat information from the United States intelligence community. It was concluded that the oil and gas industry is a leader in security in North America. The Trans Alaska Pipeline Incident was discussed as a reminder of how costly accidents can be. Issues of concern for the future included geographic and climate issues. It was concluded that limited resources are an ongoing concern, and that the regulatory environment is becoming increasingly prescriptive. Other concerns included the threat of not taking international terrorism seriously, and open media reporting of vulnerability of critical assets, including maps. tabs., figs.

  4. Security Protocols in a Nutshell

    OpenAIRE

    Toorani, Mohsen

    2016-01-01

    Security protocols are building blocks in secure communications. They deploy some security mechanisms to provide certain security services. Security protocols are considered abstract when analyzed, but they can have extra vulnerabilities when implemented. This manuscript provides a holistic study on security protocols. It reviews foundations of security protocols, taxonomy of attacks on security protocols and their implementations, and different methods and models for security analysis of pro...

  5. Institutionalizing Security Force Assistance

    National Research Council Canada - National Science Library

    Binetti, Michael R

    2008-01-01

    .... It looks at the manner in which security assistance guidance is developed and executed. An examination of national level policy and the guidance from senior military and civilian leaders highlights the important role of Security Force Assistance...

  6. Security of Dependable Systems

    DEFF Research Database (Denmark)

    Ahmed, Naveed; Jensen, Christian D.

    2011-01-01

    Security and dependability are crucial for designing trustworthy systems. The approach “security as an add-on” is not satisfactory, yet the integration of security in the development process is still an open problem. Especially, a common framework for specifying dependability and security is very...... much needed. There are many pressing challenges however; here, we address some of them. Firstly, security for dependable systems is a broad concept and traditional view of security, e.g., in terms of confidentiality, integrity and availability, does not suffice. Secondly, a clear definition of security...... in the dependability context is not agreed upon. Thirdly, security attacks cannot be modeled as a stochastic process, because the adversary’s strategy is often carefully planned. In this chapter, we explore these challenges and provide some directions toward their solutions....

  7. Security in Computer Applications

    CERN Multimedia

    CERN. Geneva

    2004-01-01

    Computer security has been an increasing concern for IT professionals for a number of years, yet despite all the efforts, computer systems and networks remain highly vulnerable to attacks of different kinds. Design flaws and security bugs in the underlying software are among the main reasons for this. This lecture addresses the following question: how to create secure software? The lecture starts with a definition of computer security and an explanation of why it is so difficult to achieve. It then introduces the main security principles (like least-privilege, or defense-in-depth) and discusses security in different phases of the software development cycle. The emphasis is put on the implementation part: most common pitfalls and security bugs are listed, followed by advice on best practice for security development. The last part of the lecture covers some miscellaneous issues like the use of cryptography, rules for networking applications, and social engineering threats. This lecture was first given on Thursd...

  8. Wireshark network security

    CERN Document Server

    Verma, Piyush

    2015-01-01

    If you are network administrator or a security analyst with an interest in using Wireshark for security analysis, then this is the book for you. Basic familiarity with common network and application services terms and technologies is assumed.

  9. Medical Information Security

    OpenAIRE

    William C. Figg, Ph.D.; Hwee Joo Kam, M.S.

    2011-01-01

    Modern medicine is facing a complex environment, not from medical technology but rather government regulations and information vulnerability. HIPPA is the government’s attempt to protect patient’s information yet this only addresses traditional record handling. The main threat is from the evolving security issues. Many medical offices and facilities have multiple areas of information security concerns. Physical security is often weak, office personnel are not always aware of security needs an...

  10. Windows Security patch required

    CERN Multimedia

    3004-01-01

    This concerns Windows PCs (XP, 2000, NT) which are NOT centrally managed at CERN for security patches, e.g. home PCs, experiment PCs, portables,... A security hole which can give full privileges on Windows systems needs to be URGENTLY patched. Details of the security hole and hotfix are at: http://cern.ch/it-div/news/hotfix-MS03-026.asp http://www.microsoft.com/technet/security/bulletin/MS03-026.asp

  11. Cloud security mechanisms

    OpenAIRE

    2014-01-01

    Cloud computing has brought great benefits in cost and flexibility for provisioning services. The greatest challenge of cloud computing remains however the question of security. The current standard tools in access control mechanisms and cryptography can only partly solve the security challenges of cloud infrastructures. In the recent years of research in security and cryptography, novel mechanisms, protocols and algorithms have emerged that offer new ways to create secure services atop cloud...

  12. Security system signal supervision

    International Nuclear Information System (INIS)

    Chritton, M.R.; Matter, J.C.

    1991-09-01

    This purpose of this NUREG is to present technical information that should be useful to NRC licensees for understanding and applying line supervision techniques to security communication links. A review of security communication links is followed by detailed discussions of link physical protection and DC/AC static supervision and dynamic supervision techniques. Material is also presented on security for atmospheric transmission and video line supervision. A glossary of security communication line supervision terms is appended. 16 figs

  13. Android application security essentials

    CERN Document Server

    Rai, Pragati

    2013-01-01

    Android Application Security Essentials is packed with examples, screenshots, illustrations, and real world use cases to secure your apps the right way.If you are looking for guidance and detailed instructions on how to secure app data, then this book is for you. Developers, architects, managers, and technologists who wish to enhance their knowledge of Android security will find this book interesting. Some prior knowledge of development on the Android stack is desirable but not required.

  14. Finance/security/life.

    OpenAIRE

    Langley, P.

    2017-01-01

    What is the contemporary relation between finance and security? This essay encourages further research into the securitization of finance by developing the notion of ‘finance/security/life’. A focus on the intersections of finance/security/life will be shown to prompt a broadened range of critical, cross-disciplinary concerns with the various ways in which financial markets are positioned as vital to securing wealth, welfare and wellbeing.

  15. Electronic healthcare information security

    CERN Document Server

    Dube, Kudakwashe; Shoniregun, Charles A

    2010-01-01

    The ever-increasing healthcare expenditure and pressing demand for improved quality and efficiency of patient care services are driving innovation in healthcare information management. The domain of healthcare has become a challenging testing ground for information security due to the complex nature of healthcare information and individual privacy. ""Electronic Healthcare Information Security"" explores the challenges of e-healthcare information and security policy technologies. It evaluates the effectiveness of security and privacy implementation systems for anonymization methods and techniqu

  16. Hybrid Security Policies

    Directory of Open Access Journals (Sweden)

    Radu CONSTANTINESCU

    2006-01-01

    Full Text Available Policy is defined as the rules and regulations set by the organization. They are laid down by management in compliance with industry regulations, law and internal decisions. Policies are mandatory. Security policies rules how the information is protected against security vulnerabilities and they are the basis for security awareness, training and vital for security audits. Policies are focused on desired results. The means of achieving the goals are defined on controls, standards and procedures.

  17. Mobile platform security

    CERN Document Server

    Asokan, N; Dmitrienko, Alexandra

    2013-01-01

    Recently, mobile security has garnered considerable interest in both the research community and industry due to the popularity of smartphones. The current smartphone platforms are open systems that allow application development, also for malicious parties. To protect the mobile device, its user, and other mobile ecosystem stakeholders such as network operators, application execution is controlled by a platform security architecture. This book explores how such mobile platform security architectures work. We present a generic model for mobile platform security architectures: the model illustrat

  18. EMI Security Architecture

    CERN Document Server

    White, J.; Schuller, B.; Qiang, W.; Groep, D.; Koeroo, O.; Salle, M.; Sustr, Z.; Kouril, D.; Millar, P.; Benedyczak, K.; Ceccanti, A.; Leinen, S.; Tschopp, V.; Fuhrmann, P.; Heyman, E.; Konstantinov, A.

    2013-01-01

    This document describes the various architectures of the three middlewares that comprise the EMI software stack. It also outlines the common efforts in the security area that allow interoperability between these middlewares. The assessment of the EMI Security presented in this document was performed internally by members of the Security Area of the EMI project.

  19. Secure pairing with biometrics

    NARCIS (Netherlands)

    Buhan, I.R.; Boom, B.J.; Doumen, J.M.; Hartel, Pieter H.; Veldhuis, Raymond N.J.

    Secure pairing enables two devices that share no prior context with each other to agree upon a security association, which they can use to protect their subsequent communication. Secure pairing offers guarantees of the association partner identity and it should be resistant to eavesdropping and to a

  20. Selecting Security Technology Providers

    Science.gov (United States)

    Schneider, Tod

    2009-01-01

    The world of security technology holds great promise, but it is fraught with opportunities for expensive missteps and misapplications. The quality of the security technology consultants and system integrators one uses will have a direct bearing on how well his school masters this complex subject. Security technology consultants help determine…

  1. Microsoft Azure security

    CERN Document Server

    Freato, Roberto

    2015-01-01

    This book is intended for Azure administrators who want to understand the application of security principles in distributed environments and how to use Azure to its full capability to reduce the risks of security breaches. Only basic knowledge of the security processes and services of Microsoft Azure is required.

  2. Operations Security (OPSEC) Guide

    Science.gov (United States)

    2011-04-01

    Request for Proposal TAC Threat Analysis Center TECHINT Technical Intelligence TMAP Telecommunications Monitoring and Assessment Program TTP...communications security, use of secure telephones, and a robust Telecommunications Monitoring and Assessment Program ( TMAP ) prevents undetermined...and AFI 33-219, Telecommunications Monitoring and Assessment Program ( TMAP ), or Information Assurance (IA) or Communications Security (COMSEC

  3. SOCIAL MEDIA SECURITY

    Science.gov (United States)

    RESPONSIBILITY CENTCOM COALITION MEDIA SOCIAL MEDIA NEWS ARTICLES PRESS RELEASES IMAGERY VIDEOS TRANSCRIPTS VISITORS AND PERSONNEL FAMILY CENTER FAMILY READINESS CENTCOM WEBMAIL SOCIAL MEDIA SECURITY ACCOUNTABILITY HomeVISITORS AND PERSONNELSOCIAL MEDIA SECURITY FAQ on Security for Social Media Due to the widespread use of

  4. Mobile communication security

    NARCIS (Netherlands)

    Broek, F.M.J. van den

    2016-01-01

    Security of the mobile network Fabian van den Broek We looked at the security of the wireless connection between mobile phone and cell towers and suggested possible improvements. The security was analysed on a design level, by looking at the protocols and encryption techniques, but also on an

  5. Learning Puppet security

    CERN Document Server

    Slagle, Jason

    2015-01-01

    If you are a security professional whose workload is increasing, or a Puppet professional looking to increase your knowledge of security, or even an experienced systems administrator, then this book is for you. This book will take you to the next level of security automation using Puppet. The book requires no prior knowledge of Puppet to get started.

  6. Refelctions on the security

    Directory of Open Access Journals (Sweden)

    Ladislav Hofreiter

    2013-07-01

    Full Text Available In this paper are presented the author‘s reflections about concept meaning of the security, about his systemic perception and actual scientific access to the security research. The author presented securitology paradigm for valuation security optional reference object.

  7. Implementación de un servidor FTP utilizando el modelo cliente/servidor mediante el uso de sockets en lenguaje c UNIX con el fin de mejorar los tiempos de respuesta en la red

    OpenAIRE

    Murillo, Juan de Dios; Caamaño Polini, Santiago

    2016-01-01

    Este trabajo pretende evaluar la latencia en la transferencia de archivos utilizando un servidor FTP con un modelo cliente-servidor empleando una computadora con el sistema operativo Fedora para ejecutar el código del modelo cliente/servidor con sockets en lenguaje C UNIX, con el fin de simular un servidor que contiene archivos con diferentes formatos y tamaños, y medir la latencia de la transmisión al subir y descargar los archivos del servidor, usando diferentes tamaños de buffer. Con los r...

  8. Core software security security at the source

    CERN Document Server

    Ransome, James

    2013-01-01

    First and foremost, Ransome and Misra have made an engaging book that will empower readers in both large and small software development and engineering organizations to build security into their products. This book clarifies to executives the decisions to be made on software security and then provides guidance to managers and developers on process and procedure. Readers are armed with firm solutions for the fight against cyber threats.-Dr. Dena Haritos Tsamitis. Carnegie Mellon UniversityIn the wake of cloud computing and mobile apps, the issue of software security has never been more importan

  9. Secure Transportation Management

    International Nuclear Information System (INIS)

    Gibbs, P. W.

    2014-01-01

    Secure Transport Management Course (STMC) course provides managers with information related to procedures and equipment used to successfully transport special nuclear material. This workshop outlines these procedures and reinforces the information presented with the aid of numerous practical examples. The course focuses on understanding the regulatory framework for secure transportation of special nuclear materials, identifying the insider and outsider threat(s) to secure transportation, organization of a secure transportation unit, management and supervision of secure transportation units, equipment and facilities required, training and qualification needed.

  10. Pro Spring security

    CERN Document Server

    Scarioni, Carlo

    2013-01-01

    Security is a key element in the development of any non-trivial application. The Spring Security Framework provides a comprehensive set of functionalities to implement industry-standard authentication and authorization mechanisms for Java applications. Pro Spring Security will be a reference and advanced tutorial that will do the following: Guides you through the implementation of the security features for a Java web application by presenting consistent examples built from the ground-up. Demonstrates the different authentication and authorization methods to secure enterprise-level applications

  11. Android security cookbook

    CERN Document Server

    Makan, Keith

    2013-01-01

    Android Security Cookbook' breaks down and enumerates the processes used to exploit and remediate Android app security vulnerabilities in the form of detailed recipes and walkthroughs.""Android Security Cookbook"" is aimed at anyone who is curious about Android app security and wants to be able to take the necessary practical measures to protect themselves; this means that Android application developers, security researchers and analysts, penetration testers, and generally any CIO, CTO, or IT managers facing the impeding onslaught of mobile devices in the business environment will benefit from

  12. Information security management handbook

    CERN Document Server

    2002-01-01

    The Information Security Management Handbook continues its tradition of consistently communicating the fundamental concepts of security needed to be a true CISSP. In response to new developments, Volume 4 supplements the previous volumes with new information covering topics such as wireless, HIPAA, the latest hacker attacks and defenses, intrusion detection, and provides expanded coverage on security management issues and applications security. Even those that don't plan on sitting for the CISSP exam will find that this handbook is a great information security reference.The changes in the tech

  13. European [Security] Union

    DEFF Research Database (Denmark)

    Manners, Ian James

    2013-01-01

    The past 20 years, since the 1992 Treaty on European Union, have seen the gradual creation of both an “Area of Freedom, Security and Justice” and a “Common Foreign and Security Policy”. More recent is the development of a “European Neighbourhood Policy” over the past 10 years. All three...... of these policies involved the navigation and negotiation of security, borders and governance in and by the European Union (EU). This article analyses these practices of bordering and governance through a five-fold security framework. The article argues that a richer understanding of EU security discourses can...

  14. Quality of Security Service: Adaptive Security

    National Research Council Canada - National Science Library

    Levin, Timothy E; Irvine, Cynthia E; Spyropoulou, Evdoxia

    2004-01-01

    .... In this approach, the "level of service" must be within an acceptable range, and can indicate degrees of security with respect to various aspects of assurance, mechanistic strength, administrative diligence, etc...

  15. Securing collaborative environments

    Energy Technology Data Exchange (ETDEWEB)

    Agarwal, Deborah [Lawrence Berkeley National Lab. (LBNL), Berkeley, CA (United States); Jackson, Keith [Lawrence Berkeley National Lab. (LBNL), Berkeley, CA (United States); Thompson, Mary [Lawrence Berkeley National Lab. (LBNL), Berkeley, CA (United States)

    2002-05-16

    The diverse set of organizations and software components involved in a typical collaboratory make providing a seamless security solution difficult. In addition, the users need support for a broad range of frequency and locations for access to the collaboratory. A collaboratory security solution needs to be robust enough to ensure that valid participants are not denied access because of its failure. There are many tools that can be applied to the task of securing collaborative environments and these include public key infrastructure, secure sockets layer, Kerberos, virtual and real private networks, grid security infrastructure, and username/password. A combination of these mechanisms can provide effective secure collaboration capabilities. In this paper, we discuss the requirements of typical collaboratories and some proposals for applying various security mechanisms to collaborative environments.

  16. Contemporary security management

    CERN Document Server

    Fay, John

    2010-01-01

    Contemporary Security Management, 3rd Edition teaches security professionals how to operate an efficient security department and how to integrate smoothly with other groups inside and outside their own organizations. Fay demonstrates the specifics of security management: * how to organize, plan, develop and manage a security operation. * how to identify vulnerabilities. * how to determine the protective resources required to offset threats. * how to implement all necessary physical and IT security measures. Security professionals share the responsibility for mitigating damage, serving as a resource to an Emergency Tactical Center, assisting the return of business continuity, and liaising with local response agencies such as police and fire departments, emergency medical responders, and emergency warning centers. At the organizational level, the book addresses budgeting, employee performance, counseling, hiring and termination, employee theft and other misconduct, and offers sound advice on building constructi...

  17. Introduction to Hardware Security

    Directory of Open Access Journals (Sweden)

    Yier Jin

    2015-10-01

    Full Text Available Hardware security has become a hot topic recently with more and more researchers from related research domains joining this area. However, the understanding of hardware security is often mixed with cybersecurity and cryptography, especially cryptographic hardware. For the same reason, the research scope of hardware security has never been clearly defined. To help researchers who have recently joined in this area better understand the challenges and tasks within the hardware security domain and to help both academia and industry investigate countermeasures and solutions to solve hardware security problems, we will introduce the key concepts of hardware security as well as its relations to related research topics in this survey paper. Emerging hardware security topics will also be clearly depicted through which the future trend will be elaborated, making this survey paper a good reference for the continuing research efforts in this area.

  18. DNS security management

    CERN Document Server

    Dooley, Michael

    2017-01-01

    An advanced Domain Name System (DNS) security resource that explores the operation of DNS, its vulnerabilities, basic security approaches, and mitigation strategies DNS Security Management offers an overall role-based security approach and discusses the various threats to the Domain Name Systems (DNS). This vital resource is filled with proven strategies for detecting and mitigating these all too frequent threats. The authors—noted experts on the topic—offer an introduction to the role of DNS and explore the operation of DNS. They cover a myriad of DNS vulnerabilities and include preventative strategies that can be implemented. Comprehensive in scope, the text shows how to secure DNS resolution with the Domain Name System Security Extensions (DNSSEC), DNS firewall, server controls, and much more. In addition, the text includes discussions on security applications facilitated by DNS, such as anti-spam, SFP, and DANE.

  19. Information security cost management

    CERN Document Server

    Bazavan, Ioana V

    2006-01-01

    While information security is an ever-present challenge for all types of organizations today, most focus on providing security without addressing the necessities of staff, time, or budget in a practical manner.Information Security Cost Management offers a pragmatic approach to implementing information security, taking budgetary and real-world constraints into consideration. By providing frameworks, step-by-step processes, and project management breakdowns, this book demonstrates how to design the best security strategy with the resources you have available. Organized into five sections, the book-Focuses on setting the right road map so that you can be most effective in your information security implementationsDiscusses cost-effective staffing, the single biggest expense to the security organizationPresents practical ways to build and manage the documentation that details strategy, provides resources for operating annual audits, and illustrates how to advertise accomplishments to senior management effectivelyI...

  20. Computer Security Systems Enable Access.

    Science.gov (United States)

    Riggen, Gary

    1989-01-01

    A good security system enables access and protects information from damage or tampering, but the most important aspects of a security system aren't technical. A security procedures manual addresses the human element of computer security. (MLW)

  1. Home - Defense Technology Security Administration

    Science.gov (United States)

    by @dtsamil Defense Technology Security Administration Mission, Culture, and History Executive Official seal of Defense Technology Security Administration Official seal of Defense Technology Security Administration OFFICE of the SECRETARY of DEFENSE Defense Technology Security Administration

  2. An Analysis Of Wireless Security

    OpenAIRE

    Salendra Prasad

    2017-01-01

    The WLAN security includes Wired Equivalent Primary WEP and WI-FI protected Access WPA. Today WEP is regarded as very poor security standard. WEP was regarded as very old security standard and has many security issues which users need to be addressed. In this Paper we will discuss Wireless Security and ways to improve on wireless security.

  3. What is Security? A perspective on achieving security

    Energy Technology Data Exchange (ETDEWEB)

    Atencio, Julian J.

    2014-05-05

    This presentation provides a perspective on achieving security in an organization. It touches upon security as a mindset, ability to adhere to rules, cultivating awareness of the reason for a security mindset, the quality of a security program, willingness to admit fault or acknowledge failure, peer review in security, science as a model that can be applied to the security profession, the security vision, security partnering, staleness in the security program, security responsibilities, and achievement of success over time despite the impossibility of perfection.

  4. Overview of security culture

    International Nuclear Information System (INIS)

    Matulanya, M. A.

    2014-04-01

    Nuclear Security culture concept has been aggressively promoted over the past several years as a tool to improve the physical protection of the nuclear and radioactive materials due to growing threats of catastrophic terrorism and other new security challenges. It is obvious that, the scope of nuclear security and the associated cultures need to be extended beyond the traditional task of protecting weapons-usable materials. The role of IAEA is to strengthen the nuclear security framework globally and in leading the coordination of international activities in this field. Therefore all governments should work closely with the IAEA to take stronger measures to ensure the physical protection, the safety and security of the nuclear and radioactive materials. In the effort to reflect this new realities and concerns, the IAEA in 2008 came up with the document, the Nuclear Security Culture, Nuclear Security Series No. 7, Implementing Guide to the member states which urged every member state to take appropriate measures to promote security culture with respect to nuclear and radioactive materials. The document depicted this cultural approach as the way to protect individual, society and the environment. Among other things, the document defined nuclear security culture as characteristics and attitudes in organizations and of individuals which establishes that, nuclear security issues receives attention warranted by their significance. (au)

  5. SecurID

    CERN Multimedia

    Now called RSA SecurID, SecurID is a mechanism developed by Security Dynamics that allows two-factor authentication for a user on a network resource. It works on the principle of the unique password mode, based on a shared secret. Every sixty seconds, the component generates a new six-digit token on the screen. The latter comes from the current time (internal clock) and the seed (SecurID private key that is available on the component, and is also from the SecurID server). During an authentication request, the SecurID server will check the entered token by performing exactly the same calculation as that performed by your component. The server knows the two information required for this calculation: the current time and the seed of your component. Access is allowed if the token calculated by the server matches the token you specified.

  6. Hybrid-secure MPC 

    DEFF Research Database (Denmark)

    Lucas, Christoph; Raub, Dominik; Maurer, Ueli

    2010-01-01

    of the adversary, without being aware of the actual adversarial setting. Thus, hybrid-secure MPC protocols allow for graceful degradation of security. We present a hybrid-secure MPC protocol that provides an optimal trade-off between IT robustness and computational privacy: For any robustness parameter ρ ... obtain one MPC protocol that is simultaneously IT secure with robustness for up to t ≤ ρ actively corrupted parties, IT secure with fairness (no robustness) for up to t ... in the universal composability (UC) framework (based on a network of secure channels, a broadcast channel, and a common reference string). It achieves the bound on the trade-off between robustness and privacy shown by Ishai et al. [CRYPTO'06] and Katz [STOC'07], the bound on fairness shown by Cleve [STOC'86...

  7. The strategic security officer.

    Science.gov (United States)

    Hodges, Charles

    2014-01-01

    This article discusses the concept of the strategic security officer, and the potential that it brings to the healthcare security operational environment. The author believes that training and development, along with strict hiring practices, can enable a security department to reach a new level of professionalism, proficiency and efficiency. The strategic officer for healthcare security is adapted from the "strategic corporal" concept of US Marine Corps General Charles C. Krulak which focuses on understanding the total force implications of the decisions made by the lowest level leaders within the Corps (Krulak, 1999). This article focuses on the strategic organizational implications of every security officer's decisions in the constantly changing and increasingly volatile operational environment of healthcare security.

  8. Materialism and food security.

    Science.gov (United States)

    Allen, M W; Wilson, M

    2005-12-01

    The present studies examined if materialists have an elevated concern about food availability, presumably stemming from a general survival security motivation. Study 1 found that materialists set a greater life goal of food security, and reported more food insecurity during their childhood. Materialists reported less present-day food insecurity. Study 2 revealed that materialists stored/hoarded more food at home, and that obese persons endorsed materialism more than low/normal weight persons. Study 3 found that experimentally decreasing participants' feelings of survival security (via a mortality salience manipulation) led to greater endorsement of materialism, food security as goal, and using food for emotional comfort. The results imply that materialists overcame the food insecurity of their childhood by making food security a top life goal, but that materialists' current concerns about food security may not wholly stem from genuine threats to their food supply.

  9. PRIVATE SECURITY IN SPORT

    Directory of Open Access Journals (Sweden)

    Dragan Vukasović

    2011-09-01

    Full Text Available Given the importance of sport for international integration, affirmation, a sense of belonging and other values of general interest, in order to maintain and open new prospects of development, it is necessary to form the private security system along with state security system, with a view to creating conditions for development sports athletes to achieve better results both in domestic and international competitions. Private security is only one element of an integrated security system which, with its efficient organization with the use of adequate means and measures should provide answers to new challenges, risks and threats. Private security in line with the new understanding of the concept of security has an important role in providing athletes.

  10. While Working Around Security

    DEFF Research Database (Denmark)

    Mathiasen, Niels Raabjerg

    Users of technology encounter various IT security mechanisms in their everyday lives. If these mechanisms fail to support everyday activities, they either get in the way, or the users find a way to work around them. Even though users manage to carry out everyday activities by using substandard...... IT security mechanisms or via workarounds, it will influence their experience of security. If researchers and designers only focus on IT security artifacts and fail to take the user experience into account, incorrect processes or workarounds will occur. Accordingly, to get users to follow the correct process...... may seem to be a criterion of success, even though it may yield a less appropriate experience of security. This dissertation deals with an improved understanding of IT security sensitive IT artifacts and presents three design methods, and a framework for addressing the complexities and contingencies...

  11. While working around security

    DEFF Research Database (Denmark)

    Mathiasen, Niels Raabjerg; Bødker, Susanne; Petersen, Marianne Graves

    This paper describes our work at two levels. First of all the paper discusses how users of IT deal with issues of IT security in their everyday life. Secondly, we discuss how the kind of understanding of IT security that comes out of careful analyses of use confronts the ways in which usable...... IT security is established in the literature. Recent literature has called for better conceptual models as a starting point for improving IT security. In contrast to such models we propose to dress up designers by helping them better understand the work that goes into everyday security. The result...... is a methodological toolbox that helps address and design for usable and useful IT security. We deploy examples of analyses and design, carried out by ourselves and by others to fine-tune our design perspective; in particular we use examples from three current research projects....

  12. Security Engine Management of Router based on Security Policy

    OpenAIRE

    Su Hyung Jo; Ki Young Kim; Sang Ho Lee

    2007-01-01

    Security management has changed from the management of security equipments and useful interface to manager. It analyzes the whole security conditions of network and preserves the network services from attacks. Secure router technology has security functions, such as intrusion detection, IPsec(IP Security) and access control, are applied to legacy router for secure networking. It controls an unauthorized router access and detects an illegal network intrusion. This paper re...

  13. ITIL® and information security

    International Nuclear Information System (INIS)

    Jašek, Roman; Králík, Lukáš; Popelka, Miroslav

    2015-01-01

    This paper discusses the context of ITIL framework and management of information security. It is therefore a summary study, where the first part is focused on the safety objectives in connection with the ITIL framework. First of all, there is a focus on ITIL process ISM (Information Security Management), its principle and system management. The conclusion is about link between standards, which are related to security, and ITIL framework

  14. Towards Information Security Awareness

    OpenAIRE

    Marius Petrescu; Delia Mioara Popescu; Nicoleta Sirbu

    2010-01-01

    Information security has come to be recognized as increasingly important because global communication and information systems allow a potentially large number of unauthorized users to access and possibly alter information from around the world. As the dependence on information systems grows, so the security of information networks becomes ever more critical to any entity, no matter if it is a company or a public institution. Information security involves both technology and people. Any securi...

  15. Outsourcing information security

    CERN Document Server

    Axelrod, Warren

    2004-01-01

    This comprehensive and timely resource examines security risks related to IT outsourcing, clearly showing you how to recognize, evaluate, minimize, and manage these risks. Unique in its scope, this single volume offers you complete coverage of the whole range of IT security services and fully treats the IT security concerns of outsourcing. The book helps you deepen your knowledge of the tangible and intangible costs and benefits associated with outsourcing IT and IS functions.

  16. Cloud Infrastructure Security

    OpenAIRE

    Velev , Dimiter; Zlateva , Plamena

    2010-01-01

    Part 4: Security for Clouds; International audience; Cloud computing can help companies accomplish more by eliminating the physical bonds between an IT infrastructure and its users. Users can purchase services from a cloud environment that could allow them to save money and focus on their core business. At the same time certain concerns have emerged as potential barriers to rapid adoption of cloud services such as security, privacy and reliability. Usually the information security professiona...

  17. Automated security management

    CERN Document Server

    Al-Shaer, Ehab; Xie, Geoffrey

    2013-01-01

    In this contributed volume, leading international researchers explore configuration modeling and checking, vulnerability and risk assessment, configuration analysis, and diagnostics and discovery. The authors equip readers to understand automated security management systems and techniques that increase overall network assurability and usability. These constantly changing networks defend against cyber attacks by integrating hundreds of security devices such as firewalls, IPSec gateways, IDS/IPS, authentication servers, authorization/RBAC servers, and crypto systems. Automated Security Managemen

  18. Addressing Software Security

    Science.gov (United States)

    Bailey, Brandon

    2015-01-01

    Historically security within organizations was thought of as an IT function (web sites/servers, email, workstation patching, etc.) Threat landscape has evolved (Script Kiddies, Hackers, Advanced Persistent Threat (APT), Nation States, etc.) Attack surface has expanded -Networks interconnected!! Some security posture factors Network Layer (Routers, Firewalls, etc.) Computer Network Defense (IPS/IDS, Sensors, Continuous Monitoring, etc.) Industrial Control Systems (ICS) Software Security (COTS, FOSS, Custom, etc.)

  19. Auditing Organizational Security

    Science.gov (United States)

    2017-01-01

    Organi- zation for Standardiza- tion ( ISO ): ISO 27000 : Information Systems Se- curity Management. A robust program of internal auditing of a...improvement is the basis and underpinning of the ISO . All processes must be considered ongoing and never at an “end state.” Top management develops a...security management system, including security policies and security objectives, plus threats and risks. Orga- nizations already working with ISO 9000

  20. Intercorporate Security Event Correlation

    Directory of Open Access Journals (Sweden)

    D. O. Kovalev

    2010-03-01

    Full Text Available Security controls are prone to false positives and false negatives which can lead to unwanted reputation losses for the bank. The reputational database within the security operations center (SOC and intercorporate correlation of security events are offered as a solution to increase attack detection fidelity. The theses introduce the definition and structure of the reputation, architectures of reputational exchange and the place of intercorporate correlation in overall SOC correlation analysis.

  1. Chemical Security Analysis Center

    Data.gov (United States)

    Federal Laboratory Consortium — In 2006, by Presidential Directive, DHS established the Chemical Security Analysis Center (CSAC) to identify and assess chemical threats and vulnerabilities in the...

  2. Beyond grid security

    International Nuclear Information System (INIS)

    Hoeft, B; Epting, U; Koenig, T

    2008-01-01

    While many fields relevant to Grid security are already covered by existing working groups, their remit rarely goes beyond the scope of the Grid infrastructure itself. However, security issues pertaining to the internal set-up of compute centres have at least as much impact on Grid security. Thus, this talk will present briefly the EU ISSeG project (Integrated Site Security for Grids). In contrast to groups such as OSCT (Operational Security Coordination Team) and JSPG (Joint Security Policy Group), the purpose of ISSeG is to provide a holistic approach to security for Grid computer centres, from strategic considerations to an implementation plan and its deployment. The generalised methodology of Integrated Site Security (ISS) is based on the knowledge gained during its implementation at several sites as well as through security audits, and this will be briefly discussed. Several examples of ISS implementation tasks at the Forschungszentrum Karlsruhe will be presented, including segregation of the network for administration and maintenance and the implementation of Application Gateways. Furthermore, the web-based ISSeG training material will be introduced. This aims to offer ISS implementation guidance to other Grid installations in order to help avoid common pitfalls

  3. VoIP Security

    OpenAIRE

    Fontanini, Piero

    2008-01-01

    VOIP or Voice Over Internet Protocol is a common term for phone service over IP based networks. There are much information about VoIP and some of how VoIP can be secured. There is however no standard for VoIP and no general solution for VoIP Security. The security in VoIP systems today are often non existing or in best case weak and often based on proprietary solutions. This master thesis investigates threats to VoIP system and describes existing alternatives for securing Vo...

  4. Secure Virtual Enclaves

    National Research Council Canada - National Science Library

    Shands, Deborah

    2002-01-01

    The Secure Virtual Enclaves (SVE) collaboration infrastructure allows multiple organizations to share their distributed application resources, while respecting organizational autonomy over local resources...

  5. Beginning ASPNET Security

    CERN Document Server

    Dorrans, Barry

    2010-01-01

    Beginning ASP.NET 3.5 Security is geared for novice to intermediate ASP.NET programmers who wish to protect and defend their web sites against attack and exploitation. Beginning with a discussion of why we need security and the things that may occur when it is ignored and an overview of how ASP.NET works, readers are taken through the common steps in developing a web site, the security problems each area exposes and how these can be exploited. Visual Studio Security MVP Barry Dorrans teaches readers how they can defend their applications using the standard .NET framework, industry patterns and

  6. Governing for Enterprise Security

    National Research Council Canada - National Science Library

    Allen, Julia

    2005-01-01

    ... business. If an organization's management -- including boards of directors, senior executives, and all managers -- does not establish and reinforce the business need for effective enterprise security...

  7. Microsoft Windows Security Essentials

    CERN Document Server

    Gibson, Darril

    2011-01-01

    Windows security concepts and technologies for IT beginners IT security can be a complex topic, especially for those new to the field of IT. This full-color book, with a focus on the Microsoft Technology Associate (MTA) program, offers a clear and easy-to-understand approach to Windows security risks and attacks for newcomers to the world of IT. By paring down to just the essentials, beginners gain a solid foundation of security concepts upon which more advanced topics and technologies can be built. This straightforward guide begins each chapter by laying out a list of topics to be discussed,

  8. National Security Whistleblowers

    National Research Council Canada - National Science Library

    Fisher, Louis

    2005-01-01

    .... Domestic and national security information is provided through agency reports and direct communications from department heads, but lawmakers also receive information directly from employees within the agencies...

  9. Linux Security Cookbook

    CERN Document Server

    Barrett, Daniel J; Byrnes, Robert G

    2003-01-01

    Computer security is an ongoing process, a relentless contest between system administrators and intruders. A good administrator needs to stay one step ahead of any adversaries, which often involves a continuing process of education. If you're grounded in the basics of security, however, you won't necessarily want a complete treatise on the subject each time you pick up a book. Sometimes you want to get straight to the point. That's exactly what the new Linux Security Cookbook does. Rather than provide a total security solution for Linux computers, the authors present a series of easy-to-fol

  10. Information security management handbook

    CERN Document Server

    Tipton, Harold F

    2003-01-01

    Since 1993, the Information Security Management Handbook has served not only as an everyday reference for information security practitioners but also as an important document for conducting the intense review necessary to prepare for the Certified Information System Security Professional (CISSP) examination. Now completely revised and updated and in its fifth edition, the handbook maps the ten domains of the Information Security Common Body of Knowledge and provides a complete understanding of all the items in it. This is a ...must have... book, both for preparing for the CISSP exam and as a c

  11. Operating System Security

    CERN Document Server

    Jaeger, Trent

    2008-01-01

    Operating systems provide the fundamental mechanisms for securing computer processing. Since the 1960s, operating systems designers have explored how to build "secure" operating systems - operating systems whose mechanisms protect the system against a motivated adversary. Recently, the importance of ensuring such security has become a mainstream issue for all operating systems. In this book, we examine past research that outlines the requirements for a secure operating system and research that implements example systems that aim for such requirements. For system designs that aimed to

  12. Lecture 1: General Security

    CERN Multimedia

    CERN. Geneva

    2013-01-01

    The CERN Computer Security Team is mandated to coordinate all aspects of CERN’s computer security --- office computing security, computer centre security, GRID computing security and control system security --- whilst taking into account CERN’s operational needs. This presentation will cover a series of security incidents which happened at CERN over the last five years, and discuss the lessons-learned in order to avoid similar things from happening again (there is enough blunder out there so there is need to make the same mistake twice). In the second part, I will outline how computer security --- prevention, protection, detection and response --- is generated at CERN, what the main objectives of the CERN computer security team are, and which policies, procedures and tools have been put in place. Stefan Lüders, PhD, graduated from the Swiss Federal Institute of Technology in Zurich and joined CERN in 2002. Being initially developer of a common safety system used in all four experiments at the Large Hadr...

  13. Smart security and securing data through watermarking

    Science.gov (United States)

    Singh, Ritesh; Kumar, Lalit; Banik, Debraj; Sundar, S.

    2017-11-01

    The growth of image processing in embedded system has provided the boon of enhancing the security in various sectors. This lead to the developing of various protective strategies, which will be needed by private or public sectors for cyber security purposes. So, we have developed a method which uses digital water marking and locking mechanism for the protection of any closed premises. This paper describes a contemporary system based on user name, user id, password and encryption technique which can be placed in banks, protected offices to beef the security up. The burglary can be abated substantially by using a proactive safety structure. In this proposed framework, we are using water-marking in spatial domain to encode and decode the image and PIR(Passive Infrared Sensor) sensor to detect the existence of person in any close area.

  14. Strategic planning and security analysis

    International Nuclear Information System (INIS)

    DePasquale, S.

    1991-01-01

    Nuclear security master planning is a deliberative process, founded on the premise that the broad scope of security must be analyzed before any meaningful determinations may be reached on an individual security aspect. This paper examines the analytical process required in developing a Security Master Plan. It defines a four stage process concluding with the selection of security measures encompassing physical security, policy and procedure considerations and guard force deployment. The final product orchestrates each security measure in a complementary and supportive configuration

  15. 21st Century Security Manager

    OpenAIRE

    Stelian ARION

    2010-01-01

    We live in world of uncertainty that generates major paradigms changing that affect security risk management. Modern organization’s security risks management can’t be done without a profound knowlegde and daily practice for security governance, security risk management and resilience. 21st Century security manager need to deal with several areas of konwledge in order to succesfully manage security risks. The document presents the advantages, disadvantages and challenges for security managers ...

  16. Center for computer security: Computer Security Group conference. Summary

    Energy Technology Data Exchange (ETDEWEB)

    None

    1982-06-01

    Topics covered include: computer security management; detection and prevention of computer misuse; certification and accreditation; protection of computer security, perspective from a program office; risk analysis; secure accreditation systems; data base security; implementing R and D; key notarization system; DOD computer security center; the Sandia experience; inspector general's report; and backup and contingency planning. (GHT)

  17. Security dialogues: building better relationships between security and business

    OpenAIRE

    Ashenden, Debi; Lawrence, Darren

    2016-01-01

    In the real world, there's often a discrepancy between an organization's mandated security processes and what actually happens. The social practice of security flourishes in the space between and around formal organizational security processes. By recognizing the value of risk management as a communication tool, security practitioners can tap opportunities to improve the security dialogue with staff.

  18. Social Security Administration

    Science.gov (United States)

    ... Suze Orman on Why Creating an Account is Important Suze Orman explains how a my Social Security account can help you plan for your retirement ... for same-sex couples? Open Government at Social Security Explore the benefits you may be due Plain ... About Us Accessibility FOIA Open Government Glossary ...

  19. Network Security Is Manageable

    Science.gov (United States)

    Roberts, Gary

    2006-01-01

    An effective systems librarian must understand security vulnerabilities and be proactive in preventing problems. Specifics of future attacks or security challenges cannot possibly be anticipated, but this paper suggests some simple measures that can be taken to make attacks less likely to occur: program the operating system to get automatic…

  20. Women and social security

    NARCIS (Netherlands)

    Westerveld, M.; Pennings, F.; Vonk, G.

    2015-01-01

    Does ‘the’ social security take sufficient account of women? Are its protection schemes sufficiently aimed at safeguarding women’s interests? These are the questions I was invited to answer for this handbook on social security law. At the same time I was asked to adopt an unorthodox approach, one

  1. Sustainability and National Security

    Science.gov (United States)

    2012-01-01

    to U.S. overseas campaigns since the early 1900s. Environmental Security Environmental Security is an element under the larger rubric of Human...oldest seedbank, with a network of research facilities, and well over 300,000 ‘accessions’ of plant genetic material (Sinitsyna 2007b; Roslof

  2. Information security management principles

    CERN Document Server

    Taylor, Andy; Finch, Amanda; Sutton, David; Taylor, Andy

    2013-01-01

    In today's technology-driven environment, there is an ever-increasing demand for information delivery. A compromise has to be struck between security and availability. This book is a pragmatic guide to information assurance for both business professionals and technical experts. This second edition includes the security of cloud-based resources.

  3. School Security Technologies

    Science.gov (United States)

    Schneider, Tod

    2010-01-01

    Over the past decade electronic security technology has evolved from an exotic possibility into an essential safety consideration. Before resorting to high-tech security solutions, school officials should think carefully about the potential for unintended consequences. Technological fixes may be mismatched to the problems being addressed. They can…

  4. Energy systems security

    CERN Document Server

    Voeller, John G

    2014-01-01

    Energy Systems Security features articles from the Wiley Handbook of Science and Technology for Homeland Security covering topics related to electricity transmission grids and their protection, risk assessment of energy systems, analysis of interdependent energy networks. Methods to manage electricity transmission disturbances so as to avoid blackouts are discussed, and self-healing energy system and a nano-enabled power source are presented.

  5. VMware view security essentials

    CERN Document Server

    Langenhan, Daniel

    2013-01-01

    A practical and fast-paced guide that gives you all the information you need to secure your virtual environment.This book is a ""how-to"" for the novice, a ""reference guide"" for the advanced user, and a ""go to"" for the experienced user in all the aspects of VMware View desktop virtualization security.

  6. Security in the Sahel

    DEFF Research Database (Denmark)

    Hahonou, Eric Komlavi

    of volatile security. In this policy brief, Eric Hahonou argues that without complementary activities, the multiplication of border offices could even expand opportunities for corruption. Instead, security policy should focus on creating a culture of effectiveness including systematic and regular staff...

  7. Reconciling privacy and security

    NARCIS (Netherlands)

    Lieshout, M.J. van; Friedewald, M.; Wright, D.; Gutwirth, S.

    2013-01-01

    This paper considers the relationship between privacy and security and, in particular, the traditional "trade-off" paradigm. The issue is this: how, in a democracy, can one reconcile the trend towards increasing security (for example, as manifested by increasing surveillance) with the fundamental

  8. Security in the cloud.

    Science.gov (United States)

    Degaspari, John

    2011-08-01

    As more provider organizations look to the cloud computing model, they face a host of security-related questions. What are the appropriate applications for the cloud, what is the best cloud model, and what do they need to know to choose the best vendor? Hospital CIOs and security experts weigh in.

  9. Systems Security Engineering

    Science.gov (United States)

    2010-08-22

    environment that contains network- borne cybersecurity threats, an argument may be made that the firewall increases overall system functionality by reserving...the number of administered devices. This approach to security analysis is at once old and new. In the early days of eCommerce , security

  10. Smart grid security

    Energy Technology Data Exchange (ETDEWEB)

    Cuellar, Jorge (ed.) [Siemens AG, Muenchen (Germany). Corporate Technology

    2013-11-01

    The engineering, deployment and security of the future smart grid will be an enormous project requiring the consensus of many stakeholders with different views on the security and privacy requirements, not to mention methods and solutions. The fragmentation of research agendas and proposed approaches or solutions for securing the future smart grid becomes apparent observing the results from different projects, standards, committees, etc, in different countries. The different approaches and views of the papers in this collection also witness this fragmentation. This book contains the following papers: 1. IT Security Architecture Approaches for Smart Metering and Smart Grid. 2. Smart Grid Information Exchange - Securing the Smart Grid from the Ground. 3. A Tool Set for the Evaluation of Security and Reliability in Smart Grids. 4. A Holistic View of Security and Privacy Issues in Smart Grids. 5. Hardware Security for Device Authentication in the Smart Grid. 6. Maintaining Privacy in Data Rich Demand Response Applications. 7. Data Protection in a Cloud-Enabled Smart Grid. 8. Formal Analysis of a Privacy-Preserving Billing Protocol. 9. Privacy in Smart Metering Ecosystems. 10. Energy rate at home Leveraging ZigBee to Enable Smart Grid in Residential Environment.

  11. Formalizing physical security procedures

    NARCIS (Netherlands)

    Meadows, C.; Pavlovic, Dusko

    Although the problems of physical security emerged more than 10,000 years before the problems of computer security, no formal methods have been developed for them, and the solutions have been evolving slowly, mostly through social procedures. But as the traffic on physical and social networks is now

  12. No energy security without climate security

    International Nuclear Information System (INIS)

    Hiller, M.

    2006-06-01

    WWF urges the G8 nations to embark on a serious global 'Climate and Energy Security Plan' akin in dimension to the Marshall plan after the Second World War. The plan would aim at dramatically augmenting energy efficiency measures and renewable energy sources within the next five years

  13. Relaxing Chosen-Ciphertext Security

    DEFF Research Database (Denmark)

    Canetti, Ran; Krawczyk, Hugo; Nielsen, Jesper Buus

    2003-01-01

    Security against adaptive chosen ciphertext attacks (or, CCA security) has been accepted as the standard requirement from encryption schemes that need to withstand active attacks. In particular, it is regarded as the appropriate security notion for encryption schemes used as components within...... general protocols and applications. Indeed, CCA security was shown to suffice in a large variety of contexts. However, CCA security often appears to be somewhat too strong: there exist encryption schemes (some of which come up naturally in practice) that are not CCA secure, but seem sufficiently secure...... “for most practical purposes.” We propose a relaxed variant of CCA security, called Replayable CCA (RCCA) security. RCCA security accepts as secure the non-CCA (yet arguably secure) schemes mentioned above; furthermore, it suffices for most existing applications of CCA security. We provide three...

  14. Moving towards Cloud Security

    Directory of Open Access Journals (Sweden)

    Edit Szilvia Rubóczki

    2015-01-01

    Full Text Available Cloud computing hosts and delivers many different services via Internet. There are a lot of reasons why people opt for using cloud resources. Cloud development is increasing fast while a lot of related services drop behind, for example the mass awareness of cloud security. However the new generation upload videos and pictures without reason to a cloud storage, but only few know about data privacy, data management and the proprietary of stored data in the cloud. In an enterprise environment the users have to know the rule of cloud usage, however they have little knowledge about traditional IT security. It is important to measure the level of their knowledge, and evolve the training system to develop the security awareness. The article proves the importance of suggesting new metrics and algorithms for measuring security awareness of corporate users and employees to include the requirements of emerging cloud security.

  15. The secure heating reactor

    International Nuclear Information System (INIS)

    Pind, C.

    1987-01-01

    The SECURE heating reactor was designed by ASEA-ATOM as a realistic alternative for district heating in urban areas and for supplying heat to process industries. SECURE has unique safety characteristics, that are based on fundamental laws of physics. The safety does not depend on active components or operator intervention for shutdown and cooling of the reactor. The inherent safety characteristics of the plant cannot be affected by operator errors. Due to its very low environment impact, it can be sited close to heat consumers. The SECURE heating reactor has been shown to be competitive in comparison with other alternatives for heating Helsinki and Seoul. The SECURE heating reactor forms a basis for the power-producing SECURE-P reactor known as PIUS (Process Inherent Ultimate Safety), which is based on the same inherent safety principles. The thermohydraulic function and transient response have been demonstrated in a large electrically heated loop at the ASEA-ATOM laboratories

  16. Unconditionally Secure Protocols

    DEFF Research Database (Denmark)

    Meldgaard, Sigurd Torkel

    This thesis contains research on the theory of secure multi-party computation (MPC). Especially information theoretically (as opposed to computationally) secure protocols. It contains results from two main lines of work. One line on Information Theoretically Secure Oblivious RAMS, and how....... We construct an oblivious RAM that hides the client's access pattern with information theoretic security with an amortized $\\log^3 N$ query overhead. And how to employ a second server that is guaranteed not to conspire with the first to improve the overhead to $\\log^2 N$, while also avoiding...... they are used to speed up secure computation. An Oblivious RAM is a construction for a client with a small $O(1)$ internal memory to store $N$ pieces of data on a server while revealing nothing more than the size of the memory $N$, and the number of accesses. This specifically includes hiding the access pattern...

  17. Energy security in Yemen

    International Nuclear Information System (INIS)

    Torosyan, Emil

    2009-09-01

    Yemen, situated in the Arab world, has considerable energy resources. However, its history of repeated revolts, civil wars and terrorism and also the presence of the Wahabi movement and al Qaeda in the country constitute security issues for the energy industry and its infrastructure. The aim of this paper is to assess the impact level on the security of the energy sector in Yemen and the effect that the threats to that sector could have on global energy security. Analyses of the political environment, the security threats and the measures taken to respond to these threats have been carried out. Results showed that Yemen's resources are depleting and that the government is having trouble containing the escalation of conflicts; this situation could lead to Yemen's political collapse which could have an important impact on global energy security.

  18. Network systems security analysis

    Science.gov (United States)

    Yilmaz, Ä.°smail

    2015-05-01

    Network Systems Security Analysis has utmost importance in today's world. Many companies, like banks which give priority to data management, test their own data security systems with "Penetration Tests" by time to time. In this context, companies must also test their own network/server systems and take precautions, as the data security draws attention. Based on this idea, the study cyber-attacks are researched throughoutly and Penetration Test technics are examined. With these information on, classification is made for the cyber-attacks and later network systems' security is tested systematically. After the testing period, all data is reported and filed for future reference. Consequently, it is found out that human beings are the weakest circle of the chain and simple mistakes may unintentionally cause huge problems. Thus, it is clear that some precautions must be taken to avoid such threats like updating the security software.

  19. Indirection and computer security.

    Energy Technology Data Exchange (ETDEWEB)

    Berg, Michael J.

    2011-09-01

    The discipline of computer science is built on indirection. David Wheeler famously said, 'All problems in computer science can be solved by another layer of indirection. But that usually will create another problem'. We propose that every computer security vulnerability is yet another problem created by the indirections in system designs and that focusing on the indirections involved is a better way to design, evaluate, and compare security solutions. We are not proposing that indirection be avoided when solving problems, but that understanding the relationships between indirections and vulnerabilities is key to securing computer systems. Using this perspective, we analyze common vulnerabilities that plague our computer systems, consider the effectiveness of currently available security solutions, and propose several new security solutions.

  20. Wireless physical layer security

    Science.gov (United States)

    Poor, H. Vincent; Schaefer, Rafael F.

    2017-01-01

    Security in wireless networks has traditionally been considered to be an issue to be addressed separately from the physical radio transmission aspects of wireless systems. However, with the emergence of new networking architectures that are not amenable to traditional methods of secure communication such as data encryption, there has been an increase in interest in the potential of the physical properties of the radio channel itself to provide communications security. Information theory provides a natural framework for the study of this issue, and there has been considerable recent research devoted to using this framework to develop a greater understanding of the fundamental ability of the so-called physical layer to provide security in wireless networks. Moreover, this approach is also suggestive in many cases of coding techniques that can approach fundamental limits in practice and of techniques for other security tasks such as authentication. This paper provides an overview of these developments.

  1. International Nuclear Security

    Energy Technology Data Exchange (ETDEWEB)

    Doyle, James E. [Los Alamos National Laboratory

    2012-08-14

    This presentation discusses: (1) Definitions of international nuclear security; (2) What degree of security do we have now; (3) Limitations of a nuclear security strategy focused on national lock-downs of fissile materials and weapons; (4) What do current trends say about the future; and (5) How can nuclear security be strengthened? Nuclear security can be strengthened by: (1) More accurate baseline inventories; (2) Better physical protection, control and accounting; (3) Effective personnel reliability programs; (4) Minimize weapons-usable materials and consolidate to fewer locations; (5) Consider local threat environment when siting facilities; (6) Implement pledges made in the NSS process; and (7) More robust interdiction, emergency response and special operations capabilities. International cooperation is desirable, but not always possible.

  2. Human factors in network security

    OpenAIRE

    Jones, Francis B.

    1991-01-01

    Human factors, such as ethics and education, are important factors in network information security. This thesis determines which human factors have significant influence on network security. Those factors are examined in relation to current security devices and procedures. Methods are introduced to evaluate security effectiveness by incorporating the appropriate human factors into network security controls

  3. 76 FR 8946 - Security Ratings

    Science.gov (United States)

    2011-02-16

    ... grade securities (such as foreign currency or other cash settled derivative securities). See... investment grade securities (such as foreign currency or other cash settled derivative securities). See... SECURITIES AND EXCHANGE COMMISSION 17 CFR Parts 200, 229, 230, 232, 239, 240, and 249 [Release No...

  4. Privacy and Security: A Bibliography.

    Science.gov (United States)

    Computer and Business Equipment Manufacturers Association, Washington, DC.

    Compiled at random from many sources, this bibliography attempts to cite as many publications concerning privacy and security as are available. The entries are organized under seven headings: (1) systems security, technical security, clearance of personnel, (2) corporate physical security, (3) administrative security, (4) miscellaneous--privacy…

  5. Quantum secure communication models comparison

    Directory of Open Access Journals (Sweden)

    Georgi Petrov Bebrov

    2017-12-01

    Full Text Available The paper concerns the quantum cryptography, more specifically, the quantum secure communication type of schemes. The main focus here is on making a comparison between the distinct secure quantum communication models – quantum secure direct communication and deterministic secure quantum communication, in terms of three parameters: resource efficiency, eavesdropping check efficiency, and security (degree of preserving the confidentiality.

  6. Natural gas and energy security

    International Nuclear Information System (INIS)

    Saga, B.P.

    1996-01-01

    This paper relates to energy security by natural gas supply seen in an International Energy Agency perspective. Topics are: Security of supply, what is it; the role gas on the European energy scene; short term security of supply; long term security of supply; future structural and regulatory developments and possible implications for security of supply. 6 figs

  7. Securing Land Tenure, Improving Food Security and Reducing ...

    International Development Research Centre (IDRC) Digital Library (Canada)

    Securing Land Tenure, Improving Food Security and Reducing Poverty in Rural ... land tenure regimes as obstacles to food security, economic integration and ... its 2017 call for proposals to establish Cyber Policy Centres in the Global South.

  8. Center for Homeland Defense and Security Homeland Security Affairs Journal

    OpenAIRE

    2015-01-01

    Homeland Security Affairs is the peer-reviewed online journal of the Center for Homeland Defense and Security (CHDS). The journal provides a forum to propose and debate strategies, policies and organizational arrangements to strengthen U.S. homeland security.

  9. Security intelligence a practitioner's guide to solving enterprise security challenges

    CERN Document Server

    Li, Qing

    2015-01-01

    Identify, deploy, and secure your enterprise Security Intelligence, A Practitioner's Guide to Solving Enterprise Security Challenges is a handbook for security in modern times, against modern adversaries. As leaders in the design and creation of security products that are deployed globally across a range of industries and market sectors, authors Qing Li and Gregory Clark deliver unparalleled insight into the development of comprehensive and focused enterprise security solutions. They walk you through the process of translating your security goals into specific security technology domains, fo

  10. Perspectives on Energy Security

    International Nuclear Information System (INIS)

    Carlsson-Kanyama, Annika; Holmgren, Aake J.; Joensson, Thomas; Larsson, Robert L.

    2007-05-01

    A common notion of 'Energy Security' is that it includes access to energy resources without risking the the survival of the state. 'Security of supply' is most often the concept emphasized in the political discourse on energy security and it includes both production as well as secure and safe delivery of energy to the end consumers. Another aspect of energy security is the need for reducing energy consumption by improving energy efficiency. In this report, eight chapters covering these and other perspectives on energy security are presented. Six of the chapters deal with the supply perspective. Included topics cover power politics and geopolitical perspectives regarding large infrastructure projects and the ambitions of the EU in this regard. Further, methods and approaches for conducting risk analyses of electricity supply systems as well as for improving the security of digital control systems are discussed. As climate change will affect the supply and distribution of energy, one chapter presents an overview of this topic. The consumption perspective is discussed against the backdrop of research about household consumption practices and the role of climate change for future consumption levels. Finally, the role of armed forces as a large energy users is touched upon, as well as how so-called 'future studies' have dealt with energy as a topic

  11. Security and SCADA protocols

    International Nuclear Information System (INIS)

    Igure, V. M.; Williams, R. D.

    2006-01-01

    Supervisory control and data acquisition (SCADA) networks have replaced discrete wiring for many industrial processes, and the efficiency of the network alternative suggests a trend toward more SCADA networks in the future. This paper broadly considers SCADA to include distributed control systems (DCS) and digital control systems. These networks offer many advantages, but they also introduce potential vulnerabilities that can be exploited by adversaries. Inter-connectivity exposes SCADA networks to many of the same threats that face the public internet and many of the established defenses therefore show promise if adapted to the SCADA differences. This paper provides an overview of security issues in SCADA networks and ongoing efforts to improve the security of these networks. Initially, a few samples from the range of threats to SCADA network security are offered. Next, attention is focused on security assessment of SCADA communication protocols. Three challenges must be addressed to strengthen SCADA networks. Access control mechanisms need to be introduced or strengthened, improvements are needed inside of the network to enhance security and network monitoring, and SCADA security management improvements and policies are needed. This paper discusses each of these challenges. This paper uses the Profibus protocol as an example to illustrate some of the vulnerabilities that arise within SCADA networks. The example Profibus security assessment establishes a network model and an attacker model before proceeding to a list of example attacks. (authors)

  12. Security Components of Globalization

    Directory of Open Access Journals (Sweden)

    Florin Iftode

    2015-05-01

    Full Text Available The objective of this paper is our intention to present what are the main connections between globalization and international security. In terms of global security we can perceive the globalization as a process by which global state is represented by the UN, with a single world system, represented by major security organizations and with global effects. We will present from the beginning the main theoretical aspects that define the phenomenon of globalization, and then our contribution in assessing the implications of this phenomenon on the regional and global security. The results of our research are materialized in the last part of the paper. They emphasize the personal assessments on how the phenomenon of globalization has direct effect on global security. When talking about government, we think of norms, rules and decisionmaking procedures in the management of international life. The value that we add to the new scientific interpretation of the definition of globalization is represented, primarily, by the valuable bibliographic used resources and the original approach on the concept that refers to the links between globalization and security. This article may be, at any time, a starting point in an interesting research direction in the field of global security.

  13. Implementación de un servidor FTP utilizando el modelo cliente/servidor mediante el uso de sockets en lenguaje c UNIX con el fin de mejorar los tiempos de respuesta en la red

    Directory of Open Access Journals (Sweden)

    Juan de Dios Murillo

    2016-03-01

    Full Text Available Este trabajo pretende evaluar la latencia en la transferencia de archivos utilizando un servidor FTP con un modelo cliente-servidor empleando una computadora con el sistema operativo Fedora para ejecutar el código del modelo cliente/servidor con sockets en lenguaje C UNIX, con el fin de simular un servidor que contiene archivos con diferentes formatos y tamaños, y medir la latencia de la transmisión al subir y descargar los archivos del servidor, usando diferentes tamaños de buffer. Con los resultados del retardo en la transmisión en los diferentes escenarios y al compararlos, se observa que entre mayor sea el tamaño del buffer es menor la latencia y conforme aumenta el tamaño del archivo la latencia aumenta,

  14. Elements of social security

    DEFF Research Database (Denmark)

    Hansen, Hans

    Elements of Social Security is a comparative study of important elements of the social security systems in Denmark (DK), Sweden (S), Finland (FIN), Austria (A), Germany (D), the Netherlands (NL), Great Britain (GB) and Canada (CAN). It should be emphasized that Germany is the former West Germany...... (Alte Länder). This is the 9th and last edition of the publication,covering income levels and rules for social security and personal taxation for 1999. Basis for the projections to 1999 income levels is the 1998 data (in some cases 1999 data)for OECD's Taxing Wages as reported by national experts....

  15. Secure Multiparty AES

    Science.gov (United States)

    Damgård, Ivan; Keller, Marcel

    We propose several variants of a secure multiparty computation protocol for AES encryption. The best variant requires 2200 + {{400}over{255}} expected elementary operations in expected 70 + {{20}over{255}} rounds to encrypt one 128-bit block with a 128-bit key. We implemented the variants using VIFF, a software framework for implementing secure multiparty computation (MPC). Tests with three players (passive security against at most one corrupted player) in a local network showed that one block can be encrypted in 2 seconds. We also argue that this result could be improved by an optimized implementation.

  16. Cloud Computing Security

    OpenAIRE

    Ngongang, Guy

    2011-01-01

    This project aimed to show how possible it is to use a network intrusion detection system in the cloud. The security in the cloud is a concern nowadays and security professionals are still finding means to make cloud computing more secure. First of all the installation of the ESX4.0, vCenter Server and vCenter lab manager in server hardware was successful in building the platform. This allowed the creation and deployment of many virtual servers. Those servers have operating systems and a...

  17. Privacy vs security

    CERN Document Server

    Stalla-Bourdillon, Sophie; Ryan, Mark D

    2014-01-01

    Securing privacy in the current environment is one of the great challenges of today's democracies. Privacy vs. Security explores the issues of privacy and security and their complicated interplay, from a legal and a technical point of view. Sophie Stalla-Bourdillon provides a thorough account of the legal underpinnings of the European approach to privacy and examines their implementation through privacy, data protection and data retention laws. Joshua Philips and Mark D. Ryan focus on the technological aspects of privacy, in particular, on today's attacks on privacy by the simple use of today'

  18. Security, insecurity and health.

    Science.gov (United States)

    Coupland, Robin

    2007-03-01

    An examination of the nexus of security, insecurity and health shows that security is a prerequisite for health. The many and varied ways that armed violence--including threats of armed violence--can affect people's health can be documented by formal studies; however, valuable data also exist in other reports, such as media reports. The health community needs to recognize that people's insecurity is a massive global health issue. The foreign policies of donor governments should incorporate recognition that documentation, analysis and publication of data describing the impact of insecurity on people's health can lead to the creation of policies to enhance people's security.

  19. Android Applications Security

    Directory of Open Access Journals (Sweden)

    Paul POCATILU

    2011-01-01

    Full Text Available The use of smartphones worldwide is growing very fast and also the malicious attacks have increased. The mobile security applications development keeps the pace with this trend. The paper presents the vulnerabilities of mobile applications. The Android applications and devices are analyzed through the security perspective. The usage of restricted API is also presented. The paper also focuses on how users can prevent these malicious attacks and propose some prevention measures, including the architecture of a mobile security system for Android devices.

  20. Computer Security Handbook

    CERN Document Server

    Bosworth, Seymour; Whyne, Eric

    2012-01-01

    The classic and authoritative reference in the field of computer security, now completely updated and revised With the continued presence of large-scale computers; the proliferation of desktop, laptop, and handheld computers; and the vast international networks that interconnect them, the nature and extent of threats to computer security have grown enormously. Now in its fifth edition, Computer Security Handbook continues to provide authoritative guidance to identify and to eliminate these threats where possible, as well as to lessen any losses attributable to them. With seventy-seven chapter

  1. Linux Server Security

    CERN Document Server

    Bauer, Michael D

    2005-01-01

    Linux consistently appears high up in the list of popular Internet servers, whether it's for the Web, anonymous FTP, or general services such as DNS and delivering mail. But security is the foremost concern of anyone providing such a service. Any server experiences casual probe attempts dozens of time a day, and serious break-in attempts with some frequency as well. This highly regarded book, originally titled Building Secure Servers with Linux, combines practical advice with a firm knowledge of the technical tools needed to ensure security. The book focuses on the most common use of Linux--

  2. Software Safety and Security

    CERN Document Server

    Nipkow, T; Hauptmann, B

    2012-01-01

    Recent decades have seen major advances in methods and tools for checking the safety and security of software systems. Automatic tools can now detect security flaws not only in programs of the order of a million lines of code, but also in high-level protocol descriptions. There has also been something of a breakthrough in the area of operating system verification. This book presents the lectures from the NATO Advanced Study Institute on Tools for Analysis and Verification of Software Safety and Security; a summer school held at Bayrischzell, Germany, in 2011. This Advanced Study Institute was

  3. Transmission grid security

    CERN Document Server

    Haarla, Liisa; Hirvonen, Ritva; Labeau, Pierre-Etienne

    2011-01-01

    In response to the growing importance of power system security and reliability, ""Transmission Grid Security"" proposes a systematic and probabilistic approach for transmission grid security analysis. The analysis presented uses probabilistic safety assessment (PSA) and takes into account the power system dynamics after severe faults. In the method shown in this book the power system states (stable, not stable, system breakdown, etc.) are connected with the substation reliability model. In this way it is possible to: estimate the system-wide consequences of grid faults; identify a chain of eve

  4. Smart grid security

    CERN Document Server

    Goel, Sanjay; Papakonstantinou, Vagelis; Kloza, Dariusz

    2015-01-01

    This book on smart grid security is meant for a broad audience from managers to technical experts. It highlights security challenges that are faced in the smart grid as we widely deploy it across the landscape. It starts with a brief overview of the smart grid and then discusses some of the reported attacks on the grid. It covers network threats, cyber physical threats, smart metering threats, as well as privacy issues in the smart grid. Along with the threats the book discusses the means to improve smart grid security and the standards that are emerging in the field. The second part of the b

  5. Shipment security update - 2003

    International Nuclear Information System (INIS)

    Patterson, John; Anne, Catherine

    2003-01-01

    At the 2002 RERTR, NAC reported on the interim measures taken by the U.S. Nuclear Regulatory Commission to enhance the security afforded to shipments of spent nuclear fuel. Since that time, there have been a number of additional actions focused on shipment security including training programs sponsored by the U.S. Department of Transportation and the Electric Power Research Council, investigation by the Government Accounting Office, and individual measures taken by shippers and transportation agents. The paper will present a status update regarding this dynamic set of events and provide an objective assessment of the cost, schedule and technical implications of the changing security landscape. (author)

  6. Food Security Strategies for Vanuatu

    OpenAIRE

    Welegtabit, Shadrack R.

    2001-01-01

    This report describes and analyzes food security conditions and policies in Vanuatu. The national food security systems are dualistic in nature, and the rural and urban food security systems are weakly related. Household food security in rural areas is primarily determined by access to arable land and fishery resources, whereas in urban areas household food security is primarily determined by access to employment. Household food security has been a concern in both rural and urban areas. Both ...

  7. Agile IT Security Implementation Methodology

    CERN Document Server

    Laskowski, Jeff

    2011-01-01

    The book is a tutorial that goes from basic to professional level for Agile IT security. It begins by assuming little knowledge of agile security. Readers should hold a good knowledge of security methods and agile development. The book is targeted at IT security managers, directors, and architects. It is useful for anyone responsible for the deployment of IT security countermeasures. Security people with a strong knowledge of agile software development will find this book to be a good review of agile concepts.

  8. Security for multihop wireless networks

    CERN Document Server

    Khan, Shafiullah

    2014-01-01

    Security for Multihop Wireless Networks provides broad coverage of the security issues facing multihop wireless networks. Presenting the work of a different group of expert contributors in each chapter, it explores security in mobile ad hoc networks, wireless sensor networks, wireless mesh networks, and personal area networks.Detailing technologies and processes that can help you secure your wireless networks, the book covers cryptographic coprocessors, encryption, authentication, key management, attacks and countermeasures, secure routing, secure medium access control, intrusion detection, ep

  9. Database Security: A Historical Perspective

    OpenAIRE

    Lesov, Paul

    2010-01-01

    The importance of security in database research has greatly increased over the years as most of critical functionality of the business and military enterprises became digitized. Database is an integral part of any information system and they often hold sensitive data. The security of the data depends on physical security, OS security and DBMS security. Database security can be compromised by obtaining sensitive data, changing data or degrading availability of the database. Over the last 30 ye...

  10. Threats or threads: from usable security to secure experience

    DEFF Research Database (Denmark)

    Bødker, Susanne; Mathiasen, Niels Raabjerg

    2008-01-01

    While the domain of security dependent technologies brings new challenges to HCI research it seems that the results and breakthroughs of HCI have not been used in design of security dependent technologies. With exceptions, work in the research field of usable security may be criticized for focusing...... mainly on adjusting user behavior to behave securely. With our background in newer HCI perspectives we address secure interaction from the perspective of security technology as experience. We analyze a number of collected user stories to understand what happens when everyday users encounter security...... dependent technologies. We apply McCarthy & Wright's [12] experience framework to the security domain and our collected stories. We point out that there are significant differences between being secure and having a secure experience, and conclude that classical usable security, focus on people's immediate...

  11. Security and Emergency Management Division

    Data.gov (United States)

    Federal Laboratory Consortium — Volpe's Security and Emergency Management Division identifies vulnerabilities, risks, and opportunities to improve the security of transportation systems, critical...

  12. To The Question Of The Concepts "National Security", "Information Security", "National Information Security" Meanings

    OpenAIRE

    Alexander A. Galushkin

    2015-01-01

    In the present article author analyzes value of the concepts "national security", "information security", "national information security". Author gives opinions of scientists-jurists, definitions given by legislators and normotvorets in various regulations.

  13. Roadmap on optical security

    NARCIS (Netherlands)

    javidi, B.; Carnicer, A.; Yamaguchi, M.; Nomura, T.; Pérez-Cabré, E.; Millan, M.S.; Nishchal, N.K.; Torroba, R.; Barrera, J.F.; He, W.; Peng, X.; Stern, A.; Rivenson, Y.; Alfalou, A.; Brosseau, C.; Guo, C.; Sheridan, J.T.; Situ, G.; Naruse, M.; Matsumoto, T.; Juvells, I.; Tajahuerce, E.; Lancis, J.; Chen, Wen; Chen, X.; Markman, A.; Mosk, Allard; Pinkse, Pepijn Willemszoon Harry

    2016-01-01

    Information security and authentication are important challenges facing society. Recent attacks by hackers on the databases of large commercial and financial companies have demonstrated that more research and development of advanced approaches are necessary to deny unauthorized access to critical

  14. Mobile IP: Security & application

    NARCIS (Netherlands)

    Tuquerres, G.; Salvador, M.R.; Sprenkels, Ron

    1999-01-01

    As required in the TGS Mobile IP Advanced Module, this paper presents a survey of common security threats which mobile IP networks are exposed to as well as some proposed solutions to deal with such threats.

  15. The security aspect

    International Nuclear Information System (INIS)

    Clutterbuck, R.

    1984-01-01

    The question of the risks of deliberate criminal or politically motivated attack, theft or hijacking of irradiated fuel in transit is discussed. Headings; possible forms of interference; security measures; attractions and limitations as a target. (U.K.)

  16. Security vs. Safety.

    Science.gov (United States)

    Sturgeon, Julie

    1999-01-01

    Provides administrative advice on how some safety experts have made college campuses safer and friendlier without breaking the budget. Tips on security and advice on safety management that encompasses the whole environment are highlighted. (GR)

  17. Railway infrastructure security

    CERN Document Server

    Sforza, Antonio; Vittorini, Valeria; Pragliola, Concetta

    2015-01-01

    This comprehensive monograph addresses crucial issues in the protection of railway systems, with the objective of enhancing the understanding of railway infrastructure security. Based on analyses by academics, technology providers, and railway operators, it explains how to assess terrorist and criminal threats, design countermeasures, and implement effective security strategies. In so doing, it draws upon a range of experiences from different countries in Europe and beyond. The book is the first to be devoted entirely to this subject. It will serve as a timely reminder of the attractiveness of the railway infrastructure system as a target for criminals and terrorists and, more importantly, as a valuable resource for stakeholders and professionals in the railway security field aiming to develop effective security based on a mix of methodological, technological, and organizational tools. Besides researchers and decision makers in the field, the book will appeal to students interested in critical infrastructur...

  18. Managing for Enterprise Security

    National Research Council Canada - National Science Library

    Caralli, Richard A; Allen, Julia H; Stevens, James F; Willke, Bradford J; Wilson, William R

    2004-01-01

    Security has become one of the most urgent issues for many organizations. It is an essential requirement for doing business in a globally networked economy and for achieving organizational goals and mission...

  19. VMware vsphere security cookbook

    CERN Document Server

    Greer, Mike

    2014-01-01

    This book is intended for virtualization professionals who are experienced with the setup and configuration of VMware vSphere, but didn't get the opportunity to learn how to secure the environment properly.

  20. Network Security Visualization

    National Research Council Canada - National Science Library

    1999-01-01

    The application of interactive, three-dimensional viewing techniques to the representation of security-related, computer network status and events is expected to improve the timeliness and efficiency...

  1. DTIC Review: Biometric Security

    National Research Council Canada - National Science Library

    2007-01-01

    ...: Biometrics, the study of methods for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits, is a critical tool used in law enforcement, computer security and homeland defense...

  2. Architecting security with Paradigm

    NARCIS (Netherlands)

    Andova, S.; Groenewegen, L.P.J.; Verschuren, J.H.S.; Vink, de E.P.; Lemos, de R.; Fabre, J.C.; Gacek, C.; Gadducci, F.; Beek, ter M.

    2009-01-01

    For large security systems a clear separation of concerns is achieved through architecting. Particularly the dynamic consistency between the architectural components should be addressed, in addition to individual component behaviour. In this paper, relevant dynamic consistency is specified through

  3. Integrated security system definition

    International Nuclear Information System (INIS)

    Campbell, G.K.; Hall, J.R. II

    1985-01-01

    The objectives of an integrated security system are to detect intruders and unauthorized activities with a high degree of reliability and the to deter and delay them until effective response/engagement can be accomplished. Definition of an effective integrated security system requires proper application of a system engineering methodology. This paper summarizes a methodology and describes its application to the problem of integrated security system definition. This process includes requirements identification and analysis, allocation of identified system requirements to the subsystem level and provides a basis for identification of synergistic subsystem elements and for synthesis into an integrated system. The paper discusses how this is accomplished, emphasizing at each step how system integration and subsystem synergism is considered. The paper concludes with the product of the process: implementation of an integrated security system

  4. Securing General Aviation

    National Research Council Canada - National Science Library

    Elias, Bart

    2005-01-01

    .... Because GA plays a small but important role in the U.S. economy, improving upon GA security without unduly impeding air commerce or limiting the freedom of movement by air remains a significant challenge...

  5. Quantum Secure Group Communication.

    Science.gov (United States)

    Li, Zheng-Hong; Zubairy, M Suhail; Al-Amri, M

    2018-03-01

    We propose a quantum secure group communication protocol for the purpose of sharing the same message among multiple authorized users. Our protocol can remove the need for key management that is needed for the quantum network built on quantum key distribution. Comparing with the secure quantum network based on BB84, we show our protocol is more efficient and securer. Particularly, in the security analysis, we introduce a new way of attack, i.e., the counterfactual quantum attack, which can steal information by "invisible" photons. This invisible photon can reveal a single-photon detector in the photon path without triggering the detector. Moreover, the photon can identify phase operations applied to itself, thereby stealing information. To defeat this counterfactual quantum attack, we propose a quantum multi-user authorization system. It allows us to precisely control the communication time so that the attack can not be completed in time.

  6. Security in the internet

    International Nuclear Information System (INIS)

    Seibel, R.M.M.; Kocher, K.; Landsberg, P.

    2000-01-01

    Aim of the study: Is it possible to use the Internet as a secure media for transport of telemedicine? Which risks exist for routine use? In this article state of the art methods of security were analysed. Telemedicine in the Internet has severe risks, because patient data and hospital data of a secure Intranet can be manipulated by connecting it to the Web. Conclusions: Establishing of a firewall and the introduction of HPC (Health Professional Card) are minimizing the risk of un-authorized access to the hospital server. HPC allows good safety with digital signature and authentication of host and client of medical data. For secure e-mail PGP (Pretty Good Privacy) is easy to use as a standard protocol. Planning all activities exactly as well as following legal regulations are important requisites for reduction of safety risks in Internet. (orig.) [de

  7. Human security policy challenges

    Directory of Open Access Journals (Sweden)

    Andrew Morton

    2008-10-01

    Full Text Available All evidence points towards climate- and environmentallyinduced migration becoming one of the major policychallenges of this century. Adequate planning for andmanagement of this phenomenon will be critical forhuman security.

  8. Media and Security Team

    Data.gov (United States)

    Federal Laboratory Consortium — The Media And Security Team led by Prof. Min Wu was established in Fall 2001 at University of Maryland, College Park. A number of research and education activities...

  9. Credentialed Secure Communication "Switchboards"

    National Research Council Canada - National Science Library

    Freudenthal, Eric; Port, Lawrence; Keenan, Edward; Pesin, Tracy; Karamcheti, Vijay

    2001-01-01

    ... with connection monitoring facilities. Switchboard extends the secure authenticated communication channel abstraction provided by standard interfaces such as SSL/TLS with mechanisms to support trust management, key sharing, service...

  10. Radioactive Waste SECURITY

    International Nuclear Information System (INIS)

    Brodowski, R.; Drapalik, M.; Gepp, C.; Gufler, K.; Sholly, S.

    2010-01-01

    The purpose of this work is to investigate the safety requirements for a radioactive waste repository, the fundamental problems involved and the legislative rules and arrangements for doing so. As the title already makes clear, the focus of this work is on aspects that can be assigned to the security sector - ie the security against the influence of third parties - and are to be distinguished from safety measures for the improvement of the technical safety aspects. In this context, mention is made of events such as human intrusion into guarded facilities, whereas e.g. a geological analysis on seismic safety is not discussed. For a variety of reasons, the consideration of security nuclear waste repositories in public discussions is increasingly taking a back seat, as ia. Terrorist threats can be considered as negligible risk or well calculable. Depending on the type of storage, different security aspects still have to be considered. (roessner)

  11. IS (Iris Security)

    OpenAIRE

    Iovane, G.; Tortoriello, F. S.

    2003-01-01

    In the paper will be presented a safety system based on iridology. The results suggest a new scenario where the security problem in supervised and unsupervised areas can be treat with the present system and the iris image recognition.

  12. Cognitive Computing for Security.

    Energy Technology Data Exchange (ETDEWEB)

    Debenedictis, Erik [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Rothganger, Fredrick [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Aimone, James Bradley [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Marinella, Matthew [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Evans, Brian Robert [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Warrender, Christina E. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Mickel, Patrick [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

    2015-12-01

    Final report for Cognitive Computing for Security LDRD 165613. It reports on the development of hybrid of general purpose/ne uromorphic computer architecture, with an emphasis on potential implementation with memristors.

  13. Securing General Aviation

    National Research Council Canada - National Science Library

    Elias, Bart

    2005-01-01

    ... of various GA operations. While some recent high-profile breaches of GA security point to persisting vulnerabilities and limited intelligence information suggests a continued terrorist interest in using GA aircraft...

  14. Masters in Nuclear Security

    International Nuclear Information System (INIS)

    Rickwood, Peter

    2013-01-01

    Continuing global efforts to improve the security of nuclear and other radioactive material against the threat of malicious acts are being assisted by a new initiative, the development of a corps of professional experts to strengthen nuclear security. The IAEA, the European Commission, universities, research institutions and other bodies working in collaboration have established an International Nuclear Security Education Network (INSEN). In 2011, six European academic institutions, the Vienna University of Technology, the Brandenburg University of Applied Sciences, the Demokritos National Centre for Scientific Research in Greece, the Reactor Institute Delft of the Delft University of Technology in the Netherlands, the University of Oslo, and the University of Manchester Dalton Nuclear Institute, started developing a European Master of Science Programme in Nuclear Security Management. In March 2013, the masters project was inaugurated when ten students commenced studies at the Brandenburg University of Applied Sciences in Germany for two weeks. In April, they moved to the Delft University of Technology in the Netherlands for a further two weeks of studies. The pilot programme consists of six teaching sessions in different academic institutions. At the inauguration in Delft, IAEA Director General Yukiya Amano commended this effort to train a new generation of experts who can help to improve global nuclear security. ''It is clear that we will need a new generation of policy-makers and nuclear professionals - people like you - who will have a proper understanding of the importance of nuclear security,'' Mr. Amano told students and faculty members. ''The IAEA's goal is to support the development of such programmes on a global basis,'' said David Lambert, Senior Training Officer in the IAEA's Office of Nuclear Security. ''An existing postgraduate degree programme focused on nuclear security at Naif Arab University for Security Sciences (NAUSS) is currently supported by

  15. Secure quantum key distribution

    Science.gov (United States)

    Lo, Hoi-Kwong; Curty, Marcos; Tamaki, Kiyoshi

    2014-08-01

    Secure communication is crucial in the Internet Age, and quantum mechanics stands poised to revolutionize cryptography as we know it today. In this Review, we introduce the motivation and the current state of the art of research in quantum cryptography. In particular, we discuss the present security model together with its assumptions, strengths and weaknesses. After briefly introducing recent experimental progress and challenges, we survey the latest developments in quantum hacking and countermeasures against it.

  16. Computer security simulation

    International Nuclear Information System (INIS)

    Schelonka, E.P.

    1979-01-01

    Development and application of a series of simulation codes used for computer security analysis and design are described. Boolean relationships for arrays of barriers within functional modules are used to generate composite effectiveness indices. The general case of multiple layers of protection with any specified barrier survival criteria is given. Generalized reduction algorithms provide numerical security indices in selected subcategories and for the system as a whole. 9 figures, 11 tables

  17. Lemnos Interoperable Security Program

    Energy Technology Data Exchange (ETDEWEB)

    Stewart, John [Tennessee Valley Authority, Knoxville, TN (United States); Halbgewachs, Ron [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Chavez, Adrian [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Smith, Rhett [Schweitzer Engineering Laboratories, Chattanooga, TN (United States); Teumim, David [Teumim Technical, Allentown, PA (United States)

    2012-01-31

    The manner in which the control systems are being designed and operated in the energy sector is undergoing some of the most significant changes in history due to the evolution of technology and the increasing number of interconnections to other system. With these changes however come two significant challenges that the energy sector must face; 1) Cyber security is more important than ever before, and 2) Cyber security is more complicated than ever before. A key requirement in helping utilities and vendors alike in meeting these challenges is interoperability. While interoperability has been present in much of the discussions relating to technology utilized within the energy sector and especially the Smart Grid, it has been absent in the context of cyber security. The Lemnos project addresses these challenges by focusing on the interoperability of devices utilized within utility control systems which support critical cyber security functions. In theory, interoperability is possible with many of the cyber security solutions available to utilities today. The reality is that the effort required to achieve cyber security interoperability is often a barrier for utilities. For example, consider IPSec, a widely-used Internet Protocol to define Virtual Private Networks, or tunnels , to communicate securely through untrusted public and private networks. The IPSec protocol suite has a significant number of configuration options and encryption parameters to choose from, which must be agreed upon and adopted by both parties establishing the tunnel. The exercise in getting software or devices from different vendors to interoperate is labor intensive and requires a significant amount of security expertise by the end user. Scale this effort to a significant number of devices operating over a large geographical area and the challenge becomes so overwhelming that it often leads utilities to pursue solutions from a single vendor. These single vendor solutions may inadvertently lock

  18. Data port security lock

    Science.gov (United States)

    Quinby, Joseph D [Albuquerque, NM; Hall, Clarence S [Albuquerque, NM

    2008-06-24

    In a security apparatus for securing an electrical connector, a plug may be fitted for insertion into a connector receptacle compliant with a connector standard. The plug has at least one aperture adapted to engage at least one latch in the connector receptacle. An engagement member is adapted to partially extend through at least one aperture and lock to at least one structure within the connector receptacle.

  19. Android Applications Security

    OpenAIRE

    Paul POCATILU

    2011-01-01

    The use of smartphones worldwide is growing very fast and also the malicious attacks have increased. The mobile security applications development keeps the pace with this trend. The paper presents the vulnerabilities of mobile applications. The Android applications and devices are analyzed through the security perspective. The usage of restricted API is also presented. The paper also focuses on how users can prevent these malicious attacks and propose some prevention measures, including the a...

  20. Mitigating Docker Security Issues

    OpenAIRE

    Yasrab, Robail

    2018-01-01

    It is very easy to run applications in Docker. Docker offers an ecosystem that offers a platform for application packaging, distributing and managing within containers. However, Docker platform is yet not matured. Presently, Docker is less secured as compare to virtual machines (VM) and most of the other cloud technologies. The key of reason of Docker inadequate security protocols is containers sharing of Linux kernel, which can lead to risk of privileged escalations. This research is going t...

  1. Credit Card Security

    OpenAIRE

    G.C., Anup

    2013-01-01

    Author: Anup G.C. Year: 2013 Subject of thesis: Credit Card Security Number of pages: 36+2 Credit Card is a widely used electronic chip for easy transactions. The main purpose of the report was to show the security measures of transaction by credit cards. The purpose was to give information about credit cards and how they were introduced. The thesis reportcontained the types of card theft with examples and sited the various protocols used for online ...

  2. Computer Security: Competing Concepts

    OpenAIRE

    Nissenbaum, Helen; Friedman, Batya; Felten, Edward

    2001-01-01

    This paper focuses on a tension we discovered in the philosophical part of our multidisciplinary project on values in web-browser security. Our project draws on the methods and perspectives of empirical social science, computer science, and philosophy to identify values embodied in existing web-browser security and also to prescribe changes to existing systems (in particular, Mozilla) so that values relevant to web-browser systems are better served than presently they are. The tension, which ...

  3. Security in Internet

    Directory of Open Access Journals (Sweden)

    Felician ALECU

    2006-01-01

    Full Text Available A very good method that can be used to protect a private network is the implementation of a firewall between Internet and Intranet. This firewall will filter the packets that transit the network according with the security policy defined at the system level. The SSL protocol allows verifying the identity of a WEB server based on a digital certificate issued by a certification authority. Secure data transport over the Internet is done by using encryption methods.

  4. Security in cloud computing

    OpenAIRE

    Moreno Martín, Oriol

    2016-01-01

    Security in Cloud Computing is becoming a challenge for next generation Data Centers. This project will focus on investigating new security strategies for Cloud Computing systems. Cloud Computingisarecent paradigmto deliver services over Internet. Businesses grow drastically because of it. Researchers focus their work on it. The rapid access to exible and low cost IT resources on an on-demand fashion, allows the users to avoid planning ahead for provisioning, and enterprises to save money ...

  5. [Food security in Mexico].

    Science.gov (United States)

    Urquía-Fernández, Nuria

    2014-01-01

    An overview of food security and nutrition in Mexico is presented, based on the analysis of the four pillars of food security: availability, access, utilization of food, and stability of the food supply. In addition, the two faces of malnutrition in Mexico were analyzed: obesity and undernourishment. Data were gathered from the food security indicators of the United Nations's Food and Agriculture Organization, from the Mexican Scale of Food Security, and from the National Health and Nutrition Survey. Mexico presents an index of availability of 3 145 kilocalories per person per day, one of the highest indexes in the world, including both food production and imports. In contrast, Mexico is affected by a double burden of malnutrition: whereas children under five present 14% of stunt, 30% of the adult population is obese. Also, more than 18% of the population cannot afford the basic food basket (food poverty). Using perception surveys, people reports important levels of food insecurity, which concentrates in seven states of the Mexican Federation. The production structure underlying these indicators shows a very heterogeneous landscape, which translates in to a low productivity growth across the last years. Food security being a multidimensional concept, to ensure food security for the Mexican population requires a revision and redesign of public productive and social policies, placing a particular focus on strengthening the mechanisms of institutional governance.

  6. Security systems engineering overview

    International Nuclear Information System (INIS)

    Steele, B.J.

    1996-01-01

    Crime prevention is on the minds of most people today. The concern for public safety and the theft of valuable assets are being discussed at all levels of government and throughout the public sector. There is a growing demand for security systems that can adequately safeguard people and valuable assets against the sophistication of those criminals or adversaries who pose a threat. The crime in this country has been estimated at $70 billion in direct costs and up to $300 billion in indirect costs. Health insurance fraud alone is estimated to cost American businesses $100 billion. Theft, warranty fraud, and counterfeiting of computer hardware totaled $3 billion in 1994. A threat analysis is a prerequisite to any security system design to assess the vulnerabilities with respect to the anticipated threat. Having established a comprehensive definition of the threat, crime prevention, detection, and threat assessment technologies can be used to address these criminal activities. This talk will outline the process used to design a security system regardless of the level of security. This methodology has been applied to many applications including: government high security facilities; residential and commercial intrusion detection and assessment; anti-counterfeiting/fraud detection technologies (counterfeit currency, cellular phone billing, credit card fraud, health care fraud, passport, green cards, and questionable documents); industrial espionage detection and prevention (intellectual property, computer chips, etc.); and security barrier technology (creation of delay such as gates, vaults, etc.)

  7. Security systems engineering overview

    Science.gov (United States)

    Steele, Basil J.

    1997-01-01

    Crime prevention is on the minds of most people today. The concern for public safety and the theft of valuable assets are being discussed at all levels of government and throughout the public sector. There is a growing demand for security systems that can adequately safeguard people and valuable assets against the sophistication of those criminals or adversaries who pose a threat. The crime in this country has been estimated at 70 billion dollars in direct costs and up to 300 billion dollars in indirect costs. Health insurance fraud alone is estimated to cost American businesses 100 billion dollars. Theft, warranty fraud, and counterfeiting of computer hardware totaled 3 billion dollars in 1994. A threat analysis is a prerequisite to any security system design to assess the vulnerabilities with respect to the anticipated threat. Having established a comprehensive definition of the threat, crime prevention, detection, and threat assessment technologies can be used to address these criminal activities. This talk will outline the process used to design a security system regardless of the level of security. This methodology has been applied to many applications including: government high security facilities; residential and commercial intrusion detection and assessment; anti-counterfeiting/fraud detection technologies; industrial espionage detection and prevention; security barrier technology.

  8. 21st Century Security Manager

    Directory of Open Access Journals (Sweden)

    Stelian ARION

    2010-11-01

    Full Text Available We live in world of uncertainty that generates major paradigms changing that affect security risk management. Modern organization’s security risks management can’t be done without a profound knowlegde and daily practice for security governance, security risk management and resilience. 21st Century security manager need to deal with several areas of konwledge in order to succesfully manage security risks. The document presents the advantages, disadvantages and challenges for security managers thah have government backgroud, or IT security backgroud, or are promoted from organization’s inside leaders. There are six different areas of knowledge that successful security programs of the future must incorporate, either in the knowledge base of their leaders or in the collective knowledge of the leading staff. They are government elements, security organization, emerging issue awareness, IT security, business elements and executive leadership.

  9. CHANGES IN THE SECURITY AGENDA: CRITICAL SECURITY STUDIES AND HUMAN SECURITY. THE CASE OF CHINA

    Directory of Open Access Journals (Sweden)

    Nguyen THI THUY HANG

    2012-06-01

    Full Text Available Since the end of the Cold War the meaning of security has fundamentally changed. Issues which are labeled as non-traditional security namely human development, economic crises, environmental degradation, natural disaster, poverty, epidemics… have become a crucial part of the security agenda. These changes have been intensified with the development of the two approaches: Critical Security Studies and Human Security. This article explores how the meaning of security has changed and how the boundaries between traditional and non-traditional security have become blurred. The case of China is taken as empirical evidence to support the assertion that security has evolved beyond its traditional focus on the state.

  10. Microsoft Security Bible A Collection of Practical Security Techniques

    CERN Document Server

    Mullen, Timothy "Thor"

    2011-01-01

    Thor's Microsoft® Security Bible provides a "one-stop-shop" for Microsoft-related security techniques and procedures as applied to the typical deployment of a Microsoft-based infrastructure. The book contains detailed security concepts and methodologies described at every level: Server, Client, Organizational Structure, Platform-specific security options, application specific security (IIS, SQL, Active Directory, etc.) and also includes new, never-before-published security tools complete with source code. Detailed technical information on security processes for all major Microsoft applications

  11. Security patterns in practice designing secure architectures using software patterns

    CERN Document Server

    Fernandez-Buglioni, Eduardo

    2013-01-01

    Learn to combine security theory and code to produce secure systems Security is clearly a crucial issue to consider during the design and implementation of any distributed software architecture. Security patterns are increasingly being used by developers who take security into serious consideration from the creation of their work. Written by the authority on security patterns, this unique book examines the structure and purpose of security patterns, illustrating their use with the help of detailed implementation advice, numerous code samples, and descriptions in UML. Provides

  12. Database and applications security integrating information security and data management

    CERN Document Server

    Thuraisingham, Bhavani

    2005-01-01

    This is the first book to provide an in-depth coverage of all the developments, issues and challenges in secure databases and applications. It provides directions for data and application security, including securing emerging applications such as bioinformatics, stream information processing and peer-to-peer computing. Divided into eight sections, each of which focuses on a key concept of secure databases and applications, this book deals with all aspects of technology, including secure relational databases, inference problems, secure object databases, secure distributed databases and emerging

  13. Roadmap on optical security

    Science.gov (United States)

    Javidi, Bahram; Carnicer, Artur; Yamaguchi, Masahiro; Nomura, Takanori; Pérez-Cabré, Elisabet; Millán, María S.; Nishchal, Naveen K.; Torroba, Roberto; Fredy Barrera, John; He, Wenqi; Peng, Xiang; Stern, Adrian; Rivenson, Yair; Alfalou, A.; Brosseau, C.; Guo, Changliang; Sheridan, John T.; Situ, Guohai; Naruse, Makoto; Matsumoto, Tsutomu; Juvells, Ignasi; Tajahuerce, Enrique; Lancis, Jesús; Chen, Wen; Chen, Xudong; Pinkse, Pepijn W. H.; Mosk, Allard P.; Markman, Adam

    2016-08-01

    Information security and authentication are important challenges facing society. Recent attacks by hackers on the databases of large commercial and financial companies have demonstrated that more research and development of advanced approaches are necessary to deny unauthorized access to critical data. Free space optical technology has been investigated by many researchers in information security, encryption, and authentication. The main motivation for using optics and photonics for information security is that optical waveforms possess many complex degrees of freedom such as amplitude, phase, polarization, large bandwidth, nonlinear transformations, quantum properties of photons, and multiplexing that can be combined in many ways to make information encryption more secure and more difficult to attack. This roadmap article presents an overview of the potential, recent advances, and challenges of optical security and encryption using free space optics. The roadmap on optical security is comprised of six categories that together include 16 short sections written by authors who have made relevant contributions in this field. The first category of this roadmap describes novel encryption approaches, including secure optical sensing which summarizes double random phase encryption applications and flaws [Yamaguchi], the digital holographic encryption in free space optical technique which describes encryption using multidimensional digital holography [Nomura], simultaneous encryption of multiple signals [Pérez-Cabré], asymmetric methods based on information truncation [Nishchal], and dynamic encryption of video sequences [Torroba]. Asymmetric and one-way cryptosystems are analyzed by Peng. The second category is on compression for encryption. In their respective contributions, Alfalou and Stern propose similar goals involving compressed data and compressive sensing encryption. The very important area of cryptanalysis is the topic of the third category with two sections

  14. The Personal Information Security Assistant

    NARCIS (Netherlands)

    Kegel, Roeland Hendrik,Pieter

    The human element is often found to be the weakest link in the information security chain. The Personal Information Security Assistant project aims to address this by improving the privacy and security awareness of end-users and by aligning the user's personal IT environment to the user's security

  15. 76 FR 46603 - Security Ratings

    Science.gov (United States)

    2011-08-03

    ... settled derivative securities). See Simplification of Registration of Reporting Requirements for Foreign... SECURITIES AND EXCHANGE COMMISSION 17 CFR Parts 200, 229, 230, 232, 239, 240, and 249 [Release No. 33-9245; 34-64975; File No. S7-18-08] RIN 3235-AK18 Security Ratings AGENCY: Securities and Exchange...

  16. EPICS: Channel Access security design

    International Nuclear Information System (INIS)

    Kraimer, M.; Hill, J.

    1994-05-01

    This document presents the design for implementing the requirements specified in: EPICS -- Channel Access Security -- functional requirements, Ned. D. Arnold, 03/09/92. Use of the access security system is described along with a summary of the functional requirements. The programmer's interface is given. Security protocol is described and finally aids for reading the access security code are provided

  17. A Portable Computer Security Workshop

    Science.gov (United States)

    Wagner, Paul J.; Phillips, Andrew T.

    2006-01-01

    We have developed a computer security workshop designed to instruct post-secondary instructors who want to start a course or laboratory exercise sequence in computer security. This workshop has also been used to provide computer security education to IT professionals and students. It is effective in communicating basic computer security principles…

  18. Considerations for Cloud Security Operations

    OpenAIRE

    Cusick, James

    2016-01-01

    Information Security in Cloud Computing environments is explored. Cloud Computing is presented, security needs are discussed, and mitigation approaches are listed. Topics covered include Information Security, Cloud Computing, Private Cloud, Public Cloud, SaaS, PaaS, IaaS, ISO 27001, OWASP, Secure SDLC.

  19. Modified Small Business Network Security

    OpenAIRE

    Md. Belayet Ali; Oveget Das; Md. Shamim Hossain

    2012-01-01

    This paper covers some likely threats and effectivesteps for a secure small business. It also involves a flowchart tocomprehend the overall small business network security easilyand we identify a set of security issues and applyappropriate techniques to satisfy the correspondingsecurity requirements. In respect of all, this document isstrong enough for any small business network security.

  20. Cryptography for Big Data Security

    Science.gov (United States)

    2015-07-13

    Cryptography for Big Data Security Book Chapter for Big Data: Storage, Sharing, and Security (3S) Distribution A: Public Release Ariel Hamlin1 Nabil...Email: arkady@ll.mit.edu ii Contents 1 Cryptography for Big Data Security 1 1.1 Introduction...48 Chapter 1 Cryptography for Big Data Security 1.1 Introduction With the amount

  1. Evaluating of foreign trade security

    OpenAIRE

    Vasyliev Andriy

    2015-01-01

    A method of evaluating foreign trade security is considered based on horizontally integrated approach to research security issues, taking into account the conditions of management, factors, components and levels of external security. The work was based theories of security, economics, management theory, practice of state regulation of foreign trade.

  2. Secure Sessions for Web Services

    NARCIS (Netherlands)

    Reiter, M.; Bhargavan, K.; Corin, R.J.; Fournet, C.; Gordon, A.D.

    2007-01-01

    We address the problem of securing sequences of SOAP messages exchanged between web services and their clients. The WS-Security standard defines basic mechanisms to secure SOAP traffic, one message at a time. For typical web services, however, using WS-Security independently for each message is

  3. Security planning an applied approach

    CERN Document Server

    Lincke, Susan

    2015-01-01

    This book guides readers through building an IT security plan. Offering a template, it helps readers to prioritize risks, conform to regulation, plan their defense and secure proprietary/confidential information. The process is documented in the supplemental online security workbook. Security Planning is designed for the busy IT practitioner, who does not have time to become a security expert, but needs a security plan now. It also serves to educate the reader of a broader set of concepts related to the security environment through the Introductory Concepts and Advanced sections. The book serv

  4. Gross anatomy of network security

    Science.gov (United States)

    Siu, Thomas J.

    2002-01-01

    Information security involves many branches of effort, including information assurance, host level security, physical security, and network security. Computer network security methods and implementations are given a top-down description to permit a medically focused audience to anchor this information to their daily practice. The depth of detail of network functionality and security measures, like that of the study of human anatomy, can be highly involved. Presented at the level of major gross anatomical systems, this paper will focus on network backbone implementation and perimeter defenses, then diagnostic tools, and finally the user practices (the human element). Physical security measures, though significant, have been defined as beyond the scope of this presentation.

  5. Enhancing implementation security of QKD

    Science.gov (United States)

    Tamaki, Kiyoshi

    2017-10-01

    Quantum key distribution (QKD) can achieve information-theoretic security, which is a provable security against any eavesdropping, given that all the devices the sender and the receiver employ operate exactly as the theory of security requires. Unfortunately, however, it is difficult for practical devices to meet all such requirements, and therefore more works have to be done toward guaranteeing information-theoretic security in practice, i.e., implementation security. In this paper, we review our recent efforts to enhance implementation security. We also have a brief look at a flaw in security proofs and present how to fix it.

  6. The Water Security Hydra

    Science.gov (United States)

    Lall, U.

    2017-12-01

    As the editor of a new journal on water security, I have been pondering what it can mean theoretically and practically. At one level, it is pretty aobvious that it refers to the ability to affordably and reliably access water of appropriate quality, and to be protected from the water related ravages of nature, such as floods, droughts and water borne disease. The concept of water security can apply to a family, a company, a state or globally. Of course, since we value the environment, water security embraces the needs of the environment. Where, we consider economic development or energy production, water security also emerges as a critical factor. So, in short it touches almost all things about water that pertain to our lives. New stresses are created by a changing climate, growing populations and an ever changing society, economic activity and environment. Thus, if assuring water security is a goal at any of the scales of interest, many factors need to be considered, and what can really be assured, where and for how long emerges as an interesting question. Local (place, time, individuals, politics) as well as global (climate, economics, hydrology) factors interact to determine outcomes, not all of which are readily mapped in our mathematical or cognitive models to a functional notion of what constitutes security in the face of changing conditions and actors. Further, assurance implies going beyond characterization to developing actions, responses to stressors and risk mitigation strategies. How these perform in the short and long run, and what are the outcomes and strategies for impact mitigation in the event of failure then determines water security. Recognizing that providing assurance of water security has always been the goal of water management, regulation and development, perhaps the challenge is to understand what this means from the perspective of not just the "water managers" but the individuals who are the unwitting beneficiaries, or the instruments for

  7. Computer Security: professionalism in security, too

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    At CERN, we apply a great deal of dedication and professionalism to all the work we do. This is necessary because of the complexity and sophistication of the devices we deal with. However, when it comes to computer security, we can all agree that there is room for improvement.   In some cases, we’ve observed devices that are connected to our Intranet networks without the adequate level of protection. Also, in order to allow it to be disseminated easily with peers, information is often disclosed on public webpages, sometimes without appropriate consideration of important security-related aspects. Program code is lost due to a lack of proper version control or the use of central storage systems. Systems are brought down by “finger trouble”, confusing the right and wrong IP addresses. Software or system development is done directly on production devices, impinging on their proper operation up to the point where the system grinds to a halt. Applications full of useful fe...

  8. Indicators for energy security

    International Nuclear Information System (INIS)

    Kruyt, Bert; Van Vuuren, D.P.; De Vries, H.J.M.; Groenenberg, H.

    2009-01-01

    The concept of energy security is widely used, yet there is no consensus on its precise interpretation. In this research, we have provided an overview of available indicators for long-term security of supply (SOS). We distinguished four dimensions of energy security that relate to the availability, accessibility, affordability and acceptability of energy and classified indicators for energy security according to this taxonomy. There is no one ideal indicator, as the notion of energy security is highly context dependent. Rather, applying multiple indicators leads to a broader understanding. Incorporating these indicators in model-based scenario analysis showed accelerated depletion of currently known fossil resources due to increasing global demand. Coupled with increasing spatial discrepancy between consumption and production, international trade in energy carriers is projected to have increased by 142% in 2050 compared to 2008. Oil production is projected to become increasingly concentrated in a few countries up to 2030, after which production from other regions diversifies the market. Under stringent climate policies, this diversification may not occur due to reduced demand for oil. Possible benefits of climate policy include increased fuel diversity and slower depletion of fossil resources. (author)

  9. IPv6 Security

    Science.gov (United States)

    Babik, M.; Chudoba, J.; Dewhurst, A.; Finnern, T.; Froy, T.; Grigoras, C.; Hafeez, K.; Hoeft, B.; Idiculla, T.; Kelsey, D. P.; López Muñoz, F.; Martelli, E.; Nandakumar, R.; Ohrenberg, K.; Prelz, F.; Rand, D.; Sciabà, A.; Tigerstedt, U.; Traynor, D.; Wartel, R.

    2017-10-01

    IPv4 network addresses are running out and the deployment of IPv6 networking in many places is now well underway. Following the work of the HEPiX IPv6 Working Group, a growing number of sites in the Worldwide Large Hadron Collider Computing Grid (WLCG) are deploying dual-stack IPv6/IPv4 services. The aim of this is to support the use of IPv6-only clients, i.e. worker nodes, virtual machines or containers. The IPv6 networking protocols while they do contain features aimed at improving security also bring new challenges for operational IT security. The lack of maturity of IPv6 implementations together with the increased complexity of some of the protocol standards raise many new issues for operational security teams. The HEPiX IPv6 Working Group is producing guidance on best practices in this area. This paper considers some of the security concerns for WLCG in an IPv6 world and presents the HEPiX IPv6 working group guidance for the system administrators who manage IT services on the WLCG distributed infrastructure, for their related site security and networking teams and for developers and software engineers working on WLCG applications.

  10. Security bingo for administrators

    CERN Multimedia

    Computer Security Team

    2011-01-01

    Have you ever thought about the security of your service(s) or system(s)? Show us and win one of three marvellous books on computer security! Just print out this page, mark which of the 25 good practices below you already follow, and send the sheet back to us at Computer.Security@cern.ch or P.O. Box G19710, by November 14th 2011.   Winners[1] must show us that they follow at least five good practices in a continuous horizontal row, vertical column or diagonal. For details on CERN Computer Security, please consult http://cern.ch/security. My service or system…   …is following a software development life-cycle. …is patched in an automatic and timely fashion. …runs a tightened local ingress/egress firewall. …uses CERN Single-Sign-On (SSO). …has physical access protections in place. …runs all processes / services / applications with least privileges. …has ...

  11. Conceptualizing energy security

    International Nuclear Information System (INIS)

    Winzer, Christian

    2012-01-01

    Energy security is one of the main targets of energy policy. However, the term has not been clearly defined, which makes it hard to measure and difficult to balance against other policy objectives. We review the multitude of definitions of energy security. They can be characterized according to the sources of risk, the scope of the impacts, and the severity filters in the form of the speed, size, sustention, spread, singularity and sureness of impacts. Using a stylized case study for three European countries, we illustrate how the selection of conceptual boundaries along these dimensions determines the outcome. This can be avoided by more clearly separating between security of supply and other policy objectives. This leads us to the definition of energy security as the continuity of energy supplies relative to demand. - Highlights: ► The widest energy security concept includes all risks that are caused by or have an impact on the energy supply chain. ► Authors narrow this down by choosing different risk sources, impact measures and subjective severity filters in their definitions. ► The selection of conceptual boundaries determines outcome of quantitative studies.

  12. Cyber Security : Home User's Perspective

    OpenAIRE

    Ikonen, Mikko

    2014-01-01

    Cyber security is important to understand for home users. New technology allows for new cyber threats to emerge and new solutions must be considered to counter them. Nearly every device is connected to the Internet and this opens new possibilities and threats to cyber security. This Bachelor's thesis explores the different aspects of cyber security and suggests solutions to different cyber security issues found. The different aspects of cyber security under research here include personal ...

  13. VMware vCloud security

    CERN Document Server

    Sarkar, Prasenjit

    2013-01-01

    VMware vCloud Security provides the reader with in depth knowledge and practical exercises sufficient to implement a secured private cloud using VMware vCloud Director and vCloud Networking and Security.This book is primarily for technical professionals with system administration and security administration skills with significant VMware vCloud experience who want to learn about advanced concepts of vCloud security and compliance.

  14. Do Job Security Guarantees Work?

    OpenAIRE

    Alex Bryson; Lorenzo Cappellari; Claudio Lucifora

    2004-01-01

    We investigate the effect of employer job security guarantees on employee perceptions of job security. Using linked employer-employee data from the 1998 British Workplace Employee Relations Survey, we find job security guarantees reduce employee perceptions of job insecurity. This finding is robust to endogenous selection of job security guarantees by employers engaging in organisational change and workforce reductions. Furthermore, there is no evidence that increased job security through job...

  15. Security Dynamics of Cloud Computing

    OpenAIRE

    Khan, Khaled M.

    2009-01-01

    This paper explores various dimensions of cloud computing security. It argues that security concerns of cloud computing need to be addressed from the perspective of individual stakeholder. Security focuses of cloud computing are essentially different in terms of its characteristics and business model. Conventional way of viewing as well as addressing security such as ‘bolting-in’ on the top of cloud computing may not work well. The paper attempts to portray the security spectrum necessary for...

  16. Information security foundations, technologies and applications

    CERN Document Server

    Awad, Ali Ismail; Fairhurst, Michael

    2018-01-01

    This book outlines key emerging trends in information security from the foundations and technologies in biometrics, cybersecurity, and big data security to applications in hardware and embedded systems security, computer forensics, the Internet of Things security, and network security.

  17. Security Policy and Developments in Central Asia : Security Documents Compared with Security Challenges

    NARCIS (Netherlands)

    Haas, de M.

    2016-01-01

    This article examines the security policy of the Central Asian (CA) states, by comparing theory (security documents) with practice (the actual security challenges). The lack of CA regional (security) cooperation and authoritarian rule puts political and economic stability at stake. The internal and

  18. Generating WS-SecurityPolicy documents via security model transformation

    DEFF Research Database (Denmark)

    Jensen, Meiko

    2009-01-01

    When SOA-based business processes are to be enhanced with security properties, the model-driven business process development approach enables an easier and more reliable security definition compared to manually crafting the security realizations afterwards. In this paper, we outline an appropriat...... security model definition and transformation approach, targeting the WS-SecurityPolicy and WS-BPEL specifications, in order to enable a Web-Service-based secure business process development.......When SOA-based business processes are to be enhanced with security properties, the model-driven business process development approach enables an easier and more reliable security definition compared to manually crafting the security realizations afterwards. In this paper, we outline an appropriate...

  19. Computer Security: Security operations at CERN (4/4)

    CERN Document Server

    CERN. Geneva

    2012-01-01

    Stefan Lueders, PhD, graduated from the Swiss Federal Institute of Technology in Zurich and joined CERN in 2002. Being initially developer of a common safety system used in all four experiments at the Large Hadron Collider, he gathered expertise in cyber-security issues of control systems. Consequently in 2004, he took over responsibilities in securing CERN's accelerator and infrastructure control systems against cyber-threats. Subsequently, he joined the CERN Computer Security Incident Response Team and is today heading this team as CERN's Computer Security Officer with the mandate to coordinate all aspects of CERN's computer security --- office computing security, computer centre security, GRID computing security and control system security --- whilst taking into account CERN's operational needs. Dr. Lueders has presented on these topics at many different occasions to international bodies, governments, and companies, and published several articles. With the prevalence of modern information technologies and...

  20. Machine Learning for Security

    CERN Multimedia

    CERN. Geneva

    2015-01-01

    Applied statistics, aka ‘Machine Learning’, offers a wealth of techniques for answering security questions. It’s a much hyped topic in the big data world, with many companies now providing machine learning as a service. This talk will demystify these techniques, explain the math, and demonstrate their application to security problems. The presentation will include how-to’s on classifying malware, looking into encrypted tunnels, and finding botnets in DNS data. About the speaker Josiah is a security researcher with HP TippingPoint DVLabs Research Group. He has over 15 years of professional software development experience. Josiah used to do AI, with work focused on graph theory, search, and deductive inference on large knowledge bases. As rules only get you so far, he moved from AI to using machine learning techniques identifying failure modes in email traffic. There followed digressions into clustered data storage and later integrated control systems. Current ...

  1. Dying for security

    Directory of Open Access Journals (Sweden)

    Buchan, Bruce

    2011-01-01

    Full Text Available If political statements and media coverage are any guide, it seems Australians today are dying for security. At no other moment in our history has the spectre of war and terrorism so haunted popular, political and scholarly perceptions of Australia’s colonial past and of its geopolitical future. And yet, debates over colonial war or genocide and contemporary terrorism have been conducted in more or less complete isolation. In this article I argue that our contemporary obsession with ‘security’ is premised on the perennial threat of ‘insecurity’. This is the problem of in/security, and it has played a central role in the development of Western political thought. More importantly, its formulation in Western political thought provided a powerful justification for the violence of the early decades of Australia’s colonisation during which Indigenous Australians could also be said to have been dying for security.

  2. Dying for Security

    Directory of Open Access Journals (Sweden)

    Bruce Buchan

    2011-03-01

    Full Text Available If political statements and media coverage are any guide, it seems Australians today are dying for security. At no other moment in our history has the spectre of war and terrorism so haunted popular, political and scholarly perceptions of Australia’s colonial past and of its geopolitical future. And yet, debates over colonial war or genocide and contemporary terrorism have been conducted in more or less complete isolation. In this article I argue that our contemporary obsession with ‘security’ is premised on the perennial threat of ‘insecurity’. This is the problem of in/security, and it has played a central role in the development of Western political thought. More importantly, its formulation in Western political thought provided a powerful justification for the violence of the early decades of Australia’s colonisation during which Indigenous Australians could also be said to have been dying for security.

  3. Ethics and European security

    Energy Technology Data Exchange (ETDEWEB)

    Paskins, B.

    1986-01-01

    The alliance between the United States and her NATO partners has been strained severely in the last few years. American perceptions of European disloyalty and European impressions of American assertiveness and lack of judgment have played a large part in generating tensions between the allies and emphasising the new peace movements. This book is an attempt to develop a broader understanding of the problem of European security based on Christian ethics. There are disagreements and differences of emphasis among the contributors but they have in common the view that an exclusive preoccupation with the military dimension is damagingly one-sided. Instead the contributors argue that moral and theological concerns are a vital part of the politics and mechanics of European security and must be incorporated in any effort to devise new policies for security in Europe and the West.

  4. FOOD SECURITY IN ROMANIA

    Directory of Open Access Journals (Sweden)

    Silviu STANCIU

    2015-12-01

    Full Text Available The increasing world population, the limitation of the natural availability for food production, the climate issues and the food consumption need for modification imposed a continuous updating of the food security concept. Although Romania has sufficient natural resources, which may ensure, by means of proper exploitation, the population’s food needs, the lack of a unitary approach at the government level, materialized in the dependence on imports and in fluctuations in the agro-food production, leads to a re-evaluation of national food needs. National food security may be affected by a series of risks and threats, which appeared due to an imbalance connected with the availability, the utility and the stability of the agro-food sector, interdependent elements that must be functional. The present article proposes an analysis of food security in Romania, with a short presentation of the concept in an international context.

  5. Technology Empowerment: Security Challenges.

    Energy Technology Data Exchange (ETDEWEB)

    Warren, Drake Edward [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Backus, George A. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Jones, Wendell [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Nelson, Thomas R. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Skocypec, Russell D. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

    2017-03-01

    “Technology empowerment” means that innovation is increasingly accessible to ordinary people of limited means. As powerful technologies become more affordable and accessible, and as people are increasingly connected around the world, ordinary people are empowered to participate in the process of innovation and share the fruits of collaborative innovation. This annotated briefing describes technology empowerment and focuses on how empowerment may create challenges to U.S. national security. U.S. defense research as a share of global innovation has dwindled in recent years. With technology empowerment, the role of U.S. defense research is likely to shrink even further while technology empowerment will continue to increase the speed of innovation. To avoid falling too far behind potential technology threats to U.S. national security, U.S. national security institutions will need to adopt many of the tools of technology empowerment.

  6. Social Influence for Security

    Directory of Open Access Journals (Sweden)

    Florin Iftode

    2014-08-01

    Full Text Available The main aim of this work marks the reveling of scientific premises intended to structure the issue of social influence for security. The approach has as aim the identification of those elements that define and characterize the social influence in order to manage conflict, from the perspective of public communication. The proposed approach establishes some synthetic, clear boundaries through the method of research and analysis of the concept of security, social influence, revealing the specifics of public communication in conflict management.

  7. Security System Software

    Science.gov (United States)

    1993-01-01

    C Language Integration Production System (CLIPS), a NASA-developed expert systems program, has enabled a security systems manufacturer to design a new generation of hardware. C.CURESystem 1 Plus, manufactured by Software House, is a software based system that is used with a variety of access control hardware at installations around the world. Users can manage large amounts of information, solve unique security problems and control entry and time scheduling. CLIPS acts as an information management tool when accessed by C.CURESystem 1 Plus. It asks questions about the hardware and when given the answer, recommends possible quick solutions by non-expert persons.

  8. Securing Distributed Research

    CERN Multimedia

    CERN. Geneva

    2018-01-01

    Global science calls for global infrastructure. A typical large-scale research group will use a suite of international services and involve hundreds of collaborating institutes and users from around the world. How can these users access those services securely? How can their digital identities be established, verified and maintained? We will explore the motivation for distributed authentication and the ways in which research communities are addressing the challenges. We will discuss security incident response in distributed environments - a particular challenge for the operators of these infrastructures. Through this course you should gain an overview of federated identity technologies and protocols, including x509 certificates, SAML and OIDC.

  9. Secure cloud computing

    CERN Document Server

    Jajodia, Sushil; Samarati, Pierangela; Singhal, Anoop; Swarup, Vipin; Wang, Cliff

    2014-01-01

    This book presents a range of cloud computing security challenges and promising solution paths. The first two chapters focus on practical considerations of cloud computing. In Chapter 1, Chandramouli, Iorga, and Chokani describe the evolution of cloud computing and the current state of practice, followed by the challenges of cryptographic key management in the cloud. In Chapter 2, Chen and Sion present a dollar cost model of cloud computing and explore the economic viability of cloud computing with and without security mechanisms involving cryptographic mechanisms. The next two chapters addres

  10. Security electronics circuits manual

    CERN Document Server

    MARSTON, R M

    1998-01-01

    Security Electronics Circuits Manual is an invaluable guide for engineers and technicians in the security industry. It will also prove to be a useful guide for students and experimenters, as well as providing experienced amateurs and DIY enthusiasts with numerous ideas to protect their homes, businesses and properties.As with all Ray Marston's Circuits Manuals, the style is easy-to-read and non-mathematical, with the emphasis firmly on practical applications, circuits and design ideas. The ICs and other devices used in the practical circuits are modestly priced and readily available ty

  11. Nuclear security officer training

    International Nuclear Information System (INIS)

    Harrington, W.F.

    1981-01-01

    Training has become complex and precise in today's world of critical review and responsibility. Entrusted to a security officer is the success or demise of large business. In more critical environments the security officer is entrusted with the monitoring and protection of life sensitive systems and devices. The awareness of this high visibility training requirement has been addressed by a limited few. Those involved in the nuclear power industry through dedication and commitment to the American public have without a doubt become leading pioneers in demanding training excellence

  12. Fermi and nuclear security

    International Nuclear Information System (INIS)

    Alcober Bosch, V.

    2003-01-01

    Following the scientific life of Fermi the article reviews the historical evolution of nuclear security from the base of the first system foreseen for the CP-1 critical pile, which made it possible to demonstrate self-sustaining fission reaction, until the mid-fifties by which time the subsequent importance of this concept was perceived. Technological advances have gone hand in hand with the development of the concept of security, and have become a further point to be taken into account in any nuclear installation, and which Fermi always kept in mind during his professional life. (Author) 12 refs

  13. Enterprise security IT security solutions : concepts, practical experiences, technologies

    CERN Document Server

    Fumy, Walter

    2013-01-01

    Addressing IT managers and staff, as well as CIOs and other executives dealing with corporate IT security, this book provides a broad knowledge on the major security issues affecting today's corporations and organizations, and presents state-of-the-art concepts and current trends for securing an enterprise.Areas covered include information security management, network and system security, identity and access management (IAM), authentication (including smart card based solutions and biometrics), and security certification. In-depth discussion of relevant technologies and standards (including cr

  14. Enterprise Mac Security Mac OS X Snow Leopard Security

    CERN Document Server

    Edge, Stephen Charles; Hunter, Beau; Sullivan, Gene; LeBlanc, Dee-Ann

    2010-01-01

    A common misconception in the Mac community is that Mac's operating system is more secure than others. While this might be true in certain cases, security on the Mac is still a crucial issue. When sharing is enabled or remote control applications are installed, Mac OS X faces a variety of security threats. Enterprise Mac Security: Mac OS X Snow Leopard is a definitive, expert-driven update of the popular, slash-dotted first edition and was written in part as a companion to the SANS Institute course for Mac OS X. It contains detailed Mac OS X security information, and walkthroughs on securing s

  15. Pragmatic security metrics applying metametrics to information security

    CERN Document Server

    Brotby, W Krag

    2013-01-01

    Other books on information security metrics discuss number theory and statistics in academic terms. Light on mathematics and heavy on utility, PRAGMATIC Security Metrics: Applying Metametrics to Information Security breaks the mold. This is the ultimate how-to-do-it guide for security metrics.Packed with time-saving tips, the book offers easy-to-follow guidance for those struggling with security metrics. Step by step, it clearly explains how to specify, develop, use, and maintain an information security measurement system (a comprehensive suite of metrics) to

  16. Web security a whitehat perspective

    CERN Document Server

    Wu, Hanqing

    2015-01-01

    MY VIEW OF THE SECURITY WORLDView of the IT Security WorldBrief History of Web SecurityBrief History of Chinese HackersDevelopment Process of Hacking TechniquesRise of Web SecurityBlack Hat, White HatBack to Nature: The Essence of Secret SecuritySuperstition: There Is No Silver BulletSecurity Is an Ongoing ProcessSecurity ElementsHow to Implement Safety AssessmentAsset ClassificationThreat AnalysisRisk AnalysisDesign of Security ProgramsArt of War of White HatPrinciples of Secure by DefaultBlacklist, WhitelistPrinciple of Least PrivilegePrinciple of Defense in DepthPrinciples of Data and Code

  17. Security for Mobility

    DEFF Research Database (Denmark)

    Nielson, Hanne Riis; Nielson, Flemming; Buchholtz, Mikael

    2004-01-01

    We show how to use static analysis to provide information about security issues related to mobility. First the syntax and semantics of Mobile Ambients is reviewed and we show how to obtain a so-called 0CFA analysis that can be implemented in polynomial time. Next we consider discretionary access...

  18. Security for Mobility

    DEFF Research Database (Denmark)

    Nielson, Hanne Riis; Nielson, Flemming; Buchholtz, Mikael

    2002-01-01

    We show how to use static analysis to provide information about security issues related to mobility. First the syntax and semantics of Mobile Ambients is reviewed and we show how to obtain a so-called 0CFA analysis that can be implemented in polynomial time. Next we consider discretionary access...

  19. Elements of Social Security

    DEFF Research Database (Denmark)

    Hansen, Hans

    Elements of Social Security contains an overview of important benefit schemes in Denmark, Sweden, Finland, Austria, Germany, the Netherlands, Great Britain and Canada. The schemes are categorized according to common sets of criteria and compared. Stylized cases illustrate the impact on disposable...

  20. Elements of Social Security

    DEFF Research Database (Denmark)

    Hansen, Hans

    Elements of Social Security contains an overview of important benefit schemes in Denmark, Sweden, Finland, Germany, the Netherlands, Great Britain and Canada. The schemes are categorized according to common sets of criteria and compared. Stylized cases illustrate the impact on disposable income...

  1. Elements of Social Security

    DEFF Research Database (Denmark)

    Hansen, Hans

    Elements of Social Security contains an overview of important benefit schemes in Denmark, Sweden, Finland, Germany, Great Britain, the Netherlands and Canada. The schemes are categorized according to common sets of criteria and compared. Stylized cases illustrate the impact on disposable income...

  2. Security and arms control

    International Nuclear Information System (INIS)

    Kolodziej, E.A.; Morgan, P.M.

    1989-01-01

    This book attempts to clarify and define selected current issues and problems related to security and arms control from an international perspective. The chapters are organized under the following headings. Conflict and the international system, Nuclear deterrence, Conventional warfare, Subconventional conflict, Arms control and crisis management

  3. Unconditionally Secure Quantum Signatures

    Directory of Open Access Journals (Sweden)

    Ryan Amiri

    2015-08-01

    Full Text Available Signature schemes, proposed in 1976 by Diffie and Hellman, have become ubiquitous across modern communications. They allow for the exchange of messages from one sender to multiple recipients, with the guarantees that messages cannot be forged or tampered with and that messages also can be forwarded from one recipient to another without compromising their validity. Signatures are different from, but no less important than encryption, which ensures the privacy of a message. Commonly used signature protocols—signatures based on the Rivest–Adleman–Shamir (RSA algorithm, the digital signature algorithm (DSA, and the elliptic curve digital signature algorithm (ECDSA—are only computationally secure, similar to public key encryption methods. In fact, since these rely on the difficulty of finding discrete logarithms or factoring large primes, it is known that they will become completely insecure with the emergence of quantum computers. We may therefore see a shift towards signature protocols that will remain secure even in a post-quantum world. Ideally, such schemes would provide unconditional or information-theoretic security. In this paper, we aim to provide an accessible and comprehensive review of existing unconditionally securesecure signature schemes for signing classical messages, with a focus on unconditionally secure quantum signature schemes.

  4. Global Health Security

    Centers for Disease Control (CDC) Podcasts

    2017-09-21

    Dr. Jordan Tappero, a CDC senior advisor on global health, discusses the state of global health security.  Created: 9/21/2017 by National Center for Emerging and Zoonotic Infectious Diseases (NCEZID), Center for Global Health (CGH).   Date Released: 9/21/2017.

  5. Mobile code security

    Science.gov (United States)

    Ramalingam, Srikumar

    2001-11-01

    A highly secure mobile agent system is very important for a mobile computing environment. The security issues in mobile agent system comprise protecting mobile hosts from malicious agents, protecting agents from other malicious agents, protecting hosts from other malicious hosts and protecting agents from malicious hosts. Using traditional security mechanisms the first three security problems can be solved. Apart from using trusted hardware, very few approaches exist to protect mobile code from malicious hosts. Some of the approaches to solve this problem are the use of trusted computing, computing with encrypted function, steganography, cryptographic traces, Seal Calculas, etc. This paper focuses on the simulation of some of these existing techniques in the designed mobile language. Some new approaches to solve malicious network problem and agent tampering problem are developed using public key encryption system and steganographic concepts. The approaches are based on encrypting and hiding the partial solutions of the mobile agents. The partial results are stored and the address of the storage is destroyed as the agent moves from one host to another host. This allows only the originator to make use of the partial results. Through these approaches some of the existing problems are solved.

  6. Securing Major Events

    International Nuclear Information System (INIS)

    Loeoef, Susanna

    2013-01-01

    When asked why the IAEA should provide nuclear security support to countries that organize large public events, Nuclear Security Officer Sophia Miaw answers quickly and without hesitation. ''Imagine any major public event such as the Olympics, a football championship, or an Expo. If a dirty bomb were to be exploded at a site where tens of thousands of people congregate, the radioactive contamination would worsen the effects of the bomb, increase the number of casualties, impede a rapid emergency response, and cause long term disruption in the vicinity,'' she said. Avoiding such nightmarish scenarios is the driving purpose behind the assistance the IAEA offers States that host major sporting or other public events. The support can range from a single training course to a comprehensive programme that includes threat assessment, training, loaned equipment and exercises. The type and scope of assistance depends on the host country's needs. ''We incorporate nuclear security measures into their security plan. We don't create anything new,'' Miaw said

  7. [Biological security confronting bioterrorism].

    Science.gov (United States)

    Suárez Fernández, Guillermo

    2002-01-01

    A review is made on Biosecurity at both local and global level in relationship with Bioterrorism as a real threat and its control and prevention. The function of the network of High Security Laboratories around the world able to make immediate diagnosis, research on vaccines, fundamental and urgent epidemiological studies, conform a steady basis to control natural infections and also the possible bioterrorism attacks.

  8. Today's School Security

    Science.gov (United States)

    Kennedy, Mike

    2012-01-01

    Outbreaks of violence at education institutions typically do not rise to the horrific levels of Virginia Tech, Columbine High School, or Oikos University. But incidents that threaten school security--bullying, hazing, online harassment--take place in every month of the year and may occur in any classroom or campus from coast to coast. Schools and…

  9. Application Security Automation

    Science.gov (United States)

    Malaika, Majid A.

    2011-01-01

    With today's high demand for online applications and services running on the Internet, software has become a vital component in our lives. With every revolutionary technology comes challenges unique to its characteristics; for online applications, security is one huge concern and challenge. Currently, there are several schemes that address…

  10. Metaphors for cyber security.

    Energy Technology Data Exchange (ETDEWEB)

    Moore, Judy Hennessey; Parrott, Lori K.; Karas, Thomas H.

    2008-08-01

    This report is based upon a workshop, called 'CyberFest', held at Sandia National Laboratories on May 27-30, 2008. Participants in the workshop came from organizations both outside and inside Sandia. The premise of the workshop was that thinking about cyber security from a metaphorical perspective could lead to a deeper understanding of current approaches to cyber defense and perhaps to some creative new approaches. A wide range of metaphors was considered, including those relating to: military and other types of conflict, biological, health care, markets, three-dimensional space, and physical asset protection. These in turn led to consideration of a variety of possible approaches for improving cyber security in the future. From the proposed approaches, three were formulated for further discussion. These approaches were labeled 'Heterogeneity' (drawing primarily on the metaphor of biological diversity), 'Motivating Secure Behavior' (taking a market perspective on the adoption of cyber security measures) and 'Cyber Wellness' (exploring analogies with efforts to improve individual and public health).

  11. Home Network Security

    NARCIS (Netherlands)

    Scholten, Hans; van Dijk, Hylke

    2008-01-01

    Service discovery and secure and safe service usage are essential elements in the deployment of home and personal networks. Because no system administrator is present, setup and daily operation of such a network has to be automated as much as possible with a high degree of user friendliness. To

  12. Mastering Mobile Security

    Science.gov (United States)

    Panettieri, Joseph C.

    2007-01-01

    Without proper security, mobile devices are easy targets for worms, viruses, and so-called robot ("bot") networks. Hackers increasingly use bot networks to launch massive attacks against eCommerce websites--potentially targeting one's online tuition payment or fundraising/financial development systems. How can one defend his mobile systems against…

  13. Learning with Security

    Science.gov (United States)

    Jokela, Paivi; Karlsudd, Peter

    2007-01-01

    The current higher education, both distance education and traditional campus courses, relies more and more on modern information and communication technologies (ICT). The use of computer systems and networks results in a wide range of security issues that must be dealt with in order to create a safe learning environment. In this work, we study the…

  14. Nuclear Security Futures Scenarios

    International Nuclear Information System (INIS)

    Keller, Elizabeth James Kistin; Warren, Drake Edward; Hayden, Nancy Kay; Passell, Howard D.; Malczynski, Leonard A.; Backus, George A.

    2017-01-01

    This report provides an overview of the scenarios used in strategic futures workshops conducted at Sandia on September 21 and 29, 2016. The workshops, designed and facilitated by analysts in Center 100, used scenarios to enable thought leaders to think collectively about the changing aspects of global nuclear security and the potential implications for the US Government and Sandia National Laboratories.

  15. Biometric Template Security

    Directory of Open Access Journals (Sweden)

    Abhishek Nagar

    2008-03-01

    Full Text Available Biometric recognition offers a reliable solution to the problem of user authentication in identity management systems. With the widespread deployment of biometric systems in various applications, there are increasing concerns about the security and privacy of biometric technology. Public acceptance of biometrics technology will depend on the ability of system designers to demonstrate that these systems are robust, have low error rates, and are tamper proof. We present a high-level categorization of the various vulnerabilities of a biometric system and discuss countermeasures that have been proposed to address these vulnerabilities. In particular, we focus on biometric template security which is an important issue because, unlike passwords and tokens, compromised biometric templates cannot be revoked and reissued. Protecting the template is a challenging task due to intrauser variability in the acquired biometric traits. We present an overview of various biometric template protection schemes and discuss their advantages and limitations in terms of security, revocability, and impact on matching accuracy. A template protection scheme with provable security and acceptable recognition performance has thus far remained elusive. Development of such a scheme is crucial as biometric systems are beginning to proliferate into the core physical and information infrastructure of our society.

  16. Employment of security personnel

    International Nuclear Information System (INIS)

    Anon.

    1990-01-01

    If a company or institution hires personnel of a security service company to protect its premises, this kind of employment does not mean the company carries on temporary employment business. Within the purview of section 99, sub-section 1 of the BetrVG (Works Constitution Act), the security service personnel is not 'employed' in the proper sense even if the security tasks fulfilled by them are done at other times by regular employees of the company or institution. The court decision also decided that the Works Council need not give consent to employment of foreign security personnel. The court decision was taken for settlement of court proceedings commenced by Institute of Plasma Physics in Garching. In his comments, W. Hunold accedes to the court's decision and discusses the underlying reasons of this decision and of a previous ruling in the same matter by putting emphasis on the difference between a contract for services and a contract for work, and a contract for temporary employment. The author also discusses the basic features of an employment contract. (orig./HP) [de

  17. Understanding computer security

    NARCIS (Netherlands)

    Etalle, Sandro; Zannone, N.

    2014-01-01

    Few things in society and everyday life have changed in the last 10 years as much as the concept of security. From bank robberies to wars, what used to imply a great deal of violence is now silently happening on the Internet. Perhaps more strikingly, the very idea of privacy – a concept closely

  18. Transatlantic Homeland Security

    DEFF Research Database (Denmark)

    Dalgaard-Nielsen, Anja; Hamilton, Daniel

    This major new study presents both conceptual and practical guidance at a crucial time when intellectual and practical efforts to protect against the new terrorism should move beyond a purely domestic focus. Creating an effective and integrated national homeland security effort is a significant...

  19. Attachment Security and Pain

    DEFF Research Database (Denmark)

    Andersen, Tonny Elmose; Lahav, Yael; Defrin, Ruth

    2015-01-01

    The present study assesses for the first time, the possible disruption effect of posttraumatic stress symptoms (PTSS) with regard to the protective role of attachment on pain, among ex-POWs. While secure attachment seems to serve as a buffer, decreasing the perception of pain, this function may...

  20. Cryptographic Combinatorial Securities Exchanges

    Science.gov (United States)

    Thorpe, Christopher; Parkes, David C.

    We present a useful new mechanism that facilitates the atomic exchange of many large baskets of securities in a combinatorial exchange. Cryptography prevents information about the securities in the baskets from being exploited, enhancing trust. Our exchange offers institutions who wish to trade large positions a new alternative to existing methods of block trading: they can reduce transaction costs by taking advantage of other institutions’ available liquidity, while third party liquidity providers guarantee execution—preserving their desired portfolio composition at all times. In our exchange, institutions submit encrypted orders which are crossed, leaving a “remainder”. The exchange proves facts about the portfolio risk of this remainder to third party liquidity providers without revealing the securities in the remainder, the knowledge of which could also be exploited. The third parties learn either (depending on the setting) the portfolio risk parameters of the remainder itself, or how their own portfolio risk would change if they were to incorporate the remainder into a portfolio they submit. In one setting, these third parties submit bids on the commission, and the winner supplies necessary liquidity for the entire exchange to clear. This guaranteed clearing, coupled with external price discovery from the primary markets for the securities, sidesteps difficult combinatorial optimization problems. This latter method of proving how taking on the remainder would change risk parameters of one’s own portfolio, without revealing the remainder’s contents or its own risk parameters, is a useful protocol of independent interest.

  1. Nuclear Security Futures Scenarios.

    Energy Technology Data Exchange (ETDEWEB)

    Keller, Elizabeth James Kistin [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Warren, Drake Edward [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Hayden, Nancy Kay [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Passell, Howard D. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Malczynski, Leonard A. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Backus, George A. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

    2017-01-01

    This report provides an overview of the scenarios used in strategic futures workshops conducted at Sandia on September 21 and 29, 2016. The workshops, designed and facilitated by analysts in Center 100, used scenarios to enable thought leaders to think collectively about the changing aspects of global nuclear security and the potential implications for the US Government and Sandia National Laboratories.

  2. Security of Radioactive Waste

    International Nuclear Information System (INIS)

    Goldammer, W.

    2003-01-01

    Measures to achieve radioactive waste security are discussed. Categorization of waste in order to implement adequate and consistent security measures based on potential consequences is made. The measures include appropriate treatment/storage/disposal of waste to minimize the potential and consequences of malicious acts; management of waste only within an authorised, regulated, legal framework; management of the security of personnel and information; measures to minimize the acquisition of radioactive waste by those with malicious intent. The specific measures are: deter unauthorized access to the waste; detect any such attempt or any loss or theft of waste; delay unauthorized access; provide timely response to counter any attempt to gain unauthorised access; measures to minimize acts of sabotage; efforts to recover any lost or stolen waste; mitigation and emergency plans in case of release of radioactivity. An approach to develop guidance, starting with the categorisation of sources and identification of dangerous sources, is presented. Dosimetric criteria for internal and external irradiation are set. Different exposure scenarios are considered. Waste categories and security categories based on the IAEA INFCIRC/225/Rev.4 are presented

  3. 3. Secure Messaging

    Indian Academy of Sciences (India)

    Home; Journals; Resonance – Journal of Science Education; Volume 6; Issue 1. Electronic Commerce - Secure Messaging. V Rajaraman. Series Article Volume 6 Issue 1 January 2001 pp 8-17. Fulltext. Click here to view fulltext PDF. Permanent link: https://www.ias.ac.in/article/fulltext/reso/006/01/0008-0017 ...

  4. Design for Security Workshop

    Science.gov (United States)

    2014-09-30

    plane sees such message, it takes action to re-direct data Design for Security - S. LEEF, July, 201425 Router image source: Cisco web site Carrier of...Confidential Material T3S Status • Engaging/ recruiting additional members & partners  In discussion with other semiconductor companies; network & other

  5. Secure quantum private comparison

    International Nuclear Information System (INIS)

    Yang Yuguang; Cao Weifeng; Wen Qiaoyan

    2009-01-01

    We propose a two-party quantum private comparison protocol using single photons, in which two distrustful parties can compare whether their secrets are equal with the help of a third party (TP). Any information about the values of their respective secrets will not be leaked out even with a compromised TP. Security is also discussed.

  6. Secure quantum private comparison

    Energy Technology Data Exchange (ETDEWEB)

    Yang Yuguang [College of Computer Science and Technology, Beijing University of Technology, Beijing 100124 (China); Cao Weifeng [College of Electric and Information Engineering, Zhengzhou University of Light Industry, Zhengzhou 450002 (China); Wen Qiaoyan [State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, Beijing 100876 (China)], E-mail: yangyang7357@bjut.edu.cn

    2009-12-15

    We propose a two-party quantum private comparison protocol using single photons, in which two distrustful parties can compare whether their secrets are equal with the help of a third party (TP). Any information about the values of their respective secrets will not be leaked out even with a compromised TP. Security is also discussed.

  7. Secure software development training course

    Directory of Open Access Journals (Sweden)

    Victor S. Gorbatov

    2017-06-01

    Full Text Available Information security is one of the most important criteria for the quality of developed software. To obtain a sufficient level of application security companies implement security process into software development life cycle. At this stage software companies encounter with deficit employees who able to solve problems of software design, implementation and application security. This article provides a description of the secure software development training course. Training course of application security is designed for co-education students of different IT-specializations.

  8. Securing Chinese nuclear power development: further strengthening nuclear security

    International Nuclear Information System (INIS)

    Zhang Hui

    2014-01-01

    Chinese President Xi Jinping addresses China's new concept of nuclear security with four 'equal emphasis' at the third Nuclear Security Summit, and makes four commitments to strengthen nuclear security in the future. To convert President Xi's political commitments into practical, sustainable reality, China should take further steps to install a complete, reliable, and effective security system to ensure that all its nuclear materials and nuclear facilities are effectively protected against the full spectrum of plausible terrorist and criminal threats. This paper suggests the following measures be taken to improve China's existing nuclear security system, including updating and clarifying the requirements for a national level DBT; updating and enforcing existing regulations; further promoting nuclear security culture; balancing the costs of nuclear security, and further strengthening international cooperation on nuclear security. (author)

  9. Water System Security and Resilience in Homeland Security Research

    Science.gov (United States)

    EPA's water security research provides tools needed to improve infrastructure security and to recover from an attack or contamination incident involving chemical, biological, or radiological (CBR) agents or weapons.

  10. PCI DSS: Security Standard and Security in Fact

    Directory of Open Access Journals (Sweden)

    M. V. Kuzin

    2011-12-01

    Full Text Available The article focuses on Payment Card Industry Data Security Standard (PCI DSS requirements and practices, especially it’s issues and disadvantages to achieve the main goal — security of payment cards infrastructure.

  11. PCI DSS: Security Standard and Security in Fact

    OpenAIRE

    M. V. Kuzin

    2011-01-01

    The article focuses on Payment Card Industry Data Security Standard (PCI DSS) requirements and practices, especially it’s issues and disadvantages to achieve the main goal — security of payment cards infrastructure.

  12. The intelligence-security services and national security

    OpenAIRE

    Mijalković, Saša

    2011-01-01

    Since their inception, states have been trying to protect their vital interests and values more effectively, in which they are often impeded by other countries. At the same time, they seek to protect the internal order and security against the so-called internal enemy. Therefore, the states organize (national) security systems within their (state) systems, in which they form some specialized security entities. Among them, however, intelligence and security services are the ones that stand out...

  13. The Extended Concept of Security and the Czech Security Practice

    OpenAIRE

    Libor Stejskal; Antonín Rašek; Miloš Balabán

    2008-01-01

    According to the extended concept of security, the nation state is no longer the sole privileged reference object of security. The traditional model of national security is developing from military terms to a broader concept which embraces the international, economic, social, environmental, and human rights dimensions of security. The meaning and relevance of the concept is being extended “upwards”, to international organisations, and “downwards”, to regional and local authorities, non-govern...

  14. Job security or employment security : What's in a name?

    NARCIS (Netherlands)

    Zekic, Nuna

    2016-01-01

    The main aim of the article is to survey and conceptualize the place of employment security in labour law, and to explore a number of important legal questions relating to this concept. After scrutinizing the notion of employment security, the author endorses the view that job security that exists

  15. Network Paradigm of Information Security

    Directory of Open Access Journals (Sweden)

    Alexandr Diomidovich Afanasyev

    2016-03-01

    Full Text Available An issue of topological analysis has been claimed as a key one while creating robust and secure network systems. Some examples of complex network applications in information security domain have been cited.

  16. New directions for African security

    NARCIS (Netherlands)

    Haastrup, Toni; Dijkstra, Hylke

    2017-01-01

    African security, particularly conflict-related political violence, is a key concern in international relations. This forum seeks to advance existing research agendas by addressing four key themes: domestic politics and peacekeeping; security sector reform programs; peace enforcement; and the

  17. International and European Security Law

    Directory of Open Access Journals (Sweden)

    Jonathan Herbach

    2012-02-01

    Full Text Available Security law, or more comprehensively conflict and security law, on the international level represents the intersection of three distinct but interrelated fields: international humanitarian law (the law of armed conflict, jus in bello, the law of collective security (most identified with the United Nations (UN system, jus ad bellum and arms control law (including non-proliferation. Security in this sense is multifaceted - interest security, military security and, as is often referred to in the context of the EU, human security. As such, the law covers a wide range of specific topics with respect to conflict, encompassing the use of force, including choice of weapons and fighting techniques, extending to the rules applicable in peacekeeping and peace enforcement, and yet also dictating obligations outside the context of conflict, such as safeguarding and securing dual-use materials (those with both peaceful and military applications to prevent malicious use.

  18. Transforming Security Screening With Biometrics

    National Research Council Canada - National Science Library

    Hearnsberger, Brian J

    2003-01-01

    ... and identity theft to dramatically improve physical security. Today, biometric technology could be implemented to transform physical security by enhancing screening procedures currently in use at U.S...

  19. National Strategy to Secure Cyberspace

    National Research Council Canada - National Science Library

    Schwalm, Keith T

    2006-01-01

    ... of a national strategy for securing cyberspace. The approach explored the development of cyber technology strategies and programs related to the mission and roles of Homeland Security Advanced Research Projects Agency...

  20. Evaluation of the feasibility of security technologies in teleradiology as biometric fingerprint scanners for data exchange over a satellite WAN

    Science.gov (United States)

    Soegner, Peter I.; Helweg, Gernot; Holzer, Heimo; zur Nedden, Dieter

    2000-05-01

    We evaluated the feasibility of fingerprint-scanners in combination with smart cards for personal identification and transmission of encrypted TCP/IP-data-packages via satellite between the university-hospital of Innsbruck and the rural hospital of Reutte. The aim of our study was the proof of the userfriendliness of the SkymedTM technology for security purpose in teleradiology. We examined the time of the personal identification process, the time for the necessary training and the personal satisfaction. The images were sent from the local PACS in Reutte via a Data-Encryption-and-Transmission- Box via satellite from Reutte to Innsbruck. We used an asymmetric bandwidth of 512 kbit/s from Reutte to Innsbruck and 128 kbit/s in the opposite direction. Window NT 4.0- operating PCs were used for the electronical patient record, the medical inquiry of the referring physician and the final report of the radiologist. The images were reported on an UNIX-PACS viewing station. After identification through fingerprint-scanners in combination with the smart card the radiologist was able to open the electronic patient record (EPR) from Reutte and sign with his digital signature his confirmed final report before it was send back to Reutte. The used security technology enables encrypted communication over a WAN, which fulfill data-protection.

  1. Secure Storage Architectures

    Energy Technology Data Exchange (ETDEWEB)

    Aderholdt, Ferrol [Tennessee Technological University; Caldwell, Blake A [ORNL; Hicks, Susan Elaine [ORNL; Koch, Scott M [ORNL; Naughton, III, Thomas J [ORNL; Pogge, James R [Tennessee Technological University; Scott, Stephen L [Tennessee Technological University; Shipman, Galen M [ORNL; Sorrillo, Lawrence [ORNL

    2015-01-01

    The purpose of this report is to clarify the challenges associated with storage for secure enclaves. The major focus areas for the report are: - review of relevant parallel filesystem technologies to identify assets and gaps; - review of filesystem isolation/protection mechanisms, to include native filesystem capabilities and auxiliary/layered techniques; - definition of storage architectures that can be used for customizable compute enclaves (i.e., clarification of use-cases that must be supported for shared storage scenarios); - investigate vendor products related to secure storage. This study provides technical details on the storage and filesystem used for HPC with particular attention on elements that contribute to creating secure storage. We outline the pieces for a a shared storage architecture that balances protection and performance by leveraging the isolation capabilities available in filesystems and virtualization technologies to maintain the integrity of the data. Key Points: There are a few existing and in-progress protection features in Lustre related to secure storage, which are discussed in (Chapter 3.1). These include authentication capabilities like GSSAPI/Kerberos and the in-progress work for GSSAPI/Host-keys. The GPFS filesystem provides native support for encryption, which is not directly available in Lustre. Additionally, GPFS includes authentication/authorization mechanisms for inter-cluster sharing of filesystems (Chapter 3.2). The limitations of key importance for secure storage/filesystems are: (i) restricting sub-tree mounts for parallel filesystem (which is not directly supported in Lustre or GPFS), and (ii) segregation of hosts on the storage network and practical complications with dynamic additions to the storage network, e.g., LNET. A challenge for VM based use cases will be to provide efficient IO forwarding of the parallel filessytem from the host to the guest (VM). There are promising options like para-virtualized filesystems to

  2. Security Information System Digital Simulation

    OpenAIRE

    Tao Kuang; Shanhong Zhu

    2015-01-01

    The study built a simulation model for the study of food security information system relay protection. MATLAB-based simulation technology can support the analysis and design of food security information systems. As an example, the food security information system fault simulation, zero-sequence current protection simulation and transformer differential protection simulation are presented in this study. The case studies show that the simulation of food security information system relay protect...

  3. System Security Management in SNMP

    OpenAIRE

    P. Deivendran; Dr. R. Dhanapal Ph.D

    2010-01-01

    We present a framework for managing system security, based on a SNMP Management Information Base (MIB), namely the System Security MIB (SSEC MIB), We have defined managed objects and completed the ASN.1 description of the MIB that embeds them. The related security management functions are mainly focused on monitoring external script execution for system security scanning and access control. The main goal of this work is to introduce the semantics and a standard interface that will allow the r...

  4. Security Measures in Data Mining

    OpenAIRE

    Anish Gupta; Vimal Bibhu; Rashid Hussain

    2012-01-01

    Data mining is a technique to dig the data from the large databases for analysis and executive decision making. Security aspect is one of the measure requirement for data mining applications. In this paper we present security requirement measures for the data mining. We summarize the requirements of security for data mining in tabular format. The summarization is performed by the requirements with different aspects of security measure of data mining. The performances and outcomes are determin...

  5. Model-based security testing

    OpenAIRE

    Schieferdecker, Ina; Großmann, Jürgen; Schneider, Martin

    2012-01-01

    Security testing aims at validating software system requirements related to security properties like confidentiality, integrity, authentication, authorization, availability, and non-repudiation. Although security testing techniques are available for many years, there has been little approaches that allow for specification of test cases at a higher level of abstraction, for enabling guidance on test identification and specification as well as for automated test generation. Model-based security...

  6. Security for service oriented architectures

    CERN Document Server

    Williams, Walter

    2014-01-01

    Although integrating security into the design of applications has proven to deliver resilient products, there are few books available that provide guidance on how to incorporate security into the design of an application. Filling this need, Security for Service Oriented Architectures examines both application and security architectures and illustrates the relationship between the two. Supplying authoritative guidance on how to design distributed and resilient applications, the book provides an overview of the various standards that service oriented and distributed applications leverage, includ

  7. Coping with Security in Programming

    OpenAIRE

    Frank Schindler

    2006-01-01

    This article deals with importance of security issues in computer programming.Secure software can only be designed with security as a primary goal. To achieve that wewould have to redesign our computer systems with security in our mind including entirecomputer environment, e.g. hardware, programming languages and, of course, operatingsystems. In software development process the quality of resulting computer code should bethe most important aspect during the whole program development process. ...

  8. Offices of Industrial Security International: A Review

    National Research Council Canada - National Science Library

    Sands, W

    1998-01-01

    The Defense Security Service (DSS), formerly the Defense Investigative Service (DIS), handles many of its overseas industrial security issues through its Offices of Industrial Security International...

  9. Securing the Cloud Cloud Computer Security Techniques and Tactics

    CERN Document Server

    Winkler, Vic (JR)

    2011-01-01

    As companies turn to cloud computing technology to streamline and save money, security is a fundamental concern. Loss of certain control and lack of trust make this transition difficult unless you know how to handle it. Securing the Cloud discusses making the move to the cloud while securing your peice of it! The cloud offers felxibility, adaptability, scalability, and in the case of security-resilience. This book details the strengths and weaknesses of securing your company's information with different cloud approaches. Attacks can focus on your infrastructure, communications network, data, o

  10. Keeping electronic records secure.

    Science.gov (United States)

    Easton, David

    2013-10-01

    Are electronic engineering maintenance records relating to the hospital estate or a medical device as important as electronic patient records? Computer maintenance management systems (CMMS) are increasingly being used to manage all-round maintenance activities. However, the accuracy of the data held on them, and a level of security that prevents tampering with records, or other unauthorised changes to them to 'cover' poor practice, are both essential, so that, should an individual be injured or killed on hospital grounds, and a law suit follow, the estates team can be confident that it has accurate data to prove it has fulfilled its duty of care. Here David Easton MSc CEng FIHEEM MIET, director of Zener Engineering Services, and chair of IHEEM's Medical Devices Advisory Group, discusses the issues around maintenance databases, and the security and integrity of maintenance data.

  11. Securing the Digital Economy

    Directory of Open Access Journals (Sweden)

    Valentin P. MĂZĂREANU

    2010-01-01

    Full Text Available The Digital economy has naturally led to thereconfiguration of communication and information processes.These processes are depending on the computer, starting fromthe personal one and reaching to computer networks, whetherlocal, metropolitan or global. These led to the development ofsuch information systems able to communicate information,systems that must also ensure the security of communicationsbetween computers within the company, but also betweencomputers of different parties, outside the company. As thecommunication between computers in the network has evolvedto electronic funds transfer (EFT, digital money andcommunication of personal data, internet banking, etc., theimportance of security issues of data transmitted over thenetwork also has increased. Even more as the network hasevolved into a “wireless” one.

  12. THz and Security Applications

    CERN Document Server

    Sizov, Fedir; Detectors, Sources and Associated Electronics for THz Applications

    2014-01-01

    These proceedings comprise invited papers from highly experienced researchers in THz technology and security applications. THz detection of explosives represents one of the most appealing technologies to have recently emerged in dealing with terrorist attacks encountered by civil security and military forces throughout the world. Discussed are the most advanced technologies and developments, the various points of operational strength and weaknesses as well as are suggestions and predictions the best technological solutions to  overcome current operational limits.  The current status of various levels of cooling in THz detectors, sources and associated electronics are also addressed. The goal was to provide a clear view on the current technologies available and the required advances needed in order to achieve more efficient systems. This goal was outlined in part by establishing the baseline of current uncertainty estimations in physics-based modelling and the identification of key areas which require additi...

  13. Securing energy equity

    Energy Technology Data Exchange (ETDEWEB)

    Grimsby, Lars Kare, E-mail: lars.grimsby@umb.no [Department of International Environment and Development Studies, Noragric, Norwegian University of Life Sciences, P.O. Box 5003, 1432 Aas (Norway)

    2011-11-15

    Addressing energy poverty rather than energy equity conveniently evades the problem of the gap in energy consumption per capita in the developed and developing world. For energy security policies to adequately address energy poverty it requires a widening of scope from national to global. This is a comment to the forthcoming presentation of IEA's proposition for a new architecture for financing universal modern energy access to be presented at the conference 'Energy for all-Financing access for the poor' held in Oslo in October 2011. - Highlights: > Addressing energy poverty may elude the disparity in energy consumption between rich and poor. > A minimum threshold of energy for the poor does not itself address inequity in energy consumption. > Energy equity may be secured by widening scope from national to global, from the poorest to us all.

  14. Privatisation of security:

    DEFF Research Database (Denmark)

    use of violence as being the domain of the modern state, which as a natural consequence, delegitimises non-state providers of security. Legitimacy is, therefore, tied to the formal state. Th e international debate concerning the role of PMSCs has been split primarily into two segments. One argues...... to control confl icts has led to low-intensity confl icts (LIC), which can be witnessed, for instance, in Uganda, the Democratic Republic of Congo, Colombia and Sri Lanka (O’Brien, 1998, p. 80). Since the end of the Cold War it has been common for weak state rulers with formal state legitimacy...... security contractors have led, both historically and at the present day, to fi erce academic and public debate. As Sarah Percy argues, the anti-mercenary discourse has two basic elements. One focuses on the fact that mercenaries use force outside what is considered to be legitimate, authoritative control...

  15. Securing energy equity

    International Nuclear Information System (INIS)

    Grimsby, Lars Kare

    2011-01-01

    Addressing energy poverty rather than energy equity conveniently evades the problem of the gap in energy consumption per capita in the developed and developing world. For energy security policies to adequately address energy poverty it requires a widening of scope from national to global. This is a comment to the forthcoming presentation of IEA's proposition for a new architecture for financing universal modern energy access to be presented at the conference 'Energy for all-Financing access for the poor' held in Oslo in October 2011. - Highlights: → Addressing energy poverty may elude the disparity in energy consumption between rich and poor. → A minimum threshold of energy for the poor does not itself address inequity in energy consumption. → Energy equity may be secured by widening scope from national to global, from the poorest to us all.

  16. Report on Security 82

    International Nuclear Information System (INIS)

    Anon.

    1982-01-01

    The 1982 trade fair Security 82 presented a variety of equipment and systems for protection and security in general. Apart from physical protection devices to prevent theft, a great number of fire protection devices, transmitting apparatus, locator systems, metal detectors, protective devices against signal interception, and complete alarm systems were exhibited and explained. By means of specifications and brief descriptions, sometimes with figures, predominantly passive and active infrared sensors, light and microwave sensors, ultrasound and microwave Doppler effect devices for indoor and outdoor physical protection, as well as other alarm systems and fire alarm systems or entry control systems are presented in this report. Design and functioning mode of the equipment presented are illustrated by explaining the fields of employment. (orig.) [de

  17. Secure ICCP Final Report

    Energy Technology Data Exchange (ETDEWEB)

    Rice, Mark J.; Bonebrake, Christopher A.; Dayley, Greg K.; Becker, Larry J.

    2017-06-30

    Inter-Control Center Communications Protocol (ICCP), defined by the IEC 60870-6 TASE.2 standard, was developed to enable data exchange over wide area networks between electric system entities, including utility control centers, Independent System Operators (ISOs), Regional Transmission Operators (RTOs) and Independent Power Producers (IPP) also known as Non-Utility Generators (NUG). ICCP is an unprotected protocol, and as a result is vulnerable to such actions as integrity violation, interception or alteration, spoofing, and eavesdropping. Because of these vulnerabilities with unprotected ICCP communication, security enhancements, referred to as Secure ICCP, have been added and are included in the ICCP products that utilities have received since 2003 when the standard was defined. This has resulted in an ICCP product whose communication can be encrypted and authenticated to address these vulnerabilities.

  18. Internet security technologies

    CERN Multimedia

    CERN. Geneva

    2003-01-01

    The three pillars of Internet Security are Infrastructure, Applications and People. In this series of lectures we will examine those three pillars and how vital it is for individuals to understand the vulnerabilities of this technology so they can made informed decisions about risks and how they can reduce those risks for themselves and their colleagues.First we will focus on the infrastructure: network; servers; operating systems and all those things that are mostly invisible. Moving up a level, into the visible realm, we discuss the application and see things like buffer overflows, viruses and how as application developers and users we can protect ourselves. Finally, it's all about people. The strongest security technology in the world is easily defeated if people don't understand their role in the whole system.

  19. Strengthening nuclear security

    International Nuclear Information System (INIS)

    Kurihara, Hiroyoshi

    2003-01-01

    The international situation after the end of the Cold-War has been quite unstable, due to the occurrence of frequent regional conflicts and domestic wars based on ethnic, religious or racial reasons. Further, threats to the would peace and security by non-state actors, like international terrorist groups, have been recognized after 9.11 terrorist attacks to the World Trade Center buildings and to the Pentagon. Utilization of nuclear energy, which encompasses both peaceful uses and military ones, required an establishment of regulatory system, by which risks associated with the development of nuclear energy can be controlled. Accordingly, nuclear safety control system, and then non-proliferation control system has been developed, both in the international level and notional level. In recognition of the present unstable international situations, it is required to establish, maintain and strengthen a system which control nuclear security aspect, in addition to the present systems. (author)

  20. Secure Dynamic Program Repartitioning

    DEFF Research Database (Denmark)

    Hansen, Rene Rydhoff; Probst, Christian

    2005-01-01

    Secure program partitioning has been introduced as a language-based technique to allow the distribution of data and computation across mutualy untrusted hosts, while at the same time guaranteeing the protection of confidential data. Programs that have been annotated with security types......, but the partitioning compiler becomes a part of the network and can recompile applications, thus alowing hosts to enter or leave the framework. We contend that this setting is superior to static partitioning, since it allows redistribution of data and computations. This is especialy beneficial if the new host alows...... data and computations to better fulfil the trust requirements of the users. Erasure Policies ensure that the original host of the redistributed data or computation does not store the data any longer....

  1. Nanotechnology in the Security

    CERN Document Server

    Kruchinin, Sergei

    2015-01-01

    The topics discussed at the NATO Advanced Research Workshop "Nanotechnology in the Security Systems" included nanophysics,   nanotechnology,  nanomaterials, sensors, biosensors security systems, explosive  detection . There have been many significant advances in the past two years and some entirely new directions of research are just opening up. Recent advances in nanoscience have demonstrated that fundamentally new physical phenomena  are found when systems are reduced in size with  dimensions, comparable to the fundamental microscopic  length scales of the investigated material. Recent developments in nanotechnology and measurement techniques now allow experimental investigation of transport properties of nanodevices. This work will be of interest to researchers working in spintronics, molecular electronics and quantum information processing.

  2. Secure Architectures for Mobile Applications

    OpenAIRE

    Cristian TOMA

    2007-01-01

    The paper presents security issues and architectures for mobile applications and GSM infrastructure. The article also introduces the idea of a new secure architecture for an inter-sector electronic wallet used in payments - STP4EW (Secure Transmission Protocol for Electronic Wallet)

  3. Secure Architectures for Mobile Applications

    Directory of Open Access Journals (Sweden)

    2007-01-01

    Full Text Available The paper presents security issues and architectures for mobile applications and GSM infrastructure. The article also introduces the idea of a new secure architecture for an inter-sector electronic wallet used in payments - STP4EW (Secure Transmission Protocol for Electronic Wallet

  4. Teaching RFID Information Systems Security

    Science.gov (United States)

    Thompson, Dale R.; Di, Jia; Daugherty, Michael K.

    2014-01-01

    The future cyber security workforce needs radio frequency identification (RFID) information systems security (INFOSEC) and threat modeling educational materials. A complete RFID security course with new learning materials and teaching strategies is presented here. A new RFID Reference Model is used in the course to organize discussion of RFID,…

  5. Maritime Cyber Security University Research

    Science.gov (United States)

    2016-05-01

    i Classification | CG-926 RDC | author | audience | month year Maritime Cyber Security University Research Phase I - Final Report...Distribution Statement A: Approved for public release; distribution is unlimited. May 2016 Report No. CG-D-06-16 Maritime Cyber Security...Director United States Coast Guard Research & Development Center 1 Chelsea Street New London, CT 06320 Maritime Cyber Security University

  6. Security force effectiveness and technology

    International Nuclear Information System (INIS)

    Seaton, M.B.

    1988-01-01

    No one would propose ineffective security forces. Applied technology always has, as its purpose, to increase effectiveness. Evidence exists, however, that poorly conceived or executed technological solutions can actually do more harm than good. The author argues for improved human factor considerations in physical security applied technology -- especially in the area of security console operations

  7. Insider Threat Security Reference Architecture

    Science.gov (United States)

    2012-04-01

    this challenge. CMU/SEI-2012-TR-007 | 2 2 The Components of the ITSRA Figure 2 shows the four layers of the ITSRA. The Business Security layer......organizations improve their level of preparedness to address the insider threat. Business Security Architecture Data Security Architecture

  8. Secure computing, economy, and trust

    DEFF Research Database (Denmark)

    Bogetoft, Peter; Damgård, Ivan B.; Jakobsen, Thomas

    In this paper we consider the problem of constructing secure auctions based on techniques from modern cryptography. We combine knowledge from economics, cryptography and security engineering and develop and implement secure auctions for practical real-world problems. In essence this paper is an o...

  9. Communications and information infrastructure security

    CERN Document Server

    Voeller, John G

    2014-01-01

    Communication and Information Systems Security features articles from the Wiley Handbook of Science and Technology for Homeland Security covering strategies for protecting the telecommunications sector, wireless security, advanced web based technology for emergency situations. Science and technology for critical infrastructure consequence mitigation are also discussed.

  10. Concept for Energy Security Matrix

    International Nuclear Information System (INIS)

    Kisel, Einari; Hamburg, Arvi; Härm, Mihkel; Leppiman, Ando; Ots, Märt

    2016-01-01

    The following paper presents a discussion of short- and long-term energy security assessment methods and indicators. The aim of the current paper is to describe diversity of approaches to energy security, to structure energy security indicators used by different institutions and papers, and to discuss several indicators that also play important role in the design of energy policy of a state. Based on this analysis the paper presents a novel Energy Security Matrix that structures relevant energy security indicators from the aspects of Technical Resilience and Vulnerability, Economic Dependence and Political Affectability for electricity, heat and transport fuel sectors. Earlier publications by different authors have presented energy security assessment methodologies that use publicly available indicators from different databases. Current paper challenges viability of some of these indicators and introduces new indicators that would deliver stronger energy security policy assessments. Energy Security Matrix and its indicators are based on experiences that the authors have gathered as high-level energy policymakers in Estonia, where all different aspects of energy security can be observed. - Highlights: •Energy security should be analysed in technical, economic and political terms; •Energy Security Matrix provides a framework for energy security analyses; •Applicability of Matrix is limited due to the lack of statistical data and sensitivity of output.

  11. Food Security in Azerbaijan

    Institute of Scientific and Technical Information of China (English)

    Kamran Ismayilov

    2009-01-01

    @@ In the 21st century the society got some achievements in technological,education,economic,social-political,cultural and etc.sectors.But society couldn't solve fully the food security problem yet.According to the information given by FAO if in 1970 there were 400 billion hungry people in the world,in 2008 the number of hungry people was doubled and increased to 800 billion people.

  12. Secure Embedded Systems

    Science.gov (United States)

    2016-02-26

    enables each subsystem with a key management (KM) function and an Advanced Encryption Standard ( AES ) encryption and decryption function. Subsystem A...off, flies to its destination, and then collects video data. Video data containing target information are encrypted and broadcast to authorized ground...select these devices on the basis of their ability to encrypt and authenticate configuration bitstreams, incorporate security monitors to detect attacks

  13. Coal Mines Security System

    OpenAIRE

    Ankita Guhe; Shruti Deshmukh; Bhagyashree Borekar; Apoorva Kailaswar; Milind E.Rane

    2012-01-01

    Geological circumstances of mine seem to be extremely complicated and there are many hidden troubles. Coal is wrongly lifted by the musclemen from coal stocks, coal washeries, coal transfer and loading points and also in the transport routes by malfunctioning the weighing of trucks. CIL —Coal India Ltd is under the control of mafia and a large number of irregularities can be contributed to coal mafia. An Intelligent Coal Mine Security System using data acquisition method utilizes sensor, auto...

  14. Network Security Visualization

    Science.gov (United States)

    1999-09-27

    performing SQL generation and result-set binding, inserting acquired security events into the database and gathering the requested data for Console scene...objects is also auto-generated by a VBA script. Built into the auto-generated table access objects are the preferred join paths between tables. This...much of the Server itself) never have to deal with SQL directly. This is one aspect of laying the groundwork for supporting RDBMSs from multiple vendors

  15. Weak states and security

    OpenAIRE

    Rakipi, Albert

    2006-01-01

    Cataloged from PDF version of article. Although the weak 1 failing states have often been deseribed as the single most important problem for the international order s ince the en d of Cold W ar (F .Fukuyaına 2004:92) several dimensions of this phenomenon still remain unexplored. While this phenomenon has been present in the international politics even earlier, only the post Cold W ar period accentuated its relationship with security issues. Following the Cold W ar' s "peacef...

  16. Secure Fiberoptic Communications

    Science.gov (United States)

    Hodara, Henri

    At the heart of our current information explosion is the communication network. Networks are now an intrinsic part of our daily activities, whether they are for Internet business transactions or military communications in Future Combat Systems. Protection of this communication infrastructure is a must. In this article, we discuss two approaches for securing all-optical networks. The first is an optical encryption technique that denies the information to intruders. The second is an authentication scheme capable of detecting and identifying unauthorized users.

  17. Fuel supply security

    International Nuclear Information System (INIS)

    Wakabayashi, Hiroaki

    1987-01-01

    Stable fuel supply is a prerequisite for any nuclear power program including ISER-PIUS. It encompasses procurement of uranium ore, enriched uranium and fuel elements. Uranium is different from oil in that it can be stockpiled for more than a decade besides the fact that the core residence time is as long as six years, for example in the case of ISER-PIUS. These basic fuel characteristics are favoring nuclear fuel over others in terms of supply security. The central concern will be a gradual increase in prices of uranium and enrichment. Under the present glut situation with the worldwide prevalence of LWRs, fuel supply security seems ensured for the time being till the middle of 21st century. It is estimated that by the turn of the century, the free world will have roughly 450 GWe capacity of nuclear power. If 10 % is supplied for ISER-PIUS, more than 200 modules of 200 MWe ISER-PIUS may be deployed all over the world probably starting around 2000. As part of the fuel supply security consideration, heavy water reactor (HWR) may seem interesting to such a country as Indonesia where there is uranium resources but no enrichment capability. But it needs heavy water instead and the operation is not so easy as of LWR, because of the positive void coefficient as was seen at the Chernobyl-4. Safeguarding of the fuel is also difficult, because it lends itself to on line refueling. The current and future situation of the fuel supply security for LWR seem well founded and established long into the future. (Nogami, K.)

  18. CYBER SECURITY FOR AIRPORTS

    OpenAIRE

    Kasthurirangan Gopalakrishnan; Manimaran Govindarasu; Doug W. Jacobson; Brent M. Phares

    2013-01-01

    In today’s information age, government organizations and business enterprises are heavily relying on interconnected computer systems to manage a variety of public services including energy, transportation, water, etc. While this increased connectivity has many operational advantages benefitting the public, they have also become vulnerable to cyber attacks such as Corporate Security Breaches, Spear Phishing, and Social Media Fraud. The aviation sector is one the critical infrastructure systems...

  19. Biometric Template Security

    OpenAIRE

    Abhishek Nagar; Karthik Nandakumar; Anil K. Jain

    2008-01-01

    Biometric recognition offers a reliable solution to the problem of user authentication in identity management systems. With the widespread deployment of biometric systems in various applications, there are increasing concerns about the security and privacy of biometric technology. Public acceptance of biometrics technology will depend on the ability of system designers to demonstrate that these systems are robust, have low error rates, and are tamper proof. We present a high-level categorizat...

  20. Moving towards Cloud Security

    OpenAIRE

    Edit Szilvia Rubóczki; Zoltán Rajnai

    2015-01-01

    Cloud computing hosts and delivers many different services via Internet. There are a lot of reasons why people opt for using cloud resources. Cloud development is increasing fast while a lot of related services drop behind, for example the mass awareness of cloud security. However the new generation upload videos and pictures without reason to a cloud storage, but only few know about data privacy, data management and the proprietary of stored data in the cloud. In an enterprise environment th...

  1. Enhancing QR Code Security

    OpenAIRE

    Zhang, Linfan; Zheng, Shuang

    2015-01-01

    Quick Response code opens possibility to convey data in a unique way yet insufficient prevention and protection might lead into QR code being exploited on behalf of attackers. This thesis starts by presenting a general introduction of background and stating two problems regarding QR code security, which followed by a comprehensive research on both QR code itself and related issues. From the research a solution taking advantages of cloud and cryptography together with an implementation come af...

  2. Implementing Security Sector Reform

    Science.gov (United States)

    2008-12-04

    ownership and genuine reform. His experience in Diyala Province indicated that the most effective means of pursuing transition and transformation among...that I have no solution to the security situation in Afghanistan, or to the questions of violence, crime, insurrection, or militias vs . army vs ...than to merge those interests into a greater whole. Franchising of problems or solutions is often the result. In Afghanistan, problems and

  3. Nuclear energy and security

    International Nuclear Information System (INIS)

    Blejwas, Thomas E.; Sanders, Thomas L.; Eagan, Robert J.; Baker, Arnold B.

    2000-01-01

    Nuclear power is an important and, the authors believe, essential component of a secure nuclear future. Although nuclear fuel cycles create materials that have some potential for use in nuclear weapons, with appropriate fuel cycles, nuclear power could reduce rather than increase real proliferation risk worldwide. Future fuel cycles could be designed to avoid plutonium production, generate minimal amounts of plutonium in proliferation-resistant amounts or configurations, and/or transparently and efficiently consume plutonium already created. Furthermore, a strong and viable US nuclear infrastructure, of which nuclear power is a large element, is essential if the US is to maintain a leadership or even participatory role in defining the global nuclear infrastructure and controlling the proliferation of nuclear weapons. By focusing on new fuel cycles and new reactor technologies, it is possible to advantageously burn and reduce nuclear materials that could be used for nuclear weapons rather than increase and/or dispose of these materials. Thus, the authors suggest that planners for a secure nuclear future use technology to design an ideal future. In this future, nuclear power creates large amounts of virtually atmospherically clean energy while significantly lowering the threat of proliferation through the thoughtful use, physical security, and agreed-upon transparency of nuclear materials. The authors must develop options for policy makers that bring them as close as practical to this ideal. Just as Atoms for Peace became the ideal for the first nuclear century, they see a potential nuclear future that contributes significantly to power for peace and prosperity

  4. Secure Web Developers Needed!

    CERN Multimedia

    Computer Security Team

    2012-01-01

    You’re about to launch a new website? Cool!! With today’s web programming languages like PHP, Java, Python or Perl, complex websites can be created, easily fulfilling all your use cases. But hold on. Did you ever think about how easily this can be abused? Attackers today are already using automatic tools which can quickly and easily find and exploit vulnerable web applications.   Web applications often suffer from security vulnerabilities, i.e. design flaws or programming bugs that remained undetected during the whole software development cycle. In production these vulnerabilities become security holes, providing an opportunity for exploitation, and can pose immense security risks (and there is no reason to believe that CERN is immune to this). The costs associated with eliminating these bugs could be loosely described by the "1:10:100 rule", i.e. the relative costs for fixing are 1:10:100 for fixing them in the programming:testing:production phases. Thus, the...

  5. New computer security campaign

    CERN Multimedia

    Alizée Dauvergne

    2010-01-01

    A new campaign is taking shape to promote computer security. The slogan “SEC_RITY is not complete without U!” reminds users of the importance of their contribution. The campaign kicks off on 10 June with a public awareness day in the Council Chamber.   The new campaign, organised by CERN’s computer security team, will focus on prevention and involving the user. “This is an education and awareness-raising campaign for all users at CERN,” explains Stefan Lueders, in charge of computer security. “Every day, we register thousands of computer attacks against CERN: there are attempts to tamper with web pages, hack into user accounts, take over servers, and much more. A successful attack could mean confidential user information being divulged, services being interrupted or data being lost. It could even affect operations at CERN. Another factor is the damage that a successful attack could inflict on the Organization’s reputation. &...

  6. Social security financing.

    Science.gov (United States)

    1980-05-01

    After nearly 2 years of study, the 1979 Advisory Council on Social Security submitted its findings and recommendations in December. In February the Bulletin published the Executive Summary of the Council's report. Because of the continuing wide public interest in the future of social security financing, the Council's detailed findings and recommendations on that subject are published below. The Council unanimously reports that all current and future beneficiaries can count on receiving the payments to which they are entitled. Among the recommendations it calls for are partial financing with nonpayroll-tax revenues. Suggested changes include hospital insurance (HI) financed through portins of personal and corporate income taxes and a part of the HI insurance payroll tax diverted to cash benefits with the balance of this tax repealed. The Council also recommends that the social security cash benefits program be brought into long-run actuarial balance--with a payroll-tax rate increase in the year 2005. It rejects the idea of a value-added tax as being inflationary. Parenthetical remarks represent additional views of the Council members cited.

  7. Holographic optical security systems

    Science.gov (United States)

    Fagan, William F.

    1990-06-01

    One of the most successful applications of Holography,in recent years,has been its use as an optical security technique.Indeed the general public's awareness of holograms has been greatly enhanced by the incorporation of holographic elements into the VISA and MASTERCHARGE credit cards.Optical techniques related to Holography,are also being used to protect the currencies of several countries against the counterfeiter. The mass production of high quality holographic images is by no means a trivial task as a considerable degree of expertise is required together with an optical laboratory and embossing machinery.This paper will present an overview of the principal holographic and related optical techniques used for security purposes.Worldwide, over thirty companies are involved in the production of security elements utilising holographic and related optical technologies.Counterfeiting of many products is a major criminal activity with severe consequences not only for the manufacturer but for the public in general as defective automobile parts,aircraft components,and pharmaceutical products, to cite only a few of the more prominent examples,have at one time or another been illegally copied.

  8. DIRAC distributed secure framework

    International Nuclear Information System (INIS)

    Casajus, A; Graciani, R

    2010-01-01

    DIRAC, the LHCb community Grid solution, provides access to a vast amount of computing and storage resources to a large number of users. In DIRAC users are organized in groups with different needs and permissions. In order to ensure that only allowed users can access the resources and to enforce that there are no abuses, security is mandatory. All DIRAC services and clients use secure connections that are authenticated using certificates and grid proxies. Once a client has been authenticated, authorization rules are applied to the requested action based on the presented credentials. These authorization rules and the list of users and groups are centrally managed in the DIRAC Configuration Service. Users submit jobs to DIRAC using their local credentials. From then on, DIRAC has to interact with different Grid services on behalf of this user. DIRAC has a proxy management service where users upload short-lived proxies to be used when DIRAC needs to act on behalf of them. Long duration proxies are uploaded by users to a MyProxy service, and DIRAC retrieves new short delegated proxies when necessary. This contribution discusses the details of the implementation of this security infrastructure in DIRAC.

  9. Security with nuclear weapons

    International Nuclear Information System (INIS)

    Karp, R.C.

    1991-01-01

    Recent improvements in East-West relations and the process of dramatic political change in Europe may result in unprecedented opportunities to reduce the global arsenal of nuclear weapons. Despite these welcome developments, the prospects for effectively controlling the spread of nuclear capability in the Third World have remained much less encouraging. The possibility of large reductions in nuclear weapons poses fundamental questions about their purpose. Why have some states chosen to acquire nuclear weapons? How and why have these decisions been maintained over time? Why have some states elected to approach, but not cross, the nuclear threshold? This book examines the commonalities and differences in political approaches to nuclear weapons both within and between three groups of states: nuclear, non-nuclear and threshold. The chapters explore the evolution of thinking about nuclear weapons and the role these weapons play in national security planning, and question the official security rationales offered by the nuclear weapon states for the maintenance of nuclear capabilities. For the non-nuclear weapon states, the book presents an analysis of alternative ways of assuring security and foreign policy effectiveness. For the threshold states, it examines the regional contexts within which these states maintain their threshold status. This book transcends traditional East-West approaches to analysis of nuclear issues by giving equal prominence to the issues of nuclear proliferation and non-nuclearism. The book also provides a comprehensive analysis of how current approaches to nuclear weapons have evolved both within and among the groups of countries under study

  10. The secure reactors

    International Nuclear Information System (INIS)

    Hannerz, K.

    1987-01-01

    The principle of Process Inherent Ultimate Safety (PIUS) is a new approach to Light Water Reactor (LWR) safety that could represent a solution to the present problems of public distrust, regulatory maze and plant design complexity plaguing the nuclear industry in many countries. A unique thermohydraulic design of the primary system ensures core integrity, and thereby gurarantees freedom from significant releases of radioactive matter, in all credible emergencies. This is accomplished entirely without reliance on potentially failure prone engineered safety systems and with immunity to operator mistskes. The potential for human fallibility to cause accidents is thereby drastically reduced in an easily understood way. Plant design can be greatly simplified because redundant, diverse safety systems are no longer needed. The paper briefly describes the PIUS design principle and the two SECURE reactor designs based on it, i.e. SECURE-H for district heating and process steam and SECURE-P (usually known simply as PIUS) for electric power generation. Demonstration of simulated system over-all thermohydraulic function and transient response in a large electrically heated test loop is described and results from some component development work is given. (author)

  11. Enabling Dynamic Security Management of Networked Systems via Device-Embedded Security (Self-Securing Devices)

    National Research Council Canada - National Science Library

    Ganger, Gregory R

    2007-01-01

    This report summarizes the results of the work on the AFOSR's Critical Infrastructure Protection Program project, entitled Enabling Dynamic Security Management of Networked Systems via Device-Embedded Security...

  12. International Nuclear Security Education Network (INSEN): Promoting nuclear security education

    International Nuclear Information System (INIS)

    Muhamad Samudi Yasir

    2013-01-01

    Full-text: The need for human resource development programmes in nuclear security was underlined at several International Atomic Energy Agency (IAEA) General Conferences and Board of Governors Meetings. Successive IAEA Nuclear Security Plans, the most recent of which was agreed by the Board of Governors in September 2009, give high priority to assisting States in establishing educational programmes in nuclear security in order to ensure the sustainability of nuclear security improvements. The current Nuclear Security Plan 1 covering 2010-2013 emphasizes on the importance of considering existing capacities at international, regional and national levels while designing nuclear security academic programmes. In the course of implementing the Plan, the IAEA developed a guide entitled Educational Programme in Nuclear Security (IAEA Nuclear Security Series No. 12) that consists of a model of a MAster of Science (M.Sc.) and a Certificate Programme in Nuclear Security. This guide was aims at assisting universities or other educational institutes to developed academic programmes in nuclear security. Independently, some universities already offered academic programmes covering some areas of nuclear security, while other universities have asked the IAEA to support the implementation of these programmes. In order to better address current and future request for assistance in this area, the IAEA establish a collaboration network-International Nuclear Security Education Network (INSEN), among universities who are providing nuclear security education or who are interested in starting an academic programme/ course(s) in nuclear security. Universiti Kebangsaan Malaysia (UKM) is a first local university became a member of INSEN since the beginning of the establishment. (author)

  13. Securing India's energy future

    International Nuclear Information System (INIS)

    Raghuraman, V.

    2009-01-01

    India's development aspirations are challenged by energy security and climate change considerations. The integrated energy policy clearly deliberates the need to intensify all energy options with emphasis on maximizing indigenous coal production, harnessing hydropower, increasing adoption of renewables, intensifying hydrocarbon exploration and production and anchoring nuclear power development to meet the long-term requirements. The report also emphasizes the need to secure overseas hydrocarbon and coal assets. Subsequently the National Action Plan on climate change has underscored the need to wean away from fossil fuels, the ambitious National Solar Mission is a case in point. Ultimately securing India's energy future lies in clean coal, safe nuclear and innovative solar. Coal is the key energy option in the foreseeable future. Initiatives are needed to take lead role in clean coal technologies, in-situ coal gasification, tapping coal bed methane, coal to liquids and coal to gas technologies. There is need to intensify oil exploration by laying the road-map to open acreage to unlock the hydrocarbon potential. Pursue alternate routes based on shale, methane from marginal fields. Effectively to use oil diplomacy to secure and diversify sources of supply including trans-national pipelines and engage with friendly countries to augment strategic resources. Technologies to be accessed and developed with international co-operation and financial assistance. Public-Private Partnerships, in collaborative R and D projects need to be accelerated. Nuclear share of electricity generation capacity to be increased 6 to 7% of 63000 MW by 2031-32 and further to 25% (300000 MW) capacity by 2050 is to be realized by operationalizing the country's thorium programme. Nuclear renaissance has opened up opportunities for the Indian industry to meet not only India's requirements but also participate in the global nuclear commerce; India has the potential to emerge as a manufacturing hub

  14. ORDER SECURITY – NATIONAL SECURITY ADMINISTRATION. NATIONAL SECURITY DEFENSE AS SPECIAL ADMINISTRATION

    OpenAIRE

    Zoltán BALLA

    2009-01-01

    National security administration is the special executivedisposal activity of the national security agencies, the section of the state administration that helps the governmental work by reconnoitering and preventing with secret-servicing methods of the risks that shall harm or endanger the national security’s interests. The main operational principles of national security governing are the followings among others: - controlling the operation of national security organization belongs to the ex...

  15. Security basics for computer architects

    CERN Document Server

    Lee, Ruby B

    2013-01-01

    Design for security is an essential aspect of the design of future computers. However, security is not well understood by the computer architecture community. Many important security aspects have evolved over the last several decades in the cryptography, operating systems, and networking communities. This book attempts to introduce the computer architecture student, researcher, or practitioner to the basic concepts of security and threat-based design. Past work in different security communities can inform our thinking and provide a rich set of technologies for building architectural support fo

  16. Emerging trends in ICT security

    CERN Document Server

    Akhgar, Babak

    2013-01-01

    Emerging Trends in ICT Security, an edited volume, discusses the foundations and theoretical aspects of ICT security; covers trends, analytics, assessments and frameworks necessary for performance analysis and evaluation; and gives you the state-of-the-art knowledge needed for successful deployment of security solutions in many environments. Application scenarios provide you with an insider's look at security solutions deployed in real-life scenarios, including but limited to smart devices, biometrics, social media, big data security, and crowd sourcing. Provides a multidisciplinary approach

  17. Information security principles and practice

    CERN Document Server

    Stamp, Mark

    2011-01-01

    Now updated-your expert guide to twenty-first century information security Information security is a rapidly evolving field. As businesses and consumers become increasingly dependent on complex multinational information systems, it is more imperative than ever to protect the confidentiality and integrity of data. Featuring a wide array of new information on the most current security issues, this fully updated and revised edition of Information Security: Principles and Practice provides the skills and knowledge readers need to tackle any information security challenge. Taking a pract

  18. Cyber security awareness toolkit for national security: an approach to South Africa's cyber security policy implementation

    CSIR Research Space (South Africa)

    Phahlamohlaka, LJ

    2011-05-01

    Full Text Available The aim of this paper is to propose an approach that South Africa could follow in implementing its proposed cyber security policy. The paper proposes a Cyber Security Awareness Toolkit that is underpinned by key National Security imperatives...

  19. Information risk and security modeling

    Science.gov (United States)

    Zivic, Predrag

    2005-03-01

    This research paper presentation will feature current frameworks to addressing risk and security modeling and metrics. The paper will analyze technical level risk and security metrics of Common Criteria/ISO15408, Centre for Internet Security guidelines, NSA configuration guidelines and metrics used at this level. Information IT operational standards view on security metrics such as GMITS/ISO13335, ITIL/ITMS and architectural guidelines such as ISO7498-2 will be explained. Business process level standards such as ISO17799, COSO and CobiT will be presented with their control approach to security metrics. Top level, the maturity standards such as SSE-CMM/ISO21827, NSA Infosec Assessment and CobiT will be explored and reviewed. For each defined level of security metrics the research presentation will explore the appropriate usage of these standards. The paper will discuss standards approaches to conducting the risk and security metrics. The research findings will demonstrate the need for common baseline for both risk and security metrics. This paper will show the relation between the attribute based common baseline and corporate assets and controls for risk and security metrics. IT will be shown that such approach spans over all mentioned standards. The proposed approach 3D visual presentation and development of the Information Security Model will be analyzed and postulated. Presentation will clearly demonstrate the benefits of proposed attributes based approach and defined risk and security space for modeling and measuring.

  20. Security culture for nuclear facilities

    Science.gov (United States)

    Gupta, Deeksha; Bajramovic, Edita

    2017-01-01

    Natural radioactive elements are part of our environment and radioactivity is a natural phenomenon. There are numerous beneficial applications of radioactive elements (radioisotopes) and radiation, starting from power generation to usages in medical, industrial and agriculture applications. But the risk of radiation exposure is always attached to operational workers, the public and the environment. Hence, this risk has to be assessed and controlled. The main goal of safety and security measures is to protect human life, health, and the environment. Currently, nuclear security considerations became essential along with nuclear safety as nuclear facilities are facing rapidly increase in cybersecurity risks. Therefore, prevention and adequate protection of nuclear facilities from cyberattacks is the major task. Historically, nuclear safety is well defined by IAEA guidelines while nuclear security is just gradually being addressed by some new guidance, especially the IAEA Nuclear Security Series (NSS), IEC 62645 and some national regulations. At the overall level, IAEA NSS 7 describes nuclear security as deterrence and detection of, and response to, theft, sabotage, unauthorized access, illegal transfer or other malicious acts involving nuclear, other radioactive substances and their associated facilities. Nuclear security should be included throughout nuclear facilities. Proper implementation of a nuclear security culture leads to staff vigilance and a high level of security posture. Nuclear security also depends on policy makers, regulators, managers, individual employees and members of public. Therefore, proper education and security awareness are essential in keeping nuclear facilities safe and secure.