WorldWideScience

Sample records for valid current security

  1. Validity of information security policy models

    Directory of Open Access Journals (Sweden)

    Joshua Onome Imoniana

    Full Text Available Validity is concerned with establishing evidence for the use of a method to be used with a particular set of population. Thus, when we address the issue of application of security policy models, we are concerned with the implementation of a certain policy, taking into consideration the standards required, through attribution of scores to every item in the research instrument. En today's globalized economic scenarios, the implementation of information security policy, in an information technology environment, is a condition sine qua non for the strategic management process of any organization. Regarding this topic, various studies present evidences that, the responsibility for maintaining a policy rests primarily with the Chief Security Officer. The Chief Security Officer, in doing so, strives to enhance the updating of technologies, in order to meet all-inclusive business continuity planning policies. Therefore, for such policy to be effective, it has to be entirely embraced by the Chief Executive Officer. This study was developed with the purpose of validating specific theoretical models, whose designs were based on literature review, by sampling 10 of the Automobile Industries located in the ABC region of Metropolitan São Paulo City. This sampling was based on the representativeness of such industries, particularly with regards to each one's implementation of information technology in the region. The current study concludes, presenting evidence of the discriminating validity of four key dimensions of the security policy, being such: the Physical Security, the Logical Access Security, the Administrative Security, and the Legal & Environmental Security. On analyzing the Alpha of Crombach structure of these security items, results not only attest that the capacity of those industries to implement security policies is indisputable, but also, the items involved, homogeneously correlate to each other.

  2. Static Validation of Security Protocols

    DEFF Research Database (Denmark)

    Bodei, Chiara; Buchholtz, Mikael; Degano, P.

    2005-01-01

    We methodically expand protocol narrations into terms of a process algebra in order to specify some of the checks that need to be made in a protocol. We then apply static analysis technology to develop an automatic validation procedure for protocols. Finally, we demonstrate that these techniques ...... suffice to identify several authentication flaws in symmetric and asymmetric key protocols such as Needham-Schroeder symmetric key, Otway-Rees, Yahalom, Andrew secure RPC, Needham-Schroeder asymmetric key, and Beller-Chang-Yacobi MSR...

  3. Network Security Validation Using Game Theory

    Science.gov (United States)

    Papadopoulou, Vicky; Gregoriades, Andreas

    Non-functional requirements (NFR) such as network security recently gained widespread attention in distributed information systems. Despite their importance however, there is no systematic approach to validate these requirements given the complexity and uncertainty characterizing modern networks. Traditionally, network security requirements specification has been the results of a reactive process. This however, limited the immunity property of the distributed systems that depended on these networks. Security requirements specification need a proactive approach. Networks' infrastructure is constantly under attack by hackers and malicious software that aim to break into computers. To combat these threats, network designers need sophisticated security validation techniques that will guarantee the minimum level of security for their future networks. This paper presents a game-theoretic approach to security requirements validation. An introduction to game theory is presented along with an example that demonstrates the application of the approach.

  4. Validity and reliability of food security measures.

    Science.gov (United States)

    Cafiero, Carlo; Melgar-Quiñonez, Hugo R; Ballard, Terri J; Kepple, Anne W

    2014-12-01

    This paper reviews some of the existing food security indicators, discussing the validity of the underlying concept and the expected reliability of measures under reasonably feasible conditions. The main objective of the paper is to raise awareness on existing trade-offs between different qualities of possible food security measurement tools that must be taken into account when such tools are proposed for practical application, especially for use within an international monitoring framework. The hope is to provide a timely, useful contribution to the process leading to the definition of a food security goal and the associated monitoring framework within the post-2015 Development Agenda. © 2014 New York Academy of Sciences.

  5. Current Concerns in Validity Theory.

    Science.gov (United States)

    Kane, Michael

    Validity is concerned with the clarification and justification of the intended interpretations and uses of observed scores. It has not been easy to formulate a general methodology set of principles for validation, but progress has been made, especially as the field has moved from relatively limited criterion-related models to sophisticated…

  6. Validity Evidence for the Security Scale as a Measure of Perceived Attachment Security in Adolescence

    Science.gov (United States)

    Van Ryzin, Mark J.; Leve, Leslie D.

    2012-01-01

    In this study, the validity of a self-report measure of children's perceived attachment security (the Kerns Security Scale) was tested using adolescents. With regards to predictive validity, the Security Scale was significantly associated with (1) observed mother-adolescent interactions during conflict and (2) parent- and teacher-rated social…

  7. Security Property Validation of the Sensor Network Encryption Protocol (SNEP

    Directory of Open Access Journals (Sweden)

    Salekul Islam

    2015-07-01

    Full Text Available Since wireless sensor networks (WSNs have been designed to be deployed in an unsecured, public environment, secured communication is really vital for their wide-spread use. Among all of the communication protocols developed for WSN, the Security Protocols for Sensor Networks (SPINS is exceptional, as it has been designed with security as a goal. SPINS is composed of two building blocks: Secure Network Encryption Protocol (SNEP and the “micro” version of the Timed Efficient Streaming Loss-tolerant Authentication (TESLA, named μTESLA. From the inception of SPINS, a number of efforts have been made to validate its security properties. In this paper, we have validated the security properties of SNEP by using an automated security protocol validation tool, named AVISPA. Using the protocol specification language, HLPSL, we model two combined scenarios—node to node key agreement and counter exchange protocols—followed by data transmission. Next, we validate the security properties of these combined protocols, using different AVISPA back-ends. AVISPA reports the models we have developed free from attacks. However, by analyzing the key distribution sub-protocol, we find one threat of a potential DoS attack that we have demonstrated by modeling in AVISPA. Finally, we propose a modification, and AVISPA reports this modified version free from the potential DoS attack.

  8. Social Security Numbers in Medicaid Records: Reporting and Validity, 2009

    OpenAIRE

    John L. Czajka; Shinu Verghese

    2013-01-01

    This report presents findings from a validation study of Social Security numbers (SSNs) in Medicaid Statistical Information System (MSIS) records for the fourth quarter of federal fiscal year 2009. The study produced results for the nation and the states on how often SSNs were reported in MSIS records and how often the reported SSNs passed a validation test at the U.S. Census Bureau, based on data obtained from the Social Security Administration.

  9. Validity evidence for the Security Scale as a measure of perceived attachment security in adolescence.

    Science.gov (United States)

    Van Ryzin, Mark J; Leve, Leslie D

    2012-04-01

    In this study, the validity of a self-report measure of children's perceived attachment security (the Kerns Security Scale) was tested using adolescents. With regards to predictive validity, the Security Scale was significantly associated with (1) observed mother-adolescent interactions during conflict and (2) parent- and teacher-rated social competence. With regards to convergent validity, the Security Scale was significantly associated with all subscales of the Adult Attachment Scale (i.e., Depend, Anxiety, and Close) as measured 3 years later. Further, these links were found even after controlling for mother-child relationship quality as assessed by the Inventory of Parent and Peer Attachment (IPPA), and chi-square difference tests indicated that the Security Scale was generally a stronger predictor as compared to the IPPA. These results suggest that the Security Scale can be used to assess perceived attachment security across both childhood and adolescence, and thus could contribute significantly to developmental research during this period. Copyright © 2011 The Foundation for Professionals in Services for Adolescents. Published by Elsevier Ltd. All rights reserved.

  10. IT Security Standards and Legal Metrology - Transfer and Validation

    Science.gov (United States)

    Thiel, F.; Hartmann, V.; Grottker, U.; Richter, D.

    2014-08-01

    Legal Metrology's requirements can be transferred into the IT security domain applying a generic set of standardized rules provided by the Common Criteria (ISO/IEC 15408). We will outline the transfer and cross validation of such an approach. As an example serves the integration of Legal Metrology's requirements into a recently developed Common Criteria based Protection Profile for a Smart Meter Gateway designed under the leadership of the Germany's Federal Office for Information Security. The requirements on utility meters laid down in the Measuring Instruments Directive (MID) are incorporated. A verification approach to check for meeting Legal Metrology's requirements by their interpretation through Common Criteria's generic requirements is also presented.

  11. Validation of the "Security Needs Assessment Profile" for measuring the profiles of security needs of Chinese forensic psychiatric inpatients.

    Science.gov (United States)

    Siu, B W M; Au-Yeung, C C Y; Chan, A W L; Chan, L S Y; Yuen, K K; Leung, H W; Yan, C K; Ng, K K; Lai, A C H; Davies, S; Collins, M

    Mapping forensic psychiatric services with the security needs of patients is a salient step in service planning, audit and review. A valid and reliable instrument for measuring the security needs of Chinese forensic psychiatric inpatients was not yet available. This study aimed to develop and validate the Chinese version of the Security Needs Assessment Profile for measuring the profiles of security needs of Chinese forensic psychiatric inpatients. The Security Needs Assessment Profile by Davis was translated into Chinese. Its face validity, content validity, construct validity and internal consistency reliability were assessed by measuring the security needs of 98 Chinese forensic psychiatric inpatients. Principal factor analysis for construct validity provided a six-factor security needs model explaining 68.7% of the variance. Based on the Cronbach's alpha coefficient, the internal consistency reliability was rated as acceptable for procedural security (0.73), and fair for both physical security (0.62) and relational security (0.58). A significant sex difference (p=0.002) in total security score was found. The Chinese version of the Security Needs Assessment Profile is a valid and reliable instrument for assessing the security needs of Chinese forensic psychiatric inpatients. Copyright © 2017 Elsevier Ltd. All rights reserved.

  12. Study of Security Attributes of Smart Grid Systems- Current Cyber Security Issues

    Energy Technology Data Exchange (ETDEWEB)

    Wayne F. Boyer; Scott A. McBride

    2009-04-01

    This document provides information for a report to congress on Smart Grid security as required by Section 1309 of Title XIII of the Energy Independence and Security Act of 2007. The security of any future Smart Grid is dependent on successfully addressing the cyber security issues associated with the nation’s current power grid. Smart Grid will utilize numerous legacy systems and technologies that are currently installed. Therefore, known vulnerabilities in these legacy systems must be remediated and associated risks mitigated in order to increase the security and success of the Smart Grid. The implementation of Smart Grid will include the deployment of many new technologies and multiple communication infrastructures. This report describes the main technologies that support Smart Grid and summarizes the status of implementation into the existing U.S. electrical infrastructure.

  13. Safe and secure South Africa. Vehicle landmine protection validation testing

    CSIR Research Space (South Africa)

    Reinecke, JD

    2008-11-01

    Full Text Available The objective of this paper is to provide an overview of vehicle landmine protection validation testing in South Africa. A short history of validation test standards is given, followed by a summary of current open test standards in general use...

  14. Current energy situation affecting national economy, security, and psyche

    International Nuclear Information System (INIS)

    Blundell, H.; Culbreath, H.L.

    1979-01-01

    Nuclear energy should be perceived by Americans as the energy option that can fill the gap left by petroleum shortages. Opposition to nuclear power symbolizes a drive to slow economic growth and return to a decentralized society, but it overlooks the implications that not going nuclear will have for the economy and national security. The General Accounting Office plotted the consequences for three scenarios and concluded that only nuclear power can provide enough domestic energy to meet projected electrical needs. The impact of higher energy prices that will follow energy-supply shortages will result in social change and in a decline in national security. The issues of import dependence, proliferation, economic competition, and morality are not valid reasons to forego nuclear development because the connections are not valid

  15. IT Security Standards and Legal Metrology – Transfer and Validation

    Directory of Open Access Journals (Sweden)

    Thiel F.

    2014-01-01

    Full Text Available Legal Metrology’s requirements can be transferred into the IT security domain applying a generic set of standardized rules provided by the Common Criteria (ISO/IEC 15408. We will outline the transfer and cross validation of such an approach. As an example serves the integration of Legal Metrology’s requirements into a recently developed Common Criteria based Protection Profile for a Smart Meter Gateway designed under the leadership of the Germany’s Federal Office for Information Security. The requirements on utility meters laid down in the Measuring Instruments Directive (MID are incorporated. A verification approach to check for meeting Legal Metrology’s requirements by their interpretation through Common Criteria’s generic requirements is also presented.

  16. Energy Security of Russia and the EU: Current Legal Problems

    Energy Technology Data Exchange (ETDEWEB)

    Seliverstov, S.

    2009-07-01

    Security of energy supply is a cornerstone of European energy policy. It receives specific mention both in the Constitution Treaty and in the Lisbon Treaty. Of course, energy and energy-generated revenues are vital for Russia as well. It is a common understanding that Russia and the EU are extremely interdependent in terms of energy. On the one hand, Russia is the strategic energy supplier to the EU as a whole; for some member states Russian supplies represent the only source of the external energy flows. On the other hand, the revenues generated from the west-bound supplies of oil and gas constitute a significant share of the overall export income and of the budget of Russian Federation. Taking the interdependency as a point of departure the present article answers the following questions: What are the differences and the similarities in the European and the Russian approaches towards security of energy supply? Is their understanding of energy security so different? What are the current legal instruments guiding interaction in this sphere? What are the actual trends that could give some indication of how the situation may develop in the future? - While the concepts of 'security of energy supplies' or of 'energy security' are theoretical in nature, the ways the concepts are understood and the legal framework for them directly influences the way they are applied in practice. (author)

  17. Energy Security of Russia and the EU: Current Legal Problems

    International Nuclear Information System (INIS)

    Seliverstov, S.

    2009-01-01

    Security of energy supply is a cornerstone of European energy policy. It receives specific mention both in the Constitution Treaty and in the Lisbon Treaty. Of course, energy and energy-generated revenues are vital for Russia as well. It is a common understanding that Russia and the EU are extremely interdependent in terms of energy. On the one hand, Russia is the strategic energy supplier to the EU as a whole; for some member states Russian supplies represent the only source of the external energy flows. On the other hand, the revenues generated from the west-bound supplies of oil and gas constitute a significant share of the overall export income and of the budget of Russian Federation. Taking the interdependency as a point of departure the present article answers the following questions: What are the differences and the similarities in the European and the Russian approaches towards security of energy supply? Is their understanding of energy security so different? What are the current legal instruments guiding interaction in this sphere? What are the actual trends that could give some indication of how the situation may develop in the future? - While the concepts of 'security of energy supplies' or of 'energy security' are theoretical in nature, the ways the concepts are understood and the legal framework for them directly influences the way they are applied in practice. (author)

  18. Current status of international training center for nuclear security and security issues in Korea

    International Nuclear Information System (INIS)

    Lee, Jong-UK; Sin, Byung Woo

    2013-01-01

    During the 2010 Nuclear Security Summit (NSS) President Lee declared that Korea will establish an international training center (ITC) for nuclear security near the Korea Institute of Nuclear Nonproliferation and Control (KINAC). It will be open to the world in 2014. The government's long term goal is to make the center a hub for education and training in the nuclear field in Asia. The ITC will accomplish this by establishing facilities for practical and realistic exercises through the use of a test bed and various other experiments. The center will also provide comprehensive educational programs for nuclear newcomers. Its main programs include: a well designed educational program, customized training courses, and on-the-job training. This paper will discuss the current status of the ITC and describe practical plans for solving current security issues in Korea. (authors)

  19. 49 CFR 1522.121 - Security threat assessments for personnel of TSA-approved validation firms.

    Science.gov (United States)

    2010-10-01

    ... 49 Transportation 9 2010-10-01 2010-10-01 false Security threat assessments for personnel of TSA... FOR ALL MODES OF TRANSPORTATION TSA-APPROVED VALIDATION FIRMS AND VALIDATORS TSA-Approved Validation... for personnel of TSA-approved validation firms. Each of the following must successfully complete a...

  20. Economic security of modern Russia: the current state and prospects

    Directory of Open Access Journals (Sweden)

    Karanina Elena

    2018-01-01

    Full Text Available In the conditions of instability of the world economy and the introduction of sanctions against Russia by a number of countries, the problem of ensuring national economic security has become particularly relevant. This topic also has a high scientific, practical and social significance, as it allows to identify possible gaps in the economic security of modern Russia and timely develop mechanisms to eliminate them to protect the national interests of the state. The purpose of this article is to determine the state and prospects of improving the economic security of modern Russia. This can be achieved by solving the following tasks: review of existing methods to evaluate the economic security of country, conduct a SWOT analysis of economic security of modern Russia, the development of suggestions for its improvement. This research analyzes various aspects of the economic security of modern Russia. As a result, the author developed an integrated method to ensuring the economic security of the country, as well as a matrix of economic security within this method. The way of increase of economic security of modern Russia is offered. Thus, to overcome the threats for the economic security of modern Russia, it is necessary to implement the recommendations developed by the authors, including the establishment of their own production and the construction of an innovatively oriented model of the economy. This will ensure the economic security of modern Russia and its stable development in the future.

  1. The Current Status of the Economic Security of Poltava Region

    Directory of Open Access Journals (Sweden)

    Bondarevska Olha M.

    2017-12-01

    Full Text Available The status of economic security of Poltava region in 2012–2016 was analyzed, the analysis was conducted using the developed methodology for assessing economic security of region, which is based on the joint use of indicative and functional methods. In order to assess the status of economic security of region, a system of indicators, divided by economic security components, has been formed using functional approach. The information-analytical provision of assessment has been formed using statistical information on the socio-economic development of the region. The influence of factors of destabilizing and destimulative nature on the status of economic security of the region has been researched. It has been concluded that the economic security of Poltava region is unsatisfactory, despite the existence of some positive tendencies, which at present are not sustainable.

  2. User Modelling Validation over the Security Awareness of Digital Natives

    Directory of Open Access Journals (Sweden)

    Vasileios Gkioulos

    2017-07-01

    Full Text Available Young generations make extensive use of mobile devices, such as smart-phones, tablets and laptops, for a variety of daily tasks with potentially critical impact, while the number of security breaches via portable devices increases exponentially. A plethora of security risks associated with these devices are induced by design shortcomings and vulnerabilities related to user behavior. Therefore, deploying suitable risk treatments requires the investigation of how security experts perceive the digital natives (young people, born in the digital era, when utilizing their user behavior models in the design and analysis of related systems. In this article, we present the results of a survey performed across a multinational sample of security professionals, in comparison to our earlier study over the security awareness of digital natives. Through this study, we seek to identify divergences between user behavior and the conceptual user-models that security experts utilise in their professional tasks. Our results indicate that the experts understanding over the user behaviour does not follow a solidified user-model, while influences from personal perceptions and randomness are also noticeable.

  3. Climate change and food security in Tanzania: analysis of current ...

    African Journals Online (AJOL)

    A review of literature was conducted in order to identify knowledge gaps in climate change and food security research in Tanzania. The review focused on published literature covering the past 20 years addressing climate change effects on various components of the food security. The review of literature reveals, among ...

  4. An integrated approach to validation of safeguards and security program performance

    International Nuclear Information System (INIS)

    Altman, W.D.; Hunt, J.S.; Hockert, J.W.

    1988-01-01

    Department of Energy (DOE) requirements for safeguards and security programs are becoming increasingly performance oriented. Master Safeguards and Security Agreemtns specify performance levels for systems protecting DOE security interests. In order to measure and validate security system performance, Lawrence Livermore National Laboratory (LLNL) has developed cost effective validation tools and a comprehensive validation approach that synthesizes information gained from different activities such as force on force exercises, limited scope performance tests, equipment testing, vulnerability analyses, and computer modeling; into an overall assessment of the performance of the protection system. The analytic approach employs logic diagrams adapted from the fault and event trees used in probabilistic risk assessment. The synthesis of the results from the various validation activities is accomplished using a method developed by LLNL, based upon Bayes' theorem

  5. The Current State of the International Security System

    OpenAIRE

    Ивашов, Леонид Григорьевич

    2013-01-01

    The author examines the modern geopolitical world and assesses the threats to Russia’s security. These threats are demonstrated to be hitched to the goals of the US National Strategy and, in particular, to the US plans on deployment of anti-ballistic missile system. The author argues that in this situation the mainstay of Russia’s foreign policy should become “security through cooperation.”Key words: international security, anti-ballistic missile, preemptive war, geopolitical centers, UN Secu...

  6. Mammography image assessment; validity and reliability of current scheme

    International Nuclear Information System (INIS)

    Hill, C.; Robinson, L.

    2015-01-01

    Mammographers currently score their own images according to criteria set out by Regional Quality Assurance. The criteria used are based on the ‘Perfect, Good, Moderate, Inadequate’ (PGMI) marking criteria established by the National Health Service Breast Screening Programme (NHSBSP) in their Quality Assurance Guidelines of 2006 1 . This document discusses the validity and reliability of the current mammography image assessment scheme. Commencing with a critical review of the literature this document sets out to highlight problems with the national approach to the use of marking schemes. The findings suggest that ‘PGMI’ scheme is flawed in terms of reliability and validity and is not universally applied across the UK. There also appear to be differences in schemes used by trainees and qualified mammographers. Initial recommendations are to be made in collaboration with colleagues within the National Health Service Breast Screening Programme (NHSBSP), Higher Education Centres, College of Radiographers and the Royal College of Radiologists in order to identify a mammography image appraisal scheme that is fit for purpose. - Highlights: • Currently no robust evidence based marking tools in use for the assessment of images in mammography. • Is current system valid, reliable and robust? • How can the current image assessment tool be improved? • Should students and qualified mammographers use the same tool? • What marking criteria are available for image assessment?

  7. Operational validation - current status and opportunities for improvement

    International Nuclear Information System (INIS)

    Davey, E.

    2002-01-01

    The design of nuclear plant systems and operational practices is based on the application of multiple defenses to minimize the risk of occurrence of safety and production challenges and upsets. With such an approach, the effectiveness of individual or combinations of design and operational features in preventing upset challenges should be known. A longstanding industry concern is the adverse impact errors in human performance can have on plant safety and production. To minimize the risk of error occurrence, designers and operations staff routinely employ multiple design and operational defenses. However, the effectiveness of individual or combinations of defensive features in minimizing error occurrence are generally only known in a qualitative sense. More importantly, the margins to error or upset occurrence provided by combinations of design or operational features are generally not characterized during design or operational validation. This paper provides some observations and comments on current validation practice as it relates to operational human performance concerns. The paper also discusses opportunities for future improvement in validation practice in terms of the resilience of validation results to operating changes and characterization of margins to safety or production challenge. (author)

  8. Current Methods for Evaluation of Physical Security System Effectiveness.

    Science.gov (United States)

    1981-05-01

    nuclear fuel system installation in a - articular way. These entities are thereby identified as more or less significant targets for the security...These publications use non-standard definitions for some safe- guards terms, which is an unfortunate distraction . None of the publications we...when the participant reaches his objective. If this requires more than one time step, he may be distracted by changed circumstances before he completes

  9. Validation of Computer Models for Homeland Security Purposes

    International Nuclear Information System (INIS)

    Schweppe, John E.; Ely, James; Kouzes, Richard T.; McConn, Ronald J.; Pagh, Richard T.; Robinson, Sean M.; Siciliano, Edward R.; Borgardt, James D.; Bender, Sarah E.; Earnhart, Alison H.

    2005-01-01

    At Pacific Northwest National Laboratory, we are developing computer models of radiation portal monitors for screening vehicles and cargo. Detailed models of the radiation detection equipment, vehicles, cargo containers, cargos, and radioactive sources have been created. These are used to determine the optimal configuration of detectors and the best alarm algorithms for the detection of items of interest while minimizing nuisance alarms due to the presence of legitimate radioactive material in the commerce stream. Most of the modeling is done with the Monte Carlo code MCNP to describe the transport of gammas and neutrons from extended sources through large, irregularly shaped absorbers to large detectors. A fundamental prerequisite is the validation of the computational models against field measurements. We describe the first step of this validation process, the comparison of the models to measurements with bare static sources

  10. Improving Control System Security through the Evaluation of Current Trends in Computer Security Research

    Energy Technology Data Exchange (ETDEWEB)

    Rolston

    2005-03-01

    At present, control system security efforts are primarily technical and reactive in nature. What has been overlooked is the need for proactive efforts, focused on the IT security research community from which new threats might emerge. Evaluating cutting edge IT security research and how it is evolving can provide defenders with valuable information regarding what new threats and tools they can anticipate in the future. Only known attack methodologies can be blocked, and there is a gap between what is known to the general security community and what is being done by cutting edge researchers --both those trying to protect systems and those trying to compromise them. The best security researchers communicate with others in their field; they know what cutting edge research is being done; what software can be penetrated via this research; and what new attack techniques and methodologies are being circulated in the black hat community. Standardization of control system applications, operating systems, and networking protocols is occurring at a rapid rate, following a path similar to the standardization of modern IT networks. Many attack methodologies used on IT systems can be ported over to the control system environment with little difficulty. It is extremely important to take advantage of the lag time between new research, its use on traditional IT networks, and the time it takes to port the research over for use on a control system network. Analyzing nascent trends in IT security and determining their applicability to control system networks provides significant information regarding defense mechanisms needed to secure critical infrastructure more effectively. This work provides the critical infrastructure community with a better understanding of how new attacks might be launched, what layers of defense will be needed to deter them, how the attacks could be detected, and how their impact could be limited.

  11. Validating eddy current array probes for inspecting steam generator tubes

    International Nuclear Information System (INIS)

    Sullivan, S.P.; Cecco, V.S.; Obrutsky, L.S.

    1997-01-01

    A CANDU nuclear reactor was shut down for over one year because steam generator (SG) tubes had failed with outer diameter stress-corrosion cracking (ODSCC) in the U-bend section. Novel, single-pass eddy current transmit-receive probes, denoted as C3, were successful in detecting all significant cracks so that the cracked tubes could be plugged and the unit restarted. Significant numbers of tubes with SCC were removed from a SG in order to validate the results of the new probe. Results from metallurgical examinations were used to obtain probability-of-detection (POD) and sizing accuracy plots to quantify the performance of this new inspection technique. Though effective, the above approach of relying on tubes removed from a reactor is expensive, in terms of both economic and radiation-exposure costs. This led to a search for more affordable methods to validate inspection techniques and procedures. Methods are presented for calculating POD curves based on signal-to-noise studies using field data. Results of eddy current scans of tubes with laboratory-induced ODSCC are presented with associated POD curves. These studies appear promising in predicting realistic POD curves for new inspection technologies. They are being used to qualify an improved eddy current array probe in preparation for field use. (author)

  12. Secure Programming Cookbook for C and C++ Recipes for Cryptography, Authentication, Input Validation & More

    CERN Document Server

    Viega, John

    2009-01-01

    Secure Programming Cookbook for C and C++ is an important new resource for developers serious about writing secure code for Unix® (including Linux®) and Windows® environments. This essential code companion covers a wide range of topics, including safe initialization, access control, input validation, symmetric and public key cryptography, cryptographic hashes and MACs, authentication and key exchange, PKI, random numbers, and anti-tampering.

  13. Current status of securing Category 1 and 2 radioactive sources in Taiwan

    Energy Technology Data Exchange (ETDEWEB)

    Cheng, Y-F.; Tsai, C-H. [Atomic Energy Council of Executive Yuan of Taiwan (China)

    2014-07-01

    For enhancing safe and secure management of Category 1 and 2 radioactive sources against theft or unauthorized removal, AEC (Atomic Energy Council) of Taiwan have been regulating the import/export of the sources ever since 2005, in compliance with the IAEA's (International Atomic Energy Agency) 'Guidance on the Import and Export of Radioactive Sources'. Furthermore in consulting the IAEA Nuclear Security Series No.11 report, administrative regulations on the program of securing the sources have been embodied into AECL's regulatory system since 2012, for the purpose of enforcing medical and non-medical licensees and industrial radiographers to establish their own radioactive source security programs. Regulations require that security functions such as access control, detection, delay, response and communication and security management measures are to be implemented within the programs. This paper is to introduce the current status in implementing the security control measures in Taiwan. (author)

  14. General Potential-Current Model and Validation for Electrocoagulation

    International Nuclear Information System (INIS)

    Dubrawski, Kristian L.; Du, Codey; Mohseni, Madjid

    2014-01-01

    A model relating potential and current in continuous parallel plate iron electrocoagulation (EC) was developed for application in drinking water treatment. The general model can be applied to any EC parallel plate system relying only on geometric and tabulated input variables without the need of system-specific experimentally derived constants. For the theoretical model, the anode and cathode were vertically divided into n equipotential segments in a single pass, upflow, and adiabatic EC reactor. Potential and energy balances were simultaneously solved at each vertical segment, which included the contribution of ionic concentrations, solution temperature and conductivity, cathodic hydrogen flux, and gas/liquid ratio. We experimentally validated the numerical model with a vertical upflow EC reactor using a 24 cm height 99.99% pure iron anode divided into twelve 2 cm segments. Individual experimental currents from each segment were summed to determine total current, and compared with the theoretically derived value. Several key variables were studied to determine their impact on model accuracy: solute type, solute concentration, current density, flow rate, inter-electrode gap, and electrode surface condition. Model results were in good agreement with experimental values at cell potentials of 2-20 V (corresponding to a current density range of approximately 50-800 A/m 2 ), with mean relative deviation of 9% for low flow rate, narrow electrode gap, polished electrodes, and 150 mg/L NaCl. Highest deviation occurred with a large electrode gap, unpolished electrodes, and Na 2 SO 4 electrolyte, due to parasitic H 2 O oxidation and less than unity current efficiency. This is the first general model which can be applied to any parallel plate EC system for accurate electrochemical voltage or current prediction

  15. Current Trends in providing the Toys Security and Consumer Protection

    Directory of Open Access Journals (Sweden)

    Luiela Magdalena Csorba

    2014-01-01

    Full Text Available The goods and services market is not in equilibrium. This affects continuously the consumers under multiple aspects: economic, educational, health insurance and security, and so on. Not even the toys market outlets or the toys trading market aren’t trouble free. Because publications in the toys consumer protection field are seldom (legislation is the starting point in analyzing this area, the checks carried out at national level which showed the marketed toys insecurity and the abuses of the economic agents in this sector determined us to analyze the degree in which people knows the toy-related injuries and the danger to which they expose their own children when purchasing dangerous toys. That’s why a quantitative research was conducted, using the method of questionnaire, distributed through the Romanian consumers, with the aim to check the empirically awareness and the seriousness with which they relate the risks concerning the toys consume.

  16. The AVANTSSAR Platform for the Automated Validation of Trust and Security of Service-Oriented Architectures

    DEFF Research Database (Denmark)

    Armando, Alessandro; Arsac, Wihem; Avanesov, Tigran

    2012-01-01

    The AVANTSSAR Platform is an integrated toolset for the formal specification and automated validation of trust and security of service-oriented architectures and other applications in the Internet of Services. The platform supports application-level specification languages (such as BPMN and our...

  17. Development and initial validation of a measure of attachment security in late adulthood.

    Science.gov (United States)

    Lopez, Frederick G; Ramos, Katherine; Kim, Mijin

    2018-05-10

    Attachment theory-guided studies of older adults have generally relied on self-report measures that were validated on young adult samples and that focus on fears of rejection by romantic partners and on experiences of chronic discomfort with romantic intimacy as the key indicators of adult attachment security. These assessment characteristics raise important questions as to whether these measures are appropriate for use with older adults. Unlike their younger adult counterparts, older adults may face distinctive life stage-related threats to their attachment security such as declining health and autonomy, spousal loss, and increased dependence on younger family members for instrumental and emotional support. In response to these concerns, we conducted two independent studies aimed at developing and validating a novel measure of attachment security in older adults-the Late Adulthood Attachment Scale (LAAS). In study one (N = 287), exploratory structural equation modeling (ESEM) methods were used to identify and support a 2-factor structure (Fearful Avoidance, Secure Engagement) underlying LAAS scores. In study two (N = 417), ESEM and regression analyses confirmed the 2-factor structure and demonstrated the ability of LAAS scores to predict participants' well-being over a 3-month interval (n = 93). Findings from both studies support the psychometric adequacy of the LAAS as an alternative measure of attachment security for use with older adult samples. (PsycINFO Database Record (c) 2018 APA, all rights reserved).

  18. 78 FR 30319 - Intent to Request Renewal From OMB of One Current Public Collection of Information: Security...

    Science.gov (United States)

    2013-05-22

    ... DEPARTMENT OF HOMELAND SECURITY Transportation Security Administration [Docket No. TSA-2002-11602] Intent to Request Renewal From OMB of One Current Public Collection of Information: Security Programs for..., Transportation Security Administration, 601 South 12th Street, Arlington, VA 20598-6011. FOR FURTHER INFORMATION...

  19. The Main Features of and Response to The Current Asian Security Situation

    Institute of Scientific and Technical Information of China (English)

    Hu; Shisheng

    2015-01-01

    I.The Main Features of the Current Asian Security Situation The strategic game between China and the United States becomes the most powerful driving force to change the Asian traditional security situation.The United States has tried its best to delay China’s rising pace or"to standardize"China’s rising path by using its huge military advantage and forward military deployment and strengthening its security network of alliance and friends,so as to maintain its dominant position in

  20. Maternal sensitivity and infant attachment security in Korea: cross-cultural validation of the Strange Situation.

    Science.gov (United States)

    Jin, Mi Kyoung; Jacobvitz, Deborah; Hazen, Nancy; Jung, Sung Hoon

    2012-01-01

    The present study sought to analyze infant and maternal behavior both during the Strange Situation Procedure (SSP) and a free play session in a Korean sample (N = 87) to help understand whether mother-infant attachment relationships are universal or culture-specific. Distributions of attachment classifications in the Korean sample were compared with a cross-national sample. Behavior of mothers and infants following the two separation episodes in the SSP, including mothers' proximity to their infants and infants' approach to the caregiver, was also observed, as was the association between maternal sensitivity observed during free play session and infant security. The percentage of Korean infants classified as secure versus insecure mirrored the global distribution, however, only one Korean baby was classified as avoidant. Following the separation episodes in the Strange Situation, Korean mothers were more likely than mothers in Ainsworth's Baltimore sample to approach their babies immediately and sit beside them throughout the reunion episodes, even when their babies were no longer distressed. Also, Korean babies less often approached their mothers during reunions than did infants in the Baltimore sample. Finally, the link between maternal sensitivity and infant security was significant. The findings support the idea that the basic secure base function of attachment is universal and the SSP is a valid measure of secure attachment, but cultural differences in caregiving may result in variations in how this function is manifested.

  1. Symptom validity issues in the psychological consultative examination for social security disability.

    Science.gov (United States)

    Chafetz, Michael D

    2010-08-01

    This article is about Social Security Administration (SSA) policy with regard to the Psychological Consultative Examination (PCE) for Social Security Disability, particularly with respect to validation of the responses and findings. First, the nature of the consultation and the importance of understanding the boundaries and ethics of the psychologist's role are described. Issues particular to working with low-functioning claimants usually form a large part of these examinations. The psychologist must understand various forms of non-credible behavior during the PCE, and how malingering might be considered among other non-credible presentations. Issues pertaining to symptom validity testing in low-functioning claimants are further explored. SSA policy with respect to symptom validity testing is carefully examined, with an attempt to answer specific concerns and show how psychological science can be of assistance, particularly with evidence-based practice. Additionally, the nature and importance of techniques to avoid the mislabeling of claimants as malingerers are examined. SSA requires the use of accepted diagnostic techniques with which to establish impairment, and this article describes the implementation of that requirement, particularly with respect to validating the findings.

  2. Shared Solar. Current Landscape, Market Potential, and the Impact of Federal Securities Regulation

    Energy Technology Data Exchange (ETDEWEB)

    Feldman, David [National Renewable Energy Laboratory (NREL), Golden, CO (United States); Brockway, Anna M. [U.S. Department of Energy, Washington, DC (United States); Ulrich, Elaine [U.S. Department of Energy, Washington, DC (United States); Margolis, Robert [National Renewable Energy Laboratory (NREL), Golden, CO (United States)

    2015-04-07

    This report provides a high-level overview of the current U.S. shared solar landscape, the impact that a given shared solar program’s structure has on requiring federal securities oversight, as well as an estimate of market potential for U.S. shared solar deployment.

  3. Shared Solar. Current Landscape, Market Potential, and the Impact of Federal Securities Regulation

    Energy Technology Data Exchange (ETDEWEB)

    Feldman, David [National Renewable Energy Lab. (NREL), Golden, CO (United States); Brockway, Anna M. [Office of Energy Efficiency and Renewable Energy (EERE), Washington, DC (United States); Ulrich, Elaine [Office of Energy Efficiency and Renewable Energy (EERE), Washington, DC (United States); Margolis, Robert [National Renewable Energy Lab. (NREL), Golden, CO (United States)

    2015-04-01

    This report provides a high-level overview of the current U.S. shared solar landscape and the impact that a given shared solar program’s structure has on requiring federal securities oversight, as well as an estimate of market potential for U.S. shared solar deployment.

  4. Examination of the Current Approaches to State-Level Nuclear Security Evaluation

    International Nuclear Information System (INIS)

    Kim, Chan; Yim, Mansung; Kim, So Young

    2014-01-01

    An effective global nuclear materials security system will cover all materials, employ international standards and best practices, and reduce risks by reducing weapons-usable nuclear material stocks and the number of locations where they are found. Such a system must also encourage states to accept peer reviews by outside experts in order to demonstrate that effective security is in place. It is thus critically important to create an integrative framework of state-level evaluation of nuclear security as a basis for measuring the level and progress of international effort to secure and control all nuclear materials. There have been studies to represent state-level nuclear security with a quantitative metric. A prime example is the Nuclear Materials Security Index (NMSI) by the Nuclear Threat Initiative (NTI). Another comprehensive study is the State Level Risk Metric by Texas A and M University (TAMU). This paper examines the current methods with respect to their strengths and weaknesses and identifies the directions for future research to improve upon the existing approaches

  5. Investments of Banks in Securities: the Essence and Development Trends under Current Conditions

    Directory of Open Access Journals (Sweden)

    Ekaterina Vladimirovna Mazikova

    2015-12-01

    Full Text Available The implementation of modern banking activities involves the realization of investments. Investment is a complex discussion economic category, characterized by a number of features. The types and forms of investment are manifold and can be transformed with account of the state of the economy and the level of development of industrial relations. The faster growth of the financial sector in the economy has stipulated the development of financial investment. Banks as financial and lending institutions actively make financial investments in securities. Banks’ investment in securities pursues a number of purposes which determine the selection of securities for investment and their quality. The article identified the targets of bank investments in securities and their development trends under current conditions on the basis of the analysis of the actual data for 2010–2014. Negative revaluation and the actual decrease in the value of corporate securities of Russian issuers reduce their commercial appeal. Banks refuse to speculate on the stock market in favor of the securities that ensure liquidity. Banks’ investments aim to purchasing securities from the Lombard List of the Bank of Russia in order to obtain loans and participate in the repo transactions. Thus, during the analyzed period, banks’ investments in securities transformed from systemically important assets that generate substantial profit into the mechanism that provides liquidity. It should be noted that a significant part of investment resources of Russian banks services the debt obligations of Russia’s Government. The article also identified a trend of banks’ increasing investment in the participation portfolios of subsidiaries and associated joint stock companies. The official data of the Central Bank of the Russian Federation (Bank of Russia [15], and the Federal State Statistics Service [14] were used as the information base for the study

  6. Designing, Capturing and Validating History-Sensitive Security Policies for Distributed Systems

    DEFF Research Database (Denmark)

    Hernandez, Alejandro Mario; Nielson, Flemming; Nielson, Hanne Riis

    2011-01-01

    has the capability of combining both history-sensitive and future-sensitive policies, providing even more flexibility and power. Moreover, we propose a global Logic for reasoning about the systems designed with this language. We show how the Logic can be used to validate the combination of security...... this approach with history-based components, as is traditional in reference-monitor-based approaches to mandatory access control. Our developments are performed in an Aspect-oriented coordination language, aiming to describe the Bell-LaPadula policy as elegantly as possible. Furthermore, the resulting language...

  7. NS [Nuclear Safety] update. Current safety and security activities and developments taking place in the Department of Nuclear Safety and Security, Issue no. 12, September 2009

    International Nuclear Information System (INIS)

    2009-09-01

    The current issue presents information about the following topics: Nuclear Security Report 2009; G8 Nuclear Safety and Security Group (NSSG); Uranium Production Site Appraisal Team (UPSAT); New Entrant Nuclear Power Programmes Safety Guide on the Establishment of the Safety Infrastructure (DS424)

  8. Human Factors in Coast Guard Computer Security - An Analysis of Current Awareness and Potential Techniques to Improve Security Program Viability

    National Research Council Canada - National Science Library

    Whalen, Timothy

    2001-01-01

    .... As such, our ability to ensure the security of those systems is also increasing in import. Traditional information security measures tend to be system-oriented and often fail to address the human element that is critical to system success...

  9. Defense Waste Processing Facility Canister Closure Weld Current Validation Testing

    Energy Technology Data Exchange (ETDEWEB)

    Korinko, P. S. [Savannah River Site (SRS), Aiken, SC (United States). Savannah River National Lab. (SRNL); Maxwell, D. N. [Savannah River Site (SRS), Aiken, SC (United States). Savannah River National Lab. (SRNL)

    2018-01-29

    Two closure welds on filled Defense Waste Processing Facility (DWPF) canisters failed to be within the acceptance criteria in the DWPF operating procedure SW4-15.80-2.3 (1). In one case, the weld heat setting was inadvertently provided to the canister at the value used for test welds (i.e., 72%) and this oversight produced a weld at a current of nominally 210 kA compared to the operating procedure range (i.e., 82%) of 240 kA to 263 kA. The second weld appeared to experience an instrumentation and data acquisition upset. The current for this weld was reported as 191 kA. Review of the data from the Data Acquisition System (DAS) indicated that three of the four current legs were reading the expected values, approximately 62 kA each, and the fourth leg read zero current. Since there is no feasible way by further examination of the process data to ascertain if this weld was actually welded at either the target current or the lower current, a test plan was executed to provide assurance that these Nonconforming Welds (NCWs) meet the requirements for strength and leak tightness. Acceptance of the welds is based on evaluation of Test Nozzle Welds (TNW) made specifically for comparison. The TNW were nondestructively and destructively evaluated for plug height, heat tint, ultrasonic testing (UT) for bond length and ultrasonic volumetric examination for weld defects, burst pressure, fractography, and metallography. The testing was conducted in agreement with a Task Technical and Quality Assurance Plan (TTQAP) (2) and applicable procedures.

  10. Fiber-Optic Current Sensor Validation with Triggered Lightning Measurements

    Science.gov (United States)

    Nguyen, Truong X.; Ely, Jay J.; Szatkowski, George N.; Mata, Carlos T.; Mata, Angel G.; Snyder, Gary P.

    2013-01-01

    A fiber optic current sensor based on the Faraday Effect is developed that is highly suitable for aircraft installation and can measure total current enclosed in a fiber loop down to DC. Other attributes include being small, light-weight, non-conducting, safe from electromagnetic interference, and free of hysteresis and saturation. The Faraday Effect causes light polarization to rotate when exposed to a magnetic field in the direction of light propagation. Measuring the induced light polarization rotation in fiber loops yields the total current enclosed. Two sensor systems were constructed and installed at Camp Blanding, Florida, measuring rocket-triggered lightning. The systems were similar in design but with different laser wavelengths, sensitivities and ranges. Results are compared to a shunt resistor as reference. The 850nm wavelength system tested in summer 2011 showed good result comparison early. However, later results showed gradual amplitude increase with time, attributed to corroded connections affecting the 50-ohm output termination. The 1550nm system also yielded good results in the summer 2012. The successful measurements demonstrate the fiber optic sensor's accuracies in capturing real lightning currents, and represent an important step toward future aircraft installation.

  11. 37 CFR 1.419 - Display of currently valid control number under the Paperwork Reduction Act.

    Science.gov (United States)

    2010-07-01

    ... 37 Patents, Trademarks, and Copyrights 1 2010-07-01 2010-07-01 false Display of currently valid... UNITED STATES PATENT AND TRADEMARK OFFICE, DEPARTMENT OF COMMERCE GENERAL RULES OF PRACTICE IN PATENT CASES International Processing Provisions General Information § 1.419 Display of currently valid control...

  12. Automatic address validation and health record review to identify homeless Social Security disability applicants.

    Science.gov (United States)

    Erickson, Jennifer; Abbott, Kenneth; Susienka, Lucinda

    2018-06-01

    Homeless patients face a variety of obstacles in pursuit of basic social services. Acknowledging this, the Social Security Administration directs employees to prioritize homeless patients and handle their disability claims with special care. However, under existing manual processes for identification of homelessness, many homeless patients never receive the special service to which they are entitled. In this paper, we explore address validation and automatic annotation of electronic health records to improve identification of homeless patients. We developed a sample of claims containing medical records at the moment of arrival in a single office. Using address validation software, we reconciled patient addresses with public directories of homeless shelters, veterans' hospitals and clinics, and correctional facilities. Other tools annotated electronic health records. We trained random forests to identify homeless patients and validated each model with 10-fold cross validation. For our finished model, the area under the receiver operating characteristic curve was 0.942. The random forest improved sensitivity from 0.067 to 0.879 but decreased positive predictive value to 0.382. Presumed false positive classifications bore many characteristics of homelessness. Organizations could use these methods to prompt early collection of information necessary to avoid labor-intensive attempts to reestablish contact with homeless individuals. Annually, such methods could benefit tens of thousands of patients who are homeless, destitute, and in urgent need of assistance. We were able to identify many more homeless patients through a combination of automatic address validation and natural language processing of unstructured electronic health records. Copyright © 2018. Published by Elsevier Inc.

  13. Economic security of the Russian Federation: current status, level and threats

    Directory of Open Access Journals (Sweden)

    V. V. Grigoryeva

    2017-01-01

    Full Text Available The problems of national and economic security maintenanceis aggravating in modern conditions of globalization and international competition related to controlof market channels, technological, information and natural resources.Today Russia is making all efforts to protect its position on the world stage and improve the lives of its citizens.Despite the worsening of the present economic, political and social differences in the world, the Russian Federation has its own national interests, which can be possible to fulfill only on the basis of sustainable development of the national economic security system.The latter traditionally determines the ability of the state economic system to maintain normal conditions for the national economy functioning and the population activity. The national economic securitystabilitycan be estimated only by the application of elaborate tools of the economic development indicators analysis and the threshold values examinationaimed at the determination of the quality characteristic of actual and the most successful model of the economic activity.The analysis of the current Russian economic situation showed the presence of some serious problems existing in the national economy. The economic security level of Russia, having a tendency to increase in the period of 1998-2013, has been sharply reduced to critical points since 2014. So, it is necessary to take some measures to restructure the system of economic security of the state. Based on the research it was identified the list of the most dangerous threats to the modern Russian economy, which includes: low level of the country industrial production; the economy dependence on goods import and raw materials export; low living standards of the population; the rapid growth of the shadow economy and corruption; the lack of civil science and innovationdevelopment. The main strategic directions for economic security levelincrease in Russia today and in the future are aimed at

  14. NS [Nuclear Safety] update. Current safety and security activities and developments taking place in the Department of Nuclear Safety and Security. Issue no. 4, June 2007

    International Nuclear Information System (INIS)

    2007-04-01

    allow a broad discussion and to form a consolidated opinion. This should apply to requests for assistance from recipient states as well from donor states/organizations. Participation in the RSTCG is based on competencies and responsibilities. Currently the following divisions/sections within the IAEA's Department of Nuclear Safety and Security with responsibilities related to the control and management of radioactive sources are represented: Division of Radiation, Transport and Waste Safety with responsibilities in radiation safety related to sealed radioactive sources, Division of Nuclear Fuel Cycle and Waste Technology, with responsibilities in recovery, conditioning, storage and/or repatriation and Office of Nuclear Security with responsibilities in the protection against malicious acts (through the whole life cycle of sources)

  15. ICT security curriculum or how to respond to current global challenges

    Directory of Open Access Journals (Sweden)

    Marian Silviu Poboroniuc

    2017-01-01

    Full Text Available The paper presents some results obtained through the implementation of the Erasmus LLP “SALEIE” (Strategic Alignment of Electrical and Information Engineering in European Higher Education Institutions. The aim of the project was to bring together experts from European universities to enhance the competitiveness of Electrical and Information Engineering (EIE education within Europe, especially in relation to modern global technical challenges and to provide higher education models in a few EIE fields in accordance with these challenges. One of the outcomes of the project was a new ICT (Information and Computer Technology Security curriculum for bachelor and master levels. The research methodology comprised such stages as: identifying the most important current global challenges, conducting a survey related to existing EIE programs in order to establish the top-level criteria for an EIE curriculum, analyzing the results of the survey, obtaining the industry feedback related to technical and non-technical skills required for the specific field, and proposing a new curriculum for ICT Security programmes to respond to the modern technical challenges and to meet the needs of the industry, students, academics and graduates. As future work we will focus on stakeholder assessment in the EIE field and, based on the resulting feedback, on improving the ICT Security curriculum.

  16. Human Factors in Coast Guard Computer Security - An Analysis of Current Awareness and Potential Techniques to Improve Security Program Viability

    National Research Council Canada - National Science Library

    Whalen, Timothy

    2001-01-01

    .... This thesis attempts to identify both the susceptibility of Coast Guard information systems to human factors-based security risks and possible means for increasing user awareness of those risks...

  17. Health Information System Role-Based Access Control Current Security Trends and Challenges.

    Science.gov (United States)

    de Carvalho Junior, Marcelo Antonio; Bandiera-Paiva, Paulo

    2018-01-01

    This article objective is to highlight implementation characteristics, concerns, or limitations over role-based access control (RBAC) use on health information system (HIS) using industry-focused literature review of current publishing for that purpose. Based on the findings, assessment for indication of RBAC is obsolete considering HIS authorization control needs. We have selected articles related to our investigation theme "RBAC trends and limitations" in 4 different sources related to health informatics or to the engineering technical field. To do so, we have applied the following search query string: "Role-Based Access Control" OR "RBAC" AND "Health information System" OR "EHR" AND "Trends" OR "Challenges" OR "Security" OR "Authorization" OR "Attacks" OR "Permission Assignment" OR "Permission Relation" OR "Permission Mapping" OR "Constraint". We followed PRISMA applicable flow and general methodology used on software engineering for systematic review. 20 articles were selected after applying inclusion and exclusion criteria resulting contributions from 10 different countries. 17 articles advocate RBAC adaptations. The main security trends and limitations mapped were related to emergency access, grant delegation, and interdomain access control. Several publishing proposed RBAC adaptations and enhancements in order to cope current HIS use characteristics. Most of the existent RBAC studies are not related to health informatics industry though. There is no clear indication of RBAC obsolescence for HIS use.

  18. Reliability and validity of a short form household food security scale in a Caribbean community

    Directory of Open Access Journals (Sweden)

    Mahabir Deepak

    2004-06-01

    Full Text Available Abstract Background We evaluated the reliability and validity of the short form household food security scale in a different setting from the one in which it was developed. Methods The scale was interview administered to 531 subjects from 286 households in north central Trinidad in Trinidad and Tobago, West Indies. We evaluated the six items by fitting item response theory models to estimate item thresholds, estimating agreement among respondents in the same households and estimating the slope index of income-related inequality (SII after adjusting for age, sex and ethnicity. Results Item-score correlations ranged from 0.52 to 0.79 and Cronbach's alpha was 0.87. Item responses gave within-household correlation coefficients ranging from 0.70 to 0.78. Estimated item thresholds (standard errors from the Rasch model ranged from -2.027 (0.063 for the 'balanced meal' item to 2.251 (0.116 for the 'hungry' item. The 'balanced meal' item had the lowest threshold in each ethnic group even though there was evidence of differential functioning for this item by ethnicity. Relative thresholds of other items were generally consistent with US data. Estimation of the SII, comparing those at the bottom with those at the top of the income scale, gave relative odds for an affirmative response of 3.77 (95% confidence interval 1.40 to 10.2 for the lowest severity item, and 20.8 (2.67 to 162.5 for highest severity item. Food insecurity was associated with reduced consumption of green vegetables after additionally adjusting for income and education (0.52, 0.28 to 0.96. Conclusions The household food security scale gives reliable and valid responses in this setting. Differing relative item thresholds compared with US data do not require alteration to the cut-points for classification of 'food insecurity without hunger' or 'food insecurity with hunger'. The data provide further evidence that re-evaluation of the 'balanced meal' item is required.

  19. Global food and fibre security threatened by current inefficiencies in fungal identification

    Science.gov (United States)

    2016-01-01

    Fungal pathogens severely impact global food and fibre crop security. Fungal species that cause plant diseases have mostly been recognized based on their morphology. In general, morphological descriptions remain disconnected from crucially important knowledge such as mating types, host specificity, life cycle stages and population structures. The majority of current fungal species descriptions lack even the most basic genetic data that could address at least some of these issues. Such information is essential for accurate fungal identifications, to link critical metadata and to understand the real and potential impact of fungal pathogens on production and natural ecosystems. Because international trade in plant products and introduction of pathogens to new areas is likely to continue, the manner in which fungal pathogens are identified should urgently be reconsidered. The technologies that would provide appropriate information for biosecurity and quarantine already exist, yet the scientific community and the regulatory authorities are slow to embrace them. International agreements are urgently needed to enforce new guidelines for describing plant pathogenic fungi (including key DNA information), to ensure availability of relevant data and to modernize the phytosanitary systems that must deal with the risks relating to trade-associated plant pathogens. This article is part of the themed issue ‘Tackling emerging fungal threats to animal health, food security and ecosystem resilience’. PMID:28080994

  20. NS [Nuclear Safety] update. Current safety and security activities and developments taking place in the Department of Nuclear Safety and Security, Issue no. 10, March 2009

    International Nuclear Information System (INIS)

    2009-03-01

    The current issue contains information about the following meetings: Application of the Code of Conduct on the Safety of Research Reactors (the 'Code'). Environmental Modelling for Radiation Safety (EMRAS II); Convention on the Safety of Spent Fuel Management and on the Safety of Radioactive Waste Management (the Joint Convention). The document also gives an overview on International Nuclear Security Advisory Service (INSServ)

  1. NS [Nuclear Safety] update. Current safety and security activities and developments taking place in the Department of Nuclear Safety and Security, Issue no. 11, June 2009

    International Nuclear Information System (INIS)

    2009-06-01

    The current issue presents information about the following topics: Nuclear Safety Review for the Year 2008; Feedback from IRS Topical Studies and Events Applied to Safety Standards; Education and Training Programmes at the IAEA Department of Nuclear Safety and Security; Peer Review of Operational Safety Performance (PROSPER)

  2. Workshop on Current Issues in Predictive Approaches to Intelligence and Security Analytics: Fostering the Creation of Decision Advantage through Model Integration and Evaluation

    Energy Technology Data Exchange (ETDEWEB)

    Sanfilippo, Antonio P.

    2010-05-23

    The increasing asymmetric nature of threats to the security, health and sustainable growth of our society requires that anticipatory reasoning become an everyday activity. Currently, the use of anticipatory reasoning is hindered by the lack of systematic methods for combining knowledge- and evidence-based models, integrating modeling algorithms, and assessing model validity, accuracy and utility. The workshop addresses these gaps with the intent of fostering the creation of a community of interest on model integration and evaluation that may serve as an aggregation point for existing efforts and a launch pad for new approaches.

  3. Current fundamental science challenges in low temperature plasma science that impact energy security and international competitiveness

    Science.gov (United States)

    Hebner, Greg

    2010-11-01

    Products and consumer goods that utilize low temperature plasmas at some point in their creation touch and enrich our lives on almost a continuous basis. Examples are many but include the tremendous advances in microelectronics and the pervasive nature of the internet, advanced material coatings that increase the strength and reliability of products from turbine engines to potato chip bags, and the recent national emphasis on energy efficient lighting and compact fluorescent bulbs. Each of these products owes their contributions to energy security and international competiveness to fundamental research investments. However, it would be a mistake to believe that the great commercial success of these products implies a robust understanding of the complicated interactions inherent in plasma systems. Rather, current development of the next generation of low temperature plasma enabled products and processes is clearly exposing a new set of exciting scientific challenges that require leaps in fundamental understanding and interdisciplinary research teams. Emerging applications such as liquid-plasma systems to improve water quality and remediate hazardous chemicals, plasma-assisted combustion to increase energy efficiency and reduce emissions, and medical applications promise to improve our lives and the environment only if difficult science questions are solved. This talk will take a brief look back at the role of low temperature plasma science in enabling entirely new markets and then survey the next generation of emerging plasma applications. The emphasis will be on describing the key science questions and the opportunities for scientific cross cutting collaborations that underscore the need for increased outreach on the part of the plasma science community to improve visibility at the federal program level. This work is supported by the DOE, Office of Science for Fusion Energy Sciences, and Sandia National Laboratories, a multi-program laboratory managed and operated

  4. The DUNDRUM-1 structured professional judgment for triage to appropriate levels of therapeutic security: retrospective-cohort validation study.

    LENUS (Irish Health Repository)

    Flynn, Grainne

    2011-01-01

    The assessment of those presenting to prison in-reach and court diversion services and those referred for admission to mental health services is a triage decision, allocating the patient to the appropriate level of therapeutic security. This is a critical clinical decision. We set out to improve on unstructured clinical judgement. We collated qualitative information and devised an 11 item structured professional judgment instrument for this purpose then tested for validity.

  5. Current state in the research on electronic monitoring systems for the security and flow of objects and individuals

    Directory of Open Access Journals (Sweden)

    Man Dietrich Marcela

    2017-01-01

    Full Text Available This paper sets forth the current state of security systems in prisons from Romania and around the world, particularly aiming electronic systems of monitoring the flow of people, materials control and perimeter security, focusing on the research results concluded by motion detection tests and devices. The currently used systems were observed in order to put an analysis of the methodology together and implement and perfect these systems in protected areas. The protection of citizens must be performed to the extent that is allowed by the legislation.

  6. [Security Management in Clinical Laboratory Departments and Facilities: Current Status and Issues].

    Science.gov (United States)

    Ishida, Haku; Nakamura, Junji; Yoshida, Hiroshi; Koike, Masaru; Inoue, Yuji

    2014-11-01

    We conducted a questionnaire survey regarding the current activities for protecting patients' privacy and the security of information systems (IS) related to the clinical laboratory departments of university hospitals, certified training facilities for clinical laboratories, and general hospitals in Yamaguchi Prefecture. The response rate was 47% from 215 medical institutions, including three commercial clinical laboratory centers. The results showed that there were some differences in management activities among facilities with respect to continuing education, the documentation or regulation of operational management for paper records, electronic information, remaining samples, genetic testing, and laboratory information for secondary use. They were suggested to be caused by differences in functions between university and general hospitals, differences in the scale of hospitals, or whether or not hospitals have received accreditation or ISO 15189. Regarding the IS, although the majority of facilities had sufficiently employed the access control to IS, there was some room for improvement in the management of special cases such as VIPs and patients with HIV infection. Furthermore, there were issues regarding the login method for computers shared by multiple staff, the showing of the names of personnel in charge of reports, and the risks associated with direct connections to systems and the Internet and the use of portable media such as USB memory sticks. These results indicated that further efforts are necessary for each facility to continue self-assessment and make improvements.

  7. Current state of commercial radiation detection equipment for homeland security applications

    International Nuclear Information System (INIS)

    Klann, R.T.; Shergur, J.; Mattesich, G.

    2009-01-01

    With the creation of the U.S. Department of Homeland Security (DHS) came the increased concern that terrorist groups would attempt to manufacture and use an improvised nuclear device or radiological dispersal device. As such, a primary mission of DHS is to protect the public against the use of these devices and to assist state and local responders in finding, locating, and identifying these types of devices and materials used to manufacture these devices. This assistance from DHS to state and local responders comes in the form of grant money to procure radiation detection equipment. In addition to this grant program, DHS has supported the development of American National Standards Institute standards for radiation detection equipment and has conducted testing of commercially available instruments. This paper identifies the types and kinds of commercially available equipment that can be used to detect and identify radiological material - for use in traditional search applications as well as primary and secondary screening of personnel, vehicles, and cargo containers. In doing so, key considerations for the conduct of operations are described as well as critical features of the instruments for specific applications. The current state of commercial instruments is described for different categories of detection equipment including personal radiation detectors, radioisotope identifiers, man-portable detection equipment, and radiation portal monitors. In addition, emerging technologies are also discussed, such as spectroscopic detectors and advanced spectroscopic portal monitors

  8. Construct validity-Current issues and recommendations for future hand hygiene research.

    Science.gov (United States)

    Neo, Jun Rong Jeffrey

    2017-05-01

    Health care-associated infection is a leading cause of morbidity and mortality. Hand hygiene is widely regarded as an effective prevention strategy. Often, hand hygiene research is designed and conducted by health care practitioners who may lack formal training in research methods, particularly in the area of social science. In a research context, a construct is a concept that can be measured or observed in some way. A construct can be directly or indirectly measured. For example, height can be directly measured by centimeters, whereas depression can be indirectly measured by a scale of 20 items. Every construct needs to be operationalized by measure(s) to make it a variable. Hence, construct validity refers to the degree of fit between the construct of interest and its operational measure. However, issues with construct validity often weaken the translation from construct to measure(s). This article will (1) describe the common threats to construct validity pertaining to hand hygiene research, (2) identify practical limitations in current research design, and (3) provide recommendations to improve construct validity in future hand hygiene research. By understanding how construct validity may affect hand hygiene research design, there is great potential to improve the validity of future hand hygiene research findings. Copyright © 2017 Association for Professionals in Infection Control and Epidemiology, Inc. Published by Elsevier Inc. All rights reserved.

  9. Ensuring energy security in ASEAN countries: Current trends and major challenges

    Science.gov (United States)

    Senderov, Sergey; Vorobev, Sergey

    2018-01-01

    The paper discusses the issues of formation of future challenges to energy security of the ASEAN countries in the period up to 2035. The article gives examples of strategic threats to the energy security of Russia. The opportunities to meet future demand for primary energy for individual countries of ASEAN and the whole region are discussed.

  10. Reducing food wastage, improving food security? An inventory study on stakeholders’ perspectives and the current state

    NARCIS (Netherlands)

    Tielens, J.; Candel, J.J.L.

    2014-01-01

    This study is concerned with the relation between food wastage reduction and the improvement of food security. The central question of this inventory study is to what extent interventions to reduce food wastage are effective contributions for food security, in particular for local access in

  11. Recent Advances in Simulation of Eddy Current Testing of Tubes and Experimental Validations

    Science.gov (United States)

    Reboud, C.; Prémel, D.; Lesselier, D.; Bisiaux, B.

    2007-03-01

    Eddy current testing (ECT) is widely used in iron and steel industry for the inspection of tubes during manufacturing. A collaboration between CEA and the Vallourec Research Center led to the development of new numerical functionalities dedicated to the simulation of ECT of non-magnetic tubes by external probes. The achievement of experimental validations led us to the integration of these models into the CIVA platform. Modeling approach and validation results are discussed here. A new numerical scheme is also proposed in order to improve the accuracy of the model.

  12. Towards Formal Validation of Trust and Security of the Internet of Services

    DEFF Research Database (Denmark)

    Carbone, Roberto; Minea, Marius; Mödersheim, Sebastian Alexander

    2011-01-01

    Service designers and developers, while striving to meet the requirements posed by application scenarios, have a hard time to assess the trust and security impact of an option, a minor change, a combination of functionalities, etc., due to the subtle and unforeseeable situations and behaviors...... techniques to efficiently tackle industrial-size problems. The formal verification of trust and security of the Internet of Services will significantly boost its development and public acceptance....

  13. Shared Solar: Current Landscape, Market Potential, and the Impact of Federal Securities Regulation; NREL (National Renewable Energy Laboratory)

    Energy Technology Data Exchange (ETDEWEB)

    None

    2015-05-27

    This presentation provides a high-level overview of the current U.S. shared solar landscape, the impact that a given shared solar program's structure has on requiring federal securities oversight, as well as an estimate of market potential for U.S. shared solar deployment.

  14. Studies in Income Distribution. Estimation of Social Security Taxes on the March Current Population Survey. No. 4.

    Science.gov (United States)

    Bridges, Benjamin, Jr.; Johnston, Mary P.

    The impact of the tax-transfer system on the distribution of income among economic units is the subject of a number of studies by the Office of Research and Statistics of the Social Security Administration. One of the most important data sources for the work is the Census Bureau's March Current Population Survey (CPS). To conduct such studies, the…

  15. Validation Test Results for Orthogonal Probe Eddy Current Thruster Inspection System

    Science.gov (United States)

    Wincheski, Russell A.

    2007-01-01

    Recent nondestructive evaluation efforts within NASA have focused on an inspection system for the detection of intergranular cracking originating in the relief radius of Primary Reaction Control System (PCRS) Thrusters. Of particular concern is deep cracking in this area which could lead to combustion leakage in the event of through wall cracking from the relief radius into an acoustic cavity of the combustion chamber. In order to reliably detect such defects while ensuring minimal false positives during inspection, the Orthogonal Probe Eddy Current (OPEC) system has been developed and an extensive validation study performed. This report describes the validation procedure, sample set, and inspection results as well as comparing validation flaws with the response from naturally occuring damage.

  16. NS [Nuclear Safety] update. Current safety and security activities and developments taking place in the Department of Nuclear Safety and Security, Issue no. 8, September 2008

    International Nuclear Information System (INIS)

    2008-09-01

    The current issue presents information about the following activities: 1) International Workshops on Denial of Shipments raise awareness of suppliers, recipients, regulators, carriers/consignors and international organizations of the problems relating to denials of radioactive shipments to determine effective measures to prevent or reduce the instances of shipment denials and delays. 2) Communication and knowledge Management in the Department of Nuclear Safety and Security (NS). 3) Nuclear Security at the Beijing Olympics - an excellent example of the IAEA's work in protecting large scale public events. 4) The Incident and Emergency Centre's Participation in the ConvEx 3 Exercise, 9-10 July 2008, which took place at the Laguna Verde nuclear power plant in Mexico. During the 43 hour long exercise, the Incident and Emergency Centre (IEC) was fully activated. Staff members participating in the exercise represented different departments within the IAEA and the diversity of their knowledge and experience ensured an effective response

  17. Global food and fibre security threatened by current inefficiencies in fungal identification

    NARCIS (Netherlands)

    Crous, Pedro W.; Groenewald, Johannes Z.; Slippers, Bernard; Wingfield, Michael J.

    2016-01-01

    Fungal pathogens severely impact global food and fibre crop security. Fungal species that cause plant diseases have mostly been recognized based on their morphology. In general, morphological descriptions remain disconnected from crucially important knowledge such as mating types, host specificity,

  18. The DUNDRUM-1 structured professional judgment for triage to appropriate levels of therapeutic security: retrospective-cohort validation study

    Directory of Open Access Journals (Sweden)

    O'Neill Conor

    2011-03-01

    Full Text Available Abstract Background The assessment of those presenting to prison in-reach and court diversion services and those referred for admission to mental health services is a triage decision, allocating the patient to the appropriate level of therapeutic security. This is a critical clinical decision. We set out to improve on unstructured clinical judgement. We collated qualitative information and devised an 11 item structured professional judgment instrument for this purpose then tested for validity. Methods All those assessed following screening over a three month period at a busy remand committals prison (n = 246 were rated in a retrospective cohort design blind to outcome. Similarly, all those admitted to a mental health service from the same prison in-reach service over an overlapping two year period were rated blind to outcome (n = 100. Results The 11 item scale had good internal consistency (Cronbach's alpha = 0.95 and inter-rater reliability. The scale score did not correlate with the HCR-20 'historical' score. For the three month sample, the receiver operating characteristic area under the curve (AUC for those admitted to hospital was 0.893 (95% confidence interval 0.843 to 0.943. For the two year sample, AUC distinguished at each level between those admitted to open wards, low secure units or a medium/high secure service. Open wards v low secure units AUC = 0.805 (95% CI 0.680 to 0.930; low secure v medium/high secure AUC = 0.866, (95% CI 0.784 to 0.949. Item to outcome correlations were significant for all 11 items. Conclusions The DUNDRUM-1 triage security scale and its items performed to criterion levels when tested against the real world outcome. This instrument can be used to ensure consistency in decision making when deciding who to admit to secure forensic hospitals. It can also be used to benchmark admission thresholds between services and jurisdictions. In this study we found some divergence between assessed need and actual placement

  19. The DUNDRUM-1 structured professional judgment for triage to appropriate levels of therapeutic security: retrospective-cohort validation study

    Science.gov (United States)

    2011-01-01

    Background The assessment of those presenting to prison in-reach and court diversion services and those referred for admission to mental health services is a triage decision, allocating the patient to the appropriate level of therapeutic security. This is a critical clinical decision. We set out to improve on unstructured clinical judgement. We collated qualitative information and devised an 11 item structured professional judgment instrument for this purpose then tested for validity. Methods All those assessed following screening over a three month period at a busy remand committals prison (n = 246) were rated in a retrospective cohort design blind to outcome. Similarly, all those admitted to a mental health service from the same prison in-reach service over an overlapping two year period were rated blind to outcome (n = 100). Results The 11 item scale had good internal consistency (Cronbach's alpha = 0.95) and inter-rater reliability. The scale score did not correlate with the HCR-20 'historical' score. For the three month sample, the receiver operating characteristic area under the curve (AUC) for those admitted to hospital was 0.893 (95% confidence interval 0.843 to 0.943). For the two year sample, AUC distinguished at each level between those admitted to open wards, low secure units or a medium/high secure service. Open wards v low secure units AUC = 0.805 (95% CI 0.680 to 0.930); low secure v medium/high secure AUC = 0.866, (95% CI 0.784 to 0.949). Item to outcome correlations were significant for all 11 items. Conclusions The DUNDRUM-1 triage security scale and its items performed to criterion levels when tested against the real world outcome. This instrument can be used to ensure consistency in decision making when deciding who to admit to secure forensic hospitals. It can also be used to benchmark admission thresholds between services and jurisdictions. In this study we found some divergence between assessed need and actual placement. This provides fertile

  20. Formal Specification and Validation of Secure Connection Establishment in a Generic Access Network Scenario

    DEFF Research Database (Denmark)

    Fleischer, Paul; Kristensen, Lars Michael

    2008-01-01

    The Generic Access Network (GAN) architecture is defined by the 3rd Generation Partnership Project (3GPP), and allows telephone services, such as SMS and voice-calls, to be accessed via generic IP networks. The main usage of this is to allow mobile phones to use WiFi in addition to the usual GSM...... network. The GAN specification relies on the Internet Protocol Security layer (IPSec) and the Internet Key Exchange protocol (IKEv2) to provide encryption across IP networks, and thus avoid compromising the security of the telephone networks. The detailed usage of these two Internet protocols (IPSec...

  1. Effective Electronic Security: Process for the Development and Validation from Requirements to Testing

    Science.gov (United States)

    2013-06-01

    ABBREVIATIONS ANSI American National Standards Institute ASIS American Society of Industrial Security CCTV Closed Circuit Television CONOPS...is globally recognized for the development and maintenance of standards. ASTM defines a specification as an explicit set of requirements...www.rkb.us/saver/. One of the SAVER reports titled CCTV Technology Handbook has a chapter on system design. The report uses terms like functional

  2. Fit for purpose? Validation of a conceptual framework for personal recovery with current mental health consumers.

    Science.gov (United States)

    Bird, Victoria; Leamy, Mary; Tew, Jerry; Le Boutillier, Clair; Williams, Julie; Slade, Mike

    2014-07-01

    Mental health services in the UK, Australia and other Anglophone countries have moved towards supporting personal recovery as a primary orientation. To provide an empirically grounded foundation to identify and evaluate recovery-oriented interventions, we previously published a conceptual framework of personal recovery based on a systematic review and narrative synthesis of existing models. Our objective was to test the validity and relevance of this framework for people currently using mental health services. Seven focus groups were conducted with 48 current mental health consumers in three NHS trusts across England, as part of the REFOCUS Trial. Consumers were asked about the meaning and their experience of personal recovery. Deductive and inductive thematic analysis applying a constant comparison approach was used to analyse the data. The analysis aimed to explore the validity of the categories within the conceptual framework, and to highlight any areas of difference between the conceptual framework and the themes generated from new data collected from the focus groups. Both the inductive and deductive analysis broadly validated the conceptual framework, with the super-ordinate categories Connectedness, Hope and optimism, Identity, Meaning and purpose, and Empowerment (CHIME) evident in the analysis. Three areas of difference were, however, apparent in the inductive analysis. These included practical support; a greater emphasis on issues around diagnosis and medication; and scepticism surrounding recovery. This study suggests that the conceptual framework of personal recovery provides a defensible theoretical base for clinical and research purposes which is valid for use with current consumers. However, the three areas of difference further stress the individual nature of recovery and the need for an understanding of the population and context under investigation. © The Royal Australian and New Zealand College of Psychiatrists 2014.

  3. Current status of validation for robotic surgery simulators - a systematic review.

    Science.gov (United States)

    Abboudi, Hamid; Khan, Mohammed S; Aboumarzouk, Omar; Guru, Khurshid A; Challacombe, Ben; Dasgupta, Prokar; Ahmed, Kamran

    2013-02-01

    To analyse studies validating the effectiveness of robotic surgery simulators. The MEDLINE(®), EMBASE(®) and PsycINFO(®) databases were systematically searched until September 2011. References from retrieved articles were reviewed to broaden the search. The simulator name, training tasks, participant level, training duration and evaluation scoring were extracted from each study. We also extracted data on feasibility, validity, cost-effectiveness, reliability and educational impact. We identified 19 studies investigating simulation options in robotic surgery. There are five different robotic surgery simulation platforms available on the market. In all, 11 studies sought opinion and compared performance between two different groups; 'expert' and 'novice'. Experts ranged in experience from 21-2200 robotic cases. The novice groups consisted of participants with no prior experience on a robotic platform and were often medical students or junior doctors. The Mimic dV-Trainer(®), ProMIS(®), SimSurgery Educational Platform(®) (SEP) and Intuitive systems have shown face, content and construct validity. The Robotic Surgical SimulatorTM system has only been face and content validated. All of the simulators except SEP have shown educational impact. Feasibility and cost-effectiveness of simulation systems was not evaluated in any trial. Virtual reality simulators were shown to be effective training tools for junior trainees. Simulation training holds the greatest potential to be used as an adjunct to traditional training methods to equip the next generation of robotic surgeons with the skills required to operate safely. However, current simulation models have only been validated in small studies. There is no evidence to suggest one type of simulator provides more effective training than any other. More research is needed to validate simulated environments further and investigate the effectiveness of animal and cadaveric training in robotic surgery. © 2012 BJU

  4. NS [Nuclear Safety] update. Current safety and security activities and developments taking place in the Department of Nuclear Safety and Security, Issue no. 15, February 2011

    International Nuclear Information System (INIS)

    2011-02-01

    The current issue presents information about the following topics: Supporting radiation protection in medicine. Wano's pre-startup support. One stop for incident and emergency communications. Emergency preparedness in IAEA Member States. Sophisticated On-Site Nuclide Identification (RanidSONNI). Over land, sea and air: safe and secure transport of radioactive material. INES at 20: Success from simplicity. IAEA and Ibero-American Forum - strengthening ties. Highlights of the 54th IAEA General Conference, 20-24 September 2010. Highlights of the International conference on Challenges faced by TSOs. Department of Nuclear Safety programme highlights

  5. Threats to the National Economic Security of Ukraine at the Current Stage

    Directory of Open Access Journals (Sweden)

    Kuharskaya Natalia A.

    2017-04-01

    Full Text Available It is substantiated that the most important factor of the national economic security of the country is to match both the economic and the industrial relations systems to the economic development of the country. The article provides detailed consideration of the particularities of occurrence of threats to the national economic security of Ukraine by allocating seven major structural blocks, in which threats were not overcome during the years of independence, and some of them even became intensified: 1 institutional sphere; 2 social sphere; 3 financial sphere; 4 shadowing and corruptness of economy; 5 a high level of physical wear and tear of fixed assets and of the production infrastructure; 6 de-industrialization of economy; 7 innovative development. The main components of the national economic security, which would assist in overcoming these threats, have been developed.

  6. Evaluation and field validation of Eddy-Current array probes for steam generator tube inspection

    International Nuclear Information System (INIS)

    Dodd, C.V.; Pate, J.R.

    1996-07-01

    The objective of the Improved Eddy-Current ISI for Steam Generator Tubing program is to upgrade and validate eddy-current inspections, including probes, instrumentation, and data processing techniques for inservice inspection of new, used, and repaired steam generator tubes; to improve defect detection, classification, and characterization as affected by diameter and thickness variations, denting, probe wobble, tube sheet, tube supports, copper and sludge deposits, even when defect types and other variables occur in combination; to transfer this advanced technology to NRC's mobile NDE laboratory and staff. This report describes the design of specialized high-speed 16-coil eddy-current array probes. Both pancake and reflection coils are considered. Test results from inspections using the probes in working steam generators are given. Computer programs developed for probe calculations are also supplied

  7. Validation of streamflow measurements made with M9 and RiverRay acoustic Doppler current profilers

    Science.gov (United States)

    Boldt, Justin A.; Oberg, Kevin A.

    2015-01-01

    The U.S. Geological Survey (USGS) Office of Surface Water (OSW) previously validated the use of Teledyne RD Instruments (TRDI) Rio Grande (in 2007), StreamPro (in 2006), and Broadband (in 1996) acoustic Doppler current profilers (ADCPs) for streamflow (discharge) measurements made by the USGS. Two new ADCPs, the SonTek M9 and the TRDI RiverRay, were first used in the USGS Water Mission Area programs in 2009. Since 2009, the OSW and USGS Water Science Centers (WSCs) have been conducting field measurements as part of their stream-gaging program using these ADCPs. The purpose of this paper is to document the results of USGS OSW analyses for validation of M9 and RiverRay ADCP streamflow measurements. The OSW required each participating WSC to make comparison measurements over the range of operating conditions in which the instruments were used until sufficient measurements were available. The performance of these ADCPs was evaluated for validation and to identify any present and potential problems. Statistical analyses of streamflow measurements indicate that measurements made with the SonTek M9 ADCP using firmware 2.00–3.00 or the TRDI RiverRay ADCP using firmware 44.12–44.15 are unbiased, and therefore, can continue to be used to make streamflow measurements in the USGS stream-gaging program. However, for the M9 ADCP, there are some important issues to be considered in making future measurements. Possible future work may include additional validation of streamflow measurements made with these instruments from other locations in the United States and measurement validation using updated firmware and software.

  8. European Security and Defense Policy (ESDP) After Ten Years - Current Situation and Perspectives

    Science.gov (United States)

    2010-01-01

    Reconnaissance and Observation ( MUSIS ), enhancement of the use of the EU Satellite-Center (EUSC), enhancement of Unmanned Armed Vehicles (UAV), Maritime Mine...stipulated by the capability declaration of 2008, are within the responsibility of the agency. Specific capabilities initiatives, such as the MUSIS ...Product ISAF = International Security Assistance Force KFOR = NATO Kosovo Force MUSIS = Multinational Space-Based Imaging System for Surveillance

  9. Assessing the internal validity of a household survey-based food security measure adapted for use in Iran

    Directory of Open Access Journals (Sweden)

    Sadeghizadeh Atefeh

    2009-06-01

    Full Text Available Abstract Background The prevalence of food insecurity is an indicator of material well-being in an area of basic need. The U.S. Food Security Module has been adapted for use in a wide variety of cultural and linguistic settings around the world. We assessed the internal validity of the adapted U.S. Household Food Security Survey Module to measure adult and child food insecurity in Isfahan, Iran, using statistical methods based on the Rasch measurement model. Methods The U.S. Household Food Security Survey Module was translated into Farsi and after adaptation, administered to a representative sample. Data were provided by 2,004 randomly selected households from all sectors of the population of Isfahan, Iran, during 2005. Results 53.1 percent reported that their food had run out at some time during the previous 12 months and they did not have money to buy more, while 26.7 percent reported that an adult had cut the size of a meal or skipped a meal because there was not enough money for food, and 7.2 percent reported that an adult did not eat for a whole day because there was not enough money for food. The severity of the items in the adult scale, estimated under Rasch-model assumptions, covered a range of 6.65 logistic units, and those in the child scale 11.68 logistic units. Most Item-infit statistics were near unity, and none exceeded 1.20. Conclusion The range of severity of items provides measurement coverage across a wide range of severity of food insecurity for both adults and children. Both scales demonstrated acceptable levels of internal validity, although several items should be improved. The similarity of the response patterns in the Isfahan and the U.S. suggests that food insecurity is experienced, managed, and described similarly in the two countries.

  10. Algorithm Validation of the Current Profile Reconstruction of EAST Based on Polarimeter/Interferometer

    International Nuclear Information System (INIS)

    Qian Jinping; Ren Qilong; Wan Baonian; Liu Haiqin; Zeng Long; Luo Zhengping; Chen Dalong; Shi Tonghui; Sun Youwen; Shen Biao; Xiao Bingjia; Lao, L. L.; Hanada, K.

    2015-01-01

    The method of plasma current profile reconstruction using the polarimeter/interferometer (POINT) data from a simulated equilibrium is explored and validated. It is shown that the safety factor (q) profile can be generally reconstructed from the external magnetic and POINT data. The reconstructed q profile is found to reasonably agree with the initial equilibriums. Comparisons of reconstructed q and density profiles using the magnetic data and the POINT data with 3%, 5% and 10% random errors are investigated. The result shows that the POINT data could be used to a reasonably accurate determination of the q profile. (fusion engineering)

  11. Uncertainty estimates of purity measurements based on current information: toward a "live validation" of purity methods.

    Science.gov (United States)

    Apostol, Izydor; Kelner, Drew; Jiang, Xinzhao Grace; Huang, Gang; Wypych, Jette; Zhang, Xin; Gastwirt, Jessica; Chen, Kenneth; Fodor, Szilan; Hapuarachchi, Suminda; Meriage, Dave; Ye, Frank; Poppe, Leszek; Szpankowski, Wojciech

    2012-12-01

    To predict precision and other performance characteristics of chromatographic purity methods, which represent the most widely used form of analysis in the biopharmaceutical industry. We have conducted a comprehensive survey of purity methods, and show that all performance characteristics fall within narrow measurement ranges. This observation was used to develop a model called Uncertainty Based on Current Information (UBCI), which expresses these performance characteristics as a function of the signal and noise levels, hardware specifications, and software settings. We applied the UCBI model to assess the uncertainty of purity measurements, and compared the results to those from conventional qualification. We demonstrated that the UBCI model is suitable to dynamically assess method performance characteristics, based on information extracted from individual chromatograms. The model provides an opportunity for streamlining qualification and validation studies by implementing a "live validation" of test results utilizing UBCI as a concurrent assessment of measurement uncertainty. Therefore, UBCI can potentially mitigate the challenges associated with laborious conventional method validation and facilitates the introduction of more advanced analytical technologies during the method lifecycle.

  12. Household food security in Isfahan based on current population survey adapted questionnaire

    Directory of Open Access Journals (Sweden)

    Morteza Rafiei

    2013-01-01

    Full Text Available Background: Food security is a state in which all people at every time have physical and economic access to adequate food to obviate nutritional needs and live a healthy and active life. Therefore, this study was performed to quantitatively evaluate the household food security in Esfahan using the localized version of US Household Food Security Survey Module (US HFSSM. Methods: This descriptive cross-sectional study was performed in year 2006 on 3000 households of Esfahan. The study instrument used in this work is 18-item US food security module, which is developed into a localized 15-item questionnaire. This study is performed in two stages of families with no children (under 18 years old and families with children over 18 years old. Results: The results showed that item severity coefficient, ratio of responses given by households and item infit and outfit coefficient in adult′s and children′s questionnaire respectively. According to obtained data, scale score of +3 in adults group is described as determination limit of slight food insecurity and +6 is stated as the limit for severe food insecurity. For children′s group, scale score of +2 is defined to be the limit of slight food insecurity and +5 is the determination limit of severe food insecurity. Conclusions: The main hypothesis of this survey analysis is based on the raw scale score of USFSSM The item of "lack of enough money for buying food" (item 2 and the item of "lack of balanced meal" (3 rd item have the lowest severity coefficient. Then, the ascending rate of item severity continues in first item, 4 th item and keeps increasing into 10 th item.

  13. The impact of climate change on food security in South Africa: Current realities and challenges ahead

    Directory of Open Access Journals (Sweden)

    Tshepo S. Masipa

    2017-08-01

    Full Text Available This article aims to examine the impact of climate change on food security in South Africa. For this purpose, the article adopted a desktop study approach. Previous studies, reports, surveys and policies on climate change and food (insecurity. From this paper’s analysis, climate change presents a high risk to food security in sub-Saharan countries from crop production to food distribution and consumption. In light of this, it is found that climate change, particularly global warming, affects food security through food availability, accessibility, utilisation and affordability. To mitigate these risks, there is a need for an integrated policy approach to protect the arable land against global warming. The argument advanced in this article is that South Africa’s ability to adapt and protect its food items depends on the understanding of risks and the vulnerability of various food items to climate change. However, this poses a challenge in developing countries, including South Africa, because such countries have weak institutions and limited access to technology. Another concern is a wide gap between the cost of adapting and the necessary financial support from the government. There is also a need to invest in technologies that will resist risks on food systems.

  14. A Secure Localization Approach Using Mutual Authentication and Insider Node Validation in Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Gulshan Kumar

    2017-01-01

    Full Text Available Localization is a concerning issue in the applications of wireless sensor networks. Along with the accuracy of the location estimation of the sensor nodes, the security of the estimation is another priority. Wireless sensor networks often face various attacks where the attackers try to manipulate the estimated location or try to provide false beacons. In this paper, we have proposed a methodology that will address this problem of security aspects in localization of the sensor nodes. Moreover, we have considered the network environment with random node deployment and mobility as these two conditions are less addressed in previous research works. Further, our proposed algorithm provides low overhead due to the usage of less control messages in a limited transmission range. In addition, we have also proposed an algorithm to detect the malicious anchor nodes inside the network. The simulated results show that our proposed algorithm is efficient in terms of time consumption, localization accuracy, and localization ratio in the presence of malicious nodes.

  15. Validation of a Residual Stress Measurement Method by Swept High-Frequency Eddy Currents

    International Nuclear Information System (INIS)

    Lee, C.; Shen, Y.; Lo, C. C. H.; Nakagawa, N.

    2007-01-01

    This paper reports on a swept high-frequency eddy current (SHFEC) measurement method developed for electromagnetic nondestructive characterization of residual stresses in shot peened aerospace materials. In this approach, we regard shot-peened surfaces as modified surface layers of varying conductivity, and determine the conductivity deviation profile by inversion of the SHFEC data. The SHFEC measurement system consists of a pair of closely matched printed-circuit-board coils driven by laboratory instrument under software control. This provides improved sensitivity and high frequency performance compared to conventional coils, so that swept frequency EC measurements up to 50 MHz can be made to achieve the smallest skin depth of 80 μm for nickel-based superalloys. We devised a conductivity profile inversion procedure based on the laterally uniform multi-layer theory of Cheng, Dodd and Deeds. The main contribution of this paper is the methodology validation. Namely, the forward and inverse models were validated against measurements on artificial layer specimens consisting of metal films with different conductivities placed on a metallic substrate. The inversion determined the film conductivities which were found to agree with those measured using the direct current potential drop (DCPD) method

  16. Validation of a Residual Stress Measurement Method by Swept High-Frequency Eddy Currents

    Science.gov (United States)

    Lee, C.; Shen, Y.; Lo, C. C. H.; Nakagawa, N.

    2007-03-01

    This paper reports on a swept high-frequency eddy current (SHFEC) measurement method developed for electromagnetic nondestructive characterization of residual stresses in shot peened aerospace materials. In this approach, we regard shot-peened surfaces as modified surface layers of varying conductivity, and determine the conductivity deviation profile by inversion of the SHFEC data. The SHFEC measurement system consists of a pair of closely matched printed-circuit-board coils driven by laboratory instrument under software control. This provides improved sensitivity and high frequency performance compared to conventional coils, so that swept frequency EC measurements up to 50 MHz can be made to achieve the smallest skin depth of 80 μm for nickel-based superalloys. We devised a conductivity profile inversion procedure based on the laterally uniform multi-layer theory of Cheng, Dodd and Deeds. The main contribution of this paper is the methodology validation. Namely, the forward and inverse models were validated against measurements on artificial layer specimens consisting of metal films with different conductivities placed on a metallic substrate. The inversion determined the film conductivities which were found to agree with those measured using the direct current potential drop (DCPD) method.

  17. Cross-cultural adaptation and validation of the Behcet's Disease Current Activity Form in Korea.

    Science.gov (United States)

    Choi, Hyo Jin; Seo, Mi Ryoung; Ryu, Hee Jung; Baek, Han Joo

    2015-09-01

    This study was undertaken to perform a cross-cultural adaptation of the Behcet's Disease Current Activity Form (BDCAF, version 2006) questionnaire to the Korean language and to evaluate its reliability and validity in a population of Korean patients with Behcet's disease (BD). A cross-cultural study was conducted among patients with BD who attended our rheumatology clinic between November 2012 and March 2013. There were 11 males and 35 females in the group. The mean age of the participants was 48.5 years and the mean disease duration was 6.4 years. The first BDCAF questionnaire was completed on arrival and the second assessment was performed 20 minutes later by a different physician. The test-retest reliability was analyzed by computing κ statistics. Kappa scores of > 0.6 indicated a good agreement. To assess the validity, we compared the total BDCAF score with the patient's/clinician's perception of disease activity and the Korean version of the Behcet's Disease Quality of Life (BDQOL). For the test-retest reliability, good agreements were achieved on items such as headache, oral/genital ulceration, erythema, skin pustules, arthralgia, nausea/vomiting/abdominal pain, and diarrhea with altered/frank blood per rectum. Moderate agreement was observed for eye and nervous system involvement. We achieved a fair agreement for arthritis and major vessel involvement. Significant correlations were obtained between the total BDCAF score with the BDQOL and the patient's/clinician's perception of disease activity p < 0.05). The Korean version of the BDCAF is a reliable and valid instrument for measuring current disease activity in Korean BD patients.

  18. NS [Nuclear Safety] update. Current safety and security activities and developments taking place in the Department of Nuclear Safety and Security, Issue no. 9, December 2008

    International Nuclear Information System (INIS)

    2008-12-01

    The current issue presents information about the following activities: 1) IRRS Lessons Learned Workshop held on 3-5 November 2008, Seville. The main purpose of the workshop was to provide information to interested Member States regarding the IRRS, to discuss their experiences and lessons learned from the regulatory review conducted at the CSN and to explore further improvements in the planning and implementation of the IRRS, including the establishment of a network of experts from regulatory authorities. 2) Highlights of the 52 General Conference. 3) The 2008 IAEA General Conference welcomed the endorsement of the new International Nuclear and Radiological Event Scale (INES) User's Manual. 4) Safety and Security Infrastructure for Countries Embarking on Nuclear Power Programmes

  19. Social Security reform: evaluating current proposals. Latest results of the EBRI-SSASIM2 policy simulation model.

    Science.gov (United States)

    Copeland, C; VanDerhei, J; Salisbury, D L

    1999-06-01

    The present Social Security program has been shown to be financially unsustainable in the future without modification to the current program. The purpose of this Issue Brief, EBRI's fourth in a series on Social Security reform, is threefold: to illustrate new features of the EBRI-SSASIM2 policy simulation model not available in earlier EBRI publications, to expand quantitative analysis to specific proposals, and to evaluate the uncertainty involved in proposals that rely on equity investment. This analysis compares the Gregg/Breaux-Kolbe/Stenholm (GB-KS) and Moynihan/Kerrey proposals with three generic or "traditional" reforms: increasing taxes, reducing benefits, and/or increasing the retirement age. Both proposals would create individual accounts by "carving out" funds from current Social Security payroll taxes. This analysis also examines other proposed changes that would "add on" to existing Social Security funds through the use of general revenue transfers and/or investment in the equities market. President Clinton has proposed a general revenue transfer and the collective investment of some of the OASDI trust fund assets in equities. Reps. Archer and Shaw have proposed a general revenue tax credit to establish individual accounts that would be invested partially in the equities markets. When comparing Social Security reform proposals that would specifically alter benefit levels, the Moynihan/Kerrey bill compares quite favorably with the other proposals in both benefit levels and payback ratios, when individuals elect to use the individual account option. In contrast, the GB-KS bills do not compare quite as favorably for their benefit levels, but do compare favorably in terms of payback ratios. An important comparison in these bills is the administrative costs of managing the individual accounts, since benefits can be lowered by up to 23 percent when going from the assumed low to high administrative costs. Moreover, allowing individuals to decide whether to

  20. Regulatory Framework and Current Practices of the Radioactive Material Safe and Secure Transport in Albania

    International Nuclear Information System (INIS)

    Dollani, K.; Grillo, B.; Telhaj, E.

    2016-01-01

    Attempts for the establishing of a safe and secure radioactive material transport in Albania began a decade ago with formulation of the different regulation in the field of safe and secure handling of the radioactive materials. In 2004 a special regulation for the safe transport of radioactive material was prepared and approved by the National Radiation Protection Commission). This regulation has been based in the IAEA standards for the radioactive material transport and was reviewed periodically. The last regulation of the radioactive material transport was approved by Albanian government through a governmental ordinance. The transport of the radioactive material in Albania is performed by licensed subjects, which fulfill all requirements of the mentioned governmental ordinance. Based in the existing regulation, for each transport of radioactive material, a special permission is issued by NRPC. The issuing of permission allows competent authority to provide necessary information on transport regularity and to have under survey all transports of the radioactive material carried out inside the country. Last year were issued more than 80 permissions for the transport of the different types and categories of the radioactive sources. (author)

  1. Wireless networking for the dental office: current wireless standards and security protocols.

    Science.gov (United States)

    Mupparapu, Muralidhar; Arora, Sarika

    2004-11-15

    Digital radiography has gained immense popularity in dentistry today in spite of the early difficulty for the profession to embrace the technology. The transition from film to digital has been happening at a faster pace in the fields of Orthodontics, Oral Surgery, Endodontics, Periodontics, and other specialties where the radiographic images (periapical, bitewing, panoramic, cephalometric, and skull radiographs) are being acquired digitally, stored within a server locally, and eventually accessed for diagnostic purposes, along with the rest of the patient data via the patient management software (PMS). A review of the literature shows the diagnostic performance of digital radiography is at least comparable to or even better than that of conventional radiography. Similarly, other digital diagnostic tools like caries detectors, cephalometric analysis software, and digital scanners were used for many years for the diagnosis and treatment planning purposes. The introduction of wireless charged-coupled device (CCD) sensors in early 2004 (Schick Technologies, Long Island City, NY) has moved digital radiography a step further into the wireless era. As with any emerging technology, there are concerns that should be looked into before adapting to the wireless environment. Foremost is the network security involved in the installation and usage of these wireless networks. This article deals with the existing standards and choices in wireless technologies that are available for implementation within a contemporary dental office. The network security protocols that protect the patient data and boost the efficiency of modern day dental clinics are enumerated.

  2. MIGRATORY THREATS TO NATIONAL SECURITY OF UKRAINE: CURRENT CHALLENGES AND WAYS OF REGULATION

    Directory of Open Access Journals (Sweden)

    Mychailo Romaniuk

    2016-11-01

    Full Text Available The purpose of the article is to disclose the migratory threats which are connected with external and mass internal inter-regional migrations, which are caused by the annexation of the Crimea and military aggression in Donbas by Russia. Methodological and practical aspects of improving the management of intensive interstate and inter-regional migratory processes, negative consequences of which threaten national security of the country because of hybrid war in Donbas, illegal migration, worsening of the demographic situation, departure of scientists and specialists abroad are described in the article too. The main strategic objective, which consists of maintenance of state sovereignty, territorial integrity of Ukraine, and also integration in European and migratory space, ensuring close to the world standards of quality and length of life, realization of rights and freedoms of citizens, is formulated. Actions and tasks of the state migratory policy, ways and methods of regulation of external migrations of the population are considered. Principal reasons of external migrations of population are identified and analysed. The inwardly-regional, interregional and intergovernmental migrations of population of Ukraine in the years of its state independence (1991- 2014 are analyzed in details. The results of analysis showed that migratory activity goes down on inwardly-regional and interregional levels. Also intensity of exchange of population went down between the regions of country. At the same time Ukraine for years state independence through depopulation processes lost 6,5 million persons, and in the external migratory moving of population of loss made over 1 million persons. The problem of illegal external labour migration is considered. It is noted that illegal migration from Ukraine to the threats to national security in the Law of Ukraine "On the National Security of Ukraine" is not included, and a threat to national security posed by illegal

  3. Official Position of the American Academy of Clinical Neuropsychology Social Security Administration Policy on Validity Testing: Guidance and Recommendations for Change.

    Science.gov (United States)

    Chafetz, M D; Williams, M A; Ben-Porath, Y S; Bianchini, K J; Boone, K B; Kirkwood, M W; Larrabee, G J; Ord, J S

    2015-01-01

    The milestone publication by Slick, Sherman, and Iverson (1999) of criteria for determining malingered neurocognitive dysfunction led to extensive research on validity testing. Position statements by the National Academy of Neuropsychology and the American Academy of Clinical Neuropsychology (AACN) recommended routine validity testing in neuropsychological evaluations. Despite this widespread scientific and professional support, the Social Security Administration (SSA) continued to discourage validity testing, a stance that led to a congressional initiative for SSA to reevaluate their position. In response, SSA commissioned the Institute of Medicine (IOM) to evaluate the science concerning the validation of psychological testing. The IOM concluded that validity assessment was necessary in psychological and neuropsychological examinations (IOM, 2015 ). The AACN sought to provide independent expert guidance and recommendations concerning the use of validity testing in disability determinations. A panel of contributors to the science of validity testing and its application to the disability process was charged with describing why the disability process for SSA needs improvement, and indicating the necessity for validity testing in disability exams. This work showed how the determination of malingering is a probability proposition, described how different types of validity tests are appropriate, provided evidence concerning non-credible findings in children and low-functioning individuals, and discussed the appropriate evaluation of pain disorders typically seen outside of mental consultations. A scientific plan for validity assessment that additionally protects test security is needed in disability determinations and in research on classification accuracy of disability decisions.

  4. Current and potential cyber attacks on medical journals; guidelines for improving security.

    Science.gov (United States)

    Dadkhah, Mehdi; Seno, Seyed Amin Hosseini; Borchardt, Glenn

    2017-03-01

    At the moment, scholarly publishing is faced with much academic misconduct and threats such as predatory journals, hijacked journals, phishing, and other scams. In response, we have been discussing this misconduct and trying to increase the awareness of researchers, but it seems that there is a lack of research that presents guidelines for editors to help them protect themselves against these threats. It seems that information security is missing in some parts of scholarly publishing that particularly involves medical journals. In this paper, we explain different types of cyber-attacks that especially threaten editors and academic journals. We then explain the details involved in each type of attack. Finally, we present general guidelines for detection and prevention of the attacks. In some cases, we use small experiments to show that our claim is true. Finally, we conclude the paper with a prioritization of these attacks. Copyright © 2016 European Federation of Internal Medicine. Published by Elsevier B.V. All rights reserved.

  5. Advances and current state of the security and privacy in electronic health records: survey from a social perspective.

    Science.gov (United States)

    Tejero, Antonio; de la Torre, Isabel

    2012-10-01

    E-Health systems are experiencing an impulse in these last years, when many medical agencies began to include digital solutions into their platforms. Electronic Health Records (EHRs) are one of the most important improvements, being in its most part a patient-oriented tool. To achieve a completely operational EHR platform, security and privacy problems have to be resolved, due to the importance of the data included within these records. But given all the different methods to address security and privacy, they still remain in most cases as an open issue. This paper studies existing and proposed solutions included in different scenarios, in order to offer an overview of the current state in EHR systems. Bibliographic material has been obtained mainly from MEDLINE and SCOPUS sources, and over 30 publications have been analyzed. Many EHR platforms are being developed, but most of them present weaknesses when they are opened to the public. These architectures gain significance when they cover all the requisites related to security and privacy.

  6. Thermoelectric properties of currently available Au/Pt thermocouples related to the valid reference function

    Directory of Open Access Journals (Sweden)

    Edler F.

    2015-01-01

    Full Text Available Au/Pt thermocouples are considered to be an alternative to High Temperature Standard Platinum Resistance Thermometers (HTSPRTs for realizing temperatures according to the International Temperature Scale of 1990 (ITS-90 in the temperature range between aluminium (660.323 °C and silver (961.78 °C. The original aim of this work was to develop and to validate a new reference function for Au/Pt thermocouples which reflects the properties of presently commercially available Au and Pt wires. The thermoelectric properties of 16 Au/Pt thermocouples constructed at different National Metrological Institutes by using wires from different suppliers and 4 commercially available Au/Pt thermocouples were investigated. Most of them exhibit significant deviations from the current reference function of Au/Pt thermocouples caused by the poor performance of the Au-wires available. Thermoelectric homogeneity was investigated by measuring immersion profiles during freezes at the freezing point of silver and in liquid baths. The thermoelectric inhomogeneities were found to be one order of magnitude larger than those of Au/Pt thermocouples of the Standard Reference Material® (SRM® 1749. The improvement of the annealing procedure of the gold wires is a key process to achieve thermoelectric homogeneities in the order of only about (2–3 mK, sufficient to replace the impracticable HTSPRTs as interpolation instruments of the ITS-90. Comparison measurements of some of the Au/Pt thermocouples against a HTSPRT and an absolutely calibrated radiation thermometer were performed and exhibit agreements within the expanded measurement uncertainties. It has been found that the current reference function of Au/Pt thermocouples reflects adequately the thermoelectric properties of currently available Au/Pt thermocouples.

  7. Analysis of operations and cyber security policies for a system of cooperating Flexible Alternating Current Transmission System (FACTS) devices.

    Energy Technology Data Exchange (ETDEWEB)

    Phillips, Laurence R.; Tejani, Bankim; Margulies, Jonathan; Hills, Jason L.; Richardson, Bryan T.; Baca, Micheal J.; Weiland, Laura

    2005-12-01

    Flexible Alternating Current Transmission Systems (FACTS) devices are installed on electric power transmission lines to stabilize and regulate power flow. Power lines protected by FACTS devices can increase power flow and better respond to contingencies. The University of Missouri Rolla (UMR) is currently working on a multi-year project to examine the potential use of multiple FACTS devices distributed over a large power system region in a cooperative arrangement in which the FACTS devices work together to optimize and stabilize the regional power system. The report describes operational and security challenges that need to be addressed to employ FACTS devices in this way and recommends references, processes, technologies, and policies to address these challenges.

  8. Current challenges of the European security caused by the refugee crisis. The EU's fight against terrorism

    Directory of Open Access Journals (Sweden)

    Andreea Florentina NICOLESCU

    2017-10-01

    Full Text Available The primary objective of this research is to identify the evolution of the terrorist attacks that appeared in Europe lately. In the article are mentioned the main causes that led to the terrorist attacks from France and Germany, emphasizing their effects over the 2 countries. The article brings forward the main types of attacks used by terrorists but also the number of injured persons or deaths. An essential aspect that was highlighted in the article refers to the results obtained after applying the EU – Turkey Statement but also to those regarding the transfer and relocation of the migrants in different countries. In this way, the analysis implied the selection of EU member states which received Syrian refugees by relocation together with the highlighting of the numeric situation of the persons returned from Greece to Turkey. A last part of this study assumes the identification of the personal categories who have been brought by Frontex and EASO in Greece in order to handle efficiently the crisis, which provide the expertise in the migration field. The primary question of this research is: “Is EU capable to administer the changes regarding migration, assuring in the same time its safety?”. To answer this question, I identified first the costs of EU securitizing its states. I consider that the approach of this matter has a high importance since it shows the necessity of some changes meant to help European states to face the events linked to migration and, implicitly, security from the last years.

  9. NS [Nuclear Safety] update. Current safety and security activities and developments taking place in the Department of Nuclear Safety and Security, Issue no. 7, July 2008

    International Nuclear Information System (INIS)

    2008-09-01

    The current issue presents information about the following activities: 1) International Conference on Radioecology and Environmental Radioactivity 15-20 June 2008, Bergen organized by the Norwegian Radiation Protection Authority (NRPA) and the French Institute for Radiation Protection and Nuclear Safety (IRSN) in cooperation with IAEA, WHO, OECD/NEA, the International Union of Radioecology (IUR), the International Commission on Radiological Protection (ICRP) and the Journal of environmental Radioactivity (JER). This conference has evolved from the merging of the series of conferences by ECORAD and of the International Conferences on Radioactivity in the Environment. The primary objective of the conference was to review all scientific themes related to the study of environmental radioactivity and to identify new societal needs and requirements for regulatory bodies and industry. All sources of radiation, from industrial discharges in planned exposure situations through to sources in existing and emergency exposure situations, were included in the scope of the conference. 2) The Ibero American Forum of Nuclear and Radiation Safety and Security Regulatory Agencies (the FORO); 3) Kashiwazaki-Kariwa Nuclear Power Plant in the earthquake on 16 July 2007 - plant's response and effects and lessons learned

  10. Secure Biometric Multi-Logon System Based on Current Authentication Technologies

    Science.gov (United States)

    Tait, Bobby L.

    The need for accurate authentication in the current IT world is of utmost importance. Users rely on current IT technologies to facilitate in day to day interactions with nearly all environments. Strong authentication technologies like the various biometric technologies have been in existence for many years. Many of these technologies, for instance fingerprint biometrics, have reached maturity. However, passwords and pins are still the most commonly used authentication mechanisms at this stage. An average user has to be authenticated in various situations during daily interaction with his or her environment, by means of a pin or a password. This results in many different passwords and pins that the user has to remember. The user will eventually either start documenting these passwords and pins, or often, simply use the same password and pin for all authentication situations.

  11. Validation of Finite-Element Models of Persistent-Current Effects in Nb3Sn Accelerator Magnets

    International Nuclear Information System (INIS)

    Wang, X.; Ambrosio, G.; Chlachidze, G.; Collings, E. W.; Dietderich, D. R.; DiMarco, J.; Felice, H.; Ghosh, A. K.; Godeke, A.; Gourlay, S. A.; Marchevsky, M.; Prestemon, S. O.; Sabbi, G.; Sumption, M. D.; Velev, G. V.; Xu, X.; Zlobin, A. V.

    2015-01-01

    Persistent magnetization currents are induced in superconducting filaments during the current ramping in magnets. The resulting perturbation to the design magnetic field leads to field quality degradation, in particular at low field where the effect is stronger relative to the main field. The effects observed in NbTi accelerator magnets were reproduced well with the critical-state model. However, this approach becomes less accurate for the calculation of the persistent-current effects observed in Nb 3 Sn accelerator magnets. Here a finite-element method based on the measured strand magnetization is validated against three state-of-art Nb3Sn accelerator magnets featuring different subelement diameters, critical currents, magnet designs and measurement temperatures. The temperature dependence of the persistent-current effects is reproduced. Based on the validated model, the impact of conductor design on the persistent current effects is discussed. The performance, limitations and possible improvements of the approach are also discussed

  12. Development and validation of a simulation tool dedicated to eddy current non destructive testing of tubes

    International Nuclear Information System (INIS)

    Reboud, Ch.

    2006-09-01

    Eddy current testing (ECT) technique is widely used in industrial fields such as iron and steel industry. Dedicated simulation tools provide a great assistance for the optimisation of ECT processes. CEA and the Vallourec Research Center have collaborated in order to develop a simulation tool of ECT of tubes. The volume integral method has been chosen for the resolution of Maxwell equations in a stratified medium, in order to get accurate results with a computation time short enough to carry out optimisation or inversion procedures. A fast model has been developed for the simulation of ECT of non magnetic tubes using specific external probes. New flaw geometries have been modelled: holes and notches with flat bottom. Validations of the developments, which have been integrated to the CIVA platform, have been carried out using experimental data recorded in laboratory conditions and in. industrial conditions, successively. The integral equations derived are solved using the Galerkin variant of the method of moments with pulse functions as projection functions. In order to overcome some memory limitations, other projection functions have been considered. A new discretization scheme based on non-uniform B-Splines of degree 1 or 2 has been implemented, which constitutes an original contribution to the existing literature. The decrease of the mesh size needed to get a given accuracy on the result may lead to the simulation of more complex ECT configurations. (author)

  13. Current Technologies and its Trends of Machine Vision in the Field of Security and Disaster Prevention

    Science.gov (United States)

    Hashimoto, Manabu; Fujino, Yozo

    Image sensing technologies are expected as useful and effective way to suppress damages by criminals and disasters in highly safe and relieved society. In this paper, we describe current important subjects, required functions, technical trends, and a couple of real examples of developed system. As for the video surveillance, recognition of human trajectory and human behavior using image processing techniques are introduced with real examples about the violence detection for elevators. In the field of facility monitoring technologies as civil engineering, useful machine vision applications such as automatic detection of concrete cracks on walls of a building or recognition of crowded people on bridge for effective guidance in emergency are shown.

  14. Current status and prospect of radiation technology for the safety and security of food

    International Nuclear Information System (INIS)

    Byun, Myung Woo

    2009-01-01

    Since 1960, radiation technology (RT), which had been known as the method eliminating the biologically hazardous factors of the products in the food, medical, pharmaceutical and cosmetic industries, was comprehensively investigated. The safety of food irradiation has been throughout evaluated with scientific experiments. Recently, RT has been associated with other high technologies such as biotechnology and nanotechnology, and resulted in the innovative products. Through these fusion technology with RT, the new items with high functionality and value will be shown. But, until now, consumers' acceptance on radiation is still the problem to be solved for further development. To make the consumer correctly understand RT, the benefits and defects of RT should be informed and there should be the legislated policy for the industrialization of RT by government. Therefore, this review will introduce the current status of food irradiation in the world, the safety and national agreements and the recent results from radiation fusion technology, and suggest the further work

  15. Smart current collector—fibre optic hit detection system for improved security on railway tracks

    International Nuclear Information System (INIS)

    Schröder, Kerstin; Ecke, Wolfgang; Kautz, Michael; Rothhardt, Manfred; Willett, Simon; Unterwaditzer, Hansjörg; Bosselmann, Thomas

    2013-01-01

    In a deregulated EU railway market, monitoring the vehicle and infrastructure interfaces is mandatory for the enhanced availability of operation and for reducing costs. Therefore, infrastructure managers need monitoring tools on overhead contact lines (OCLs). We know from earlier investigations that a measurement of contact forces alone is not sufficient (Schröder et al 2013 Opt. Lasers Eng. 51 172–9). In this study, we introduce a system which is fast enough to detect short disturbances and which can be used with regular trains. It is based on fibre optic sensors integrated with conventional current collectors (CCs). The system is designed to monitor hard and soft hits on the CC in horizontal (driving) and vertical (contact) direction. It was systematically tested in the laboratory as well as in test runs on commercial railways in several countries. With its help, a variety of minor as well as serious defects have been discovered and repaired at the CC–OCL interface. (paper)

  16. Survey of current technologies of security management for distributed information systems; Bunsangata joho system no security iji kanri hoshiki no genjo

    Energy Technology Data Exchange (ETDEWEB)

    Matsui, S [Central Research Institute of Electric Power Industry, Tokyo (Japan)

    1997-05-01

    The latest situation of the security management for a distributed information system was examined and systematically summarized to indicate the management design in future. This paper describes the threat of the distributed information system to security, the risk for confidentiality, integrity, and availability due to the threat, and the measures to be taken. The basic technology of security management is classified into the `user certification to prevent an incorrect access` and the `encipherment to prevent data from being used incorrectly.` The technology for certification has been almost completed. It can be securely done using an expendable password or IC card system. In Internet, multiple enciphering technologies for constructing a virtual private network that can secure the almost the same security as for a private network can be used. In an electronic mail, the enciphering technology can also be used easily. The tool that manages the security of very many servers, clients, and networks is in the initial stage. 16 refs., 1 fig., 5 tabs.

  17. Current Status of the Validation of the Atmospheric Chemistry Instruments on Envisat

    Science.gov (United States)

    Lecomte, P.; Koopman, R.; Zehner, C.; Laur, H.; Attema, E.; Wursteisen, P.; Snoeij, P.

    2003-04-01

    Envisat is ESA's advanced Earth observing satellite launched in March 2002 and is designed to provide measurements of the atmosphere, ocean, land and ice over a five-year period. After the launch and the switch-on period, a six-month commissioning phase has taken place for instrument calibration and geophysical validation, concluded with the Envisat Calibration Review held in September 2002. In addition to ESA and its industrial partners in the Envisat consortium, many other companies and research institutes have contributed to the calibration and validation programme under ESA contract as expert support laboratories (ESLs). A major contribution has also been made by the Principal Investigators of approved proposals submitted to ESA in response to a worldwide "Announcement of Opportunity for the Exploitation of the Envisat Data Products" in 1998. Working teams have been formed in which the different participants worked side by side to achieve the objectives of the calibration and validation programme. Validation is a comparison of Envisat level-2 data products and estimates of the different geophysical variables obtained by independent means, the validation instruments. Validation is closely linked to calibration because inconsistencies discovered in the comparison of Envisat Level 2 data products to well-known external instruments can have many different sources, including inaccuracies of the Envisat instrument calibration and the data calibration algorithms. Therefore, initial validation of the geophysical variables has provided feedback to calibration, de-bugging and algorithm improvement. The initial validation phase ended in December 2002 with the Envisat Validation Workshop at which, for a number of products, a final quality statement was given. Full validation of all data products available from the Atmospheric Chemistry Instruments on Envisat (MIPAS, GOMOS and SCIAMACHY) is quite a challenge and therefore it has been decided to adopt a step-wise approach

  18. Animal models of binge drinking, current challenges to improve face validity.

    Science.gov (United States)

    Jeanblanc, Jérôme; Rolland, Benjamin; Gierski, Fabien; Martinetti, Margaret P; Naassila, Mickael

    2018-05-05

    Binge drinking (BD), i.e., consuming a large amount of alcohol in a short period of time, is an increasing public health issue. Though no clear definition has been adopted worldwide the speed of drinking seems to be a keystone of this behavior. Developing relevant animal models of BD is a priority for gaining a better characterization of the neurobiological and psychobiological mechanisms underlying this dangerous and harmful behavior. Until recently, preclinical research on BD has been conducted mostly using forced administration of alcohol, but more recent studies used scheduled access to alcohol, to model more voluntary excessive intakes, and to achieve signs of intoxications that mimic the human behavior. The main challenges for future research are discussed regarding the need of good face validity, construct validity and predictive validity of animal models of BD. Copyright © 2018 Elsevier Ltd. All rights reserved.

  19. 17 CFR 404.2 - Records to be made and kept current by registered government securities brokers and dealers...

    Science.gov (United States)

    2010-04-01

    ... on a consolidated basis, by the highest level holding company that is a Material Associated Person..., as of quarter-end for the registered government securities broker or dealer and its highest level... registered government securities broker or dealer and its highest level holding company that is a Material...

  20. Determination of vitamin C in foods: current state of method validation.

    Science.gov (United States)

    Spínola, Vítor; Llorent-Martínez, Eulogio J; Castilho, Paula C

    2014-11-21

    Vitamin C is one of the most important vitamins, so reliable information about its content in foodstuffs is a concern to both consumers and quality control agencies. However, the heterogeneity of food matrixes and the potential degradation of this vitamin during its analysis create enormous challenges. This review addresses the development and validation of high-performance liquid chromatography methods for vitamin C analysis in food commodities, during the period 2000-2014. The main characteristics of vitamin C are mentioned, along with the strategies adopted by most authors during sample preparation (freezing and acidification) to avoid vitamin oxidation. After that, the advantages and handicaps of different analytical methods are discussed. Finally, the main aspects concerning method validation for vitamin C analysis are critically discussed. Parameters such as selectivity, linearity, limit of quantification, and accuracy were studied by most authors. Recovery experiments during accuracy evaluation were in general satisfactory, with usual values between 81 and 109%. However, few methods considered vitamin C stability during the analytical process, and the study of the precision was not always clear or complete. Potential future improvements regarding proper method validation are indicated to conclude this review. Copyright © 2014. Published by Elsevier B.V.

  1. Validation of neoclassical bootstrap current models in the edge of an H-mode plasma.

    Science.gov (United States)

    Wade, M R; Murakami, M; Politzer, P A

    2004-06-11

    Analysis of the parallel electric field E(parallel) evolution following an L-H transition in the DIII-D tokamak indicates the generation of a large negative pulse near the edge which propagates inward, indicative of the generation of a noninductive edge current. Modeling indicates that the observed E(parallel) evolution is consistent with a narrow current density peak generated in the plasma edge. Very good quantitative agreement is found between the measured E(parallel) evolution and that expected from neoclassical theory predictions of the bootstrap current.

  2. Validating Prehistoric and Current Social Phenomena Upon the Landscape of the Peten, Guatemala

    Science.gov (United States)

    Sever, Thomas L.

    1997-01-01

    The Peten, once inhabited by a population of several million before the collapse of the ancient Maya in the 10th and 11th centuries, is being repopulated toward its former demographic peak. Environmental dynamics, however, impose severe constraints to further development. Current practices in subsistence, commercial agriculture, and cattle raising are causing rapid deforestation on a scale that can only result in soil loss and regional degradation. In view of the current deforestation trends, the question emerges as to how millions of ancient Maya lived successfully in the area for centuries when relatively fewer occupants today threaten the sustainability of the landscape with current agricultural practices. The use of remote sensing technology is a cost-effective methodology for addressing issues in Maya archeology as well as monitoring the environmental impacts being experienced by the current population.

  3. Hardware IP security and trust

    CERN Document Server

    Bhunia, Swarup; Tehranipoor, Mark

    2017-01-01

    This book provides an overview of current Intellectual Property (IP) based System-on-Chip (SoC) design methodology and highlights how security of IP can be compromised at various stages in the overall SoC design-fabrication-deployment cycle. Readers will gain a comprehensive understanding of the security vulnerabilities of different types of IPs. This book would enable readers to overcome these vulnerabilities through an efficient combination of proactive countermeasures and design-for-security solutions, as well as a wide variety of IP security and trust assessment and validation techniques. This book serves as a single-source of reference for system designers and practitioners for designing secure, reliable and trustworthy SoCs.

  4. Fundamentals of IP and SoC security design, verification, and debug

    CERN Document Server

    Ray, Sandip; Sur-Kolay, Susmita

    2017-01-01

    This book is about security in embedded systems and it provides an authoritative reference to all aspects of security in system-on-chip (SoC) designs. The authors discuss issues ranging from security requirements in SoC designs, definition of architectures and design choices to enforce and validate security policies, and trade-offs and conflicts involving security, functionality, and debug requirements. Coverage also includes case studies from the “trenches” of current industrial practice in design, implementation, and validation of security-critical embedded systems. Provides an authoritative reference and summary of the current state-of-the-art in security for embedded systems, hardware IPs and SoC designs; Takes a "cross-cutting" view of security that interacts with different design and validation components such as architecture, implementation, verification, and debug, each enforcing unique trade-offs; Includes high-level overview, detailed analysis on implementation, and relevant case studies on desi...

  5. Coverage of the Test of Memory Malingering, Victoria Symptom Validity Test, and Word Memory Test on the Internet: is test security threatened?

    Science.gov (United States)

    Bauer, Lyndsey; McCaffrey, Robert J

    2006-01-01

    In forensic neuropsychological settings, maintaining test security has become critically important, especially in regard to symptom validity tests (SVTs). Coaching, which can entail providing patients or litigants with information about the cognitive sequelae of head injury, or teaching them test-taking strategies to avoid detection of symptom dissimulation has been examined experimentally in many research studies. Emerging evidence supports that coaching strategies affect psychological and neuropsychological test performance to differing degrees depending on the coaching paradigm and the tests administered. The present study sought to examine Internet coverage of SVTs because it is potentially another source of coaching, or information that is readily available. Google searches were performed on the Test of Memory Malingering, the Victoria Symptom Validity Test, and the Word Memory Test. Results indicated that there is a variable amount of information available about each test that could threaten test security and validity should inappropriately interested parties find it. Steps that could be taken to improve this situation and limitations to this exploration are discussed.

  6. NS [Nuclear Safety] update. Current safety and security activities and developments taking place in the Department of Nuclear Safety and Security, Issue no. 13, December 2009

    International Nuclear Information System (INIS)

    2009-12-01

    The current issue presents information about the following activities: Highlights of the 53rd IAEA General Conference, 14-18 September 2009. Current status of the Building, Testing and Using the Response Assistance Network (RANET). 10th Meeting of the ANSN Steering Committee. The document also gives an overview on International Physical Protection Advisory Service (IPPAS)

  7. Development and Validation of Mechanical Engineering Trade Skills Assessment Instrument for Sustainable Job Security in Yobe State

    Science.gov (United States)

    Adamu, Gishua Garba; Dawha, Josphine Musa; Kamar, Tiamiyu Salihu

    2015-01-01

    Mechanical Engineering Trade Skills Assessment Instrument (METSAI) is aimed at determining the extent to which students have acquired practical skills before graduation that will enable them get employment for sustainable job security in Yobe state. The study employed instrumentation research design. The populations of the study were 23 mechanical…

  8. Security for grids

    Energy Technology Data Exchange (ETDEWEB)

    Humphrey, Marty; Thompson, Mary R.; Jackson, Keith R.

    2005-08-14

    Securing a Grid environment presents a distinctive set of challenges. This paper groups the activities that need to be secured into four categories: naming and authentication; secure communication; trust, policy, and authorization; and enforcement of access control. It examines the current state of the art in securing these processes and introduces new technologies that promise to meet the security requirements of Grids more completely.

  9. IR Camera Validation of IGBT Junction Temperature Measurement via Peak Gate Current

    DEFF Research Database (Denmark)

    Baker, Nick; Dupont, Laurent; Munk-Nielsen, Stig

    2017-01-01

    partial bond-wire lift-off. Results are also compared with a traditional electrical temperature measurement method: the voltage drop under low current (VCE(low)). In all cases, the IGPeak method is found to provide a temperature slightly overestimating the temperature of the gate pad. Consequently, both...... the gate pad position and chip temperature distribution influence whether the measurement is representative of the mean junction temperature. These results remain consistent after chips are degraded through bondwire lift-off. In a paralleled IGBT configuration with non-negligible temperature disequilibrium...

  10. NS [Nuclear Safety] update. Current safety and security activities and developments taking place in the Department of Nuclear Safety and Security, Issue no. 14, March 2010

    International Nuclear Information System (INIS)

    2010-03-01

    The current issue presents information about the following topics: Highlights of the 2nd International Conference on Effective Nuclear Regulatory Systems, Cape Town, 14 December 2009. Denial of Shipment of Radioactive Material. Emergency Preparedness Review (EPREV)

  11. The Current Mind-Set of Federal Information Security Decision-Makers on the Value of Governance: An Informative Study

    Science.gov (United States)

    Stroup, Jay Walter

    2014-01-01

    Understanding the mind-set or perceptions of organizational leaders and decision-makers is important to ascertaining the trends and priorities in policy and governance of the organization. This study finds that a significant shift in the mind-set of government IT and information security leaders has started and will likely result in placing a…

  12. Internal validity of a household food security scale is consistent among diverse populations participating in a food supplement program in Colombia

    Directory of Open Access Journals (Sweden)

    Melgar-Quinonez Hugo

    2008-05-01

    Full Text Available Abstract Objective We assessed the validity of a locally adapted Colombian Household Food Security Scale (CHFSS used as a part of the 2006 evaluation of the food supplement component of the Plan for Improving Food and Nutrition in Antioquia, Colombia (MANA – Plan Departamental de Seguridad Alimentaria y Nutricional de Antioquia. Methods Subjects included low-income families with pre-school age children in MANA that responded affirmatively to at least one CHFSS item (n = 1,319. Rasch Modeling was used to evaluate the psychometric characteristics of the items through measure and INFIT values. Differences in CHFSS performance were assessed by area of residency, socioeconomic status and number of children enrolled in MANA. Unidimensionality of a scale by group was further assessed using Differential Item Functioning (DIF. Results Most CHFSS items presented good fitness with most INFIT values within the adequate range of 0.8 to 1.2. Consistency in item measure values between groups was found for all but two items in the comparison by area of residency. Only two adult items exhibited DIF between urban and rural households. Conclusion The results indicate that the adapted CHFSS is a valid tool to assess the household food security of participants in food assistance programs like MANA.

  13. Internal validity of a household food security scale is consistent among diverse populations participating in a food supplement program in Colombia.

    Science.gov (United States)

    Hackett, Michelle; Melgar-Quinonez, Hugo; Uribe, Martha C Alvarez

    2008-05-23

    We assessed the validity of a locally adapted Colombian Household Food Security Scale (CHFSS) used as a part of the 2006 evaluation of the food supplement component of the Plan for Improving Food and Nutrition in Antioquia, Colombia (MANA - Plan Departamental de Seguridad Alimentaria y Nutricional de Antioquia). Subjects included low-income families with pre-school age children in MANA that responded affirmatively to at least one CHFSS item (n = 1,319). Rasch Modeling was used to evaluate the psychometric characteristics of the items through measure and INFIT values. Differences in CHFSS performance were assessed by area of residency, socioeconomic status and number of children enrolled in MANA. Unidimensionality of a scale by group was further assessed using Differential Item Functioning (DIF). Most CHFSS items presented good fitness with most INFIT values within the adequate range of 0.8 to 1.2. Consistency in item measure values between groups was found for all but two items in the comparison by area of residency. Only two adult items exhibited DIF between urban and rural households. The results indicate that the adapted CHFSS is a valid tool to assess the household food security of participants in food assistance programs like MANA.

  14. Dose reduction in CT by on-line tube current control: principles and validation on phantoms and cadavers

    International Nuclear Information System (INIS)

    Kalender, W.A.; Wolf, H.; Suess, C.; Gies, M.; Greess, H.; Bautz, W.A.

    1999-01-01

    We investigated approaches to reducing the dose in CT without impairing image quality. Dose can be reduced for non-circular object cross-sections without a significant increase in noise if X-ray tube current is reduced at angular tube positions where the X-ray attenuation by the patients is small. We investigated different schemes of current modulation during tube rotation by simulation and phantom measurements. Both pre-programmed sinusoidal modulation functions and attenuation-based on-line control of the tube current were evaluated. All relevant scan parameters were varied, including constraints such as the maximum modulation amplitude. A circular, an elliptical and two oval water phantoms were used. Results were validated on six cadavers. Dose reduction of 10-45 % was obtained both in simulations and in measurements for the different non-circular phantom geometries and current modulation algorithms without an increase in pixel noise values. On-line attenuation-based control yielded higher reductions than modulation by a sinusoidal curve. The maximal dose reduction predicted by simulations could not be achieved due to limits in the modulation amplitude. In cadaver studies, a reduction of typically 20-40 % was achieved for the body and about 10 % for the head. Variations of our technique are possible; a slight increase in nominal tube current for high-attenuation projections combined with attenuation-based current modulation still yields significant dose reduction, but also a reduction in the structured noise that may obscure diagnostic details. We conclude that a significant reduction in dose can be achieved by tube current modulation without compromising image quality. Attenuation-based on-line control and a modulation amplitude of at least 90 % should be employed. (orig.)

  15. Increasing the Reliability of Circulation Model Validation: Quantifying Drifter Slip to See how Currents are Actually Moving

    Science.gov (United States)

    Anderson, T.

    2016-02-01

    Ocean circulation forecasts can help answer questions regarding larval dispersal, passive movement of injured sea animals, oil spill mitigation, and search and rescue efforts. Circulation forecasts are often validated with GPS-tracked drifter paths, but how accurately do these drifters actually move with ocean currents? Drifters are not only moved by water, but are also forced by wind and waves acting on the exposed buoy and transmitter; this imperfect movement is referred to as drifter slip. The quantification and further understanding of drifter slip will allow scientists to differentiate between drifter imperfections and actual computer model error when comparing trajectory forecasts with actual drifter tracks. This will avoid falsely accrediting all discrepancies between a trajectory forecast and an actual drifter track to computer model error. During multiple deployments of drifters in Nantucket Sound and using observed wind and wave data, we attempt to quantify the slip of drifters developed by the Northeast Fisheries Science Center's (NEFSC) Student Drifters Program. While similar studies have been conducted previously, very few have directly attached current meters to drifters to quantify drifter slip. Furthermore, none have quantified slip of NEFSC drifters relative to the oceanographic-standard "CODE" drifter. The NEFSC drifter archive has over 1000 drifter tracks primarily off the New England coast. With a better understanding of NEFSC drifter slip, modelers can reliably use these tracks for model validation.

  16. Cross-cultural adaptation and validation of the Behcet’s Disease Current Activity Form in Korea

    Science.gov (United States)

    Choi, Hyo Jin; Seo, Mi Ryoung; Ryu, Hee Jung; Baek, Han Joo

    2015-01-01

    Background/Aims: This study was undertaken to perform a cross-cultural adaptation of the Behcet’s Disease Current Activity Form (BDCAF, version 2006) questionnaire to the Korean language and to evaluate its reliability and validity in a population of Korean patients with Behcet’s disease (BD). Methods: A cross-cultural study was conducted among patients with BD who attended our rheumatology clinic between November 2012 and March 2013. There were 11 males and 35 females in the group. The mean age of the participants was 48.5 years and the mean disease duration was 6.4 years. The first BDCAF questionnaire was completed on arrival and the second assessment was performed 20 minutes later by a different physician. The test-retest reliability was analyzed by computing κ statistics. Kappa scores of > 0.6 indicated a good agreement. To assess the validity, we compared the total BDCAF score with the patient’s/clinician’s perception of disease activity and the Korean version of the Behcet’s Disease Quality of Life (BDQOL). Results: For the test-retest reliability, good agreements were achieved on items such as headache, oral/genital ulceration, erythema, skin pustules, arthralgia, nausea/vomiting/abdominal pain, and diarrhea with altered/frank blood per rectum. Moderate agreement was observed for eye and nervous system involvement. We achieved a fair agreement for arthritis and major vessel involvement. Significant correlations were obtained between the total BDCAF score with the BDQOL and the patient’s/clinician’s perception of disease activity p < 0.05). Conclusions: The Korean version of the BDCAF is a reliable and valid instrument for measuring current disease activity in Korean BD patients. PMID:26354066

  17. Code Development and Validation Towards Modeling and Diagnosing Current Redistribution in an ITER-Type Superconducting Cable Subject to Current Imbalance

    International Nuclear Information System (INIS)

    Zani, L.; Gille, P.E.; Gonzales, C.; Kuppel, S.; Torre, A.

    2009-01-01

    In the framework of ITER magnet R and D activities, a significant number of conductor short-samples or inserts were tested throughout the past decades, either for development on cable layouts or for industrial qualifications. On a certain number of them critical properties degradations were encountered, some of which were identified to be caused by current imbalance between the different strands bundles twisted inside the cable. In order to address the analyses of those samples as reliably as possible, CEA developed a dedicated home code named Coupled Algorithm Resistive Modelling Electrical Network (CARMEN) having basically two specific functionalities: -a first routine which is devoted to compute strand bundles trajectories, with bundles down to the individual strand scale. This point allows to obtain a realistic E(J) law over the full conductor length -a second routine which is devoted to model inter-bundle currents redistribution, taking into account the magnetic field map. It basically makes use of a relevant discrete electrical network with defined sections including E(J) law obtained from the above-mentioned subroutine As a result, the E-J or E-T curves can be calculated and compared to the experimental data, provided adapted inputs on sample features are considered, such as strand contact resistances in joints, inter-bundles resistances or cable geometry. In a first part, the paper describes the different hypotheses that built the code structure, and in a second part, the application to the ITER TFCl insert coil is presented, focusing particularly on the validation of the potential use of the code to stand as a diagnostic tool for currents imbalance probing

  18. NS [Nuclear Safety] update. Current safety and security activities and developments taking place in the Department of Nuclear Safety and Security, Issue no. 6, March 2008

    International Nuclear Information System (INIS)

    2008-03-01

    The current issue presents information about the following activities: 1) International Conference on Illicit Nuclear Trafficking which took place in November 2007 in Edinburgh. The principal aim of the conference was to examine the threat and context of illicit nuclear trafficking of radioactive material, specifically, what is being done to combat such trafficking and where more needs to be done. The conference was also to consider how the obligations and commitments of the legally binding and non-binding international instruments could be and are being implemented by various States. 2) INSAG Message on Nuclear Safety Infrastructure in which the INSAG Chairman Richard Meserve addressed nuclear safety in the current context and various issues that warrant special attention. 3) approved for publication the Safety Requirements publication on Safety of Nuclear Fuel Cycle Facilities. 4) The Asian Nuclear Safety Network (ANSN)

  19. Presal36: a high resolution ocean current model for Brazilian pre-salt area: implementation and validation results

    Energy Technology Data Exchange (ETDEWEB)

    Schoellkopf, Jacques P. [Advanced Subsea do Brasil Ltda., Rio de Janeiro, RJ (Brazil)

    2012-07-01

    The PRESAL 36 JIP is a project for the development of a powerful Ocean Current Model of 1/36 of a degree resolution, nested in an existing Global Ocean global Model, Mercator PSY4 (1/12-a-degree resolution ), with tide corrections, improved bathymetry accuracy and high frequency atmospheric forcing (every 3 hours). The simulation outputs will be the 3 dimensional structure of the velocity fields (u,v,w) at 50 vertical levels over the water column, including geostrophic, Ekman and tidal currents, together with Temperature, Salinity and sea surface height at a sub-mesoscale spatial resolution. Simulations will run in hindcast, nowcast and forecast modes, with a temporal resolution of 3 hours . This Ocean current model will allow to perform detailed statistical studies on various areas using conditions analysed using hindcast mode, short term operational condition prediction for various surface and sub sea operations using realtime and Forecast modes. The paper presents a publication of significant results of the project, in term of pre-sal zoomed model implementation, and high resolution model validation. It demonstrate the capability to properly describe ocean current phenomenon at beyond mesoscale frontier. This project demonstrate the feasibility of obtaining accurate information for engineering studies and operational conditions, based on a 'zoom technique' starting from global ocean models. (author)

  20. NS [Nuclear Safety] update. Current safety and security activities and developments taking place in the Department of Nuclear Safety and Security. Issue no. 3, April 2007

    International Nuclear Information System (INIS)

    2007-04-01

    This newsletter reports on the manual for first responders to a radiological emergency, the IAEA's testing laboratory for radiation measurement, monitoring and protection, which is the first UN laboratory accredited to the international standard ISO17025, and the International Conference on Lessons Learned fro the Decommissioning of Nuclear Facilities and the Safe Termination of Nuclear Activities. The IAEA, in recognition of this critical need, has developed a Manual for First Responders to a Radiological Emergency with the objective to provide practical guidance for those responding within the first few hours of a radiological emergency. This guidance document is co-sponsored by the Comite technique international de prevention et d'extinction du feu (CTIF), the Pan American Health Organization (PAHO) and the World Health Organization (WHO). The Manual for First Responders provides guidance in the form of action guides, instructions, and supporting data that can be easily applied by a State to build a basic capability to respond to a radiological emergency. The guidance also contains practical procedures and tools on the response to a radiological emergency again easily and quickly adaptable by Member States to prepare first responders to respond adequately to a radiological emergency. The Manual can be used for training purposes at the preparedness stage as well as during the response. The Policy and Programme Support Section (PPSS) within the Division of Radiation, Transport and Waste Security (NSRW) has been operating, for many years, a laboratory (the Testing Laboratory) for radiation safety monitoring of individuals and workplaces. The establishment of a quality management system, as required in the International Basic Safety Standards (the BSS), started in 2000 to cover all measurement methods of the laboratory. This system is based on the international standard ISO17025 (General requirements for the competence of testing and calibration laboratories). PPSS

  1. Meeting current requirements. Data security in the smart metering; Den heutigen Anforderungen gerecht werden. Datensicherheit im Smart Metering

    Energy Technology Data Exchange (ETDEWEB)

    Zayer, Peter [VOLTARIS GmbH, Maxdorf (Germany); Wolf, Frank [VOLTARIS GmbH, Merzig (Germany)

    2012-09-15

    The requirements for the smart metering are extremely complex. On the one hand, the network operators and the suppliers need unadulterated data on consumption or supply. On the other hand, consumers see their privacy jeopardized because the individual user behavior can be read from the specific energy profile. Furthermore, according to the will of the legislator the smart meter or the measuring system is an active component of a smart grid and smart-market system. Right here it is important to eliminate the threat of hacker attacks. For the industry this results in the task of guaranteeing both the maximum data security as well as to provide a maximum nutritive value to the customer.

  2. Validation of the Social Security Death Index (SSDI): An Important Readily-Available Outcomes Database for Researchers.

    Science.gov (United States)

    Quinn, James; Kramer, Nathan; McDermott, Daniel

    2008-01-01

    To determine the accuracy of the online Social Security Death Index (SSDI) for determining death outcomes. We selected 30 patients who were determined to be dead and 90 patients thought to be alive after an ED visit as determined by a web-based searched of the SSDI. For those thought to be dead we requested death certificates. We then had a research coordinator blinded to the results of the SSDI search, complete direct follow-up by contacting the patients, family or primary care physicians to determine vital status. To determine the sensitivity and specificity of the SSDI for death at six months in this cohort, we used direct follow-up as the criterion reference and calculated 95% confidence intervals. Direct follow-up was completed for 90% (108 of 120) of the patients. For those patients 20 were determined to be dead and 88 alive. The dead were more likely to be male (57%) and older [(mean age 83.9 (95% CI 79.1 - 88.7) vs. 60.9 (95% CI 56.4 - 65.4) for those alive]. The sensitivity of the SSDI for those with completed direct follow-up was 100% (95% CI 91 -100%) with specificity of 100% (95% CI 98-100%). Of the 12 patients who were not able to be contacted through direct follow-up, the SSDI indicated that 10 were dead and two were alive. SSDI is an accurate measure of death outcomes and appears to have the advantage of finding deaths among patients lost to follow-up.

  3. The corporate security professional

    DEFF Research Database (Denmark)

    Petersen, Karen Lund

    2013-01-01

    In our age of globalization and complex threat environments, every business is called upon to manage security. This tendency is reflected in the fact that a wide range of businesses increasingly think about security in broad terms and strive to translate national security concerns into corporate...... speech. This article argues that the profession of the security manager has become central for understanding how the relationship between national and corporate security is currently negotiated. The national security background of most private sector security managers makes the corporate security...... professional inside the company a powerful hybrid agent. By zooming in on the profession and the practice of national security inside companies, the article raises questions about where to draw the line between corporate security and national security along with the political consequences of the constitution...

  4. Nuclear security

    International Nuclear Information System (INIS)

    1991-12-01

    This paper reports that despite their crucial importance to national security, safeguards at the Department of Energy's (DOE) weapons facilities may be falling short. DOE security inspections have identified many weaknesses, including poor performance by members of DOE's security force, poor accountability for quantities of nuclear materials, and the inability of personnel to locate documents containing classified information. About 13 percent of the 2,100 identified weakness resulted in DOE inspectors giving out unsatisfactory security ratings; another 38 percent led to marginal ratings. In addition, DOE's centralized safeguards and security information tracking system lacks current data on whether DOE field offices have corrected the identified weaknesses. Without reliable information, DOE has no way of knowing whether timely action was taken to correct problems, nor can it determine whether weaknesses are systematic. DOE has tried to minimize the impact of these security weaknesses at its facilities by establishing multiple layers of protection measures and instituting interim and compensatory measures for identified weaknesses. DOE is planning enhancements to the centralized tracking system that should improve its reliability and increase its effectiveness

  5. Validación de escala de la seguridad alimentaria doméstica en Antioquia, Colombia Validation of a household food security scale in Antioquia, Colombia

    Directory of Open Access Journals (Sweden)

    Marta Cecilia Álvarez

    2006-12-01

    Full Text Available OBJETIVO: Adaptar y validar en hogares de Antioquia, Colombia, una escala de seguridad alimentaria anteriormente aplicada en hogares de Caracas, Venezuela. MATERIAL Y MÉTODOS: El estudio se realizó en 44 municipios del departamento de Antioquia, Colombia, durante los años 2003 y 2004, en una muestra representativa de los hogares rurales y urbanos del departamento de Antioquia, constituida por 1 624 hogares con niños menores de 10 años; los hogares fueron seleccionados de manera aleatoria, con un índice de confianza de 95% y un error de 3%. Se validó la escala de seguridad alimentaria doméstica utilizada por Paulina Lorenzana en Venezuela, y se determinó la consistencia interna de la escala mediante el coeficiente de correlación de Spearman y el coeficiente alfa de Cronbach. La validez del constructo se estableció mediante el método de componentes principales para datos categóricos. Se utilizaron el procedimiento de Prinqual y el modelo de Rasch para definir los componentes y los ��tems de la escala. RESULTADOS: El análisis factorial arrojó dos componentes: 1 las variables relacionadas con "inseguridad alimentaria sin hambre" que lo explican en 95% y 2 las relacionadas con "inseguridad alimentaria con hambre" que lo explican en 89.4%. El coeficiente alfa de Cronbach para el primer componente fue de de 0.95 y para el segundo de 0.89. Al ser analizados con el modelo Rasch, todos los ítems presentaron valores infit en un rango de 0.8 a 1.2. La escala se correlacionó significativamente con la disponibilidad de alimentos, el recurso de la limosna, el trabajo infantil, el tamaño del hogar y la ocupación del jefe de familia (pOBJETIVE: To adapt and validate in households of Antioquia, Colombia, a food security scale previously applied in households of Caracas, Venezuela. MATERIAL AND METHODS: The study was carried out in 44 municipalities in the department of Antioquia, Colombia, in 2003 and 2004, with a randomly selected sample

  6. Validation of an in situ solidification/stabilization technique for hazardous barium and cyanide waste for safe disposal into a secured landfill.

    Science.gov (United States)

    Vaidya, Rucha; Kodam, Kisan; Ghole, Vikram; Surya Mohan Rao, K

    2010-09-01

    The aim of the present study was to devise and validate an appropriate treatment process for disposal of hazardous barium and cyanide waste into a landfill at a Common Hazardous Waste Treatment Storage Disposal Facility (CHWTSDF). The waste was generated during the process of hardening of steel components and contains cyanide (reactive) and barium (toxic) as major contaminants. In the present study chemical fixation of the contaminants was carried out. The cyanide was treated by alkali chlorination with calcium hypochlorite and barium by precipitation with sodium sulfate as barium sulfate. The pretreated mixture was then solidified and stabilized by binding with a combination of slag cement, ordinary Portland cement and fly ash, molded into blocks (5 x 5 x 5 cm) and cured for a period of 3, 7 and 28 days. The final experiments were conducted with 18 recipe mixtures of waste + additive:binder (W:B) ratios. The W:B ratios were taken as 80:20, 70:30 and 50:50. The optimum proportions of additives and binders were finalized on the basis of the criteria of unconfined compressive strength and leachability. The leachability studies were conducted using the Toxicity Characteristic Leaching Procedure. The blocks were analyzed for various physical and leachable chemical parameters at the end of each curing period. Based on the results of the analysis, two recipe mixtures, with compositions - 50% of [waste + (120 g Ca(OCl)(2) + 290 g Na(2)SO(4)) kg(-1) of waste] + 50% of binders, were validated for in situ stabilization into a secured landfill of CHWTSDF. 2010 Elsevier Ltd. All rights reserved.

  7. Human factors in network security

    OpenAIRE

    Jones, Francis B.

    1991-01-01

    Human factors, such as ethics and education, are important factors in network information security. This thesis determines which human factors have significant influence on network security. Those factors are examined in relation to current security devices and procedures. Methods are introduced to evaluate security effectiveness by incorporating the appropriate human factors into network security controls

  8. Design Validation of a {sup 10}B{sub 4}C Coated RSP with Multi-layered structure for Homeland Security

    Energy Technology Data Exchange (ETDEWEB)

    Lee, Su Hyun; Kim, Jong Yul; Lee, Joo Hyun; Moon, Mung Kook [KAERI, Daejeon (Korea, Republic of); Lim, Chang Hwy [Korea Research Institute of Ships and Ocean Engineering, Daejeon (Korea, Republic of); Lim, Ki Seo [Myongji University, Yongin (Korea, Republic of)

    2016-05-15

    It is a national priority to prevent radiological threats including radiological terrorism and smuggling nuclear material and devices. For this purpose, many governments and relevant organizations have been exploiting radiation detection technology. Especially, radiation portal monitor (RPM) is a widely used type of radiation detectors when it comes to homeland security and commonly deployed at strategic sites like airports and ports. In the most cases, they could be divided into two types of primary screening and secondary screening. In the latter case, hand-held detectors are mainly used for a closer inspection. On the other hand, RPMs for the primary screening, our concern, are stationary mounted type and comprise gamma-ray detector and neutron detector in many cases. The expected performance of the design of a RSP(Radiation Sensor Panel) has been demonstrated. According to the results of the simulation, three RSPs should be needed to meet the criterion mentioned in subsection 2.1. The design still can be validated when taking into account that the geometrical acceptance will be increased since it has been planned that the RPM is going to installed with four RSPs.

  9. Urban groundwater quality in sub-Saharan Africa: current status and implications for water security and public health

    Science.gov (United States)

    Lapworth, D. J.; Nkhuwa, D. C. W.; Okotto-Okotto, J.; Pedley, S.; Stuart, M. E.; Tijani, M. N.; Wright, J.

    2017-06-01

    Groundwater resources are important sources of drinking water in Africa, and they are hugely important in sustaining urban livelihoods and supporting a diverse range of commercial and agricultural activities. Groundwater has an important role in improving health in sub-Saharan Africa (SSA). An estimated 250 million people (40% of the total) live in urban centres across SSA. SSA has experienced a rapid expansion in urban populations since the 1950s, with increased population densities as well as expanding geographical coverage. Estimates suggest that the urban population in SSA will double between 2000 and 2030. The quality status of shallow urban groundwater resources is often very poor due to inadequate waste management and source protection, and poses a significant health risk to users, while deeper borehole sources often provide an important source of good quality drinking water. Given the growth in future demand from this finite resource, as well as potential changes in future climate in this region, a detailed understanding of both water quantity and quality is required to use this resource sustainably. This paper provides a comprehensive assessment of the water quality status, both microbial and chemical, of urban groundwater in SSA across a range of hydrogeological terrains and different groundwater point types. Lower storage basement terrains, which underlie a significant proportion of urban centres in SSA, are particularly vulnerable to contamination. The relationship between mean nitrate concentration and intrinsic aquifer pollution risk is assessed for urban centres across SSA. Current knowledge gaps are identified and future research needs highlighted.

  10. Alternative security

    International Nuclear Information System (INIS)

    Weston, B.H.

    1990-01-01

    This book contains the following chapters: The Military and Alternative Security: New Missions for Stable Conventional Security; Technology and Alternative Security: A Cherished Myth Expires; Law and Alternative Security: Toward a Just World Peace; Politics and Alternative Security: Toward a More Democratic, Therefore More Peaceful, World; Economics and Alternative Security: Toward a Peacekeeping International Economy; Psychology and Alternative Security: Needs, Perceptions, and Misperceptions; Religion and Alternative Security: A Prophetic Vision; and Toward Post-Nuclear Global Security: An Overview

  11. Homeland Security

    Science.gov (United States)

    Provides an overview of EPA's homeland security roles and responsibilities, and links to specific homeland security issues: water security, research, emergency response, recovery, and waste management.

  12. Cloud security mechanisms

    OpenAIRE

    2014-01-01

    Cloud computing has brought great benefits in cost and flexibility for provisioning services. The greatest challenge of cloud computing remains however the question of security. The current standard tools in access control mechanisms and cryptography can only partly solve the security challenges of cloud infrastructures. In the recent years of research in security and cryptography, novel mechanisms, protocols and algorithms have emerged that offer new ways to create secure services atop cloud...

  13. Mobile platform security

    CERN Document Server

    Asokan, N; Dmitrienko, Alexandra

    2013-01-01

    Recently, mobile security has garnered considerable interest in both the research community and industry due to the popularity of smartphones. The current smartphone platforms are open systems that allow application development, also for malicious parties. To protect the mobile device, its user, and other mobile ecosystem stakeholders such as network operators, application execution is controlled by a platform security architecture. This book explores how such mobile platform security architectures work. We present a generic model for mobile platform security architectures: the model illustrat

  14. Three common faults in current practice that influence the validity of data obtained from electronic air pollution instrumentation.

    Science.gov (United States)

    Dowd, G; Thomas, R S; Monkman, J L

    1975-01-01

    Instrumental development is now entering a more logical era, where the former artistic character of electronics is being replaced by cold technology. Because of this, one should be expect more reliability; however, there still exist many weak links in practical application. Digital readout systems and computer processing induce a false sense of security. In reality, it is the sample-measurement relationship that determines an instrument's credibility and not the number of digits on its meter. In describing three faulty practices that greatly influence an instrument's performance, it is hoped that measurement may be more closely related to the sample!

  15. Three common faults in current practice that influence the validity of data obtained from electronic air pollution instrumentation

    Energy Technology Data Exchange (ETDEWEB)

    Dowd, G; Thomas, R S; Monkman, J L

    1975-01-01

    Instrumental development is now entering a more logical era, where the former artistic character of electronics is being replaced by cold technology. Because of this, one should expect more reliability; however, there still exist many weak links in practical application. Digital readout systems and computer processing induce a false sense of security. In reality, it is the sample-measurement relationship that determines an instrument's credibility and not the number of digits on its meter. In describing three faulty practices that greatly influence an instrument's performance, it is hoped that measurement may be more closely related to the sample.

  16. External validity of sentiment mining reports: Can current methods identify demographic biases, event biases, and manipulation of reviews?

    NARCIS (Netherlands)

    Wijnhoven, Alphonsus B.J.M.; Bloemen, Oscar

    2014-01-01

    Many publications in sentiment mining provide new techniques for improved accuracy in extracting features and corresponding sentiments in texts. For the external validity of these sentiment reports, i.e., the applicability of the results to target audiences, it is important to well analyze data of

  17. Concurrent Validity and Feasibility of Short Tests Currently Used to Measure Early Childhood Development in Large Scale Studies.

    Directory of Open Access Journals (Sweden)

    Marta Rubio-Codina

    Full Text Available In low- and middle-income countries (LIMCs, measuring early childhood development (ECD with standard tests in large scale surveys and evaluations of interventions is difficult and expensive. Multi-dimensional screeners and single-domain tests ('short tests' are frequently used as alternatives. However, their validity in these circumstances is unknown. We examined the feasibility, reliability, and concurrent validity of three multi-dimensional screeners (Ages and Stages Questionnaires (ASQ-3, Denver Developmental Screening Test (Denver-II, Battelle Developmental Inventory screener (BDI-2 and two single-domain tests (MacArthur-Bates Short-Forms (SFI and SFII, WHO Motor Milestones (WHO-Motor in 1,311 children 6-42 months in Bogota, Colombia. The scores were compared with those on the Bayley Scales of Infant and Toddler Development (Bayley-III, taken as the 'gold standard'. The Bayley-III was given at a center by psychologists; whereas the short tests were administered in the home by interviewers, as in a survey setting. Findings indicated good internal validity of all short tests except the ASQ-3. The BDI-2 took long to administer and was expensive, while the single-domain tests were quickest and cheapest and the Denver-II and ASQ-3 were intermediate. Concurrent validity of the multi-dimensional tests' cognitive, language, and fine motor scales with the corresponding Bayley-III scale was low below 19 months. However, it increased with age, becoming moderate-to-high over 30 months. In contrast, gross motor scales' concurrence was high under 19 months and then decreased. Of the single-domain tests, the WHO-Motor had high validity with gross motor under 16 months, and the SFI and SFII expressive scales showed moderate correlations with language under 30 months. Overall, the Denver-II was the most feasible and valid multi-dimensional test and the ASQ-3 performed poorly under 31 months. By domain, gross motor development had the highest concurrence

  18. Upgrade of the Gas Flow Control System of the Resistive Current Leads of the LHC Inner Triplet Magnets: Simulation and Experimental Validation

    CERN Document Server

    Perin, A; Casas-Cubillos, J; Pezzetti, M

    2014-01-01

    The 600 A and 120 A circuits of the inner triplet magnets of the Large Hadron Collider are powered by resistive gas cooled current leads. The current solution for controlling the gas flow of these leads has shown severe operability limitations. In order to allow a more precise and more reliable control of the cooling gas flow, new flowmeters will be installed during the first long shutdown of the LHC. Because of the high level of radiation in the area next to the current leads, the flowmeters will be installed in shielded areas located up to 50 m away from the current leads. The control valves being located next to the current leads, this configuration leads to long piping between the valves and the flowmeters. In order to determine its dynamic behaviour, the proposed system was simulated with a numerical model and validated with experimental measurements performed on a dedicated test bench.

  19. Upgrade of the gas flow control system of the resistive current leads of the LHC inner triplet magnets: Simulation and experimental validation

    Energy Technology Data Exchange (ETDEWEB)

    Perin, A.; Casas-Cubillos, J.; Pezzetti, M. [CERN, CH-1211 Geneva 23 (Switzerland); Almeida, M. [Universidade Federal de Minas Gerais, 31270-901 Belo Horizonte (Brazil)

    2014-01-29

    The 600 A and 120 A circuits of the inner triplet magnets of the Large Hadron Collider are powered by resistive gas cooled current leads. The current solution for controlling the gas flow of these leads has shown severe operability limitations. In order to allow a more precise and more reliable control of the cooling gas flow, new flowmeters will be installed during the first long shutdown of the LHC. Because of the high level of radiation in the area next to the current leads, the flowmeters will be installed in shielded areas located up to 50 m away from the current leads. The control valves being located next to the current leads, this configuration leads to long piping between the valves and the flowmeters. In order to determine its dynamic behaviour, the proposed system was simulated with a numerical model and validated with experimental measurements performed on a dedicated test bench.

  20. The Utilisation of Pisang Island as a Platform to Support the Current Safety and Security Needs of Marine Navigation in the Straits of Malacca

    Directory of Open Access Journals (Sweden)

    Ahmad Faizal Ahmad Fuad

    2017-06-01

    Full Text Available Current marine navigational practice relies less on long-range visual marine signals such as lighthouses for reference purposes. This is due to the availability of Global Navigation Satellite Systems (GNSS, which are integrated with other navigational aids on ships. Therefore, the objective of this study is to review the function of Pisang Island lighthouse and to propose the most relevant use of Pisang Island for current navigational needs. The function of the lighthouse was reviewed according to the IALA Navigational Guide and the AIS data image. The result showed that the most suitable navigational use of the lighthouse is to act as a reference for Line of Position (LOP. The AIS data image indicated that mariners are not using Pisang Island lighthouse for LOP. The trend in the Straits of Malacca (SoM was compared with the trend in the Straits of Dover, UK. The selected experts verified that LOP was not practised there. As a specific example, a tanker ship route in the South China Sea was used to further support that LOP was not practised. This evidence supported the view that Pisang Island lighthouse is less relevant for current navigational practice and does not directly support the coastal state VTS operation and the establishment of the marine electronic highway. Furthermore, the existing shore-based VTS radar has limitations on range and the detection of targets near Pisang Island. Therefore, this study proposes the establishment of a new radar station on Pisang Island at the existing site of the lighthouse. The proposed new radar station on Pisang Island will add to the existing coverage of the VTS radar, bridging the coverage gaps to overcome the weakness of the existing shore-based radar and improve the safety and security of marine navigation in the SoM.

  1. Securing collaborative environments

    Energy Technology Data Exchange (ETDEWEB)

    Agarwal, Deborah [Lawrence Berkeley National Lab. (LBNL), Berkeley, CA (United States); Jackson, Keith [Lawrence Berkeley National Lab. (LBNL), Berkeley, CA (United States); Thompson, Mary [Lawrence Berkeley National Lab. (LBNL), Berkeley, CA (United States)

    2002-05-16

    The diverse set of organizations and software components involved in a typical collaboratory make providing a seamless security solution difficult. In addition, the users need support for a broad range of frequency and locations for access to the collaboratory. A collaboratory security solution needs to be robust enough to ensure that valid participants are not denied access because of its failure. There are many tools that can be applied to the task of securing collaborative environments and these include public key infrastructure, secure sockets layer, Kerberos, virtual and real private networks, grid security infrastructure, and username/password. A combination of these mechanisms can provide effective secure collaboration capabilities. In this paper, we discuss the requirements of typical collaboratories and some proposals for applying various security mechanisms to collaborative environments.

  2. Safeguards and security deficiencies fulfilled through technology development

    International Nuclear Information System (INIS)

    Smoot, W.

    1996-01-01

    The Office of Safeguards and Security (OSS) sponsors research and development activities based on identified field and headquarters customer requirements. Annually, a formal solicitation of safeguards and security user needs is conducted. Currently, there are over 300 valid safeguards and security deficiencies that have been identified. These user needs serve as the basis for formulating the OSS Technology Development Program (TDP). Due to budget constraints, the TDP can only address approximately 47% of these needs in FY 1996. This paper will discuss, in a general sense, the current deficiencies and how the TDP is responding to each. Specifically, the paper will highlight technologies in the areas of Material Control and Accounting, Physical Security, and Information Security. A brief discussion of unfulfilled user requirements will also be presented as a catalyst for leveraging available or developing technologies from other similar programs or from private industry

  3. Security Dilemma

    DEFF Research Database (Denmark)

    Wivel, Anders

    2011-01-01

    What is a security dilemma? What are the consequences of security dilemmas in international politics?......What is a security dilemma? What are the consequences of security dilemmas in international politics?...

  4. Validation of a current definition of early allograft dysfunction in liver transplant recipients and analysis of risk factors.

    Science.gov (United States)

    Olthoff, Kim M; Kulik, Laura; Samstein, Benjamin; Kaminski, Mary; Abecassis, Michael; Emond, Jean; Shaked, Abraham; Christie, Jason D

    2010-08-01

    Translational studies in liver transplantation often require an endpoint of graft function or dysfunction beyond graft loss. Prior definitions of early allograft dysfunction (EAD) vary, and none have been validated in a large multicenter population in the Model for End-Stage Liver Disease (MELD) era. We examined an updated definition of EAD to validate previously used criteria, and correlated this definition with graft and patient outcome. We performed a cohort study of 300 deceased donor liver transplants at 3 U.S. programs. EAD was defined as the presence of one or more of the following previously defined postoperative laboratory analyses reflective of liver injury and function: bilirubin >or=10mg/dL on day 7, international normalized ratio >or=1.6 on day 7, and alanine or aspartate aminotransferases >2000 IU/L within the first 7 days. To assess predictive validity, the EAD definition was tested for association with graft and patient survival. Risk factors for EAD were assessed using multivariable logistic regression. Overall incidence of EAD was 23.2%. Most grafts met the definition with increased bilirubin at day 7 or high levels of aminotransferases. Of recipients meeting the EAD definition, 18.8% died, as opposed to 1.8% of recipients without EAD (relative risk = 10.7 [95% confidence interval: 3.6, 31.9] P definition of EAD using objective posttransplant criteria identified a 23% incidence, and was highly associated with graft loss and patient mortality, validating previously published criteria. This definition can be used as an endpoint in translational studies aiming to identify mechanistic pathways leading to a subgroup of liver grafts with clinical expression of suboptimal function. (c) 2010 AASLD.

  5. Estimating patient dose from CT exams that use automatic exposure control: Development and validation of methods to accurately estimate tube current values.

    Science.gov (United States)

    McMillan, Kyle; Bostani, Maryam; Cagnon, Christopher H; Yu, Lifeng; Leng, Shuai; McCollough, Cynthia H; McNitt-Gray, Michael F

    2017-08-01

    The vast majority of body CT exams are performed with automatic exposure control (AEC), which adapts the mean tube current to the patient size and modulates the tube current either angularly, longitudinally or both. However, most radiation dose estimation tools are based on fixed tube current scans. Accurate estimates of patient dose from AEC scans require knowledge of the tube current values, which is usually unavailable. The purpose of this work was to develop and validate methods to accurately estimate the tube current values prescribed by one manufacturer's AEC system to enable accurate estimates of patient dose. Methods were developed that took into account available patient attenuation information, user selected image quality reference parameters and x-ray system limits to estimate tube current values for patient scans. Methods consistent with AAPM Report 220 were developed that used patient attenuation data that were: (a) supplied by the manufacturer in the CT localizer radiograph and (b) based on a simulated CT localizer radiograph derived from image data. For comparison, actual tube current values were extracted from the projection data of each patient. Validation of each approach was based on data collected from 40 pediatric and adult patients who received clinically indicated chest (n = 20) and abdomen/pelvis (n = 20) scans on a 64 slice multidetector row CT (Sensation 64, Siemens Healthcare, Forchheim, Germany). For each patient dataset, the following were collected with Institutional Review Board (IRB) approval: (a) projection data containing actual tube current values at each projection view, (b) CT localizer radiograph (topogram) and (c) reconstructed image data. Tube current values were estimated based on the actual topogram (actual-topo) as well as the simulated topogram based on image data (sim-topo). Each of these was compared to the actual tube current values from the patient scan. In addition, to assess the accuracy of each method in estimating

  6. Global Cropland Area Database (GCAD) derived from Remote Sensing in Support of Food Security in the Twenty-first Century: Current Achievements and Future Possibilities

    Science.gov (United States)

    Teluguntla, Pardhasaradhi G.; Thenkabail, Prasad S.; Xiong, Jun N.; Gumma, Murali Krishna; Giri, Chandra; Milesi, Cristina; Ozdogan, Mutlu; Congalton, Russ; Tilton, James; Sankey, Temuulen Tsagaan; Massey, Richard; Phalke, Aparna; Yadav, Kamini

    2015-01-01

    The precise estimation of the global agricultural cropland- extents, areas, geographic locations, crop types, cropping intensities, and their watering methods (irrigated or rainfed; type of irrigation) provides a critical scientific basis for the development of water and food security policies (Thenkabail et al., 2012, 2011, 2010). By year 2100, the global human population is expected to grow to 10.4 billion under median fertility variants or higher under constant or higher fertility variants (Table 1) with over three quarters living in developing countries, in regions that already lack the capacity to produce enough food. With current agricultural practices, the increased demand for food and nutrition would require in about 2 billion hectares of additional cropland, about twice the equivalent to the land area of the United States, and lead to significant increases in greenhouse gas productions (Tillman et al., 2011). For example, during 1960-2010 world population more than doubled from 3 billion to 7 billion. The nutritional demand of the population also grew swiftly during this period from an average of about 2000 calories per day per person in 1960 to nearly 3000 calories per day per person in 2010. The food demand of increased population along with increased nutritional demand during this period (1960-2010) was met by the “green revolution” which more than tripled the food production; even though croplands decreased from about 0.43 ha/capita to 0.26 ha/capita (FAO, 2009). The increase in food production during the green revolution was the result of factors such as: (a) expansion in irrigated areas which increased from 130 Mha in 1960s to 278.4 Mha in year 2000 (Siebert et al., 2006) or 399 Mha when you do not consider cropping intensity (Thenkabail et al., 2009a, 2009b, 2009c) or 467 Mha when you consider cropping intensity (Thenkabail et al., 2009a; Thenkabail et al., 2009c); (b) increase in yield and per capita food production (e.g., cereal production

  7. Do Current Recommendations for Upper Instrumented Vertebra Predict Shoulder Imbalance? An Attempted Validation of Level Selection for Adolescent Idiopathic Scoliosis.

    Science.gov (United States)

    Bjerke, Benjamin T; Cheung, Zoe B; Shifflett, Grant D; Iyer, Sravisht; Derman, Peter B; Cunningham, Matthew E

    2015-10-01

    Shoulder balance for adolescent idiopathic scoliosis (AIS) patients is associated with patient satisfaction and self-image. However, few validated systems exist for selecting the upper instrumented vertebra (UIV) post-surgical shoulder balance. The purpose is to examine the existing UIV selection criteria and correlate with post-surgical shoulder balance in AIS patients. Patients who underwent spinal fusion at age 10-18 years for AIS over a 6-year period were reviewed. All patients with a minimum of 1-year radiographic follow-up were included. Imbalance was determined to be radiographic shoulder height |RSH| ≥ 15 mm at latest follow-up. Three UIV selection methods were considered: Lenke, Ilharreborde, and Trobisch. A recommended UIV was determined using each method from pre-surgical radiographs. The recommended UIV for each method was compared to the actual UIV instrumented for all three methods; concordance between these levels was defined as "Correct" UIV selection, and discordance was defined as "Incorrect" selection. One hundred seventy-one patients were included with 2.3 ± 1.1 year follow-up. For all methods, "Correct" UIV selection resulted in more shoulder imbalance than "Incorrect" UIV selection. Overall shoulder imbalance incidence was improved from 31.0% (53/171) to 15.2% (26/171). New shoulder imbalance incidence for patients with previously level shoulders was 8.8%. We could not identify a set of UIV selection criteria that accurately predicted post-surgical shoulder balance. Further validated measures are needed in this area. The complexity of proximal thoracic curve correction is underscored in a case example, where shoulder imbalance occurred despite "Correct" UIV selection by all methods.

  8. Security Evolution.

    Science.gov (United States)

    De Patta, Joe

    2003-01-01

    Examines how to evaluate school security, begin making schools safe, secure schools without turning them into fortresses, and secure schools easily and affordably; the evolution of security systems into information technology systems; using schools' high-speed network lines; how one specific security system was developed; pros and cons of the…

  9. Security research roadmap; Security-tutkimuksen roadmap

    Energy Technology Data Exchange (ETDEWEB)

    Naumanen, M.; Rouhiainen, V. (eds.)

    2006-02-15

    Requirements for increasing security have arisen in Europe after highly visible and tragic events in Madrid and in London. While responsibility for security rests largely with the national activities, the EU has also started planning a research area .Space and security. as a part of the 7th Framework Programme. As the justification for this research area it has been presented that technology alone can not assure security, but security can not be assured without the support of technology. Furthermore, the justification highlights that security and military research are becoming ever closer. The old separation between civil and military research is decreasing, because it has been noticed that both areas are nowadays utilising the same knowledge. In Finland, there is already now noteworthy entrepreneurship related to security. Although some of the companies are currently only operating in Finland, others are already international leaders in their area. The importance of the security area is increasing and remarkable potential for new growth business areas can already be identified. This however also requires an increase in research efforts. VTT has a broad range of security research ongoing in many technology areas. The main areas have been concentrating on public safety and security, but VTT is participating also in several research projects related to the defence technology. For identifying and defining in more detail the expertise and research goals, the Security research roadmap was developed. The roadmap identified three particularly significant areas related to security. The assurance of critical infrastructure emphasises the protection of energy networks, information networks, water supply, traffic and transport, and obviously also the citizens. For assuring the activities of entrepreneurship, significant areas include the security of production and services, the security of sites and assets, and information security for embedded systems. The most important

  10. Model-based security testing

    OpenAIRE

    Schieferdecker, Ina; Großmann, Jürgen; Schneider, Martin

    2012-01-01

    Security testing aims at validating software system requirements related to security properties like confidentiality, integrity, authentication, authorization, availability, and non-repudiation. Although security testing techniques are available for many years, there has been little approaches that allow for specification of test cases at a higher level of abstraction, for enabling guidance on test identification and specification as well as for automated test generation. Model-based security...

  11. SecurID

    CERN Multimedia

    Now called RSA SecurID, SecurID is a mechanism developed by Security Dynamics that allows two-factor authentication for a user on a network resource. It works on the principle of the unique password mode, based on a shared secret. Every sixty seconds, the component generates a new six-digit token on the screen. The latter comes from the current time (internal clock) and the seed (SecurID private key that is available on the component, and is also from the SecurID server). During an authentication request, the SecurID server will check the entered token by performing exactly the same calculation as that performed by your component. The server knows the two information required for this calculation: the current time and the seed of your component. Access is allowed if the token calculated by the server matches the token you specified.

  12. Transforming Security Screening With Biometrics

    National Research Council Canada - National Science Library

    Hearnsberger, Brian J

    2003-01-01

    ... and identity theft to dramatically improve physical security. Today, biometric technology could be implemented to transform physical security by enhancing screening procedures currently in use at U.S...

  13. Deterministic secure communication protocol without using entanglement

    OpenAIRE

    Cai, Qing-yu

    2003-01-01

    We show a deterministic secure direct communication protocol using single qubit in mixed state. The security of this protocol is based on the security proof of BB84 protocol. It can be realized with current technologies.

  14. Development and Preliminary Validation of a Comprehensive Questionnaire to Assess Women’s Knowledge and Perception of the Current Weight Gain Guidelines during Pregnancy

    Directory of Open Access Journals (Sweden)

    Holly Ockenden

    2016-11-01

    Full Text Available The aim of this study was to develop and validate an electronic questionnaire, the Electronic Maternal Health Survey (EMat Health Survey, related to women’s knowledge and perceptions of the current gestational weight gain guidelines (GWG, as well as pregnancy-related health behaviours. Constructs addressed within the questionnaire include self-efficacy, locus of control, perceived barriers, and facilitators of physical activity and diet, outcome expectations, social environment and health practices. Content validity was examined using an expert panel (n = 7 and pilot testing items in a small sample (n = 5 of pregnant women and recent mothers (target population. Test re-test reliability was assessed among a sample (n = 71 of the target population. Reliability scores were calculated for all constructs (r and intra-class correlation coefficients (ICC, those with a score of >0.5 were considered acceptable. The content validity of the questionnaire reflects the degree to which all relevant components of excessive GWG risk in women are included. Strong test-retest reliability was found in the current study, indicating that responses to the questionnaire were reliable in this population. The EMat Health Survey adds to the growing body of literature on maternal health and gestational weight gain by providing the first comprehensive questionnaire that can be self-administered and remotely accessed. The questionnaire can be completed in 15–25 min and collects useful data on various social determinants of health and GWG as well as associated health behaviours. This online tool may assist researchers by providing them with a platform to collect useful information in developing and tailoring interventions to better support women in achieving recommended weight gain targets in pregnancy.

  15. Financial security

    NARCIS (Netherlands)

    de Goede, M.; Burgess, J.P.

    2010-01-01

    1. Introduction J. Peter Burgess Part 1: New Security Concepts 2. Civilizational Security Brett Bowden 3. Risk Oliver Kessler 4. Small Arms Keith Krause 5. Critical Human Security Taylor Owen 6. Critical Geopolitics Simon Dalby Part 2: New Security Subjects 7. Biopolitics Michael Dillon 8. Gendered

  16. Cyber security

    CERN Document Server

    Voeller, John G

    2014-01-01

    Cyber Security features articles from the Wiley Handbook of Science and Technology for Homeland Security covering topics related to cyber security metrics and measure  and related technologies that meet security needs. Specific applications to web services, the banking and the finance sector, and industrial process control systems are discussed.

  17. FACTAR validation

    International Nuclear Information System (INIS)

    Middleton, P.B.; Wadsworth, S.L.; Rock, R.C.; Sills, H.E.; Langman, V.J.

    1995-01-01

    A detailed strategy to validate fuel channel thermal mechanical behaviour codes for use of current power reactor safety analysis is presented. The strategy is derived from a validation process that has been recently adopted industry wide. Focus of the discussion is on the validation plan for a code, FACTAR, for application in assessing fuel channel integrity safety concerns during a large break loss of coolant accident (LOCA). (author)

  18. Security negotiation

    OpenAIRE

    Mitrović, Miroslav M.; Ivaniš, Željko

    2013-01-01

    Contemporary security challenges, risks and threats represent a resultant of the achieved level of interaction between various entities within the paradigm of global security relations. Asymmetry and nonlinearity are main features of contemporary challenges in the field of global security. Negotiation in the area of security, namely the security negotiation, thus goes beyond just the domain of negotiation in conflicts and takes into consideration particularly asymmetric forms of possible sour...

  19. Materialism and food security.

    Science.gov (United States)

    Allen, M W; Wilson, M

    2005-12-01

    The present studies examined if materialists have an elevated concern about food availability, presumably stemming from a general survival security motivation. Study 1 found that materialists set a greater life goal of food security, and reported more food insecurity during their childhood. Materialists reported less present-day food insecurity. Study 2 revealed that materialists stored/hoarded more food at home, and that obese persons endorsed materialism more than low/normal weight persons. Study 3 found that experimentally decreasing participants' feelings of survival security (via a mortality salience manipulation) led to greater endorsement of materialism, food security as goal, and using food for emotional comfort. The results imply that materialists overcame the food insecurity of their childhood by making food security a top life goal, but that materialists' current concerns about food security may not wholly stem from genuine threats to their food supply.

  20. While working around security

    DEFF Research Database (Denmark)

    Mathiasen, Niels Raabjerg; Bødker, Susanne; Petersen, Marianne Graves

    This paper describes our work at two levels. First of all the paper discusses how users of IT deal with issues of IT security in their everyday life. Secondly, we discuss how the kind of understanding of IT security that comes out of careful analyses of use confronts the ways in which usable...... IT security is established in the literature. Recent literature has called for better conceptual models as a starting point for improving IT security. In contrast to such models we propose to dress up designers by helping them better understand the work that goes into everyday security. The result...... is a methodological toolbox that helps address and design for usable and useful IT security. We deploy examples of analyses and design, carried out by ourselves and by others to fine-tune our design perspective; in particular we use examples from three current research projects....

  1. External validation of the DHAKA score and comparison with the current IMCI algorithm for the assessment of dehydration in children with diarrhoea: a prospective cohort study.

    Science.gov (United States)

    Levine, Adam C; Glavis-Bloom, Justin; Modi, Payal; Nasrin, Sabiha; Atika, Bita; Rege, Soham; Robertson, Sarah; Schmid, Christopher H; Alam, Nur H

    2016-10-01

    Dehydration due to diarrhoea is a leading cause of child death worldwide, yet no clinical tools for assessing dehydration have been validated in resource-limited settings. The Dehydration: Assessing Kids Accurately (DHAKA) score was derived for assessing dehydration in children with diarrhoea in a low-income country setting. In this study, we aimed to externally validate the DHAKA score in a new population of children and compare its accuracy and reliability to the current Integrated Management of Childhood Illness (IMCI) algorithm. DHAKA was a prospective cohort study done in children younger than 60 months presenting to the International Centre for Diarrhoeal Disease Research, Bangladesh, with acute diarrhoea (defined by WHO as three or more loose stools per day for less than 14 days). Local nurses assessed children and classified their dehydration status using both the DHAKA score and the IMCI algorithm. Serial weights were obtained and dehydration status was established by percentage weight change with rehydration. We did regression analyses to validate the DHAKA score and compared the accuracy and reliability of the DHAKA score and IMCI algorithm with receiver operator characteristic (ROC) curves and the weighted κ statistic. This study was registered with ClinicalTrials.gov, number NCT02007733. Between March 22, 2015, and May 15, 2015, 496 patients were included in our primary analyses. On the basis of our criterion standard, 242 (49%) of 496 children had no dehydration, 184 (37%) of 496 had some dehydration, and 70 (14%) of 496 had severe dehydration. In multivariable regression analyses, each 1-point increase in the DHAKA score predicted an increase of 0·6% in the percentage dehydration of the child and increased the odds of both some and severe dehydration by a factor of 1·4. Both the accuracy and reliability of the DHAKA score were significantly greater than those of the IMCI algorithm. The DHAKA score is the first clinical tool for assessing

  2. Security Vulnerability Profiles of NASA Mission Software: Empirical Analysis of Security Related Bug Reports

    Science.gov (United States)

    Goseva-Popstojanova, Katerina; Tyo, Jacob P.; Sizemore, Brian

    2017-01-01

    NASA develops, runs, and maintains software systems for which security is of vital importance. Therefore, it is becoming an imperative to develop secure systems and extend the current software assurance capabilities to cover information assurance and cybersecurity concerns of NASA missions. The results presented in this report are based on the information provided in the issue tracking systems of one ground mission and one flight mission. The extracted data were used to create three datasets: Ground mission IVV issues, Flight mission IVV issues, and Flight mission Developers issues. In each dataset, we identified the software bugs that are security related and classified them in specific security classes. This information was then used to create the security vulnerability profiles (i.e., to determine how, why, where, and when the security vulnerabilities were introduced) and explore the existence of common trends. The main findings of our work include:- Code related security issues dominated both the Ground and Flight mission IVV security issues, with 95 and 92, respectively. Therefore, enforcing secure coding practices and verification and validation focused on coding errors would be cost effective ways to improve mission's security. (Flight mission Developers issues dataset did not contain data in the Issue Category.)- In both the Ground and Flight mission IVV issues datasets, the majority of security issues (i.e., 91 and 85, respectively) were introduced in the Implementation phase. In most cases, the phase in which the issues were found was the same as the phase in which they were introduced. The most security related issues of the Flight mission Developers issues dataset were found during Code Implementation, Build Integration, and Build Verification; the data on the phase in which these issues were introduced were not available for this dataset.- The location of security related issues, as the location of software issues in general, followed the Pareto

  3. Security Expertise

    DEFF Research Database (Denmark)

    systematic study of security expertise and opens up a productive dialogue between science and technology studies and security studies to investigate the character and consequences of this expertise. In security theory, the study of expertise is crucial to understanding whose knowledge informs security making......This volume brings together scholars from different fields to explore the power, consequences and everyday practices of security expertise. Expertise mediates between different forms of knowledge: scientific and technological, legal, economic and political knowledge. This book offers the first...... and to reflect on the impact and responsibility of security analysis. In science and technology studies, the study of security politics adds a challenging new case to the agenda of research on expertise and policy. The contributors investigate cases such as academic security studies, security think tanks...

  4. Enterprise security IT security solutions : concepts, practical experiences, technologies

    CERN Document Server

    Fumy, Walter

    2013-01-01

    Addressing IT managers and staff, as well as CIOs and other executives dealing with corporate IT security, this book provides a broad knowledge on the major security issues affecting today's corporations and organizations, and presents state-of-the-art concepts and current trends for securing an enterprise.Areas covered include information security management, network and system security, identity and access management (IAM), authentication (including smart card based solutions and biometrics), and security certification. In-depth discussion of relevant technologies and standards (including cr

  5. Current and Projected National Security Threats to the United States. Hearing before the Select Committee on Intelligence of the United States Senate, One Hundred Eleventh Congress, Second Session

    Science.gov (United States)

    2010-02-02

    trainers see the tribal areas of Paki- stan as less secure and this had led al-Qa’ida to franchise into re- gional components in places such as North...and is still subject to sudden reversal or gradual erosion. The daunting array of challenges fac- ing African nations makes it highly likely in the... closure of Guantanamo and the transfer of detainees abroad. Now, the second paragraph of the letter states the following, ‘‘The professional

  6. A combined QC methodology in Ebro Delta HF radar system: real time web monitoring of diagnostic parameters and offline validation of current data

    Science.gov (United States)

    Lorente, Pablo; Piedracoba, Silvia; Soto-Navarro, Javier; Ruiz, Maria Isabel; Alvarez Fanjul, Enrique

    2015-04-01

    Over recent years, special attention has been focused on the development of protocols for near real-time quality control (QC) of HF radar derived current measurements. However, no agreement has been worldwide achieved to date to establish a standardized QC methodology, although a number of valuable international initiatives have been launched. In this context, Puertos del Estado (PdE) aims to implement a fully operational HF radar network with four different Codar SeaSonde HF radar systems by means of: - The development of a best-practices robust protocol for data processing and QC procedures to routinely monitor sites performance under a wide variety of ocean conditions. - The execution of validation works with in-situ observations to assess the accuracy of HF radar-derived current measurements. The main goal of the present work is to show this combined methodology for the specific case of Ebro HF radar (although easily expandable to the rest of PdE radar systems), deployed to manage Ebro River deltaic area and promote the conservation of an important aquatic ecosystem exposed to a severe erosion and reshape. To this aim, a web interface has been developed to efficiently monitor in real time the evolution of several diagnostic parameters provided by the manufacturer (CODAR) and used as indicators of HF radar system health. This web, updated automatically every hour, examines sites performance on different time basis in terms of: - Hardware parameters: power and temperature. - Radial parameters, among others: Signal-to-Noise Ratio (SNR), number of radial vectors provided by time step, maximum radial range and bearing. - Total uncertainty metrics provided by CODAR: zonal and meridional standard deviations and covariance between both components. - Additionally, a widget embedded in the web interface executes queries against PdE database, providing the chance to compare current time series observed by Tarragona buoy (located within Ebro HF radar spatial domain) and

  7. The relative validity of a retrospective estimate of food consumption based on a current dietary history and a food frequency list.

    Science.gov (United States)

    Bakkum, A; Bloemberg, B; van Staveren, W A; Verschuren, M; West, C E

    1988-01-01

    The relative validity of information and food consumption in the distant past was assessed by combining a dietary history (referring to the recent past) with a food frequency list (monitoring major changes over the past 12-14 years). This approach was evaluated in a study of two groups of apparently healthy elderly people (mean age 80 years) who had participated in a food consumption study 12-14 years before the start of the present study. One group consisted of 18 harbor employees who retired subsequent to the initial assessment of food intake. On the average, each member of this group had reduced his food consumption by about 1,000 kcal. The other group consisted of 46 elderly men and women who had retired before their food consumption was measured initially. This group had not markedly changed their food intake. The results showed that both groups overestimated changes in their food intake and that the systematic overestimation and random error were similar for both groups. If the men in both groups were combined to form one group, a valid ranking of subjects in small and large consumers of energy and most of the selected nutrients was possible. However, current food intake influenced the accuracy of the measurement of past food intake.

  8. Summary Report on Unconditionally Secure Protocols

    DEFF Research Database (Denmark)

    Damgård, Ivan Bjerre; Salvail, Louis; Cachin, Christian

    This document describes the state of the art snd some of the main open problems in the area of unconditionally secure cryptographic protocols. The most essential part of a cryptographic protocol is not its being secure. Imagine a cryptographic protocol which is secure, but where we do not know...... that it is secure. Such a protocol would do little in providing security. When all comes to all, cryptographic security is done for the sake of people, and the essential part of security is for people what it has always been, namely to feel secure. To feel secure employing a given cryptographic protocol we need...... to know that is is secure. I.e. we need a proof that it is secure. Today the proof of security of essentially all practically employed cryptographic protocols relies on computational assumptions. To prove that currently employed ways to communicate securely over the Internet are secure we e.g. need...

  9. The Informatics Security Cost of Distributed Applications

    Directory of Open Access Journals (Sweden)

    Ion IVAN

    2010-01-01

    Full Text Available The objective, necessity, means and estimated efficiency of information security cost modeling are presented. The security requirements of distributed informatics applications are determined. Aspects regarding design, development and implementation are established. Influence factors for informatics security are presented and their correlation is analyzed. The costs associated to security processes are studied. Optimal criteria for informatics security are established. The security cost of the informatics application for validating organizational identifiers is determined using theoretical assumptions made for cost models. The conclusions highlight the validity of research results and offer perspectives for future research.

  10. Validity of assessing people experiencing mental illness who have offended using the Camberwell Assessment of Need-Forensic and Health of the Nation Outcome Scales-Secure.

    Science.gov (United States)

    Abou-Sinna, Rana; Luebbers, Stefan

    2012-10-01

    Evidence-based practices for forensic mental health services have been slow to develop, and there is a lack of measures that assess the mental health and criminogenic needs of people experiencing mental illness who have offended. The present study aimed to investigate the interrelationship between a clinician-rated forensic mental health needs assessment (Health of the Nation Outcomes Scales-Secure (HoNOS-S)), a forensic mental health needs assessment that considers both clinician and patient perspectives (Camberwell Assessment of Need-Forensic (CANFOR)), and measures of general and violent recidivism (Level Service-Case Management Inventory (LS-CMI) and HCR-20 Violence Risk Assessment Scheme (HCR-20)). Needs were assessed for 72 forensic patients aged between 20 and 62 years of age, located in a secure forensic mental health facility. The findings revealed significant positive correlations between the HoNOS-S, CANFOR, and HCR-20. Only the CANFOR was positively correlated with the LS-CMI, and uniquely contributed variance to the HCR-20. Patients and nurses differed in the total number of needs and met needs they identified as present. The findings suggest that the collaborative approach of the CANFOR might be more appropriate for measuring outcomes in the treatment of individuals experiencing mental illness who have offended. © 2012 The Authors. International Journal of Mental Health Nursing © 2012 Australian College of Mental Health Nurses Inc.

  11. Validation of a Monte Carlo model used for simulating tube current modulation in computed tomography over a wide range of phantom conditions/challenges

    Energy Technology Data Exchange (ETDEWEB)

    Bostani, Maryam, E-mail: mbostani@mednet.ucla.edu; McMillan, Kyle; Cagnon, Chris H.; McNitt-Gray, Michael F. [Departments of Biomedical Physics and Radiology, David Geffen School of Medicine, University of California, Los Angeles, Los Angeles, California 90024 (United States); DeMarco, John J. [Department of Radiation Oncology, University of California, Los Angeles, Los Angeles, California 90095 (United States)

    2014-11-01

    Purpose: Monte Carlo (MC) simulation methods have been widely used in patient dosimetry in computed tomography (CT), including estimating patient organ doses. However, most simulation methods have undergone a limited set of validations, often using homogeneous phantoms with simple geometries. As clinical scanning has become more complex and the use of tube current modulation (TCM) has become pervasive in the clinic, MC simulations should include these techniques in their methodologies and therefore should also be validated using a variety of phantoms with different shapes and material compositions to result in a variety of differently modulated tube current profiles. The purpose of this work is to perform the measurements and simulations to validate a Monte Carlo model under a variety of test conditions where fixed tube current (FTC) and TCM were used. Methods: A previously developed MC model for estimating dose from CT scans that models TCM, built using the platform of MCNPX, was used for CT dose quantification. In order to validate the suitability of this model to accurately simulate patient dose from FTC and TCM CT scan, measurements and simulations were compared over a wide range of conditions. Phantoms used for testing range from simple geometries with homogeneous composition (16 and 32 cm computed tomography dose index phantoms) to more complex phantoms including a rectangular homogeneous water equivalent phantom, an elliptical shaped phantom with three sections (where each section was a homogeneous, but different material), and a heterogeneous, complex geometry anthropomorphic phantom. Each phantom requires varying levels of x-, y- and z-modulation. Each phantom was scanned on a multidetector row CT (Sensation 64) scanner under the conditions of both FTC and TCM. Dose measurements were made at various surface and depth positions within each phantom. Simulations using each phantom were performed for FTC, detailed x–y–z TCM, and z-axis-only TCM to obtain

  12. Design of the national health security preparedness index.

    Science.gov (United States)

    Uzun Jacobson, Evin; Inglesby, Tom; Khan, Ali S; Rajotte, James C; Burhans, Robert L; Slemp, Catherine C; Links, Jonathan M

    2014-01-01

    The importance of health security in the United States has been highlighted by recent emergencies such as the H1N1 influenza pandemic, Superstorm Sandy, and the Boston Marathon bombing. The nation's health security remains a high priority today, with federal, state, territorial, tribal, and local governments, as well as nongovernment organizations and the private sector, engaging in activities that prevent, protect, mitigate, respond to, and recover from health threats. The Association of State and Territorial Health Officials (ASTHO), through a cooperative agreement with the Centers for Disease Control and Prevention (CDC) Office of Public Health Preparedness and Response (OPHPR), led an effort to create an annual measure of health security preparedness at the national level. The collaborative released the National Health Security Preparedness Index (NHSPI(™)) in December 2013 and provided composite results for the 50 states and for the nation as a whole. The Index results represent current levels of health security preparedness in a consistent format and provide actionable information to drive decision making for continuous improvement of the nation's health security. The overall 2013 National Index result was 7.2 on the reported base-10 scale, with areas of greater strength in the domains of health surveillance, incident and information management, and countermeasure management. The strength of the Index relies on the interdependencies of the many elements in health security preparedness, making the sum greater than its parts. Moving forward, additional health security-related disciplines and measures will be included alongside continued validation efforts.

  13. Watermarking security

    CERN Document Server

    Bas, Patrick; Cayre, François; Doërr, Gwenaël; Mathon, Benjamin

    2016-01-01

    This book explains how to measure the security of a watermarking scheme, how to design secure schemes but also how to attack popular watermarking schemes. This book gathers the most recent achievements in the field of watermarking security by considering both parts of this cat and mouse game. This book is useful to industrial practitioners who would like to increase the security of their watermarking applications and for academics to quickly master this fascinating domain.

  14. Security Information System Digital Simulation

    OpenAIRE

    Tao Kuang; Shanhong Zhu

    2015-01-01

    The study built a simulation model for the study of food security information system relay protection. MATLAB-based simulation technology can support the analysis and design of food security information systems. As an example, the food security information system fault simulation, zero-sequence current protection simulation and transformer differential protection simulation are presented in this study. The case studies show that the simulation of food security information system relay protect...

  15. Security Locks

    Science.gov (United States)

    Hart, Kevin

    2010-01-01

    According to a 2008 "Year in Review" report by Educational Security Incidents, an online repository that collects data on higher education security issues, the total number of security incidents reported at universities and colleges worldwide rose to 173 in 2008, a 24.5 percent increase over 2007. The number of institutions…

  16. Developing measures of food and nutrition security within an Australian context.

    Science.gov (United States)

    Archer, Claire; Gallegos, Danielle; McKechnie, Rebecca

    2017-10-01

    To develop a measure of food and nutrition security for use among an Australian population that measures all pillars of food security and to establish its content validity. The study consisted of two phases. Phase 1 involved focus groups with experts working in the area of food security. Data were assessed using content analysis and results informed the development of a draft tool. Phase 2 consisted of a series of three online surveys using the Delphi technique. Findings from each survey were used to establish content validity and progressively modify the tool until consensus was reached for all items. Australia. Phase 1 focus groups involved twenty-five experts working in the field of food security, who were attending the Dietitians Association of Australia National Conference, 2013. Phase 2 included twenty-five experts working in food security, who were recruited via email. Findings from Phase 1 supported the need for an Australian-specific tool and highlighted the failure of current tools to measure across all pillars of food security. Participants encouraged the inclusion of items to measure barriers to food acquisition and the previous single item to enable comparisons with previous data. Phase 2 findings informed the selection and modification of items for inclusion in the final tool. The results led to the development of a draft tool to measure food and nutrition security, and supported its content validity. Further research is needed to validate the tool among the Australian population and to establish inter- and intra-rater reliability.

  17. Development and validation of AccuTOF-DART™ as a screening method for analysis of bank security device and pepper spray components.

    Science.gov (United States)

    Pfaff, Allison M; Steiner, Robert R

    2011-03-20

    Analysis of bank security devices, containing 1-methylaminoanthraquinone (MAAQ) and o-chlorobenzylidenemalononitrile (CS), and pepper sprays, containing capsaicin, is a lengthy process with no specific screening technique to aid in identifying samples of interest. Direct Analysis in Real Time (DART™) ionization coupled with an Accurate Time of Flight (AccuTOF) mass detector is a fast, ambient ionization source that could significantly reduce time spent on these cases and increase the specificity of the screening process. A new method for screening clothing for bank dye and pepper spray, using AccuTOF-DART™ analysis, has been developed. Detection of MAAQ, CS, and capsaicin was achieved via extraction of each compound onto cardstock paper, which was then sampled in the AccuTOF-DART™. All results were verified using gas chromatography coupled with electron impact mass spectrometry. Copyright © 2010 Elsevier Ireland Ltd. All rights reserved.

  18. Validation of the Social Security Administration Life Tables (2004-2014) in Localized Prostate Cancer Patients within the Surveillance, Epidemiology, and End Results database.

    Science.gov (United States)

    Preisser, Felix; Bandini, Marco; Mazzone, Elio; Nazzani, Sebastiano; Marchioni, Michele; Tian, Zhe; Saad, Fred; Pompe, Raisa S; Shariat, Shahrokh F; Heinzer, Hans; Montorsi, Francesco; Huland, Hartwig; Graefen, Markus; Tilki, Derya; Karakiewicz, Pierre I

    2018-05-22

    Accurate life expectancy estimation is crucial in clinical decision-making including management and treatment of clinically localized prostate cancer (PCa). We hypothesized that Social Security Administration (SSA) life tables' derived survival estimates closely follow observed survival of PCa patients. To test this relationship, we examined 10-yr overall survival rates in patients with clinically localized PCa and compared it with survival estimates derived from the SSA life tables. Within the Surveillance, Epidemiology, and End Results database (2004), we identified patients aged >50-patients who did not die of disease or other causes. Monte Carlo method was used to define individual survival in years, according to the SSA life tables (2004-2014). Subsequently, SSA life tables' predicted survival was compared with observed survival rates in Kaplan-Meier analyses. Subgroup analyses were stratified according to treatment type and D'Amico risk classification. Overall, 39191 patients with localized PCa were identified. At 10-yr follow-up, the SSA life tables' predicted survival was 69.5% versus 73.1% according to the observed rate (ppatients. Conversely, the smallest differences were recorded for external beam radiotherapy (1.7%) and unknown treatment type (1.6%) patients. Overall, SSA life tables' predicted life expectancy closely approximate observed overall survival rates. However, SSA life tables' predicted rates underestimate by as much as 9.1% the survival in brachytherapy patients, as well as in D'Amico low-risk and radical prostatectomy patients. In these patient categories, an adjustment for the degree of underestimation might be required when counseling is provided in clinical practice. Social Security Administration (SSA) life tables' predicted life expectancy closely approximate observed overall survival rates. However, SSA life tables' predicted rates underestimate by as much as 9.1% the survival in brachytherapy patients, as well as in D'Amico low

  19. Fine-Grained Forward-Secure Signature Schemes without Random Oracles

    DEFF Research Database (Denmark)

    Camenisch, Jan; Koprowski, Maciej

    2006-01-01

    We propose the concept of fine-grained forward-secure signature schemes. Such signature schemes not only provide nonrepudiation w.r.t. past time periods the way ordinary forward-secure signature schemes do but, in addition, allow the signer to specify which signatures of the current time period...... remain valid when revoking the public key. This is an important advantage if the signer produces many signatures per time period as otherwise the signer would have to re-issue those signatures (and possibly re-negotiate the respective messages) with a new key.Apart from a formal model for fine......-grained forward-secure signature schemes, we present practical schemes and prove them secure under the strong RSA assumption only, i.e., we do not resort to the random oracle model to prove security. As a side-result, we provide an ordinary forward-secure scheme whose key-update time is significantly smaller than...

  20. Information Security Governance: When Compliance Becomes More Important than Security

    OpenAIRE

    Tan , Terence C. C.; Ruighaver , Anthonie B.; Ahmad , Atif

    2010-01-01

    International audience; Current security governance is often based on a centralized decision making model and still uses an ineffective 20th century risk management approach to security. This approach is relatively simple to manage since it needs almost no security governance below the top enterprise level where most decisions are made. However, while there is a role for more corporate governance, new regulations, and improved codes of best practice to address current weak organizational secu...

  1. Indirection and computer security.

    Energy Technology Data Exchange (ETDEWEB)

    Berg, Michael J.

    2011-09-01

    The discipline of computer science is built on indirection. David Wheeler famously said, 'All problems in computer science can be solved by another layer of indirection. But that usually will create another problem'. We propose that every computer security vulnerability is yet another problem created by the indirections in system designs and that focusing on the indirections involved is a better way to design, evaluate, and compare security solutions. We are not proposing that indirection be avoided when solving problems, but that understanding the relationships between indirections and vulnerabilities is key to securing computer systems. Using this perspective, we analyze common vulnerabilities that plague our computer systems, consider the effectiveness of currently available security solutions, and propose several new security solutions.

  2. International Nuclear Security

    Energy Technology Data Exchange (ETDEWEB)

    Doyle, James E. [Los Alamos National Laboratory

    2012-08-14

    This presentation discusses: (1) Definitions of international nuclear security; (2) What degree of security do we have now; (3) Limitations of a nuclear security strategy focused on national lock-downs of fissile materials and weapons; (4) What do current trends say about the future; and (5) How can nuclear security be strengthened? Nuclear security can be strengthened by: (1) More accurate baseline inventories; (2) Better physical protection, control and accounting; (3) Effective personnel reliability programs; (4) Minimize weapons-usable materials and consolidate to fewer locations; (5) Consider local threat environment when siting facilities; (6) Implement pledges made in the NSS process; and (7) More robust interdiction, emergency response and special operations capabilities. International cooperation is desirable, but not always possible.

  3. Privacy vs security

    CERN Document Server

    Stalla-Bourdillon, Sophie; Ryan, Mark D

    2014-01-01

    Securing privacy in the current environment is one of the great challenges of today's democracies. Privacy vs. Security explores the issues of privacy and security and their complicated interplay, from a legal and a technical point of view. Sophie Stalla-Bourdillon provides a thorough account of the legal underpinnings of the European approach to privacy and examines their implementation through privacy, data protection and data retention laws. Joshua Philips and Mark D. Ryan focus on the technological aspects of privacy, in particular, on today's attacks on privacy by the simple use of today'

  4. Secure quantum key distribution

    Science.gov (United States)

    Lo, Hoi-Kwong; Curty, Marcos; Tamaki, Kiyoshi

    2014-08-01

    Secure communication is crucial in the Internet Age, and quantum mechanics stands poised to revolutionize cryptography as we know it today. In this Review, we introduce the motivation and the current state of the art of research in quantum cryptography. In particular, we discuss the present security model together with its assumptions, strengths and weaknesses. After briefly introducing recent experimental progress and challenges, we survey the latest developments in quantum hacking and countermeasures against it.

  5. Concept for Energy Security Matrix

    International Nuclear Information System (INIS)

    Kisel, Einari; Hamburg, Arvi; Härm, Mihkel; Leppiman, Ando; Ots, Märt

    2016-01-01

    The following paper presents a discussion of short- and long-term energy security assessment methods and indicators. The aim of the current paper is to describe diversity of approaches to energy security, to structure energy security indicators used by different institutions and papers, and to discuss several indicators that also play important role in the design of energy policy of a state. Based on this analysis the paper presents a novel Energy Security Matrix that structures relevant energy security indicators from the aspects of Technical Resilience and Vulnerability, Economic Dependence and Political Affectability for electricity, heat and transport fuel sectors. Earlier publications by different authors have presented energy security assessment methodologies that use publicly available indicators from different databases. Current paper challenges viability of some of these indicators and introduces new indicators that would deliver stronger energy security policy assessments. Energy Security Matrix and its indicators are based on experiences that the authors have gathered as high-level energy policymakers in Estonia, where all different aspects of energy security can be observed. - Highlights: •Energy security should be analysed in technical, economic and political terms; •Energy Security Matrix provides a framework for energy security analyses; •Applicability of Matrix is limited due to the lack of statistical data and sensitivity of output.

  6. Identification of selective inhibitors of RET and comparison with current clinical candidates through development and validation of a robust screening cascade [version 1; referees: 2 approved

    Directory of Open Access Journals (Sweden)

    Amanda J. Watson

    2016-05-01

    Full Text Available RET (REarranged during Transfection is a receptor tyrosine kinase, which plays pivotal roles in regulating cell survival, differentiation, proliferation, migration and chemotaxis. Activation of RET is a mechanism of oncogenesis in medullary thyroid carcinomas where both germline and sporadic activating somatic mutations are prevalent.   At present, there are no known specific RET inhibitors in clinical development, although many potent inhibitors of RET have been opportunistically identified through selectivity profiling of compounds initially designed to target other tyrosine kinases. Vandetanib and cabozantinib, both multi-kinase inhibitors with RET activity, are approved for use in medullary thyroid carcinoma, but additional pharmacological activities, most notably inhibition of vascular endothelial growth factor - VEGFR2 (KDR, lead to dose-limiting toxicity. The recent identification of RET fusions present in ~1% of lung adenocarcinoma patients has renewed interest in the identification and development of more selective RET inhibitors lacking the toxicities associated with the current treatments.   In an earlier publication [Newton et al, 2016; 1] we reported the discovery of a series of 2-substituted phenol quinazolines as potent and selective RET kinase inhibitors. Here we describe the development of the robust screening cascade which allowed the identification and advancement of this chemical series.  Furthermore we have profiled a panel of RET-active clinical compounds both to validate the cascade and to confirm that none display a RET-selective target profile.

  7. A Security Checklist for ERP Implementations

    Science.gov (United States)

    Hughes, Joy R.; Beer, Robert

    2007-01-01

    The EDUCAUSE/Internet2 Computer and Network Security Task Force consulted with IT security professionals on campus about concerns with the current state of security in enterprise resource planning (ERP) systems. From these conversations, it was clear that security issues generally fell into one of two areas: (1) It has become extremely difficult…

  8. Securing Hadoop

    CERN Document Server

    Narayanan, Sudheesh

    2013-01-01

    This book is a step-by-step tutorial filled with practical examples which will focus mainly on the key security tools and implementation techniques of Hadoop security.This book is great for Hadoop practitioners (solution architects, Hadoop administrators, developers, and Hadoop project managers) who are looking to get a good grounding in what Kerberos is all about and who wish to learn how to implement end-to-end Hadoop security within an enterprise setup. It's assumed that you will have some basic understanding of Hadoop as well as be familiar with some basic security concepts.

  9. Grid Security

    CERN Multimedia

    CERN. Geneva

    2004-01-01

    The aim of Grid computing is to enable the easy and open sharing of resources between large and highly distributed communities of scientists and institutes across many independent administrative domains. Convincing site security officers and computer centre managers to allow this to happen in view of today's ever-increasing Internet security problems is a major challenge. Convincing users and application developers to take security seriously is equally difficult. This paper will describe the main Grid security issues, both in terms of technology and policy, that have been tackled over recent years in LCG and related Grid projects. Achievements to date will be described and opportunities for future improvements will be addressed.

  10. Information security principles and practice

    CERN Document Server

    Stamp, Mark

    2011-01-01

    Now updated-your expert guide to twenty-first century information security Information security is a rapidly evolving field. As businesses and consumers become increasingly dependent on complex multinational information systems, it is more imperative than ever to protect the confidentiality and integrity of data. Featuring a wide array of new information on the most current security issues, this fully updated and revised edition of Information Security: Principles and Practice provides the skills and knowledge readers need to tackle any information security challenge. Taking a pract

  11. Why SCADA security is NOT like Computer Centre Security

    CERN Multimedia

    CERN. Geneva

    2014-01-01

    Today, the industralized world lives in symbiosis with control systems (aka SCADA systems): it depends on power distribution, oil production, public transport, automatic production lines. While the convenience is at hand, still too many control systems are designed without any security in mind, lack basic security protections, and are not even robust enough to withstand basic attacks. The Stuxnet worm attacking Siemens PLCs in 2010 was another close call. Attackers currently enjoy hacking control systems, and aim to switch lights off. This presentation shall recap the current situation and discuss the differences (or not) between computer center cyber-security and control system cyber-security.

  12. Social Security.

    Science.gov (United States)

    Social and Labour Bulletin, 1983

    1983-01-01

    This group of articles discusses a variety of studies related to social security and retirement benefits. These studies are related to both developing and developed nations and are also concerned with studying work conditions and government role in administering a democratic social security system. (SSH)

  13. Evaluation of the validity of treatment decisions based on surrogate country models before introduction of the Polish FRAX and recommendations in comparison to current practice.

    Science.gov (United States)

    Glinkowski, Wojciech M; Narloch, Jerzy; Glinkowska, Bożena; Bandura, Małgorzata

    2018-03-01

    Patients diagnosed before the Polish FRAX was introduced may require re-evaluation and treatment changes if the diagnosis was established according to a surrogate country FRAX score. The aim of the study was to evaluate the validity of treatment decisions based on the surrogate country model before introduction of the Polish FRAX and to provide recommendations based on the current practice. We evaluated a group of 142 postmenopausal women (70.7 ±8.9 years) who underwent bone mineral density measurements. We used 22 country-specific FRAX models and compared these to the Polish model. The mean risk values for hip and major osteoporotic fractures within 10 years were 4.575 (from 0.82 to 8.46) and 12.47% (from 2.18 to 21.65), respectively. In the case of a major fracture, 94.4% of women would receive lifestyle advice, and 5.6% would receive treatment according to the Polish FRAX using the guidelines of the National Osteoporosis Foundation (NOF). Polish treatment thresholds would implement pharmacotherapy in 32.4% of the study group. In the case of hip fractures, 45% of women according to the NOF would require pharmacotherapy but only 9.8% of women would qualify according to Polish guidelines. Nearly all surrogate FRAX calculator scores proved significantly different form Polish ( p > 0.05). More patients might have received antiresorptive medication before the Polish FRAX. This study recommends re-evaluation of patients who received medical therapy before the Polish FRAX was introduced and a review of the recommendations, considering the side effects of antiresorptive medication.

  14. Security management

    International Nuclear Information System (INIS)

    Adams, H.W.

    1990-01-01

    Technical progress is moving more and more quickly and the systems thus produced are so complex and have become so unclear to the individual that he can no longer estimate the consequences: Faith in progress has given way to deep mistrust. Companies have adjusted to this change in consciousness. An interesting tendency can be identified: technical security is already available - now the organization of security has become an important objective for companies. The key message of the book is: If outworn technical systems are no longer adequate, the organization must be thoroughly overhauled. Five chapters deal with the following themes: organization as an aspect of society; risk control; aspects of security; is there security in ADP; the broader concept of security. (orig./HP) [de

  15. On the Validity of the “Thin” and “Thick” Double-Layer Assumptions When Calculating Streaming Currents in Porous Media

    Directory of Open Access Journals (Sweden)

    Matthew D. Jackson

    2012-01-01

    Full Text Available We find that the thin double layer assumption, in which the thickness of the electrical diffuse layer is assumed small compared to the radius of curvature of a pore or throat, is valid in a capillary tubes model so long as the capillary radius is >200 times the double layer thickness, while the thick double layer assumption, in which the diffuse layer is assumed to extend across the entire pore or throat, is valid so long as the capillary radius is >6 times smaller than the double layer thickness. At low surface charge density (0.5 M the validity criteria are less stringent. Our results suggest that the thin double layer assumption is valid in sandstones at low specific surface charge (<10 mC⋅m−2, but may not be valid in sandstones of moderate- to small pore-throat size at higher surface charge if the brine concentration is low (<0.001 M. The thick double layer assumption is likely to be valid in mudstones at low brine concentration (<0.1 M and surface charge (<10 mC⋅m−2, but at higher surface charge, it is likely to be valid only at low brine concentration (<0.003 M. Consequently, neither assumption may be valid in mudstones saturated with natural brines.

  16. Current and historical individual data about exposure of workers in the rayon industry to carbon disulfide and their validity in calculating the cumulative dose.

    Science.gov (United States)

    Göen, Thomas; Schramm, Axel; Baumeister, Thomas; Uter, Wolfgang; Drexler, Hans

    2014-08-01

    The objective of the study was to investigate how exposure to carbon disulfide (CS2) in a rayon-manufacturing plant has changed within two decades and whether it is possible to calculate valid data for the individual cumulative exposure. The data for CS2 concentration in air and biological exposure monitoring (2-thio-1,3-thiaxolidine-4-carboxylic acid (TTCA) in urine) from two cross-sectional studies, performed in 1992 (n = 362) and 2009 (n = 212) in a German rayon-manufacturing plant, were compared to data obtained from company-internal measurements between the studies. Using the data from the cross-sectional studies and company-internal data, cumulative external exposure and the cumulative internal exposure were calculated for each worker. External and internal CS2 exposure of the employees decreased from 1992 (medians 4.0 ppm and 1.63 mgTTCA/g creatinine) to 2009 (medians 2.5 ppm and 0.86 mg/g). However, company-internal CS2 data do not show a straight trend for this period. The annual medians of the company-internal measurement of external exposure to CS2 have varied between 2.7 and 8.4 ppm, in which median values exceeded 5 ppm generally since 2000. The annual medians for the company-internal biomonitoring assessment ranged between 1.2 and 2.8 mg/g creatinine. The cumulative CS2 exposure ranged from 8.5 to 869.5 ppm years for external exposure and between 1.30 and 176.2 mg/g creatinine years for the internal exposure. Significant correlations were found between the current air pollution and the internal exposure in 2009 but also between the cumulative external and internal CS2 exposure. Current exposure data, usually collected in cross-sectional studies, rarely allow a reliable statement on the cumulative dose, because of higher exposure in the past and of fluctuating courses of exposure. On the other hand, company-internal exposure data may be affected by non-representative measurement strategies. Some verification of the reliability of

  17. INFORMATION SYSTEM SECURITY (CYBER SECURITY

    Directory of Open Access Journals (Sweden)

    Muhammad Siddique Ansari

    2016-03-01

    Full Text Available Abstract - Business Organizations and Government unequivocally relies on upon data to deal with their business operations. The most unfavorable impact on association is disappointment of friendship, goodness, trustworthiness, legitimacy and probability of data and administrations. There is an approach to ensure data and to deal with the IT framework's Security inside association. Each time the new innovation is made, it presents some new difficulties for the insurance of information and data. To secure the information and data in association is imperative on the grounds that association nowadays inside and remotely joined with systems of IT frameworks. IT structures are inclined to dissatisfaction and security infringement because of slips and vulnerabilities. These slips and vulnerabilities can be brought on by different variables, for example, quickly creating headway, human slip, poor key particulars, poor movement schedules or censuring the threat. Likewise, framework changes, new deserts and new strikes are a huge piece of the time displayed, which helpers augmented vulnerabilities, disappointments and security infringement all through the IT structure life cycle. The business went to the confirmation that it is essentially difficult to ensure a slip free, risk free and secure IT structure in perspective of the disfigurement of the disavowing security parts, human pass or oversight, and part or supplies frustration. Totally secure IT frameworks don't exist; just those in which the holders may have changing degrees of certainty that security needs of a framework are fulfilled do. The key viewpoints identified with security of data outlining are examined in this paper. From the start, the paper recommends pertinent legitimate structure and their duties including open association obligation, and afterward it returns to present and future time, system limits, structure security in business division. At long last, two key inadequacy markers

  18. Information security management handbook

    CERN Document Server

    Tipton, Harold F

    2006-01-01

    Access Control Systems and Methodology. Telecommunications and Network Security. Security Management Practices. Application Program Security. Cryptography. Computer, System, and Security Architecture. Operations Security. Business Continuity Planning and Disaster Recovery Planning. Law, Investigation and Ethics. Physical Security.

  19. International Nuclear Security Education Network (INSEN): Promoting nuclear security education

    International Nuclear Information System (INIS)

    Muhamad Samudi Yasir

    2013-01-01

    Full-text: The need for human resource development programmes in nuclear security was underlined at several International Atomic Energy Agency (IAEA) General Conferences and Board of Governors Meetings. Successive IAEA Nuclear Security Plans, the most recent of which was agreed by the Board of Governors in September 2009, give high priority to assisting States in establishing educational programmes in nuclear security in order to ensure the sustainability of nuclear security improvements. The current Nuclear Security Plan 1 covering 2010-2013 emphasizes on the importance of considering existing capacities at international, regional and national levels while designing nuclear security academic programmes. In the course of implementing the Plan, the IAEA developed a guide entitled Educational Programme in Nuclear Security (IAEA Nuclear Security Series No. 12) that consists of a model of a MAster of Science (M.Sc.) and a Certificate Programme in Nuclear Security. This guide was aims at assisting universities or other educational institutes to developed academic programmes in nuclear security. Independently, some universities already offered academic programmes covering some areas of nuclear security, while other universities have asked the IAEA to support the implementation of these programmes. In order to better address current and future request for assistance in this area, the IAEA establish a collaboration network-International Nuclear Security Education Network (INSEN), among universities who are providing nuclear security education or who are interested in starting an academic programme/ course(s) in nuclear security. Universiti Kebangsaan Malaysia (UKM) is a first local university became a member of INSEN since the beginning of the establishment. (author)

  20. Gerenciamento de resultados em bancos com uso de TVM: validação de modelo de dois estágios Securities-based earnings management in nanks: validation of a two-stage model

    Directory of Open Access Journals (Sweden)

    José Alves Dantas

    2013-04-01

    menor porte e nos controlados por capital privado.Studies investigating earnings management in banks have been particularly concerned with the use of Loan Loss Provisions (LLP and mainly use two-stage models to identify discretionary management actions. Another type of record that has received attention from researchers in identifying discretionary management actions is the classification and measurement of the fair value of securities. In this case, however, one-stage models have prevailed. The present study aims to develop and validate a two-stage model for the identification of discretionary management actions using gains obtained from securities. Our model incorporates macroeconomic indicators and specific attributes of the securities portfolios to the traditional parameters used in models previously utilized in the literature. To validate the proposed model, the results are compared with the results from the estimation of a one-stage model - a methodology widely used in the literature. Tests conducted with the two models reveal evidence of income smoothing using securities and the classification of available-for-sale securities among the actions taken by management. The consistency of the results across the two models validates the proposed model, thereby contributing to the development of research on the topic that is not only concerned with determining whether earnings management is practiced but also whether it can be associated with other variables. We also find that securities-based earnings management is more significant in smaller-sized banks and in banks controlled by private capital.

  1. Strategic information security

    CERN Document Server

    Wylder, John

    2003-01-01

    Introduction to Strategic Information SecurityWhat Does It Mean to Be Strategic? Information Security Defined The Security Professional's View of Information Security The Business View of Information SecurityChanges Affecting Business and Risk Management Strategic Security Strategic Security or Security Strategy?Monitoring and MeasurementMoving Forward ORGANIZATIONAL ISSUESThe Life Cycles of Security ManagersIntroductionThe Information Security Manager's Responsibilities The Evolution of Data Security to Information SecurityThe Repository Concept Changing Job Requirements Business Life Cycles

  2. Health Security and Risk Aversion.

    Science.gov (United States)

    Herington, Jonathan

    2016-09-01

    Health security has become a popular way of justifying efforts to control catastrophic threats to public health. Unfortunately, there has been little analysis of the concept of health security, nor the relationship between health security and other potential aims of public health policy. In this paper I develop an account of health security as an aversion to risky policy options. I explore three reasons for thinking risk avoidance is a distinctly worthwhile aim of public health policy: (i) that security is intrinsically valuable, (ii) that it is necessary for social planning and (iii) that it is an appropriate response to decision-making in contexts of very limited information. Striking the right balance between securing and maximizing population health thus requires a substantive, and hitherto unrecognized, value judgment. Finally, I critically evaluate the current health security agenda in light of this new account of the concept and its relationship to the other aims of public health policy. © 2016 John Wiley & Sons Ltd.

  3. Security Bingo

    CERN Multimedia

    Computer Security Team

    2011-01-01

    Want to check your security awareness and win one of three marvellous books on computer security? Just print out this page, mark which of the 25 good practices below you already follow, and send the sheet back to us by 31 October 2011 at either Computer.Security@cern.ch or P.O. Box G19710.   Winners[1] must show that they fulfil at least five good practices in a continuous vertical, horizontal or diagonal row. For details on CERN Computer Security, please consult http://cern.ch/security. I personally…   …am concerned about computer security. …run my computer with an anti-virus software and up-to-date signature files. …lock my computer screen whenever I leave my office. …have chosen a reasonably complex password. …have restricted access to all my files and data. …am aware of the security risks and threats to CERN’s computing facilities. &hell...

  4. Convergence of Corporate and Information Security

    OpenAIRE

    Syed; Rahman, M.; Donahue, Shannon E.

    2010-01-01

    As physical and information security boundaries have become increasingly blurry many organizations are experiencing challenges with how to effectively and efficiently manage security within the corporate. There is no current standard or best practice offered by the security community regarding convergence; however many organizations such as the Alliance for Enterprise Security Risk Management (AESRM) offer some excellent suggestions for integrating a converged security program. This paper rep...

  5. Computer security

    CERN Document Server

    Gollmann, Dieter

    2011-01-01

    A completely up-to-date resource on computer security Assuming no previous experience in the field of computer security, this must-have book walks you through the many essential aspects of this vast topic, from the newest advances in software and technology to the most recent information on Web applications security. This new edition includes sections on Windows NT, CORBA, and Java and discusses cross-site scripting and JavaScript hacking as well as SQL injection. Serving as a helpful introduction, this self-study guide is a wonderful starting point for examining the variety of competing sec

  6. Secure PVM

    Energy Technology Data Exchange (ETDEWEB)

    Dunigan, T.H.; Venugopal, N.

    1996-09-01

    This research investigates techniques for providing privacy, authentication, and data integrity to PVM (Parallel Virtual Machine). PVM is extended to provide secure message passing with no changes to the user`s PVM application, or, optionally, security can be provided on a message-by message basis. Diffe-Hellman is used for key distribution of a single session key for n-party communication. Keyed MD5 is used for message authentication, and the user may select from various secret-key encryption algorithms for message privacy. The modifications to PVM are described, and the performance of secure PVM is evaluated.

  7. Junos Security

    CERN Document Server

    Cameron, Rob; Giecco, Patricio; Eberhard, Timothy; Quinn, James

    2010-01-01

    Junos® Security is the complete and authorized introduction to the new Juniper Networks SRX hardware series. This book not only provides a practical, hands-on field guide to deploying, configuring, and operating SRX, it also serves as a reference to help you prepare for any of the Junos Security Certification examinations offered by Juniper Networks. Network administrators and security professionals will learn how to use SRX Junos services gateways to address an array of enterprise data network requirements -- including IP routing, intrusion detection, attack mitigation, unified threat manag

  8. Masters in Nuclear Security

    International Nuclear Information System (INIS)

    Rickwood, Peter

    2013-01-01

    Continuing global efforts to improve the security of nuclear and other radioactive material against the threat of malicious acts are being assisted by a new initiative, the development of a corps of professional experts to strengthen nuclear security. The IAEA, the European Commission, universities, research institutions and other bodies working in collaboration have established an International Nuclear Security Education Network (INSEN). In 2011, six European academic institutions, the Vienna University of Technology, the Brandenburg University of Applied Sciences, the Demokritos National Centre for Scientific Research in Greece, the Reactor Institute Delft of the Delft University of Technology in the Netherlands, the University of Oslo, and the University of Manchester Dalton Nuclear Institute, started developing a European Master of Science Programme in Nuclear Security Management. In March 2013, the masters project was inaugurated when ten students commenced studies at the Brandenburg University of Applied Sciences in Germany for two weeks. In April, they moved to the Delft University of Technology in the Netherlands for a further two weeks of studies. The pilot programme consists of six teaching sessions in different academic institutions. At the inauguration in Delft, IAEA Director General Yukiya Amano commended this effort to train a new generation of experts who can help to improve global nuclear security. ''It is clear that we will need a new generation of policy-makers and nuclear professionals - people like you - who will have a proper understanding of the importance of nuclear security,'' Mr. Amano told students and faculty members. ''The IAEA's goal is to support the development of such programmes on a global basis,'' said David Lambert, Senior Training Officer in the IAEA's Office of Nuclear Security. ''An existing postgraduate degree programme focused on nuclear security at Naif Arab University for Security Sciences (NAUSS) is currently supported by

  9. Assessing and Managing the Current and Future Pest Risk from Water Hyacinth, (Eichhornia crassipes), an Invasive Aquatic Plant Threatening the Environment and Water Security.

    Science.gov (United States)

    Kriticos, Darren J; Brunel, Sarah

    2016-01-01

    Understanding and managing the biological invasion threats posed by aquatic plants under current and future climates is a growing challenge for biosecurity and land management agencies worldwide. Eichhornia crassipes is one of the world's worst aquatic weeds. Presently, it threatens aquatic ecosystems, and hinders the management and delivery of freshwater services in both developed and developing parts of the world. A niche model was fitted using CLIMEX, to estimate the potential distribution of E. crassipes under historical and future climate scenarios. Under two future greenhouse gas emission scenarios for 2080 simulated with three Global Climate Models, the area with a favourable temperature regime appears set to shift polewards. The greatest potential for future range expansion lies in Europe. Elsewhere in the northern hemisphere temperature gradients are too steep for significant geographical range expansion under the climate scenarios explored here. In the Southern Hemisphere, the southern range boundary for E. crassipes is set to expand southwards in Argentina, Australia and New Zealand; under current climate conditions it is already able to invade the southern limits of Africa. The opportunity exists to prevent its spread into the islands of Tasmania in Australia and the South Island of New Zealand, both of which depend upon hydroelectric facilities that would be threatened by the presence of E. crassipes. In Europe, efforts to slow or stop the spread of E. crassipes will face the challenge of limited internal biosecurity capacity. The modelling technique demonstrated here is the first application of niche modelling for an aquatic weed under historical and projected future climates. It provides biosecurity agencies with a spatial tool to foresee and manage the emerging invasion threats in a manner that can be included in the international standard for pest risk assessments. It should also support more detailed local and regional management.

  10. Assessing and Managing the Current and Future Pest Risk from Water Hyacinth, (Eichhornia crassipes, an Invasive Aquatic Plant Threatening the Environment and Water Security.

    Directory of Open Access Journals (Sweden)

    Darren J Kriticos

    Full Text Available Understanding and managing the biological invasion threats posed by aquatic plants under current and future climates is a growing challenge for biosecurity and land management agencies worldwide. Eichhornia crassipes is one of the world's worst aquatic weeds. Presently, it threatens aquatic ecosystems, and hinders the management and delivery of freshwater services in both developed and developing parts of the world. A niche model was fitted using CLIMEX, to estimate the potential distribution of E. crassipes under historical and future climate scenarios. Under two future greenhouse gas emission scenarios for 2080 simulated with three Global Climate Models, the area with a favourable temperature regime appears set to shift polewards. The greatest potential for future range expansion lies in Europe. Elsewhere in the northern hemisphere temperature gradients are too steep for significant geographical range expansion under the climate scenarios explored here. In the Southern Hemisphere, the southern range boundary for E. crassipes is set to expand southwards in Argentina, Australia and New Zealand; under current climate conditions it is already able to invade the southern limits of Africa. The opportunity exists to prevent its spread into the islands of Tasmania in Australia and the South Island of New Zealand, both of which depend upon hydroelectric facilities that would be threatened by the presence of E. crassipes. In Europe, efforts to slow or stop the spread of E. crassipes will face the challenge of limited internal biosecurity capacity. The modelling technique demonstrated here is the first application of niche modelling for an aquatic weed under historical and projected future climates. It provides biosecurity agencies with a spatial tool to foresee and manage the emerging invasion threats in a manner that can be included in the international standard for pest risk assessments. It should also support more detailed local and regional

  11. Cloud Computing Security: A Survey

    Directory of Open Access Journals (Sweden)

    Issa M. Khalil

    2014-02-01

    Full Text Available Cloud computing is an emerging technology paradigm that migrates current technological and computing concepts into utility-like solutions similar to electricity and water systems. Clouds bring out a wide range of benefits including configurable computing resources, economic savings, and service flexibility. However, security and privacy concerns are shown to be the primary obstacles to a wide adoption of clouds. The new concepts that clouds introduce, such as multi-tenancy, resource sharing and outsourcing, create new challenges to the security community. Addressing these challenges requires, in addition to the ability to cultivate and tune the security measures developed for traditional computing systems, proposing new security policies, models, and protocols to address the unique cloud security challenges. In this work, we provide a comprehensive study of cloud computing security and privacy concerns. We identify cloud vulnerabilities, classify known security threats and attacks, and present the state-of-the-art practices to control the vulnerabilities, neutralize the threats, and calibrate the attacks. Additionally, we investigate and identify the limitations of the current solutions and provide insights of the future security perspectives. Finally, we provide a cloud security framework in which we present the various lines of defense and identify the dependency levels among them. We identify 28 cloud security threats which we classify into five categories. We also present nine general cloud attacks along with various attack incidents, and provide effectiveness analysis of the proposed countermeasures.

  12. Collective Security

    DEFF Research Database (Denmark)

    Galster, Kjeld

    in worldwide market conditions left perceptible ripples in Danish economy, budget discussions grew in importance over this period. The pacifist stance entailed disinclination to accept that the collective security concept and international treaties and accords signed by Denmark should necessitate credible...... and other international treaties provided arguments for adjusting the foreign and security policy ambitions, and since the general flux in worldwide market conditions left perceptible ripples in Danish economy, budget discussions grew in importance over this period. The pacifist stance entailed......Collective Security: National Egotism (Abstract) In Danish pre-World War I defence debate the notion of collective security is missing. During the early years of the 19th century, the political work is influenced by a pervasive feeling of rising tension and danger on the continent of Europe...

  13. Security Transformation

    National Research Council Canada - National Science Library

    Metz, Steven

    2003-01-01

    ... adjustment. With American military forces engaged around the world in both combat and stabilization operations, the need for rigorous and critical analysis of security transformation has never been greater...

  14. European Security

    DEFF Research Database (Denmark)

    Møller, Bjørn

    Theoretical chapters on "Security", "Organisations" and "Regions," Historical Chapters on "Europe and Its Distinguishing Features" and on "The United Nations," "NATO," "The CSCE/OSCE and the Council of Europe" and "The European Union"......Theoretical chapters on "Security", "Organisations" and "Regions," Historical Chapters on "Europe and Its Distinguishing Features" and on "The United Nations," "NATO," "The CSCE/OSCE and the Council of Europe" and "The European Union"...

  15. Data Security

    OpenAIRE

    Lopez, Diego

    2013-01-01

    Training specialists in the field of data security and security administrators for the information systems represents a significant priority demanded by both governmental environments and the central and local administrations, as well as by the private sector - companies, banks. They are responsible for implementing information services and systems, but they are also their beneficiaries, with applicability in fields such as: e government, e-administration, e-banking, e-commerce, e-payment, wh...

  16. FOOD SECURITY

    Directory of Open Access Journals (Sweden)

    Dorina Ardelean

    2013-12-01

    Full Text Available The assurance of food security at the individual level doesn’t implicitly provide for the one at family level as the concepts of hunger, malnutrition and food insecurity are the steps of the same process of access restricted to a sufficient supply of food. In order to achieve food security at the individual level the following is necessary: ensuring food availability (production, reserve stocks; redistribution of food availability within the country or out through international exchanges; effective access of the population to purchase food consumer goods, by ensuring its effective demand as required. Food security of families (FFS is required for assuring individual food security (IFS, but it is not sufficient because the food available may be unevenly distributed between family members. National food security (NFS corresponds to the possibilities that different countries have to ensure both FFS and IFS without sacrificing other important objectives. Under the name of GAS is defined the global food security which represents permanent access for the entire population of the globe to the necessary food for a healthy and active life.

  17. Security issues in mobile NFC devices

    CERN Document Server

    Roland, Michael

    2015-01-01

    This work provides an assessment of the current state of near field communication (NFC) security, it reports on new attack scenarios, and offers concepts and solutions to overcome any unresolved issues. The work describes application-specific security aspects of NFC based on exemplary use-case scenarios and uses these to focus on the interaction with NFC tags and on card emulation. The current security architectures of NFC-enabled cellular phones are evaluated with regard to the identified security aspects.

  18. Information risk and security modeling

    Science.gov (United States)

    Zivic, Predrag

    2005-03-01

    This research paper presentation will feature current frameworks to addressing risk and security modeling and metrics. The paper will analyze technical level risk and security metrics of Common Criteria/ISO15408, Centre for Internet Security guidelines, NSA configuration guidelines and metrics used at this level. Information IT operational standards view on security metrics such as GMITS/ISO13335, ITIL/ITMS and architectural guidelines such as ISO7498-2 will be explained. Business process level standards such as ISO17799, COSO and CobiT will be presented with their control approach to security metrics. Top level, the maturity standards such as SSE-CMM/ISO21827, NSA Infosec Assessment and CobiT will be explored and reviewed. For each defined level of security metrics the research presentation will explore the appropriate usage of these standards. The paper will discuss standards approaches to conducting the risk and security metrics. The research findings will demonstrate the need for common baseline for both risk and security metrics. This paper will show the relation between the attribute based common baseline and corporate assets and controls for risk and security metrics. IT will be shown that such approach spans over all mentioned standards. The proposed approach 3D visual presentation and development of the Information Security Model will be analyzed and postulated. Presentation will clearly demonstrate the benefits of proposed attributes based approach and defined risk and security space for modeling and measuring.

  19. Security culture for nuclear facilities

    Science.gov (United States)

    Gupta, Deeksha; Bajramovic, Edita

    2017-01-01

    Natural radioactive elements are part of our environment and radioactivity is a natural phenomenon. There are numerous beneficial applications of radioactive elements (radioisotopes) and radiation, starting from power generation to usages in medical, industrial and agriculture applications. But the risk of radiation exposure is always attached to operational workers, the public and the environment. Hence, this risk has to be assessed and controlled. The main goal of safety and security measures is to protect human life, health, and the environment. Currently, nuclear security considerations became essential along with nuclear safety as nuclear facilities are facing rapidly increase in cybersecurity risks. Therefore, prevention and adequate protection of nuclear facilities from cyberattacks is the major task. Historically, nuclear safety is well defined by IAEA guidelines while nuclear security is just gradually being addressed by some new guidance, especially the IAEA Nuclear Security Series (NSS), IEC 62645 and some national regulations. At the overall level, IAEA NSS 7 describes nuclear security as deterrence and detection of, and response to, theft, sabotage, unauthorized access, illegal transfer or other malicious acts involving nuclear, other radioactive substances and their associated facilities. Nuclear security should be included throughout nuclear facilities. Proper implementation of a nuclear security culture leads to staff vigilance and a high level of security posture. Nuclear security also depends on policy makers, regulators, managers, individual employees and members of public. Therefore, proper education and security awareness are essential in keeping nuclear facilities safe and secure.

  20. FORWARD: DESERTIFICATION IN THE MEDITERRANEAN REGION: A SECURITY ISSUE

    Science.gov (United States)

    The Workshop focused on two basic concepts: security and desertification and their linkages. Since the end of the Cold War, traditional security concepts based on national sovereignty and territorial security have increasingly been brought under review. Currently, a broader defin...

  1. 75 FR 28777 - Information Collection; Financial Information Security Request Form

    Science.gov (United States)

    2010-05-24

    ... Collection; Financial Information Security Request Form AGENCY: Forest Service, USDA. ACTION: Notice; Request... currently approved information collection; Financial Information Security Request Form. DATES: Comments must... Standard Time, Monday through Friday. SUPPLEMENTARY INFORMATION: Title: Financial Information Security...

  2. Security and arms control

    International Nuclear Information System (INIS)

    Kolodziej, E.A.; Morgan, P.M.

    1989-01-01

    This book attempts to clarify and define selected current issues and problems related to security and arms control from an international perspective. The chapters are organized under the following headings. Conflict and the international system, Nuclear deterrence, Conventional warfare, Subconventional conflict, Arms control and crisis management

  3. Application Security Automation

    Science.gov (United States)

    Malaika, Majid A.

    2011-01-01

    With today's high demand for online applications and services running on the Internet, software has become a vital component in our lives. With every revolutionary technology comes challenges unique to its characteristics; for online applications, security is one huge concern and challenge. Currently, there are several schemes that address…

  4. Learning with Security

    Science.gov (United States)

    Jokela, Paivi; Karlsudd, Peter

    2007-01-01

    The current higher education, both distance education and traditional campus courses, relies more and more on modern information and communication technologies (ICT). The use of computer systems and networks results in a wide range of security issues that must be dealt with in order to create a safe learning environment. In this work, we study the…

  5. Validation philosophy

    International Nuclear Information System (INIS)

    Vornehm, D.

    1994-01-01

    To determine when a set of calculations falls within an umbrella of an existing validation documentation, it is necessary to generate a quantitative definition of range of applicability (our definition is only qualitative) for two reasons: (1) the current trend in our regulatory environment will soon make it impossible to support the legitimacy of a validation without quantitative guidelines; and (2) in my opinion, the lack of support by DOE for further critical experiment work is directly tied to our inability to draw a quantitative open-quotes line-in-the-sandclose quotes beyond which we will not use computer-generated values

  6. THz and Security Applications

    CERN Document Server

    Sizov, Fedir; Detectors, Sources and Associated Electronics for THz Applications

    2014-01-01

    These proceedings comprise invited papers from highly experienced researchers in THz technology and security applications. THz detection of explosives represents one of the most appealing technologies to have recently emerged in dealing with terrorist attacks encountered by civil security and military forces throughout the world. Discussed are the most advanced technologies and developments, the various points of operational strength and weaknesses as well as are suggestions and predictions the best technological solutions to  overcome current operational limits.  The current status of various levels of cooling in THz detectors, sources and associated electronics are also addressed. The goal was to provide a clear view on the current technologies available and the required advances needed in order to achieve more efficient systems. This goal was outlined in part by establishing the baseline of current uncertainty estimations in physics-based modelling and the identification of key areas which require additi...

  7. Security an introduction

    CERN Document Server

    Purpura, Philip P

    2011-01-01

    Section I The History and Profession of SecurityDefinition, Role, and History of Security Security Defined The Contexts of Security The Roles of Security The History of Security Security in an Environment of Threats, Terrorism, and All-Hazards Threats and Hazards Terrorism National Strategies The Profession and Business of Security The Business of Security Professionalism and Security Associations Ethics Regulation of the Security Industry Security Training Higher Education Careers Section II Protecting People and AssetsSecurity Methodology Methodology Defined Security Business Proposals Secur

  8. Security and Network Operations [video

    OpenAIRE

    Myrick, Matthew

    2012-01-01

    Senior Security Engineer, Matthew Myrick discusses the current cyber threats that we are all facing, the five W's (who, what, when, where, and how) of cyber security, past and present cyber-attack trends, and ways you can help protect yourself and your enterprise from cyber-attack.

  9. Model-Based Security Testing

    Directory of Open Access Journals (Sweden)

    Ina Schieferdecker

    2012-02-01

    Full Text Available Security testing aims at validating software system requirements related to security properties like confidentiality, integrity, authentication, authorization, availability, and non-repudiation. Although security testing techniques are available for many years, there has been little approaches that allow for specification of test cases at a higher level of abstraction, for enabling guidance on test identification and specification as well as for automated test generation. Model-based security testing (MBST is a relatively new field and especially dedicated to the systematic and efficient specification and documentation of security test objectives, security test cases and test suites, as well as to their automated or semi-automated generation. In particular, the combination of security modelling and test generation approaches is still a challenge in research and of high interest for industrial applications. MBST includes e.g. security functional testing, model-based fuzzing, risk- and threat-oriented testing, and the usage of security test patterns. This paper provides a survey on MBST techniques and the related models as well as samples of new methods and tools that are under development in the European ITEA2-project DIAMONDS.

  10. Software Security and the "Building Security in Maturity" Model

    CERN Document Server

    CERN. Geneva

    2011-01-01

    Using the framework described in my book "Software Security: Building Security In" I will discuss and describe the state of the practice in software security. This talk is peppered with real data from the field, based on my work with several large companies as a Cigital consultant. As a discipline, software security has made great progress over the last decade. Of the sixty large-scale software security initiatives we are aware of, thirty-two---all household names---are currently included in the BSIMM study. Those companies among the thirty-two who graciously agreed to be identified include: Adobe, Aon, Bank of America, Capital One, The Depository Trust & Clearing Corporation (DTCC), EMC, Google, Intel, Intuit, McKesson, Microsoft, Nokia, QUALCOMM, Sallie Mae, Standard Life, SWIFT, Symantec, Telecom Italia, Thomson Reuters, VMware, and Wells Fargo. The BSIMM was created by observing and analyzing real-world data from thirty-two leading software security initiatives. The BSIMM can...

  11. Threat modeling designing for security

    CERN Document Server

    Shostack, Adam

    2014-01-01

    Adam Shostack is responsible for security development lifecycle threat modeling at Microsoft and is one of a handful of threat modeling experts in the world. Now, he is sharing his considerable expertise into this unique book. With pages of specific actionable advice, he details how to build better security into the design of systems, software, or services from the outset. You'll explore various threat modeling approaches, find out how to test your designs against threats, and learn effective ways to address threats that have been validated at Microsoft and other top companies. Systems secur

  12. Personal health record systems and their security protection.

    Science.gov (United States)

    Win, Khin Than; Susilo, Willy; Mu, Yi

    2006-08-01

    The objective of this study is to analyze the security protection of personal health record systems. To achieve this we have investigated different personal health record systems, their security functions, and security issues. We have noted that current security mechanisms are not adequate and we have proposed some security mechanisms to tackle these problems.

  13. DIRAC Security

    CERN Document Server

    Casajús Ramo, A

    2006-01-01

    DIRAC is the LHCb Workload and Data Management System. Based on a service-oriented architecture, it enables generic distributed computing with lightweight Agents and Clients for job execution and data transfers. DIRAC implements a client-server architecture exposing server methods through XML Remote Procedure Call (XML-RPC) protocol. DIRAC is mostly coded in python. DIRAC security infrastructure has been designed to be a completely generic XML-RPC transport over a SSL tunnel. This new security layer is able to handle standard X509 certificates as well as grid-proxies to authenticate both sides of the connection. Serve and client authentication relies over OpenSSL and py-Open SSL, but to be able to handle grid proxies some modifications have been added to those libraries. DIRAC security infrastructure handles authorization and authorization as well as provides extended capabilities like secure connection tunneling and file transfer. Using this new security infrastructure all LHCb users can safely make use o...

  14. Secure cloud computing

    CERN Document Server

    Jajodia, Sushil; Samarati, Pierangela; Singhal, Anoop; Swarup, Vipin; Wang, Cliff

    2014-01-01

    This book presents a range of cloud computing security challenges and promising solution paths. The first two chapters focus on practical considerations of cloud computing. In Chapter 1, Chandramouli, Iorga, and Chokani describe the evolution of cloud computing and the current state of practice, followed by the challenges of cryptographic key management in the cloud. In Chapter 2, Chen and Sion present a dollar cost model of cloud computing and explore the economic viability of cloud computing with and without security mechanisms involving cryptographic mechanisms. The next two chapters addres

  15. Privatising Security

    Directory of Open Access Journals (Sweden)

    Irina Mindova-Docheva

    2016-06-01

    Full Text Available The article proposes an analysis of the different approaches towards employing the international legal framework in the regulation and oversight of private military and security companies’ operation in armed conflicts and in peace time security systems. It proposes a partnership-based approach for public and private actors aiming at creating and sharing common values under the principles of solidarity, protection of human rights and rule of law. A focus of further research should be the process of shaping those common values.

  16. Machine Learning for Security

    CERN Multimedia

    CERN. Geneva

    2015-01-01

    Applied statistics, aka ‘Machine Learning’, offers a wealth of techniques for answering security questions. It’s a much hyped topic in the big data world, with many companies now providing machine learning as a service. This talk will demystify these techniques, explain the math, and demonstrate their application to security problems. The presentation will include how-to’s on classifying malware, looking into encrypted tunnels, and finding botnets in DNS data. About the speaker Josiah is a security researcher with HP TippingPoint DVLabs Research Group. He has over 15 years of professional software development experience. Josiah used to do AI, with work focused on graph theory, search, and deductive inference on large knowledge bases. As rules only get you so far, he moved from AI to using machine learning techniques identifying failure modes in email traffic. There followed digressions into clustered data storage and later integrated control systems. Current ...

  17. Unconditionally Secure Quantum Signatures

    Directory of Open Access Journals (Sweden)

    Ryan Amiri

    2015-08-01

    Full Text Available Signature schemes, proposed in 1976 by Diffie and Hellman, have become ubiquitous across modern communications. They allow for the exchange of messages from one sender to multiple recipients, with the guarantees that messages cannot be forged or tampered with and that messages also can be forwarded from one recipient to another without compromising their validity. Signatures are different from, but no less important than encryption, which ensures the privacy of a message. Commonly used signature protocols—signatures based on the Rivest–Adleman–Shamir (RSA algorithm, the digital signature algorithm (DSA, and the elliptic curve digital signature algorithm (ECDSA—are only computationally secure, similar to public key encryption methods. In fact, since these rely on the difficulty of finding discrete logarithms or factoring large primes, it is known that they will become completely insecure with the emergence of quantum computers. We may therefore see a shift towards signature protocols that will remain secure even in a post-quantum world. Ideally, such schemes would provide unconditional or information-theoretic security. In this paper, we aim to provide an accessible and comprehensive review of existing unconditionally securesecure signature schemes for signing classical messages, with a focus on unconditionally secure quantum signature schemes.

  18. Ontario Hydro looks at security

    International Nuclear Information System (INIS)

    Green, B.J.; Kee, B.

    1995-01-01

    Ontario Hydro operates 20 CANDU reactors on three different sites. Since 1984, a review of security arrangements on all the sites has taken place on a five-yearly basis. The review process for 1995 is outlined. The three objectives were as follows: to assess current security threats and risks to the stations; to assess the adequacy of the existing programme to protect against current threats; by comparing the security programme against those of comparable entities to establish benchmarks for good practice as a basis for improvements at Ontario Hydro. Valuable insights gained through the review are listed. These could be useful to other utilities. (UK)

  19. Incorporating User-oriented Security into CC

    DEFF Research Database (Denmark)

    Sharp, Robin

    2009-01-01

    Current versions of the Common Criteria concentrate very heavily on technical security issues which are relevant for the design of secure systems. This approach largely ignores a number of questions which can have great significance for whether or not the system can be operated securely in an env...... not currently dealt with in CC. Tentative proposals for extensions to the current classes of SFRs will be made on the basis of the analysis of the case....

  20. Information Security

    NARCIS (Netherlands)

    Hartel, Pieter H.; Suryana Herman, Nanna; Leukfeldt, E.R.; Stol, W.Ph.

    2012-01-01

    Information security is all about the protection of digital assets, such as digital content, personal health records, state secrets etc. These assets can be handled by a party who is authorised to access and control the asset or a party who is not authorised to do so. Authorisation determines who is

  1. Food security

    NARCIS (Netherlands)

    Ridder, M. de

    2011-01-01

    Food security is back on the agenda as a top priority for policy makers. In January 2011, record high food prices resulted in protests in Tunisia, which subsequently led to the spread of the revolutions in other North African and Middle Eastern countries. Although experts have asserted that no

  2. Indicators for energy security

    International Nuclear Information System (INIS)

    Kruyt, Bert; Van Vuuren, D.P.; De Vries, H.J.M.; Groenenberg, H.

    2009-01-01

    The concept of energy security is widely used, yet there is no consensus on its precise interpretation. In this research, we have provided an overview of available indicators for long-term security of supply (SOS). We distinguished four dimensions of energy security that relate to the availability, accessibility, affordability and acceptability of energy and classified indicators for energy security according to this taxonomy. There is no one ideal indicator, as the notion of energy security is highly context dependent. Rather, applying multiple indicators leads to a broader understanding. Incorporating these indicators in model-based scenario analysis showed accelerated depletion of currently known fossil resources due to increasing global demand. Coupled with increasing spatial discrepancy between consumption and production, international trade in energy carriers is projected to have increased by 142% in 2050 compared to 2008. Oil production is projected to become increasingly concentrated in a few countries up to 2030, after which production from other regions diversifies the market. Under stringent climate policies, this diversification may not occur due to reduced demand for oil. Possible benefits of climate policy include increased fuel diversity and slower depletion of fossil resources. (author)

  3. Measuring Short-term Energy Security

    Energy Technology Data Exchange (ETDEWEB)

    NONE

    2011-07-01

    Ensuring energy security has been at the centre of the IEA mission since its inception, following the oil crises of the early 1970s. While the security of oil supplies remains important, contemporary energy security policies must address all energy sources and cover a comprehensive range of natural, economic and political risks that affect energy sources, infrastructures and services. In response to this challenge, the IEA is currently developing a Model Of Short-term Energy Security (MOSES) to evaluate the energy security risks and resilience capacities of its member countries. The current version of MOSES covers short-term security of supply for primary energy sources and secondary fuels among IEA countries. It also lays the foundation for analysis of vulnerabilities of electricity and end-use energy sectors. MOSES contains a novel approach to analysing energy security, which can be used to identify energy security priorities, as a starting point for national energy security assessments and to track the evolution of a country's energy security profile. By grouping together countries with similar 'energy security profiles', MOSES depicts the energy security landscape of IEA countries. By extending the MOSES methodology to electricity security and energy services in the future, the IEA aims to develop a comprehensive policy-relevant perspective on global energy security. This Brochure provides and overview of the analysis and results. Readers interested in an in-depth discussion of methodology are referred to the MOSES Working Paper.

  4. Weapons of mass destruction - current security threat

    International Nuclear Information System (INIS)

    Durdiak, J.; Gafrik, A.; Pulis, P.; Susko, M.

    2005-01-01

    This publication brings a complex and comprehensive view of the weapons of mass destruction phenomenon in the context of present military and political situation. It emphasizes the threat posed by proliferation of these destructive devices and their carriers as well as the threat present in their possession by unpredictable totalitarian regimes or terrorist groups. The publication is structured into four basic parts: Introduction Into The Topic, Nuclear Weapons, Chemical Weapons and Biological Weapons. The Introduction reflects the latest developments on the field of military technologies, which lead to the development of new destructive devices with characteristics comparable to basic types of WMDs - nuclear, chemical and biological. Based on the definition of WMD as 'weapon systems with enormous impact causing mass destruction, population, equipment and material losses', the modern mass destruction devices are assorted here, such as ecological, radiological and beam weapons, aerosol and container intelligent ammunition, the outburst of dangerous chemical substances from infrastructure, non-conventional weapons and military devices. The Nuclear Weapons part depicts the most destructive device of mass destruction mankind ever invented in close detail. It maps the history of most significant discoveries in nuclear physics, development and construction of the first nuclear weapons, accumulation of nuclear warheads and their carriers in the Cold war era, attempts of nuclear disarmament and reducing the number of nuclear weapons in possession of superpowers and their proliferation in the world's crisis regions including North Korea and Iran. The chapters devoted to theoretical grounds and physical principles of nuclear and thermonuclear weapons' functioning, the main categories and types, as well as destructive effects and consequences of use contain an adequate mathematical apparatus. This chapter's conclusion brings the overview of nuclear armament of states that officially own such weaponry and the states that are reasonably suspected to own such weaponry or try to obtain it. All the data are from open and unclassified sources published in professional periodicals and on the Internet. This chapter describes also the potential threats and consequences of terrorists' obtaining nuclear weapons. The Chemical Weapons remind that this kind of WMD has been in use since ancient history. The chemical weapons development has reached its peak in the twentieth century, along with their first mass use in combat during WW I. The next period brought the development of exceptionally efficient chemical weapons, such as the nerve-paralyzing substances. Use of chemical weapons is documented during WW II, the Vietnam War and in the Iran-Iraq War. Further chapters focus on the detailed description of individual toxic substances - nerve paralyzing, general toxic, blister, choking, physically and psychically disabling and irritating agents - their attributes, the mechanism of their effects, intoxication symptoms and possibilities of protection. Attention is paid to the process of chemical disarmament and chemical terrorism as well, stressing the threat posed by terrorists abusing dangerous industrial chemical substances present in the states' infrastructure. The next part is dedicated to the phenomenon of biological weapons nicknamed, along with chemical weapons, 'the poor man's nuclear weapon'. Given the revolutionary progress and wide availability of bio-technologies it presents the most probable weapon of mass destruction that terrorists could use to achieve their goals. The biological weapons are defined here as 'pathogenic microorganisms, the toxic products of their metabolism, certain live organisms and some synthetic substances inducing mass disease or death of humans or animals or destroying agriculture'. A short description follows of pathogenic microorganisms such as bacteria, rickettsia, viruses, molds, certain toxins that present a cross between chemical and biological weapons of mass destruction and environment substances used to destroy fores and agriculture. The biological weapons destructive requirements are defined here along with characteristics of individual diseases and properties of the most important toxins. Attention is paid to the problems of biological weapons' proliferation, efficient control as well as the risks resulting from the advances in gene engineering and biotechnology. The opportunities that biological mass destruction devices present to potential terrorists are consequently analyzed along with the possibilities of protection against attacks using biological agents. The analysis focuses on the protection in the armed forces setting and dealing with the consequences of an eventual biological attack. The conclusion deals with the questions of biological disarmament and the risks the democratic states would have. to face in case of a terrorist attack using biological weapons. (Authors)

  5. Security, Extremism and Education: Safeguarding or Surveillance?

    Science.gov (United States)

    Davies, Lynn

    2016-01-01

    This article analyses how education is positioned in the current concerns about security and extremism. This means firstly examining the different meanings of security (national, human and societal) and who provides security for whom. Initially, a central dilemma is acknowledged: that schooling appears to be simultaneously irrelevant to the huge…

  6. Service Oriented Architecture in Network Security - a novel Organisation in Security Systems

    OpenAIRE

    Hilker, Michael; Schommer, Christoph

    2008-01-01

    Current network security systems are a collection of various security components, which are directly installed in the operating system. These check the whole node for suspicious behaviour. Armouring intrusions e.g. have the ability to hide themselves from being checked. We present in this paper an alternative organisation of security systems. The node is completely virtualized with current virtualization systems so that the operating system with applications and the security system is disting...

  7. Computer Security: the security marathon

    CERN Multimedia

    Computer Security Team

    2014-01-01

    If you believe that “security” is a sprint, that a quick hack is invulnerable, that quick bug fixing is sufficient, that plugging security measures on top of existing structures is good, that once you are secure your life will be easy... then let me convince you otherwise.   An excellent example of this is when the summer students join us at CERN. As the summer period is short, software projects must be accomplished quickly, like a sprint. Rush, rush! But often, this sprint ends with aching muscles. Regularly, these summer students approach us to have their project or web server made visible to the Internet. Regularly, quick security reviews of those web servers diagnose severe underperformance with regards to security: the web applications are flawed or use insecure protocols; the employed software tools, databases or web frameworks are sub-optimal and not adequately chosen for that project; the operating system is non-standard and has never been brought up-to-date; and ...

  8. Security Administration Reports Application

    Data.gov (United States)

    Social Security Administration — Contains SSA Security Reports that allow Information Security Officers (ISOs) to access, review and take appropriate action based on the information contained in the...

  9. Security Investigation Database (SID)

    Data.gov (United States)

    US Agency for International Development — Security Investigation & Personnel Security Clearance - COTS personnel security application in a USAID virtualized environement that can support USAID's business...

  10. Nuclear energy technology transfer: the security barriers

    International Nuclear Information System (INIS)

    Rinne, R.L.

    1975-08-01

    The problems presented by security considerations to the transfer of nuclear energy technology are examined. In the case of fusion, the national security barrier associated with the laser and E-beam approaches is discussed; for fission, the international security requirements, due to the possibility of the theft or diversion of special nuclear materials or sabotage of nuclear facilities, are highlighted. The paper outlines the nuclear fuel cycle and terrorist threat, examples of security barriers, and the current approaches to transferring technology. (auth)

  11. CryptosFS: Fast Cryptographic Secure NFS

    OpenAIRE

    O'Shanahan, Declan

    2000-01-01

    The issue of security in file-systems is as relevant today as when the first file system was developed. Current file system implementations rely heavily on centralised security mechanisms such as access control lists. The problem of security in file systems was made more complicated by the introduction of remote access to files. Storing information on a remote server has the potential to introduce additional security weaknesses into the file system model. The client, the commun...

  12. Nuclear security

    International Nuclear Information System (INIS)

    1991-07-01

    This paper reports that despite an Executive Order limiting the authority to make original classification decisions to government officials, DOE has delegated this authority to a number of contractor employees. Although the number of original classification decisions made by these contractors is small, this neither negates nor diminishes the significance of the improper delegation of authority. If misclassification were to occur, particularly at the Top Secret level, U.S. national security interests could potentially be seriously affected and threatened. DOE's argument that the delegation of such authority is a long-standing policy and done on a selective basis does not legitimize the practice and does not relieve DOE of its responsibility to meet the requirements of the Executive Order. DOE needs to independently assess all original classification determinations made by contractors; otherwise, it cannot be sure that U.S. national security interests have been or are being adequately protected

  13. 31 CFR 306.100 - Transferable securities.

    Science.gov (United States)

    2010-07-01

    ... SERVICE, DEPARTMENT OF THE TREASURY BUREAU OF THE PUBLIC DEBT GENERAL REGULATIONS GOVERNING U.S... recognize valid judicial proceedings affecting the ownership of or interest in transferable securities, upon... established. 10 10 Title in a finder claiming ownership of a registered security will not be recognized. A...

  14. Parkinson’s Disease Impulsive-Compulsive Disorders Questionnaire – Current Short (QUIP-CS – Translation and validation of content of Portuguese Version

    Directory of Open Access Journals (Sweden)

    Débora Mascella Krieger

    Full Text Available ABSTRACT Objective Parkinson’s disease (PD management is usually successfully reached with proper pharmacological treatment. However, PD patients can manifest neuropsychiatric symptoms secondary to medical therapy, including impulse control disorders (ICD, presenting as pathological gambling, hypersexuality, compulsive buying, drinking or eating disorders. We translated and validated the Portuguese version of the gold-standard questionnaire Parkinson’s Disease Impulsive-Compulsive Disorders Questionnaire, or (QUIP for identifying ICDs in PD patients. Methods Translation, back translation and submission to instrument developer was performed, that approved its new version comparing it to his original, validated version, with no loss of it’s original properties. Then, the Portuguese version was administered to 30 PD patients. They also were asked to rate from 1 to 5 the level of comprehensibility of the questions. Results The average level of comprehension was 4.06 ± 0.69 DP, considering 3 or more as acceptable. No patient has answered 1 or 2. Conclusion Our results on Portuguese version of QUIP-CS show that QUIP-CS translated and corrected version was easily understood and easily self-applied.

  15. Military veterans and Social Security.

    Science.gov (United States)

    Olsen, Anya

    There are 9.4 million military veterans receiving Social Security benefits, which means that almost one out of every four adult Social Security beneficiaries has served in the United States military. In addition, veterans and their families make up almost 40 percent of the adult Social Security beneficiary population. Policymakers are particularly interested in military veterans and their families and have provided them with benefits through several government programs, including Social Security credits, home loan guarantees, and compensation and pension payments through the Department of Veterans Affairs. It is therefore important to understand the economic and demographic characteristics of this population. Information in this article is based on data from the March 2004 Current Population Survey, a large, nationally representative survey of U.S. households. Veterans are overwhelmingly male compared with all adult Social Security beneficiaries who are more evenly split between males and females. Military veterans receiving Social Security are more likely to be married and to have finished high school compared with all adult Social Security beneficiaries, and they are less likely to be poor or near poor than the overall beneficiary population. Fourteen percent of veterans receiving Social Security benefits have income below 150 percent of poverty, while 25 percent of all adult Social Security beneficiaries are below this level. The higher economic status among veterans is also reflected in the relatively high Social Security benefits they receive. The number of military veterans receiving Social Security benefits will remain high over the next few decades, while their make-up and characteristics will change. In particular, the number of Vietnam War veterans who receive Social Security will increase in the coming decades, while the number of veterans from World War II and the Korean War will decline.

  16. Security seal

    Science.gov (United States)

    Gobeli, Garth W.

    1985-01-01

    Security for a package or verifying seal in plastic material is provided by a print seal with unique thermally produced imprints in the plastic. If tampering is attempted, the material is irreparably damaged and thus detectable. The pattern of the imprints, similar to "fingerprints" are recorded as a positive identification for the seal, and corresponding recordings made to allow comparison. The integrity of the seal is proved by the comparison of imprint identification records made by laser beam projection.

  17. Security system

    Science.gov (United States)

    Baumann, Mark J.; Kuca, Michal; Aragon, Mona L.

    2016-02-02

    A security system includes a structure having a structural surface. The structure is sized to contain an asset therein and configured to provide a forceful breaching delay. The structure has an opening formed therein to permit predetermined access to the asset contained within the structure. The structure includes intrusion detection features within or associated with the structure that are activated in response to at least a partial breach of the structure.

  18. Secure Fiberoptic Communications

    Science.gov (United States)

    Hodara, Henri

    At the heart of our current information explosion is the communication network. Networks are now an intrinsic part of our daily activities, whether they are for Internet business transactions or military communications in Future Combat Systems. Protection of this communication infrastructure is a must. In this article, we discuss two approaches for securing all-optical networks. The first is an optical encryption technique that denies the information to intruders. The second is an authentication scheme capable of detecting and identifying unauthorized users.

  19. Security studies

    International Nuclear Information System (INIS)

    Venot, R.

    2001-01-01

    Full text: Security studies constitute one of the major tools for evaluating the provisions implemented at facilities to protect and control Nuclear Material against unauthorized removal. Operators use security studies to demonstrate that they are complying with objectives set by the Competent Authority to counter internal or external acts aimed at unauthorized removal of NM. The paper presents the context of security studies carried out in France. The philosophy of these studies is based on a postulated unauthorized removal of NM and the study of the behavior of the systems implemented to control and protect NM in a facility. The potential unauthorized removal of NM usually may take place in two stages. The first stage involves the sequence leading to handling of the NM. It occurs inside the physical barriers of a facility and may include action involving the documents corresponding to Material Control and Accounting systems. At this stage it is possible to limit the risk of unauthorized removal of NM by means of detection capabilities of the MC and A systems. The second stage is more specific to theft and involves removing the NM out of the physical barriers of a facility in which they are being held, notably by affecting the Physical Protection System. Operators have to study, from a quantity and time lapse point of view, the ability of the installed systems to detect unauthorized removal, as well as the possibility of tampering with the systems to mask unlawful operations. Operators have also to analyze the sequences during which NM are accessed, removed from their containment and further removed from the facility in which they are stored. At each stage in the process, the probability of detection and the time taken to carry out the above actions have to be estimated. Of course, these two types of studies complement each other. Security studies have begun, in France, for more than fifteen years. Up to now more than fifty security studies are available in the

  20. National Cyber Security Policy

    Indian Academy of Sciences (India)

    National Cyber Security Policy. Salient Features: Caters to ... Creating a secure cyber ecosystem. Creating an assurance framework. Encouraging Open Standards. Strengthening the Regulatory framework. Creating mechanisms for security threat early warning, vulnerability management and response to security threats.

  1. Security Inequalities in North America: Reassessing Regional Security Complex Theory

    Directory of Open Access Journals (Sweden)

    Richard Kilroy

    2017-12-01

    Full Text Available This article re-evaluates earlier work done by the authors on Regional Security Complex Theory (RSCT in North America, using sectoral analysis initially developed by Buzan and Waever, but also adding the variables of institutions, identity, and interests. These variables are assessed qualitatively in the contemporary context on how they currently impress upon the process of securitization within sectoral relations between Canada, Mexico, and the United States. The article reviews the movement from bilateral security relations between these states to the development of a trilateral response to regional security challenges post- 9/11. It further addresses the present period and what appears to be a security process derailed by recent political changes and security inequalities, heightened by the election of Donald Trump in 2016. The article argues that while these three states initially evinced a convergence of regional security interests after 9/11, which did create new institutional responses, under the current conditions, divergence in political interests and security inequalities have reduced the explanatory power of RSCT in North America. Relations between states in North American are becoming less characterized by the role of institutions and interests and more by identity politics in the region.

  2. Statistical security for Social Security.

    Science.gov (United States)

    Soneji, Samir; King, Gary

    2012-08-01

    The financial viability of Social Security, the single largest U.S. government program, depends on accurate forecasts of the solvency of its intergenerational trust fund. We begin by detailing information necessary for replicating the Social Security Administration's (SSA's) forecasting procedures, which until now has been unavailable in the public domain. We then offer a way to improve the quality of these procedures via age- and sex-specific mortality forecasts. The most recent SSA mortality forecasts were based on the best available technology at the time, which was a combination of linear extrapolation and qualitative judgments. Unfortunately, linear extrapolation excludes known risk factors and is inconsistent with long-standing demographic patterns, such as the smoothness of age profiles. Modern statistical methods typically outperform even the best qualitative judgments in these contexts. We show how to use such methods, enabling researchers to forecast using far more information, such as the known risk factors of smoking and obesity and known demographic patterns. Including this extra information makes a substantial difference. For example, by improving only mortality forecasting methods, we predict three fewer years of net surplus, $730 billion less in Social Security Trust Funds, and program costs that are 0.66% greater for projected taxable payroll by 2031 compared with SSA projections. More important than specific numerical estimates are the advantages of transparency, replicability, reduction of uncertainty, and what may be the resulting lower vulnerability to the politicization of program forecasts. In addition, by offering with this article software and detailed replication information, we hope to marshal the efforts of the research community to include ever more informative inputs and to continue to reduce uncertainties in Social Security forecasts.

  3. Metaphors for cyber security.

    Energy Technology Data Exchange (ETDEWEB)

    Moore, Judy Hennessey; Parrott, Lori K.; Karas, Thomas H.

    2008-08-01

    This report is based upon a workshop, called 'CyberFest', held at Sandia National Laboratories on May 27-30, 2008. Participants in the workshop came from organizations both outside and inside Sandia. The premise of the workshop was that thinking about cyber security from a metaphorical perspective could lead to a deeper understanding of current approaches to cyber defense and perhaps to some creative new approaches. A wide range of metaphors was considered, including those relating to: military and other types of conflict, biological, health care, markets, three-dimensional space, and physical asset protection. These in turn led to consideration of a variety of possible approaches for improving cyber security in the future. From the proposed approaches, three were formulated for further discussion. These approaches were labeled 'Heterogeneity' (drawing primarily on the metaphor of biological diversity), 'Motivating Secure Behavior' (taking a market perspective on the adoption of cyber security measures) and 'Cyber Wellness' (exploring analogies with efforts to improve individual and public health).

  4. Network security

    CERN Document Server

    Perez, André

    2014-01-01

    This book introduces the security mechanisms deployed in Ethernet, Wireless-Fidelity (Wi-Fi), Internet Protocol (IP) and MultiProtocol Label Switching (MPLS) networks. These mechanisms are grouped throughout the book according to the following four functions: data protection, access control, network isolation, and data monitoring. Data protection is supplied by data confidentiality and integrity control services. Access control is provided by a third-party authentication service. Network isolation is supplied by the Virtual Private Network (VPN) service. Data monitoring consists of applying

  5. Information Security

    OpenAIRE

    2005-01-01

    Information security is all about the protection of digital assets, such as digital content, personal health records, state secrets etc. These assets can be handled by a party who is authorised to access and control the asset or a party who is not authorised to do so. Authorisation determines who is trusted to actually handle an asset. Two concepts complement authorisation. Authentication deter-mines who makes a request to handle an asset. To decide who is authorised, a system needs to au-the...

  6. How Competent Are Healthcare Professionals in Working According to a Bio-Psycho-Social Model in Healthcare? The Current Status and Validation of a Scale.

    Directory of Open Access Journals (Sweden)

    Dominique Van de Velde

    Full Text Available Over the past decades, there has been a paradigm shift from a purely biomedical towards a bio-psycho-social (BPS conception of disability and illness, which has led to a change in contemporary healthcare. However, there seems to be a gap between the rhetoric and reality of working within a BPS model. It is not clear whether healthcare professionals show the necessary skills and competencies to act according to the BPS model.The aim of this study was (1 to develop a scale to monitor the BPS competencies of healthcare professionals, (2 to define its factor-structure, (3 to check internal consistency, (4 test-retest reliability and (5 feasibility.Item derivation for the BPS scale was based on qualitative research with seven multidisciplinary focus groups (n = 58 of both patients and professionals. In a cross-sectional study design, 368 healthcare professionals completed the BPS scale through a digital platform. An exploratory factor analysis was performed to determine underlying dimensions. Statistical coherence was expressed in item-total correlations and in Cronbach's α coefficient. An intra-class-correlation coefficient was used to rate the test-retest reliability.The qualitative study revealed 45 items. The exploratory factor analysis showed five underlying dimensions labelled as: (1 networking, (2 using the expertise of the client, (3 assessment and reporting, (4 professional knowledge and skills and (5 using the environment. The results show a good to strong homogeneity (item-total ranged from 0.59 to 0.79 and a strong internal consistency (Cronbach's α ranged from 0.75 to 0.82. ICC ranged between 0.82 and 0.93.The BPS scale appeared to be a valid and reliable measure to rate the BPS competencies of the healthcare professionals and offers opportunities for an improvement in the healthcare delivery. Further research is necessary to test the construct validity and to detect whether the scale is responsive and able to detect changes over time.

  7. Information Security and Integrity Systems

    Science.gov (United States)

    1990-01-01

    Viewgraphs from the Information Security and Integrity Systems seminar held at the University of Houston-Clear Lake on May 15-16, 1990 are presented. A tutorial on computer security is presented. The goals of this tutorial are the following: to review security requirements imposed by government and by common sense; to examine risk analysis methods to help keep sight of forest while in trees; to discuss the current hot topic of viruses (which will stay hot); to examine network security, now and in the next year to 30 years; to give a brief overview of encryption; to review protection methods in operating systems; to review database security problems; to review the Trusted Computer System Evaluation Criteria (Orange Book); to comment on formal verification methods; to consider new approaches (like intrusion detection and biometrics); to review the old, low tech, and still good solutions; and to give pointers to the literature and to where to get help. Other topics covered include security in software applications and development; risk management; trust: formal methods and associated techniques; secure distributed operating system and verification; trusted Ada; a conceptual model for supporting a B3+ dynamic multilevel security and integrity in the Ada runtime environment; and information intelligence sciences.

  8. Beyond anxious predisposition: do padecer de nervios and ataque de nervios add incremental validity to predictions of current distress among Mexican mothers?

    Science.gov (United States)

    Alcántara, Carmela; Abelson, James L; Gone, Joseph P

    2012-01-01

    Nervios (PNRV) and ataque de nervios (ATQ) are culture-bound syndromes with overlapping symptoms of anxiety, depression, and dissociation, shown to have inconsistent associations to psychiatric disorder. Few studies test the basic assumption that PNRV and ATQ are uniformly linked to distress outcomes across Latina/o immigrant groups. This study examined: (a) the extent to which acculturative stress, Latino/US American acculturation, and anxious predisposition were associated with lifetime history of ATQ and PNRV, and (b) the extent to which ATQ and PNRV add incremental validity in explaining acculturative stress and psychological distress beyond measures of anxious predisposition. Participants (n = 82) included Mexican mothers who completed surveys on acculturation, trait anxiety, anxiety sensitivity, lifetime ATQ/PNRV, psychological distress, and acculturative stress. Lifetime PNRV, but not lifetime ATQ, was significantly predictive of psychological distress. PNRV was also linked to trait anxiety. Psychometric measures of anxious predisposition (trait anxiety and anxiety sensitivity) were more robust predictors of distress outcomes than lifetime history of ATQ/PNRV. Inquiry into lifetime history of nervios may be a useful point of entry in talking to Mexican immigrant mothers about stress and distress. However, standard tools for assessing anxiety sensitivity and trait anxiety appear most useful in identifying and explaining the presence of psychological distress. Further research is needed to determine the cross-cultural relevance of trait anxiety and anxiety sensitivity, and its implications for the development of anxiety treatments that are effective across cultures. © 2011 Wiley-Liss, Inc.

  9. Securing Cloud - The Quantum Way

    OpenAIRE

    Pandya, Marmik

    2015-01-01

    Confidentiality, Integrity, and Availability are basic goals of security architecture. To ensure CIA, many authentication scheme has been introduced in several years. Currently deployment of Public Key Infrastructure (PKI) is a most significant solution. PKI involving exchange key using certificates via a public channel to a authenticate users in the cloud infrastructure. It is exposed to widespread security threats such as eavesdropping, the man in the middle attack, masquerade et al. Quantu...

  10. A circuital model of switching behaviour of 4H-SiC p+-n-n+ diodes valid at any current and temperature

    International Nuclear Information System (INIS)

    Bellone, S; Benedetto, L Di; Licciardo, G D; Corte, F Della

    2014-01-01

    A circuital model of 4H-SiC p + -n-n + diodes is presented, which is able to describe the switching behaviour of the devices in a wide range of current, voltage and temperature, at an arbitrary instant, with comparable accuracy of numerical simulations. The model has been analytically derived under generic conditions and is capable to calculate also the dynamic spatial distribution of minority carriers in the epitaxial layer. The accuracy of the model is shown by comparison with numerical simulations and experimental measurements.

  11. Communication security in open health care networks.

    Science.gov (United States)

    Blobel, B; Pharow, P; Engel, K; Spiegel, V; Krohn, R

    1999-01-01

    Fulfilling the shared care paradigm, health care networks providing open systems' interoperability in health care are needed. Such communicating and co-operating health information systems, dealing with sensitive personal medical information across organisational, regional, national or even international boundaries, require appropriate security solutions. Based on the generic security model, within the European MEDSEC project an open approach for secure EDI like HL7, EDIFACT, XDT or XML has been developed. The consideration includes both securing the message in an unsecure network and the transport of the unprotected information via secure channels (SSL, TLS etc.). Regarding EDI, an open and widely usable security solution has been specified and practically implemented for the examples of secure mailing and secure file transfer (FTP) via wrapping the sensitive information expressed by the corresponding protocols. The results are currently prepared for standardisation.

  12. Secure Wireless Sensor Networks: Problems and Solutions

    Directory of Open Access Journals (Sweden)

    Fei Hu

    2003-08-01

    Full Text Available As sensor networks edge closer towards wide-spread deployment, security issues become a central concern. So far, the main research focus has been on making sensor networks feasible and useful, and less emphasis was placed on security. This paper analyzes security challenges in wireless sensor networks and summarizes key issues that should be solved for achieving the ad hoc security. It gives an overview of the current state of solutions on such key issues as secure routing, prevention of denial-of-service and key management service. We also present some secure methods to achieve security in wireless sensor networks. Finally we present our integrated approach to securing sensor networks.

  13. Improved verification methods for OVI security ink

    Science.gov (United States)

    Coombs, Paul G.; Markantes, Tom

    2000-04-01

    Together, OVP Security Pigment in OVI Security Ink, provide an excellent method of overt banknote protection. The effective use of overt security feature requires an educated public. The rapid rise in computer-generated counterfeits indicates that consumers are not as educate das to banknote security features as they should be. To counter the education issue, new methodologies have been developed to improve the validation of banknotes using the OVI ink feature itself. One of the new methods takes advantage of the overt nature of the product's optically variable effect. Another method utilizes the unique optical interference characteristics provided by the OVP platelets.

  14. Security infrastructures: towards the INDECT system security

    OpenAIRE

    Stoianov, Nikolai; Urueña, Manuel; Niemiec, Marcin; Machník, Petr; Maestro, Gema

    2012-01-01

    This paper provides an overview of the security infrastructures being deployed inside the INDECT project. These security infrastructures can be organized in five main areas: Public Key Infrastructure, Communication security, Cryptography security, Application security and Access control, based on certificates and smartcards. This paper presents the new ideas and deployed testbeds for these five areas. In particular, it explains the hierarchical architecture of the INDECT PKI...

  15. Internet Banking Security Strategy: Securing Customer Trust

    OpenAIRE

    Frimpong Twum; Kwaku Ahenkora

    2012-01-01

    Internet banking strategies should enhance customers¡¯ online experiences which are affected by trust and security issues. This study provides perspectives of users and nonusers on internet banking security with a view to understanding trust and security factors in relation to adoption and continuous usage. Perception of internet banking security influenced usage intentions. Nonusers viewed internet banking to be insecure but users perceived it to be secure with perceived ease of use influenc...

  16. Draft secure medical database standard.

    Science.gov (United States)

    Pangalos, George

    2002-01-01

    Medical database security is a particularly important issue for all Healthcare establishments. Medical information systems are intended to support a wide range of pertinent health issues today, for example: assure the quality of care, support effective management of the health services institutions, monitor and contain the cost of care, implement technology into care without violating social values, ensure the equity and availability of care, preserve humanity despite the proliferation of technology etc.. In this context, medical database security aims primarily to support: high availability, accuracy and consistency of the stored data, the medical professional secrecy and confidentiality, and the protection of the privacy of the patient. These properties, though of technical nature, basically require that the system is actually helpful for medical care and not harmful to patients. These later properties require in turn not only that fundamental ethical principles are not violated by employing database systems, but instead, are effectively enforced by technical means. This document reviews the existing and emerging work on the security of medical database systems. It presents in detail the related problems and requirements related to medical database security. It addresses the problems of medical database security policies, secure design methodologies and implementation techniques. It also describes the current legal framework and regulatory requirements for medical database security. The issue of medical database security guidelines is also examined in detailed. The current national and international efforts in the area are studied. It also gives an overview of the research work in the area. The document also presents in detail the most complete to our knowledge set of security guidelines for the development and operation of medical database systems.

  17. Security careers skills, compensation, and career paths

    CERN Document Server

    Walker, Stephen W

    2014-01-01

    The third edition of Security Careers is the authoritative reference for current job descriptions and pay practices of security, compliance, ethics, environmental, health and safety occupations. The job descriptions and compensation ranges in this report are drawn from research from the Foushée Group, which has been conducting this research since 1980. Security Careers includes more than 75 job descriptions for security-related positions, which range from the entry-level security guard to the top global corporate executive. It also provides four years of compensation trend data to give a th

  18. Attachment Security Balances Perspectives: Effects of Security Priming on Highly Optimistic and Pessimistic Explanatory Styles.

    Science.gov (United States)

    Deng, Yanhe; Yan, Mengge; Chen, Henry; Sun, Xin; Zhang, Peng; Zeng, Xianglong; Liu, Xiangping; Lye, Yue

    2016-01-01

    Highly optimistic explanatory style (HOES) and highly pessimistic explanatory style (HPES) are two maladaptive ways to explain the world and may have roots in attachment insecurity. The current study aims to explore the effects of security priming - activating supportive representations of attachment security - on ameliorating these maladaptive explanatory styles. 57 participants with HOES and 57 participants with HPES were randomized into security priming and control conditions. Their scores of overall optimistic attribution were measured before and after priming. Security priming had a moderating effect: the security primed HOES group exhibited lower optimistic attribution, while the security primed HPES group evinced higher scores of optimistic attribution. Furthermore, the security primed HOES group attributed positive outcomes more externally, while the security primed HPES group attributed successful results more internally. The results support the application of security priming interventions on maladaptive explanatory styles. Its potential mechanism and directions for future study are also discussed.

  19. Security threads: effective security devices in the past, present, and future

    Science.gov (United States)

    Wolpert, Gary R.

    2002-04-01

    Security threads were first used to secure banknotes in the mid 1800's. The key to their anti-counterfeiting success was the fact that by being embedded in the paper, they became an integral part of the banknote substrate. Today, all major currencies still utilize this effective security feature. Technological developments have allowed security threads to evolve from a feature authenticated by only visual means to devices that incorporate both visual and machine detectable components. When viewed from the perspective of a thread being a carrier of various security technologies and the fact that they can be incorporated into the core substrate of banknotes, documents, labels, packaging and some high valued articles, it is clear that security threads will remain as effective security devices well into the future. This paper discusses a brief historical background of security threads, current visual and machine authentication technologies incorporated into threads today and a look to the future of threads as effective security devices.

  20. Planning security for supply security

    International Nuclear Information System (INIS)

    Spies von Buellesheim.

    1994-01-01

    The situation of the hardcoal mining industry is still difficult, however better than last year. Due to better economic trends in the steel industry, though on a lower level, sales in 1994 have stabilised. Stocks are being significantly reduced. As to the production, we have nearly reached a level which has been politically agreed upon in the long run. Due to the determined action of the coalmining companies, a joint action of management and labour, the strong pressure has been mitigated. On the energy policy sector essential targets have been achieved: First of all the ECSC decision on state aid which will be in force up to the year 2002 and which will contribute to accomplish the results of the 1991 Coal Round. Furthermore, the 1994 Act on ensuring combustion of hardcoal in electricity production up to the year 2005. The hardcoal mining industry is grateful to all political decision makers for the achievements. The industry demands, however, that all questions still left open, including the procurement of financial means after 1996, should be settled soon on the basis of the new act and in accordance with the 1991 Coal Round and the energy concept of the Federal Government. German hardcoal is an indispensable factor within a balanced energy mix which guarantees the security of our energy supply, the security of the price structure and the respect of the environment. (orig.) [de

  1. Implementation of Learning Organization Components in Ardabil Social Security Hospital

    Directory of Open Access Journals (Sweden)

    Azadeh Zirak

    2015-06-01

    Full Text Available This study aimed to investigate the implementation of learning organization characteristics based on Marquardt systematic model in Ardabil Social Security Hospital. The statistical population of this research was 234 male and female employees of Ardabil Social Security Hospital. For data collection, Marquardt questionnaire was used in the present study which its validity and reliability had been confirmed. Statistical analysis of hypotheses based on independent samples t-test showed that learning organization characteristics were used more than average level in some subsystems of Marquardt model and there was a significant difference between current position and excellent position based on learning organization characteristic application. According to the research findings, more attention should be paid to the subsystems of learning organization establishment and balanced development of these subsystems.

  2. Information security fundamentals

    CERN Document Server

    Peltier, Thomas R

    2013-01-01

    Developing an information security program that adheres to the principle of security as a business enabler must be the first step in an enterprise's effort to build an effective security program. Following in the footsteps of its bestselling predecessor, Information Security Fundamentals, Second Edition provides information security professionals with a clear understanding of the fundamentals of security required to address the range of issues they will experience in the field.The book examines the elements of computer security, employee roles and r

  3. ORACLE DATABASE SECURITY

    OpenAIRE

    Cristina-Maria Titrade

    2011-01-01

    This paper presents some security issues, namely security database system level, data level security, user-level security, user management, resource management and password management. Security is a constant concern in the design and database development. Usually, there are no concerns about the existence of security, but rather how large it should be. A typically DBMS has several levels of security, in addition to those offered by the operating system or network. Typically, a DBMS has user a...

  4. Geomanetically Induced Currents (GIC) calculation, impact assessment on transmission system and validation using 3-D earth conductivity tensors and GIC measurements.

    Science.gov (United States)

    Sharma, R.; McCalley, J. D.

    2016-12-01

    Geomagnetic disturbance (GMD) causes the flow of geomagnetically induced currents (GIC) in the power transmission system that may cause large scale power outages and power system equipment damage. In order to plan for defense against GMD, it is necessary to accurately estimate the flow of GICs in the power transmission system. The current calculation as per NERC standards uses the 1-D earth conductivity models that don't reflect the coupling between the geoelectric and geomagnetic field components in the same direction. For accurate estimation of GICs, it is important to have spatially granular 3-D earth conductivity tensors, accurate DC network model of the transmission system and precisely estimated or measured input in the form of geomagnetic or geoelectric field data. Using these models and data the pre event, post event and online planning and assessment can be performed. The pre, post and online planning can be done by calculating GIC, analyzing voltage stability margin, identifying protection system vulnerabilities and estimating heating in transmission equipment. In order to perform the above mentioned tasks, an established GIC calculation and analysis procedure is needed that uses improved geophysical and DC network models obtained by model parameter tuning. The issue is addressed by performing the following tasks; 1) Geomagnetic field data and improved 3-D earth conductivity tensors are used to plot the geoelectric field map of a given area. The obtained geoelectric field map then serves as an input to the PSS/E platform, where through DC circuit analysis the GIC flows are calculated. 2) The computed GIC is evaluated against GIC measurements in order to fine tune the geophysical and DC network model parameters for any mismatch in the calculated and measured GIC. 3) The GIC calculation procedure is then adapted for a one in 100 year storm, in order to assess the impact of the worst case GMD on the power system. 4) Using the transformer models, the voltage

  5. Computer Security: the security marathon, part 2

    CERN Multimedia

    Computer Security Team

    2014-01-01

    Do you recall our latest article on the “Security Marathon” (see here) and why it’s wrong to believe that computer security is a sprint, that a quick hack is invulnerable, that quick bug-fixing is sufficient, that plugging security measures on top of existing structures is a good idea, that once you are secure, your life is cosy?   In fact, security is a marathon for us too. Again and again, we have felt comfortable with the security situation at CERN, with dedicated protections deployed on individual hosts, with the security measures deployed by individual service managers, with the attentiveness and vigilance of our users, and with the responsiveness of the Management. Again and again, however, we subsequently detect or receive reports that this is wrong, that protections are incomplete, that security measures are incomplete, that security awareness has dropped. Thus, unfortunately, we often have to go back to square one and address similar issues over and over...

  6. Securing the Global Airspace System Via Identity-Based Security

    Science.gov (United States)

    Ivancic, William D.

    2015-01-01

    Current telecommunications systems have very good security architectures that include authentication and authorization as well as accounting. These three features enable an edge system to obtain access into a radio communication network, request specific Quality-of-Service (QoS) requirements and ensure proper billing for service. Furthermore, the links are secure. Widely used telecommunication technologies are Long Term Evolution (LTE) and Worldwide Interoperability for Microwave Access (WiMAX) This paper provides a system-level view of network-centric operations for the global airspace system and the problems and issues with deploying new technologies into the system. The paper then focuses on applying the basic security architectures of commercial telecommunication systems and deployment of federated Authentication, Authorization and Accounting systems to provide a scalable, evolvable reliable and maintainable solution to enable a globally deployable identity-based secure airspace system.

  7. Routing architecture and security for airborne networks

    Science.gov (United States)

    Deng, Hongmei; Xie, Peng; Li, Jason; Xu, Roger; Levy, Renato

    2009-05-01

    Airborne networks are envisioned to provide interconnectivity for terrestial and space networks by interconnecting highly mobile airborne platforms. A number of military applications are expected to be used by the operator, and all these applications require proper routing security support to establish correct route between communicating platforms in a timely manner. As airborne networks somewhat different from traditional wired and wireless networks (e.g., Internet, LAN, WLAN, MANET, etc), security aspects valid in these networks are not fully applicable to airborne networks. Designing an efficient security scheme to protect airborne networks is confronted with new requirements. In this paper, we first identify a candidate routing architecture, which works as an underlying structure for our proposed security scheme. And then we investigate the vulnerabilities and attack models against routing protocols in airborne networks. Based on these studies, we propose an integrated security solution to address routing security issues in airborne networks.

  8. Student Experiential Opportunities in National Security Careers

    Energy Technology Data Exchange (ETDEWEB)

    None, None

    2007-12-31

    This report documents student experiential opportunities in national security careers as part of the National Security Preparedness Project (NSPP), being performed under a Department of Energy (DOE)/National Nuclear Security Administration (NNSA) grant. This report includes a brief description of how experiential opportunities assist students in the selection of a career and a list of opportunities in the private sector and government. The purpose of the NSPP is to promote national security technologies through business incubation, technology demonstration and validation, and workforce development. Workforce development activities will facilitate the hiring of students to work with professionals in both the private and public sectors, as well as assist in preparing a workforce for careers in national security. The goal of workforce development under the NSPP grant is to assess workforce needs in national security and implement strategies to develop the appropriate workforce.

  9. Security in the nuclear medicine department

    International Nuclear Information System (INIS)

    Bassingham, S.; Gane, J.; Chan, P.S.; Heenan, S.; Gulliver, N.; McVey, J.

    2005-01-01

    The current threat from terrorism highlights the need for awareness of adequate security of radioactive sources by health bodies to prevent the opportunistic access to, theft of. or accidental loss of sources, together with stringent security measures in place to prevent the international misuse of radioactive sources as a weapon by unauthorised access. This presentation discusses the processes undertaken to ensure the safety and security of radioactive materials within the nuclear medicine department in line with current regulations and guidelines. These include risk assessments, security systems, audit trails, restricted access and personnel background checks

  10. Determination the validity of the new developed Sport Experts® hand grip dynamometer, measuring continuity of force, and comparison with current Takei and Baseline® dynamometers.

    Science.gov (United States)

    Güçlüöver, A; Kutlu, M; Ciğerci, A E; Esen, H T; Demirkan, E; Erdoğdu, M

    2015-11-01

    In this study the Sport Experts ™ brand of hand grip dynamometer, measuring the continuity of force with the new developed load cell technology, was compared with Takei and Baseline® dynamometers, the current in use. It was tried to determine the correlation between them. In a study with provides use of clinical, orthopedic and rehabilitative purposes in the athletes and patient populations, this developed dynamometer can provide useful data by observing the continuity of force. The sample of the study included 60 badminton players in 2010-2011; consisting of Turkish Junior National male players (N.=16, age: 16.8±1.5), Junior National female players (N.=14, age: 16.9±1.6), amateur level male players (N.=15, age: 16.3±0.8) and amateur level female players (N.=15, age: 16.1±0.6). ANOVA was used in the statistical methods in order to compare the hand grip strength made by different brands; Pearson's correlation coefficient was used to determine the relationship level between dynamometers. Furthermore, test-retest reliability analysis was completed the new developed expert dynamometer. There was no statistically significant difference in the comparison of the dynamometers (P>0.05). Besides, a highly significant relationship (r=0.95 to 0.96) was found among all three dynamometers. However, the reliability coefficient was found (Chronbachs α: 0.989, ICC:0.97, r=0.97), (Pexpert dynamometer. Comparison between the dynamometers and the statistical results obtained from the correlation relationships shows interchangeability of dynamometers. As a result, our observation of force continuity (progression) of the athlete and patient populations is thought to be important.

  11. Information Systems Security Audit

    OpenAIRE

    Gheorghe Popescu; Veronica Adriana Popescu; Cristina Raluca Popescu

    2007-01-01

    The article covers:Defining an information system; benefits obtained by introducing new information technologies; IT management;Defining prerequisites, analysis, design, implementation of IS; Information security management system; aspects regarding IS security policy; Conceptual model of a security system; Auditing information security systems and network infrastructure security.

  12. Marketing Plan for Demonstration and Validation Assets

    Energy Technology Data Exchange (ETDEWEB)

    None, None

    2008-05-30

    The National Security Preparedness Project (NSPP), is to be sustained by various programs, including technology demonstration and evaluation (DEMVAL). This project assists companies in developing technologies under the National Security Technology Incubator program (NSTI) through demonstration and validation of technologies applicable to national security created by incubators and other sources. The NSPP also will support the creation of an integrated demonstration and validation environment. This report documents the DEMVAL marketing and visibility plan, which will focus on collecting information about, and expanding the visibility of, DEMVAL assets serving businesses with national security technology applications in southern New Mexico.

  13. RFID security a lightweight paradigm

    CERN Document Server

    Khattab, Ahmed; Amini, Esmaeil; Bayoumi, Magdy

    2017-01-01

    This book provides a comprehensive treatment of security in the widely adopted, Radio Frequency Identification (RFID) technology. The authors present the fundamental principles of RFID cryptography in a manner accessible to a broad range of readers, enabling them to improve their RFID security design. This book also offers the reader a range of interesting topics portraying the current state-of-the-art in RFID technology and how it can be integrated with today’s Internet of Things (IoT) vision. The authors describe a first-of-its-kind, lightweight symmetric authenticated encryption cipher called Redundant Bit Security (RBS), which enables significant, multi-faceted performance improvements compared to existing cryptosystems. This book is a must-read for anyone aiming to overcome the constraints of practical implementation in RFID security technologies.

  14. IAEA Nuclear Security Human Resource Development Program

    International Nuclear Information System (INIS)

    Braunegger-Guelich, A.

    2009-01-01

    The IAEA is at the forefront of international efforts to strengthen the world's nuclear security framework. The current Nuclear Security Plan for 2006-2009 was approved by the IAEA Board of Governors in September 2005. This Plan has three main points of focus: needs assessment, prevention, detection and response. Its overall objective is to achieve improved worldwide security of nuclear and other radioactive material in use, storage and transport, and of their associated facilities. This will be achieved, in particular, through the provision of guidelines and recommendations, human resource development, nuclear security advisory services and assistance for the implementation of the framework in States, upon request. The presentation provides an overview of the IAEA nuclear security human resource development program that is divided into two parts: training and education. Whereas the training program focuses on filling gaps between the actual performance of personnel working in the area of nuclear security and the required competencies and skills needed to meet the international requirements and recommendations described in UN and IAEA documents relating to nuclear security, the Educational Program in Nuclear Security aims at developing nuclear security experts and specialists, at fostering a nuclear security culture and at establishing in this way sustainable knowledge in this field within a State. The presentation also elaborates on the nuclear security computer based learning component and provides insights into the use of human resource development as a tool in achieving the IAEA's long term goal of improving sustainable nuclear security in States. (author)

  15. LANSCE beam current limiter

    International Nuclear Information System (INIS)

    Gallegos, F.R.

    1996-01-01

    The Radiation Security System (RSS) at the Los Alamos Neutron Science Center (LANSCE) provides personnel protection from prompt radiation due to accelerated beam. Active instrumentation, such as the Beam Current Limiter, is a component of the RSS. The current limiter is designed to limit the average current in a beam line below a specific level, thus minimizing the maximum current available for a beam spill accident. The beam current limiter is a self-contained, electrically isolated toroidal beam transformer which continuously monitors beam current. It is designed as fail-safe instrumentation. The design philosophy, hardware design, operation, and limitations of the device are described

  16. Social security financing.

    Science.gov (United States)

    1980-05-01

    After nearly 2 years of study, the 1979 Advisory Council on Social Security submitted its findings and recommendations in December. In February the Bulletin published the Executive Summary of the Council's report. Because of the continuing wide public interest in the future of social security financing, the Council's detailed findings and recommendations on that subject are published below. The Council unanimously reports that all current and future beneficiaries can count on receiving the payments to which they are entitled. Among the recommendations it calls for are partial financing with nonpayroll-tax revenues. Suggested changes include hospital insurance (HI) financed through portins of personal and corporate income taxes and a part of the HI insurance payroll tax diverted to cash benefits with the balance of this tax repealed. The Council also recommends that the social security cash benefits program be brought into long-run actuarial balance--with a payroll-tax rate increase in the year 2005. It rejects the idea of a value-added tax as being inflationary. Parenthetical remarks represent additional views of the Council members cited.

  17. Security with nuclear weapons

    International Nuclear Information System (INIS)

    Karp, R.C.

    1991-01-01

    Recent improvements in East-West relations and the process of dramatic political change in Europe may result in unprecedented opportunities to reduce the global arsenal of nuclear weapons. Despite these welcome developments, the prospects for effectively controlling the spread of nuclear capability in the Third World have remained much less encouraging. The possibility of large reductions in nuclear weapons poses fundamental questions about their purpose. Why have some states chosen to acquire nuclear weapons? How and why have these decisions been maintained over time? Why have some states elected to approach, but not cross, the nuclear threshold? This book examines the commonalities and differences in political approaches to nuclear weapons both within and between three groups of states: nuclear, non-nuclear and threshold. The chapters explore the evolution of thinking about nuclear weapons and the role these weapons play in national security planning, and question the official security rationales offered by the nuclear weapon states for the maintenance of nuclear capabilities. For the non-nuclear weapon states, the book presents an analysis of alternative ways of assuring security and foreign policy effectiveness. For the threshold states, it examines the regional contexts within which these states maintain their threshold status. This book transcends traditional East-West approaches to analysis of nuclear issues by giving equal prominence to the issues of nuclear proliferation and non-nuclearism. The book also provides a comprehensive analysis of how current approaches to nuclear weapons have evolved both within and among the groups of countries under study

  18. Quality of Security Service: Adaptive Security

    National Research Council Canada - National Science Library

    Levin, Timothy E; Irvine, Cynthia E; Spyropoulou, Evdoxia

    2004-01-01

    The premise of Quality of Security Service is that system and network management functions can be more effective if variable levels of security services and requirements can be presented to users or network tasks...

  19. Social Security Funds Clamor for Reform

    Institute of Scientific and Technical Information of China (English)

    郑秉文

    2008-01-01

    This paper analyzed the institutional deficiencies inherent in China’s social security system based on a dissection of various social security fund violations. It holds that the unscientific design in social security system is the root cause for social security fund violations, which is reflected in low level of social security unification, irrational investment system and legislative loopholes etc. Currently, China’s social security funds are facing risks in management and in system; The key of risk control lies in the reforming of the overall framework of social security system through the following aspects: 1) readjust the unified account system structure to raise the level of unification; 2) reform funds investment system to boost ROI; 3) speeding up legislative to regulate the administrative costs and the behaviors of its entities.

  20. Social Security Bulletin

    Data.gov (United States)

    Social Security Administration — The Social Security Bulletin (ISSN 1937-4666) is published quarterly by the Social Security Administration. The Bulletin is prepared in the Office of Retirement and...

  1. Transportation Security Administration

    Science.gov (United States)

    ... content Official website of the Department of Homeland Security Transportation Security Administration A - Z Index Blog What Can I ... Search form Search the Site Main menu Travel Security Screening Special Procedures TSA Pre✓® Passenger Support Travel ...

  2. Security, Fraud Detection

    Indian Academy of Sciences (India)

    First page Back Continue Last page Overview Graphics. Secure. Secure. Server – Intruder prevention/detection; Network – Encryption, PKI; Client - Secure. Fraud detection based on audit trails. Automatic alerts like credit-card alerts based on suspicious patterns.

  3. Computer security engineering management

    International Nuclear Information System (INIS)

    McDonald, G.W.

    1988-01-01

    For best results, computer security should be engineered into a system during its development rather than being appended later on. This paper addresses the implementation of computer security in eight stages through the life cycle of the system; starting with the definition of security policies and ending with continuing support for the security aspects of the system throughout its operational life cycle. Security policy is addressed relative to successive decomposition of security objectives (through policy, standard, and control stages) into system security requirements. This is followed by a discussion of computer security organization and responsibilities. Next the paper directs itself to analysis and management of security-related risks, followed by discussion of design and development of the system itself. Discussion of security test and evaluation preparations, and approval to operate (certification and accreditation), is followed by discussion of computer security training for users is followed by coverage of life cycle support for the security of the system

  4. USCG Security Plan Review

    Data.gov (United States)

    Department of Homeland Security — The Security Plan Review module is intended for vessel and facility operators to check on the status of their security plans submitted to the US Coast Guard. A MISLE...

  5. Security management of next generation telecommunications networks and services

    CERN Document Server

    Jacobs, Stuart

    2014-01-01

    This book will cover network management security issues and currently available security mechanisms by discussing how network architectures have evolved into the contemporary NGNs which support converged services (voice, video, TV, interactive information exchange, and classic data communications). It will also analyze existing security standards and their applicability to securing network management. This book will review 21st century security concepts of authentication, authorization, confidentiality, integrity, nonrepudiation, vulnerabilities, threats, risks, and effective approaches to enc

  6. Fuel supply security

    International Nuclear Information System (INIS)

    Wakabayashi, Hiroaki

    1987-01-01

    Stable fuel supply is a prerequisite for any nuclear power program including ISER-PIUS. It encompasses procurement of uranium ore, enriched uranium and fuel elements. Uranium is different from oil in that it can be stockpiled for more than a decade besides the fact that the core residence time is as long as six years, for example in the case of ISER-PIUS. These basic fuel characteristics are favoring nuclear fuel over others in terms of supply security. The central concern will be a gradual increase in prices of uranium and enrichment. Under the present glut situation with the worldwide prevalence of LWRs, fuel supply security seems ensured for the time being till the middle of 21st century. It is estimated that by the turn of the century, the free world will have roughly 450 GWe capacity of nuclear power. If 10 % is supplied for ISER-PIUS, more than 200 modules of 200 MWe ISER-PIUS may be deployed all over the world probably starting around 2000. As part of the fuel supply security consideration, heavy water reactor (HWR) may seem interesting to such a country as Indonesia where there is uranium resources but no enrichment capability. But it needs heavy water instead and the operation is not so easy as of LWR, because of the positive void coefficient as was seen at the Chernobyl-4. Safeguarding of the fuel is also difficult, because it lends itself to on line refueling. The current and future situation of the fuel supply security for LWR seem well founded and established long into the future. (Nogami, K.)

  7. Kyrgyzstan's security problems today

    OpenAIRE

    Abduvalieva, Ryskul

    2009-01-01

    Regional stability and security consist of two levels-the external security of each country at the regional level and the internal security of each of them individually. A state's external and internal security are closely interrelated concepts. It stands to reason that ensuring internal security and stability is the primary and most important task. But the external aspect also requires attention. This article takes a look at the most important problems of ensuring Kyrgyzstan's security.

  8. Information Security Maturity Model

    OpenAIRE

    Information Security Maturity Model

    2011-01-01

    To ensure security, it is important to build-in security in both the planning and the design phases andadapt a security architecture which makes sure that regular and security related tasks, are deployedcorrectly. Security requirements must be linked to the business goals. We identified four domains thataffect security at an organization namely, organization governance, organizational culture, thearchitecture of the systems, and service management. In order to identify and explore the strengt...

  9. Security By Design

    OpenAIRE

    Tanner, M. James

    2009-01-01

    Securing a computer from unwanted intrusion requires astute planning and effort to effectively minimize the security invasions computers are plagued with today. While all of the efforts to secure a computer are needed, it seems that the underlying issue of what is being secured has been overlooked. The operating system is at the core of the security issue. Many applications and devices have been put into place to add layers of protection to an already weak operating system. Security did not u...

  10. Foundational aspects of security

    DEFF Research Database (Denmark)

    Chatzikokolakis, Konstantinos; Mödersheim, Sebastian Alexander; Palamidessi, Catuscia

    2014-01-01

    This Special Issue of the Journal of Computer Security focuses on foundational aspects of security, which in recent years have helped change much of the way we think about and approach system security.......This Special Issue of the Journal of Computer Security focuses on foundational aspects of security, which in recent years have helped change much of the way we think about and approach system security....

  11. Security guide for subcontractors

    Energy Technology Data Exchange (ETDEWEB)

    Adams, R.C.

    1991-01-01

    This security guide of the Department of Energy covers contractor and subcontractor access to DOE and Mound facilities. The topics of the security guide include responsibilities, physical barriers, personnel identification system, personnel and vehicular access controls, classified document control, protecting classified matter in use, storing classified matter repository combinations, violations, security education clearance terminations, security infractions, classified information nondisclosure agreement, personnel security clearances, visitor control, travel to communist-controlled or sensitive countries, shipment security, and surreptitious listening devices.

  12. Redefining security.

    Science.gov (United States)

    Mathews, J T

    1989-01-01

    The concept of US national security was redefined in the 1970s to include international economics, and lately environmental degradation has also become a factor, as pollution transcends boundaries. By 2100 another 5-6 billion people may be added to the world's population requiring dramatic production and technology transformation with the resultant expanded energy use, emissions, and waste impacting the ecosystem. Climate change through global warming is in the offing. The exponential growth of the population in the developing world poses a crucial challenge for food production, housing, and employment. At a 1% growth rate population doubles in 72 years, while at 3% it doubles in 24 years. Africa's growth rate is almost 3%, it is close to 2% in Latin America, and it is somewhat less in Asia. Renewable resources such as overfished fishing grounds can become nonrenewable, and vanished species can never be resurrected. Deforestation leads to soil erosion, damage to water resources through floods and silting of irrigation networks, and accelerated loss of species. 20% of species could disappear by 2000 thereby losing genetic resources for chemicals, drugs, and food sources. Overcultivation has caused major erosion and decline of agricultural productivity in Haiti, Guatemala, Turkey, and India. Lopsided land ownership in Latin America requires land reform for sustainable agricultural production in the face of the majority of people cultivating plots for bare subsistence. Human practices that have caused environmental damage include concessions granted to logging companies in the Philippines, mismanagement of natural resources in sub-Saharan Africa, the ozone hole, and the greenhouse effect with potential climate changes. Solutions include family planning, efficient energy use, sustainable agroforestry techniques, and environmental accounting of goods and services.

  13. Explicating Validity

    Science.gov (United States)

    Kane, Michael T.

    2016-01-01

    How we choose to use a term depends on what we want to do with it. If "validity" is to be used to support a score interpretation, validation would require an analysis of the plausibility of that interpretation. If validity is to be used to support score uses, validation would require an analysis of the appropriateness of the proposed…

  14. Some security strategies for smart cards

    Energy Technology Data Exchange (ETDEWEB)

    Ros, F [Gemalto, St Cyr en Val, BP 6021, 45060 Orlans Cedex (France); Harba, R [LESI, Polytech' Orlans-LESI, 12 rue de Blois, 45067 Orleans Cedex 2 (France)

    2007-07-15

    This paper details current developments at Gemalto in the field of security. It focuses on two different security processes for ID cards. The first one consists in adding observable security features in the ID image to allow quick visual verification and serves mainly to detect counterfeit attempts. The second consists in watermarking ID images during the pre personalization step by a secret key stored in the chip. The interest of the different approaches is demonstrated with several real ID images.

  15. Personnel Security Investigations -

    Data.gov (United States)

    Department of Transportation — This data set contains the types of background investigations, decisions, level of security clearance, date of security clearance training, and credentials issued to...

  16. Security 2020 Reduce Security Risks This Decade

    CERN Document Server

    Howard, Doug; Schneier, Bruce

    2010-01-01

    Identify real security risks and skip the hype After years of focusing on IT security, we find that hackers are as active and effective as ever. This book gives application developers, networking and security professionals, those that create standards, and CIOs a straightforward look at the reality of today's IT security and a sobering forecast of what to expect in the next decade. It debunks the media hype and unnecessary concerns while focusing on the knowledge you need to combat and prioritize the actual risks of today and beyond.IT security needs are constantly evolving; this guide examine

  17. Security guide for subcontractors

    Energy Technology Data Exchange (ETDEWEB)

    Adams, R.C.

    1993-06-01

    This guide is provided to aid in the achievement of security objectives in the Department of Energy (DOE) contractor/subcontractor program. The objectives of security are to protect information that, if released, would endanger the common defense and security of the nation and to safeguard plants and installations of the DOE and its contractors to prevent the interruption of research and production programs. The security objective and means of achieving the objective are described. Specific security measures discussed in this guide include physical barriers, personnel identification systems, personnel and vehicular access control, classified document control, protection of classified matter in use, storing classified matter, and repository combinations. Means of dealing with security violations and security infractions are described. Maintenance of a security education program is discussed. Also discussed are methods of handling clearance terminations, visitor control, travel to sensitive countries, and shipment security. The Technical Surveillance Countermeasures Program (TSCM), the Computer Security Program, and the Operations Security Plan (OPSEC) are examined.

  18. Breaking the cyber-security dilemma: aligning security needs and removing vulnerabilities.

    Science.gov (United States)

    Dunn Cavelty, Myriam

    2014-09-01

    Current approaches to cyber-security are not working. Rather than producing more security, we seem to be facing less and less. The reason for this is a multi-dimensional and multi-faceted security dilemma that extends beyond the state and its interaction with other states. It will be shown how the focus on the state and "its" security crowds out consideration for the security of the individual citizen, with detrimental effects on the security of the whole system. The threat arising from cyberspace to (national) security is presented as possible disruption to a specific way of life, one building on information technologies and critical functions of infrastructures, with relatively little consideration for humans directly. This non-focus on people makes it easier for state actors to militarize cyber-security and (re-)assert their power in cyberspace, thereby overriding the different security needs of human beings in that space. Paradoxically, the use of cyberspace as a tool for national security, both in the dimension of war fighting and the dimension of mass-surveillance, has detrimental effects on the level of cyber-security globally. A solution out of this dilemma is a cyber-security policy that is decidedly anti-vulnerability and at the same time based on strong considerations for privacy and data protection. Such a security would have to be informed by an ethics of the infosphere that is based on the dignity of information related to human beings.

  19. 75 FR 65511 - Employee Benefits Security Administration; Submission for OMB Review

    Science.gov (United States)

    2010-10-25

    ... DEPARTMENT OF LABOR Office of the Secretary Employee Benefits Security Administration; Submission...--Employee Benefits Security Administration (EBSA), Office of Management and Budget, Room 10235, Washington...: Employee Benefits Security Administration. Type of Review: Extension without change of a currently approved...

  20. High-Tech Security Help.

    Science.gov (United States)

    Flanigan, Robin L.

    2000-01-01

    Advocates embrace high-tech security measures as necessary to avoid Columbine-style massacres. Critics contend that school systems can go overboard, making students feel less safe and too closely scrutinized. Current electronic, biometric, and computer-mapping devices and school applications are discussed. Vendors are listed. (MLH)

  1. Segurança hemisférica: uma discussão sobre a validade e atualidade de seus mecanismos institucionais Hemispheric security: a discussion about the validity and the contemporary of its institutional mechanisms

    Directory of Open Access Journals (Sweden)

    Graciela De Conti Pagliai

    2006-06-01

    Full Text Available As profundas mudanças que ocorreram no sistema internacional com o término da Guerra Fria provocaram revisão de seus padrões, em especial, dos parâmetros de segurança coletiva hemisférica baseados em mecanismos que visavam garantir a segurança dos Estados-membro mediante a legítima defesa individual ou coletiva. Os Estados-membros indicaram a necessidade de repensar estes arranjos de maneira que os mecanismos estivessem apropriados para enfrentar as novas e difusas ameaças à segurança hemisférica.The deep changes that occurred in the international system with the end of the Cold War provoked the revision of theirs patterns, mainly the hemispheric collective security parameters based on mechanisms that aimed at assuring the security of the member states by means of inherent right of individual or collective self-defense. The member states pointed out the necessity of rethinking these arrangements so that the mechanisms could be suitable to face new and diffuse threatens to hemispheric security.

  2. Conducting an information security audit

    Directory of Open Access Journals (Sweden)

    Prof. Ph.D . Gheorghe Popescu

    2008-05-01

    Full Text Available The rapid and dramatic advances in information technology (IT in recent years have withoutquestion generated tremendous benefits. At the same time, information technology has created significant,nunprecedented risks to government and to entities operations. So, computer security has become muchmore important as all levels of government and entities utilize information systems security measures toavoid data tampering, fraud, disruptions in critical operations, and inappropriate disclosure of sensitiveinformation. Obviously, uses of computer security become essential in minimizing the risk of malicious attacksfrom individuals and groups, considering that there are many current computer systems with onlylimited security precautions in place.As we already know financial audits are the most common examinations that a business manager en-counters.This is a familiar area for most executives: they know that financial auditors are going to examine the financial records and how those records are used. They may even be familiar with physical securityaudits. However, they are unlikely to be acquainted with information security audits; that is an audit ofhow the confidentiality, availability and integrity of an organization’s information are assured. Any way,if not, they should be, especially that an information security audit is one of the best ways to determine thesecurity of an organization’s information without incurring the cost and other associated damages of a securityincident.

  3. Information security in academic libraries: the role of the librarian in planning and introducing institutional policies

    Directory of Open Access Journals (Sweden)

    Juliana Soares Lima

    2017-04-01

    Full Text Available This study presents a short discussion about the role of the librarian as a mediator at planning, developing and implementing an Information Security Policy in Academic Libraries, by working together with professionals in the field of Information Technology. It also discusses the main virtual threats and some risks that are prone to infect computers in libraries. Based on the current legislation and on some normative documents about information security, it is confirmed the importance of the librarian take part in the main decision-making related to information security, such as planning a consistent Information Security Policy which be able to see the specific needs of Academic Libraries as institutions prone to cyberattacks. The main topics and guidelines to carry out an Information Security Policy are presented based on the results that were obtained through an action research, by visiting libraries to fill in application forms and to compose reports whose content was analyzed. Finally, the study concludes that Information Security Policy must be validated by managers of sectors or departments which the Academic Library is hierarchically subordinate to.

  4. Security leader insights for information protection lessons and strategies from leading security professionals

    CERN Document Server

    Fahy, Bob

    2014-01-01

    How do you, as a busy security executive or manager, stay current with evolving issues, familiarize yourself with the successful practices of your peers, and transfer this information to build a knowledgeable, skilled workforce the times now demand? With Security Leader Insights for Information Protection, a collection of timeless leadership best practices featuring insights from some of the nation's most successful security practitioners, you can. This book can be used as a quick and effective resource to bring your security staff up to speed on security's role in information protection. I

  5. Food security governance: a systematic literature review

    NARCIS (Netherlands)

    Candel, J.J.L.

    2014-01-01

    The role of governance has been receiving increasing attention from food security scholars in recent years. However, in spite of the recognition that governance matters, current knowledge of food security governance is rather fragmented. To provide some clarity in the debate about the role of

  6. Privacy and security disclosures on telecardiology websites

    NARCIS (Netherlands)

    Dubbeld, L.

    2006-01-01

    This article discusses telemedicine providers¿ online privacy and security disclosures. It presents the results of an exploratory study of a number of telecardiology companies¿ Web sites, providing insight in some of the current strategies towards data protection and information security in the

  7. Real time test bed development for power system operation, control and cyber security

    Science.gov (United States)

    Reddi, Ram Mohan

    The operation and control of the power system in an efficient way is important in order to keep the system secure, reliable and economical. With advancements in smart grid, several new algorithms have been developed for improved operation and control. These algorithms need to be extensively tested and validated in real time before applying to the real electric power grid. This work focuses on the development of a real time test bed for testing and validating power system control algorithms, hardware devices and cyber security vulnerability. The test bed developed utilizes several hardware components including relays, phasor measurement units, phasor data concentrator, programmable logic controllers and several software tools. Current work also integrates historian for power system monitoring and data archiving. Finally, two different power system test cases are simulated to demonstrate the applications of developed test bed. The developed test bed can also be used for power system education.

  8. Secure Storage Architectures

    Energy Technology Data Exchange (ETDEWEB)

    Aderholdt, Ferrol [Tennessee Technological University; Caldwell, Blake A [ORNL; Hicks, Susan Elaine [ORNL; Koch, Scott M [ORNL; Naughton, III, Thomas J [ORNL; Pogge, James R [Tennessee Technological University; Scott, Stephen L [Tennessee Technological University; Shipman, Galen M [ORNL; Sorrillo, Lawrence [ORNL

    2015-01-01

    help with this issue, which are a particular instances of the more general challenge of efficient host/guest IO that is the focus of interfaces like virtio. A collection of bridging technologies have been identified in Chapter 4, which can be helpful to overcome the limitations and challenges of supporting efficient storage for secure enclaves. The synthesis of native filesystem security mechanisms and bridging technologies led to an isolation-centric storage architecture that is proposed in Chapter 5, which leverages isolation mechanisms from different layers to facilitate secure storage for an enclave. Recommendations: The following highlights recommendations from the investigations done thus far. - The Lustre filesystem offers excellent performance but does not support some security related features, e.g., encryption, that are included in GPFS. If encryption is of paramount importance, then GPFS may be a more suitable choice. - There are several possible Lustre related enhancements that may provide functionality of use for secure-enclaves. However, since these features are not currently integrated, the use of Lustre as a secure storage system may require more direct involvement (support). (*The network that connects the storage subsystem and users, e.g., Lustre s LNET.) - The use of OpenStack with GPFS will be more streamlined than with Lustre, as there are available drivers for GPFS. - The Manilla project offers Filesystem as a Service for OpenStack and is worth further investigation. Manilla has some support for GPFS. - The proposed Lustre enhancement of Dynamic-LNET should be further investigated to provide more dynamic changes to the storage network which could be used to isolate hosts and their tenants. - The Linux namespaces offer a good solution for creating efficient restrictions to shared HPC filesystems. However, we still need to conduct a thorough round of storage/filesystem benchmarks. - Vendor products should be more closely reviewed, possibly to

  9. Security Theories of Third World

    Directory of Open Access Journals (Sweden)

    Alexandra Victorovna Khudaykulova

    2016-12-01

    Full Text Available This article analyzes the security studies in the “Third World”. The evolution of the conceptual apparatus in the field of security studies and in the understanding of the “Third World” is given. The author provides us an analysis of the security issues in the so-called “post-colonial” countries in the years of “cold war” and in the post-bipolar period, defines the domain of security for the developing world and the current agenda. Particular attention is paid to the analysis of the security concepts of the late XX century - the “security of the person”, “securitization”, “humanitarian intervention” - which are of particular concern to countries of the “Third World”. An alternative format of the “Third World” in the categories of postmodern, modern and premodern worlds is given, the term of “non-Westphalian” state is used as well. Basic characteristics of the “Third World” in the socio-economic and political spheres are provided. The author emphasizes that the state of security of the “Third World” is fundamentally different from that of the developed Western countries, since most threats in non-Western countries, does not come from the outside, but from within. Accordingly, the non-Western security theory does not focus exclusively on military issues and explore a wide range of issues of civil nature - economic, political, social, environmental and development challenges, as well as poverty and underdevelopment.

  10. Secure Path Selection under Random Fading

    Directory of Open Access Journals (Sweden)

    Furqan Jameel

    2017-05-01

    Full Text Available Application-oriented Wireless Sensor Networks (WSNs promises to be one of the most useful technologies of this century. However, secure communication between nodes in WSNs is still an unresolved issue. In this context, we propose two protocols (i.e. Optimal Secure Path (OSP and Sub-optimal Secure Path (SSP to minimize the outage probability of secrecy capacity in the presence of multiple eavesdroppers. We consider dissimilar fading at the main and wiretap link and provide detailed evaluation of the impact of Nakagami-m and Rician-K factors on the secrecy performance of WSNs. Extensive simulations are performed to validate our findings. Although the optimal scheme ensures more security, yet the sub-optimal scheme proves to be a more practical approach to secure wireless links.

  11. Unix Security Cookbook

    Science.gov (United States)

    Rehan, S. C.

    This document has been written to help Site Managers secure their Unix hosts from being compromised by hackers. I have given brief introductions to the security tools along with downloading, configuring and running information. I have also included a section on my recommendations for installing these security tools starting from an absolute minimum security requirement.

  12. Untangle network security

    CERN Document Server

    El-Bawab, Abd El-Monem A

    2014-01-01

    If you are a security engineer or a system administrator and want to secure your server infrastructure with the feature-rich Untangle, this book is for you. For individuals who want to start their career in the network security field, this book would serve as a perfect companion to learn the basics of network security and how to implement it using Untangle NGFW.

  13. Arguing Against Security Communitarianism

    DEFF Research Database (Denmark)

    Bilgin, Pinar

    2016-01-01

    Anthony Burke’s ‘security cosmopolitanism’ is a fresh and thought-provoking contribution to critical theorizing about security. In this discussion piece, I would like to join Burke’s call for ‘security cosmopolitanism’ by way of arguing against ‘security communitarianism’. I understand the latter...

  14. Security research roadmap

    Energy Technology Data Exchange (ETDEWEB)

    Rouhiainen, V. (ed.)

    2007-02-15

    VTT has a broad range of security research ongoing in many areas of technology. The main areas have been concentrating on public safety and security, but VTT is also participating in several research projects related to defence technology. To identify and define expertise and research goals in more detail, the Security research roadmap was developed. The roadmap identified three particularly significant areas related to security. The assurance of a critical infrastructure emphasises the protection of energy networks, information networks, water supply, traffic and transport, and obviously also the citizens. For assuring the activities of entrepreneurship, significant areas include the security of production and services, the security of sites and assets, and information security for embedded systems. The most important security products and technologies needed are, for example, management of total security, detection, identification, localisation and communication, protection of information networks and systems, as well as physical protection. In the EU's Security programme, which aims at ensuring the security of society and its vital functions, it is stated that. Technology alone can not assure security, but security can not be assured without the support of technology. VTT is conducting security research in all its areas of expertise and clusters. The area has a significant research potential. The development of products and systems designed for the improvement of security has just started. There is still room for innovation. This report presents knowledge and development needs in more detail, as well as future development potential seen in the area of security. (orig.)

  15. Computer Security at Nuclear Facilities (French Edition)

    International Nuclear Information System (INIS)

    2013-01-01

    The possibility that nuclear or other radioactive material could be used for malicious purposes cannot be ruled out in the current global situation. States have responded to this risk by engaging in a collective commitment to strengthen the protection and control of such material and to respond effectively to nuclear security events. States have agreed to strengthen existing instruments and have established new international legal instruments to enhance nuclear security worldwide. Nuclear security is fundamental in the management of nuclear technologies and in applications where nuclear or other radioactive material is used or transported. Through its Nuclear Security Programme, the IAEA supports States to establish, maintain and sustain an effective nuclear security regime. The IAEA has adopted a comprehensive approach to nuclear security. This recognizes that an effective national nuclear security regime builds on: the implementation of relevant international legal instruments; information protection; physical protection; material accounting and control; detection of and response to trafficking in such material; national response plans; and contingency measures. With its Nuclear Security Series, the IAEA aims to assist States in implementing and sustaining such a regime in a coherent and integrated manner. The IAEA Nuclear Security Series comprises Nuclear Security Fundamentals, which include objectives and essential elements of a State's nuclear security regime; Recommendations; Implementing Guides; and Technical Guidance. Each State carries the full responsibility for nuclear security, specifically: to provide for the security of nuclear and other radioactive material and associated facilities and activities; to ensure the security of such material in use, storage or in transport; to combat illicit trafficking and the inadvertent movement of such material; and to be prepared to respond to a nuclear security event. This publication is in the Technical Guidance

  16. Insulator Contamination Forecasting Based on Fractal Analysis of Leakage Current

    Directory of Open Access Journals (Sweden)

    Bing Luo

    2012-07-01

    Full Text Available In this paper, an artificial pollution test is carried out to study the leakage current of porcelain insulators. Fractal theory is adopted to extract the characteristics hidden in leakage current waveforms. Fractal dimensions of the leakage current for the security, forecast and danger zones are analyzed under four types of degrees of contamination. The mean value and the standard deviation of the fractal dimension in the forecast zone are calculated to characterize the differences. The analysis reveals large differences in the fractal dimension of leakage current under different contamination discharge stages and degrees. The experimental and calculation results suggest that the fractal dimension of a leakage current waveform can be used as a new indicator of the discharge process and contamination degree of insulators. The results provide new methods and valid indicators for forecasting contamination flashovers.

  17. Security problem on arbitrated quantum signature schemes

    International Nuclear Information System (INIS)

    Choi, Jeong Woon; Chang, Ku-Young; Hong, Dowon

    2011-01-01

    Many arbitrated quantum signature schemes implemented with the help of a trusted third party have been developed up to now. In order to guarantee unconditional security, most of them take advantage of the optimal quantum one-time encryption based on Pauli operators. However, in this paper we point out that the previous schemes provide security only against a total break attack and show in fact that there exists an existential forgery attack that can validly modify the transmitted pair of message and signature. In addition, we also provide a simple method to recover security against the proposed attack.

  18. Security problem on arbitrated quantum signature schemes

    Energy Technology Data Exchange (ETDEWEB)

    Choi, Jeong Woon [Emerging Technology R and D Center, SK Telecom, Kyunggi 463-784 (Korea, Republic of); Chang, Ku-Young; Hong, Dowon [Cryptography Research Team, Electronics and Telecommunications Research Institute, Daejeon 305-700 (Korea, Republic of)

    2011-12-15

    Many arbitrated quantum signature schemes implemented with the help of a trusted third party have been developed up to now. In order to guarantee unconditional security, most of them take advantage of the optimal quantum one-time encryption based on Pauli operators. However, in this paper we point out that the previous schemes provide security only against a total break attack and show in fact that there exists an existential forgery attack that can validly modify the transmitted pair of message and signature. In addition, we also provide a simple method to recover security against the proposed attack.

  19. IAEA nuclear security program

    Energy Technology Data Exchange (ETDEWEB)

    Ek, D. [International Atomic Energy Agency, Vienna (Austria)

    2006-07-01

    Although nuclear security is a State responsibility, it is nevertheless an international concern, as the consequences of a nuclear security incident would have worldwide impact. These concerns have resulted in the development of numerous international instruments on nuclear security since the terrorist events in the USA on September 11, 2001. The IAEA Office of Nuclear Security has been charged to assist Member States to improvement their nuclear security and to meet the intent of these international obligations in order to ensure a cohesive thread of nuclear security protects the global community. The programs underway and planned by the Office of Nuclear Security will be discussed in this paper. (author)

  20. IAEA nuclear security program

    International Nuclear Information System (INIS)

    Ek, D.

    2006-01-01

    Although nuclear security is a State responsibility, it is nevertheless an international concern, as the consequences of a nuclear security incident would have worldwide impact. These concerns have resulted in the development of numerous international instruments on nuclear security since the terrorist events in the USA on September 11, 2001. The IAEA Office of Nuclear Security has been charged to assist Member States to improvement their nuclear security and to meet the intent of these international obligations in order to ensure a cohesive thread of nuclear security protects the global community. The programs underway and planned by the Office of Nuclear Security will be discussed in this paper. (author)

  1. Professional Cocoa Application Security

    CERN Document Server

    Lee, Graham J

    2010-01-01

    The first comprehensive security resource for Mac and iPhone developers. The Mac platform is legendary for security, but consequently, Apple developers have little appropriate security information available to help them assure that their applications are equally secure. This Wrox guide provides the first comprehensive go-to resource for Apple developers on the available frameworks and features that support secure application development.: While Macs are noted for security, developers still need to design applications for the Mac and the iPhone with security in mind; this guide offers the first

  2. Potential risks and threats to international security

    Directory of Open Access Journals (Sweden)

    Iurie RICHICINSCHI

    2016-12-01

    Full Text Available Today we can ascertain with certainty that in the early part of the 21st century, the challenges addressed to the current security environment tend to become increasingly diffuse, less predictable and multidimensional, being both a feature of external security, as well as an internal one and, of course, becoming an indispensable part of security policies and strategies. Therefore, the need for international cooperation as a foundation for the stability of the security environment has increased. It should provide a sense of trust and peace by ensuring the absence of danger both for the individual and for the community to which he belongs.

  3. Securing social media in the enterprise

    CERN Document Server

    Dalziel, Henry

    2015-01-01

    Securing Social Media in the Enterprise is a concise overview of the security threats posed by the use of social media sites and apps in enterprise network environments. Social media sites and apps are now a ubiquitous presence within enterprise systems and networks, and are vulnerable to a wide range of digital systems attacks. This brief volume provides security professionals and network systems administrators a much-needed dive into the most current threats, detection techniques, and defenses for these attacks, and provides a roadmap for best practices to secure and manage social media wi

  4. Lecture 2: Software Security

    CERN Multimedia

    CERN. Geneva

    2013-01-01

    Computer security has been an increasing concern for IT professionals for a number of years, yet despite all the efforts, computer systems and networks remain highly vulnerable to attacks of different kinds. Design flaws and security bugs in the underlying software are among the main reasons for this. This lecture addresses the following question: how to create secure software? The lecture starts with a definition of computer security and an explanation of why it is so difficult to achieve. It then introduces the main security principles (like least-privilege, or defense-in-depth) and discusses security in different phases of the software development cycle. The emphasis is put on the implementation part: most common pitfalls and security bugs are listed, followed by advice on best practice for security development, testing and deployment. Sebastian Lopienski is CERN’s deputy Computer Security Officer. He works on security strategy and policies; offers internal consultancy and audit services; develops and ...

  5. Security Requirements Management in Software Product Line Engineering

    Science.gov (United States)

    Mellado, Daniel; Fernández-Medina, Eduardo; Piattini, Mario

    Security requirements engineering is both a central task and a critical success factor in product line development due to the complexity and extensive nature of product lines. However, most of the current product line practices in requirements engineering do not adequately address security requirements engineering. Therefore, in this chapter we will propose a security requirements engineering process (SREPPLine) driven by security standards and based on a security requirements decision model along with a security variability model to manage the variability of the artefacts related to security requirements. The aim of this approach is to deal with security requirements from the early stages of the product line development in a systematic way, in order to facilitate conformance with the most relevant security standards with regard to the management of security requirements, such as ISO/IEC 27001 and ISO/IEC 15408.

  6. International security and arms control

    International Nuclear Information System (INIS)

    Ekeus, R.

    2000-01-01

    The end of the cold war also ended the focus on the bilateral approach to arms control and disarmament. Key concepts of security needed to be revisited, along with their implications for the disarmament and arms control agenda. Though there is currently a unipolar global security environment, there remain important tasks on the multilateral arms control agenda. The major task is that of reducing and eliminating weapons of mass destruction, especially nuclear weapons. The author contends that maintaining reliance on the nuclear-weapons option makes little sense in a time when the major Powers are strengthening their partnerships in economics, trade, peacemaking and building. (author)

  7. Smart Grid Security. White Paper

    Energy Technology Data Exchange (ETDEWEB)

    NONE

    2011-09-15

    One of the biggest concerns for smart grid developers is cyber security due to the reliance on IT communication networks. While the current grid is not immune to energy theft, fraud and malicious cyber-attacks, the smart grid poses new security issues. It is more likely now that theft, malicious attack and fraud will be committed by people working remotely from a laptop several miles away, even in a different country, than someone physically manipulating meters. This makes it difficult to predict where attacks will come from.

  8. Distributed security framework for modern workforce

    Energy Technology Data Exchange (ETDEWEB)

    Balatsky, G.; Scherer, C. P., E-mail: gbalatsky@lanl.gov, E-mail: scherer@lanl.gov [Los Alamos National Laboratory, Los Alamos, NM (United States)

    2014-07-01

    Safe and sustainable nuclear power production depends on strict adherence to nuclear security as a necessary prerequisite for nuclear power. This paper considers the current challenges for nuclear security, and proposes a conceptual framework to address those challenges. We identify several emerging factors that affect nuclear security: 1. Relatively high turnover rates in the nuclear workforce compared to the earlier years of the nuclear industry, when nuclear workers were more likely to have secure employment, a lifelong career at one company, and retirement on a pension plan. 2. Vulnerabilities stemming from the ubiquitous presence of modern electronics and their patterns of use by the younger workforce. 3. Modern management practices, including outsourcing and short-term contracting (which relates to number 1 above). In such a dynamic and complex environment, nuclear security personnel alone cannot effectively guarantee adequate security. We propose that one solution to this emerging situation is a distributed security model in which the components of nuclear security become the responsibility of each and every worker at a nuclear facility. To implement this model, there needs to be a refurbishment of current workforce training and mentoring practices. The paper will present an example of distributed security framework model, and how it may look in practice. (author)

  9. Distributed security framework for modern workforce

    International Nuclear Information System (INIS)

    Balatsky, G.; Scherer, C. P.

    2014-01-01

    Safe and sustainable nuclear power production depends on strict adherence to nuclear security as a necessary prerequisite for nuclear power. This paper considers the current challenges for nuclear security, and proposes a conceptual framework to address those challenges. We identify several emerging factors that affect nuclear security: 1. Relatively high turnover rates in the nuclear workforce compared to the earlier years of the nuclear industry, when nuclear workers were more likely to have secure employment, a lifelong career at one company, and retirement on a pension plan. 2. Vulnerabilities stemming from the ubiquitous presence of modern electronics and their patterns of use by the younger workforce. 3. Modern management practices, including outsourcing and short-term contracting (which relates to number 1 above). In such a dynamic and complex environment, nuclear security personnel alone cannot effectively guarantee adequate security. We propose that one solution to this emerging situation is a distributed security model in which the components of nuclear security become the responsibility of each and every worker at a nuclear facility. To implement this model, there needs to be a refurbishment of current workforce training and mentoring practices. The paper will present an example of distributed security framework model, and how it may look in practice. (author)

  10. FEMA Current Disaster Declarations -shp

    Data.gov (United States)

    Department of Homeland Security — This dataset lists the current Disaster Declarations in Shapefile. This data was compiled and distributed by FEMA Mapping and Analysis Center (MAC). Metadata file...

  11. Health Information Security in Hospitals: the Application of Security Safeguards.

    Science.gov (United States)

    Mehraeen, Esmaeil; Ayatollahi, Haleh; Ahmadi, Maryam

    2016-02-01

    A hospital information system has potentials to improve the accessibility of clinical information and the quality of health care. However, the use of this system has resulted in new challenges, such as concerns over health information security. This paper aims to assess the status of information security in terms of administrative, technical and physical safeguards in the university hospitals. This was a survey study in which the participants were information technology (IT) managers (n=36) who worked in the hospitals affiliated to the top ranked medical universities (university A and university B). Data were collected using a questionnaire. The content validity of the questionnaire was examined by the experts and the reliability of the questionnaire was determined using Cronbach's coefficient alpha (α=0.75). The results showed that the administrative safeguards were arranged at a medium level. In terms of the technical safeguards and the physical safeguards, the IT managers rated them at a strong level. According to the results, among three types of security safeguards, the administrative safeguards were assessed at the medium level. To improve it, developing security policies, implementing access control models and training users are recommended.

  12. Social Security: a financial appraisal for the median voter.

    Science.gov (United States)

    Galasso, V

    Several explanations have been proposed for why voters continue to support unfunded social security systems. Browning (1975) suggests that the extremely large unfunded pension systems of most democracies depend on the existence of a voting majority composed of middle-aged and older people who fail to fully internalize the cost of financing the system. In fact, when voting, economically rational workers consider only their current and future contributions to the system and their expected pension benefits--not their past contributions, which they regard as sunk costs. If, for a majority of voters, the expected continuation return from social security exceeds the return from alternative assets, an unfunded social security system is politically sustainable. This article explores the validity of Browning's proposition by quantifying the returns that U.S. voters in presidential elections from 1964 to 1996 have obtained, or expect to obtain, from Social Security. Did "investments" in Social Security outperform alternative forms of investment, such as mutual funds or pension funds, for a majority of the voters? What can be expected for the future? The U.S. Social Security system redistributes income within age cohorts on the basis of sex, income, and marital status. To account for some of these features, the median voter is represented by a family unit whose members--a husband who accounts for 70 percent of household earnings and a wife who accounts for 30 percent--make joint economic and voting decisions. Thus, retirement and survival benefits paid out to the spouse of an insured worker can be included in the calculation of Social Security returns. Interval estimates of voters' family incomes from the U.S. Census Bureau were used to obtain the median voter's household earnings. The median voter's age is derived from the ages of those who voted in presidential elections, not from the ages of the entire electorate. The median voter's contributions to Social Security are the

  13. Evaluating cyber security awareness in South Africa

    CSIR Research Space (South Africa)

    Grobler, M

    2011-07-01

    Full Text Available broadband capability and knowledge transfer within rural communities. To evaluate the current level of cyber security awareness, a series of exploratory surveys have been distributed to less technologically resourced entities in rural and deep rural...

  14. Security Techniques for the Electronic Health Records.

    Science.gov (United States)

    Kruse, Clemens Scott; Smith, Brenna; Vanderlinden, Hannah; Nealand, Alexandra

    2017-08-01

    The privacy of patients and the security of their information is the most imperative barrier to entry when considering the adoption of electronic health records in the healthcare industry. Considering current legal regulations, this review seeks to analyze and discuss prominent security techniques for healthcare organizations seeking to adopt a secure electronic health records system. Additionally, the researchers sought to establish a foundation for further research for security in the healthcare industry. The researchers utilized the Texas State University Library to gain access to three online databases: PubMed (MEDLINE), CINAHL, and ProQuest Nursing and Allied Health Source. These sources were used to conduct searches on literature concerning security of electronic health records containing several inclusion and exclusion criteria. Researchers collected and analyzed 25 journals and reviews discussing security of electronic health records, 20 of which mentioned specific security methods and techniques. The most frequently mentioned security measures and techniques are categorized into three themes: administrative, physical, and technical safeguards. The sensitive nature of the information contained within electronic health records has prompted the need for advanced security techniques that are able to put these worries at ease. It is imperative for security techniques to cover the vast threats that are present across the three pillars of healthcare.

  15. Security Data Warehouse Application

    Science.gov (United States)

    Vernon, Lynn R.; Hennan, Robert; Ortiz, Chris; Gonzalez, Steve; Roane, John

    2012-01-01

    The Security Data Warehouse (SDW) is used to aggregate and correlate all JSC IT security data. This includes IT asset inventory such as operating systems and patch levels, users, user logins, remote access dial-in and VPN, and vulnerability tracking and reporting. The correlation of this data allows for an integrated understanding of current security issues and systems by providing this data in a format that associates it to an individual host. The cornerstone of the SDW is its unique host-mapping algorithm that has undergone extensive field tests, and provides a high degree of accuracy. The algorithm comprises two parts. The first part employs fuzzy logic to derive a best-guess host assignment using incomplete sensor data. The second part is logic to identify and correct errors in the database, based on subsequent, more complete data. Host records are automatically split or merged, as appropriate. The process had to be refined and thoroughly tested before the SDW deployment was feasible. Complexity was increased by adding the dimension of time. The SDW correlates all data with its relationship to time. This lends support to forensic investigations, audits, and overall situational awareness. Another important feature of the SDW architecture is that all of the underlying complexities of the data model and host-mapping algorithm are encapsulated in an easy-to-use and understandable Perl language Application Programming Interface (API). This allows the SDW to be quickly augmented with additional sensors using minimal coding and testing. It also supports rapid generation of ad hoc reports and integration with other information systems.

  16. Security Shift in Future Network Architectures

    OpenAIRE

    Hartog, T.; Schotanus, H.A.; Verkoelen, C.A.A.

    2010-01-01

    In current practice military communication infrastructures are deployed as stand-alone networked information systems. Network-Enabled Capabilities (NEC) and combined military operations lead to new requirements which current communication architectures cannot deliver. This paper informs IT architects, information architects and security specialists about the separation of network and information security, the consequences of this shift and our view on future communication infrastructures in d...

  17. Considerations on the selection and prioritization of information security solutions

    Directory of Open Access Journals (Sweden)

    Maria Cristina RĂDULESCU

    2016-05-01

    Full Text Available This paper provides a set of guidelines that can be used for prescribing a methodology or a detailed process for selecting and prioritizing security projects or solutions. It is based on the idea that costs of security solutions should be justified by their contribution to ensuring adequate protection of information resources in the organization which implements them. The article reviews general issues of security risks and costs, arguing the need for explicit consideration of information resources security requirements in order to validate decisions concerning security projects implementation. In such an approach, security requirements of information resources are used as a reference system to quantify the benefits and limitations of security solutions defined as alternative or complementary responses to certain security risks as their implementation faces budget constraints.

  18. Defining Information Security.

    Science.gov (United States)

    Lundgren, Björn; Möller, Niklas

    2017-11-15

    This article proposes a new definition of information security, the 'Appropriate Access' definition. Apart from providing the basic criteria for a definition-correct demarcation and meaning concerning the state of security-it also aims at being a definition suitable for any information security perspective. As such, it bridges the conceptual divide between so-called 'soft issues' of information security (those including, e.g., humans, organizations, culture, ethics, policies, and law) and more technical issues. Because of this it is also suitable for various analytical purposes, such as analysing possible security breaches, or for studying conflicting attitudes on security in an organization. The need for a new definition is demonstrated by pointing to a number of problems for the standard definition type of information security-the so-called CIA definition. Besides being too broad as well as too narrow, it cannot properly handle the soft issues of information security, nor recognize the contextual and normative nature of security.

  19. Managing Cisco network security

    CERN Document Server

    Knipp, Eric

    2002-01-01

    An in-depth knowledge of how to configure Cisco IP network security is a MUST for anyone working in today''s internetworked world"There''s no question that attacks on enterprise networks are increasing in frequency and sophistication..."-Mike Fuhrman, Cisco Systems Manager, Security ConsultingManaging Cisco Network Security, Second Edition offers updated and revised information covering many of Cisco''s security products that provide protection from threats, detection of network security incidents, measurement of vulnerability and policy compliance and management of security policy across an extended organization. These are the tools that network administrators have to mount defenses against threats. Chapters also cover the improved functionality and ease of the Cisco Secure Policy Manger software used by thousands of small-to-midsized businesses and a special section on the Cisco Aironet Wireless Security Solutions.Security from a real-world perspectiveKey coverage of the new technologies offered by the Cisc...

  20. Extremely secure identification documents

    International Nuclear Information System (INIS)

    Tolk, K.M.; Bell, M.

    1997-09-01

    The technology developed in this project uses biometric information printed on the document and public key cryptography to ensure that an adversary cannot issue identification documents to unauthorized individuals or alter existing documents to allow their use by unauthorized individuals. This process can be used to produce many types of identification documents with much higher security than any currently in use. The system is demonstrated using a security badge as an example. This project focused on the technologies requiring development in order to make the approach viable with existing badge printing and laminating technologies. By far the most difficult was the image processing required to verify that the picture on the badge had not been altered. Another area that required considerable work was the high density printed data storage required to get sufficient data on the badge for verification of the picture. The image processing process was successfully tested, and recommendations are included to refine the badge system to ensure high reliability. A two dimensional data array suitable for printing the required data on the badge was proposed, but testing of the readability of the array had to be abandoned due to reallocation of the budgeted funds by the LDRD office

  1. Objective and Essential Elements of a State's Nuclear Security Regime. Nuclear Security Fundamentals (Chinese Edition)

    International Nuclear Information System (INIS)

    2014-01-01

    The possibility that nuclear material or other radioactive material could be used for criminal purposes or intentionally used in an unauthorized manner cannot be ruled out in the current global situation. States have responded to this risk by engaging in a collective commitment to strengthen the protection and control of such material and to respond effectively to nuclear security events. States have agreed to strengthen existing instruments and have established new international legal instruments to enhance nuclear security worldwide. Nuclear security is fundamental in the management of nuclear technologies and in applications where nuclear material or other radioactive material is used or transported. Through its nuclear security programme, the IAEA supports States to establish, maintain and sustain an effective nuclear security regime. The IAEA has adopted a comprehensive approach to nuclear security. This recognizes that an effective national nuclear security regime builds on: the implementation of relevant international legal instruments; information protection; physical protection; material accounting and control; detection of and response to trafficking in such material; national response plans; and contingency measures. With its Nuclear Security Series, the IAEA aims to assist States in implementing and sustaining such a regime in a coherent and integrated manner. The IAEA Nuclear Security Series comprises: Nuclear Security Fundamentals, which include the objective and essential elements of a State's nuclear security regime; Recommendations; Implementing Guides; and Technical Guidance. Each State carries the full responsibility for nuclear security. Specifically, each State has the responsibility to provide for the security of nuclear material and other radioactive material and their associated facilities and activities; to ensure the security of such material in use, storage, or in transport; to combat illicit trafficking and the inadvertent movement of

  2. Objective and Essential Elements of a State's Nuclear Security Regime. Nuclear Security Fundamentals (Arabic Edition)

    International Nuclear Information System (INIS)

    2014-01-01

    The possibility that nuclear material or other radioactive material could be used for criminal purposes or intentionally used in an unauthorized manner cannot be ruled out in the current global situation. States have responded to this risk by engaging in a collective commitment to strengthen the protection and control of such material and to respond effectively to nuclear security events. States have agreed to strengthen existing instruments and have established new international legal instruments to enhance nuclear security worldwide. Nuclear security is fundamental in the management of nuclear technologies and in applications where nuclear material or other radioactive material is used or transported. Through its nuclear security programme, the IAEA supports States to establish, maintain and sustain an effective nuclear security regime. The IAEA has adopted a comprehensive approach to nuclear security. This recognizes that an effective national nuclear security regime builds on: the implementation of relevant international legal instruments; information protection; physical protection; material accounting and control; detection of and response to trafficking in such material; national response plans; and contingency measures. With its Nuclear Security Series, the IAEA aims to assist States in implementing and sustaining such a regime in a coherent and integrated manner. The IAEA Nuclear Security Series comprises: Nuclear Security Fundamentals, which include the objective and essential elements of a State's nuclear security regime; Recommendations; Implementing Guides; and Technical Guidance. Each State carries the full responsibility for nuclear security. Specifically, each State has the responsibility to provide for the security of nuclear material and other radioactive material and their associated facilities and activities; to ensure the security of such material in use, storage, or in transport; to combat illicit trafficking and the inadvertent movement of

  3. Objective and Essential Elements of a State's Nuclear Security Regime. Nuclear Security Fundamentals

    International Nuclear Information System (INIS)

    2013-01-01

    The possibility that nuclear material or other radioactive material could be used for criminal purposes or intentionally used in an unauthorized manner cannot be ruled out in the current global situation. States have responded to this risk by engaging in a collective commitment to strengthen the protection and control of such material and to respond effectively to nuclear security events. States have agreed to strengthen existing instruments and have established new international legal instruments to enhance nuclear security worldwide. Nuclear security is fundamental in the management of nuclear technologies and in applications where nuclear material or other radioactive material is used or transported. Through its nuclear security programme, the IAEA supports States to establish, maintain and sustain an effective nuclear security regime. The IAEA has adopted a comprehensive approach to nuclear security. This recognizes that an effective national nuclear security regime builds on: the implementation of relevant international legal instruments; information protection; physical protection; material accounting and control; detection of and response to trafficking in such material; national response plans; and contingency measures. With its Nuclear Security Series, the IAEA aims to assist States in implementing and sustaining such a regime in a coherent and integrated manner. The IAEA Nuclear Security Series comprises: Nuclear Security Fundamentals, which include the objective and essential elements of a State's nuclear security regime; Recommendations; Implementing Guides; and Technical Guidance. Each State carries the full responsibility for nuclear security. Specifically, each State has the responsibility to provide for the security of nuclear material and other radioactive material and their associated facilities and activities; to ensure the security of such material in use, storage, or in transport; to combat illicit trafficking and the inadvertent movement of

  4. Objective and Essential Elements of a State's Nuclear Security Regime. Nuclear Security Fundamentals (Spanish Edition)

    International Nuclear Information System (INIS)

    2014-01-01

    The possibility that nuclear material or other radioactive material could be used for criminal purposes or intentionally used in an unauthorized manner cannot be ruled out in the current global situation. States have responded to this risk by engaging in a collective commitment to strengthen the protection and control of such material and to respond effectively to nuclear security events. States have agreed to strengthen existing instruments and have established new international legal instruments to enhance nuclear security worldwide. Nuclear security is fundamental in the management of nuclear technologies and in applications where nuclear material or other radioactive material is used or transported. Through its nuclear security programme, the IAEA supports States to establish, maintain and sustain an effective nuclear security regime. The IAEA has adopted a comprehensive approach to nuclear security. This recognizes that an effective national nuclear security regime builds on: the implementation of relevant international legal instruments; information protection; physical protection; material accounting and control; detection of and response to trafficking in such material; national response plans; and contingency measures. With its Nuclear Security Series, the IAEA aims to assist States in implementing and sustaining such a regime in a coherent and integrated manner. The IAEA Nuclear Security Series comprises: Nuclear Security Fundamentals, which include the objeurity Fundamentals, which include the objective and essential elements of a State's nuclear security regime; Recommendations; Implementing Guides; and Technical Guidance. Each State carries the full responsibility for nuclear security. Specifically, each State has the responsibility to provide for the security of nuclear material and other radioactive material and their associated facilities and activities; to ensure the security of such material in use, storage, or in transport; to combat illicit

  5. Objective and Essential Elements of a State's Nuclear Security Regime. Nuclear Security Fundamentals (French Edition)

    International Nuclear Information System (INIS)

    2014-01-01

    The possibility that nuclear material or other radioactive material could be used for criminal purposes or intentionally used in an unauthorized manner cannot be ruled out in the current global situation. States have responded to this risk by engaging in a collective commitment to strengthen the protection and control of such material and to respond effectively to nuclear security events. States have agreed to strengthen existing instruments and have established new international legal instruments to enhance nuclear security worldwide. Nuclear security is fundamental in the management of nuclear technologies and in applications where nuclear material or other radioactive material is used or transported. Through its nuclear security programme, the IAEA supports States to establish, maintain and sustain an effective nuclear security regime. The IAEA has adopted a comprehensive approach to nuclear security. This recognizes that an effective national nuclear security regime builds on: the implementation of relevant international legal instruments; information protection; physical protection; material accounting and control; detection of and response to trafficking in such material; national response plans; and contingency measures. With its Nuclear Security Series, the IAEA aims to assist States in implementing and sustaining such a regime in a coherent and integrated manner. The IAEA Nuclear Security Series comprises: Nuclear Security Fundamentals, which include the objective and essential elements of a State's nuclear security regime; Recommendations; Implementing Guides; and Technical Guidance. Each State carries the full responsibility for nuclear security. Specifically, each State has the responsibility to provide for the security of nuclear material and other radioactive material and their associated facilities and activities; to ensure the security of such material in use, storage, or in transport; to combat illicit trafficking and the inadvertent movement of

  6. Cyber Security and Resilient Systems

    International Nuclear Information System (INIS)

    Anderson, Robert S.

    2009-01-01

    next generation fighter jets or nuclear material safeguards systems in complex nuclear fuel cycle facilities. It is the intent of this paper to describe the cyber security programs that are currently in place, the experiences and successes achieved in industry including outreach and training, and suggestions about how other sectors and organizations can leverage this national expertise to help their monitoring and control systems become more secure

  7. Cyber Security and Resilient Systems

    Energy Technology Data Exchange (ETDEWEB)

    Robert S. Anderson

    2009-07-01

    next generation fighter jets or nuclear material safeguards systems in complex nuclear fuel cycle facilities. It is the intent of this paper to describe the cyber security programs that are currently in place, the experiences and successes achieved in industry including outreach and training, and suggestions about how other sectors and organizations can leverage this national expertise to help their monitoring and control systems become more secure.

  8. Securing the Vista Environment

    CERN Document Server

    Gregory, Peter

    2007-01-01

    "Securing the Vista Environment" takes you on a quick tour of the most significant security features in Vista, Microsoft's first revision of Windows in almost six years. You'll get background on threats and vulnerabilities that will make you think differently about security. Security is more than just the technology and configurations--it's about how we use the system that makes it secure or not. Then we'll cover Vista's security features, from user privileges to Windows Defender, User Account Control, and BitLocker, as well as strategies for protecting your information from unwanted disclo

  9. Digital security technology simplified.

    Science.gov (United States)

    Scaglione, Bernard J

    2007-01-01

    Digital security technology is making great strides in replacing analog and other traditional security systems including CCTV card access, personal identification and alarm monitoring applications. Like any new technology, the author says, it is important to understand its benefits and limitations before purchasing and installing, to ensure its proper operation and effectiveness. This article is a primer for security directors on how digital technology works. It provides an understanding of the key components which make up the foundation for digital security systems, focusing on three key aspects of the digital security world: the security network, IP cameras and IP recorders.

  10. ICT security management

    OpenAIRE

    SCHREURS, Jeanne; MOREAU, Rachel

    2007-01-01

    Security becomes more and more important and companies are aware that it has become a management problem. It’s critical to know what are the critical resources and processes of the company and their weaknesses. A security audit can be a handy solution. We have developed BEVA, a method to critically analyse the company and to uncover the weak spots in the security system. BEVA results also in a general security score and security scores for each security factor. These will be used in the risk ...

  11. Android apps security

    CERN Document Server

    Gunasekera, Sheran

    2012-01-01

    Android Apps Security provides guiding principles for how to best design and develop Android apps with security in mind. It explores concepts that can be used to secure apps and how developers can use and incorporate these security features into their apps. This book will provide developers with the information they need to design useful, high-performing, and secure apps that expose end-users to as little risk as possible.  Overview of Android OS versions, features, architecture and security.  Detailed examination of areas where attacks on applications can take place and what controls should b

  12. Smart security proven practices

    CERN Document Server

    Quilter, J David

    2014-01-01

    Smart Security: Understanding and Contributing to the Business is a video presentation. Length: 68 minutes. In Smart Security: Understanding and Contributing to the Business, presenter J. David Quilter demonstrates the benefits of how a fully integrated security program increases business profits and delivers smart security practices at the same time. The presentation does away with the misconception that security is only an expense. In fact, a well-integrated security program can protect business interests, thereby enhancing productivity and net income. Quilter covers cost analysis and secu

  13. Nation State as Security Provider in Human Security Issue

    OpenAIRE

    Maya Padmi, Made Fitri

    2015-01-01

    Human Security notion is emphasizing on human as the central of security studies, challenging the position of state as the core of security. Some studies are tried to separate the state security and human security, however there are strong connection between these two notions. State has important role in establishing and maintaining the security of its own citizens. Through social contract and social security protection, state are oblige to set the security of its own people as their security...

  14. MODEL-BASED SECURITY ENGINEERING OF SOA SYSTEM USING SECURITY INTENT DSL

    OpenAIRE

    Muhammad Qaiser Saleem; Jafreezal Jaafar; Mohd Fadzil Hassan

    2011-01-01

    Currently most of the enterprises are using SOA and web services technologies to build their web information system. They are using MDA principles for design and development of WIS and using UML as a modelling language for business process modelling. Along with the increased connectivity in SOA environment, security risks rise exponentially. Security is not defined during the early phases of development and left onto developer. Properly configuring security requirements in SOA applications is...

  15. The IEA Model of Short-term Energy Security

    Energy Technology Data Exchange (ETDEWEB)

    NONE

    2011-07-01

    Ensuring energy security has been at the centre of the IEA mission since its inception, following the oil crises of the early 1970s. While the security of oil supplies remains important, contemporary energy security policies must address all energy sources and cover a comprehensive range of natural, economic and political risks that affect energy sources, infrastructures and services. In response to this challenge, the IEA is currently developing a Model Of Short-term Energy Security (MOSES) to evaluate the energy security risks and resilience capacities of its member countries. The current version of MOSES covers short-term security of supply for primary energy sources and secondary fuels among IEA countries. It also lays the foundation for analysis of vulnerabilities of electricity and end-use energy sectors. MOSES contains a novel approach to analysing energy security, which can be used to identify energy security priorities, as a starting point for national energy security assessments and to track the evolution of a country's energy security profile. By grouping together countries with similar 'energy security profiles', MOSES depicts the energy security landscape of IEA countries. By extending the MOSES methodology to electricity security and energy services in the future, the IEA aims to develop a comprehensive policy-relevant perspective on global energy security. This Working Paper is intended for readers who wish to explore the MOSES methodology in depth; there is also a brochure which provides an overview of the analysis and results.

  16. Modelling security and trust with Secure Tropos

    NARCIS (Netherlands)

    Giorgini, P.; Mouratidis, H.; Zannone, N.; Mouratidis, H.; Giorgini, P.

    2006-01-01

    Although the concepts of security and trust play an important issue in the development of information systems, they have been mainly neglected by software engineering methodologies. In this chapter we present an approach that considers security and trust throughout the software development process.

  17. Securing abundance : The politics of energy security

    NARCIS (Netherlands)

    Kester, Johannes

    2016-01-01

    Energy Security is a concept that is known in the literature for its ‘slippery’ nature and subsequent wide range of definitions. Instead of another attempt at grasping the essence of this concept, Securing Abundance reformulates the problem and moves away from a definitional problem to a theoretical

  18. Embedded Java security security for mobile devices

    CERN Document Server

    Debbabi, Mourad; Talhi, Chamseddine

    2007-01-01

    Java brings more functionality and versatility to the world of mobile devices, but it also introduces new security threats. This book contains a presentation of embedded Java security and presents the main components of embedded Java. It gives an idea of the platform architecture and is useful for researchers and practitioners.

  19. Land tenure in China: Legal, actual and perceived security

    NARCIS (Netherlands)

    Ma, Xianlei; Heerink, N.; Feng, S.; Shi, X.

    2015-01-01

    This paper examines the magnitudes of legal security, actual security and perceived security of farmland tenure, and the causes of currently prevailing land tenure insecurity in rural China. Two farm household surveys conducted in the northwest of Gansu province in 2010 and in the northeast of

  20. Outsourcing as a Mean of Service for Security Provision

    Directory of Open Access Journals (Sweden)

    D.I. Persanov

    2012-03-01

    Full Text Available The article highlights the implementation of outsourcing as a mean of service for security provision. Analysis is performed to describe the current issues affecting the management decision in favor of outsourcing. Investigation covers the processes of physical, information and economical security. The main recommendations to use outsourcing for security provision are described in the conclusion.

  1. FOILFEST :community enabled security.

    Energy Technology Data Exchange (ETDEWEB)

    Moore, Judy Hennessey; Johnson, Curtis Martin; Whitley, John B.; Drayer, Darryl Donald; Cummings, John C., Jr. (.,; .)

    2005-09-01

    The Advanced Concepts Group of Sandia National Laboratories hosted a workshop, ''FOILFest: Community Enabled Security'', on July 18-21, 2005, in Albuquerque, NM. This was a far-reaching look into the future of physical protection consisting of a series of structured brainstorming sessions focused on preventing and foiling attacks on public places and soft targets such as airports, shopping malls, hotels, and public events. These facilities are difficult to protect using traditional security devices since they could easily be pushed out of business through the addition of arduous and expensive security measures. The idea behind this Fest was to explore how the public, which is vital to the function of these institutions, can be leveraged as part of a physical protection system. The workshop considered procedures, space design, and approaches for building community through technology. The workshop explored ways to make the ''good guys'' in public places feel safe and be vigilant while making potential perpetrators of harm feel exposed and convinced that they will not succeed. Participants in the Fest included operators of public places, social scientists, technology experts, representatives of government agencies including DHS and the intelligence community, writers and media experts. Many innovative ideas were explored during the fest with most of the time spent on airports, including consideration of the local airport, the Albuquerque Sunport. Some provocative ideas included: (1) sniffers installed in passage areas like revolving door, escalators, (2) a ''jumbotron'' showing current camera shots in the public space, (3) transparent portal screeners allowing viewing of the screening, (4) a layered open/funnel/open/funnel design where open spaces are used to encourage a sense of ''communitas'' and take advantage of citizen ''sensing'' and funnels are technological

  2. Security of pipeline facilities

    Energy Technology Data Exchange (ETDEWEB)

    Lee, S.C. [Alberta Energy and Utilities Board, Calgary, AB (Canada); Van Egmond, C.; Duquette, L. [National Energy Board, Calgary, AB (Canada); Revie, W. [Canada Centre for Mineral and Energy Technology, Ottawa, ON (Canada)

    2005-07-01

    This working group provided an update on provincial, federal and industry directions regarding the security of pipeline facilities. The decision to include security issues in the NEB Act was discussed as well as the Pipeline Security Management Assessment Project, which was created to establish a better understanding of existing security management programs as well as to assist the NEB in the development and implementation of security management regulations and initiatives. Amendments to the NEB were also discussed. Areas of pipeline security management assessment include physical safety management; cyber and information security management; and personnel security. Security management regulations were discussed, as well as implementation policies. Details of the Enbridge Liquids Pipelines Security Plan were examined. It was noted that the plan incorporates flexibility for operations and is integrated with Emergency Response and Crisis Management. Asset characterization and vulnerability assessments were discussed, as well as security and terrorist threats. It was noted that corporate security threat assessment and auditing are based on threat information from the United States intelligence community. It was concluded that the oil and gas industry is a leader in security in North America. The Trans Alaska Pipeline Incident was discussed as a reminder of how costly accidents can be. Issues of concern for the future included geographic and climate issues. It was concluded that limited resources are an ongoing concern, and that the regulatory environment is becoming increasingly prescriptive. Other concerns included the threat of not taking international terrorism seriously, and open media reporting of vulnerability of critical assets, including maps. tabs., figs.

  3. Transient FDTD simulation validation

    OpenAIRE

    Jauregui Tellería, Ricardo; Riu Costa, Pere Joan; Silva Martínez, Fernando

    2010-01-01

    In computational electromagnetic simulations, most validation methods have been developed until now to be used in the frequency domain. However, the EMC analysis of the systems in the frequency domain many times is not enough to evaluate the immunity of current communication devices. Based on several studies, in this paper we propose an alternative method of validation of the transients in time domain allowing a rapid and objective quantification of the simulations results.

  4. Security Protocols in a Nutshell

    OpenAIRE

    Toorani, Mohsen

    2016-01-01

    Security protocols are building blocks in secure communications. They deploy some security mechanisms to provide certain security services. Security protocols are considered abstract when analyzed, but they can have extra vulnerabilities when implemented. This manuscript provides a holistic study on security protocols. It reviews foundations of security protocols, taxonomy of attacks on security protocols and their implementations, and different methods and models for security analysis of pro...

  5. Safe current injection strategies for a STATCOM under asymmetrical grid faults

    DEFF Research Database (Denmark)

    Rodriguez, Pedro; Medeiros, Gustavo; Luna, Alvaro

    2010-01-01

    This paper explores different strategies to set the reference current of a STATCOM under unbalanced grid voltage conditions and determines the maximum deliverable reactive power in each case to guarantee the injected current is permanently within the STATCOM secure operation limits. The paper...... presents a comprehensive derivation of the proposed STATCOM control strategies to set the reactive current reference under unbalanced grid faults, together with an extensive evaluation using simulation and experimental results from a low-scale laboratory setup in order to verify and validate the dynamic...

  6. Development and validation of a simulation tool dedicated to eddy current non destructive testing of tubes; Developpement d'un modele electromagnetique 3D pour la simulation du controle par Courants de Foucault de tubes en fabrication

    Energy Technology Data Exchange (ETDEWEB)

    Reboud, Ch

    2006-09-15

    Eddy current testing (ECT) technique is widely used in industrial fields such as iron and steel industry. Dedicated simulation tools provide a great assistance for the optimisation of ECT processes. CEA and the Vallourec Research Center have collaborated in order to develop a simulation tool of ECT of tubes. The volume integral method has been chosen for the resolution of Maxwell equations in a stratified medium, in order to get accurate results with a computation time short enough to carry out optimisation or inversion procedures. A fast model has been developed for the simulation of ECT of non magnetic tubes using specific external probes. New flaw geometries have been modelled: holes and notches with flat bottom. Validations of the developments, which have been integrated to the CIVA platform, have been carried out using experimental data recorded in laboratory conditions and in. industrial conditions, successively. The integral equations derived are solved using the Galerkin variant of the method of moments with pulse functions as projection functions. In order to overcome some memory limitations, other projection functions have been considered. A new discretization scheme based on non-uniform B-Splines of degree 1 or 2 has been implemented, which constitutes an original contribution to the existing literature. The decrease of the mesh size needed to get a given accuracy on the result may lead to the simulation of more complex ECT configurations. (author)

  7. Institutionalizing Security Force Assistance

    National Research Council Canada - National Science Library

    Binetti, Michael R

    2008-01-01

    .... It looks at the manner in which security assistance guidance is developed and executed. An examination of national level policy and the guidance from senior military and civilian leaders highlights the important role of Security Force Assistance...

  8. Security of Dependable Systems

    DEFF Research Database (Denmark)

    Ahmed, Naveed; Jensen, Christian D.

    2011-01-01

    Security and dependability are crucial for designing trustworthy systems. The approach “security as an add-on” is not satisfactory, yet the integration of security in the development process is still an open problem. Especially, a common framework for specifying dependability and security is very...... much needed. There are many pressing challenges however; here, we address some of them. Firstly, security for dependable systems is a broad concept and traditional view of security, e.g., in terms of confidentiality, integrity and availability, does not suffice. Secondly, a clear definition of security...... in the dependability context is not agreed upon. Thirdly, security attacks cannot be modeled as a stochastic process, because the adversary’s strategy is often carefully planned. In this chapter, we explore these challenges and provide some directions toward their solutions....

  9. Security in Computer Applications

    CERN Multimedia

    CERN. Geneva

    2004-01-01

    Computer security has been an increasing concern for IT professionals for a number of years, yet despite all the efforts, computer systems and networks remain highly vulnerable to attacks of different kinds. Design flaws and security bugs in the underlying software are among the main reasons for this. This lecture addresses the following question: how to create secure software? The lecture starts with a definition of computer security and an explanation of why it is so difficult to achieve. It then introduces the main security principles (like least-privilege, or defense-in-depth) and discusses security in different phases of the software development cycle. The emphasis is put on the implementation part: most common pitfalls and security bugs are listed, followed by advice on best practice for security development. The last part of the lecture covers some miscellaneous issues like the use of cryptography, rules for networking applications, and social engineering threats. This lecture was first given on Thursd...

  10. Wireshark network security

    CERN Document Server

    Verma, Piyush

    2015-01-01

    If you are network administrator or a security analyst with an interest in using Wireshark for security analysis, then this is the book for you. Basic familiarity with common network and application services terms and technologies is assumed.

  11. Developing a Security Metrics Scorecard for Healthcare Organizations.

    Science.gov (United States)

    Elrefaey, Heba; Borycki, Elizabeth; Kushniruk, Andrea

    2015-01-01

    In healthcare, information security is a key aspect of protecting a patient's privacy and ensuring systems availability to support patient care. Security managers need to measure the performance of security systems and this can be achieved by using evidence-based metrics. In this paper, we describe the development of an evidence-based security metrics scorecard specific to healthcare organizations. Study participants were asked to comment on the usability and usefulness of a prototype of a security metrics scorecard that was developed based on current research in the area of general security metrics. Study findings revealed that scorecards need to be customized for the healthcare setting in order for the security information to be useful and usable in healthcare organizations. The study findings resulted in the development of a security metrics scorecard that matches the healthcare security experts' information requirements.

  12. Japan as a Paradigm for U.S. Homeland Security

    National Research Council Canada - National Science Library

    Ruth, Allen C

    2006-01-01

    ...) is in full swing and the United States is engaged around the world. These factors provide valid reasons for the United States to research other countries' homeland security paradigms to provide a contrast in methods of combating terrorism...

  13. Security Management and Safeguards Office

    Science.gov (United States)

    Bewley, Nathaniel M.

    2004-01-01

    The Security Management and Safeguards Office at NASA is here to keep the people working in a safe environment. They also are here to protect the buildings and documents from sabotage, espionage, and theft. During the summer of 2004, I worked with Richard Soppet in Physical Security. While I was working here I helped out with updating the map that we currently use at NASA Glenn Research Center, attended meetings for homeland security, worked with the security guards and the locksmith. The meetings that I attended for homeland security talked about how to protect ourselves before something happened, they told us to always be on the guard and look for anything suspicious, and the different ways that terrorist groups operate. When I was with the security guards I was taught how to check someone into the base, showed how to use a radar gun, observed a security guard make a traffic stop for training and was with them while they patrolled NASA Glenn Research Center to make sure things were running smooth and no one was in danger. When I was with the lock smith I was taught how to make keys and locks for the employees here at NASA. The lock smith also showed me that he had inventory cabinets of files that show how many keys were out to people and who currently has access to the rooms that they keys were made for. I also helped out the open house at NASA Glenn Research Center. I helped out by showing the Army Reserves, and Brook Park's SWAT team where all the main events were going to take place a week before the open house was going to begin. Then during the open house I helped out by making sure people had there IDS, checked through there bags, and handed out a map to them that showed where the different activities were going to take place. So the main job here at NASA Glenn Research Center for the Security Management and Safeguards Office is to make sure that nothing is stolen, sabotaged, and espionaged. Also most importantly make sure all the employees here at NASA are

  14. Medical Information Security

    OpenAIRE

    William C. Figg, Ph.D.; Hwee Joo Kam, M.S.

    2011-01-01

    Modern medicine is facing a complex environment, not from medical technology but rather government regulations and information vulnerability. HIPPA is the government’s attempt to protect patient’s information yet this only addresses traditional record handling. The main threat is from the evolving security issues. Many medical offices and facilities have multiple areas of information security concerns. Physical security is often weak, office personnel are not always aware of security needs an...

  15. Windows Security patch required

    CERN Multimedia

    3004-01-01

    This concerns Windows PCs (XP, 2000, NT) which are NOT centrally managed at CERN for security patches, e.g. home PCs, experiment PCs, portables,... A security hole which can give full privileges on Windows systems needs to be URGENTLY patched. Details of the security hole and hotfix are at: http://cern.ch/it-div/news/hotfix-MS03-026.asp http://www.microsoft.com/technet/security/bulletin/MS03-026.asp

  16. Security system signal supervision

    International Nuclear Information System (INIS)

    Chritton, M.R.; Matter, J.C.

    1991-09-01

    This purpose of this NUREG is to present technical information that should be useful to NRC licensees for understanding and applying line supervision techniques to security communication links. A review of security communication links is followed by detailed discussions of link physical protection and DC/AC static supervision and dynamic supervision techniques. Material is also presented on security for atmospheric transmission and video line supervision. A glossary of security communication line supervision terms is appended. 16 figs

  17. Android application security essentials

    CERN Document Server

    Rai, Pragati

    2013-01-01

    Android Application Security Essentials is packed with examples, screenshots, illustrations, and real world use cases to secure your apps the right way.If you are looking for guidance and detailed instructions on how to secure app data, then this book is for you. Developers, architects, managers, and technologists who wish to enhance their knowledge of Android security will find this book interesting. Some prior knowledge of development on the Android stack is desirable but not required.

  18. Finance/security/life.

    OpenAIRE

    Langley, P.

    2017-01-01

    What is the contemporary relation between finance and security? This essay encourages further research into the securitization of finance by developing the notion of ‘finance/security/life’. A focus on the intersections of finance/security/life will be shown to prompt a broadened range of critical, cross-disciplinary concerns with the various ways in which financial markets are positioned as vital to securing wealth, welfare and wellbeing.

  19. Electronic healthcare information security

    CERN Document Server

    Dube, Kudakwashe; Shoniregun, Charles A

    2010-01-01

    The ever-increasing healthcare expenditure and pressing demand for improved quality and efficiency of patient care services are driving innovation in healthcare information management. The domain of healthcare has become a challenging testing ground for information security due to the complex nature of healthcare information and individual privacy. ""Electronic Healthcare Information Security"" explores the challenges of e-healthcare information and security policy technologies. It evaluates the effectiveness of security and privacy implementation systems for anonymization methods and techniqu

  20. Hybrid Security Policies

    Directory of Open Access Journals (Sweden)

    Radu CONSTANTINESCU

    2006-01-01

    Full Text Available Policy is defined as the rules and regulations set by the organization. They are laid down by management in compliance with industry regulations, law and internal decisions. Policies are mandatory. Security policies rules how the information is protected against security vulnerabilities and they are the basis for security awareness, training and vital for security audits. Policies are focused on desired results. The means of achieving the goals are defined on controls, standards and procedures.

  1. Maritime Security – The Need for a Global Agreement

    OpenAIRE

    Dinos Stasinopoulos

    2003-01-01

    This note reviews US maritime security measures, outlines work carried out by international organisations and then frames maritime security within the wider context of maritime trade. Finally, it suggests the development of a Global Agreement linking security and other maritime trade-related issues. The initiative for such an agreement should be undertaken by the EU only if current International Maritime Organisation (IMO) efforts fail to produce a maritime security framework with binding req...

  2. Restricted access processor - An application of computer security technology

    Science.gov (United States)

    Mcmahon, E. M.

    1985-01-01

    This paper describes a security guard device that is currently being developed by Computer Sciences Corporation (CSC). The methods used to provide assurance that the system meets its security requirements include the system architecture, a system security evaluation, and the application of formal and informal verification techniques. The combination of state-of-the-art technology and the incorporation of new verification procedures results in a demonstration of the feasibility of computer security technology for operational applications.

  3. Simplified Threshold RSA with Adaptive and Proactive Security

    DEFF Research Database (Denmark)

    Almansa Guerra, Jesus Fernando; Damgård, Ivan Bjerre; Nielsen, Jesper Buus

    2006-01-01

    We present the currently simplest, most efficient, optimally resilient, adaptively secure, and proactive threshold RSA scheme. A main technical contribution is a new rewinding strategy for analysing threshold signature schemes. This new rewinding strategy allows to prove adaptive security...... of a proactive threshold signature scheme which was previously assumed to be only statically secure. As a separate contribution we prove that our protocol is secure in the UC framework....

  4. EMI Security Architecture

    CERN Document Server

    White, J.; Schuller, B.; Qiang, W.; Groep, D.; Koeroo, O.; Salle, M.; Sustr, Z.; Kouril, D.; Millar, P.; Benedyczak, K.; Ceccanti, A.; Leinen, S.; Tschopp, V.; Fuhrmann, P.; Heyman, E.; Konstantinov, A.

    2013-01-01

    This document describes the various architectures of the three middlewares that comprise the EMI software stack. It also outlines the common efforts in the security area that allow interoperability between these middlewares. The assessment of the EMI Security presented in this document was performed internally by members of the Security Area of the EMI project.

  5. Secure pairing with biometrics

    NARCIS (Netherlands)

    Buhan, I.R.; Boom, B.J.; Doumen, J.M.; Hartel, Pieter H.; Veldhuis, Raymond N.J.

    Secure pairing enables two devices that share no prior context with each other to agree upon a security association, which they can use to protect their subsequent communication. Secure pairing offers guarantees of the association partner identity and it should be resistant to eavesdropping and to a

  6. Selecting Security Technology Providers

    Science.gov (United States)

    Schneider, Tod

    2009-01-01

    The world of security technology holds great promise, but it is fraught with opportunities for expensive missteps and misapplications. The quality of the security technology consultants and system integrators one uses will have a direct bearing on how well his school masters this complex subject. Security technology consultants help determine…

  7. Microsoft Azure security

    CERN Document Server

    Freato, Roberto

    2015-01-01

    This book is intended for Azure administrators who want to understand the application of security principles in distributed environments and how to use Azure to its full capability to reduce the risks of security breaches. Only basic knowledge of the security processes and services of Microsoft Azure is required.

  8. Operations Security (OPSEC) Guide

    Science.gov (United States)

    2011-04-01

    Request for Proposal TAC Threat Analysis Center TECHINT Technical Intelligence TMAP Telecommunications Monitoring and Assessment Program TTP...communications security, use of secure telephones, and a robust Telecommunications Monitoring and Assessment Program ( TMAP ) prevents undetermined...and AFI 33-219, Telecommunications Monitoring and Assessment Program ( TMAP ), or Information Assurance (IA) or Communications Security (COMSEC

  9. SOCIAL MEDIA SECURITY

    Science.gov (United States)

    RESPONSIBILITY CENTCOM COALITION MEDIA SOCIAL MEDIA NEWS ARTICLES PRESS RELEASES IMAGERY VIDEOS TRANSCRIPTS VISITORS AND PERSONNEL FAMILY CENTER FAMILY READINESS CENTCOM WEBMAIL SOCIAL MEDIA SECURITY ACCOUNTABILITY HomeVISITORS AND PERSONNELSOCIAL MEDIA SECURITY FAQ on Security for Social Media Due to the widespread use of

  10. Mobile communication security

    NARCIS (Netherlands)

    Broek, F.M.J. van den

    2016-01-01

    Security of the mobile network Fabian van den Broek We looked at the security of the wireless connection between mobile phone and cell towers and suggested possible improvements. The security was analysed on a design level, by looking at the protocols and encryption techniques, but also on an

  11. Learning Puppet security

    CERN Document Server

    Slagle, Jason

    2015-01-01

    If you are a security professional whose workload is increasing, or a Puppet professional looking to increase your knowledge of security, or even an experienced systems administrator, then this book is for you. This book will take you to the next level of security automation using Puppet. The book requires no prior knowledge of Puppet to get started.

  12. Refelctions on the security

    Directory of Open Access Journals (Sweden)

    Ladislav Hofreiter

    2013-07-01

    Full Text Available In this paper are presented the author‘s reflections about concept meaning of the security, about his systemic perception and actual scientific access to the security research. The author presented securitology paradigm for valuation security optional reference object.

  13. Core software security security at the source

    CERN Document Server

    Ransome, James

    2013-01-01

    First and foremost, Ransome and Misra have made an engaging book that will empower readers in both large and small software development and engineering organizations to build security into their products. This book clarifies to executives the decisions to be made on software security and then provides guidance to managers and developers on process and procedure. Readers are armed with firm solutions for the fight against cyber threats.-Dr. Dena Haritos Tsamitis. Carnegie Mellon UniversityIn the wake of cloud computing and mobile apps, the issue of software security has never been more importan

  14. IoT security with one-time pad secure algorithm based on the double memory technique

    Science.gov (United States)

    Wiśniewski, Remigiusz; Grobelny, Michał; Grobelna, Iwona; Bazydło, Grzegorz

    2017-11-01

    Secure encryption of data in Internet of Things is especially important as many information is exchanged every day and the number of attack vectors on IoT elements still increases. In the paper a novel symmetric encryption method is proposed. The idea bases on the one-time pad technique. The proposed solution applies double memory concept to secure transmitted data. The presented algorithm is considered as a part of communication protocol and it has been initially validated against known security issues.

  15. ICT security- aspects important for nuclear facilities

    International Nuclear Information System (INIS)

    Thunem, Atoosa P-J.

    2005-09-01

    Rapid application growth of complex Information and Communication Technologies (ICT) in every society and state infrastructure as well as industry has revealed vulnerabilities that eventually have given rise to serious security breaches. These vulnerabilities together with the course of the breaches from cause to consequence are gradually about to convince the field experts that ensuring the security of ICT-driven systems is no longer possible by only relying on the fundaments of computer science, IT, or telecommunications. Appropriating knowledge from other disciplines is not only beneficial, but indeed very necessary. At the same time, it is a common observation today that ICT-driven systems are used everywhere, from the nuclear, aviation, commerce and healthcare domains to camera-equipped web-enabled cellular phones. The increasing interdisciplinary and inter-sectoral aspects of ICT security worldwide have been providing updated and useful information to the nuclear domain, as one of the emerging users of ICT-driven systems. Nevertheless, such aspects have also contributed to new and complicated challenges, as ICT security for the nuclear domain is in a much more delicate manner than for any other domains related to the concept of safety, at least from the public standpoint. This report addresses some important aspects of ICT security that need to be considered at nuclear facilities. It deals with ICT security and the relationship between security and safety from a rather different perspective than usually observed and applied. The report especially highlights the influence on the security of ICT-driven systems by all other dependability factors, and on that basis suggests a framework for ICT security profiling, where several security profiles are assumed to be valid and used in parallel for each ICT-driven system, sub-system or unit at nuclear facilities. The report also covers a related research topic of the Halden Project with focus on cyber threats and

  16. Cloud Computing Security: A Survey

    OpenAIRE

    Khalil, Issa; Khreishah, Abdallah; Azeem, Muhammad

    2014-01-01

    Cloud computing is an emerging technology paradigm that migrates current technological and computing concepts into utility-like solutions similar to electricity and water systems. Clouds bring out a wide range of benefits including configurable computing resources, economic savings, and service flexibility. However, security and privacy concerns are shown to be the primary obstacles to a wide adoption of clouds. The new concepts that clouds introduce, such as multi-tenancy, resource sharing a...

  17. Database security in the cloud

    OpenAIRE

    Sakhi, Imal

    2012-01-01

    The aim of the thesis is to get an overview of the database services available in cloud computing environment, investigate the security risks associated with it and propose the possible countermeasures to minimize the risks. The thesis also analyzes two cloud database service providers namely; Amazon RDS and Xeround. The reason behind choosing these two providers is because they are currently amongst the leading cloud database providers and both provide relational cloud databases which makes ...

  18. National Security Space Launch Report

    Science.gov (United States)

    2006-01-01

    Company Clayton Mowry, President, Arianespace Inc., North American—“Launch Solutions” Elon Musk , CEO and CTO, Space Exploration Technologies (SpaceX...technologies to the NASA Exploration Initiative (“…Moon, Mars and Beyond.”).1 EELV Technology Needs The Atlas V and Delta IV vehicles incorporate current... Mars and other destinations.” 46 National Security Space Launch Report Figure 6.1 U.S. Government Liquid Propulsion Rocket Investment, 1991–2005

  19. Secure Transportation Management

    International Nuclear Information System (INIS)

    Gibbs, P. W.

    2014-01-01

    Secure Transport Management Course (STMC) course provides managers with information related to procedures and equipment used to successfully transport special nuclear material. This workshop outlines these procedures and reinforces the information presented with the aid of numerous practical examples. The course focuses on understanding the regulatory framework for secure transportation of special nuclear materials, identifying the insider and outsider threat(s) to secure transportation, organization of a secure transportation unit, management and supervision of secure transportation units, equipment and facilities required, training and qualification needed.

  20. Pro Spring security

    CERN Document Server

    Scarioni, Carlo

    2013-01-01

    Security is a key element in the development of any non-trivial application. The Spring Security Framework provides a comprehensive set of functionalities to implement industry-standard authentication and authorization mechanisms for Java applications. Pro Spring Security will be a reference and advanced tutorial that will do the following: Guides you through the implementation of the security features for a Java web application by presenting consistent examples built from the ground-up. Demonstrates the different authentication and authorization methods to secure enterprise-level applications

  1. Android security cookbook

    CERN Document Server

    Makan, Keith

    2013-01-01

    Android Security Cookbook' breaks down and enumerates the processes used to exploit and remediate Android app security vulnerabilities in the form of detailed recipes and walkthroughs.""Android Security Cookbook"" is aimed at anyone who is curious about Android app security and wants to be able to take the necessary practical measures to protect themselves; this means that Android application developers, security researchers and analysts, penetration testers, and generally any CIO, CTO, or IT managers facing the impeding onslaught of mobile devices in the business environment will benefit from

  2. Information security management handbook

    CERN Document Server

    2002-01-01

    The Information Security Management Handbook continues its tradition of consistently communicating the fundamental concepts of security needed to be a true CISSP. In response to new developments, Volume 4 supplements the previous volumes with new information covering topics such as wireless, HIPAA, the latest hacker attacks and defenses, intrusion detection, and provides expanded coverage on security management issues and applications security. Even those that don't plan on sitting for the CISSP exam will find that this handbook is a great information security reference.The changes in the tech

  3. European [Security] Union

    DEFF Research Database (Denmark)

    Manners, Ian James

    2013-01-01

    The past 20 years, since the 1992 Treaty on European Union, have seen the gradual creation of both an “Area of Freedom, Security and Justice” and a “Common Foreign and Security Policy”. More recent is the development of a “European Neighbourhood Policy” over the past 10 years. All three...... of these policies involved the navigation and negotiation of security, borders and governance in and by the European Union (EU). This article analyses these practices of bordering and governance through a five-fold security framework. The article argues that a richer understanding of EU security discourses can...

  4. National Security Technology Incubator Evaluation Process

    Energy Technology Data Exchange (ETDEWEB)

    None, None

    2007-12-31

    This report describes the process by which the National Security Technology Incubator (NSTI) will be evaluated. The technology incubator is being developed as part of the National Security Preparedness Project (NSPP), funded by a Department of Energy (DOE)/National Nuclear Security Administration (NNSA) grant. This report includes a brief description of the components, steps, and measures of the proposed evaluation process. The purpose of the NSPP is to promote national security technologies through business incubation, technology demonstration and validation, and workforce development. The NSTI will focus on serving businesses with national security technology applications by nurturing them through critical stages of early development. An effective evaluation process of the NSTI is an important step as it can provide qualitative and quantitative information on incubator performance over a given period. The vision of the NSTI is to be a successful incubator of technologies and private enterprise that assist the NNSA in meeting new challenges in national safety and security. The mission of the NSTI is to identify, incubate, and accelerate technologies with national security applications at various stages of development by providing hands-on mentoring and business assistance to small businesses and emerging or growing companies. To achieve success for both incubator businesses and the NSTI program, an evaluation process is essential to effectively measure results and implement corrective processes in the incubation design if needed. The evaluation process design will collect and analyze qualitative and quantitative data through performance evaluation system.

  5. National Security Technology Incubator Business Plan

    Energy Technology Data Exchange (ETDEWEB)

    None, None

    2007-12-31

    This document contains a business plan for the National Security Technology Incubator (NSTI), developed as part of the National Security Preparedness Project (NSPP) and performed under a Department of Energy (DOE)/National Nuclear Security Administration (NNSA) grant. This business plan describes key features of the NSTI, including the vision and mission, organizational structure and staffing, services, evaluation criteria, marketing strategies, client processes, a budget, incubator evaluation criteria, and a development schedule. The purpose of the NSPP is to promote national security technologies through business incubation, technology demonstration and validation, and workforce development. The NSTI will focus on serving businesses with national security technology applications by nurturing them through critical stages of early development. The vision of the NSTI is to be a successful incubator of technologies and private enterprise that assist the NNSA in meeting new challenges in national safety, security, and protection of the homeland. The NSTI is operated and managed by the Arrowhead Center, responsible for leading the economic development mission of New Mexico State University (NMSU). The Arrowhead Center will recruit business with applications for national security technologies recruited for the NSTI program. The Arrowhead Center and its strategic partners will provide business incubation services, including hands-on mentoring in general business matters, marketing, proposal writing, management, accounting, and finance. Additionally, networking opportunities and technology development assistance will be provided.

  6. Optimization of airport security lanes

    Science.gov (United States)

    Chen, Lin

    2018-05-01

    Current airport security management system is widely implemented all around the world to ensure the safety of passengers, but it might not be an optimum one. This paper aims to seek a better security system, which can maximize security while minimize inconvenience to passengers. Firstly, we apply Petri net model to analyze the steps where the main bottlenecks lie. Based on average tokens and time transition, the most time-consuming steps of security process can be found, including inspection of passengers' identification and documents, preparing belongings to be scanned and the process for retrieving belongings back. Then, we develop a queuing model to figure out factors affecting those time-consuming steps. As for future improvement, the effective measures which can be taken include transferring current system as single-queuing and multi-served, intelligently predicting the number of security checkpoints supposed to be opened, building up green biological convenient lanes. Furthermore, to test the theoretical results, we apply some data to stimulate the model. And the stimulation results are consistent with what we have got through modeling. Finally, we apply our queuing model to a multi-cultural background. The result suggests that by quantifying and modifying the variance in wait time, the model can be applied to individuals with various habits customs and habits. Generally speaking, our paper considers multiple affecting factors, employs several models and does plenty of calculations, which is practical and reliable for handling in reality. In addition, with more precise data available, we can further test and improve our models.

  7. Measuring relational security in forensic mental health services.

    Science.gov (United States)

    Chester, Verity; Alexander, Regi T; Morgan, Wendy

    2017-12-01

    Aims and method Relational security is an important component of care and risk assessment in mental health services, but the utility of available measures remains under-researched. This study analysed the psychometric properties of two relational security tools, the See Think Act (STA) scale and the Relational Security Explorer (RSE). Results The STA scale had good internal consistency and could highlight differences between occupational groups, whereas the RSE did not perform well as a psychometric measure. Clinical implications The measures provide unique and complimentary perspectives on the quality of relational security within secure services, but have some limitations. Use of the RSE should be restricted to its intended purpose; to guide team discussions about relational security, and services should refrain from collecting and aggregating this data. Until further research validates their use, relational security measurement should be multidimensional and form part of a wider process of service quality assessment.

  8. Measuring relational security in forensic mental health services

    Science.gov (United States)

    Chester, Verity; Alexander, Regi T.; Morgan, Wendy

    2017-01-01

    Aims and method Relational security is an important component of care and risk assessment in mental health services, but the utility of available measures remains under-researched. This study analysed the psychometric properties of two relational security tools, the See Think Act (STA) scale and the Relational Security Explorer (RSE). Results The STA scale had good internal consistency and could highlight differences between occupational groups, whereas the RSE did not perform well as a psychometric measure. Clinical implications The measures provide unique and complimentary perspectives on the quality of relational security within secure services, but have some limitations. Use of the RSE should be restricted to its intended purpose; to guide team discussions about relational security, and services should refrain from collecting and aggregating this data. Until further research validates their use, relational security measurement should be multidimensional and form part of a wider process of service quality assessment. PMID:29234515

  9. Quality of Security Service: Adaptive Security

    National Research Council Canada - National Science Library

    Levin, Timothy E; Irvine, Cynthia E; Spyropoulou, Evdoxia

    2004-01-01

    .... In this approach, the "level of service" must be within an acceptable range, and can indicate degrees of security with respect to various aspects of assurance, mechanistic strength, administrative diligence, etc...

  10. Data-Driven Security-Constrained OPF

    DEFF Research Database (Denmark)

    Thams, Florian; Halilbasic, Lejla; Pinson, Pierre

    2017-01-01

    considerations, while being less conservative than current approaches. Our approach can be scalable for large systems, accounts explicitly for power system security, and enables the electricity market to identify a cost-efficient dispatch avoiding redispatching actions. We demonstrate the performance of our......In this paper we unify electricity market operations with power system security considerations. Using data-driven techniques, we address both small signal stability and steady-state security, derive tractable decision rules in the form of line flow limits, and incorporate the resulting constraints...... in market clearing algorithms. Our goal is to minimize redispatching actions, and instead allow the market to determine the most cost-efficient dispatch while considering all security constraints. To maintain tractability of our approach we perform our security assessment offline, examining large datasets...

  11. Accelerate China’s Social Security Legislation

    Institute of Scientific and Technical Information of China (English)

    王延中

    2008-01-01

    Since the financial crisis in Asia in 1997, China’s social security system has undergone continual reform and readjustment, and has proved to be an integral part of government efforts to perfect the socialist market economy as well as in building a socialist harmonious society. Although social security construction has achieved certain results, it has also left a lot of problems. With the rapid growth of China’s economy and revenue, people from all walks of life are putting ever-increasing demands on the social security system; therefore, the construction of a sound social security system suited to China’s current situation still remains an arduous task. In this article, the author have reviewed the 10 years development of China’s social security system, analyzed problems and challenges and proposed its suggestions.

  12. Security analysis of cyber-physical system

    Science.gov (United States)

    Li, Bo; Zhang, Lichen

    2017-05-01

    In recent years, Cyber-Physical System (CPS) has become an important research direction of academic circles and scientific and technological circles at home and abroad, is considered to be following the third wave of world information technology after the computer, the Internet. PS is a multi-dimensional, heterogeneous, deep integration of open systems, Involving the computer, communication, control and other disciplines of knowledge. As the various disciplines in the research theory and methods are significantly different, so the application of CPS has brought great challenges. This paper introduces the definition and characteristics of CPS, analyzes the current situation of CPS, analyzes the security threats faced by CPS, and gives the security solution for security threats. It also discusses CPS-specific security technology, to promote the healthy development of CPS in information security.

  13. Considerations on Cyber Security Assessments of Korean Nuclear Power Plants

    International Nuclear Information System (INIS)

    Lee, Jung-Woon; Song, Jae-Gu; Han, Kyung-Soo; Lee, Cheol Kwon; Kang, Mingyun

    2015-01-01

    Korea Institute of Nuclear Nonproliferation and Control (KINAC) has prepared the regulatory standard RS-015 based on RG 5.71. RS-015 defines the elements of a cyber security program to be established in nuclear facilities and describes the security control items and relevant requirements. Cyber security assessments are important initial activities in a cyber security program for NPPs. Cyber security assessments can be performed in the following key steps: 1) Formation of a cyber security assessment team (CSAT); 2) Identification of critical systems and critical digital assets (CDAs); 3) Plant compliance checks with the security control requirements in RS-015. Through the assessments, the current status of security controls applied to NPPs can be found out. The assessments provide baseline data for remedial activities. Additional analyses with the results from the assessments should be performed before the implementation of remedial security controls. The cyber security team at the Korea Atomic Energy Research Institute (KAERI) has studied how to perform cyber security assessments for NPPs based on the regulatory requirements. Recently, KAERI's cyber security team has performed pilot cyber security assessments of a Korean NPP. Based on this assessment experience, considerations and checkpoints which would be helpful for full-scale cyber security assessments of Korean NPPs and the implementation of remedial security controls are discussed in this paper. Cyber security assessment is one of important and immediate activities for NPP cyber security. The quality of the first assessment will be a barometer for NPP cyber security. Hence cyber security assessments of Korean NPPs should be performed elaborately

  14. Considerations on Cyber Security Assessments of Korean Nuclear Power Plants

    Energy Technology Data Exchange (ETDEWEB)

    Lee, Jung-Woon; Song, Jae-Gu; Han, Kyung-Soo; Lee, Cheol Kwon [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of); Kang, Mingyun [E-Gonggam Co. Ltd., Daejeon (Korea, Republic of)

    2015-10-15

    Korea Institute of Nuclear Nonproliferation and Control (KINAC) has prepared the regulatory standard RS-015 based on RG 5.71. RS-015 defines the elements of a cyber security program to be established in nuclear facilities and describes the security control items and relevant requirements. Cyber security assessments are important initial activities in a cyber security program for NPPs. Cyber security assessments can be performed in the following key steps: 1) Formation of a cyber security assessment team (CSAT); 2) Identification of critical systems and critical digital assets (CDAs); 3) Plant compliance checks with the security control requirements in RS-015. Through the assessments, the current status of security controls applied to NPPs can be found out. The assessments provide baseline data for remedial activities. Additional analyses with the results from the assessments should be performed before the implementation of remedial security controls. The cyber security team at the Korea Atomic Energy Research Institute (KAERI) has studied how to perform cyber security assessments for NPPs based on the regulatory requirements. Recently, KAERI's cyber security team has performed pilot cyber security assessments of a Korean NPP. Based on this assessment experience, considerations and checkpoints which would be helpful for full-scale cyber security assessments of Korean NPPs and the implementation of remedial security controls are discussed in this paper. Cyber security assessment is one of important and immediate activities for NPP cyber security. The quality of the first assessment will be a barometer for NPP cyber security. Hence cyber security assessments of Korean NPPs should be performed elaborately.

  15. Contemporary security management

    CERN Document Server

    Fay, John

    2010-01-01

    Contemporary Security Management, 3rd Edition teaches security professionals how to operate an efficient security department and how to integrate smoothly with other groups inside and outside their own organizations. Fay demonstrates the specifics of security management: * how to organize, plan, develop and manage a security operation. * how to identify vulnerabilities. * how to determine the protective resources required to offset threats. * how to implement all necessary physical and IT security measures. Security professionals share the responsibility for mitigating damage, serving as a resource to an Emergency Tactical Center, assisting the return of business continuity, and liaising with local response agencies such as police and fire departments, emergency medical responders, and emergency warning centers. At the organizational level, the book addresses budgeting, employee performance, counseling, hiring and termination, employee theft and other misconduct, and offers sound advice on building constructi...

  16. Introduction to Hardware Security

    Directory of Open Access Journals (Sweden)

    Yier Jin

    2015-10-01

    Full Text Available Hardware security has become a hot topic recently with more and more researchers from related research domains joining this area. However, the understanding of hardware security is often mixed with cybersecurity and cryptography, especially cryptographic hardware. For the same reason, the research scope of hardware security has never been clearly defined. To help researchers who have recently joined in this area better understand the challenges and tasks within the hardware security domain and to help both academia and industry investigate countermeasures and solutions to solve hardware security problems, we will introduce the key concepts of hardware security as well as its relations to related research topics in this survey paper. Emerging hardware security topics will also be clearly depicted through which the future trend will be elaborated, making this survey paper a good reference for the continuing research efforts in this area.

  17. DNS security management

    CERN Document Server

    Dooley, Michael

    2017-01-01

    An advanced Domain Name System (DNS) security resource that explores the operation of DNS, its vulnerabilities, basic security approaches, and mitigation strategies DNS Security Management offers an overall role-based security approach and discusses the various threats to the Domain Name Systems (DNS). This vital resource is filled with proven strategies for detecting and mitigating these all too frequent threats. The authors—noted experts on the topic—offer an introduction to the role of DNS and explore the operation of DNS. They cover a myriad of DNS vulnerabilities and include preventative strategies that can be implemented. Comprehensive in scope, the text shows how to secure DNS resolution with the Domain Name System Security Extensions (DNSSEC), DNS firewall, server controls, and much more. In addition, the text includes discussions on security applications facilitated by DNS, such as anti-spam, SFP, and DANE.

  18. Information security cost management

    CERN Document Server

    Bazavan, Ioana V

    2006-01-01

    While information security is an ever-present challenge for all types of organizations today, most focus on providing security without addressing the necessities of staff, time, or budget in a practical manner.Information Security Cost Management offers a pragmatic approach to implementing information security, taking budgetary and real-world constraints into consideration. By providing frameworks, step-by-step processes, and project management breakdowns, this book demonstrates how to design the best security strategy with the resources you have available. Organized into five sections, the book-Focuses on setting the right road map so that you can be most effective in your information security implementationsDiscusses cost-effective staffing, the single biggest expense to the security organizationPresents practical ways to build and manage the documentation that details strategy, provides resources for operating annual audits, and illustrates how to advertise accomplishments to senior management effectivelyI...

  19. Computer Security Systems Enable Access.

    Science.gov (United States)

    Riggen, Gary

    1989-01-01

    A good security system enables access and protects information from damage or tampering, but the most important aspects of a security system aren't technical. A security procedures manual addresses the human element of computer security. (MLW)

  20. Home - Defense Technology Security Administration

    Science.gov (United States)

    by @dtsamil Defense Technology Security Administration Mission, Culture, and History Executive Official seal of Defense Technology Security Administration Official seal of Defense Technology Security Administration OFFICE of the SECRETARY of DEFENSE Defense Technology Security Administration

  1. Using Frankencerts for Automated Adversarial Testing of Certificate Validation in SSL/TLS Implementations

    OpenAIRE

    Brubaker, Chad; Jana, Suman; Ray, Baishakhi; Khurshid, Sarfraz; Shmatikov, Vitaly

    2014-01-01

    Modern network security rests on the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols. Distributed systems, mobile and desktop applications, embedded devices, and all of secure Web rely on SSL/TLS for protection against network attacks. This protection critically depends on whether SSL/TLS clients correctly validate X.509 certificates presented by servers during the SSL/TLS handshake protocol.

  2. International Nuclear Security Education Network (INSEN) and the Nuclear Security Training and Support Centre (NSSC) Network

    International Nuclear Information System (INIS)

    Nikonov, Dmitriy

    2013-01-01

    International Nuclear Security Education Network established in 2010: A partnership between the IAEA and universities, research institutions and other stakeholders - •Promotion of nuclear security education; • Development of educational materials; • Professional development for faculty members; • Collaborative research and resource sharing. Currently over 90 members from 38 member states. Mission: to enhance global nuclear security by developing, sharing and promoting excellence in nuclear security education. Nuclear Security Support Centre: Primary objectives are: • Develop human resources through the implementation of a tailored training programme; • Develop a network of experts; • Provide technical support for lifecycle equipment management and scientific support for the detection of and the response to nuclear security events

  3. Control System Applicable Use Assessment of the Secure Computing Corporation - Secure Firewall (Sidewinder)

    Energy Technology Data Exchange (ETDEWEB)

    Hadley, Mark D.; Clements, Samuel L.

    2009-01-01

    Battelle’s National Security & Defense objective is, “applying unmatched expertise and unique facilities to deliver homeland security solutions. From detection and protection against weapons of mass destruction to emergency preparedness/response and protection of critical infrastructure, we are working with industry and government to integrate policy, operational, technological, and logistical parameters that will secure a safe future”. In an ongoing effort to meet this mission, engagements with industry that are intended to improve operational and technical attributes of commercial solutions that are related to national security initiatives are necessary. This necessity will ensure that capabilities for protecting critical infrastructure assets are considered by commercial entities in their development, design, and deployment lifecycles thus addressing the alignment of identified deficiencies and improvements needed to support national cyber security initiatives. The Secure Firewall (Sidewinder) appliance by Secure Computing was assessed for applicable use in critical infrastructure control system environments, such as electric power, nuclear and other facilities containing critical systems that require augmented protection from cyber threat. The testing was performed in the Pacific Northwest National Laboratory’s (PNNL) Electric Infrastructure Operations Center (EIOC). The Secure Firewall was tested in a network configuration that emulates a typical control center network and then evaluated. A number of observations and recommendations are included in this report relating to features currently included in the Secure Firewall that support critical infrastructure security needs.

  4. SECURITY SYSTEMS FOR MARITIME HARBOUR

    Directory of Open Access Journals (Sweden)

    Georgică SLĂMNOIU

    2010-11-01

    Full Text Available Infrastructure protection objectives are at the top of the agenda of those responsible in the European Union. Currently Romania is one of the countries on its eastern border of the Union and this has special implications in terms of security measures that are required to be implemented. Ships and harbours are important current conflict stage. An integrated system of protection of harbours must be prepared in advance in order to continuously provide information that will increase the overall performance of the intervention forces.

  5. SECURE nuclear district heating plant

    International Nuclear Information System (INIS)

    Nilsson; Hannus, M.

    1978-01-01

    The role foreseen for the SECURE (Safe Environmentally Clean Urban REactor) nuclear district heating plant is to provide the baseload heating needs of primarily the larger and medium size urban centers that are outside the range of waste heat supply from conventional nuclear power stations. The rationale of the SECURE concept is that the simplicity in design and the inherent safety advantages due to the use of low temperatures and pressures should make such reactors economically feasible in much smaller unit sizes than nuclear power reactors and should make their urban location possible. It is felt that the present design should be safe enough to make urban underground location possible without restriction according to any criteria based on actual risk evaluation. From the environmental point of view, this is a municipal heat supply plant with negligible pollution. Waste heat is negligible, gaseous radioactivity release is negligible, and there is no liquid radwaste release. Economic comparisons show that the SECURE plant is competitive with current fossil-fueled alternatives. Expected future increase in energy raw material prices will lead to additional energy cost advantages to the SECURE plant

  6. A METHODOLOGICAL APPROACH TO THE STRATEGIC ANALYSIS OF FOOD SECURITY

    Directory of Open Access Journals (Sweden)

    Anastasiia Mostova

    2017-12-01

    Full Text Available The objective of present work is to substantiate the use of tools for strategic analysis in order to develop a strategy for the country’s food security under current conditions and to devise the author’s original technique to perform strategic analysis of food security using a SWOT-analysis. The methodology of the study. The article substantiates the need for strategic planning of food security. The author considers stages in strategic planning and explains the importance of the stage of strategic analysis of the country’s food security. It is proposed to apply a SWOT-analysis when running a strategic analysis of food security. The study is based on the system of indicators and characteristics of the country’s economy, agricultural sector, market trends, material-technical, financial, human resources, which are essential to obtain an objective assessment of the impact of trends and factors on food security, and in order to further develop the procedure for conducting a strategic analysis of the country’s food security. Results of the study. The procedure for strategic analysis of food security is developed based on the tool of a SWOT-analysis, which implies three stages: a strategic analysis of weaknesses and strengths, opportunities and threats; construction of the matrix of weaknesses and strengths, opportunities, and threats (SWOT-analysis matrix; formation of the food security strategy based on the SWOT-analysis matrix. A list of characteristics was compiled in order to conduct a strategic analysis of food security and to categorize them as strengths or weaknesses, threats, and opportunities. The characteristics are systemized into strategic groups: production, market; resources; consumption: this is necessary for the objective establishing of strategic directions, responsible performers, allocation of resources, and effective control, for the purpose of further development and implementation of the strategy. A strategic analysis

  7. Lecture 13: Control System Cyber Security

    CERN Multimedia

    CERN. Geneva

    2013-01-01

    Today, the industralized world lives in symbiosis with control systems: it depends on power distribution, oil production, public transport, automatic production lines. While the convenience is at hand, still too many control systems are designed without any security in mind, lack basic security protections, and are not even robust enough to withstand basic attacks. The Stuxnet worm attacking Siemens PLCs in 2010 was another close call. Attackers currently enjoy hacking control systems, and aim to switch lights off. This presentation shall recap the current situation and outline why the presenter is still waiting for a change in paradigm. Stefan Lüders, PhD, graduated from the Swiss Federal Institute of Technology in Zurich and joined CERN in 2002. Being initially developer of a common safety system used in all four experiments at the Large Hadron Collider, he gathered expertise in cyber-security issues of control systems. Consequently in 2004, he took over responsibilities in securing CERN's accelerator and...

  8. Latvian Security and Defense Policy within the Twenty-First Century Security Environment

    Directory of Open Access Journals (Sweden)

    Rublovskis Raimonds

    2014-12-01

    Full Text Available The aim of this paper is to analyze fundamental factors which form and profoundly shape security and defense policy of the Republic of Latvia. One can argue that historical background, geographical location, common institutional history within the former Soviet Union, the Russia factor, the relative smallness of the territory of state and the population, the ethnic composition of the population, the low density of the population and rather limited financial and manpower resources available for the defense of the Republic of Latvia are the key factors of influence on the state security and defense policy. The core principles of the security and defense policy of Latvia are the membership in powerful global military alliance of NATO and bilateral strategic partnership with the United States. However, security and defense cooperation among the three Baltic States as well as enhanced cooperation within the Baltic-Nordic framework is seen as an important supplementary factor for the increased security of the Republic of Latvia. Latvia has developed a sustainable legal and institutional framework in order to contribute to state security and defense; however, security challenges and significant changes within the global security environment of the twenty-first century will further challenge the ability of the Republic of Latvia to sustain its current legal framework, and more importantly, current institutional structure of Latvian security and defense architecture. Significant internal and external challenges will impact the fundamental pillars of Latvian security and defense policy, such as American strategic shift to the Pacific, and lack of political will to increase defense budgets in European part of NATO. It has to be clear that very independence, security and defense of the Republic of Latvia depend on the ability of NATO to remain an effective organization with timely and efficient decision-making, and the ability of the United States to remain

  9. An Analysis Of Wireless Security

    OpenAIRE

    Salendra Prasad

    2017-01-01

    The WLAN security includes Wired Equivalent Primary WEP and WI-FI protected Access WPA. Today WEP is regarded as very poor security standard. WEP was regarded as very old security standard and has many security issues which users need to be addressed. In this Paper we will discuss Wireless Security and ways to improve on wireless security.

  10. Segurança/insegurança alimentar em famílias urbanas e rurais no estado do Amazonas: I. validação de metodologia e de instrumento de coleta de informação Nutritional security/insecurity in urban and rural families of Amazonas state: validation of methodology and of information collecting instrument

    Directory of Open Access Journals (Sweden)

    Lúcia K. O. Yuyama

    2007-06-01

    Full Text Available O presente estudo validou a metodologia e o instrumento de coleta de informação para análise da segurança/insegurança alimentar, em famílias urbanas e rurais no estado do Amazonas conforme o proposto pelo USDA (Departamento de Agricultura dos Estados Unidos. Valendo-se de amostra intencional de domicílios, selecionadas para representar estratos sociais diferentes foram computadas 194 famílias sendo 174 com crianças na área urbana de Manaus, envolvendo os seguintes bairros: Jesus me Deu, Novo Israel, Cidade Nova, Coroado e Conjunto Petro. Na área rural foram entrevistadas 209 famílias ribeirinhas e destas 131 com crianças, distribuídas entre os Municípios de Iranduba e Manacapuru. A validação final do questionário (Consistência interna global deu-se por meio da comparação dos níveis de segurança e insegurança alimentar, com os estratos definidos dos indicadores sociais e de consumo. Pode-se concluir que os grupos com maior insegurança alimentar foram os situados em estratos sociais mais baixos e de baixo consumo de alimentos sensíveis a estas condições. O instrumento de coleta apresentou alta validade e consistência interna.The present study validates the methodology and the information collecting instrument for analysis of nutritional security/insecurity on the urban and rural family level, proposed by the USDA (United States Department of Agriculture. An intentional sample of domiciles was selected to represent different social strata, 194 families were enrolled in urban Manaus, of which 174 had children, in the following neighborhoods: Jesus me Deu, Nova Israel, Cidade Nova, Coroado and Conj. Petro. In the rural area between the municipalities of Iranduba and Manacapuru, 209 riparian families were interviewed, and of these 131 had children. The final validation of the questionnaire (global internal consistency was made by comparing, the levels of nutritional security/insecurity, with the defined social strata and

  11. A Layered Trust Information Security Architecture

    Science.gov (United States)

    de Oliveira Albuquerque, Robson; García Villalba, Luis Javier; Sandoval Orozco, Ana Lucila; Buiati, Fábio; Kim, Tai-Hoon

    2014-01-01

    Information can be considered the most important asset of any modern organization. Securing this information involves preserving confidentially, integrity and availability, the well-known CIA triad. In addition, information security is a risk management job; the task is to manage the inherent risks of information disclosure. Current information security platforms do not deal with the different facets of information technology. This paper presents a layered trust information security architecture (TISA) and its creation was motivated by the need to consider information and security from different points of view in order to protect it. This paper also extends and discusses security information extensions as a way of helping the CIA triad. Furthermore, this paper suggests information representation and treatment elements, operations and support components that can be integrated to show the various risk sources when dealing with both information and security. An overview of how information is represented and treated nowadays in the technological environment is shown, and the reason why it is so difficult to guarantee security in all aspects of the information pathway is discussed. PMID:25470490

  12. A layered trust information security architecture.

    Science.gov (United States)

    de Oliveira Albuquerque, Robson; Villalba, Luis Javier García; Orozco, Ana Lucila Sandoval; Buiati, Fábio; Kim, Tai-Hoon

    2014-12-01

    Information can be considered the most important asset of any modern organization. Securing this information involves preserving confidentially, integrity and availability, the well-known CIA triad. In addition, information security is a risk management job; the task is to manage the inherent risks of information disclosure. Current information security platforms do not deal with the different facets of information technology. This paper presents a layered trust information security architecture (TISA) and its creation was motivated by the need to consider information and security from different points of view in order to protect it. This paper also extends and discusses security information extensions as a way of helping the CIA triad. Furthermore, this paper suggests information representation and treatment elements, operations and support components that can be integrated to show the various risk sources when dealing with both information and security. An overview of how information is represented and treated nowadays in the technological environment is shown, and the reason why it is so difficult to guarantee security in all aspects of the information pathway is discussed.

  13. A Layered Trust Information Security Architecture

    Directory of Open Access Journals (Sweden)

    Robson de Oliveira Albuquerque

    2014-12-01

    Full Text Available Information can be considered the most important asset of any modern organization. Securing this information involves preserving confidentially, integrity and availability, the well-known CIA triad. In addition, information security is a risk management job; the task is to manage the inherent risks of information disclosure. Current information security platforms do not deal with the different facets of information technology. This paper presents a layered trust information security architecture (TISA and its creation was motivated by the need to consider information and security from different points of view in order to protect it. This paper also extends and discusses security information extensions as a way of helping the CIA triad. Furthermore, this paper suggests information representation and treatment elements, operations and support components that can be integrated to show the various risk sources when dealing with both information and security. An overview of how information is represented and treated nowadays in the technological environment is shown, and the reason why it is so difficult to guarantee security in all aspects of the information pathway is discussed.

  14. The economic security of power plants

    Directory of Open Access Journals (Sweden)

    Niedziółka Dorota

    2017-01-01

    Full Text Available Currently, power plants in Poland have to work in a very uncomfortable situation. Unstable market conditions and frequent changes in the law may have serious adverse consequences for their economic security. Power plants play a very important role in the economy. The effectiveness of their performance affects the activity of all other businesses. Therefore, it is very important to provide a definition of economic security for the power plants’ sector and the factors determining its level. Maintaining economic security will allow energy generation companies to grow in a sustainable way as well as limit operational risk. A precise definition can also be used to create analytical tools for economic security measurement and monitoring. Proper usage of such tools can help energy generation companies sustain their economic security and properly plan their capital expenditures. The article focuses on the definition of economic security in the “micro” context of a separate business unit (enterprise. We also present an analytical model that measures economic security of a company engaged in the production of energy - a company of strategic importance for the national economy. The model uses macroeconomic variables, variables describing prices of raw material and legal / political stability in the country, as well as selected financial indicators. The appliance of conclusions resulting from the model’s implementation will help provide economic security for companies generating energy.

  15. What is Security? A perspective on achieving security

    Energy Technology Data Exchange (ETDEWEB)

    Atencio, Julian J.

    2014-05-05

    This presentation provides a perspective on achieving security in an organization. It touches upon security as a mindset, ability to adhere to rules, cultivating awareness of the reason for a security mindset, the quality of a security program, willingness to admit fault or acknowledge failure, peer review in security, science as a model that can be applied to the security profession, the security vision, security partnering, staleness in the security program, security responsibilities, and achievement of success over time despite the impossibility of perfection.

  16. Overview of security culture

    International Nuclear Information System (INIS)

    Matulanya, M. A.

    2014-04-01

    Nuclear Security culture concept has been aggressively promoted over the past several years as a tool to improve the physical protection of the nuclear and radioactive materials due to growing threats of catastrophic terrorism and other new security challenges. It is obvious that, the scope of nuclear security and the associated cultures need to be extended beyond the traditional task of protecting weapons-usable materials. The role of IAEA is to strengthen the nuclear security framework globally and in leading the coordination of international activities in this field. Therefore all governments should work closely with the IAEA to take stronger measures to ensure the physical protection, the safety and security of the nuclear and radioactive materials. In the effort to reflect this new realities and concerns, the IAEA in 2008 came up with the document, the Nuclear Security Culture, Nuclear Security Series No. 7, Implementing Guide to the member states which urged every member state to take appropriate measures to promote security culture with respect to nuclear and radioactive materials. The document depicted this cultural approach as the way to protect individual, society and the environment. Among other things, the document defined nuclear security culture as characteristics and attitudes in organizations and of individuals which establishes that, nuclear security issues receives attention warranted by their significance. (au)

  17. Secure IP mobility management for VANET

    CERN Document Server

    Taha, Sanaa

    2013-01-01

    This brief presents the challenges and solutions for VANETs' security and privacy problems occurring in mobility management protocols including Mobile IPv6 (MIPv6), Proxy MIPv6 (PMIPv6), and Network Mobility (NEMO). The authors give an overview of the concept of the vehicular IP-address configurations as the prerequisite step to achieve mobility management for VANETs, and review the current security and privacy schemes applied in the three mobility management protocols. Throughout the brief, the authors propose new schemes and protocols to increase the security of IP addresses within VANETs in

  18. Internet of Cloud: Security and Privacy issues

    OpenAIRE

    Cook, Allan; Robinson, Michael; Ferrag, Mohamed Amine; Maglaras, Leandros A.; He, Ying; Jones, Kevin; Janicke, Helge

    2017-01-01

    The synergy between the cloud and the IoT has emerged largely due to the cloud having attributes which directly benefit the IoT and enable its continued growth. IoT adopting Cloud services has brought new security challenges. In this book chapter, we pursue two main goals: 1) to analyse the different components of Cloud computing and the IoT and 2) to present security and privacy problems that these systems face. We thoroughly investigate current security and privacy preservation solutions th...

  19. Secure and Efficient Routable Control Systems

    Energy Technology Data Exchange (ETDEWEB)

    Edgar, Thomas W.; Hadley, Mark D.; Manz, David O.; Winn, Jennifer D.

    2010-05-01

    This document provides the methods to secure routable control system communication in the electric sector. The approach of this document yields a long-term vision for a future of secure communication, while also providing near term steps and a roadmap. The requirements for the future secure control system environment were spelled out to provide a final target. Additionally a survey and evaluation of current protocols was used to determine if any existing technology could achieve this goal. In the end a four-step path was described that brought about increasing requirement completion and culminates in the realization of the long term vision.

  20. Security Gaps In Authentication Factor Credentials

    Directory of Open Access Journals (Sweden)

    Neeraj A. Sharma

    2015-08-01

    Full Text Available Authentication factors refer to user login credentials that a user supplies to an authentication process for it to decide whether to grant or deny access. While two-factor and three-factor authentication generally provides better security than one-factor authentication the aim of this paper is to review security in individual authentication factor credentials that are in use nowadays. These credentials will be discussed in factor categories knowledge factor possession factor and inherence factor. The paper details current security gaps and some novel approaches to diminish the gaps in these authentication factors. We believe that our recommendations will inspire development of better authentication credentials and systems.

  1. Computational Intelligence, Cyber Security and Computational Models

    CERN Document Server

    Anitha, R; Lekshmi, R; Kumar, M; Bonato, Anthony; Graña, Manuel

    2014-01-01

    This book contains cutting-edge research material presented by researchers, engineers, developers, and practitioners from academia and industry at the International Conference on Computational Intelligence, Cyber Security and Computational Models (ICC3) organized by PSG College of Technology, Coimbatore, India during December 19–21, 2013. The materials in the book include theory and applications for design, analysis, and modeling of computational intelligence and security. The book will be useful material for students, researchers, professionals, and academicians. It will help in understanding current research trends and findings and future scope of research in computational intelligence, cyber security, and computational models.

  2. Security, privacy and trust in cloud systems

    CERN Document Server

    Nepal, Surya

    2013-01-01

    The book compiles technologies for enhancing and provisioning security, privacy and trust in cloud systems based on Quality of Service requirements. It is a timely contribution to a field that is gaining considerable research interest, momentum, and provides a comprehensive coverage of technologies related to cloud security, privacy and trust. In particular, the book includes - Cloud security fundamentals and related technologies to-date, with a comprehensive coverage of evolution, current landscape, and future roadmap. - A smooth organization with introductory, advanced and specialist content

  3. Secure Data Service Outsourcing with Untrusted Cloud

    OpenAIRE

    Xiong, Huijun

    2013-01-01

    Outsourcing data services to the cloud is a nature fit for cloud usage. However, increasing security and privacy concerns from both enterprises and individuals on their outsourced data inhibit this trend. In this dissertation, we introduce service-centric solutions to address two types of security threats existing in the current cloud environments: semi-honest cloud providers and malicious cloud customers. Our solution aims not only to provide confidentiality and access controllability of out...

  4. Security analysis of session initiation protocol

    OpenAIRE

    Dobson, Lucas E.

    2010-01-01

    Approved for public release; distribution is unlimited The goal of this thesis is to investigate the security of the Session Initiation Protocol (SIP). This was accomplished by researching previously discovered protocol and implementation vulnerabilities, evaluating the current state of security tools and using those tools to discover new vulnerabilities in SIP software. The CVSS v2 system was used to score protocol and implementation vulnerabilities to give them a meaning that was us...

  5. Securing IoT Devices at CERN

    CERN Multimedia

    CERN. Geneva

    2018-01-01

    CERN has more than 1000 Internet of Things (IoT) devices, which are connected to the office network. We have been doing the research to find all vulnerable IoT devices in CERN and mitigated them. We are currently working on detecting IoT devices automatically and, moreover, identifying the manufacturer, model and the running firmware version. This will help the CERN Computer Security Team to spot vulnerable devices and to show the security risks associated with them.

  6. Endpoint Security Using Biometric Authentication for Secure Remote Mission Operations

    Science.gov (United States)

    Donohue, John T.; Critchfield, Anna R.

    2000-01-01

    We propose a flexible security authentication solution for the spacecraft end-user, which will allow the user to interact over Internet with the spacecraft, its instruments, or with the ground segment from anywhere, anytime based on the user's pre-defined set of privileges. This package includes biometrics authentication products, such as face, voice or fingerprint recognition, authentication services and procedures, such as: user registration and verification over the Internet and user database maintenance, with a configurable schema of spacecraft users' privileges. This fast and reliable user authentication mechanism will become an integral part of end-to-end ground-to-space secure Internet communications and migration from current practice to the future. All modules and services of the proposed package are commercially available and built to the NIST BioAPI standard, which facilitates "pluggability" and interoperability.

  7. Hybrid-secure MPC 

    DEFF Research Database (Denmark)

    Lucas, Christoph; Raub, Dominik; Maurer, Ueli

    2010-01-01

    of the adversary, without being aware of the actual adversarial setting. Thus, hybrid-secure MPC protocols allow for graceful degradation of security. We present a hybrid-secure MPC protocol that provides an optimal trade-off between IT robustness and computational privacy: For any robustness parameter ρ ... obtain one MPC protocol that is simultaneously IT secure with robustness for up to t ≤ ρ actively corrupted parties, IT secure with fairness (no robustness) for up to t ... in the universal composability (UC) framework (based on a network of secure channels, a broadcast channel, and a common reference string). It achieves the bound on the trade-off between robustness and privacy shown by Ishai et al. [CRYPTO'06] and Katz [STOC'07], the bound on fairness shown by Cleve [STOC'86...

  8. The strategic security officer.

    Science.gov (United States)

    Hodges, Charles

    2014-01-01

    This article discusses the concept of the strategic security officer, and the potential that it brings to the healthcare security operational environment. The author believes that training and development, along with strict hiring practices, can enable a security department to reach a new level of professionalism, proficiency and efficiency. The strategic officer for healthcare security is adapted from the "strategic corporal" concept of US Marine Corps General Charles C. Krulak which focuses on understanding the total force implications of the decisions made by the lowest level leaders within the Corps (Krulak, 1999). This article focuses on the strategic organizational implications of every security officer's decisions in the constantly changing and increasingly volatile operational environment of healthcare security.

  9. PRIVATE SECURITY IN SPORT

    Directory of Open Access Journals (Sweden)

    Dragan Vukasović

    2011-09-01

    Full Text Available Given the importance of sport for international integration, affirmation, a sense of belonging and other values of general interest, in order to maintain and open new prospects of development, it is necessary to form the private security system along with state security system, with a view to creating conditions for development sports athletes to achieve better results both in domestic and international competitions. Private security is only one element of an integrated security system which, with its efficient organization with the use of adequate means and measures should provide answers to new challenges, risks and threats. Private security in line with the new understanding of the concept of security has an important role in providing athletes.

  10. While Working Around Security

    DEFF Research Database (Denmark)

    Mathiasen, Niels Raabjerg

    Users of technology encounter various IT security mechanisms in their everyday lives. If these mechanisms fail to support everyday activities, they either get in the way, or the users find a way to work around them. Even though users manage to carry out everyday activities by using substandard...... IT security mechanisms or via workarounds, it will influence their experience of security. If researchers and designers only focus on IT security artifacts and fail to take the user experience into account, incorrect processes or workarounds will occur. Accordingly, to get users to follow the correct process...... may seem to be a criterion of success, even though it may yield a less appropriate experience of security. This dissertation deals with an improved understanding of IT security sensitive IT artifacts and presents three design methods, and a framework for addressing the complexities and contingencies...

  11. Security Engine Management of Router based on Security Policy

    OpenAIRE

    Su Hyung Jo; Ki Young Kim; Sang Ho Lee

    2007-01-01

    Security management has changed from the management of security equipments and useful interface to manager. It analyzes the whole security conditions of network and preserves the network services from attacks. Secure router technology has security functions, such as intrusion detection, IPsec(IP Security) and access control, are applied to legacy router for secure networking. It controls an unauthorized router access and detects an illegal network intrusion. This paper re...

  12. ITIL® and information security

    International Nuclear Information System (INIS)

    Jašek, Roman; Králík, Lukáš; Popelka, Miroslav

    2015-01-01

    This paper discusses the context of ITIL framework and management of information security. It is therefore a summary study, where the first part is focused on the safety objectives in connection with the ITIL framework. First of all, there is a focus on ITIL process ISM (Information Security Management), its principle and system management. The conclusion is about link between standards, which are related to security, and ITIL framework

  13. Towards Information Security Awareness

    OpenAIRE

    Marius Petrescu; Delia Mioara Popescu; Nicoleta Sirbu

    2010-01-01

    Information security has come to be recognized as increasingly important because global communication and information systems allow a potentially large number of unauthorized users to access and possibly alter information from around the world. As the dependence on information systems grows, so the security of information networks becomes ever more critical to any entity, no matter if it is a company or a public institution. Information security involves both technology and people. Any securi...

  14. Outsourcing information security

    CERN Document Server

    Axelrod, Warren

    2004-01-01

    This comprehensive and timely resource examines security risks related to IT outsourcing, clearly showing you how to recognize, evaluate, minimize, and manage these risks. Unique in its scope, this single volume offers you complete coverage of the whole range of IT security services and fully treats the IT security concerns of outsourcing. The book helps you deepen your knowledge of the tangible and intangible costs and benefits associated with outsourcing IT and IS functions.

  15. Cloud Infrastructure Security

    OpenAIRE

    Velev , Dimiter; Zlateva , Plamena

    2010-01-01

    Part 4: Security for Clouds; International audience; Cloud computing can help companies accomplish more by eliminating the physical bonds between an IT infrastructure and its users. Users can purchase services from a cloud environment that could allow them to save money and focus on their core business. At the same time certain concerns have emerged as potential barriers to rapid adoption of cloud services such as security, privacy and reliability. Usually the information security professiona...

  16. Automated security management

    CERN Document Server

    Al-Shaer, Ehab; Xie, Geoffrey

    2013-01-01

    In this contributed volume, leading international researchers explore configuration modeling and checking, vulnerability and risk assessment, configuration analysis, and diagnostics and discovery. The authors equip readers to understand automated security management systems and techniques that increase overall network assurability and usability. These constantly changing networks defend against cyber attacks by integrating hundreds of security devices such as firewalls, IPSec gateways, IDS/IPS, authentication servers, authorization/RBAC servers, and crypto systems. Automated Security Managemen

  17. Addressing Software Security

    Science.gov (United States)

    Bailey, Brandon

    2015-01-01

    Historically security within organizations was thought of as an IT function (web sites/servers, email, workstation patching, etc.) Threat landscape has evolved (Script Kiddies, Hackers, Advanced Persistent Threat (APT), Nation States, etc.) Attack surface has expanded -Networks interconnected!! Some security posture factors Network Layer (Routers, Firewalls, etc.) Computer Network Defense (IPS/IDS, Sensors, Continuous Monitoring, etc.) Industrial Control Systems (ICS) Software Security (COTS, FOSS, Custom, etc.)

  18. Auditing Organizational Security

    Science.gov (United States)

    2017-01-01

    Organi- zation for Standardiza- tion ( ISO ): ISO 27000 : Information Systems Se- curity Management. A robust program of internal auditing of a...improvement is the basis and underpinning of the ISO . All processes must be considered ongoing and never at an “end state.” Top management develops a...security management system, including security policies and security objectives, plus threats and risks. Orga- nizations already working with ISO 9000

  19. Intercorporate Security Event Correlation

    Directory of Open Access Journals (Sweden)

    D. O. Kovalev

    2010-03-01

    Full Text Available Security controls are prone to false positives and false negatives which can lead to unwanted reputation losses for the bank. The reputational database within the security operations center (SOC and intercorporate correlation of security events are offered as a solution to increase attack detection fidelity. The theses introduce the definition and structure of the reputation, architectures of reputational exchange and the place of intercorporate correlation in overall SOC correlation analysis.

  20. Modeling and Security Threat Assessments of Data Processed in Cloud Based Information Systems

    Directory of Open Access Journals (Sweden)

    Darya Sergeevna Simonenkova

    2016-03-01

    Full Text Available The subject of the research is modeling and security threat assessments of data processed in cloud based information systems (CBIS. This method allow to determine the current security threats of CBIS, state of the system in which vulnerabilities exists, level of possible violators, security properties and to generate recommendations for neutralizing security threats of CBIS.