Powered by Deep Web Technologies
Note: This page contains sample records for the topic "authentication bypass vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


1

T-594: IBM solidDB Password Hash Authentication Bypass Vulnerability  

Broader source: Energy.gov [DOE]

This vulnerability could allow remote attackers to execute arbitrary code on vulnerable installations of IBM solidDB. Authentication is not required to exploit this vulnerability.

2

V-057: eXtplorer "ext_find_user()" Authentication Bypass Vulnerability |  

Office of Environmental Management (EM)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "of EnergyEnergyENERGYWomen Owned SmallOf The 2012Nuclear Guide Remote Access08: DebianVulnerabilities

3

V-103: RSA Authentication Agent Lets Remote Users Bypass Authenticatio...  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

RSA Authentication Agent Lets Remote Users Bypass Authentication Requirements March 4, 2013 - 12:27am Addthis PROBLEM: RSA Authentication Agent Lets Remote Users Bypass...

4

U-188: MySQL User Login Security Bypass and Unspecified Vulnerability  

Broader source: Energy.gov [DOE]

An error when verifying authentication attempts can be exploited to bypass the authentication mechanism.

5

U-130: JBoss Operations Network LDAP Authentication Bug Lets...  

Broader source: Energy.gov (indexed) [DOE]

Hat Enterprise MRG Messaging Qpid Bug Lets Certain Remote Users Bypass Authentication V-036: EMC Smarts Network Configuration Manager Database Authentication Bypass Vulnerability...

6

V-106: Citrix Access Gateway Unspecified Security Bypass Vulnerability...  

Broader source: Energy.gov (indexed) [DOE]

V-106: Citrix Access Gateway Unspecified Security Bypass Vulnerability March 7, 2013 - 6:00am Addthis PROBLEM: A vulnerability has been reported in Citrix Access Gateway...

7

Nemesis: Preventing Authentication & Access Control Vulnerabilities in Web Applications  

E-Print Network [OSTI]

Nemesis: Preventing Authentication & Access Control Vulnerabilities in Web Applications Michael web applications. Authentication attacks occur when a web application authenticates users unsafely, granting access to web clients that lack the ap- propriate credentials. Access control attacks occur when

Sabatini, David M.

8

V-005: ModSecurity Multipart Message Parsing Security Bypass Vulnerability  

Broader source: Energy.gov [DOE]

SEC Consult has reported a vulnerability in ModSecurity, which can be exploited by malicious people to bypass certain security restrictions.

9

U-130: JBoss Operations Network LDAP Authentication Bug Lets Remote Users Bypass Authentication  

Broader source: Energy.gov [DOE]

A vulnerability was reported in JBoss Operations Network. A remote user can login with an arbitrary password in certain cases.

10

V-236: MediaWiki CentralAuth Extension Authentication Bypass Vulnerability  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr MayAtmosphericNuclear SecurityTensile Strain Switched Ferromagnetism inS-4500II Field EmissionFunctionalPortalV > 111 \il3:

11

V-057: eXtplorer "ext_find_user()" Authentication Bypass Vulnerability |  

Broader source: Energy.gov (indexed) [DOE]

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "ofEarly Career Scientists' Research Petroleum ReserveDepartment ofEnergy,PotomacGeneratorsA

12

V-216: Drupal Monster Menus Module Security Bypass and Script...  

Office of Environmental Management (EM)

Module Security Bypass and Denial of Service Vulnerability U-162: Drupal Multiple Vulnerabilities V-052: Drupal Core Access Bypass and Arbitrary PHP Code Execution Vulnerabilities...

13

V-186: Drupal Login Security Module Security Bypass and Denial...  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

U-162: Drupal Multiple Vulnerabilities V-052: Drupal Core Access Bypass and Arbitrary PHP Code Execution Vulnerabilities V-216: Drupal Monster Menus Module Security Bypass and...

14

T-728: Apache Tomcat HTTP DIGEST Authentication Weaknesses Let...  

Broader source: Energy.gov (indexed) [DOE]

8: Apache Tomcat HTTP DIGEST Authentication Weaknesses Let Remote Users Conduct Bypass Attacks T-728: Apache Tomcat HTTP DIGEST Authentication Weaknesses Let Remote Users Conduct...

15

V-052: Drupal Core Access Bypass and Arbitrary PHP Code Execution...  

Broader source: Energy.gov (indexed) [DOE]

2: Drupal Core Access Bypass and Arbitrary PHP Code Execution Vulnerabilities V-052: Drupal Core Access Bypass and Arbitrary PHP Code Execution Vulnerabilities December 21, 2012 -...

16

U-247: EMC Cloud Tiering Appliance Flaw Lets Remote Users Bypass...  

Broader source: Energy.gov (indexed) [DOE]

7: EMC Cloud Tiering Appliance Flaw Lets Remote Users Bypass Authentication and Gain Administrative Access U-247: EMC Cloud Tiering Appliance Flaw Lets Remote Users Bypass...

17

T-674: Drupal Secure Password Hashes Module Security Bypass Vulnerabil...  

Broader source: Energy.gov (indexed) [DOE]

or later. Addthis Related Articles V-052: Drupal Core Access Bypass and Arbitrary PHP Code Execution Vulnerabilities V-216: Drupal Monster Menus Module Security Bypass and...

18

V-036: EMC Smarts Network Configuration Manager Database Authenticatio...  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

36: EMC Smarts Network Configuration Manager Database Authentication Bypass Vulnerability V-036: EMC Smarts Network Configuration Manager Database Authentication Bypass...

19

T-709:Mac OS X Keychain Certificate Settings Can Be Bypassed...  

Broader source: Energy.gov (indexed) [DOE]

available at the time of this entry. Addthis Related Articles U-031: Microsoft Active Directory CRL Validation Flaw Lets Remote Users Bypass Authentication U-130: JBoss Operations...

20

V-162: Apache Struts "ParameterInterceptor" Security Bypass Vulnerabil...  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

vulnerability has been reported in Apache Struts, which can be exploited by malicious people to bypass certain security restrictions. REFERENCE LINKS: Secunia Advisory SA53495...

Note: This page contains sample records for the topic "authentication bypass vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


21

T-703: Cisco Unified Communications Manager Open Query Interface...  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

Identity Services Engine Discloses Authentication Credentials to Remote Users V-036: EMC Smarts Network Configuration Manager Database Authentication Bypass Vulnerability...

22

V-103: RSA Authentication Agent Lets Remote Users Bypass Authentication  

Broader source: Energy.gov (indexed) [DOE]

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "ofEarlyEnergyDepartment of EnergyProgram2-26TheUtility-Scale Wind &Apple iOSEnergyRequirements |

23

U-168: EMC Documentum Information Rights Management Server Bugs Let Remote Authenticated Users Deny Service  

Broader source: Energy.gov [DOE]

Two vulnerabilities were reported in EMC Documentum Information Rights Management Server. A remote authenticated user can cause denial of service conditions.

24

U-211: EMC Celerra/VNX/VNXe Access Control Bug Lets Remote Authenticated Users Access Files/Directories  

Broader source: Energy.gov [DOE]

A vulnerability was reported in EMC Celerra/VNX/VNXe. A remote authenticated user can access files and directories on the target file system.

25

V-096: Mozilla Thunderbird / SeaMonkey Multiple Vulnerabilities  

Broader source: Energy.gov [DOE]

A weakness and multiple vulnerabilities have been reported in Mozilla Thunderbird and SeaMonkey, which can be exploited by malicious people to disclose potentially sensitive information, conduct spoofing attacks, bypass certain security restrictions, and compromise a user's system.

26

Authentication of byte sequences  

SciTech Connect (OSTI)

Algorithms for the authentication of byte sequences are described. The algorithms are designed to authenticate data in the Storage, Retrieval, Analysis, and Display (SRAD) Test Data Archive of the Radiation Effects and Testing Directorate (9100) at Sandia National Laboratories, and may be used in similar situations where authentication of stored data is required. The algorithms use a well-known error detection method called the Cyclic Redundancy Check (CRC). When a byte sequence is authenticated and stored, CRC bytes are generated and attached to the end of the sequence. When the authenticated data is retrieved, the authentication check consists of processing the entire sequence, including the CRC bytes, and checking for a remainder of zero. The error detection properties of the CRC are extensive and result in a reliable authentication of SRAD data.

Stearns, S.D.

1991-06-01T23:59:59.000Z

27

Multi-factor authentication  

DOE Patents [OSTI]

Detection and deterrence of spoofing of user authentication may be achieved by including a cryptographic fingerprint unit within a hardware device for authenticating a user of the hardware device. The cryptographic fingerprint unit includes an internal physically unclonable function ("PUF") circuit disposed in or on the hardware device, which generates a PUF value. Combining logic is coupled to receive the PUF value, combines the PUF value with one or more other authentication factors to generate a multi-factor authentication value. A key generator is coupled to generate a private key and a public key based on the multi-factor authentication value while a decryptor is coupled to receive an authentication challenge posed to the hardware device and encrypted with the public key and coupled to output a response to the authentication challenge decrypted with the private key.

Hamlet, Jason R; Pierson, Lyndon G

2014-10-21T23:59:59.000Z

28

JC3 | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

Service Several vulnerabilities were reported in Wireshark. November 29, 2012 V-036: EMC Smarts Network Configuration Manager Database Authentication Bypass Vulnerability Two...

29

JC3 Bulletin Archive | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

Service Several vulnerabilities were reported in Wireshark. November 29, 2012 V-036: EMC Smarts Network Configuration Manager Database Authentication Bypass Vulnerability Two...

30

Authentication ofAuthentication ofAuthentication ofAuthentication of Degree Certificates Application Form Name in Full  

E-Print Network [OSTI]

Authentication ofAuthentication ofAuthentication ofAuthentication of Degree Certificates Application Form Name in Full Name in Full as Registered at King's Date of Birth Student ID number (IE degree certificate copies for authentication to: PLEASE REMEMBER TO INCLUDE COPIES OF YOUR CERTIFICATE(S

Applebaum, David

31

T-646: Debian fex authentication bypass | Department of Energy  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Delicious Rank EERE:YearRound-Up from the GridwiseSiteDepartmentChallengeCompliance7/109 TORNADO46: Debian fex

32

Public workstations: Authentication  

E-Print Network [OSTI]

identification. 3. Personal data With registration, library clients and guests accept that their personal dataPublic workstations: Authentication The public workstations require a personal login. This flyer will provide you with information on the procedure for receiving personal login details (authentication

Gilli, Adrian

33

Bypass Flow Study  

SciTech Connect (OSTI)

The purpose of the fluid dynamics experiments in the MIR (Matched Index of-Refraction) flow system at Idaho National Laboratory (INL) is to develop benchmark databases for the assessment of Computational Fluid Dynamics (CFD) solutions of the momentum equations, scalar mixing, and turbulence models for the flow ratios between coolant channels and bypass gaps in the interstitial regions of typical prismatic standard fuel element (SFE) or upper reflector block geometries of typical Modular High-temperature Gas-cooled Reactors (MHTGR) in the limiting case of negligible buoyancy and constant fluid properties. The experiments use Particle Image Velocimetry (PIV) to measure the velocity fields that will populate the bypass flow study database.

Richard Schultz

2011-09-01T23:59:59.000Z

34

V-237: TYPO3 Security Bypass Vulnerabilities | Department of Energy  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr MayAtmosphericNuclear SecurityTensile Strain Switched Ferromagnetism inS-4500II Field EmissionFunctionalPortalV > 111 \il3:7: TYPO3

35

U-169: Sympa Multiple Security Bypass Vulnerabilities | Department of  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Delicious RankCombustion |Energy Usage »of EnergyTheTwo New Energy Storage6Scripting Attacks |Service |

36

QKD Quantum Channel Authentication  

E-Print Network [OSTI]

Several simple yet secure protocols to authenticate the quantum channel of various QKD schemes, by coupling the photon sender's knowledge of a shared secret and the QBER Bob observes, are presented. It is shown that Alice can encrypt certain portions of the information needed for the QKD protocols, using a sequence whose security is based on computational-complexity, without compromising all of the sequence's entropy. It is then shown that after a Man-in-the-Middle attack on the quantum and classical channels, there is still enough entropy left in the sequence for Bob to detect the presence of Eve by monitoring the QBER. Finally, it is shown that the principles presented can be implemented to authenticate the quantum channel associated with any type of QKD scheme, and they can also be used for Alice to authenticate Bob.

J. T. Kosloski

2006-04-02T23:59:59.000Z

37

Key recycling in authentication  

E-Print Network [OSTI]

In their seminal work on authentication, Wegman and Carter propose that to authenticate multiple messages, it is sufficient to reuse the same hash function as long as each tag is encrypted with a one-time pad. They argue that because the one-time pad is perfectly hiding, the hash function used remains completely unknown to the adversary. Since their proof is not composable, we revisit it using a composable security framework. It turns out that the above argument is insufficient: if the adversary learns whether a corrupted message was accepted or rejected, information about the hash function is leaked, and after a bounded finite amount of rounds it is completely known. We show however that this leak is very small: Wegman and Carter's protocol is still $\\epsilon$-secure, if $\\epsilon$-almost strongly universal$_2$ hash functions are used. This implies that the secret key corresponding to the choice of hash function can be reused in the next round of authentication without any additional error than this $\\epsilon$. We also show that if the players have a mild form of synchronization, namely that the receiver knows when a message should be received, the key can be recycled for any arbitrary task, not only new rounds of authentication.

Christopher Portmann

2014-09-29T23:59:59.000Z

38

JC3 | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

Gateway Lets Remote Users Bypass Authentication and Conduct Cross-Site Scripting and Directory Traversal Attacks Several vulnerabilities were reported in McAfee Email Gateway....

39

JC3 Bulletin Archive | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

Gateway Lets Remote Users Bypass Authentication and Conduct Cross-Site Scripting and Directory Traversal Attacks Several vulnerabilities were reported in McAfee Email Gateway....

40

JC3 Bulletin Archive | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

vulnerabilities were reported in Symantec Messaging Gateway. August 29, 2012 U-247: EMC Cloud Tiering Appliance Flaw Lets Remote Users Bypass Authentication and Gain...

Note: This page contains sample records for the topic "authentication bypass vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


41

JC3 | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

vulnerabilities were reported in Symantec Messaging Gateway. August 29, 2012 U-247: EMC Cloud Tiering Appliance Flaw Lets Remote Users Bypass Authentication and Gain...

42

T-555: Adobe Acrobat and Reader Image Parsing Arbitrary Code Execution Vulnerability  

Broader source: Energy.gov [DOE]

Critical vulnerabilities have been identified in Adobe Reader X (10.0) for Windows and Macintosh; Adobe Reader 9.4.1 and earlier versions for Windows, Macintosh and UNIX; and Adobe Acrobat X (10.0) and earlier versions for Windows and Macintosh. These vulnerabilities could cause the application to crash and potentially allow an attacker to take control of the affected system. Risk for Adobe Reader X users is significantly lower, as none of these issues bypass Protected Mode mitigations.

43

T-528: Mozilla Firefox/Thunderbird/SeaMonkey Multiple HTML Injection Vulnerabilities  

Broader source: Energy.gov [DOE]

Mozilla Firefox/Thunderbird/SeaMonkey Multiple HTML Injection Vulnerabilities. Mozilla Firefox, SeaMonkey, and Thunderbird are prone to multiple HTML-injection vulnerabilities. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible.

44

Ecosystem Vulnerability Assessment - Patterns of Climate Change...  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

Ecosystem Vulnerability Assessment - Patterns of Climate Change Vulnerability in the Southwest Ecosystem Vulnerability Assessment - Patterns of Climate Change Vulnerability in the...

45

Interventions in Infrainguinal Bypass Grafts  

SciTech Connect (OSTI)

The interventional radiologist plays an important role in the detection and prevention of infrainguinal bypass failure. Early detection and evaluation of flow-limiting lesions effectively preserve graft (venous bypass and polyester or expanded polytetrafluoroethylene bypass) patency by identifying stenoses before occlusion occurs. Delay in treatment of the at-risk graft may result in graft failure and a reduced chance of successful revascularization. For this reason, surveillance protocols form an important part of follow-up after infrainguinal bypass surgery. As well as having an understanding of the application of imaging techniques including ultrasound, MR angiography, CT angiography and digital subtraction angiography, the interventional radiologist should have detailed knowledge of the minimally invasive therapeutic options. Percutaneous transluminal angioplasty (PTA), or alternatively cutting balloon angioplasty, is the interventional treatment of choice in prevention of graft failure and occlusion. Further alternatives include metallic stent placement, fibrinolysis, and mechanical thrombectomy. Primary assisted patency rates following PTA can be up to 65% at 5 years. When the endovascular approach is unsuccessful, these therapeutic options are complemented by surgical procedures including vein patch revision, jump grafting, or placement of a new graft.

Mueller-Huelsbeck, S., E-mail: muehue@rad.uni-kiel.de; Order, B.-M.; Jahnke, T. [University Hospital Schleswig-Holstein - Campus Kiel, Department of Radiology (Germany)

2006-02-15T23:59:59.000Z

46

T-696: RSA Adaptive Authentication Has Unspecified Remote Authenticated Session Re-use Flaw  

Broader source: Energy.gov [DOE]

An issue with Adaptive Authentication (On-Premise) was discovered which in certain circumstances might affect the out-of-the-box available authentication methods. In certain circumstances, when authentication information is compromised, and with the knowledge of additional session information, the authentication information might be reused within an active session.

47

Secure Anonymous RFID Authentication Protocols Christy Chatmon  

E-Print Network [OSTI]

and scalable. Keywords: RFID, Authentication, Anonymity, Privacy, Availability, Scalability. 1 Introduction technology is to automatically identify objects that are contained in electromagnetic fields. RFID tags doSecure Anonymous RFID Authentication Protocols Christy Chatmon Computer & Information Sciences

Burmester, Mike

48

IT Licentiate theses Query Authentication and  

E-Print Network [OSTI]

IT Licentiate theses 2008-002 Query Authentication and Data Confidentiality in Wireless Sensor of Licentiate of Philosophy in Computer Science at Uppsala University 2008 #12;Query Authentication and Data

Flener, Pierre

49

Energy vulnerability relationships  

SciTech Connect (OSTI)

The US consumption of crude oil resources has been a steadily growing indicator of the vitality and strength of the US economy. At the same time import diversity has also been a rapidly developing dimension of the import picture. In the early 1970`s, embargoes of crude oil from Organization of Producing and Exporting Countries (OPEC) created economic and political havoc due to a significant lack of diversity and a unique set of economic, political and domestic regulatory circumstances. The continued rise of imports has again led to concerns over the security of our crude oil resource but threats to this system must be considered in light of the diversity and current setting of imported oil. This report develops several important issues concerning vulnerability to the disruption of oil imports: (1) The Middle East is not the major supplier of oil to the United States, (2) The US is not vulnerable to having its entire import stream disrupted, (3) Even in stable countries, there exist vulnerabilities to disruption of the export stream of oil, (4) Vulnerability reduction requires a focus on international solutions, and (5) DOE program and policy development must reflect the requirements of the diverse supply. Does this increasing proportion of imported oil create a {open_quotes}dependence{close_quotes}? Does this increasing proportion of imported oil present a vulnerability to {open_quotes}price shocks{close_quotes} and the tremendous dislocations experienced during the 1970`s? Finally, what is the vulnerability of supply disruptions from the current sources of imported oil? If oil is considered to be a finite, rapidly depleting resource, then the answers to these questions must be {open_quotes}yes.{close_quotes} However, if the supply of oil is expanding, and not limited, then dependence is relative to regional supply sources.

Shaw, B.R.; Boesen, J.L.

1998-02-01T23:59:59.000Z

50

Plutonium Vulnerability Management Plan  

SciTech Connect (OSTI)

This Plutonium Vulnerability Management Plan describes the Department of Energy`s response to the vulnerabilities identified in the Plutonium Working Group Report which are a result of the cessation of nuclear weapons production. The responses contained in this document are only part of an overall, coordinated approach designed to enable the Department to accelerate conversion of all nuclear materials, including plutonium, to forms suitable for safe, interim storage. The overall actions being taken are discussed in detail in the Department`s Implementation Plan in response to the Defense Nuclear Facilities Safety Board (DNFSB) Recommendation 94-1. This is included as Attachment B.

NONE

1995-03-01T23:59:59.000Z

51

TwoKind Authentication: Usable Authenticators for Untrustworthy Environments  

E-Print Network [OSTI]

damage if the session or their password is compromised. 1. INTRODUCTION In today's Internet. Current authentication mechanisms such as one-time passwords [4] (such as RSA SecurID [3]) and privileged-time passwords limit the damage caused by stolen passwords, but allow full-scale damage in a hijacked session

Smith, Sean W.

52

Demonstrated Petroleum Reduction Using Oil Bypass Filter Technology...  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

Demonstrated Petroleum Reduction Using Oil Bypass Filter Technology on Heavy and Light Vehicles Demonstrated Petroleum Reduction Using Oil Bypass Filter Technology on Heavy and...

53

Thermal Bypass Air Barriers in the 2009 International Energy...  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

Thermal Bypass Air Barriers in the 2009 International Energy Conservation Code - Building America Top Innovation Thermal Bypass Air Barriers in the 2009 International Energy...

54

Obfuscated authentication systems, devices, and methods  

DOE Patents [OSTI]

Embodiments of the present invention are directed toward authentication systems, devices, and methods. Obfuscated executable instructions may encode an authentication procedure and protect an authentication key. The obfuscated executable instructions may require communication with a remote certifying authority for operation. In this manner, security may be controlled by the certifying authority without regard to the security of the electronic device running the obfuscated executable instructions.

Armstrong, Robert C; Hutchinson, Robert L

2013-10-22T23:59:59.000Z

55

Bypass diode for a solar cell  

DOE Patents [OSTI]

Bypass diodes for solar cells are described. In one embodiment, a bypass diode for a solar cell includes a substrate of the solar cell. A first conductive region is disposed above the substrate, the first conductive region of a first conductivity type. A second conductive region is disposed on the first conductive region, the second conductive region of a second conductivity type opposite the first conductivity type.

Rim, Seung Bum (Palo Alto, CA); Kim, Taeseok (San Jose, CA); Smith, David D. (Campbell, CA); Cousins, Peter J. (Menlo Park, CA)

2012-03-13T23:59:59.000Z

56

U-244: McAfee Email Gateway Lets Remote Users Bypass Authentication...  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

McAfee Email Gateway (MEG) 7.0.0 and 7.0.1 (MEG 6.7.x is NOT affected.) McAfee Email and Web Security (EWS) 5.6 Patch 3 and earlier McAfee Email and Web Security (EWS) 5.5 Patch 6...

57

V-236: MediaWiki CentralAuth Extension Authentication Bypass...  

Energy Savers [EERE]

Web: http:energy.govcioservicesincident-management E-mail: circ@jc3.doe.gov JC3 services are available to JC3-Joint Cybersecurity Coordination Center, and JC3 Contractors....

58

U-244: McAfee Email Gateway Lets Remote Users Bypass Authentication and  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Delicious RankCombustion |Energy Usage »of EnergyTheTwo New Energy Storage6ScriptingURL Address|Conduct Cross-Site

59

V-150: Apache VCL Input Validation Flaw Lets Remote Authenticated...  

Broader source: Energy.gov (indexed) [DOE]

Tomcat FORM Authenticator Lets Remote Users Conduct Session Fixation Attacks U-084: Cisco Digital Media Manager Lets Remote Authenticated Users Gain Elevated Privileges U-233:...

60

V-231: Cisco Identity Services Engine Discloses Authentication...  

Energy Savers [EERE]

231: Cisco Identity Services Engine Discloses Authentication Credentials to Remote Users V-231: Cisco Identity Services Engine Discloses Authentication Credentials to Remote Users...

Note: This page contains sample records for the topic "authentication bypass vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


61

Occurrence of Pesticides in Water, Sediment, and Soil from the Yolo Bypass, California  

E-Print Network [OSTI]

water and sediment from Yolo Bypass, California, 2004-2005.L. 2002. Californias Yolo Bypass: Evidence that floodfish. KEYWORDS pesticides, Yolo Bypass, fish, surface water,

Smalling, Kelly L.; Orlando, James L.; Kuivila, Kathryn M.

2007-01-01T23:59:59.000Z

62

DATABASE AUTHENTICATION BY DISTORTION FREE WATERMARKING  

E-Print Network [OSTI]

DATABASE AUTHENTICATION BY DISTORTION FREE WATERMARKING Sukriti Bhattacharya and Agostino Cortesi@dsi.unive.it, cortesi@unive.it Keywords: Database watermarking, ZAW, Public key watermark, Abstract interpretation the verification of integrity of the relational databases by using a public zero distortion authentication

Cortesi, Tino

63

Verifying authentication protocols with CSP Steve Schneider  

E-Print Network [OSTI]

Verifying authentication protocols with CSP Steve Schneider Department of Computer Science Royal of Communicating Sequential Processes (CSP). It is il- lustrated by an examination of the Needham-Schroeder public of authentication protocols, built on top of the gen- eral CSP semantic framework. This approach aims to combine

Doran, Simon J.

64

Common Control System Vulnerability  

SciTech Connect (OSTI)

The Control Systems Security Program and other programs within the Idaho National Laboratory have discovered a vulnerability common to control systems in all sectors that allows an attacker to penetrate most control systems, spoof the operator, and gain full control of targeted system elements. This vulnerability has been identified on several systems that have been evaluated at INL, and in each case a 100% success rate of completing the attack paths that lead to full system compromise was observed. Since these systems are employed in multiple critical infrastructure sectors, this vulnerability is deemed common to control systems in all sectors. Modern control systems architectures can be considered analogous to today's information networks, and as such are usually approached by attackers using a common attack methodology to penetrate deeper and deeper into the network. This approach often is composed of several phases, including gaining access to the control network, reconnaissance, profiling of vulnerabilities, launching attacks, escalating privilege, maintaining access, and obscuring or removing information that indicates that an intruder was on the system. With irrefutable proof that an external attack can lead to a compromise of a computing resource on the organization's business local area network (LAN), access to the control network is usually considered the first phase in the attack plan. Once the attacker gains access to the control network through direct connections and/or the business LAN, the second phase of reconnaissance begins with traffic analysis within the control domain. Thus, the communications between the workstations and the field device controllers can be monitored and evaluated, allowing an attacker to capture, analyze, and evaluate the commands sent among the control equipment. Through manipulation of the communication protocols of control systems (a process generally referred to as ''reverse engineering''), an attacker can then map out the control system processes and functions. With the detailed knowledge of how the control data functions, as well as what computers and devices communicate using this data, the attacker can use a well known Man-in-the-Middle attack to perform malicious operations virtually undetected. The control systems assessment teams have used this method to gather enough information about the system to craft an attack that intercepts and changes the information flow between the end devices (controllers) and the human machine interface (HMI and/or workstation). Using this attack, the cyber assessment team has been able to demonstrate complete manipulation of devices in control systems while simultaneously modifying the data flowing back to the operator's console to give false information of the state of the system (known as ''spoofing''). This is a very effective technique for a control system attack because it allows the attacker to manipulate the system and the operator's situational awareness of the perceived system status. The three main elements of this attack technique are: (1) network reconnaissance and data gathering, (2) reverse engineering, and (3) the Man-in-the-Middle attack. The details of this attack technique and the mitigation techniques are discussed.

Trent Nelson

2005-12-01T23:59:59.000Z

65

Final report for the network authentication investigation and pilot.  

SciTech Connect (OSTI)

New network based authentication mechanisms are beginning to be implemented in industry. This project investigated different authentication technologies to see if and how Sandia might benefit from them. It also investigated how these mechanisms can integrate with the Sandia Two-Factor Authentication Project. The results of these investigations and a network authentication path forward strategy are documented in this report.

Eldridge, John M.; Dautenhahn, Nathan; Miller, Marc M.; Wiener, Dallas J; Witzke, Edward L.

2006-11-01T23:59:59.000Z

66

AUTHENTICATED  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr MayAtmospheric Optical Depth (AOD)Productssondeadjustsondeadjust DocumentationARMStreamsUSBudget AdvancedASSESSINGEnergy

67

AVTA: Oil Bypass Filter Specifications and Test Procedures  

Broader source: Energy.gov [DOE]

PuraDYN Oil Bypass Filtration System Evaluation Test Plan methodology is used in the testing of all oil bypass filters on the buses at the Idaho National Laboratory.

68

U-174: Serendipity Unspecified SQL Injection Vulnerability |...  

Broader source: Energy.gov (indexed) [DOE]

4: Serendipity Unspecified SQL Injection Vulnerability U-174: Serendipity Unspecified SQL Injection Vulnerability May 22, 2012 - 7:00am Addthis PROBLEM: Serendipity Unspecified SQL...

69

Bypass apparatus and method for series connected energy storage devices  

DOE Patents [OSTI]

A bypass apparatus and method for series connected energy storage devices. Each of the energy storage devices coupled to a common series connection has an associated bypass unit connected thereto in parallel. A current bypass unit includes a sensor which is coupled in parallel with an associated energy storage device or cell and senses an energy parameter indicative of an energy state of the cell, such as cell voltage. A bypass switch is coupled in parallel with the energy storage cell and operable between a non-activated state and an activated state. The bypass switch, when in the non-activated state, is substantially non-conductive with respect to current passing through the energy storage cell and, when in the activated state, provides a bypass current path for passing current to the series connection so as to bypass the associated cell. A controller controls activation of the bypass switch in response to the voltage of the cell deviating from a pre-established voltage setpoint. The controller may be included within the bypass unit or be disposed on a control platform external to the bypass unit. The bypass switch may, when activated, establish a permanent or a temporary bypass current path.

Rouillard, Jean (Saint-Luc, CA); Comte, Christophe (Montreal, CA); Daigle, Dominik (St-Hyacinthe, CA)

2000-01-01T23:59:59.000Z

70

V-017: Apache Tomcat Security Bypass and Denial of Service Vulnerabilities  

Broader source: Energy.gov (indexed) [DOE]

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "ofEarlyEnergyDepartment of EnergyProgram2-26TheUtility-Scale Wind & Solar Power in the| Department

71

V-162: Apache Struts "ParameterInterceptor" Security Bypass Vulnerability |  

Broader source: Energy.gov (indexed) [DOE]

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "ofEarly Career Scientists' Research Petroleum ReserveDepartmentScripting Attacks |Department of Energy has

72

V-197: Adobe ColdFusion 10 WebSockets Security Bypass Vulnerability |  

Broader source: Energy.gov (indexed) [DOE]

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "ofEarly Career Scientists' Research Petroleum ReserveDepartmentScripting AttacksThereDepartment of

73

MAPPING CLIMATE CHANGE EXPOSURES, VULNERABILITIES,  

E-Print Network [OSTI]

MAPPING CLIMATE CHANGE EXPOSURES, VULNERABILITIES, AND ADAPTATION TO PUBLIC HEALTH RISKS's California Climate Change Center JULY 2012 CEC5002012041 Prepared for: California Energy Commission of California. #12; ii ABSTRACT This study reviewed first available frameworks for climate change adaptation

74

V-092: Pidgin Multiple Vulnerabilities  

Broader source: Energy.gov [DOE]

Multiple vulnerabilities have been reported in Pidgin, which can be exploited by malicious people to manipulate certain data, cause a DoS (Denial of Service), and compromise a user's system.

75

Hardware device binding and mutual authentication  

DOE Patents [OSTI]

Detection and deterrence of device tampering and subversion by substitution may be achieved by including a cryptographic unit within a computing device for binding multiple hardware devices and mutually authenticating the devices. The cryptographic unit includes a physically unclonable function ("PUF") circuit disposed in or on the hardware device, which generates a binding PUF value. The cryptographic unit uses the binding PUF value during an enrollment phase and subsequent authentication phases. During a subsequent authentication phase, the cryptographic unit uses the binding PUF values of the multiple hardware devices to generate a challenge to send to the other device, and to verify a challenge received from the other device to mutually authenticate the hardware devices.

Hamlet, Jason R; Pierson, Lyndon G

2014-03-04T23:59:59.000Z

76

Interception and modification of network authentication packets with the purpose of allowing alternative authentication modes  

DOE Patents [OSTI]

Methods and systems in a data/computer network for authenticating identifying data transmitted from a client to a server through use of a gateway interface system which are communicately coupled to each other are disclosed. An authentication packet transmitted from a client to a server of the data network is intercepted by the interface, wherein the authentication packet is encrypted with a one-time password for transmission from the client to the server. The one-time password associated with the authentication packet can be verified utilizing a one-time password token system. The authentication packet can then be modified for acceptance by the server, wherein the response packet generated by the server is thereafter intercepted, verified and modified for transmission back to the client in a similar but reverse process.

Kent, Alexander Dale (Los Alamos, NM)

2008-09-02T23:59:59.000Z

77

Are Vulnerability Disclosure Deadlines Justified?  

SciTech Connect (OSTI)

Vulnerability research organizations Rapid7, Google Security team, and Zero Day Initiative recently imposed grace periods for public disclosure of vulnerabilities. The grace periods ranged from 45 to 182 days, after which disclosure might occur with or without an effective mitigation from the affected software vendor. At this time there is indirect evidence that the shorter grace periods of 45 and 60 days may not be practical. However, there is strong evidence that the recently announced Zero Day Initiative grace period of 182 days yields benefit in speeding up the patch creation process, and may be practical for many software products. Unfortunately, there is also evidence that the 182 day grace period results in more vulnerability announcements without an available patch.

Miles McQueen; Jason L. Wright; Lawrence Wellman

2011-09-01T23:59:59.000Z

78

A service-oriented architecture for authentication and authorization  

E-Print Network [OSTI]

THESIS A Service-oriented Architecture for AuthenticationSAN DIEGO A Service-oriented Architecture for Authentication2.0, which is a service-oriented architecture that addresses

Hamedtoolloei, Hamidreza

2009-01-01T23:59:59.000Z

79

V-174: RSA Authentication Manager Writes Operating System, SNMP...  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

4: RSA Authentication Manager Writes Operating System, SNMP, and HTTP Plug-in Proxy Passwords in Clear Text to Log Files V-174: RSA Authentication Manager Writes Operating System,...

80

PAP: A Privacy and Authentication Protocol for Passive RFID Tags  

E-Print Network [OSTI]

PAP: A Privacy and Authentication Protocol for Passive RFID Tags Alex X. Liu LeRoy A. Bailey for RFID tags is necessary to ensure the privacy and authentication between each tag and their reader. In order to accomplish this, we propose PAP, a privacy and authentication protocol for passive RFID tags

Liu, Alex X.

Note: This page contains sample records for the topic "authentication bypass vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


81

REALIZING TWO-FACTOR AUTHENTICATION FOR THE BITCOIN PROTOCOL  

E-Print Network [OSTI]

REALIZING TWO-FACTOR AUTHENTICATION FOR THE BITCOIN PROTOCOL Christopher Mann and Daniel Loebenberger 15 August 2014 Abstract. We show how to realize two-factor authentication for a Bitcoin wal- let a prototypic implementation of a Bitcoin wallet that offers both: two-factor authentication and verification

82

FORENSIC CONNOISSEURSHIP, JACKSON POLLOCK, AND THE AUTHENTIC EYE  

E-Print Network [OSTI]

FORENSIC CONNOISSEURSHIP, JACKSON POLLOCK, AND THE AUTHENTIC EYE by Francis V. O'Connor, Ph shall proceed to some general #12;Forensic Connoisseurship, Pollock, & The Authentic Eye - F. V. O, the training of authentic eyes and forensic connoisseurs -- concluding with a final thought on the historicity

Taylor, Richard

83

CLIMATE CHANGE IMPACTS, VULNERABILITIES, AND  

E-Print Network [OSTI]

CLIMATE CHANGE IMPACTS, VULNERABILITIES, AND ADAPTATION IN THE SAN FRANCISCO BAY AREA Commission's California Climate Change Center JULY 2012 CEC5002012071 Prepared for: California Energy, as well as projections of future changes in climate based on modeling studies using various plausible

84

T-565: Vulnerability in Microsoft Malware Protection Engine Could...  

Broader source: Energy.gov (indexed) [DOE]

5: Vulnerability in Microsoft Malware Protection Engine Could Allow Elevation of PrivilegeVulnerability T-565: Vulnerability in Microsoft Malware Protection Engine Could Allow...

85

Spatial Data Authentication Using Mathematical Visualization  

E-Print Network [OSTI]

Spatial Data Authentication Using Mathematical Visualization Vert, G., Harris, F., Nasser, S. Dept has become an increasingly compromised method to transmit any type of data including spatial data. Due to the criticality of spatial data in decision making processes that range from military targeting to urban planning

Harris Jr., Frederick C.

86

A SECURE AUTHENTICATION INFRASTRUCTURE FOR MOBILE  

E-Print Network [OSTI]

. In this paper, we propose to secure an infrastructure providing telecommunication services on the Internet- bile Internet Telecommunication services (MobInTel). We present this infrastructure in detailsA SECURE AUTHENTICATION INFRASTRUCTURE FOR MOBILE COMMUNICATION SERVICES OVER THE INTERNET Ir

von Bochmann, Gregor

87

Bypass diode for a solar cell  

DOE Patents [OSTI]

Methods of fabricating bypass diodes for solar cells are described. In once embodiment, a method includes forming a first conductive region of a first conductivity type above a substrate of a solar cell. A second conductive region of a second conductivity type is formed on the first conductive region. In another embodiment, a method includes forming a first conductive region of a first conductivity type above a substrate of a solar cell. A second conductive region of a second conductivity type is formed within, and surrounded by, an uppermost portion of the first conductive region but is not formed in a lowermost portion of the first conductive region.

Rim, Seung Bum; Kim, Taeseok; Smith, David D; Cousins, Peter J

2013-11-12T23:59:59.000Z

88

Oil Bypass Filter and Diesel Engine Idling Wear-Rate Evaluations...  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

Bypass Filter and Diesel Engine Idling Wear-Rate Evaluations Oil Bypass Filter and Diesel Engine Idling Wear-Rate Evaluations 2005 Diesel Engine Emissions Reduction (DEER)...

89

E-Print Network 3.0 - aortocoronary bypass surgery Sample Search...  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

and MRI measurement of flow in an aorto-coronary bypass graft with various inlet flow conditions... . Introduction Bypass graft surgery is a widely applied procedure to relieve...

90

Climate Vulnerabilities | Department of Energy  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May JunDatastreamsmmcrcalgovInstrumentsruc DocumentationP-Series to User Group and Userof aChristinaCliff joins EMSLClimate Vulnerabilities

91

Verifiable process monitoring through enhanced data authentication.  

SciTech Connect (OSTI)

To ensure the peaceful intent for production and processing of nuclear fuel, verifiable process monitoring of the fuel production cycle is required. As part of a U.S. Department of Energy (DOE)-EURATOM collaboration in the field of international nuclear safeguards, the DOE Sandia National Laboratories (SNL), the European Commission Joint Research Centre (JRC) and Directorate General-Energy (DG-ENER) developed and demonstrated a new concept in process monitoring, enabling the use of operator process information by branching a second, authenticated data stream to the Safeguards inspectorate. This information would be complementary to independent safeguards data, improving the understanding of the plant's operation. The concept is called the Enhanced Data Authentication System (EDAS). EDAS transparently captures, authenticates, and encrypts communication data that is transmitted between operator control computers and connected analytical equipment utilized in nuclear processes controls. The intent is to capture information as close to the sensor point as possible to assure the highest possible confidence in the branched data. Data must be collected transparently by the EDAS: Operator processes should not be altered or disrupted by the insertion of the EDAS as a monitoring system for safeguards. EDAS employs public key authentication providing 'jointly verifiable' data and private key encryption for confidentiality. Timestamps and data source are also added to the collected data for analysis. The core of the system hardware is in a security enclosure with both active and passive tamper indication. Further, the system has the ability to monitor seals or other security devices in close proximity. This paper will discuss the EDAS concept, recent technical developments, intended application philosophy and the planned future progression of this system.

Goncalves, Joao G. M. (European Commission Joint Research Centre, Italy); Schwalbach, Peter (European Commission Directorate General%3CU%2B2014%3EEnergy, Luxemburg); Schoeneman, Barry Dale; Ross, Troy D.; Baldwin, George Thomas

2010-09-01T23:59:59.000Z

92

CFD Analysis of Core Bypass Phenomena  

SciTech Connect (OSTI)

The U.S. Department of Energy is exploring the potential for the VHTR which will be either of a prismatic or a pebble-bed type. One important design consideration for the reactor core of a prismatic VHTR is coolant bypass flow which occurs in the interstitial regions between fuel blocks. Such gaps are an inherent presence in the reactor core because of tolerances in manufacturing the blocks and the inexact nature of their installation. Furthermore, the geometry of the graphite blocks changes over the lifetime of the reactor because of thermal expansion and irradiation damage. The existence of the gaps induces a flow bias in the fuel blocks and results in unexpected increase of maximum fuel temperature. Traditionally, simplified methods such as flow network calculations employing experimental correlations are used to estimate flow and temperature distributions in the core design. However, the distribution of temperature in the fuel pins and graphite blocks as well as coolant outlet temperatures are strongly coupled with the local heat generation rate within fuel blocks which is not uniformly distributed in the core. Hence, it is crucial to establish mechanistic based methods which can be applied to the reactor core thermal hydraulic design and safety analysis. Computational Fluid Dynamics (CFD) codes, which have a capability of local physics based simulation, are widely used in various industrial fields. This study investigates core bypass flow phenomena with the assistance of commercial CFD codes and establishes a baseline for evaluation methods. A one-twelfth sector of the hexagonal block surface is modeled and extruded down to whole core length of 10.704m. The computational domain is divided vertically with an upper reflector, a fuel section and a lower reflector. Each side of the sector grid can be set as a symmetry boundary

Richard W. Johnson; Hiroyuki Sato; Richard R. Schultz

2010-03-01T23:59:59.000Z

93

CFD Analysis of Core Bypass Phenomena  

SciTech Connect (OSTI)

The U.S. Department of Energy is exploring the potential for the VHTR which will be either of a prismatic or a pebble-bed type. One important design consideration for the reactor core of a prismatic VHTR is coolant bypass flow which occurs in the interstitial regions between fuel blocks. Such gaps are an inherent presence in the reactor core because of tolerances in manufacturing the blocks and the inexact nature of their installation. Furthermore, the geometry of the graphite blocks changes over the lifetime of the reactor because of thermal expansion and irradiation damage. The existence of the gaps induces a flow bias in the fuel blocks and results in unexpected increase of maximum fuel temperature. Traditionally, simplified methods such as flow network calculations employing experimental correlations are used to estimate flow and temperature distributions in the core design. However, the distribution of temperature in the fuel pins and graphite blocks as well as coolant outlet temperatures are strongly coupled with the local heat generation rate within fuel blocks which is not uniformly distributed in the core. Hence, it is crucial to establish mechanistic based methods which can be applied to the reactor core thermal hydraulic design and safety analysis. Computational Fluid Dynamics (CFD) codes, which have a capability of local physics based simulation, are widely used in various industrial fields. This study investigates core bypass flow phenomena with the assistance of commercial CFD codes and establishes a baseline for evaluation methods. A one-twelfth sector of the hexagonal block surface is modeled and extruded down to whole core length of 10.704m. The computational domain is divided vertically with an upper reflector, a fuel section and a lower reflector. Each side of the one-twelfth grid can be set as a symmetry boundary

Richard W. Johnson; Hiroyuki Sato; Richard R. Schultz

2009-11-01T23:59:59.000Z

94

Assessing the Security Vulnerabilities of Correctional Facilities  

SciTech Connect (OSTI)

The National Institute of Justice has tasked their Satellite Facility at Sandia National Laboratories and their Southeast Regional Technology Center in Charleston, South Carolina to devise new procedures and tools for helping correctional facilities to assess their security vulnerabilities. Thus, a team is visiting selected correctional facilities and performing vulnerability assessments. A vulnerability assessment helps to identi~ the easiest paths for inmate escape, for introduction of contraband such as drugs or weapons, for unexpected intrusion fi-om outside of the facility, and for the perpetration of violent acts on other inmates and correctional employees, In addition, the vulnerability assessment helps to quantify the security risks for the facility. From these initial assessments will come better procedures for performing vulnerability assessments in general at other correctional facilities, as well as the development of tools to assist with the performance of such vulnerability assessments.

Morrison, G.S.; Spencer, D.S.

1998-10-27T23:59:59.000Z

95

Formal analysis of device authentication applications in ubiquitous computing.  

SciTech Connect (OSTI)

Authentication between mobile devices in ad-hoc computing environments is a challenging problem. Without pre-shared knowledge, existing applications rely on additional communication methods, such as out-of-band or location-limited channels for device authentication. However, no formal analysis has been conducted to determine whether out-of-band channels are actually necessary. We answer this question through formal analysis, and use BAN logic to show that device authentication using a single channel is not possible.

Shin, Dongwan (New Mexico Tech, Socorro, NM); Claycomb, William R.

2010-11-01T23:59:59.000Z

96

Leveraging Personal Devices for Stronger Password Authentication from Untrusted Computers  

E-Print Network [OSTI]

protocols are vulnerable to attacks including keylogging, phishing, and pharming, which can extract user

Van Oorschot, Paul

97

Serious leisure, participation and experience in tourism: authenticity and ritual in a renaissance festival  

E-Print Network [OSTI]

the serious festival participation were reminiscent of tourism existential authenticity specified by Wang (1999) as two levels: intrapersonal authenticity (gaining one?s true self) and interpersonal authenticity (gaining true human relationship). A search...

Kim, Hyounggon

2005-02-17T23:59:59.000Z

98

A Flexible Approach to Embedded Network Multicast Authentication  

E-Print Network [OSTI]

A Flexible Approach to Embedded Network Multicast Authentication Chris Szilagyi ECE Department Carnegie Mellon University szilagyi@cmu.edu Philip Koopman ECE Department Carnegie Mellon University

Koopman, Philip

99

Shouhuai Xu 2000 1 Password-based Authentication and  

E-Print Network [OSTI]

&AKE FBackground knowledge FPrevious solutions to authentication: The Trouble FBeing implemented proposals: Server FBeing implemented proposals: Server has a cert. FWeaker assumption proposals: Server has no cert

Sandhu, Ravi

100

T-540: Sybase EAServer Multiple Vulnerabilities | Department...  

Broader source: Energy.gov (indexed) [DOE]

and Remote Directory Traversal Vulnerability issues. Addthis Related Articles T-647: PHP File Upload Bug May Let Remote Users Overwrite Files on the Target System U-198: IBM...

Note: This page contains sample records for the topic "authentication bypass vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


101

Assessing Climate Change Impacts, Vulnerability and Adaptation...  

Open Energy Info (EERE)

The Case of Pantabangan-Carranglan Watershed Jump to: navigation, search Name Assessing Climate Change Impacts, Vulnerability and Adaptation: The Case of Pantabangan-Carranglan...

102

Oil Bypass Filter Technology Performance Evaluation - First Quarterly Report  

SciTech Connect (OSTI)

This report details the initial activities to evaluate the performance of the oil bypass filter technology being tested by the Idaho National Engineering and Environmental Laboratory (INEEL) for the U.S. Department of Energy's FreedomCAR & Vehicle Technologies Program. Eight full-size, four-cycle diesel-engine buses used to transport INEEL employees on various routes have been equipped with oil bypass systems from the puraDYN Corporation. Each bus averages about 60,000 miles a year. The evaluation includes an oil analysis regime to monitor the presence of necessary additives in the oil and to detect undesirable contaminants. Very preliminary economic analysis suggests that the oil bypass system can reduce life-cycle costs. As the evaluation continues and oil avoidance costs are quantified, it is estimated that the bypass system economics may prove increasingly favorable, given the anticipated savings in operational costs and in reduced use of oil and waste oil avoidance.

Zirker, L.R.; Francfort, J.E.

2003-01-31T23:59:59.000Z

103

Oil Bypass Filter Technology Performance Evaluation - January 2003 Quarterly Report  

SciTech Connect (OSTI)

This report details the initial activities to evaluate the performance of the oil bypass filter technology being tested by the Idaho National Engineering and Environmental Laboratory (INEEL) for the U.S. Department of Energy's FreedomCAR & Vehicle Technologies Program. Eight full-size, four-cycle diesel-engine buses used to transport INEEL employees on various routes have been equipped with oil bypass systems from the puraDYN Corporation. Each bus averages about 60,000 miles a year. The evaluation includes an oil analysis regime to monitor the presence of necessary additives in the oil and to detect undesirable contaminants. Very preliminary economic analysis suggests that the oil bypass system can reduce life-cycle costs. As the evaluation continues and oil avoidance costs are quantified, it is estimated that the bypass system economics may prove increasingly favorable, given the anticipated savings in operational costs and in reduced use of oil and waste oil avoidance.

Laurence R. Zirker; James E. Francfort

2003-01-01T23:59:59.000Z

104

Development of By-Pass Blending Station System  

E-Print Network [OSTI]

A new building blending station system named by-pass blending station (BBS) has been developed to reduce building pump energy consumption in both district heating and cooling systems. Theoretical investigation demonstrated that the BBS can...

Liu, M.; Barnes, D.; Bunz, K.; Rosenberry, N.

2003-01-01T23:59:59.000Z

105

EA-1262: McKay Bypass Canal Extension, Golden, Colorado  

Broader source: Energy.gov [DOE]

This EA evaluates the environmental impacts for the proposal to extend the McKay Bypass Canal in order to route water from the existing Canal north of the Walnut Creek drainage on the east side of...

106

Proliferation Vulnerability Red Team report  

SciTech Connect (OSTI)

This report is the product of a four-month independent technical assessment of potential proliferation vulnerabilities associated with the plutonium disposition alternatives currently under review by DOE/MD. The scope of this MD-chartered/Sandia-led study was limited to technical considerations that could reduce proliferation resistance during various stages of the disposition processes below the Stored Weapon/Spent Fuel standards. Both overt and covert threats from host nation and unauthorized parties were considered. The results of this study will be integrated with complementary work by others into an overall Nonproliferation and Arms Control Assessment in support of a Secretarial Record of Decision later this year for disposition of surplus U.S. weapons plutonium.

Hinton, J.P.; Barnard, R.W.; Bennett, D.E. [and others

1996-10-01T23:59:59.000Z

107

Bypass flow computations on the LOFA transient in a VHTR  

SciTech Connect (OSTI)

Bypass flow in the prismatic gas-cooled very high temperature reactor (VHTR) is not intentionally designed to occur, but is present in the gaps between graphite blocks. Previous studies of the bypass flow in the core indicated that the cooling provided by flow in the bypass gaps had a significant effect on temperature and flow distributions for normal operating conditions. However, the flow and heat transports in the core are changed significantly after a Loss of Flow Accident (LOFA). This study aims to study the effect and role of the bypass flow after a LOFA in terms of the temperature and flow distributions and for the heat transport out of the core by natural convection of the coolant for a 1/12 symmetric section of the active core which is composed of images and mirror images of two sub-region models. The two sub-region models, 9 x 1/12 and 15 x 1/12 symmetric sectors of the active core, are employed as the CFD flow models using computational grid systems of 70.2 million and 117 million nodes, respectively. It is concluded that the effect of bypass flow is significant for the initial conditions and the beginning of LOFA, but the bypass flow has little effect after a long period of time in the transient computation of natural circulation.

Yu-Hsin Tung [National Tsing Hua Univ., Hsinchu (Taiwan). Inst. of Nuclear Engineering and Science; Richard W. Johnson [Idaho National Laboratory (INL), Idaho Falls, ID (United States); Yuh-Ming Ferng [National Tsing Hua Univ., Hsinchu (Taiwan). Inst. of Nuclear Engineering and Science; Ching-Chang Chieng [City Univ. of Hong Kong, Kowloon (Hong Kong). Dept. of Mechanical and Biomedical Engineering

2014-01-01T23:59:59.000Z

108

Detecting Network Vulnerabilities Through Graph Theoretical Methods  

E-Print Network [OSTI]

vulnerabilities in power networks is an important prob- lem, as even a small number of vulnerable connections can benchmark power networks. 1 Introduction The electric power grid network is susceptible to power outages northeast and Canada, which affected an estimated 50 million people, causing over $6 billion in damage

Geddes, Cameron Guy Robinson

109

SEISMIC VULNERABILITY ASSESSMENT USING AMBIENT VIBRATIONS  

E-Print Network [OSTI]

SEISMIC VULNERABILITY ASSESSMENT USING AMBIENT VIBRATIONS: METHOD AND VALIDATION Clotaire Michel, France cmichel@obs.ujf-grenoble.fr Abstract Seismic vulnerability in wide areas is usually assessed like USA or Italy. France is a country with moderate seismicity so that it requires lower-cost methods

Paris-Sud XI, Université de

110

Enhancing CardSpace Authentication Using a Mobile Device  

E-Print Network [OSTI]

, authentication. 1 Introduction In line with the continuing increase in the number of on-line services requir- ing design goals of CardSpace is to reduce reliance on password authentication. We address this limitation, since the additional overhead is handled by the client. The remainder of the paper is

Sheldon, Nathan D.

111

Multi-Level TESLA: Broadcast Authentication for Distributed Sensor Networks  

E-Print Network [OSTI]

Multi-Level µTESLA: Broadcast Authentication for Distributed Sensor Networks DONGGANG LIU and PENG named multi-level µTESLA based on µTESLA, a broadcast authentication protocol whose scalability is limited by its unicast-based initial parameter distribution. Multi-level µTESLA satisfies several nice

Ning, Peng

112

On the construction of digest functions for manual authentication protocols  

E-Print Network [OSTI]

On the construction of digest functions for manual authentication protocols Abstract A digest. Frequently a digest function needs to have a very short output (e.g. 1632 bits) and no key is used to digest, notably message authentication codes or MACs. Short digests can be constructed directly or by "condensing

Jeavons, Peter

113

Hardware authentication using transmission spectra modified optical fiber.  

SciTech Connect (OSTI)

The ability to authenticate the source and integrity of data is critical to the monitoring and inspection of special nuclear materials, including hardware related to weapons production. Current methods rely on electronic encryption/authentication codes housed in monitoring devices. This always invites the question of implementation and protection of authentication information in an electronic component necessitating EMI shielding, possibly an on board power source to maintain the information in memory. By using atomic layer deposition techniques (ALD) on photonic band gap (PBG) optical fibers we will explore the potential to randomly manipulate the output spectrum and intensity of an input light source. This randomization could produce unique signatures authenticating devices with the potential to authenticate data. An external light source projected through the fiber with a spectrometer at the exit would 'read' the unique signature. No internal power or computational resources would be required.

Grubbs, Robert K.; Romero, Juan A.

2010-09-01T23:59:59.000Z

114

T-550: Apache Denial of Service Vulnerability | Department of...  

Broader source: Energy.gov (indexed) [DOE]

1.2.8 Multiple Vulnerabilities U-221: ISC BIND 9 DNSSEC Validation CVE-2012-3817 Denial of Service Vulnerability T-616: PHP Stream Component Remote Denial of Service Vulnerability...

115

Locating Climate Insecurity: Where Are the Most Vulnerable Places...  

Open Energy Info (EERE)

disasters, (2) household and community vulnerability, (3) governance and political violence, and (4) population density. Each of these areas of vulnerability was given...

116

V-090: Adobe Flash Player / AIR Multiple Vulnerabilities | Department...  

Broader source: Energy.gov (indexed) [DOE]

0: Adobe Flash Player AIR Multiple Vulnerabilities V-090: Adobe Flash Player AIR Multiple Vulnerabilities February 13, 2013 - 12:14am Addthis PROBLEM: Adobe Flash Player AIR...

117

aquifer contamination vulnerability: Topics by E-print Network  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

species vulnerability to climate and land use change: the case projections of likely impacts of global change to identify the most vulner- able species. We suggest an original...

118

Common Cyber Security Vulnerabilities Observed in Control System...  

Broader source: Energy.gov (indexed) [DOE]

Common Cyber Security Vulnerabilities Observed in Control System Assessments by the INL NSTB Program Common Cyber Security Vulnerabilities Observed in Control System Assessments by...

119

CLIMATE VULNERABILITY AND ADAPTATION STUDY FOR  

E-Print Network [OSTI]

CLIMATE VULNERABILITY AND ADAPTATION STUDY FOR CALIFORNIA Legal Analysis of Barriers's California Climate Change Center JULY 2012 CEC5002012019 Prepared for: California Energy Commission to that framework that would facilitate adaptation to climate change. Since such changes may be difficult

120

Cancer Vulnerabilities Unveiled by Genomic Loss  

E-Print Network [OSTI]

Due to genome instability, most cancers exhibit loss of regions containing tumor suppressor genes and collateral loss of other genes. To identify cancer-specific vulnerabilities that are the result of copy number losses, ...

Nijhawan, Deepak

Note: This page contains sample records for the topic "authentication bypass vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


121

HYDROLOGY AND CHEMISTRY OF FLOODWATERS IN THE YOLO BYPASS, SACRAMENTO RIVER SYSTEM, CALIFORNIA, DURING 2000.  

E-Print Network [OSTI]

HYDROLOGY AND CHEMISTRY OF FLOODWATERS IN THE YOLO BYPASS, SACRAMENTO RIVER SYSTEM, CALIFORNIA..................................................1 Introduction..............................................2 Hydrology of the Yolo Bypass....................7 Dissolved Metals....................................10 Samples collected by boat in the Yolo

122

Profitability of CCS with flue gas bypass and solvent storage Supplementary Information  

E-Print Network [OSTI]

1 Profitability of CCS with flue gas bypass and solvent storage #12; 2 Perfect information model formulation Sets t T Time, in hours, from K Capital cost to oversize turbine if solvent storage or bypass are used

Jaramillo, Paulina

123

V-001: Mozilla Security vulnerabilities | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

is accessible by other domain objects, which can be exploited to bypass the same origin policy and gain access to sensitive information. 2) An unspecified error within the...

124

U-104: Adobe Flash Player Multiple Vulnerabilities | Department...  

Broader source: Energy.gov (indexed) [DOE]

have been reported in Adobe Flash Player, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, and...

125

Authenticity and Physiological Changes during Defensive Verbal Response  

E-Print Network [OSTI]

who are more authentic experience higher subjective well-being because they feel in control of their self (Kifer, Heller, Perunovic, & Galinsky, 2013). Thus, by paying attention to how ones cognitions, physiology, and behavior support or challenge...

Yen, Yana

2013-08-31T23:59:59.000Z

126

authenticated key agreement: Topics by E-print Network  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

desirable attributes. Index Terms--Mutual Authentication; Key Management; SRP; Security; Smart Meter; Smart Leung, Victor C.M. 53 On the security of some password-based key...

127

U-084: Cisco Digital Media Manager Lets Remote Authenticated...  

Broader source: Energy.gov (indexed) [DOE]

authenticated user can gain elevated privileges on the target system. PLATFORM: Cisco Digital Media Manager: Version(s) 5.22 and prior, 5.2.3 ABSTRACT: The system does not...

128

Understanding 'It': Affective Authenticity, Space, and the Phish Scene  

E-Print Network [OSTI]

"Understanding It: Affective Authenticity, Space, and the Phish Scene" is an ethnographic study of "scene identity" around the contemporary rock band Phish. Utilizing data generated from six years of ethnographic fieldwork, ...

Yeager, Elizabeth Anne

2011-04-26T23:59:59.000Z

129

Floodwater Chemistry in the Yolo Bypass during Winter and Spring 1998  

E-Print Network [OSTI]

Floodwater Chemistry in the Yolo Bypass during Winter and Spring 1998 Open-File Report 2007­1025 U.S. Department of the Interior U.S. Geological Survey #12;Floodwater Chemistry in the Yolo Bypass during Winter-USGS Suggested citation: Schemel, L.E., Cox, M.H., 2007, Floodwater Chemistry in the Yolo Bypass during Winter

130

Cycling firing method for bypass operation of bridge converters  

SciTech Connect (OSTI)

The bridge converter comprises a number of switching elements and an electronic logic system which regulated the electric power levels by controlling the firing, i.e., the initiation of the conduction period of the switching elements. Cyclic firing of said elements allows the direct current to bypass the alternating current system with high power factor and negligible losses.

Zabar, Zivan (99-72 66th Rd., Apt. 9N, Forest Hills, NY 11375)

1982-01-01T23:59:59.000Z

131

Thermal Reliability Study of Bypass Diodes in Photovoltaic Modules (Poster)  

SciTech Connect (OSTI)

This paper presents the result of high-temperature durability and thermal cycling testing and analysis for the selected diodes to study the detail of the thermal design and relative long-term reliability of the bypass diodes used to limit the detrimental effects of module hot-spot susceptibility.

Zhang, Z.; Wohlgemuth, J.; Kurtz, S.

2013-05-01T23:59:59.000Z

132

Enhancing Energy Infrastructure Resiliency and Addressing Vulnerabilities  

Broader source: Energy.gov [DOE]

Quadrennial Energy Review Task Force Secretariat and Energy Policy and Systems Analysis Staff, U. S. Department of Energy (DOE) Public Meeting on Enhancing Resilience in Energy Infrastructure and Addressing Vulnerabilities On Friday, April 11, 2014, at 10 a.m. in room HVC-215 of the U.S. Capitol, the Department of Energy (DOE), acting as the Secretariat for the Quadrennial Energy Review Task Force, will hold a public meeting to discuss and receive comments on issues related to the Quadrennial Energy Review (QER). The meeting will focus on infrastructure vulnerabilities related to the electricity, natural gas and petroleum transmission, storage and distribution systems (TS&D). The meeting will consist of two facilitated panels of experts on identifying and addressing vulnerabilities within the nations energy TS&D infrastructure. Following the panels, an opportunity will be provided for public comment via an open microphone session. The meeting will be livestreamed at energy.gov/live

133

The 2011 Military Communications Conference -Track 3 -Cyber Security and Network Operations From Security to Vulnerability: Data Authentication  

E-Print Network [OSTI]

in Substation Automation Systems (SAS). To this end, we establish a small-scale SAS prototype with commonly, an upgrade of in formation technologies is essential from out-of-date serial communication technologies [2

Wang, Wenye

134

Chemical Safety Vulnerability Working Group Report  

SciTech Connect (OSTI)

This report marks the culmination of a 4-month review conducted to identify chemical safety vulnerabilities existing at DOE facilities. This review is an integral part of DOE's efforts to raise its commitment to chemical safety to the same level as that for nuclear safety.

Not Available

1994-09-01T23:59:59.000Z

135

WATER AND ENERGY SECTOR VULNERABILITY TO CLIMATE  

E-Print Network [OSTI]

WATER AND ENERGY SECTOR VULNERABILITY TO CLIMATE WARMING IN THE SIERRA NEVADA: Water Year explores the sensitivity of water indexing methods to climate change scenarios to better understand how water management decisions and allocations will be affected by climate change. Many water management

136

Fragile Networks: Identifying Vulnerabilities and Synergies  

E-Print Network [OSTI]

, Efficiency Measurement, and Vulnerability Analysis · Part II: Applications and Extensions · Part III: Mergers the foundations for transportation and logistics, for communication, energy provision, social interactions that underlie our societies and economies are large-scale and complex in nature, they are liable to be faced

Nagurney, Anna

137

Efficient authentication scheme for data aggregation in smart grid with fault tolerance and fault diagnosis  

E-Print Network [OSTI]

Authentication schemes relying on per-packet signature and per-signature verification introduce heavy cost for computation and communication. Due to its constraint resources, smart grid's authentication requirement cannot ...

Li, Depeng

138

Specifying authentication using signal events in CSP Siraj A. Shaikh (first and corresponding author)  

E-Print Network [OSTI]

1 Specifying authentication using signal events in CSP Siraj A. Shaikh (first and corresponding in the process algebra Communicating Sequential Processes (CSP) to specify authentication. The purpose, security protocols, CSP, formal specification, Kerberos 1. Introduction Schneider [1] uses Communicating

Doran, Simon J.

139

Authentic, Dialogic Writing: Th e Case of a Letter to the Editor  

E-Print Network [OSTI]

A teacher educator reflects on the educational value of an authentic writing assignment inspired by real-world local events.

Hallman, Heidi L.

2009-01-01T23:59:59.000Z

140

U-171: DeltaV Products Multiple Vulnerabilities  

Broader source: Energy.gov [DOE]

Multiple vulnerabilities have been reported in DeltaV products, which can be exploited by malicious people to conduct cross-site scripting attacks, SQL injection attacks, cause a DoS (Denial of Service), and compromise a vulnerable system.

Note: This page contains sample records for the topic "authentication bypass vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


141

Power System Extreme Event Detection: The Vulnerability Frontier  

E-Print Network [OSTI]

Figure 6. Vulnerability Frontier for a 13,374 node system.corresponding to points on the frontier suggests that theseDetection: The Vulnerability Frontier Bernard C. Lesieutre

Lesieutre, Bernard C.; Pinar, Ali; Roy, Sandip

2007-01-01T23:59:59.000Z

142

Quantum-Secure Authentication with a Classical Key  

E-Print Network [OSTI]

Authentication provides the trust people need to engage in transactions. The advent of physical keys that are impossible to copy promises to revolutionize this field. Up to now, such keys have been verified by classical challenge-response protocols. Such protocols are in general susceptible to emulation attacks. Here we demonstrate Quantum-Secure Authentication ("QSA") of an unclonable classical physical key in a way that is inherently secure by virtue of quantum-physical principles. Our quantum-secure authentication operates in the limit of a large number of channels, represented by the more than thousand degrees of freedom of an optical wavefront shaped with a spatial light modulator. This allows us to reach quantum security with weak coherent pulses of light containing dozens of photons, too few for an adversary to determine their complex spatial shapes, thereby rigorously preventing emulation.

Sebastianus A. Goorden; Marcel Horstmann; Allard P. Mosk; Boris kori?; Pepijn W. H. Pinkse

2014-06-03T23:59:59.000Z

143

PAKE-based mutual HTTP authentication for preventing phishing attacks  

E-Print Network [OSTI]

This paper describes a new password-based mutual authentication protocol for Web systems which prevents various kinds of phishing attacks. This protocol provides a protection of user's passwords against any phishers even if dictionary attack is employed, and prevents phishers from imitating a false sense of successful authentication to users. The protocol is designed considering interoperability with many recent Web applications which requires many features which current HTTP authentication does not provide. The protocol is proposed as an Internet Draft submitted to IETF, and implemented in both server side (as an Apache extension) and client side (as a Mozilla-based browser and an IE-based one). The paper also proposes a new user-interface for this protocol which is always distinguishable from fake dialogs provided by phishers.

Oiwa, Yutaka; Takagi, Hiromitsu

2009-01-01T23:59:59.000Z

144

U-013: HP Data Protector Multiple Unspecified Vulnerabilities  

Broader source: Energy.gov [DOE]

Multiple vulnerabilities were reported in HP Data Protector. A remote user can execute arbitrary code on the target system.

145

The order of encryption and authentication for protecting communications (Or: how secure is SSL?)  

E-Print Network [OSTI]

The order of encryption and authentication for protecting communications (Or: how secure is SSL and authentication, including the authenticate-then-encrypt method used in SSL, are not generically secure. We show with a random or pseudorandom pad). Thus, while we show the generic security of SSL to be broken, the current

146

Provably Repairing the ISO/IEC 9798 Standard for Entity Authentication  

E-Print Network [OSTI]

, or authentication of transmitted data [27,33]. The ISO (International Organization for Standardization) and IECProvably Repairing the ISO/IEC 9798 Standard for Entity Authentication David Basin, Cas Cremers the family of entity authentication protocols defined by the ISO/IEC 9798 standard and find numerous

Basin, David

147

The TESLA Broadcast Authentication Protocol Adrian Perrig Ran Canetti J. D. Tygar Dawn Song  

E-Print Network [OSTI]

The TESLA Broadcast Authentication Protocol Adrian Perrig Ran Canetti J. D. Tygar Dawn Song presents the TESLA (Timed Efficient Stream Loss-tolerant Authentication) broadcast authentication protocol of receivers, and tolerates packet loss. TESLA is based on loose time synchronization between the sender

Tygar, Doug

148

Vendor System Vulnerability Testing Test Plan  

SciTech Connect (OSTI)

The Idaho National Laboratory (INL) prepared this generic test plan to provide clients (vendors, end users, program sponsors, etc.) with a sense of the scope and depth of vulnerability testing performed at the INLs Supervisory Control and Data Acquisition (SCADA) Test Bed and to serve as an example of such a plan. Although this test plan specifically addresses vulnerability testing of systems applied to the energy sector (electric/power transmission and distribution and oil and gas systems), it is generic enough to be applied to control systems used in other critical infrastructures such as the transportation sector, water/waste water sector, or hazardous chemical production facilities. The SCADA Test Bed is established at the INL as a testing environment to evaluate the security vulnerabilities of SCADA systems, energy management systems (EMS), and distributed control systems. It now supports multiple programs sponsored by the U.S. Department of Energy, the U.S. Department of Homeland Security, other government agencies, and private sector clients. This particular test plan applies to testing conducted on a SCADA/EMS provided by a vendor. Before performing detailed vulnerability testing of a SCADA/EMS, an as delivered baseline examination of the system is conducted, to establish a starting point for all-subsequent testing. The series of baseline tests document factory delivered defaults, system configuration, and potential configuration changes to aid in the development of a security plan for in depth vulnerability testing. The baseline test document is provided to the System Provider,a who evaluates the baseline report and provides recommendations to the system configuration to enhance the security profile of the baseline system. Vulnerability testing is then conducted at the SCADA Test Bed, which provides an in-depth security analysis of the Vendors system.b a. The term System Provider replaces the name of the company/organization providing the system being evaluated. This can be the system manufacturer, a system user, or a third party organization such as a government agency. b. The term Vendor (or Vendors) System replaces the name of the specific SCADA/EMS being tested.

James R. Davidson

2005-01-01T23:59:59.000Z

149

U-187: Adobe Flash Player Multiple Vulnerabilities  

Broader source: Energy.gov [DOE]

Adobe released security updates for Adobe Flash Player 11.2.202.235 and earlier versions for Windows, Macintosh and Linux, Adobe Flash Player 11.1.115.8 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.9 and earlier versions for Android 3.x and 2.x. These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.

150

E-Print Network 3.0 - aortocoronary bypass graft Sample Search...  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Materials Summary: . Holmes, Jr., and H. V. Schaff. Aortocoronary bypass grafting with expanded polytetrafluoroethylene: 12... , synthetic polymers currently used as artificial...

151

E-Print Network 3.0 - above-knee femoropopliteal bypass Sample...  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Source: Kozak, Victor R. - Budker Institute of Nuclear Physics Collection: Fission and Nuclear Technologies ; Physics 19 2009 ASHRAE 199 The issue of filter bypass has long been...

152

E-Print Network 3.0 - artery bypass operations Sample Search...  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

by intravenous delivery of salt and water. This route of delivery bypasses ... Source: Brand, Paul H. - Department of Physiology and Pharmacology, University of Toledo...

153

Recursive Linear and Differential Cryptanalysis of Ultralightweight Authentication Protocols  

E-Print Network [OSTI]

to privacy of consumers. In recent years, the cryptographic community have made an extensive effort Zahra Ahmadian, Mahmoud Salmasizadeh, and Mohammad Reza Aref Abstract--Privacy is faced to serious years have focused on design and analysis of privacy friendly ultralightweight authentication protocols

154

ELmE : A Misuse Resistant Parallel Authenticated Encryption  

E-Print Network [OSTI]

-Encrypt constructions (inherently inefficient but provide full pri- vacy) and online constructions, e.g., McOE, sponge bottleneck in processing associated data. In this paper, we design a new online secure authenticated in associated data) and pipeline implementable. It also provides full privacy when associated data (which

155

Final report for the mobile node authentication LDRD project.  

SciTech Connect (OSTI)

In hostile ad hoc wireless communication environments, such as battlefield networks, end-node authentication is critical. In a wired infrastructure, this authentication service is typically facilitated by a centrally-located ''authentication certificate generator'' such as a Certificate Authority (CA) server. This centralized approach is ill-suited to meet the needs of mobile ad hoc networks, such as those required by military systems, because of the unpredictable connectivity and dynamic routing. There is a need for a secure and robust approach to mobile node authentication. Current mechanisms either assign a pre-shared key (shared by all participating parties) or require that each node retain a collection of individual keys that are used to communicate with other individual nodes. Both of these approaches have scalability issues and allow a single compromised node to jeopardize the entire mobile node community. In this report, we propose replacing the centralized CA with a distributed CA whose responsibilities are shared between a set of select network nodes. To that end, we develop a protocol that relies on threshold cryptography to perform the fundamental CA duties in a distributed fashion. The protocol is meticulously defined and is implemented it in a series of detailed models. Using these models, mobile wireless scenarios were created on a communication simulator to test the protocol in an operational environment and to gather statistics on its scalability and performance.

Michalski, John T.; Lanzone, Andrew J.

2005-09-01T23:59:59.000Z

156

Forging Attacks on two Authenticated Encryptions COBRA and POET  

E-Print Network [OSTI]

Forging Attacks on two Authenticated Encryptions COBRA and POET Mridul Nandi Indian Statistical COBRA [4], based on pseudorandom per- mutation (PRP) blockcipher, and POET [3], based on Almost XOR and a simple vari- ant of the original proposal of POET (due to a forging attack [13] on the original proposal

157

Authenticated Streamwise On-line Encryption Patrick P. Tsang  

E-Print Network [OSTI]

and end-to-end latency. Also, ASOE provides data authenticity as an option. ASOE can therefore be used construction incurs zero end-to-end latency due to buffering and only 48 bytes of message expansion, regardless 7.3 End-to-end Latency . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 7

158

SSL Splitting and Barnraising: Cooperative Caching with Authenticity Guarantees  

E-Print Network [OSTI]

SSL Splitting and Barnraising: Cooperative Caching with Authenticity Guarantees by Christopher T by . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Arthur C. Smith Chairman, Department Committee on Graduate Students #12;SSL Splitting and Barnraising for the degree of Master of Engineering in Electrical Engineering and Computer Science Abstract SSL splitting

Gummadi, Ramakrishna

159

Cryptanalysis of a recent two factor authentication scheme  

E-Print Network [OSTI]

Centre Dublin City University Ballymun, Dublin 9, Ireland. mike.scott@certivox.com Abstract. Very recently a scheme has been proposed by Wang and Ma for a robust smart-card based password authentication scheme, which claims to be secure against a Smart Card security breach. In this short note we attempt

160

Cryptanalysis of Two Dynamic IDbased Remote User Authentication Schemes for  

E-Print Network [OSTI]

University, Harbin City 150001, China 2 Automobile Management Institute of PLA, Bengbu City 233011, China guessing attack under their nontamper resistance assumption of the smart card; (2) It fails to provide of schemes. Keywords: Cryptanalysis, Authentication protocol, O#ine password guessing attack, Smart card

Note: This page contains sample records for the topic "authentication bypass vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


161

Using a PVS Embedding of CSP to Verify Authentication Protocols  

E-Print Network [OSTI]

Using a PVS Embedding of CSP to Verify Authentication Protocols To be presented at TPHOLs'97, Bell for a veri cation method described in 14]. The PVS formalization consists of a semantic embedding of CSP, 16, 12, 9]. In 14], Schneider presents such a method based on CSP 7]. The approach relies onageneral

Dutertre, Bruno

162

Using a PVS Embedding of CSP to Verify Authentication Protocols  

E-Print Network [OSTI]

Using a PVS Embedding of CSP to Verify Authentication Protocols To be presented at TPHOLs'97, Bell for a veri cation method described in 14]. The PVS formalization consists of a semantic embedding of CSP]. In 14], Schneider presents such a method based on CSP 7]. The approach relies onageneral

Doran, Simon J.

163

Using a PVS Embedding of CSP to Verify Authentication Protocols  

E-Print Network [OSTI]

Using a PVS Embedding of CSP to Verify Authentication Protocols To be presented at TPHOLs'97, Bell for a verification method described in [14]. The PVS formalization consists of a semantic embedding of CSP for this purpose [3, 16, 12, 9]. In [14], Schneider presents such a method based on CSP [7]. The approach relies

Dutertre, Bruno

164

Authenticity Issue in Performing Arts using Live Electronics  

E-Print Network [OSTI]

by the production process key elements for future assessment of authenticity. We will present some "case studies we intend to study the production process, and extract from the elements and traces left, the electronic processes are evaluated towards their robustness against changes of instrumentist, changes

Kouroupetroglou, Georgios

165

Cryptographic Link Signatures for Spectrum Usage Authentication in Cognitive Radio  

E-Print Network [OSTI]

Cryptographic Link Signatures for Spectrum Usage Authentication in Cognitive Radio Xi Tan, Kapil frequency spectrum was inefficiently utilized. To fully use these spectrums, cognitive radio networks have of cognitive radio is to enable the current fixed spectrum channels assigned by Federal Communica- tions

Du, Wenliang "Kevin"

166

T-608: HP Virtual Server Environment Lets Remote Authenticated Users Gain Elevated Privileges  

Broader source: Energy.gov [DOE]

A potential security vulnerability has been identified in HP Virtual Server Environment for Windows. The vulnerability could be exploited remotely to elevate privileges.

167

Dead Block Replacement and Bypass with a Sampling Predictor Daniel A. Jimenez  

E-Print Network [OSTI]

Dead Block Replacement and Bypass with a Sampling Predictor Daniel A. Jim´enez Department of Computer Science The University of Texas at San Antonio Abstract We present a cache replacement and bypass policy driven by dead block prediction. A block is considered dead is it will be replaced before

Paris-Sud XI, Université de

168

Social vulnerability indicators as a sustainable planning tool  

SciTech Connect (OSTI)

In the face of global warming and environmental change, the conventional strategy of resource centralization will not be able to cope with a future of increasingly extreme climate events and related disasters. It may even contribute to inter-regional disparities as a result of these events. To promote sustainable development, this study offers a case study of developmental planning in Chiayi, Taiwan and a review of the relevant literature to propose a framework of social vulnerability indicators at the township level. The proposed framework can not only be used to measure the social vulnerability of individual townships in Chiayi, but also be used to capture the spatial developmental of Chiayi. Seventeen social vulnerability indicators provide information in five dimensions. Owing to limited access to relevant data, the values of only 13 indicators were calculated. By simply summarizing indicators without using weightings and by using zero-mean normalization to standardize the indicators, this study calculates social vulnerability scores for each township. To make social vulnerability indicators more useful, this study performs an overlay analysis of social vulnerability and patterns of risk associated with national disasters. The social vulnerability analysis draws on secondary data for 2012 from Taiwan's National Geographic Information System. The second layer of analysis consists of the flood potential ratings of the Taiwan Water Resources Agency as an index of biophysical vulnerability. The third layer consists of township-level administrative boundaries. Analytical results reveal that four out of the 18 townships in Chiayi not only are vulnerable to large-scale flooding during serious flood events, but also have the highest degree of social vulnerability. Administrative boundaries, on which social vulnerability is based, do not correspond precisely to cross-administrative boundaries, which are characteristics of the natural environment. This study adopts an exploratory approach that provides Chiayi and other government agencies with a foundation for sustainable strategic planning for environmental change. The final section offers four suggestions concerning the implications of social vulnerability for local development planning. -- Highlights: This study proposes a framework of social vulnerability indicators at the township level in Chiayi County, Taiwan. Seventeen social vulnerability indicators are categorized into four dimensions. This study performs a three-layer overlay analysis of social vulnerability and natural disaster risk patterns. 4 out of the 18 townships not only have potential for large-scale flooding, but also high degree of social vulnerability. This study provides a foundation for sustainable strategic planning to deal with environmental change. Four suggestions are proposed regarding the implications of social vulnerability for local development planning.

Lee, Yung-Jaan, E-mail: yungjaanlee@gmail.com

2014-01-15T23:59:59.000Z

169

Rankine cycle condenser pressure control using an energy conversion device bypass valve  

DOE Patents [OSTI]

The disclosure provides a waste heat recovery system and method in which pressure in a Rankine cycle (RC) system of the WHR system is regulated by diverting working fluid from entering an inlet of an energy conversion device of the RC system. In the system, an inlet of a controllable bypass valve is fluidly coupled to a working fluid path upstream of an energy conversion device of the RC system, and an outlet of the bypass valve is fluidly coupled to the working fluid path upstream of the condenser of the RC system such that working fluid passing through the bypass valve bypasses the energy conversion device and increases the pressure in a condenser. A controller determines the temperature and pressure of the working fluid and controls the bypass valve to regulate pressure in the condenser.

Ernst, Timothy C; Nelson, Christopher R; Zigan, James A

2014-04-01T23:59:59.000Z

170

Evaluating operating system vulnerability to memory errors.  

SciTech Connect (OSTI)

Reliability is of great concern to the scalability of extreme-scale systems. Of particular concern are soft errors in main memory, which are a leading cause of failures on current systems and are predicted to be the leading cause on future systems. While great effort has gone into designing algorithms and applications that can continue to make progress in the presence of these errors without restarting, the most critical software running on a node, the operating system (OS), is currently left relatively unprotected. OS resiliency is of particular importance because, though this software typically represents a small footprint of a compute node's physical memory, recent studies show more memory errors in this region of memory than the remainder of the system. In this paper, we investigate the soft error vulnerability of two operating systems used in current and future high-performance computing systems: Kitten, the lightweight kernel developed at Sandia National Laboratories, and CLE, a high-performance Linux-based operating system developed by Cray. For each of these platforms, we outline major structures and subsystems that are vulnerable to soft errors and describe methods that could be used to reconstruct damaged state. Our results show the Kitten lightweight operating system may be an easier target to harden against memory errors due to its smaller memory footprint, largely deterministic state, and simpler system structure.

Ferreira, Kurt Brian; Bridges, Patrick G. (University of New Mexico); Pedretti, Kevin Thomas Tauke; Mueller, Frank (North Carolina State University); Fiala, David (North Carolina State University); Brightwell, Ronald Brian

2012-05-01T23:59:59.000Z

171

T-544: Cisco Security Advisory: Cisco Content Services Gateway Vulnerabilities  

Broader source: Energy.gov [DOE]

Cisco IOS Software Release 12.4(24)MD1 on the Cisco CSG2 contains two vulnerabilities that can be exploited by a remote, unauthenticated attacker to create a denial of service condition that prevents traffic from passing through the CSG2. These vulnerabilities require only a single content service to be active on the Cisco CSG2 and can be exploited via crafted TCP packets. A three-way handshake is not required to exploit either of these vulnerabilities.

172

AFTER A Framework for electrical power sysTems vulnerability...  

Open Energy Info (EERE)

Germany) Jump to: navigation, search Project Name AFTER A Framework for electrical power sysTems vulnerability identification, dEfense and Restoration Country Germany Coordinates...

173

India-Vulnerability Assessment and Enhancing Adaptive Capacities...  

Open Energy Info (EERE)

Adaptive Capacities to Climate Change Jump to: navigation, search Name India-Vulnerability Assessment and Enhancing Adaptive Capacities to Climate Change AgencyCompany...

174

Mapping Climate Change Vulnerability and Impact Scenarios - A...  

Open Energy Info (EERE)

Sub-national Planners Jump to: navigation, search Tool Summary LAUNCH TOOL Name: Mapping Climate Change Vulnerability and Impact Scenarios - A Guidebook for Sub-national Planners...

175

areas vulnerabilities impacts: Topics by E-print Network  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

on residential electricity consumption for the nine San Francisco Bay Area counties 22 Seismic vulnerability analysis of moderate seismicity areas using in situ experimental...

176

assessing infrastructure vulnerability: Topics by E-print Network  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Websites Summary: , by improving the seismic hazard evaluation using probabilistic seismic hazard assessment (PSHA) methodsSeismic vulnerability assessment to slight dam- age...

177

AFTER A Framework for electrical power sysTems vulnerability...  

Open Energy Info (EERE)

Norway) Jump to: navigation, search Project Name AFTER A Framework for electrical power sysTems vulnerability identification, dEfense and Restoration Country Norway Coordinates...

178

Microsoft Word - MitigationsForVulnerabilitiesInCSNetworks.doc  

Broader source: Energy.gov (indexed) [DOE]

for Security Vulnerabilities Found in Control System Networks May Permann John Hammer Computer Security Researcher Computer Security Researcher Communications & Cyber Security...

179

T-566: Citrix Secure Gateway Unspecified Vulnerability | Department...  

Broader source: Energy.gov (indexed) [DOE]

has been reported in Citrix Secure Gateway, which can be exploited by malicious people to compromise a vulnerable system. reference LINKS: Citrix ID:CTX128168 Secunia...

180

Antioch University and EPA Webinar: Assessing Vulnerability of...  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

Water Conveyance Infrastructure from a Changing Climate in the Context of a Changing Landscape Antioch University and EPA Webinar: Assessing Vulnerability of Water Conveyance...

Note: This page contains sample records for the topic "authentication bypass vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


181

AFTER A Framework for electrical power sysTems vulnerability...  

Open Energy Info (EERE)

Projects Map1 Overview AFTER addresses vulnerability evaluation and contingency planning of the energy grids and energy plants considering also the ICT systems used in...

182

U-086:Linux Kernel "/proc//mem" Privilege Escalation Vulnerability  

Broader source: Energy.gov [DOE]

A vulnerability has been discovered in the Linux Kernel, which can be exploited by malicious, local users to gain escalated privileges.

183

AFTER A Framework for electrical power sysTems vulnerability...  

Open Energy Info (EERE)

:"","inlineLabel":"","visitedicon":"" Display map Period 2011-2014 References EU Smart Grid Projects Map1 Overview AFTER addresses vulnerability evaluation and contingency...

184

Hardware device to physical structure binding and authentication  

DOE Patents [OSTI]

Detection and deterrence of device tampering and subversion may be achieved by including a cryptographic fingerprint unit within a hardware device for authenticating a binding of the hardware device and a physical structure. The cryptographic fingerprint unit includes an internal physically unclonable function ("PUF") circuit disposed in or on the hardware device, which generate an internal PUF value. Binding logic is coupled to receive the internal PUF value, as well as an external PUF value associated with the physical structure, and generates a binding PUF value, which represents the binding of the hardware device and the physical structure. The cryptographic fingerprint unit also includes a cryptographic unit that uses the binding PUF value to allow a challenger to authenticate the binding.

Hamlet, Jason R.; Stein, David J.; Bauer, Todd M.

2013-08-20T23:59:59.000Z

185

Provably Secure Password-based Authentication in TLS  

SciTech Connect (OSTI)

In this paper, we show how to design an efficient, provably secure password-based authenticated key exchange mechanism specifically for the TLS (Transport Layer Security) protocol. The goal is to provide a technique that allows users to employ (short) passwords to securely identify themselves to servers. As our main contribution, we describe a new password-based technique for user authentication in TLS, called Simple Open Key Exchange (SOKE). Loosely speaking, the SOKE ciphersuites are unauthenticated Diffie-Hellman ciphersuites in which the client's Diffie-Hellman ephemeral public value is encrypted using a simple mask generation function. The mask is simply a constant value raised to the power of (a hash of) the password.The SOKE ciphersuites, in advantage over previous pass-word-based authentication ciphersuites for TLS, combine the following features. First, SOKE has formal security arguments; the proof of security based on the computational Diffie-Hellman assumption is in the random oracle model, and holds for concurrent executions and for arbitrarily large password dictionaries. Second, SOKE is computationally efficient; in particular, it only needs operations in a sufficiently large prime-order subgroup for its Diffie-Hellman computations (no safe primes). Third, SOKE provides good protocol flexibility because the user identity and password are only required once a SOKE ciphersuite has actually been negotiated, and after the server has sent a server identity.

Abdalla, Michel; Emmanuel, Bresson; Chevassut, Olivier; Moeller,Bodo; Pointcheval, David

2005-12-20T23:59:59.000Z

186

New foundations for efficient authentication, commutative cryptography, and private disjointness testing  

E-Print Network [OSTI]

This dissertation presents new constructions and security definitions related to three areas: authentication, cascadable and commutative crytpography, and private set operations. Existing works relevant to each of these ...

Weis, Stephen August, 1978-

2006-01-01T23:59:59.000Z

187

Counterfeit-resistant materials and a method and apparatus for authenticating materials  

DOE Patents [OSTI]

Fluorescent dichroic fibers randomly incorporated within a media provide an improved method for authentication and counterfeiting protection. The dichroism is provided by an alignment of fluorescent molecules along the length of the fibers. The fluorescent fibers provide an authentication mechanism of varying levels of capability. The authentication signature depends on four parameters, the x,y position, the dichroism and the local environment. The availability of so many non-deterministic variables makes production of counterfeit articles (e.g., currency, credit cards, etc.) essentially impossible Counterfeit-resistant articles, an apparatus for authenticating articles, and a process for forming counterfeit-resistant media are also provided&

Ramsey, J. Michael (Knoxville, TN); Klatt, Leon N. (Oak Ridge, TN)

2001-01-01T23:59:59.000Z

188

Counterfeit-resistant materials and a method and apparatus for authenticating materials  

DOE Patents [OSTI]

Fluorescent dichroic fibers randomly incorporated within a media provide an improved method for authentication and counterfeiting protection. The dichroism is provided by an alignment of fluorescent molecules along the length of the fibers. The fluorescent fibers provide an authentication mechanism of varying levels of capability. The authentication signature depends on four parameters; the x,y position, the dichroism and the local environment. The availability of so many non-deterministic variables makes production of counterfeit articles (e.g., currency, credit cards, etc.) essentially impossible. Counterfeit-resistant articles, an apparatus for authenticating articles, and a process for forming counterfeit-resistant media are also provided.

Ramsey, J. Michael (Knoxville, TN); Klatt, Leon N. (Oak Ridge, TN)

2000-01-01T23:59:59.000Z

189

E-Print Network 3.0 - authentications algorithms based Sample...  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

soft- ware can certify particular outputs. Software Source: Schneier, Bruce - BT Group plc Collection: Computer Technologies and Information Sciences 9 A Local Authentication...

190

Method and tool for network vulnerability analysis  

DOE Patents [OSTI]

A computer system analysis tool and method that will allow for qualitative and quantitative assessment of security attributes and vulnerabilities in systems including computer networks. The invention is based on generation of attack graphs wherein each node represents a possible attack state and each edge represents a change in state caused by a single action taken by an attacker or unwitting assistant. Edges are weighted using metrics such as attacker effort, likelihood of attack success, or time to succeed. Generation of an attack graph is accomplished by matching information about attack requirements (specified in "attack templates") to information about computer system configuration (contained in a configuration file that can be updated to reflect system changes occurring during the course of an attack) and assumed attacker capabilities (reflected in "attacker profiles"). High risk attack paths, which correspond to those considered suited to application of attack countermeasures given limited resources for applying countermeasures, are identified by finding "epsilon optimal paths."

Swiler, Laura Painton (Albuquerque, NM); Phillips, Cynthia A. (Albuquerque, NM)

2006-03-14T23:59:59.000Z

191

Pre-test CFD Calculations for a Bypass Flow Standard Problem  

SciTech Connect (OSTI)

The bypass flow in a prismatic high temperature gas-cooled reactor (HTGR) is the flow that occurs between adjacent graphite blocks. Gaps exist between blocks due to variances in their manufacture and installation and because of the expansion and shrinkage of the blocks from heating and irradiation. Although the temperature of fuel compacts and graphite is sensitive to the presence of bypass flow, there is great uncertainty in the level and effects of the bypass flow. The Next Generation Nuclear Plant (NGNP) program at the Idaho National Laboratory has undertaken to produce experimental data of isothermal bypass flow between three adjacent graphite blocks. These data are intended to provide validation for computational fluid dynamic (CFD) analyses of the bypass flow. Such validation data sets are called Standard Problems in the nuclear safety analysis field. Details of the experimental apparatus as well as several pre-test calculations of the bypass flow are provided. Pre-test calculations are useful in examining the nature of the flow and to see if there are any problems associated with the flow and its measurement. The apparatus is designed to be able to provide three different gap widths in the vertical direction (the direction of the normal coolant flow) and two gap widths in the horizontal direction. It is expected that the vertical bypass flow will range from laminar to transitional to turbulent flow for the different gap widths that will be available.

Rich Johnson

2011-11-01T23:59:59.000Z

192

T-616: PHP Stream Component Remote Denial of Service Vulnerability  

Broader source: Energy.gov [DOE]

PHP is prone to a remote denial-of-service vulnerability because the proxy server fails to handle certain FTP requests. An attacker can exploit this issue to crash the affected application, denying service to legitimate users. Versions prior to PHP 5.3.6 are vulnerable.

193

Analyses Of Two End-User Software Vulnerability Exposure Metrics  

SciTech Connect (OSTI)

The risk due to software vulnerabilities will not be completely resolved in the near future. Instead, putting reliable vulnerability measures into the hands of end-users so that informed decisions can be made regarding the relative security exposure incurred by choosing one software package over another is of importance. To that end, we propose two new security metrics, average active vulnerabilities (AAV) and vulnerability free days (VFD). These metrics capture both the speed with which new vulnerabilities are reported to vendors and the rate at which software vendors fix them. We then examine how the metrics are computed using currently available datasets and demonstrate their estimation in a simulation experiment using four different browsers as a case study. Finally, we discuss how the metrics may be used by the various stakeholders of software and to software usage decisions.

Jason L. Wright; Miles McQueen; Lawrence Wellman

2012-08-01T23:59:59.000Z

194

Benjamin Livshits and Monica S. Lam 1. PHPList Admin Page SQL Injection Vulnerability  

E-Print Network [OSTI]

Escalation Vulnerability 8. Vim ModeLines Further Variant Arbitrary Command Execution Vulnerability 9. Zlib Local Race Condition Privilege Escalation Vulnerability 8. Vim ModeLines Further Variant Arbitrary

Livshits, Ben

195

EMISSION ABATEMENT VERSUS DEVELOPMENT AS STRATEGIES TO REDUCE VULNERABILITY TO CLIMATE CHANGE: AN APPLICATION OF  

E-Print Network [OSTI]

EMISSION ABATEMENT VERSUS DEVELOPMENT AS STRATEGIES TO REDUCE VULNERABILITY TO CLIMATE CHANGE development aid is more effective in reducing vulnerability than is emission abatement. The hypothesis, vulnerability, adaptive capacity, development #12;EMISSION ABATEMENT VERSUS DEVELOPMENT AS STRATEGIES TO REDUCE

196

Initial Hydrologic Feasibility Analysis of the Proposed Ship Channel Bypass (lower Sacramento River, California  

E-Print Network [OSTI]

Project Modifications Works, Yolo County, CA. USACE (U.S.2006. Office Report: Yolo Bypass 2-D Hydraulic ModelPlan. Prepared by CDFG, Yolo Basin Foundation and EDAW.

Church, Tami C.

2012-01-01T23:59:59.000Z

197

T-606: Sun Java System Access Manager Lets Remote Users Partially Modify Data and Remote Authenticated Users Partially Access Data  

Broader source: Energy.gov [DOE]

Sun Java System Access Manager Lets Remote Users Partially Modify Data and Remote Authenticated Users Partially Access Data.

198

ACCEPTED BY IEEE TRANSACTIONS ON IMAGE PROCESSING, JULY 28, 2014. 1 On Continuous User Authentication via Typing  

E-Print Network [OSTI]

such as keystroke dynamics (KD), TB provides reliable authentication with a short delay, while avoiding explicit key-logging

199

Final report and recommendations of the ESnet Authentication Pilot Project  

SciTech Connect (OSTI)

To conduct their work, U.S. Department of Energy (DOE) researchers require access to a wide range of computing systems and information resources outside of their respective laboratories. Electronically communicating with peers using the global Internet has become a necessity to effective collaboration with university, industrial, and other government partners. DOE`s Energy Sciences Network (ESnet) needs to be engineered to facilitate this {open_quotes}collaboratory{close_quotes} while ensuring the protection of government computing resources from unauthorized use. Sensitive information and intellectual properties must be protected from unauthorized disclosure, modification, or destruction. In August 1993, DOE funded four ESnet sites (Argonne National Laboratory, Lawrence Livermore National Laboratory, the National Energy Research Supercomputer Center, and Pacific Northwest Laboratory) to begin implementing and evaluating authenticated ESnet services using the advanced Kerberos Version 5. The purpose of this project was to identify, understand, and resolve the technical, procedural, cultural, and policy issues surrounding peer-to-peer authentication in an inter-organization internet. The investigators have concluded that, with certain conditions, Kerberos Version 5 is a suitable technology to enable ESnet users to freely share resources and information without compromising the integrity of their systems and data. The pilot project has demonstrated that Kerberos Version 5 is capable of supporting trusted third-party authentication across an inter-organization internet and that Kerberos Version 5 would be practical to implement across the ESnet community within the U.S. The investigators made several modifications to the Kerberos Version 5 system that are necessary for operation in the current Internet environment and have documented other technical shortcomings that must be addressed before large-scale deployment is attempted.

Johnson, G.R.; Moore, J.P. [Pacific Northwest Lab., Richland, WA (United States); Athey, C.L. [Lawrence Livermore National Lab., CA (United States); Engert, D.E. [Argonne National Lab., IL (United States); Ramus, J.E. [National Energy Research Supercomputer Center, Livermore, CA (United States)

1995-01-01T23:59:59.000Z

200

V-036: EMC Smarts Network Configuration Manager Database Authentication  

Office of Environmental Management (EM)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "of EnergyEnergyENERGYWomen Owned SmallOf The 2012Nuclear Guide Remote Access08: Debian SecurityBypass

Note: This page contains sample records for the topic "authentication bypass vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


201

Dynamic Key-Updating: Privacy-Preserving Authentication for RFID Systems , Jinsong Han2  

E-Print Network [OSTI]

Dynamic Key-Updating: Privacy-Preserving Authentication for RFID Systems Li Lu1 , Jinsong Han2 an emerging requirement ­ protecting user privacy [13] in RFID authentications. In most RFID systems, tags sensitive information. For example, without pri- vacy protection, any reader can identify a consumer's ID

Liu, Yunhao

202

Dynamic Key-Updating: Privacy-Preserving Authentication for RFID Systems , Jinsong Han2  

E-Print Network [OSTI]

- sitive information. For example, without privacy pro- tection, any reader can identify a consumer's IDDynamic Key-Updating: Privacy-Preserving Authentication for RFID Systems Li Lu1 , Jinsong Han2 an emerging requirement ­ protecting user privacy [13] in RFID authentications. In most RFID systems, tags

Liu, Yunhao

203

A Trustful Authentication and Key Exchange Scheme (TAKES) for Ad Hoc Networks  

E-Print Network [OSTI]

A Trustful Authentication and Key Exchange Scheme (TAKES) for Ad Hoc Networks Tony Cheneau National public key distribution scheme adapted to ad hoc networks called TAKES for Trustful Authentication, or even implementing a light naming system can be enabled on top of ad hoc networks. TAKES is formally

Paris-Sud XI, Université de

204

Breaking POET Authentication with a Single Query Jian Guo, Jeremy Jean, Thomas Peyrin, and Lei Wang  

E-Print Network [OSTI]

Breaking POET Authentication with a Single Query Jian Guo, J´er´emy Jean, Thomas Peyrin, and Lei article, we describe a very practical and simple attack on the au- thentication part of POET authenticated encryption mode proposed at FSE 2014. POET is a provably secure scheme that was designed to resist various

205

SSL/TLS Session-Aware User Authentication Using a GAA Bootstrapped Key  

E-Print Network [OSTI]

SSL/TLS Session-Aware User Authentication Using a GAA Bootstrapped Key Chunhua Chen1 , Chris J.mitchell@rhul.ac.uk Abstract. Most SSL/TLS-based electronic commerce (e-commerce) ap- plications (including Internet banking a server effectively, and because user authentication methods are typi- cally decoupled from SSL

Sheldon, Nathan D.

206

SSL/TLS Session-Aware User Authentication: A Lightweight Alternative to Client-Side Certificates  

E-Print Network [OSTI]

SSL/TLS Session-Aware User Authentication: A Lightweight Alternative to Client-Side Certificates E-Mail: basin@inf.ethz.ch Abstract Many SSL/TLS-based e-commerce applications employ traditional authentication mechanisms on the client side. These mechanisms--if decoupled from SSL/TLS session establishment

Basin, David

207

SSL/TLS Session-Aware User Authentication Rolf Oppliger1  

E-Print Network [OSTI]

SSL/TLS Session-Aware User Authentication Revisited Rolf Oppliger1 , Ralf Hauser2 , and David Basin threat to SSL/TLS-based e-commerce applications. In [OHB06], we introduced the notion of SSL/TLS session-aware user authentication to protect SSL/TLS- based e-commerce applications against MITM attacks and we

Basin, David

208

Provably Repairing the ISO/IEC 9798 Standard for Entity Authentication  

E-Print Network [OSTI]

(International Organization for Standardization) and IEC (Interna- tional Electrotechnical Commission) jointlyProvably Repairing the ISO/IEC 9798 Standard for Entity Authentication David Basin, Cas Cremers the family of entity authentication proto- cols defined by the ISO/IEC 9798 standard and find numerous

Basin, David

209

Robust Smart Card based Password Authentication Scheme against Smart Card Security Breach  

E-Print Network [OSTI]

Robust Smart Card based Password Authentication Scheme against Smart Card Security Breach Ding Wang University, Beijing 100871, China 3 Automobile Management Institute of PLA, Bengbu City 233011, China wangdingg@mail.nankai.edu.cn Abstract. As the most prevailing two-factor authentication mechanism, smart

210

Formal Analysis and Systematic Construction of Two-factor Authentication Scheme  

E-Print Network [OSTI]

, Duncan S. Wong1 , Huaxiong Wang2 , and Xiaotie Deng1 1 Department of Computer Science City University-factor authentication mechanisms is based on smart card and user's password. Throughout the years, there have been many-resistant hash functions. Keywords: Authentication, Password, Smart Card, Guessing Attack 1 Introduction Password

211

eSeal -A System for Enhanced Electronic Assertion of Authenticity and Integrity  

E-Print Network [OSTI]

in the network and a communication protocol. The system is able to control various kinds of integrity settings to claim and assert the authenticity and integrity of goods, documents or other valued objects in storageeSeal - A System for Enhanced Electronic Assertion of Authenticity and Integrity Christian Decker1

Beigl, Michael

212

The TESLA Broadcast Authentication Protocol Adrian Perrig Ran Canetti J. D. Tygar Dawn Song  

E-Print Network [OSTI]

The TESLA Broadcast Authentication Protocol Adrian Perrig Ran Canetti J. D. Tygar Dawn Song presents the TESLA (Timed Efficient Stream Loss-tolerant Authentication) broadcast au- thentication numbers of receivers, and tolerates packet loss. TESLA is based on loose time synchro- nization between

Xu, Wenyuan

213

The TESLA Broadcast Authentication Protocol # Adrian Perrig Ran Canetti J. D. Tygar Dawn Song  

E-Print Network [OSTI]

The TESLA Broadcast Authentication Protocol # Adrian Perrig Ran Canetti J. D. Tygar Dawn Song presents the TESLA (Timed Efficient Stream Loss­tolerant Authentication) broadcast au­ thentication numbers of receivers, and tolerates packet loss. TESLA is based on loose time synchro­ nization between

Perrig, Adrian

214

Proving Correctness of the Basic TESLA Multicast Stream Authentication Protocol with TAME  

E-Print Network [OSTI]

Proving Correctness of the Basic TESLA Multicast Stream Authentication Protocol with TAME Presented, Washington, DC 20375 E-mail: archer@itd.nrl.navy.mil The TESLA multicast stream authentication protocol just been revealed. While an informal argument for the correctness of TESLA has been published

215

CSP, PVS and a Recursive Authentication Protocol Jeremy Bryans and Steve Schneider  

E-Print Network [OSTI]

CSP, PVS and a Recursive Authentication Protocol Jeremy Bryans and Steve Schneider Department In this paper we consider the nature of machine proofs used in the CSP approach to the veri cation of authentication protocols using the process algebra CSP Hoa85]. The CSP syntax provides a natural and precise way

Doran, Simon J.

216

Secure Communication and Authentication Against Off-line Dictionary Attacks in Smart Grid Systems  

E-Print Network [OSTI]

Secure Communication and Authentication Against Off-line Dictionary Attacks in Smart Grid Systems This paper studies the security requirements for remote authentication and communication in smart grid to smart grid systems. For example, in order to unlock the credentials stored in tamper

Wang, Yongge

217

Experimental and Analytic Study on the Core Bypass Flow in a Very High Temperature Reactor  

SciTech Connect (OSTI)

Core bypass flow has been one of key issues in the very high temperature reactor (VHTR) design for securing core thermal margins and achieving target temperatures at the core exit. The bypass flow in a prismatic VHTR core occurs through the control element holes and the radial and axial gaps between the graphite blocks for manufacturing and refueling tolerances. These gaps vary with the core life cycles because of the irradiation swelling/shrinkage characteristic of the graphite blocks such as fuel and reflector blocks, which are main components of a core's structure. Thus, the core bypass flow occurs in a complicated multidimensional way. The accurate prediction of this bypass flow and counter-measures to minimize it are thus of major importance in assuring core thermal margins and securing higher core efficiency. Even with this importance, there has not been much effort in quantifying and accurately modeling the effect of the core bypass flow. The main objectives of this project were to generate experimental data for validating the software to be used to calculate the bypass flow in a prismatic VHTR core, validate thermofluid analysis tools and their model improvements, and identify and assess measures for reducing the bypass flow. To achieve these objectives, tasks were defined to (1) design and construct experiments to generate validation data for software analysis tools, (2) determine the experimental conditions and define the measurement requirements and techniques, (3) generate and analyze the experimental data, (4) validate and improve the thermofluid analysis tools, and (5) identify measures to control the bypass flow and assess its performance in the experiment.

Richard Schultz

2012-04-01T23:59:59.000Z

218

U-097: PHP "php_register_variable_ex()" Code Execution Vulnerability...  

Broader source: Energy.gov (indexed) [DOE]

097: PHP "phpregistervariableex()" Code Execution Vulnerability U-097: PHP "phpregistervariableex()" Code Execution Vulnerability February 7, 2012 - 9:00am Addthis PROBLEM:...

219

U-157: Ruby Mail Gem Directory Traversal and Shell Command Injection Vulnerabilities  

Broader source: Energy.gov [DOE]

Some vulnerabilities have been reported in the Mail gem for Ruby, which can be exploited by malicious people to manipulate certain data and compromise a vulnerable system.

220

E-Print Network 3.0 - attitudes perceived vulnerability Sample...  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

vulnerability Page: << < 1 2 3 4 5 > >> 1 ORIGINAL ARTICLE Perceived Stress and Cognitive Vulnerability Mediate the Summary: ORIGINAL ARTICLE Perceived Stress and Cognitive...

Note: This page contains sample records for the topic "authentication bypass vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


221

T-543: Wireshark 0.8.20 through 1.2.8 Multiple Vulnerabilities...  

Broader source: Energy.gov (indexed) [DOE]

T-527: OpenSC Smart Card Serial Number Multiple Buffer Overflow Vulnerabilities U-202: Apple QuickTime Multiple Stack Overflow Vulnerabilities U-207: Pidgin 'mxitshowmessage()'...

222

Automated Vulnerability Detection for Compiled Smart Grid Software  

SciTech Connect (OSTI)

While testing performed with proper experimental controls can provide scientifically quantifiable evidence that software does not contain unintentional vulnerabilities (bugs), it is insufficient to show that intentional vulnerabilities exist, and impractical to certify devices for the expected long lifetimes of use. For both of these needs, rigorous analysis of the software itself is essential. Automated software behavior computation applies rigorous static software analysis methods based on function extraction (FX) to compiled software to detect vulnerabilities, intentional or unintentional, and to verify critical functionality. This analysis is based on the compiled firmware, takes into account machine precision, and does not rely on heuristics or approximations early in the analysis.

Prowell, Stacy J [ORNL; Pleszkoch, Mark G [ORNL; Sayre, Kirk D [ORNL; Linger, Richard C [ORNL

2012-01-01T23:59:59.000Z

223

Vulnerability and social risk management in India and Mexico  

E-Print Network [OSTI]

The development of effective community, regional and national risk-management strategies, especially for systemic risks, such as natural disasters, entails understanding the determinants of social vulnerability in individuals ...

Flores Ballesteros, Luis

2008-01-01T23:59:59.000Z

224

Chemical-Terrorism Vulnerability Information Guidance Document January 7, 2011  

E-Print Network [OSTI]

.215; Not currently applicable (2) Site Security Plans under §27.225; Not currently applicable (3) Documents relating to the Department's review and approval of Security Vulnerability Assessments and Site Security Plans, including

Pawlowski, Wojtek

225

Advanced Vulnerability Analysis and Intrusion Detection Through Predictive Attack Graphs  

E-Print Network [OSTI]

Advanced Vulnerability Analysis and Intrusion Detection Through Predictive Attack Graphs Steven, without considering how they contribute to overall attack risk. Similarly, intrusion alarms are logged threats, complexity of security data, and network growth. Our approach to network defense applies attack

Noel, Steven

226

Assessing the vulnerability of the fiber infrastructure to disasters  

E-Print Network [OSTI]

Communication networks are vulnerable to natural disasters, such as earthquakes or floods, as well as to physical attacks, such as an Electromagnetic Pulse (EMP) attack. Such real- world events happen in specific geographical ...

Neumayer, Sebastian James

227

Assessing node risk and vulnerability in epidemics on networks  

E-Print Network [OSTI]

Which nodes are most vulnerable to an epidemic spreading through a network, and which carry the highest risk of causing a major outbreak if they are the source of the infection? Here we show how these questions can be answered to good approximation using the cavity method. Several curious properties of node vulnerability and risk are explored: some nodes are more vulnerable than others to weaker infections, yet less vulnerable to stronger ones; a node is always more likely to be caught in an outbreak than it is to start one, except when the disease has a deterministic lifetime; the rank order of node risk depends on the details of the distribution of infectious periods.

Rogers, Tim

2015-01-01T23:59:59.000Z

228

Oil Bypass Filter Technology Evaluation Tenth Quarterly Report JanuaryMarch 2005  

SciTech Connect (OSTI)

This Oil Bypass Filter Technology Evaluation quarterly report (January March 2005) details the ongoing fleet evaluation of oil bypass filter technologies being conducted by the Idaho National Laboratory (INL) for the U.S. Department of Energys FreedomCAR & Vehicle Technologies Program. Eleven INL fourcycle diesel-engine buses and six INL Chevrolet Tahoes with gasoline engines are equipped with oil bypass filter systems. Eight of the buses and the six Tahoes are equipped with oil bypass filters from the puraDYN Corporation; the remaining three buses are equipped with oil bypass filters from Refined Global Solutions. Both the puraDYN and Refined Global Solutions bypass filters have a heating chamber to remove liquid contaminates from the oil. During the January to March 2005 reporting quarter, the eleven diesel engine buses traveled 97,943 miles. As of March 31, 2005, the buses had accumulated 744,059 total test miles. During this quarter, four regularly scheduled 12,000-mile bus servicings were performed. The full-flow and bypass oil filters were changed and oil analysis samples were taken for the four buses. Bus 73446 had its oil changed due to a low total base number value. Bus 73450 had a major engine failure at the beginning of the quarter when one of its pushrods and valves were damaged. Buses 73432 and 73433 were removed from the bypass filter evaluation project and placed into the INL Diesel Engine Idling Wear-Rate Evaluation Test. While a total of nine oil changes on the INL buses occurred during the past 29 months, 53 oil changes have been avoided by using the oil bypass filters. The 53 avoided oil changes equates to 1,855 quarts (464 gallons) of new oil not consumed and 1,855 quarts of waste oil not generated. Therefore, over 85% of the oil normally required for oil-changes was not used, and, consequently, the evaluation achieved a greater than 85% reduction in the amount of waste oil normally generated by the buses. The six Tahoe test vehicles traveled 40,700 miles, and as of March 31, 2005, the Tahoes had accumulated 231,428 total test miles.

Larry Ziker; James Francfort

2005-06-01T23:59:59.000Z

229

Investigation on the Core Bypass Flow in a Very High Temperature Reactor  

SciTech Connect (OSTI)

Uncertainties associated with the core bypass flow are some of the key issues that directly influence the coolant mass flow distribution and magnitude, and thus the operational core temperature profiles, in the very high-temperature reactor (VHTR). Designers will attempt to configure the core geometry so the core cooling flow rate magnitude and distribution conform to the design values. The objective of this project is to study the bypass flow both experimentally and computationally. Researchers will develop experimental data using state-of-the-art particle image velocimetry in a small test facility. The team will attempt to obtain full field temperature distribution using racks of thermocouples. The experimental data are intended to benchmark computational fluid dynamics (CFD) codes by providing detailed information. These experimental data are urgently needed for validation of the CFD codes. The following are the project tasks: Construct a small-scale bench-top experiment to resemble the bypass flow between the graphite blocks, varying parameters to address their impact on bypass flow. Wall roughness of the graphite block walls, spacing between the blocks, and temperature of the blocks are some of the parameters to be tested. Perform CFD to evaluate pre- and post-test calculations and turbulence models, including sensitivity studies to achieve high accuracy. Develop the state-of-the art large eddy simulation (LES) using appropriate subgrid modeling. Develop models to be used in systems thermal hydraulics codes to account and estimate the bypass flows. These computer programs include, among others, RELAP3D, MELCOR, GAMMA, and GAS-NET. Actual core bypass flow rate may vary considerably from the design value. Although the uncertainty of the bypass flow rate is not known, some sources have stated that the bypass flow rates in the Fort St. Vrain reactor were between 8 and 25 percent of the total reactor mass flow rate. If bypass flow rates are on the high side, the quantity of cooling flow through the core may be considerably less than the nominal design value, causing some regions of the core to operate at temperatures in excess of the design values. These effects are postulated to lead to localized hot regions in the core that must be considered when evaluating the VHTR operational and accident scenarios.

Hassan, Yassin

2013-10-22T23:59:59.000Z

230

V-040: Apache Tomcat Bug Lets Remote Users Bypass Security Constraints...  

Broader source: Energy.gov (indexed) [DOE]

ABSTRACT: A vulnerability was reported in Apache Tomcat. REFERENCE LINKS: Apache Tomcat Red Hat Bugzilla - Bug 883634 SecurityTracker Alert ID: 1027833 CVE-2012-3546 IMPACT...

231

Oil Bypass Filter Technology Evaluation, Fourth Quarterly Report, July--September 2003  

SciTech Connect (OSTI)

This fourth Oil Bypass Filter Technology Evaluation report details the ongoing fleet evaluation of an oil bypass filter technology by the Idaho National Engineering and Environmental Laboratory (INEEL) for the U.S. Department of Energys FreedomCAR & Vehicle Technologies Program. Eight four-cycle diesel-engine buses used to transport INEEL employees on various routes have been equipped with oil bypass filter systems from the puraDYN Corporation. The bypass filters are reported to have engine oil filtering capability of <1 micron and a built-in additive package to facilitate extended oil-drain intervals. To date, the eight buses have accumulated 259,398 test miles. This represents an avoidance of 21 oil changes, which equates to 740 quarts (185 gallons) of oil not used or disposed of. To validate the extended oil-drain intervals, an oil-analysis regime evaluates the fitness of the oil for continued service by monitoring the presence of necessary additives, undesirable contaminants, and engine-wear metals. For bus 73450, higher values of iron have been reported, but the wear rate ratio (parts per million of iron per thousand miles driven) has remained consistent. In anticipation of also evaluating oil bypass systems on six Chevrolet Tahoe sport utility vehicles, the oil is being sampled on each of the Tahoes to develop a characterization history or baseline for each engine.

James E. Francfort; Larry Zirker

2003-11-01T23:59:59.000Z

232

Climate variability and climate change vulnerability and adaptation. Workshop summary  

SciTech Connect (OSTI)

Representatives from fifteen countries met in Prague, Czech Republic, on September 11-15, 1995, to share results from the analysis of vulnerability and adaptation to global climate change. The workshop focused on the issues of global climate change and its impacts on various sectors of a national economy. The U.N. Framework Convention on Climate Change (FCCC), which has been signed by more than 150 governments worldwide, calls on signatory parties to develop and communicate measures they are implementing to respond to global climate change. An analysis of a country`s vulnerability to changes in the climate helps it identify suitable adaptation measures. These analyses are designed to determine the extent of the impacts of global climate change on sensitive sectors such as agricultural crops, forests, grasslands and livestock, water resources, and coastal areas. Once it is determined how vulnerable a country may be to climate change, it is possible to identify adaptation measures for ameliorating some or all of the effects.The objectives of the vulnerability and adaptation workshop were to: The objectives of the vulnerability and adaptation workshop were to: Provide an opportunity for countries to describe their study results; Encourage countries to learn from the experience of the more complete assessments and adjust their studies accordingly; Identify issues and analyses that require further investigation; and Summarize results and experiences for governmental and intergovernmental organizations.

Bhatti, N.; Cirillo, R.R. [Argonne National Lab., IL (United States); Dixon, R.K. [U.S. Country Studies Program, Washington, DC (United States)] [and others

1995-12-31T23:59:59.000Z

233

Computations of high-pressure steam flow in the turbine bypass valve  

SciTech Connect (OSTI)

The objective of the present study is to investigate the steam flow behavior through the high-pressure turbine bypass valve. Efforts have mainly been directed at investigating the process of steam flow and property variations aforementioned bypass valve as well as to obtain correlations between the flow rate and the valve opening ratio. Modeling of the high-pressure turbulent steam flow was performed on a three-dimensional non-staggered grid system by employing the finite volume method and by solving the three-dimensional, turbulent, compressible Navier-Stokes, and energy equations. Through this research, numerous data have been acquired and analyzed. These efforts enable one to obtain a correlation data set for the valve opening versus flow rate coefficient of the valve. One of the significant accomplishments is to use the model presented here to further improve a design of a turbine bypass flow valve.

Amano, R.S.; Draxler, G.R.

1999-07-01T23:59:59.000Z

234

Questioning the Meaning of Authenticity in Martin Heidegger's Being and Time  

E-Print Network [OSTI]

, it is necessary to highlight those commitments to phenomenology and hermeneutics that informs Heidegger's effort. The third chapter first introduces the various characterizations of authenticity that Heidegger offers in Being and Time and the problematic meaning...

Liwinski, Thomas

2011-10-21T23:59:59.000Z

235

A Reduction for Automated Veri cation of Authentication Scott D. Stoller  

E-Print Network [OSTI]

A Reduction for Automated Veri cation of Authentication Protocols Scott D. Stoller Computer Science of those case studies were not rigorously justi ed. Reduction theorems are needed, which show

Stoller, Scott

236

The Emotional and Spiritual Dimensions of Being a Pastor: Authenticity and Identity  

E-Print Network [OSTI]

Emotional labor and its influence on authenticity and identity amongst human service workers has been the focus of numerous studies. Often these studies viewed identity as a stable sense of self. This study set out to examine emotional labor amongst...

Otey, Penny Addison

2011-10-21T23:59:59.000Z

237

Subverting value hierarchies : essays on the causes and responses to shifts in demand for authenticity  

E-Print Network [OSTI]

This dissertation includes three essays on the causes and responses to shifts in demand for authenticity. In the first chapter, I answer the question: why do previously cast-off products, practices, or styles abruptly ...

Hahl, Oliver (Oliver Douglas)

2013-01-01T23:59:59.000Z

238

Anonymous, authentic, and accountable resource management based on the E-cash paradigm  

E-Print Network [OSTI]

AAA Anonymity, Authenticity, Accountability BC Binary Code BRGC Binary Reflected Gray Code CA Central Authority DHT Distributed Hashing Table DSI Double Spending Identification DVS Delegation Key, Verification Key, Secret Share GDA General... Disposable Authentication GDM General Divisibility Model GTM General Transferability Model MLBF Multi-Layer Bloom Filter KDM Key Dependency Map MSR Multi-Source Reusability P2P Peer-to-Peer RC Random Code SH Secret Handshake SOA Service Oriented...

Lam, Tak Cheung

2009-05-15T23:59:59.000Z

239

Multi-Objective Analysis for Ecosystem Reconciliation on an Engineered Floodplain: The Yolo Bypass in California's Central Valley  

E-Print Network [OSTI]

i Multi-Objective Analysis for Ecosystem Reconciliation on an Engineered Floodplain: The Yolo on an Engineered Floodplain: the Yolo Bypass in California's Central Valley Abstract Floodplains in California. Results suggest several land use changes and inundation management strategies on the Yolo Bypass that can

Pasternack, Gregory B.

240

Chemical Safety Vulnerability Working Group report. Volume 1  

SciTech Connect (OSTI)

The Chemical Safety Vulnerability (CSV) Working Group was established to identify adverse conditions involving hazardous chemicals at DOE facilities that might result in fires or explosions, release of hazardous chemicals to the environment, or exposure of workers or the public to chemicals. A CSV Review was conducted in 148 facilities at 29 sites. Eight generic vulnerabilities were documented related to: abandoned chemicals and chemical residuals; past chemical spills and ground releases; characterization of legacy chemicals and wastes; disposition of legacy chemicals; storage facilities and conditions; condition of facilities and support systems; unanalyzed and unaddressed hazards; and inventory control and tracking. Weaknesses in five programmatic areas were also identified related to: management commitment and planning; chemical safety management programs; aging facilities that continue to operate; nonoperating facilities awaiting deactivation; and resource allocations. Volume 1 contains the Executive summary; Introduction; Summary of vulnerabilities; Management systems weaknesses; Commendable practices; Summary of management response plan; Conclusions; and a Glossary of chemical terms.

Not Available

1994-09-01T23:59:59.000Z

Note: This page contains sample records for the topic "authentication bypass vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


241

EFFECTS OF GRAPHITE SURFACE ROUGHNESS ON BYPASS FLOW COMPUTATIONS FOR AN HTGR  

SciTech Connect (OSTI)

Bypass flow in a prismatic high temperature gas reactor (HTGR) occurs between graphite blocks as they sit side by side in the core. Bypass flow is not intentionally designed to occur in the reactor, but is present because of tolerances in manufacture, imperfect installation and expansion and shrinkage of the blocks from heating and irradiation. It is desired to increase the knowledge of the effects of such flow, which has been estimated to be as much as 20% of the total helium coolant flow. Computational fluid dynamic (CFD) simulations can provide estimates of the scale and impacts of bypass flow. Previous CFD calculations have examined the effects of bypass gap width, level and distribution of heat generation and effects of shrinkage. The present contribution examines the effects of graphite surface roughness on the bypass flow for different relative roughness factors on three gap widths. Such calculations should be validated using specific bypass flow measurements. While such experiments are currently underway for the specific reference prismatic HTGR design for the next generation nuclear plant (NGNP) program of the U. S. Dept. of Energy, the data are not yet available. To enhance confidence in the present calculations, wall shear stress and heat transfer results for several turbulence models and their associated wall treatments are first compared for flow in a single tube that is representative of a coolant channel in the prismatic HTGR core. The results are compared to published correlations for wall shear stress and Nusselt number in turbulent pipe flow. Turbulence models that perform well are then used to make bypass flow calculations in a symmetric onetwelfth sector of a prismatic block that includes bypass flow. The comparison of shear stress and Nusselt number results with published correlations constitutes a partial validation of the CFD model. Calculations are also compared to ones made previously using a different CFD code. Results indicate that increasing surface roughness increases the maximum fuel and helium temperatures as do increases in gap width. However, maximum coolant temperature variation due to increased gap width is not changed by surface roughness.

Rich Johnson; Yu-Hsin Tung; Hiroyuki Sato

2011-07-01T23:59:59.000Z

242

Oil Bypass Filter Technology Evaluation Ninth Quarterly Report OctoberDecember 2004  

SciTech Connect (OSTI)

This Oil Bypass Filter Technology Evaluation quarterly report (OctoberDecember 2004) details the ongoing fleet evaluation of oil bypass filter technologies being conducted by the Idaho National Laboratory (INL; formerly Idaho National Engineering and Environmental Laboratory) for the U.S. Department of Energys FreedomCAR & Vehicle Technologies Program. Eight INL four-cycle diesel-engine buses used to transport INL employees on various routes and six INL Chevrolet Tahoes with gasoline engines are equipped with oil bypass filter systems from the puraDYN Corporation. This quarter, three additional buses were equipped with bypass filters from Refined Global Solutions. Oil bypass filters are reported to have an engine oil filtering capability of less than 1 micron. Both the puraDYN and Refined Global Solutions bypass filters have a heating chamber to remove liquid contaminate from the oil. During the quarter, the eleven diesel engine buses traveled 62,188 miles, and as of January 3, 2005 the buses had accumulated 643,036 total test miles. Two buses had their engine oil changed this quarter. In one bus, the oil was changed due to its degraded quality as determined by a low total base number (<3.0 mg KOH/g). The other bus had high oxidation and nitration numbers (>30.0 Abs/cm). Although a total of six buses have had their oil changed during the last 26 months, by using the oil bypass filters the buses in the evaluation avoided 48 oil changes, which equates to 1,680 quarts (420 gallons) of new oil not consumed and 1,680 quarts of waste oil not generated. Therefore, over 80% of the oil normally required for oil-changes was not used, and, consequently, the evaluation achieved over 80% reduction in the amount of waste oil normally generated. The six Tahoe test vehicles traveled 39,514 miles, and as of January 3, 2005 the Tahoes had accumulated 189,970 total test miles. The Tahoe filter test is in transition. To increase the rate of bypass filter oil flow on the Tahoes, puraDYN provided a larger orifice assembly, and these are being changed out as the Tahoes come in for regular service.

Larry Zirker; James Francfort; Jordan Fielding

2005-02-01T23:59:59.000Z

243

Endovascular Treatment of a Coronary Artery Bypass Graft to Pulmonary Artery Fistula with Coil Embolization  

SciTech Connect (OSTI)

Fistula formation between a coronary artery bypass graft (CABG)and the pulmonary arterial circulation represents a rare cause of recurrent angina in patients following bypass grafting. Therapy has traditionally involved surgical ligation by open thoracotomy. We describe a case of left internal mammary artery-left upper lobe pulmonary artery fistula presenting as early recurrent angina following CABG. The fistula was embolized using platinum coils, resulting in symptomatic relief and improvement in myocardial perfusion on cardiac perfusion scintigraphy. Coil embolization should be considered a therapeutic option in patients with coronary-pulmonary steal syndrome.

Nielson, Jeffery L., E-mail: nielson@uhrad.com; Kang, Preet S. [University Hospitals of Cleveland and Veterans Administration Medical Center-Cleveland, Case Western Reserve University, Departments of Radiology (United States)

2006-04-15T23:59:59.000Z

244

AUTHENTICATED SENSOR INTERFACE DEVICE FOR JOINT USE SAFEGUARDS APPLICATIONS - CONCEPTS AND CHALLENGES  

SciTech Connect (OSTI)

This paper will discuss the key features of the Authenticated Sensor Interface Device that collectively provide the ability to share data among a number of parties while ensuring the authentication of data and protecting both the operators and the IAEAs interests. The paper will also discuss the development of the prototype, the initial testing with an accountancy scale, and future plans and challenges to implementation into the joint use and remote monitoring applications. As nuclear fuel cycle technology becomes more prevalent throughout the world and the capacity of plants increases, limited resources of the IAEA are being stretched near a breaking point. A strategy is to increase efficiency in safeguards monitoring using joint use equipment that will provide the facility operator process data while also providing the IAEA key safeguards data. The data, however, must be authenticated and validated to ensure the data have not been tampered with. The Authenticated Sensor Interface Device provides the capability to share data and can be a valuable component in the IAEAs ability to collect accountancy data from scales in Uranium conversion and enrichment plants, as well as nuclear fuel fabrication plants. Likewise, the Authenticated Sensor Interface Device can be configured to accept a diverse array of input signals, ranging from analog voltage, to current, to digital interfaces and more. These modular capabilities provide the ability to collect authenticated, joint-use, data streams from various process monitoring sensors.

Poland, R.; Drayer, R.; Wilson, J.

2013-08-12T23:59:59.000Z

245

Vulnerability Analysis Considerations for the Transportation of Special Nuclear Material  

SciTech Connect (OSTI)

The vulnerability analysis methodology developed for fixed nuclear material sites has proven to be extremely effective in assessing associated transportation issues. The basic methods and techniques used are directly applicable to conducting a transportation vulnerability analysis. The purpose of this paper is to illustrate that the same physical protection elements (detection, delay, and response) are present, although the response force plays a dominant role in preventing the theft or sabotage of material. Transportation systems are continuously exposed to the general public whereas the fixed site location by its very nature restricts general public access.

Nicholson, Lary G.; Purvis, James W.

1999-07-21T23:59:59.000Z

246

Experimental Investigation of Microwave Vulnerabilities in CMOS Inverters  

E-Print Network [OSTI]

Experimental Investigation of Microwave Vulnerabilities in CMOS Inverters Agis A. Iliadis effects on single CMOS inverters, the fundamental building block of logic ICs, consisting of an NMOS and a PMOS transistor. The inverters were designed in our group and fabricated in the AMI-1.5µm MOSIS line

Anlage, Steven

247

Climate Change: Conflict, Security and Vulnerability Professor of Climate Change  

E-Print Network [OSTI]

Climate Change: Conflict, Security and Vulnerability Mike Hulme Professor of Climate Change Science, Society and Sustainability Group School of Environmental Sciences Rethinking Climate Change, Conflict security" "increase risk of conflicts among and within nations" #12;· from `climatic change' to `climate-change

Hulme, Mike

248

NV: Nessus Vulnerability Visualization for the Web Lane Harrison  

E-Print Network [OSTI]

NV: Nessus Vulnerability Visualization for the Web Lane Harrison Oak Ridge National Laboratory Oak Ridge TN, USA harrisonlt@ornl.gov Riley Spahn Oak Ridge National Laboratory Oak Ridge TN, USA spahnrb1@ornl.gov Mike Iannacone Oak Ridge National Laboratory Oak Ridge TN, USA iannaconemd@ornl.gov Evan

Kaiser, Gail E.

249

Vulnerability of Hydropower Projects to Climate Change Revision: 20th  

E-Print Network [OSTI]

Vulnerability of Hydropower Projects to Climate Change Revision: 20th December 2001 Dr Gareth P and increased use of renewable sources including hydropower. Paradoxically, climate change itself may alter role in whether emissions cuts are achieved. 2. Climate Change and Hydropower A rising demand

Harrison, Gareth

250

Climate Change, Agriculture and Poverty Vulnerabilityand Poverty Vulnerability  

E-Print Network [OSTI]

Climate Change, Agriculture and Poverty Vulnerabilityand Poverty Vulnerability Presentation by-Medium-High productivity Implications for agricultural production, trade and poverty The issue of climate volatility Impact of extreme climate events on poverty #12;Climate Science Debate Detection: - Little doubt about

251

Increasing Automated Vulnerability Assessment Accuracy on Cloud and Grid Middleware  

E-Print Network [OSTI]

Hadron Collider by the CERN, up to industrial (water, power, electricity, oil, gas, etc.) distributed of critical and complex vulnerabilities. In addition, frequently middleware systems bases their security are safe. Therefore, security of distributed systems have been placed under the watchful eye of security

Miller, Barton P.

252

THE CRESCENT BYPASS: A RIPARIAN RESTORATION PROJECT ON THE KINGS RIVER (FRESNO COUNTY)1  

E-Print Network [OSTI]

THE CRESCENT BYPASS: A RIPARIAN RESTORATION PROJECT ON THE KINGS RIVER (FRESNO COUNTY)1 Jonathan A-24, 1988; Davis, California. 2 Staff Biologist and Environmental Division Chief, respectively, Kings River Conservation District, Fresno, Calif. Abstract: The Kings River Conservation District planted over 1200 plants

Standiford, Richard B.

253

T-731:Symantec IM Manager Code Injection Vulnerability | Department of  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Delicious RankCombustion |Energy Usage »of Energy StrainClient update resolve multipleAuthenticationEnergy

254

Energy as a Framework for Prioritizing Conservation Vulnerabilities and Management Strategies  

E-Print Network [OSTI]

Energy as a Framework for Prioritizing Conservation Vulnerabilities and Management Strategies for Prioritizing Management #12;Low-Energy Ecoregions: Greater Yellowstone Energy Richness Conservation Category systems may be vulnerable to human activities. #12;-difficult for managers to crystallize key conservation

Hansen, Andrew J.

255

T-532: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution  

Broader source: Energy.gov [DOE]

Microsoft is investigating new public reports of a vulnerability in the Windows Graphics Rendering Engine. An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the logged-on user.

256

TO APPEAR IN IEEE TRANSACTIONS ON POWER SYSTEMS 1 Vulnerability Assessment of Cybersecurity for  

E-Print Network [OSTI]

TO APPEAR IN IEEE TRANSACTIONS ON POWER SYSTEMS 1 Vulnerability Assessment of Cybersecurity Govindarasu, Member, IEEE Abstract--Vulnerability assessment is a requirement of NERC's cybersecurity within the substation networks. Countermeasures are identified for improvement of the cybersecurity

Manimaran, Govindarasu

257

U-069: Telnet code execution vulnerability: FreeBSD and Kerberos  

Broader source: Energy.gov [DOE]

Vulnerability was reported in FreeBSD Telnet. A remote user can execute arbitrary code on the target system.

258

Climate Change Vulnerability of Native and Alien Freshwater Fishes of California: A Systematic Assessment  

E-Print Network [OSTI]

Climate Change Vulnerability of Native and Alien Freshwater Fishes of California: A Systematic and climate change vulnerability scores were derived for 121 native and 43 alien fish species. The two scores baseline and greater climate change vulnerability than did alien species. Fifty percent of California

259

ISS-011, Vulnerability Assessment Standard 1/3 UCIT INFORMATION SECURITY STANDARDS  

E-Print Network [OSTI]

ISS-011, Vulnerability Assessment Standard 1/3 UCIT INFORMATION SECURITY STANDARDS Vulnerability Assessment Standard Rationale 1 To enable timely identification and mitigation of vulnerabilities and security flaws affecting computing devices within UofC's computing environment. Scope 2 2.1 This standard

Habib, Ayman

260

Vulnerability of Xylem Vessels to Cavitation in Sugar Maple. Scaling from Individual Vessels to  

E-Print Network [OSTI]

Vulnerability of Xylem Vessels to Cavitation in Sugar Maple. Scaling from Individual Vessels 02318 (M.A.Z., N.M.H.) The relation between xylem vessel age and vulnerability to cavitation of sugar-related changes in vulnerability to the overall resistance to cavitation, we combined data on the pressure

Melcher, Peter

Note: This page contains sample records for the topic "authentication bypass vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


261

Climate Change and Infrastructure, Urban Systems, and Vulnerabilities  

SciTech Connect (OSTI)

This Technical Report on Climate Change and Infrastructure, Urban Systems, and Vulnerabilities has been prepared for the U.S. Department of Energy by the Oak Ridge National Laboratory in support of the U.S. National Climate Assessment (NCA). It is a summary of the currently existing knowledge base on its topic, nested within a broader framing of issues and questions that need further attention in the longer run. The report arrives at a number of assessment findings, each associated with an evaluation of the level of consensus on that issue within the expert community, the volume of evidence available to support that judgment, and the section of the report that provides an explanation for the finding. Cross-sectoral issues related to infrastructures and urban systems have not received a great deal of attention to date in research literatures in general and climate change assessments in particular. As a result, this technical report is breaking new ground as a component of climate change vulnerability and impact assessments in the U.S., which means that some of its assessment findings are rather speculative, more in the nature of propositions for further study than specific conclusions that are offered with a high level of confidence and research support. But it is a start in addressing questions that are of interest to many policymakers and stakeholders. A central theme of the report is that vulnerabilities and impacts are issues beyond physical infrastructures themselves. The concern is with the value of services provided by infrastructures, where the true consequences of impacts and disruptions involve not only the costs associated with the clean-up, repair, and/or replacement of affected infrastructures but also economic, social, and environmental effects as supply chains are disrupted, economic activities are suspended, and/or social well-being is threatened. Current knowledge indicates that vulnerability concerns tend to be focused on extreme weather events associated with climate change that can disrupt infrastructure services, often cascading across infrastructures because of extensive interdependencies threatening health and local economies, especially in areas where human populations and economic activities are concentrated in urban areas. Vulnerabilities are especially large where infrastructures are subject to multiple stresses, beyond climate change alone; when they are located in areas vulnerable to extreme weather events; and if climate change is severe rather than moderate. But the report also notes that there are promising approaches for risk management, based on emerging lessons from a number of innovative initiatives in U.S. cities and other countries, involving both structural and non-structural (e.g., operational) options.

Wilbanks, Thomas J [ORNL] [ORNL; Fernandez, Steven J [ORNL] [ORNL

2014-01-01T23:59:59.000Z

262

PAP: A privacy and authentication protocol for passive RFID tags Alex X. Liu *, LeRoy A. Bailey  

E-Print Network [OSTI]

people about consumer privacy protection and other security loopholes that make RFID tags an easy targetPAP: A privacy and authentication protocol for passive RFID tags Alex X. Liu *, LeRoy A. Bailey 2009 Accepted 20 March 2009 Available online 31 March 2009 Keywords: RFID Privacy Authentication

Liu, Alex X.

263

A Proof of Concept Implementation of SSL/TLS Session-Aware User Authentication (TLS-SA)  

E-Print Network [OSTI]

A Proof of Concept Implementation of SSL/TLS Session-Aware User Authentication (TLS-SA) Rolf, CH-8005 Zurich Abstract Most SSL/TLS-based e-commerce applications employ con- ventional mechanisms for user authentication. These mechanisms--if de- coupled from SSL/TLS session establishment

Basin, David

264

A Tree-Based TESLA Broadcast Authentication for Sensor Networks Donggang Liu Peng Ning Sencun Zhu Sushil Jajodia  

E-Print Network [OSTI]

A Tree-Based µTESLA Broadcast Authentication for Sensor Networks Donggang Liu Peng Ning Sencun Zhu to multiple nodes in an authenticated way. µTESLA and multi-level µTESLA have been proposed to provide of senders. Though multi-level µTESLA schemes can scale up to large sensor networks (in terms of receivers

Zhu, Sencun

265

Probabilistic Non-Repudiation for Source Authentication with TESLA Certificates in Hybrid Satellite/Wireless Networks and  

E-Print Network [OSTI]

Probabilistic Non-Repudiation for Source Authentication with TESLA Certificates in Hybrid Satellite describe a novel non-repudiation mechanism for an authentication protocol based on the extended TESLA to this problem, we have proposed a new class of lightweight, symmetric key certificates called extended TESLA

Baras, John S.

266

Probabilistic Vulnerability Assessment Based on Power Flow and Voltage Distribution  

SciTech Connect (OSTI)

Risk assessment of large scale power systems has been an important problem in power system reliability study. Probabilistic technique provides a powerful tool to solve the task. In this paper, we present the results of a study on probabilistic vulnerability assessment on WECC system. Cumulant based expansion method is applied to obtain the probabilistic distribution function (PDF) and cumulative distribution function (CDF) of power flows on transmission lines and voltage. Overall risk index based on the system vulnerability analysis is calculated using the WECC system. The simulation results based on WECC system is used to demonstrate the effectiveness of the method. The methodology can be applied to the risk analysis on large scale power systems.

Ma, Jian; Huang, Zhenyu; Wong, Pak C.; Ferryman, Thomas A.

2010-04-30T23:59:59.000Z

267

Vulnerability assessment of water supply systems for insufficient fire flows  

E-Print Network [OSTI]

VULNERABILITY ASSESSMENT OF WATER SUPPLY SYSTEMS FOR INSUFFICIENT FIRE FLOWS A Thesis by LUFTHANSA RAHMAN KANTA Submitted to the Office of Graduate Studies of Texas A&M University in partial fulfillment of the requirements... Studies of Texas A&M University in partial fulfillment of the requirements for the degree of MASTER OF SCIENCE Approved by: Chair of Committee, Kelly Brumbelow Committee Members, Francisco Olivera Sergiy Butenko Head of Department...

Kanta, Lufthansa Rahman

2009-05-15T23:59:59.000Z

268

T-613: Microsoft Excel Axis Properties Remote Code Execution Vulnerability  

Broader source: Energy.gov [DOE]

Microsoft Excel is prone to a remote code-execution vulnerability because the applications fails to sufficiently validate user-supplied input. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the application. Failed exploit attempts will result in a denial-of-service condition.

269

T-682:Double free vulnerability in MapServer  

Broader source: Energy.gov [DOE]

MapServer developers have discovered flaws in the OGC filter support in MapServer. Specific code is used in support of WFS, WMS-SLD and SOS specifications. All versions may be susceptible to SQL injection under certain circumstances. The extent of the vulnerability depends on the MapServer version, relational database and mapfile configuration being used. All users are strongly encouraged to upgrade to these latest releases.

270

Colombia-Cartagena Vulnerability Assessment | Open Energy Information  

Open Energy Info (EERE)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Office of Inspector GeneralDepartmentAUDITOhioOglesby,Sullivan,Information Feed JumpCartagena Vulnerability

271

Report to Congress on Insular Area energy vulnerability  

SciTech Connect (OSTI)

This report was prepared in response to Section 1406 of the Energy Policy Act of 1992 (Public Law 102-486), which directed the Department of Energy (DOE) to ``conduct a study of the implications of the unique vulnerabilities of the insular areas to an oil supply disruption,`` and to ``outline how the insular areas shall gain access to vital oil supplies during times of national emergency.`` The Act defines the insular areas to be the US Virgin Islands and Puerto Rico in the Caribbean, and Guam, American Samoa, the Commonwealth of the Northern Mariana Islands (CNMI), and Palau in the Pacific. In the study, ``unique vulnerabilities`` were defined as susceptibility to: (1) more frequent or more likely interruptions of oil supplies compared to the US Mainland, and/or (2) disproportionately larger or more likely economic losses in the event of an oil supply disruption. In order to assess unique vulnerabilities, the study examined the insular areas` experience during past global disruptions of oil supplies and during local emergencies caused by natural disasters. The effects of several possible future global disruptions and local emergencies were also analyzed. Analyses were based on historical data, simulations using energy and economic models, and interviews with officials in the insular governments and the energy industry.

Not Available

1994-05-01T23:59:59.000Z

272

Climate Change Vulnerability Assessment for Idaho National Laboratory  

SciTech Connect (OSTI)

The University of Idaho (UI) was asked to participate in the development of a climate change vulnerability assessment for Idaho National Laboratory (INL). This report describes the outcome of that assessment. The climate change happening now, due in large part to human activities, is expected to continue in the future. UI and INL used a common framework for assessing vulnerability that considers exposure (future climate change), sensitivity (system or component responses to climate), impact (exposure combined with sensitivity), and adaptive capacity (capability of INL to modify operations to minimize climate change impacts) to assess vulnerability. Analyses of climate change (exposure) revealed that warming that is ongoing at INL will continue in the coming decades, with increased warming in later decades and under scenarios of greater greenhouse gas emissions. Projections of precipitation are more uncertain, with multi model means exhibiting somewhat wetter conditions and more wet days per year. Additional impacts relevant to INL include estimates of more burned area and increased evaporation and transpiration, leading to reduced soil moisture and plant growth.

Christopher P. Ischay; Ernest L. Fossum; Polly C. Buotte; Jeffrey A. Hicke; Alexander Peterson

2014-10-01T23:59:59.000Z

273

Heart-to-Heart (H2H): Authentication for Implanted Medical Devices  

E-Print Network [OSTI]

Heart-to-Heart (H2H): Authentication for Implanted Medical Devices Masoud Rostami Rice University Rice University Houston, TX farinaz@rice.edu ABSTRACT We present Heart-to-Heart (H2H), a system patients to over-the-air attack and physical harm. H2H makes use of ECG (heartbeat data

274

A Localized Authentication, Authorization, and Accounting (AAA) Protocol for Mobile Hotspots  

E-Print Network [OSTI]

of authentication, authorization, and accounting (AAA) protocol, which is a core technology for public mobile mobile hotspots. I. INTRODUCTION With the advances of wireless access technologies (e.g., 3G, IEEE 802 hotspots [3] [4] [5]. In terms of mobility management, the Internet Engineering Task Force (IETF) has

Paris-Sud XI, Universit de

275

Reliable and Semi-reliable Communication with Authentication in Mobile Ad Hoc Networks  

E-Print Network [OSTI]

Reliable and Semi-reliable Communication with Authentication in Mobile Ad Hoc Networks Falko of wireless ad hoc sensor networks is the error-proneness and, therefore, the unreliability of communication describe a new approach and an according protocol for usage in ad hoc networks that provides reliable

Breu, Ruth

276

SSL/TLS Session-Aware User Authentication--Or How to Effectively Thwart  

E-Print Network [OSTI]

SSL/TLS Session-Aware User Authentication--Or How to Effectively Thwart the Man-in-the-Middle Rolf@inf.ethz.ch Abstract. Man-in-the-middle attacks pose a serious threat to SSL/TLS- based electronic commerce mechanisms fail to provide protection against this type of attack, even when they run on top of SSL

Basin, David

277

Project List 1. Project Name: Efficient Anonymous Private Authentication Protocol for RFID Systems  

E-Print Network [OSTI]

based authentication. Publication: Md. Endadul Hoque, Farzana Rahman, and Sheikh I. Ahamed, "Anon's geocoding and mapping API. Publication: Farzana Rahman, Casey O'Brien, Sheikh I. Ahamed, He Zhang'Brien, Kristine Manning, Jason Cowdy, Sheikh Iqbal Ahamed, "Let EcoDrive be Your Guide: Development of a Mobile

Brylow, Dennis

278

Cryptanalysis of an IDbased Password Authentication Scheme using Smart Cards and  

E-Print Network [OSTI]

Cryptanalysis of an IDbased Password Authentication Scheme using Smart Cards and Fingerprints Michael Scott School of Computer Applications Dublin City University Ballymun, Dublin 9, Ireland. mike two IDbased password authen tication schemes for logging onto a remote network server using smart

279

All Your Face Are Belong to Us: Breaking Facebook's Social Authentication  

E-Print Network [OSTI]

All Your Face Are Belong to Us: Breaking Facebook's Social Authentication Iasonas Polakis FORTH adversaries from compromising accounts using stolen credentials. Facebook has recently released a two can obtain the information needed to solve the chal- lenges presented by Facebook. We implement

Yang, Junfeng

280

Simplified authenticated key exchange based on the q(th) root problem  

SciTech Connect (OSTI)

Finding a q{sup th} root in GF(p), where p and q are prunes, q is large and q{sup 2} divides (p{minus}1) is a difficult problem equivalent to the discrete logarithm problem using an element of order q as the base. This paper describes an authenticated key exchange algorithm utilizing this hard problem.

JOHNSTON,ANNA M.; GEMMELL,PETER S.

2000-02-29T23:59:59.000Z

Note: This page contains sample records for the topic "authentication bypass vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


281

An Innovative Solution for Cloud Computing Authentication: Grids of EAP-TLS Smart Cards  

E-Print Network [OSTI]

An Innovative Solution for Cloud Computing Authentication: Grids of EAP-TLS Smart Cards Pascal clients. This paper aims to solve this issue by proposing an innovative paradigm based on a grid of smart the scalability of this server linked to smart card grids whose distributed computation manages the concurrence

Paris-Sud XI, Université de

282

Security by Spatial Reference: Using Relative Positioning to Authenticate Devices for  

E-Print Network [OSTI]

to connect their personal devices with devices encountered in their environment in order to take advantage the interaction of their personal device with the intended target device. They must be able to ascertainSecurity by Spatial Reference: Using Relative Positioning to Authenticate Devices for Spontaneous

Hazas, Mike

283

ECG-Based Authentication Fahim Sufi, Ibrahim Khalil, and Jiankun Hu  

E-Print Network [OSTI]

ECG-Based Authentication Fahim Sufi, Ibrahim Khalil, and Jiankun Hu 17 Contents 17.1 Background of ECG . . . . . . . . . . . . . . . . . . . . . . 310 17.1.1 Physiology of ECG . . . . . . . . . . . . . . . . . . 310 17.1.2 Rhythm Analysis . . . . . . . . . . . . . . . . . . . . 312 17.2 What Can ECG Based

Hu, Jiankun

284

U-159: Red Hat Enterprise MRG Messaging Qpid Bug Lets Certain...  

Broader source: Energy.gov (indexed) [DOE]

9: Red Hat Enterprise MRG Messaging Qpid Bug Lets Certain Remote Users Bypass Authentication U-159: Red Hat Enterprise MRG Messaging Qpid Bug Lets Certain Remote Users Bypass...

285

U-031: Microsoft Active Directory CRL Validation Flaw Lets Remote...  

Broader source: Energy.gov (indexed) [DOE]

1: Microsoft Active Directory CRL Validation Flaw Lets Remote Users Bypass Authentication U-031: Microsoft Active Directory CRL Validation Flaw Lets Remote Users Bypass...

286

JC3 | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

keeps track of UDP packets within memory. November 9, 2011 U-031: Microsoft Active Directory CRL Validation Flaw Lets Remote Users Bypass Authentication A remote user can bypass...

287

JC3 Bulletin Archive | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

keeps track of UDP packets within memory. November 9, 2011 U-031: Microsoft Active Directory CRL Validation Flaw Lets Remote Users Bypass Authentication A remote user can bypass...

288

Water vulnerabilities for existing coal-fired power plants.  

SciTech Connect (OSTI)

This report was funded by the U.S. Department of Energy's (DOE's) National Energy Technology Laboratory (NETL) Existing Plants Research Program, which has an energy-water research effort that focuses on water use at power plants. This study complements the Existing Plants Research Program's overall research effort by evaluating water issues that could impact power plants. Water consumption by all users in the United States over the 2005-2030 time period is projected to increase by about 7% (from about 108 billion gallons per day [bgd] to about 115 bgd) (Elcock 2010). By contrast, water consumption by coal-fired power plants over this period is projected to increase by about 21% (from about 2.4 to about 2.9 bgd) (NETL 2009b). The high projected demand for water by power plants, which is expected to increase even further as carbon-capture equipment is installed, combined with decreasing freshwater supplies in many areas, suggests that certain coal-fired plants may be particularly vulnerable to potential water demand-supply conflicts. If not addressed, these conflicts could limit power generation and lead to power disruptions or increased consumer costs. The identification of existing coal-fired plants that are vulnerable to water demand and supply concerns, along with an analysis of information about their cooling systems and related characteristics, provides information to help focus future research and development (R&D) efforts to help ensure that coal-fired generation demands are met in a cost-effective manner that supports sustainable water use. This study identified coal-fired power plants that are considered vulnerable to water demand and supply issues by using a geographical information system (GIS) that facilitated the analysis of plant-specific data for more than 500 plants in the NETL's Coal Power Plant Database (CPPDB) (NETL 2007a) simultaneously with 18 indicators of water demand and supply. Two types of demand indicators were evaluated. The first type consisted of geographical areas where specific conditions can generate demand vulnerabilities. These conditions include high projected future water consumption by thermoelectric power plants, high projected future water consumption by all users, high rates of water withdrawal per square mile (mi{sup 2}), high projected population increases, and areas projected to be in a water crisis or conflict by 2025. The second type of demand indicator was plant specific. These indicators were developed for each plant and include annual water consumption and withdrawal rates and intensities, net annual power generation, and carbon dioxide (CO{sub 2}) emissions. The supply indictors, which are also area based, include areas with low precipitation, high temperatures, low streamflow, and drought. The indicator data, which were in various formats (e.g., maps, tables, raw numbers) were converted to a GIS format and stored, along with the individual plant data from the CPPDB, in a single GIS database. The GIS database allowed the indicator data and plant data to be analyzed and visualized in any combination. To determine the extent to which a plant would be considered 'vulnerable' to a given demand or supply concern (i.e., that the plant's operations could be affected by water shortages represented by a potential demand or supply indicator), criteria were developed to categorize vulnerability according to one of three types: major, moderate, or not vulnerable. Plants with at least two major demand indicator values and/or at least four moderate demand indicator values were considered vulnerable to demand concerns. By using this approach, 144 plants were identified as being subject to demand concerns only. Plants with at least one major supply indicator value and/or at least two moderate supply indicator values were considered vulnerable to supply concerns. By using this approach, 64 plants were identified as being subject to supply concerns only. In addition, 139 plants were identified as subject to both demand and supply concerns. Therefore, a total of 347 plants were considere

Elcock, D.; Kuiper, J.; Environmental Science Division

2010-08-19T23:59:59.000Z

289

T-694: IBM Tivoli Federated Identity Manager Products Multiple Vulnerabilities  

Broader source: Energy.gov [DOE]

This Security Alert addresses a serious security issue CVE-2010-4476 (Java Runtime Environment hangs when converting "2.2250738585072012e-308" to a binary floating-point number). This vulnerability might cause the Java Runtime Environment to hang, be in infinite loop, and/or crash resulting in a denial of service exposure. This same hang might occur if the number is written without scientific notation (324 decimal places). In addition to the Application Server being exposed to this attack, any Java program using the Double.parseDouble method is also at risk of this exposure including any customer written application or third party written application.

290

V-207: Wireshark Multiple Denial of Service Vulnerabilities | Department of  

Broader source: Energy.gov (indexed) [DOE]

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "ofEarly Career Scientists' Research Petroleum ReserveDepartmentScriptingVulnerabilities | Department

291

V-208: Google Chrome Multiple Vulnerabilities | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "ofEarly Career Scientists' Research Petroleum ReserveDepartmentScriptingVulnerabilities | Department Multiple

292

V-214: Mozilla Firefox Multiple Vulnerabilities | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "ofEarly Career Scientists' Research Petroleum ReserveDepartmentScriptingVulnerabilities |Energy

293

V-216: Drupal Monster Menus Module Security Bypass and Script Insertion  

Broader source: Energy.gov (indexed) [DOE]

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "ofEarly Career Scientists' Research Petroleum ReserveDepartmentScriptingVulnerabilitiesVulnerabilities |

294

Chemical Safety Vulnerability Working Group report. Volume 2  

SciTech Connect (OSTI)

The Chemical Safety Vulnerability (CSV) Working Group was established to identify adverse conditions involving hazardous chemicals at DOE facilities that might result in fires or explosions, release of hazardous chemicals to the environment, or exposure of workers or the public to chemicals. A CSV Review was conducted in 148 facilities at 29 sites. Eight generic vulnerabilities were documented related to: abandoned chemicals and chemical residuals; past chemical spills and ground releases; characterization of legacy chemicals and wastes; disposition of legacy chemicals; storage facilities and conditions; condition of facilities and support systems; unanalyzed and unaddressed hazards; and inventory control and tracking. Weaknesses in five programmatic areas were also identified related to: management commitment and planning; chemical safety management programs; aging facilities that continue to operate; nonoperating facilities awaiting deactivation; and resource allocations. Volume 2 consists of seven appendices containing the following: Tasking memorandums; Project plan for the CSV Review; Field verification guide for the CSV Review; Field verification report, Lawrence Livermore National Lab.; Field verification report, Oak Ridge Reservation; Field verification report, Savannah River Site; and the Field verification report, Hanford Site.

Not Available

1994-09-01T23:59:59.000Z

295

Chemical Safety Vulnerability Working Group report. Volume 3  

SciTech Connect (OSTI)

The Chemical Safety Vulnerability (CSV) Working Group was established to identify adverse conditions involving hazardous chemicals at DOE facilities that might result in fires or explosions, release of hazardous chemicals to the environment, or exposure of workers or the public to chemicals. A CSV Review was conducted in 148 facilities at 29 sites. Eight generic vulnerabilities were documented related to: abandoned chemicals and chemical residuals; past chemical spills and ground releases; characterization of legacy chemicals and wastes; disposition of legacy chemicals; storage facilities and conditions; condition of facilities and support systems; unanalyzed and unaddressed hazards; and inventory control and tracking. Weaknesses in five programmatic areas were also identified related to: management commitment and planning; chemical safety management programs; aging facilities that continue to operate; nonoperating facilities awaiting deactivation; and resource allocations. Volume 3 consists of eleven appendices containing the following: Field verification reports for Idaho National Engineering Lab., Rocky Flats Plant, Brookhaven National Lab., Los Alamos National Lab., and Sandia National Laboratories (NM); Mini-visits to small DOE sites; Working Group meeting, June 7--8, 1994; Commendable practices; Related chemical safety initiatives at DOE; Regulatory framework and industry initiatives related to chemical safety; and Chemical inventory data from field self-evaluation reports.

Not Available

1994-09-01T23:59:59.000Z

296

Energy Sector Vulnerability to Climate Change: Adaptation Options to Increase Resilience (Presentation)  

SciTech Connect (OSTI)

The U.S. Department of Energy is conducting an assessment of vulnerabilities of the U.S. energy sector to climate change and extreme weather. Emphasizing peer reviewed research, it seeks to quantify vulnerabilities and identify specific knowledge or technology gaps. It draws upon a July 2012 workshop, ?Climate Change and Extreme Weather Vulnerability Assessment of the US Energy Sector?, hosted by the Atlantic Council and sponsored by DOE to solicit industry input.

Newmark, R. L.; Bilello, D.; Macknick, J.; Hallet, K. C.; Anderson, R.; Tidwell, V.; Zamuda, C.

2013-02-01T23:59:59.000Z

297

U-112: PostgreSQL Bugs Let Remote Authenticated Users Gain Elevated...  

Broader source: Energy.gov (indexed) [DOE]

and Change User Passwords U-129: RSA enVision Bugs Permit Cross-Site Scripting, SQL Injection, and Directory Traversal Attacks U-173: Symantec Web Gateway Multiple Vulnerabilities...

298

V-151: RSA Archer eGRC Bugs Let Remote Authenticated Users Upload...  

Energy Savers [EERE]

5.x ABSTRACT: Several vulnerabilities were reported in RSA Archer eGRC. REFERENCE LINKS: EMC SecurityTracker Alert ID: 1028516 CVE-2013-0932 CVE-2013-0933 CVE-2013-0934 IMPACT...

299

U-126: Cisco Adaptive Security Appliances Port Forwarder ActiveX Control Buffer Overflow Vulnerability  

Broader source: Energy.gov [DOE]

A vulnerability was reported in Cisco ASA. A remote user can cause arbitrary code to be executed on the target user's system.

300

U-101: Mozilla Firefox / Thunderbird / SeaMonkey XBL Binding Use-After-Free Vulnerability  

Broader source: Energy.gov [DOE]

A vulnerability has been reported in multiple Mozilla products, which can be exploited by malicious people to compromise a user's system.

Note: This page contains sample records for the topic "authentication bypass vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


301

T-572: VMware ESX/ESXi SLPD denial of service vulnerability  

Broader source: Energy.gov [DOE]

VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm.

302

U-016: Cisco IOS Software HTTP Service Loading Denial of Service Vulnerability  

Broader source: Energy.gov [DOE]

An unauthenticated, remote attacker could exploit this vulnerability to cause a targeted device to stop responding, resulting in a DoS condition

303

V-054: IBM WebSphere Application Server for z/OS Arbitrary Command Execution Vulnerability  

Broader source: Energy.gov [DOE]

A vulnerability was reported in the IBM HTTP Server component 5.3 in IBM WebSphere Application Server (WAS) for z/OS

304

T-655: Mozilla Firefox CVE-2011-2369 HTML Injection Vulnerability  

Broader source: Energy.gov [DOE]

Mozilla Firefox is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content.

305

Effect of beta on Seismic Vulnerability Curve for RC Bridge Based on Double Damage Criterion  

SciTech Connect (OSTI)

In the analysis of seismic vulnerability curve based on double damage criterion, the randomness of structural parameter and randomness of seismic should be considered. Firstly, the distribution characteristics of structure capability and seismic demand are obtained based on IDA and PUSHOVER, secondly, the vulnerability of the bridge is gained based on ANN and MC and a vulnerability curve according to this bridge and seismic is drawn. Finally, the analysis for a continuous bridge is displayed as an example, and parametric analysis for the effect of beta is done, which reflects the bridge vulnerability overall from the point of total probability, and in order to reduce the discreteness, large value of beta are suggested.

Feng Qinghai [CCCC Highway, CO., Ltd. (China); Yuan Wancheng [Bridge Department, Tongji University, Shanghai (China)

2010-05-21T23:59:59.000Z

306

T-534: Vulnerability in the PDF distiller of the BlackBerry Attachment...  

Broader source: Energy.gov (indexed) [DOE]

process termination, the PDF rendering process will restart automatically but will not resume processing the same PDF file. Successful exploitation of this vulnerability requires a...

307

T-707: Apache Tomcat AJP Protocol Processing Bug Lets Remote Users Bypass  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Delicious RankCombustion |Energy Usage »of Energy StrainClient update resolve multipleAuthentication or Obtain

308

Using vulnerability assessments to design facility safeguards and security systems  

SciTech Connect (OSTI)

The Weapons Complex Reconfiguration (WCR) Program is meant to prepare the Department of Energy (DOE) weapons complex to meet the needs of the next century through construction of now facilities or upgrades-in-place at existing facilities. This paper describes how a vulnerability (VA) was used to identify potential S&S features for the conceptual design for a plutonium storage facility as part of the WCR Program. We distinguish those features of the design that need to be investigated at the conceptual stage from those that can be evaluated later. We also examined what protection features may allow reduced S&S operating costs, with the main focus on protective force costs. While some of these concepts hold the promise for significantly reducing life-cycle protective force costs, their use depends on resolving long-standing tradeoffs between S&S and safety, which are discussed in the study.

Snell, M.; Jaeger, C.

1994-08-01T23:59:59.000Z

309

Assessing Vulnerabilities, Risks, and Consequences of Damage to Critical Infrastructure  

SciTech Connect (OSTI)

Since the publication of 'Critical Foundations: Protecting America's Infrastructure,' there has been a keen understanding of the complexity, interdependencies, and shared responsibility required to protect the nation's most critical assets that are essential to our way of life. The original 5 sectors defined in 1997 have grown to 18 Critical Infrastructures and Key Resources (CIKR), which are discussed in the 2009 National Infrastructure Protection Plan (NIPP) and its supporting sector-specific plans. The NIPP provides the structure for a national program dedicated to enhanced protection and resiliency of the nation's infrastructure. Lawrence Livermore National Laboratory (LLNL) provides in-depth, multi-disciplinary assessments of threat, vulnerability, and consequence across all 18 sectors at scales ranging from specific facilities to infrastructures spanning multi-state regions, such as the Oil and Natural Gas (ONG) sector. Like many of the CIKR sectors, the ONG sector is comprised of production, processing, distribution, and storage of highly valuable and potentially dangerous commodities. Furthermore, there are significant interdependencies with other sectors, including transportation, communication, finance, and government. Understanding the potentially devastating consequences and collateral damage resulting from a terrorist attack or natural event is an important element of LLNL's infrastructure security programs. Our work began in the energy sector in the late 1990s and quickly expanded other critical infrastructure sectors. We have performed over 600 physical assessments with a particular emphasis on those sectors that utilize, store, or ship potentially hazardous materials and for whom cyber security is important. The success of our approach is based on building awareness of vulnerabilities and risks and working directly with industry partners to collectively advance infrastructure protection. This approach consists of three phases: The Pre-Assessment Phase brings together infrastructure owners and operators to identify critical assets and help the team create a structured information request. During this phase, we gain information about the critical assets from those who are most familiar with operations and interdependencies, making the time we spend on the ground conducting the assessment much more productive and enabling the team to make actionable recommendations. The Assessment Phase analyzes 10 areas: Threat environment, cyber architecture, cyber penetration, physical security, physical penetration, operations security, policies and procedures, interdependencies, consequence analysis, and risk characterization. Each of these individual tasks uses direct and indirect data collection, site inspections, and structured and facilitated workshops to gather data. Because of the importance of understanding the cyber threat, LLNL has built both fixed and mobile cyber penetration, wireless penetration and supporting tools that can be tailored to fit customer needs. The Post-Assessment Phase brings vulnerability and risk assessments to the customer in a format that facilitates implementation of mitigation options. Often the assessment findings and recommendations are briefed and discussed with several levels of management and, if appropriate, across jurisdictional boundaries. The end result is enhanced awareness and informed protective measures. Over the last 15 years, we have continued to refine our methodology and capture lessons learned and best practices. The resulting risk and decision framework thus takes into consideration real-world constraints, including regulatory, operational, and economic realities. In addition to 'on the ground' assessments focused on mitigating vulnerabilities, we have integrated our computational and atmospheric dispersion capability with easy-to-use geo-referenced visualization tools to support emergency planning and response operations. LLNL is home to the National Atmospheric Release Advisory Center (NARAC) and the Interagency Modeling and Atmospheric Assessment Center (IMAAC). NA

Suski, N; Wuest, C

2011-02-04T23:59:59.000Z

310

WIPP Transparency Project - container tracking and monitoring demonstration using the Authenticated Tracking and Monitoring System (ATMS)  

SciTech Connect (OSTI)

The Authenticated Tracking and Monitoring System (ATMS) is designed to answer the need for global monitoring of the status and location of proliferation-sensitive items on a worldwide basis, 24 hours a day. ATMS uses wireless sensor packs to monitor the status of the items within the shipment and surrounding environmental conditions. Receiver and processing units collect a variety of sensor event data that is integrated with GPS tracking data. The collected data are transmitted to the International Maritime Satellite (INMARSAT) communication system, which then sends the data to mobile ground stations. Authentication and encryption algorithms secure the data during communication activities. A typical ATMS application would be to track and monitor the stiety and security of a number of items in transit along a scheduled shipping route. The resulting tracking, timing, and status information could then be processed to ensure compliance with various agreements.

SCHOENEMAN, J. LEE; SMARTT, HEIDI ANNE; HOFER, DENNIS

2000-01-27T23:59:59.000Z

311

Integrating end-to-end encryption and authentication technology into broadband networks  

SciTech Connect (OSTI)

BISDN services will involve the integration of high speed data, voice, and video functionality delivered via technology similar to Asynchronous Transfer Mode (ATM) switching and SONET optical transmission systems. Customers of BISDN services may need a variety of data authenticity and privacy assurances, via Asynchronous Transfer Mode (ATM) services Cryptographic methods can be used to assure authenticity and privacy, but are hard to scale for implementation at high speed. The incorporation of these methods into computer networks can severely impact functionality, reliability, and performance. While there are many design issues associated with the serving of public keys for authenticated signaling and for establishment of session cryptovariables, this paper is concerned with the impact of encryption itself on such communications once the signaling and setup have been completed. Network security protections should be carefully matched to the threats against which protection is desired. Even after eliminating unnecessary protections, the remaining customer-required network security protections can impose severe performance penalties. These penalties (further discussed below) usually involve increased communication processing for authentication or encryption, increased error rate, increased communication delay, and decreased reliability/availability. Protection measures involving encryption should be carefully engineered so as to impose the least performance, reliability, and functionality penalties, while achieving the required security protection. To study these trade-offs, a prototype encryptor/decryptor was developed. This effort demonstrated the viability of implementing certain encryption techniques in high speed networks. The research prototype processes ATM cells in a SONET OC-3 payload. This paper describes the functionality, reliability, security, and performance design trade-offs investigated with the prototype.

Pierson, L.G.

1995-11-01T23:59:59.000Z

312

T-728: Apache Tomcat HTTP DIGEST Authentication Weaknesses Let Remote Users  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Delicious RankCombustion |Energy Usage »of Energy StrainClient update resolve multipleAuthentication

313

Electrical and thermal finite element modeling of arc faults in photovoltaic bypass diodes.  

SciTech Connect (OSTI)

Arc faults in photovoltaic (PV) modules have caused multiple rooftop fires. The arc generates a high-temperature plasma that ignites surrounding materials and subsequently spreads the fire to the building structure. While there are many possible locations in PV systems and PV modules where arcs could initiate, bypass diodes have been suspected of triggering arc faults in some modules. In order to understand the electrical and thermal phenomena associated with these events, a finite element model of a busbar and diode was created. Thermoelectrical simulations found Joule and internal diode heating from normal operation would not normally cause bypass diode or solder failures. However, if corrosion increased the contact resistance in the solder connection between the busbar and the diode leads, enough voltage potentially would be established to arc across micron-scale electrode gaps. Lastly, an analytical arc radiation model based on observed data was employed to predicted polymer ignition times. The model predicted polymer materials in the adjacent area of the diode and junction box ignite in less than 0.1 seconds.

Bower, Ward Isaac; Quintana, Michael A.; Johnson, Jay

2012-01-01T23:59:59.000Z

314

Open cycle ocean thermal energy conversion steam control and bypass system  

DOE Patents [OSTI]

Two sets of hinged control doors for regulating motive steam flow from an evaporator to a condenser alternatively through a set of turbine blades in a steam bypass around the turbine blades. The evaporator has a toroidal shaped casing situated about the turbine's vertical axis of rotation and an outlet opening therein for discharging motive steam into an annular steam flow path defined between the turbine's radially inner and outer casing structures. The turbine blades extend across the steam flow path intermediate the evaporator and condenser. The first set of control doors is arranged to prevent steam access to the upstream side of the turbine blades and the second set of control doors acts as a bypass around the blades so as to maintain equilibrium between the evaporator and condenser during non-rotation of the turbine. The first set of control doors preferably extend, when closed, between the evaporator casing and the turbine's outer casing and, when open, extend away from the axis of rotation. The second set of control doors preferably constitute a portion of the turbine's outer casing downstream from the blades when closed and extend, when open, toward the axis of rotation. The first and second sets of control doors are normally held in the open and closed positions respectively by locking pins which may be retracted upon detecting an abnormal operating condition respectively to permit their closing and opening and provide steam flow from the evaporator to the condenser.

Wittig, J. Michael (West Goshen, PA); Jennings, Stephen J. (Radnor Township, Delaware County, PA)

1980-01-01T23:59:59.000Z

315

Response surfaces of vulnerability to climate change: the Colorado River Basin, the High Plains, and California  

E-Print Network [OSTI]

the vulnerability of water supply to shortage for the Colorado River Basin and basins of the High Plains, it becomes ever more important to assess the vulnerability of current and future water supplies to shortage more likely to experience water shortages (Barnett et al. 2004; Barnett and Pierce 2008, 2009; Cayan et

316

Finding Semantic Vulnerabilities in PHP Applications The University of Texas at Austin  

E-Print Network [OSTI]

SAFERPHP: Finding Semantic Vulnerabilities in PHP Applications Sooel Son The University of Texas the first characterization of these types of vulner- abilities in PHP applications, develop novel inter-procedural algorithms for discovering them in PHP source code, and implement these algorithms as part of SAFERPHP

Shmatikov, Vitaly

317

Indra Prasad Paneru Livelihood strategy and occupational vulnerability of street ice cream vendors in Kathmandu Valley  

E-Print Network [OSTI]

Indra Prasad Paneru Livelihood strategy and occupational vulnerability of street ice cream vendors in Kathmandu Valley Livelihood strategy and occupational vulnerability of street ice cream vendors in Kathmandu-cream vendors of Kathmandu valley, Case study of Jawalakhel, Ratnapark area and Balaju area' explores

Richner, Heinz

318

Geospatial analysis of vulnerable beach-foredune systems from decadal time series of lidar data  

E-Print Network [OSTI]

Geospatial analysis of vulnerable beach-foredune systems from decadal time series of lidar data, Geospatial analysis of vulnerable beach- foredune systems from decadal time series of lidar data, Journal densities; therefore, geospatial analysis, when applied to decadal lidar time series, needs to address

Mitasova, Helena

319

Impact of relief accuracy on flood simulations and road network vulnerability analysis  

E-Print Network [OSTI]

network by forcing users to take detours. In a risk preventive viewpoint, the network administrator has 1 Impact of relief accuracy on flood simulations and road network vulnerability analysis Jean in the water level and its consequences on the road network vulnerability. The first part focuses

Paris-Sud XI, Universit de

320

What about vulnerability to a fault attack of the Miller algorithm during an  

E-Print Network [OSTI]

What about vulnerability to a fault attack of the Miller algorithm during an Identity Based is to analyse the weakness of the Miller algorithm when it undergoes a fault attack. We prove that the Miller algorithm is vulnerable to a fault attack which is valid in all coordinate systems, through the resolution

Paris-Sud XI, Université de

Note: This page contains sample records for the topic "authentication bypass vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


321

What About Vulnerability to a Fault Attack of the Miller's Algorithm During an  

E-Print Network [OSTI]

What About Vulnerability to a Fault Attack of the Miller's Algorithm During an Identity Based of this article is to analyse the weakness of the Miller's algorithm when it undergoes a fault attack. We prove that the Miller's algorithm is vulnerable to a fault attack which is valid in all coordinate systems, through

Paris-Sud XI, Université de

322

Modeling Complex Control Systems to Identify Remotely Accessible Devices Vulnerable to Cyber Attack1  

E-Print Network [OSTI]

and SCADA systems such as: "Which is the most vulnerable device of our power substation under an attack to remote power substations and control centers comes with the added risk of cyber attack by hackers andModeling Complex Control Systems to Identify Remotely Accessible Devices Vulnerable to Cyber Attack

Krings, Axel W.

323

Update on the Department of Energy's 1994 plutonium vulnerability assessment for the plutonium finishing plant  

SciTech Connect (OSTI)

A review of the environmental, safety, and health vulnerabilities associated with the continued storage of PFP's inventory of plutonium bearing materials and other SNM. This report re-evaluates the five vulnerabilities identified in 1994 at the PFP that are associated with SNM storage. This new evaluation took a more detailed look and applied a risk ranking process to help focus remediation efforts.

HERZOG, K.R.

1999-09-01T23:59:59.000Z

324

Seismic vulnerability analysis of moderate seismicity areas using in situ experimental  

E-Print Network [OSTI]

Seismic vulnerability analysis of moderate seismicity areas using in situ experimental techniques (LGIT), LCPC, CNRS, Université Joseph Fourier Grenoble Abstract Seismic vulnerability analysis. This curve is particularly interesting in moderate seismic areas. This methodology is applied to the Grenoble

Paris-Sud XI, Université de

325

VULNERABILITY ASSESSMENT OF WATER RESOURCES SYSTEMS IN THE EASTERN NILE BASIN  

E-Print Network [OSTI]

VULNERABILITY ASSESSMENT OF WATER RESOURCES SYSTEMS IN THE EASTERN NILE BASIN TO ENVIRONMENTAL Resources VULNERABILITY ASSESSMENT OF WATER RESOURCES SYSTEMS IN THE EASTERN NILE BASIN TO ENVIRONMENTAL Resources Institute of African Research and Studies, Cairo University For the Degree of MASTER OF SCIENCE

Richner, Heinz

326

Climate change impacts and vulnerability of the southern populations of Pinus nigra subsp. salzmannii  

E-Print Network [OSTI]

vulnerability to climate change in Mediterranean mountain forests is not well developed. Climate change impactsClimate change impacts and vulnerability of the southern populations of Pinus nigra subsp-sensitive species. Trees will adapt not only to changes in mean climate variables but also to increased extreme

Herrera, Carlos M.

327

T-526: Microsoft Internet Explorer 'ReleaseInterface()' Remote Code Execution Vulnerability  

Broader source: Energy.gov [DOE]

Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will cause denial-of-service conditions. Microsoft Internet Explorer 8.0.7600.16385 is vulnerable; other versions may also be affected.

328

APPENDIX A: Climate Change Vulnerability Literature Review The purpose of this discussion is to review the existing literature surrounding climate change adaptation  

E-Print Network [OSTI]

1 APPENDIX A: Climate Change Vulnerability Literature Review Purpose The purpose of this discussion is to review the existing literature surrounding climate change adaptation and vulnerability with a focus thought surrounding methods for conducting climate change vulnerability assessments. The review

Brownstone, Rob

329

CFD Analysis of Core Bypass Flow and Crossflow in the Prismatic Very High Temperature Gas-cooled Nuclear Reactor  

E-Print Network [OSTI]

if the large portion of the coolant flows into bypass gaps instead of coolant channels in which the cooling efficiency is much higher. A preliminary three dimensional steady-state CFD analysis was performed with commercial code STARCCM+ 6.04 to investigate...

Wang, Huhu 1985-

2012-12-13T23:59:59.000Z

330

Safeguards Evaluation Method for evaluating vulnerability to insider threats  

SciTech Connect (OSTI)

As protection of DOE facilities against outsiders increases to acceptable levels, attention is shifting toward achieving comparable protection against insiders. Since threats and protection measures for insiders are substantially different from those for outsiders, new perspectives and approaches are needed. One such approach is the Safeguards Evaluation Method. This method helps in assessing safeguards vulnerabilities to theft or diversion of special nuclear meterial (SNM) by insiders. The Safeguards Evaluation Method-Insider Threat is a simple model that can be used by safeguards and security planners to evaluate safeguards and proposed upgrades at their own facilities. The method is used to evaluate the effectiveness of safeguards in both timely detection (in time to prevent theft) and late detection (after-the-fact). The method considers the various types of potential insider adversaries working alone or in collusion with other insiders. The approach can be used for a wide variety of facilities with various quantities and forms of SNM. An Evaluation Workbook provides documentation of the baseline assessment; this simplifies subsequent on-site appraisals. Quantitative evaluation is facilitated by an accompanying computer program. The method significantly increases an evaluation team's on-site analytical capabilities, thereby producing a more thorough and accurate safeguards evaluation.

Al-Ayat, R.A.; Judd, B.R.; Renis, T.A.

1986-01-01T23:59:59.000Z

331

A graph-based network-vulnerability analysis system  

SciTech Connect (OSTI)

This paper presents a graph based approach to network vulnerability analysis. The method is flexible, allowing analysis of attacks from both outside and inside the network. It can analyze risks to a specific network asset, or examine the universe of possible consequences following a successful attack. The analysis system requires as input a database of common attacks, broken into atomic steps, specific network configuration and topology information, and an attacker profile. The attack information is matched with the network configuration information and an attacker profile to create a superset attack graph. Nodes identify a stage of attack, for example the class of machines the attacker has accessed and the user privilege level he or she has compromised. The arcs in the attack graph represent attacks or stages of attacks. By assigning probabilities of success on the arcs or costs representing level of effort for the attacker, various graph algorithms such as shortest path algorithms can identify the attack paths with the highest probability of success.

Swiler, L.P.; Phillips, C.; Gaylor, T.

1998-05-03T23:59:59.000Z

332

A graph-based network-vulnerability analysis system  

SciTech Connect (OSTI)

This report presents a graph-based approach to network vulnerability analysis. The method is flexible, allowing analysis of attacks from both outside and inside the network. It can analyze risks to a specific network asset, or examine the universe of possible consequences following a successful attack. The analysis system requires as input a database of common attacks, broken into atomic steps, specific network configuration and topology information, and an attacker profile. The attack information is matched with the network configuration information and an attacker profile to create a superset attack graph. Nodes identify a stage of attack, for example the class of machines the attacker has accessed and the user privilege level he or she has compromised. The arcs in the attack graph represent attacks or stages of attacks. By assigning probabilities of success on the arcs or costs representing level-of-effort for the attacker, various graph algorithms such as shortest-path algorithms can identify the attack paths with the highest probability of success.

Swiler, L.P.; Phillips, C. [Sandia National Labs., Albuquerque, NM (United States); Gaylor, T. [3M, Austin, TX (United States). Visual Systems Div.

1998-01-01T23:59:59.000Z

333

A graph-based system for network-vulnerability analysis  

SciTech Connect (OSTI)

This paper presents a graph-based approach to network vulnerability analysis. The method is flexible, allowing analysis of attacks from both outside and inside the network. It can analyze risks to a specific network asset, or examine the universe of possible consequences following a successful attack. The graph-based tool can identify the set of attack paths that have a high probability of success (or a low effort cost) for the attacker. The system could be used to test the effectiveness of making configuration changes, implementing an intrusion detection system, etc. The analysis system requires as input a database of common attacks, broken into atomic steps, specific network configuration and topology information, and an attacker profile. The attack information is matched with the network configuration information and an attacker profile to create a superset attack graph. Nodes identify a stage of attack, for example the class of machines the attacker has accessed and the user privilege level he or she has compromised. The arcs in the attack graph represent attacks or stages of attacks. By assigning probabilities of success on the arcs or costs representing level-of-effort for the attacker, various graph algorithms such as shortest-path algorithms can identify the attack paths with the highest probability of success.

Swiler, L.P.; Phillips, C.

1998-06-01T23:59:59.000Z

334

Superior Cardiac Function Via Anaplerotic Pyruvate in the Immature Swine Heart After Cardiopulmonary Bypass and Reperfusion  

SciTech Connect (OSTI)

Pyruvate produces inotropic responses in the adult reperfused heart. Pyruvate oxidation and anaplerotic entry into the citric acid cycle (CAC) via carboxylation are linked to stimulation of contractile function. The goals of this study were to determine if these metabolic pathways operate and are maintained in the developing myocardium after reperfusion. Immature male swine (age 10-18 days) were subjected to cardiopulmonary bypass (CPB). Intracoronary infusion of [2]-13C-pyruvate (to achieve a final concentration of 8 mM) was given for 35 minutes starting either during weaning (Group I), after discontinuation (Group II) or without (Control) CPB. Hemodynamic data was collected. 13C NMR spectroscopy was used to determine the fraction of pyruvate entering the CAC via pyruvate carboxylation (PC) to total CAC entry (PC plus decarboxlyation via pyruvate dehydrogenase). Liquid chromatography-mass spectrometry was used to determine total glutamate enrichment.

Olson, Aaron; Hyyti, Outi M.; Cohen, Gordon A.; Ning, Xue-Han; Sadilek, Martin; Isern, Nancy G.; Portman, Michael A.

2008-12-01T23:59:59.000Z

335

Particle Image Velocimetry Measurements and Analysis of Bypass Data for a Scaled 6mm Gap  

SciTech Connect (OSTI)

The purpose of the fluid dynamics experiments in the MIR (Matched Index of-Refraction) flow system at Idaho National Laboratory (INL) is to develop benchmark databases for the assessment of Computational Fluid Dynamics (CFD) solutions of the momentum equations, scalar mixing, and turbulence models for the flow ratios between coolant channels and bypass gaps in the interstitial regions of typical prismatic standard fuel element (SFE) or upper reflector block geometries of typical Modular High-temperature Gas-cooled Reactors (MHTGR) in the limiting case of negligible buoyancy and constant fluid properties. The experiments will use optical techniques, primarily particle image velocimetry (PIV) in the INL Matched Index of Refraction (MIR) flow system.

J.R. Wolf; T.E. Conder; R.R. Schultz

2012-09-01T23:59:59.000Z

336

Geographic variation in vulnerability to climate warming in a tropical Caribbean lizard  

E-Print Network [OSTI]

Geographic variation in vulnerability to climate warming in a tropical Caribbean lizard Alex R temperatures (Tb) of the tropical Caribbean lizard Anolis cristatellus at nine sites representing two habitat

Leal, Manuel S.

337

A Smart Grid Vulnerability Analysis Framework for Coordinated Variable Structure Switching Attacks  

E-Print Network [OSTI]

the approach. Moreover the insights gained from the vulnerability analysis of the WECC system are consistent approach is detailed in Section III along with an illustration of the procedure on the WECC 3-machine, 9

Kundur, Deepa

338

USE OF COMPOSITE MATERIALS TO REPAIR STEEL STRUCTURES VULNERABLE TO FATIGUE DAMAGE  

E-Print Network [OSTI]

This study investigates mainly two different topics related to the use of CFRP's for strengthening and repair of steel bridges: the use of CFRP's to prevent damage in fatigue vulnerable welded connections prior to fatigue-crack initiation...

Alemdar, Fatih

2010-01-01T23:59:59.000Z

339

Seismic vulnerability of older reinforced concrete frame structures in Mid-America  

E-Print Network [OSTI]

This research quantifies the seismic vulnerability of older reinforced concrete frame structures located in Mid-America. After designing a representative three-story gravity load designed reinforced concrete frame structure, a nonlinear analytical...

Beason, Lauren Rae

2004-09-30T23:59:59.000Z

340

U-116: IBM Tivoli Provisioning Manager Express for Software Distribution Multiple Vulnerabilities  

Broader source: Energy.gov [DOE]

Multiple vulnerabilities have been reported in IBM Tivoli Provisioning Manager Express for Software Distribution, which can be exploited by malicious people to conduct SQL injection attacks and compromise a user's system

Note: This page contains sample records for the topic "authentication bypass vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


341

Screening vulnerabilities in water supply networks : risk analysis of infrastructure systems  

E-Print Network [OSTI]

The extreme importance of critical infrastructures to modern society is widely known. Recognizing that society cannot afford the costs associated with absolute protection, it is necessary to prioritize the vulnerabilities ...

Michaud, David, 1975-

2005-01-01T23:59:59.000Z

342

A Role for Repressive Histone Methylation in Cocaine-Induced Vulnerability to Stress  

E-Print Network [OSTI]

Substance abuse increases an individual's vulnerability to stress-related illnesses, which is presumably mediated by drug-induced neural adaptations that alter subsequent responses to stress. Here, we identify repressive ...

Covington, HerbertE.

343

Detection of morphological markers of vulnerable atherosclerotic plaque using multimodal spectroscopy  

E-Print Network [OSTI]

Vulnerable plaques, which are responsible for most acute ischemic events, are presently invisible to x-ray angiography. Their primary morphological features include a thin or ulcerated fibrous cap, a large necrotic core, ...

Fitzmaurice, Maryann

344

Assessment of chemical vulnerabilities in the Hanford high-level waste tanks  

SciTech Connect (OSTI)

The purpose of this report is to summarize results of relevant data (tank farm and laboratory) and analysis related to potential chemical vulnerabilities of the Hanford Site waste tanks. Potential chemical safety vulnerabilities examined include spontaneous runaway reactions, condensed phase waste combustibility, and tank headspace flammability. The major conclusions of the report are the following: Spontaneous runaway reactions are not credible; condensed phase combustion is not likely; and periodic releases of flammable gas can be mitigated by interim stabilization.

Meacham, J.E. [and others

1996-02-15T23:59:59.000Z

345

V-052: Drupal Core Access Bypass and Arbitrary PHP Code Execution  

Office of Environmental Management (EM)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "of EnergyEnergyENERGYWomen Owned SmallOf The 2012Nuclear Guide Remote Access08: DebianVulnerabilities |

346

Method of treating emissions of a hybrid vehicle with a hydrocarbon absorber and a catalyst bypass system  

DOE Patents [OSTI]

A method of treating emissions from an internal combustion engine of a hybrid vehicle includes directing a flow of air created by the internal combustion engine when the internal combustion engine is spinning but not being fueled through a hydrocarbon absorber to collect hydrocarbons within the flow of air. When the hydrocarbon absorber is full and unable to collect additional hydrocarbons, the flow of air is directed through an electrically heated catalyst to treat the flow of air and remove the hydrocarbons. When the hydrocarbon absorber is not full and able to collect additional hydrocarbons, the flow of air is directed through a bypass path that bypasses the electrically heated catalyst to conserve the thermal energy stored within the electrically heated catalyst.

Roos, Bryan Nathaniel; Gonze, Eugene V; Santoso, Halim G; Spohn, Brian L

2014-01-14T23:59:59.000Z

347

Implications for Damage Recognition during Dpo4-Mediated Mutagenic Bypass of m1G and m3C Lesions  

SciTech Connect (OSTI)

DNA is susceptible to alkylation damage by a number of environmental agents that modify the Watson-Crick edge of the bases. Such lesions, if not repaired, may be bypassed by Y-family DNA polymerases. The bypass polymerase Dpo4 is strongly inhibited by 1-methylguanine (m1G) and 3-methylcytosine (m3C), with nucleotide incorporation opposite these lesions being predominantly mutagenic. Further, extension after insertion of both correct and incorrect bases, introduces additional base substitution and deletion errors. Crystal structures of the Dpo4 ternary extension complexes with correct and mismatched 3'-terminal primer bases opposite the lesions reveal that both m1G and m3C remain positioned within the DNA template/primer helix. However, both correct and incorrect pairing partners exhibit pronounced primer terminal nucleotide distortion, being primarily evicted from the DNA helix when opposite m1G or misaligned when pairing with m3C. Our studies provide insights into mechanisms related to hindered and mutagenic bypass of methylated lesions and models associated with damage recognition by repair demethylases.

Rechkoblit, Olga; Delaney, James C.; Essigmann, John M.; Patel, Dinshaw J. (MIT); (MSKCC)

2012-05-08T23:59:59.000Z

348

U.S. Department of Energy FreedomCAR & Vehicle Technologies Program Oil Bypass Filter Technology Evaluation Final Report  

SciTech Connect (OSTI)

This Oil Bypass Filter Technology Evaluation final report documents the feasibility of using oil bypass filters on 17 vehicles in the Idaho National Laboratory (INL) fleet during a 3-year test period. Almost 1.3 million test miles were accumulated, with eleven 4-cycle diesel engine buses accumulating 982,548 test miles and six gasoline-engine Chevrolet Tahoes accumulating 303,172 test miles. Two hundred and forty oil samples, taken at each 12,000-mile bus servicing event and at 3,000 miles for the Tahoes, documented the condition of the engine oils for continued service. Twenty-eight variables were normally tested, including the presence of desired additives and undesired wear metals such as iron and chrome, as well as soot, water, glycol, and fuel. Depending on the assumptions employed, the INL found that oil bypass filter systems for diesel engine buses have a positive payback between 72,000 and 144,000 miles. For the Tahoes, the positive payback was between 66,000 and 69,000 miles.

L. R. Zirker; J. E. Francfort; J. J. Fielding

2006-03-01T23:59:59.000Z

349

IEEE TRANSACTIONS ON SMART GRID, VOL. 2, NO. 4, DECEMBER 2011 675 A Lightweight Message Authentication Scheme for  

E-Print Network [OSTI]

IEEE TRANSACTIONS ON SMART GRID, VOL. 2, NO. 4, DECEMBER 2011 675 A Lightweight Message Authentication Scheme for Smart Grid Communications Mostafa M. Fouda, Member, IEEE, Zubair Md. Fadlullah, Member Abstract--Smart grid (SG) communication has recently received significant attentions to facilitate

Shen, Xuemin "Sherman"

350

U-148: ActiveScriptRuby GRScript18.dll ActiveX Control Ruby Code Execution Vulnerability  

Broader source: Energy.gov [DOE]

The vulnerability is caused due to an error in GRScript18.dll and can be exploited to execute arbitrary Ruby commands.

351

29.01.03.M1.01 Network Scanning and Vulnerability Assessments Page 1 of 3 STANDARD ADMINISTRATIVE PROCEDURE  

E-Print Network [OSTI]

29.01.03.M1.01 Network Scanning and Vulnerability Assessments Page 1 of 3 STANDARD ADMINISTRATIVE PROCEDURE 29.01.03.M1.01 Network Scanning and Vulnerability Assessments Approved October 1, 2002 Revised review: August 14, 2016 Statement and Reason for Standard Administrative Procedure The purpose

352

Vulnerability of the New York City Metropolitan Area to Coastal Hazards,  

E-Print Network [OSTI]

Trade Center site in Lower Manhattan, and of the Brooklyn water- front, long home to the former Brooklyn-Level Rise: Inferences for Urban Coastal Risk Management and Adaptation Policies Klaus Jacob, Vivien Gornitz at or near sea level. Major coastal urban centers have long been vulnerable to natural hazards, such as storm

353

educating | innovating | transforming | advocating | strengthening vulnerable families social workuniversity of illinois at urbana-champaign  

E-Print Network [OSTI]

educating | innovating | transforming | advocating | strengthening vulnerable families social innovative efforts and collaborations are having on the lives of people in need. Whose lives? Those of · Low to work through the social barriers hindering the project. "We needed to gain trust from the local

Gilbert, Matthew

354

Secure Fragment Allocation in a Distributed Storage System with Heterogeneous Vulnerabilities  

E-Print Network [OSTI]

Secure Fragment Allocation in a Distributed Storage System with Heterogeneous Vulnerabilities Yun--There is a growing demand for large-scale dis- tributed storage systems to support resource sharing and fault attention has yet been paid to security solutions designed for distributed storage systems

Qin, Xiao

355

U-199: Drupal Drag & Drop Gallery Module Arbitrary File Upload Vulnerability  

Broader source: Energy.gov [DOE]

The vulnerability is caused due to the sites/all/modules/dragdrop_gallery/upload.php script improperly validating uploaded files, which can be exploited to execute arbitrary PHP code by uploading a PHP file with e.g. an appended ".gif" file extension.

356

Title: Climate Change Vulnerability and Adaptation Options for Coastal Communities in Timor-Leste  

E-Print Network [OSTI]

Title: Climate Change Vulnerability and Adaptation Options for Coastal Communities in Timor-Leste Summary Climate change is a major global challenge, particularly for world's coastal communities in low 2008, Kelman & West 2009, Veitayaki 2010). Within these regions, climate change impacts are already

357

Vulnerability of SSL to Chosen-Plaintext Attack Gregory V. Bard  

E-Print Network [OSTI]

Vulnerability of SSL to Chosen-Plaintext Attack Gregory V. Bard #3; May 11, 2004 Abstract The Secure Sockets Layer (SSL) protocol is widely used for securing communication over the Internet. When utilizing block ciphers for encryption, the SSL standard mandates the use of the cipher block chaining (CBC

358

Vulnerability of SSL to Chosen-Plaintext Attack Gregory V. Bard  

E-Print Network [OSTI]

Vulnerability of SSL to Chosen-Plaintext Attack Gregory V. Bard May 11, 2004 Abstract The Secure Sockets Layer (SSL) protocol is widely used for securing communication over the Internet. When utilizing block ciphers for encryption, the SSL standard mandates the use of the cipher block chaining (CBC) mode

359

Vulnerability of national economies to the impacts of climate change on fisheries  

E-Print Network [OSTI]

economies and diets, and limited societal capacity to adapt to potential impacts and opportunities. Many the world's poorest and twice as reliant on fish, which provides 27% of dietary protein compared to 13 but lack the capacity to adapt. Keywords Adaptation, climate change, fisheries, poverty, vulnerability

Reynolds, John D.

360

T-527: OpenSC Smart Card Serial Number Multiple Buffer Overflow Vulnerabilities  

Broader source: Energy.gov [DOE]

OpenSC is prone to multiple buffer-overflow vulnerabilities because the application fails to perform adequate boundary checks on user-supplied input. Attackers may leverage these issues to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.

Note: This page contains sample records for the topic "authentication bypass vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


361

Can Fault Prediction Models and Metrics be Used for Vulnerability Prediction? Yonghee Shin and Laurie Williams  

E-Print Network [OSTI]

Can Fault Prediction Models and Metrics be Used for Vulnerability Prediction? Yonghee Shin to prioritize security inspection and testing efforts may be better served by a prediction model that indicates commonalities that may allow development teams to use traditional fault prediction models and metrics

Young, R. Michael

362

Detection of Vulnerable Road Users in Smart Cities Francisco Guayante, Arnoldo Daz-Ramrez  

E-Print Network [OSTI]

Detection of Vulnerable Road Users in Smart Cities Francisco Guayante, Arnoldo Daz. In order to cope with the problems of the growing urban communities, the concept of smart cities has emerged. A smart city is based on the use of smart computing technologies, such as Intelligent

Mejia-Alvarez, Pedro

363

Seismic vulnerability assessment to slight dam-age based on experimental modal parameters  

E-Print Network [OSTI]

Seismic vulnerability assessment to slight dam- age based on experimental modal parameters Clotaire Federal Institute of Technology, Zuerich, Switzerland. Michel C., Gueguen P., Causse M. 2011. Seismic higher modes and full seismic ground motion, (2) using a single-degree of freedom model considering

Paris-Sud XI, Université de

364

PHS 650-section 052: Healthcare Quality Improvement and Evaluation for Vulnerable Populations  

E-Print Network [OSTI]

can contribute to global health system reform and realization of the Millennium Development Goals. II. Learning Objectives To understand how quality health care has been defined and implemented with vulnerable health care quality" BMJ 2004; 328: 1124-9 Bloom BS. "Crossing the quality chasm: a new health system

Sheridan, Jennifer

365

Characterizing Application Memory Error Vulnerability to Optimize Datacenter Cost via Heterogeneous-Reliability Memory  

E-Print Network [OSTI]

Characterizing Application Memory Error Vulnerability to Optimize Datacenter Cost via Heterogeneous--Memory devices represent a key component of datacenter total cost of ownership (TCO), and techniques used, we make three main con- tributions to enable highly-reliable servers at low datacenter cost. First

Mutlu, Onur

366

American Journal of Botany 87(9): 12871299. 2000. VULNERABILITY TO XYLEM CAVITATION AND THE  

E-Print Network [OSTI]

1287 American Journal of Botany 87(9): 1287­1299. 2000. VULNERABILITY TO XYLEM CAVITATION to evaluate how the limitation of xylem pressure ( x) by cavitation corresponded with plant distribution along xylem, which shows the decrease in hydraulic conductance from cavitation as a function of x and the crit

Pockman, William T.

367

International Journal of Smart Grid and Clean Energy Smart Grid Security: Threats, Vulnerabilities and Solutions  

E-Print Network [OSTI]

International Journal of Smart Grid and Clean Energy Smart Grid Security: Threats, Vulnerabilities is currently evolving into the smart grid. Smart grid integrates the traditional electrical power grid, controlling and managing the demands of customers. A smart grid is a huge complex network composed of millions

Aloul, Fadi

368

Spatial Modelling with Geographic Information Systems for Determination of Water Resources Vulnerability  

E-Print Network [OSTI]

(river or well). This method is based on spatial analysis tools integrated in Geographical Information is proposed. The vulnerability of a water resource is defined as the risk that the resource will become (rivers or aquifers) against pollution is an important challenge for decision- makers in water resources

Paris-Sud XI, Universit de

369

Educational Access i Educational Access for Orphans and Vulnerable Children in Woliso, Ethiopia  

E-Print Network [OSTI]

Educational Access i Educational Access for Orphans and Vulnerable Children in Woliso, Ethiopia ABSTRACT The appalling rise in the number of orphans in Ethiopia has reached epidemic proportions. The United Nations Fund-Ethiopia (2007) estimates there are 4.6 million orphaned children, 85 % of which do

Scheel, David

370

1900 CROP SCIENCE, VOL. 44, NOVEMBERDECEMBER 2004 Reducing the Genetic Vulnerability of Cotton  

E-Print Network [OSTI]

1900 CROP SCIENCE, VOL. 44, NOVEMBER­DECEMBER 2004 Reducing the Genetic Vulnerability of Cotton. Lloyd May, and C. Wayne Smith change in cotton yields has steadily declined since 1985. The u.s. cotton (Gossypium spp.) production system By 1998, absolute cotton yields (not just the rate ofexemplifies

Chee, Peng W.

371

Vulnerability Analysis of a Nuclear Power Plant Considering Detonations of Explosive Devices  

E-Print Network [OSTI]

Vulnerability Analysis of a Nuclear Power Plant Considering Detonations of Explosive Devices Marko threats to a nuclear power plant in the year 1991 and after the 9/11 events in 2001. The methodology which strength and injuries of human beings with nuclear power plant models used in probabilistic safety

Cizelj, Leon

372

Vulnerability of age-0 pallid sturgeon Scaphirhynchus albus to fish predation By W. E. French1  

E-Print Network [OSTI]

and smallmouth bass is low, especially in the presence of an alternative fish prey. Introduction SturgeonVulnerability of age-0 pallid sturgeon Scaphirhynchus albus to fish predation By W. E. French1 , B, Brookings, SD, USA; 2 USGS South Dakota Cooperative Fish & Wildlife Research Unit, Department of Wildlife

373

Proline Nal. 22(2):107-112. 1990. Vulnerability of Largemouth Bass  

E-Print Network [OSTI]

'. an estimated largemouth bass density of 84 fish/ha and a biomass of 33.6 kg/ha. Knox Pond. a 1.3ha private largemouth bass less than 200 rom long. but did not estimate their number. Marked fish were releasedProline Nal. 22(2):107-112. 1990. Vulnerability of Largemouth Bass to Angling in Two Small South

374

Experimental Studies of Vulnerabilities in Devices and On-Chip Protection  

E-Print Network [OSTI]

Experimental Studies of Vulnerabilities in Devices and On-Chip Protection Agis A. Iliadis effects on the fundamental units of IC circuits, ie individual devices (MOSFETs) and gates (CMOS Inverters MOSFET devices as on-chip sensing and protecting elements. · Develop on-chip sensing, registration

Anlage, Steven

375

Centrality and vulnerability in liner shipping networks: revisiting the Northeast Asian port hierarchy  

E-Print Network [OSTI]

1 Centrality and vulnerability in liner shipping networks: revisiting the Northeast Asian port@parisgeo.cnrs.fr Sung-Woo LEE Korea Maritime Institute Shipping, Port & Logistics Research Department KBS media Center: revisiting the Northeast Asian port hierarchy Abstract This paper is essentially an empirical investigation

Paris-Sud XI, Université de

376

Energy Vulnerability Assessment for the US Pacific Islands. Technical Appendix 2  

SciTech Connect (OSTI)

The study, Energy Vulnerability Assessment of the US Pacific Islands, was mandated by the Congress of the United States as stated in House Resolution 776-220 of 1992, Section 1406. The resolution states that the US Secretary of Energy shall conduct a study of the implications of the unique vulnerabilities of the insular areas to an oil supply disruption. Such study shall outline how the insular areas shall gain access to vital oil supplies during times of national emergency. The resolution defines insular areas as the US Virgin Islands, Puerto Rico, Guam, American Samoa, the Commonwealth of the Northern Mariana Islands, and Palau. The US Virgin Islands and Puerto Rico are not included in this report. The US Department of Energy (USDOE) has broadened the scope of the study contained in the House Resolution to include emergency preparedness and response strategies which would reduce vulnerability to an oil supply disruption as well as steps to ameliorate adverse economic consequences. This includes a review of alternative energy technologies with respect to their potential for reducing dependence on imported petroleum. USDOE has outlined the four tasks of the energy vulnerability assessment as the following: (1) for each island, determine crude oil and refined product demand/supply, and characterize energy and economic infrastructure; (2) forecast global and regional oil trade flow patterns, energy demand/supply, and economic activities; (3) formulate oil supply disruption scenarios and ascertain the general and unique vulnerabilities of these islands to oil supply disruptions; and (4) outline emergency preparedness and response options to secure oil supplies in the short run, and reduce dependence on imported oil in the longer term.

Fesharaki, F.; Rizer, J.P.; Greer, L.S.

1994-05-01T23:59:59.000Z

377

Sarkar, Papiya "Solid Waste Management In Delhi A Social Vulnerability Study" in Martin J. Bunch, V. Madha Suresh and T. Vasantha Kumaran, eds., Proceedings of the Third  

E-Print Network [OSTI]

1 Sarkar, Papiya "Solid Waste Management In Delhi ­ A Social Vulnerability Study" in Martin J IN DELHI ­ A SOCIAL VULNERABILITY STUDY Papiya Sarkar· Toxics Link, New Delhi, India. Abstract Management

Columbia University

378

Bypass Flow Computations using a One-Twelfth Symmetric Sector For Normal Operation in a 350 MWth VHTR  

SciTech Connect (OSTI)

Significant uncertainty exists about the effects of bypass flow in a prismatic gas-cooled very high temperature reactor (VHTR). Bypass flow is the flow in the gaps between prismatic graphite blocks in the core. The gaps are present because of variations in their construction, imperfect installation and expansion and shrinkage from thermal heating and neutron fluence. Calculations are performed using computational fluid dynamics (CFD) for flow of the helium coolant in the gap and coolant channels along with conjugate heat generation and heat transfer in the fuel compacts and graphite. A commercial CFD code is used for all of the computations. A one-twelfth sector of a standard hexagonal block column is used for the CFD model because of its symmetry. Various scenarios are computed by varying the gap width from zero to 5 mm, varying the total heat generation rate to examine average and peak radial generation rates and variation of the graphite block geometry to account for the effects of shrinkage caused by irradiation. The calculations are for a 350 MWth prismatic reactor. It is shown that the effect of increasing gap width, while maintaining the same total mass flow rate, causes increased maximum fuel temperature while providing significant cooling to the near-gap region. The maximum outlet coolant temperature variation is increased by the presence of gap flow and also by an increase in total heat generation with a gap present. The effect of block shrinkage is actually to decrease maximum fuel temperature compared to a similar reference case.

Richard W. Johnson; Hiroyuki Sato

2010-10-01T23:59:59.000Z

379

Bypass Flow Computations using a One-Twelfth Symmetric Sector For Normal Operation in a 350 MWth VHTR  

SciTech Connect (OSTI)

Significant uncertainty exists about the effects of bypass flow in a prismatic gas-cooled very high temperature reactor (VHTR). Bypass flow is the flow in the gaps between prismatic graphite blocks in the core. The gaps are present because of variations in their construction, imperfect installation and expansion and shrinkage from thermal heating and neutron fluence. Calculations are performed using computational fluid dynamics (CFD) for flow of the helium coolant in the gap and coolant channels along with conjugate heat generation and heat transfer in the fuel compacts and graphite. A commercial CFD code is used for all of the computations. A one-twelfth sector of a standard hexagonal block column is used for the CFD model because of its symmetry. Various scenarios are computed by varying the gap width from zero to 5 mm, varying the total heat generation rate to examine average and peak radial generation rates and variation of the graphite block geometry to account for the effects of shrinkage caused by irradiation. The calculations are for a 350 MWth prismatic reactor. It is shown that the effect of increasing gap width, while maintaining the same total mass flow rate, causes increased maximum fuel temperature while providing significant cooling to the near-gap region. The maximum outlet coolant temperature variation is increased by the presence of gap flow and also by an increase in total heat generation with a gap present. The effect of block shrinkage is actually to decrease maximum fuel temperature compared to a similar reference case.

Richard W. Johnson; Hiroyuki Sato

2012-10-01T23:59:59.000Z

380

161 rue Ada F -34392 Montpellier Cedex 05 Tl : 33 (0)4 67 4 85 85 Fax : 33 (0)4 67 4 85 00 www. lirmm.fr Added Redundancy Explicit Authentication at  

E-Print Network [OSTI]

hardware-based (physical) attacks and work under th Technical Report 01/07/2007 lirmm-00171028,version1-11Sep2007 #12;Added Redundancy Explicit Authentication

Boyer, Edmond

Note: This page contains sample records for the topic "authentication bypass vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


381

JC3 | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

in Adobe Shockwave. December 21, 2012 V-052: Drupal Core Access Bypass and Arbitrary PHP Code Execution Vulnerabilities Drupal Core Multiple vulnerabilities December 20, 2012...

382

JC3 Bulletin Archive | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

in Adobe Shockwave. December 21, 2012 V-052: Drupal Core Access Bypass and Arbitrary PHP Code Execution Vulnerabilities Drupal Core Multiple vulnerabilities December 20, 2012...

383

U.S. Department of Energy FreedomCAR & Vehicle Technologies Program Oil Bypass Filter Technology Evaluation - Sixth Quarterly Report, January - March 2004  

SciTech Connect (OSTI)

This Oil Bypass Filter Technology Evaluation quarterly report (January-March 2004) details the ongoing fleet evaluation of an oil bypass filter technology by the Idaho National Engineering and Environmental Laboratory (INEEL) for the U.S. Department of Energy's FreedomCAR & Vehicle Technologies Program. Eight four-cycle diesel-engine buses used to transport INEEL employees on various routes have been equipped with oil bypass filter systems from the puraDYN Corporation. The bypass filters are reported to have engine oil filtering capability of <1 micron and a built-in additive package to facilitate extended oil-drain intervals. This quarter, the heavy-duty buses traveled 88,747 miles, and as of the end of March 2004, the eight buses have accumulated 412,838 total test miles without requiring an oil change. This represents an avoidance of 34 oil changes, which equates to 1,199 quarts (300 gallons) of new oil not consumed and, furthermore, 1,199 quarts of waste oil not generated.

U.S. Department of Energy; Larry Zirker

2004-06-01T23:59:59.000Z

384

U.S. Department of Energy FreedomCAR & Vehicle Technologies Program Oil Bypass Filter Technology Evaluation Fifth Quarterly Report October - December 2003  

SciTech Connect (OSTI)

This Oil Bypass Filter Technology Evaluation quarterly report (October-December 2003) details the ongoing fleet evaluation of an oil bypass filter technology by the Idaho National Engineering and Environmental Laboratory (INEEL) for the U.S. Department of Energy's FreedomCAR & Vehicle Technologies Program. Eight four-cycle diesel-engine buses used to transport INEEL employees on various routes have been equipped with oil bypass filter systems from the puraDYN Corporation. The bypass filters are reported to have engine oil filtering capability of <1 micron and a built-in additive package to facilitate extended oil-drain intervals. To date, the eight buses have accumulated 324,091 test miles. This represents an avoidance of 27 oil changes, which equate to 952 quarts (238 gallons) of new oil not conserved and therefore, 952 quarts of waste oil not generated. To validate the extended oil-drain intervals, an oil-analysis regime is used to evaluate the fitness of the oil for continued service by monitoring the presence of necessary additives, undesirable contaminants, and engine-wear metals. The test fleet has been expanded to include six Chevrolet Tahoe sport utility vehicles with gasoline engines.

Larry Zirker; James Francfort

2004-02-01T23:59:59.000Z

385

Planning for Water Scarcity: The Vulnerability of the Laguna Region, Mexico  

E-Print Network [OSTI]

this problem, a combination of quantitative and qualitative techniques were used. A systems theory simulation model was used to measure the economic vulnerability of the main agricultural products at different scenarios of water volume in the aquifer.... Statistical analyses were used to support the results of the quantitative assessments. The results of the simulation model showed a significant impact on economic production given different scenarios of water volume and of higher probabilities of droughts...

Sanchez Flores, Maria Del Rosario

2010-10-12T23:59:59.000Z

386

Children with disabilities in the context of disaster: A social vulnerability perspective  

E-Print Network [OSTI]

draw on empirical studies from disaster researchers and focus on the adverse physical, psychological, and educational vulnera- bilities that children with disabilities may experi- ence in the context of disaster. We conclude with a discussion... of the theory of resilience as it per- tains to children with disabilities in disaster and outline additional research needs. Social Vulnerability and Disaster Historically, disasters have been viewed as random events that cause indiscriminate losses and suffer...

Stough, Laura

2010-01-01T23:59:59.000Z

387

Management response plan for the Chemical Safety Vulnerability Working Group report. Volume 1  

SciTech Connect (OSTI)

The Chemical Safety Vulnerability (CSV) Working Group was established to identify adverse conditions involving hazardous chemicals at DOE facilities that might result in fires or explosions, release of hazardous chemicals to the environment, or exposure of workers or the public to chemicals. A CSV Review was conducted in 146 facilities at 29 sites. Eight generic vulnerabilities were documented related to: abandoned chemicals and chemical residuals; past chemical spills and ground releases; characterization of legacy chemicals and wastes; disposition of legacy chemicals; storage facilities and conditions; condition of facilities and support systems; unanalyzed and unaddressed hazards; and inventory control and tracking. Weaknesses in five programmatic areas were also identified related to: management commitment and planning; chemical safety management programs; aging facilities that continue to operate; nonoperating facilities awaiting deactivation; and resource allocations. Volume 1 contains a discussion of the chemical safety improvements planned or already underway at DOE sites to correct facility or site-specific vulnerabilities. The main part of the report is a discussion of each of the programmatic deficiencies; a description of the tasks to be accomplished; the specific actions to be taken; and the organizational responsibilities for implementation.

Not Available

1994-09-01T23:59:59.000Z

388

Insular Area energy vulnerability, Puerto Rico, US Virgin Islands. Technical Appendix 1  

SciTech Connect (OSTI)

This report was prepared in response to Section 1406 of the Energy Policy Act of 1992 (P.L. 192-486). The Act directed the Department of Energy (DOE) to ``conduct a study of the implications of the unique vulnerabilities of the insular areas to an oil supply disruption,`` and to ``outline how the insular areas shall gain access to vital oil supplies during times of national emergency.`` The Act defines the insular areas to be the US Virgin Islands and Puerto Rico in the Caribbean, and Guam, American Samoa, the Commonwealth of the Northern Mariana Islands (CNMI), and Palau in the Pacific. This report is the analysis of Puerto Rico and the US Virgin Islands. In the study, ``unique vulnerabilities`` were defined as susceptibility to: (1) more frequent or more likely interruptions of oil supplies compared to the mainland, and/or (2) disproportionately larger or more likely economic losses in the event of an oil supply disruption. In order to asses unique vulnerabilities, the study examined in the insular areas` experience during past global disruptions of oil supplies and during local emergencies caused by natural disasters. The effects of several possible future global disruptions and local emergencies were also analyzed. Analyses were based on historical data, simulations using energy and economic models, and interviews with officials in the insular governments and the energy industry.

Stern, M.; Willard, E.E.; Efferding, S. [Ensys Energy & Systems, Inc., Flemington, NJ (United States)

1994-05-01T23:59:59.000Z

389

Vulnerability of larval and juvenile white sturgeon to barotrauma: can they handle the pressure?  

SciTech Connect (OSTI)

Techniques were developed to determine which life stages of fish are vulnerable to barotrauma from expansion of internal gases during decompression. Eggs, larvae and juvenile hatchery-reared white sturgeon (Acipenser transmontanus; up to 91 days post hatch; dph), were decompressed to assess vulnerability to barotrauma and identify initial swim bladder inflation. Barotrauma related injury and mortality were first observed 9 dph, on the same day as initial exogenous feeding. However, barotrauma related injury did not occur again until swim bladder inflation 75 dph (visible from necropsy and x-ray radiographs). Swim bladder inflation was not consistent among individuals, with only 44% being inflated 91 dph. Additionally, swim bladder inflation did not appear to be size dependent among fish ranging in total length from 61-153 mm at 91 dph. The use of a combination of decompression tests and x-ray radiography was validated as a method to determine initial swim bladder inflation and vulnerability to barotrauma. Extending these techniques to other species and life history stages would help to determine fish susceptibility to hydroturbine passage and aid in fish conservation.

Brown, Richard S.; Cook, Katrina V.; Pflugrath, Brett D.; Rozeboom, Latricia L.; Johnson, Rachelle C.; McLellan, Jason; Linley, Timothy J.; Gao, Yong; Baumgartner, Lee J.; Dowell, Frederick E.; Miller, Erin A.; White, Timothy A.

2013-07-01T23:59:59.000Z

390

Crucial role of detailed function, task, timeline, link and human vulnerability analyses in HRA  

SciTech Connect (OSTI)

This paper addresses one major cause for large uncertainties in human reliability analysis (HRA) results, that is, an absence of detailed function, task, timeline, link and human vulnerability analyses. All too often this crucial step in the HRA process is done in a cursory fashion using word of mouth or written procedures which themselves may incompletely or inaccurately represent the human action sequences and human error vulnerabilities being analyzed. The paper examines the potential contributions these detailed analyses can make in achieving quantitative and qualitative HRA results which are: (1) creditable, that is, minimize uncertainty, (2) auditable, that is, systematically linking quantitative results and qualitative information from which the results are derived, (3) capable of supporting root cause analyses on human reliability factors determined to be major contributors to risk, and (4) capable of repeated measures and being combined with similar results from other analyses to examine HRA issues transcending individual systems and facilities. Based on experience analyzing test and commercial nuclear reactors, and medical applications of nuclear technology, an iterative process is suggested for doing detailed function, task, timeline, link and human vulnerability analyses using documentation reviews, open-ended and structured interviews, direct observations, and group techniques. Finally, the paper concludes that detailed analyses done in this manner by knowledgeable human factors practitioners, can contribute significantly to the credibility, auditability, causal factor analysis, and combining goals of the HRA.

Ryan, T.G.; Haney, L.N.; Ostrom, L.T.

1992-10-01T23:59:59.000Z

391

Evaluation of a Prototype Surface Flow Bypass for Juvenile Salmon and Steelhead at the Powerhouse of Lower Granite Dam, Snake River, Washington, 1996-2000  

SciTech Connect (OSTI)

A surface flow bypass provides a route in the upper water column for naturally, surface-oriented juvenile salmonids to safely migrate through a hydroelectric dam. Surface flow bypasses were recommended in several regional salmon recovery plans as a means to increase passage survival of juvenile salmonids at Columbia and Snake River dams. A prototype surface flow bypass, called the SBC, was retrofit on Lower Granite Dam and evaluated from 1996 to 2000 using biotelemetry and hydroacoustic techniques. In terms of passage efficiency, the best SBC configurations were a surface skimmer (99 m3/s [3,500 cfs], three entrances 5 m wide, 5 m deep and one entrance 5 m wide, 15 m deep) and a single chute (99 m3/s, one entrance 5 m wide, 8.5 m deep). They each passed 62 ? 3% (95% confidence interval) of the total juvenile fish population that entered the section of the dam with the SBC entrances (Turbine Units 4-5). Smooth entrance shape and concentrated surface flow characteristics of these configurations are worth pursuing in designs for future surface flow bypasses. In addition, a guidance wall in the Lower Granite Dam forebay diverted the following percentages of juvenile salmonids away from Turbine Units 1-3 toward other passage routes, including the SBC: run-at-large 79 ? 18%; hatchery steelhead 86%; wild steelhead 65%; and yearling chinook salmon 66%. When used in combination with spill or turbine intake screens, a surface flow bypass with a guidance wall can produce a high level (> 90% of total project passage) of non-turbine passage and provide operational flexibility to fisheries managers and dam operators responsible for enhancing juvenile salmonid survival.

Johnson, Gary E.; Anglea, Steven M.; Adams, Noah S.; Wik, Timothy O.

2005-02-28T23:59:59.000Z

392

U-152: OpenSSL "asn1_d2i_read_bio()" DER Format Data Processing Vulnerability  

Broader source: Energy.gov [DOE]

The vulnerability is caused due to a type casting error in the "asn1_d2i_read_bio()" function when processing DER format data and can be exploited to cause a heap-based buffer overflow.

393

Summary Xylem vulnerability to cavitation is a promising criterion for identifying trees with high drought tolerance, but  

E-Print Network [OSTI]

Summary Xylem vulnerability to cavitation is a promising criterion for identifying trees with high drought tolerance, but traditional techniques for measuring cavitation resistance are unsuitablefor throughput screening of cavitation resistance in five poplar (Populus spp.) andfour willow (Salix spp

Mencuccini, Maurizio

394

Systematic investigation of genetic vulnerabilities across cancer cell lines reveals lineage-specific dependencies in ovarian cancer  

E-Print Network [OSTI]

A comprehensive understanding of the molecular vulnerabilities of every type of cancer will provide a powerful roadmap to guide therapeutic approaches. Efforts such as The Cancer Genome Atlas Project will identify genes ...

Ren, Yin

395

U-231: Cisco ASA SIP and WebVPN Bugs Let Remote Users Deny Service  

Broader source: Energy.gov [DOE]

Two vulnerabilities were reported in Cisco ASA. A remote or remote authenticated user can cause denial of service conditions.

396

JC3 | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

by malicious people to bypass certain security restrictions. May 14, 2012 U-168: EMC Documentum Information Rights Management Server Bugs Let Remote Authenticated Users...

397

JC3 Bulletin Archive | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

by malicious people to bypass certain security restrictions. May 14, 2012 U-168: EMC Documentum Information Rights Management Server Bugs Let Remote Authenticated Users...

398

LOCA with consequential or delayed LOOP accidents: Unique issues, plant vulnerability, and CDF contributions  

SciTech Connect (OSTI)

A loss-of-coolant accident (LOCA) can cause a loss-of-offsite power (LOOP) wherein the LOOP is usually delayed by few seconds or longer. Such an accident is called LOCA with consequential LOOP, or LOCA with delayed LOOP (here, abbreviated as LOCA/LOOP). This paper analyzes the unique conditions that are associated with a LOCA/LOOP, presents a model, and quantifies its contribution to core damage frequency (CDF). The results show that the CDF contribution can be a dominant contributor to risk for certain plant designs, although boiling water reactors (BWRs) are less vulnerable than pressurized water reactors (PWRs).

Martinez-Guridi, G.; Samanta, P.; Chu, L.; Yang, J.

1998-08-01T23:59:59.000Z

399

California GAMA Program: A Contamination Vulnerability Assessment for the Bakersfield Area  

SciTech Connect (OSTI)

In response to concerns expressed by the California Legislature and the citizenry of the State of California, the State Water Resources Control Board (SWRCB), implemented a program to assess groundwater quality, and provide a predictive capability for identifying areas that are vulnerable to contamination. The program was initiated in response to concern over public supply well closures due to contamination by chemicals such as MTBE from gasoline, and solvents from industrial operations. As a result of this increased awareness regarding groundwater quality, the Supplemental Report of the 1999 Budget Act mandated the SWRCB to develop a comprehensive ambient groundwater-monitoring plan, and led to the initiation of the Groundwater Ambient Monitoring and Assessment (GAMA) Program. The primary objective of the GAMA Program is to assess the water quality and to predict the relative susceptibility to contamination of groundwater resources throughout the state of California. Under the GAMA program, scientists from Lawrence Livermore National Laboratory (LLNL) collaborate with the SWRCB, the U.S. Geological Survey (USGS), the California Department of Health Services (DHS), and the California Department of Water Resources (DWR) to implement this groundwater assessment program. In 2003, LLNL carried out this vulnerability study in the groundwater basin that underlies Bakersfield, in the southern San Joaquin Valley. The goal of the study is to provide a probabilistic assessment of the relative vulnerability of groundwater used for the public water supply to contamination from surface sources. This assessment of relative contamination vulnerability is made based on the results of two types of analyses that are not routinely carried out at public water supply wells: ultra low-level measurement of volatile organic compounds (VOCs), and groundwater age dating (using the tritium-helium-3 method). In addition, stable oxygen isotope measurements help determine the recharge water source location. Interpreted together, and in the context of existing water quality and hydrogeologic data, these observable parameters help define the flow field of a groundwater basin, and indicate the degree of vertical communication between near-surface sources (or potential sources) of contamination, and deeper groundwater pumped at high capacity production wells.

Moran, J E; Hudson, G B; Eaton, G F; Leif, R

2004-11-01T23:59:59.000Z

400

Genomic and biochemical approaches in the discovery of mechanisms for selective neuronal vulnerability to oxidative stress  

E-Print Network [OSTI]

ral ssBioMed CentBMC Neuroscience Open AcceResearch article Genomic and biochemical approaches in the discovery of mechanisms for selective neuronal vulnerability to oxidative stress Xinkun Wang*1,2, Asma Zaidi2,3, Ranu Pal1,2, Alexander S Garrett4...: Daiichi Sankyo Inc., Two Hilton Court, Parsippany, NJ 07054, USA Email: Xinkun Wang* - xwang@ku.edu; Asma Zaidi - azaidi@kcumb.edu; Ranu Pal - ranupal@ku.edu; Alexander S Garrett - asg@stowers- institute.org; Rogelio Braceras - rbraceras@dsus.com; Xue...

Wang, Xinkun; Zaidi, Asma; Pal, Ranu; Garrett, Alexander S.; Braceras, Rogelio; Chen, Xue-wen; Michaelis, Mary L.; Michaelis, Elias K.

2009-02-19T23:59:59.000Z

Note: This page contains sample records for the topic "authentication bypass vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


401

Methodology for prioritizing cyber-vulnerable critical infrastructure equipment and mitigation strategies.  

SciTech Connect (OSTI)

The Department of Homeland Security (DHS), National Cyber Security Division (NSCD), Control Systems Security Program (CSSP), contracted Sandia National Laboratories to develop a generic methodology for prioritizing cyber-vulnerable, critical infrastructure assets and the development of mitigation strategies for their loss or compromise. The initial project has been divided into three discrete deliverables: (1) A generic methodology report suitable to all Critical Infrastructure and Key Resource (CIKR) Sectors (this report); (2) a sector-specific report for Electrical Power Distribution; and (3) a sector-specific report for the water sector, including generation, water treatment, and wastewater systems. Specific reports for the water and electric sectors are available from Sandia National Laboratories.

Dawson, Lon Andrew; Stinebaugh, Jennifer A.

2010-04-01T23:59:59.000Z

402

T-551: Cisco Security Advisory: Multiple Cisco WebEx Player Vulnerabilities  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Delicious RankCombustion |Energy Usage »of Energy Strain Rate4SuperhardSuspectEnginesSystems forVulnerabilities ||

403

U-196: Cisco AnyConnect VPN Client Two Vulnerabilities | Department of  

Energy Savers [EERE]

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Office of Inspector GeneralDepartment of EnergyofProject is on Track | Department ofLLCU-023: Debian||Vulnerability

404

V-211: IBM iNotes Multiple Vulnerabilities | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "ofEarly Career Scientists' Research Petroleum ReserveDepartmentScriptingVulnerabilities | DepartmentMultiple

405

V-213: PuTTY SSH Handshake Integer Overflow Vulnerabilities | Department of  

Broader source: Energy.gov (indexed) [DOE]

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "ofEarly Career Scientists' Research Petroleum ReserveDepartmentScriptingVulnerabilities |Energy SEARCH-LAB

406

authentic food -simply prepared add green bean fair trade organic coffee or fair trade tea to your meal for $1.5  

E-Print Network [OSTI]

brunch authentic food - simply prepared #12;BREAKFAST add green bean fair trade organic coffee or fair trade tea to your meal for $1.5 BUILD YOUR OWN BREAKFAST 7 served with toast (rye or harvest grain · house cured back bacon · house smoked tofu · grilled tomatoes and onions · wilted greens · breakfast

Martin, Jeff

407

CAH and Shared Services Transition Plan CAH will move seven servers that provide daily operational services such as user authentication and access, central file  

E-Print Network [OSTI]

CAH and Shared Services Transition Plan CAH will move seven servers that provide daily operational the university's NET domain. Domains provide user authentication, access, and management to resources divide the transition plan, and each phase has goals and a deadline. The overall goal is to continue

Wu, Shin-Tson

408

Google Earth as a geospatial tool for development organisations: mapping climate change vulnerability  

E-Print Network [OSTI]

needed to represent the issue of vulnerability, and Google Earth allows for users to explore and understand even more information. This study draws examples from a mapping project of climate change vulnerability in Niger, and discusses the lessons...Geographical Information Systems have not been as successful in the non-governmental humanitarian sector as GIS professionals had hoped. If geospatial tools are to become more widely used and valuable within the humanitarian sector, it is perhaps time for a new approach to be taken. A debate is currently underway about the potential role of Google Earth in emergency relief operations. This research extends the scope of this discussion into the wider development sector, and asks whether Google Earth has the potential to become a useful tool in various aspects of development NGO work. Information management tools need to have wide support within an organisation to be successful, and it seems that many are very interested in what can be done using compromise geospatial/geovisualisation tools such as Google Earth. However there is also scepticism about its usefulness. This research suggests practical applications and recommendations for good use so that actors within the development sector can take the research further....

Crossley, Janet Ruth

2008-01-01T23:59:59.000Z

409

Climate Change Vulnerability and Resilience: Current Status and Trends for Mexico  

SciTech Connect (OSTI)

Climate change alters different localities on the planet in different ways. The impact on each region depends mainly on the degree of vulnerability that natural ecosystems and human-made infrastructure have to changes in climate and extreme meteorological events, as well as on the coping and adaptation capacity towards new environmental conditions. This study assesses the current resilience of Mexico and Mexican states to such changes, as well as how this resilience will look in the future. In recent studies (Moss et al. 2000, Brenkert and Malone 2005, Malone and Brenket 2008, Ibarrarn et al. 2007), the Vulnerability-Resilience Indicators Model (VRIM) is used to integrate a set of proxy variables that determine the resilience of a region to climate change. Resilience, or the ability of a region to respond to climate variations and natural events that result from climate change, is given by its adaptation and coping capacity and its sensitivity. On the one hand, the sensitivity of a region to climate change is assessed, emphasizing its infrastructure, food security, water resources, and the health of the population and regional ecosystems. On the other hand, coping and adaptation capacity is based on the availability of human resources, economic capacity and environmental capacity.

Ibarraran , Maria E.; Malone, Elizabeth L.; Brenkert, Antoinette L.

2008-12-30T23:59:59.000Z

410

U.S. Department of Energy FreedomCAR & Vehicle Technologies Program: Oil Bypass Filter Technology Evaluation Seventh Quarterly Report April - June 2004  

SciTech Connect (OSTI)

This Oil Bypass Filter Technology Evaluation quarterly report (AprilJune 2004) details the ongoing fleet evaluation of an oil bypass filter technology by the Idaho National Engineering and Environmental Laboratory (INEEL) for the U.S. Department of Energys (DOE) FreedomCAR & Vehicle Technologies Program. Eight INEEL four-cycle diesel engine buses used to transport INEEL employees on various routes and six INEEL Chevrolet Tahoes with gasoline engines are equipped with oil bypass filter systems from the puraDYN Corporation. The bypass filters are reported to have engine oil filtering capability of <1 micron and a built-in additive package to facilitate extended oil-drain intervals. This quarter, the eight diesel engine buses traveled 85,632 miles. As of the end of June 2004, the eight buses have accumulated 498,814 miles since the beginning of the test and 473,192 miles without an oil change. This represents an avoidance of 39 oil changes, which equates to 1,374 quarts (343 gallons) of new oil not consumed and, furthermore, 1,374 quarts of waste oil not generated. One bus had its oil changed due to the degraded quality of the engine oil. Also this quarter, the six Tahoe test vehicles traveled 48,193 miles; to date, the six Tahoes have accumulated 109,708 total test miles. The oil for all six of the Tahoes was changed this quarter due to low Total Base Numbers (TBN). The oil used initially in the Tahoe testing was recycled oil; the recycled oil has been replaced with Castrol virgin oil, and the testing was restarted. However, the six Tahoes did travel a total of 98,266 miles on the initial engine oil. This represents an avoidance of 26 oil changes, which equates to 130 quarts (32.5 gallons) of new oil not consumed and, consequently, 130 quarts of waste oil not generated. Based on the number of oil changes avoided by the test buses and Tahoes to date, the potential engine oil savings if an oil bypass filter system were used was estimated for the INEEL, DOE complex and all Federal fleets of on-road vehicles. The estimated potential annual engine oil savings for the three fleets are: INEEL 3,400 gallons, all DOE fleets 32,000 gallons, and all Federal fleet 1.7 million gallons.

Larry Zirker; James Francfort; Jordan Fielding

2004-08-01T23:59:59.000Z

411

Fabrication of Message Digest to Authenticate Audio Signals with Alternation of Coefficients of Harmonics in Multi-Stages (MDAC)  

E-Print Network [OSTI]

Providing security to audio songs for maintaining its intellectual property right (IPR) is one of chanllenging fields in commercial world especially in creative industry. In this paper, an effective approach has been incorporated to fabricate authentication of audio song through application of message digest method with alternation of coefficients of harmonics in multi-stages of higher frequency domain without affecting its audible quality. Decomposing constituent frequency components of song signal using Fourier transform with generating secret code via applying message digest followed by alternating coefficients of specific harmonics in multi-stages generates a secret code and this unique code is utilized to detect the originality of the song. A comparative study has been made with similar existing techniques and experimental results are also supported with mathematical formula based on Microsoft WAVE (".wav") stereo sound file.

Mondal, Uttam Kr

2012-01-01T23:59:59.000Z

412

Assessing the Vulnerability of Large Critical Infrastructure Using Fully-Coupled Blast Effects Modeling  

SciTech Connect (OSTI)

Structural failures, such as the MacArthur Maze I-880 overpass in Oakland, California and the I-35 bridge in Minneapolis, Minnesota, are recent examples of our national infrastructure's fragility and serve as an important reminder of such infrastructure in our everyday lives. These two failures, as well as the World Trade Center's collapse and the levee failures in New Orleans, highlight the national importance of protecting our infrastructure as much as possible against acts of terrorism and natural hazards. This paper describes a process for evaluating the vulnerability of critical infrastructure to large blast loads using a fully-coupled finite element approach. A description of the finite element software and modeling technique is discussed along with the experimental validation of the numerical tools. We discuss how such an approach can be used for specific problems such as modeling the progressive collapse of a building.

McMichael, L D; Noble, C R; Margraf, J D; Glascoe, L G

2009-03-26T23:59:59.000Z

413

Sublethal OxygenGlucose Deprivation Alters Hippocampal Neuronal AMPA Receptor Expression and Vulnerability to  

E-Print Network [OSTI]

Recent studies have suggested that rats subjected to transient global brain ischemia develop depressed expression of GluR-B in CA1 hippocampal neurons. The present study was performed to determine whether a similar change in AMPA receptor expression could be triggered in vitro by sublethal oxygenglucose deprivation in rat hippocampal neuronal cultures. mRNA was extracted from individual hippocampal neurons via patch electrodes and amplified by RT-PCR 2448 hr after sublethal oxygenglucose deprivation. Compared with controls, insulted neurons expressed increased levels of GluR-D flop. As an indication that this change in receptor expression was functionally significant, insulted cultures exhibited increased AMPA- or kainate-induced 45 Ca 2 ? accumulation sensitive to Joro spider toxin and increased vulnerability to kainate-induced death. These data support the hypothesis that exposure to ischemia may enhance subsequent hippocampal

Kainate-induced Death; Howard S. Ying; Jochen H. Weishaupt; Margaret Grabb; Lorella M. T. Canzoniero; Stefano L. Sensi; Christian T. Sheline; Hannah Monyer; Dennis W. Choi

414

LAVA (Los Alamos Vulnerability and Risk Assessment Methodology): A conceptual framework for automated risk analysis  

SciTech Connect (OSTI)

At Los Alamos National Laboratory, we have developed an original methodology for performing risk analyses on subject systems characterized by a general set of asset categories, a general spectrum of threats, a definable system-specific set of safeguards protecting the assets from the threats, and a general set of outcomes resulting from threats exploiting weaknesses in the safeguards system. The Los Alamos Vulnerability and Risk Assessment Methodology (LAVA) models complex systems having large amounts of ''soft'' information about both the system itself and occurrences related to the system. Its structure lends itself well to automation on a portable computer, making it possible to analyze numerous similar but geographically separated installations consistently and in as much depth as the subject system warrants. LAVA is based on hierarchical systems theory, event trees, fuzzy sets, natural-language processing, decision theory, and utility theory. LAVA's framework is a hierarchical set of fuzzy event trees that relate the results of several embedded (or sub-) analyses: a vulnerability assessment providing information about the presence and efficacy of system safeguards, a threat analysis providing information about static (background) and dynamic (changing) threat components coupled with an analysis of asset ''attractiveness'' to the dynamic threat, and a consequence analysis providing information about the outcome spectrum's severity measures and impact values. By using LAVA, we have modeled our widely used computer security application as well as LAVA/CS systems for physical protection, transborder data flow, contract awards, and property management. It is presently being applied for modeling risk management in embedded systems, survivability systems, and weapons systems security. LAVA is especially effective in modeling subject systems that include a large human component.

Smith, S.T.; Lim, J.J.; Phillips, J.R.; Tisinger, R.M.; Brown, D.C.; FitzGerald, P.D.

1986-01-01T23:59:59.000Z

415

Women and Sustainability: Creating Community based literacy for climate solutions Women are particularly vulnerable to economic downturns and the impacts of climate change may  

E-Print Network [OSTI]

Accord (2009) acknowledges disproportionate impacts of climate change on women in developing countries are particularly vulnerable to economic downturns and the impacts of climate change may increase that vulnerability. Water is the biggest limiting factor in Colorado and climate change is anticipated to reduce its

Boone, Randall B.

416

Limiting sediment deposition on roadways: topographic controls on vulnerable roads and cost analysis of planting grass buffer  

E-Print Network [OSTI]

Limiting sediment deposition on roadways: topographic controls on vulnerable roads and cost and summer storms lead to large scale sediment deposition on roadways, and cleanup costs are a major concern characteristics which control sediment deposition on roadways in order to compare the cost of planting grass

Boyer, Edmond

417

Combining particle-tracking and geochemical data to assess public supply well vulnerability to arsenic and uranium q  

E-Print Network [OSTI]

. Bhattacharya, Associate Editor Keywords: Vulnerability Particle-tracking Arsenic Uranium Classification tree through aquifer systems and also through specific redox and pH zones within aquifers. Time were generally strongest for variables computed for distinct redox zones. Classification tree analysis

418

The waters of Southeastern Wisconsin are vast but vulnerable. We depend on our waters for drinking water, irrigation, industry, transportation,  

E-Print Network [OSTI]

The waters of Southeastern Wisconsin are vast but vulnerable. We depend on our waters for drinking for drinking water is rising in the United States and around the world due to population growth. At the same water, irrigation, industry, transportation, power production, recreation and scenic beauty

Saldin, Dilano

419

Recovery of bypassed oil in the Dundee Formation using horizontal drains. Annual report, May 1, 1995--April 30, 1996  

SciTech Connect (OSTI)

The principal objective of this project is to demonstrate the feasibility and economics success of producing oil from abandoned or nearly abandoned fields in the Dundee Formation of Central Michigan using horizontal drilling technology. The project is a cooperative venture between Michigan Technological University (MTU), Western Michigan University (WMU), and Terra Energy (now Cronus Development Co.). During the fall of 1995, the demonstration well for this project, the TOW No. 1-3 well in Crystal Field, Montcalm County, Michigan, was completed in the Dundee Formation and for the first three months of operation produced 50 bbl/day oil with no water cut. Because surface facilities were inadequate to handle full production, the well was produced for 12 hrs/day and shut in for 12 hrs/day. In January, 1996, new surface Facilities were completed and production was raised to 100 bbl/day. Daily production has varied from about 75 to 100 BOPD since that time. To date, the well has produced over 10, 000 bbls. The water cut remains at 0% and pressure has been maintained at 1445 psi by an active water drive. If expectations are met, the well will pay out in less than 1 year and continue on production for at least 5 years. Cronus Development Co. is tentatively planning to drill three more horizontal wells in the Dundee in Crystal Field. Thus, the play concept we chose to test, that bypassed attic oil remained in the Dundee reservoir between wells that had been produced at excessively high flow rates and had coned water during primary production, appears to be correct, and the TOW No. 1-3 HD-1 well is now a scientific, and appears soon to become an economic, success.

Wood, J.R.

1996-04-30T23:59:59.000Z

420

Recovery of bypassed oil in the Dundee Formation (Devonian) of the Michigan Basin using horizontal drains. Final report, April 28, 1994--December 31, 1997  

SciTech Connect (OSTI)

Total hydrocarbon production in the Michigan Basin has surpassed 1 billion barrels (Bbbls) and total unrecovered reserves are estimated at 1--2 BBbls. However, hydrocarbon production in Michigan has fallen from 35 MMbbls/yr in 1979 to about 10 MMbbls/yr in 1996. In an effort to slow this decline, a field demonstration project designed around using a horizontal well to recover bypassed oil was designed and carried out at Crystal Field in Montcalm County, MI. The project had two goals: to test the viability of using horizontal wells to recover bypassed oil from the Dundee Formation, and to characterize additional Dundee reservoirs (29) that are look alikes to the Crystal Field. As much as 85 percent of the oil known to exist in the Dundee Formation in the Michigan Basin remains in the ground as bypassed oil. Early production techniques in the 137 fields were poor, and the Dundee was at risk of being abandoned, leaving millions of barrels of oil behind. Crystal Field in Montcalm County, Michigan is a good example of a worn out field. Crystal Field was once a prolific producer which had been reduced to a handful of wells, the best of which produced only 5 barrels per day. The demonstration well drilled as a result of this project, however, has brought new life to the Crystal Field. Horizontal drilling is one of the most promising technologies available for oil production. The new well was completed successfully in October of 1995 and has been producing 100 barrels of oil per day, 20 times better than the best conventional well in the field.

Wood, J.R.; Pennington, W.D.

1998-09-01T23:59:59.000Z

Note: This page contains sample records for the topic "authentication bypass vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


421

Development of an ASTM standard guide on performing vulnerability assessments for nuclear facilities  

SciTech Connect (OSTI)

This paper describes an effort undertaken by subcommittee C26.12 (Safeguards) of the American Society for Testing and Materials (ASTM) to develop a standard guide for performing vulnerability assessments (VAs). VAs are performed to determine the effectiveness of safeguards and security systems for both domestic and international nuclear facilities. These assessments address a range of threats, including theft of nuclear material and sabotage, and use an array of methods. The approach to performing and documenting VAs is varied and is largely dependent upon the tools used to perform them. This diversity can lead to tools being misused, making validation of VAs more difficult. The development of a standard guide for performing VAs would, if generally accepted, alleviate these concerns. ASTM provides a forum for developing guides that includes a high level of peer review to assure that the result is acceptable to all potential users. Additionally, the ASTM is widely recognized for setting standards, and endorsement by the Society may increase the likelihood of acceptance by the nuclear community. The goal of this work is to develop a guide that is independent of the tools being used to perform the VA and applicable to the spectrum of threats described above.

Wilkey, D.D.

1995-09-01T23:59:59.000Z

422

Plutonium working group report on environmental, safety and health vulnerabilities associated with the Department`s plutonium storage. Volume II, part 7: Mound working group assessment team report  

SciTech Connect (OSTI)

This is the report of a visit to the Mound site by the Working Group Assessment Team (WGAT) to assess plutonium vulnerabilities. Purposes of the visit were: to review results of the site`s self assessment of current practices for handling and storing plutonium; to conduct an independent assessment of these practices; to reconcile differences and assemble a final list of vulnerabilities; to calculate consequences and probability for each vulnerability; and to issue a report to the Working Group. This report, representing completion of the Mound visit, will be compiled along with those from all other sites with plutonium inventories as part of a final report to the Secretary of Energy.

NONE

1994-09-01T23:59:59.000Z

423

Spring bypass assembly. [LMFBR  

SciTech Connect (OSTI)

Pipe clamp comprises two substantially semicircular rim halves biased toward each other by spring assemblies. Adjustable stop means 5 limit separation of the rim halves when the pipe expands.

Jablonski, H.; Roughgarden, J.D.

1982-06-02T23:59:59.000Z

424

Crucial role of detailed function, task, timeline, link and human vulnerability analyses in HRA. [Human Reliability Analysis (HRA)  

SciTech Connect (OSTI)

This paper addresses one major cause for large uncertainties in human reliability analysis (HRA) results, that is, an absence of detailed function, task, timeline, link and human vulnerability analyses. All too often this crucial step in the HRA process is done in a cursory fashion using word of mouth or written procedures which themselves may incompletely or inaccurately represent the human action sequences and human error vulnerabilities being analyzed. The paper examines the potential contributions these detailed analyses can make in achieving quantitative and qualitative HRA results which are: (1) creditable, that is, minimize uncertainty, (2) auditable, that is, systematically linking quantitative results and qualitative information from which the results are derived, (3) capable of supporting root cause analyses on human reliability factors determined to be major contributors to risk, and (4) capable of repeated measures and being combined with similar results from other analyses to examine HRA issues transcending individual systems and facilities. Based on experience analyzing test and commercial nuclear reactors, and medical applications of nuclear technology, an iterative process is suggested for doing detailed function, task, timeline, link and human vulnerability analyses using documentation reviews, open-ended and structured interviews, direct observations, and group techniques. Finally, the paper concludes that detailed analyses done in this manner by knowledgeable human factors practitioners, can contribute significantly to the credibility, auditability, causal factor analysis, and combining goals of the HRA.

Ryan, T.G.; Haney, L.N.; Ostrom, L.T.

1992-01-01T23:59:59.000Z

425

Predicting target vessel location on robot-assisted coronary artery bypass graft using CT to ultrasound registration  

SciTech Connect (OSTI)

Purpose: Although robot-assisted coronary artery bypass grafting (RA-CABG) has gained more acceptance worldwide, its success still depends on the surgeon's experience and expertise, and the conversion rate to full sternotomy is in the order of 15%-25%. One of the reasons for conversion is poor pre-operative planning, which is based solely on pre-operative computed tomography (CT) images. In this paper, the authors propose a technique to estimate the global peri-operative displacement of the heart and to predict the intra-operative target vessel location, validated via both an in vitro and a clinical study. Methods: As the peri-operative heart migration during RA-CABG has never been reported in the literatures, a simple in vitro validation study was conducted using a heart phantom. To mimic the clinical workflow, a pre-operative CT as well as peri-operative ultrasound images at three different stages in the procedure (Stage{sub 0}--following intubation; Stage{sub 1}--following lung deflation; and Stage{sub 2}--following thoracic insufflation) were acquired during the experiment. Following image acquisition, a rigid-body registration using iterative closest point algorithm with the robust estimator was employed to map the pre-operative stage to each of the peri-operative ones, to estimate the heart migration and predict the peri-operative target vessel location. Moreover, a clinical validation of this technique was conducted using offline patient data, where a Monte Carlo simulation was used to overcome the limitations arising due to the invisibility of the target vessel in the peri-operative ultrasound images. Results: For the in vitro study, the computed target registration error (TRE) at Stage{sub 0}, Stage{sub 1}, and Stage{sub 2} was 2.1, 3.3, and 2.6 mm, respectively. According to the offline clinical validation study, the maximum TRE at the left anterior descending (LAD) coronary artery was 4.1 mm at Stage{sub 0}, 5.1 mm at Stage{sub 1}, and 3.4 mm at Stage{sub 2}. Conclusions: The authors proposed a method to measure and validate peri-operative shifts of the heart during RA-CABG. In vitro and clinical validation studies were conducted and yielded a TRE in the order of 5 mm for all cases. As the desired clinical accuracy imposed by this procedure is on the order of one intercostal space (10-15 mm), our technique suits the clinical requirements. The authors therefore believe this technique has the potential to improve the pre-operative planning by updating peri-operative migration patterns of the heart and, consequently, will lead to reduced conversion to conventional open thoracic procedures.

Cho, Daniel S.; Linte, Cristian; Chen, Elvis C. S.; Bainbridge, Daniel; Wedlake, Chris; Moore, John; Barron, John; Patel, Rajni; Peters, Terry [Imaging Research Laboratories, Robarts Research Institute and Biomedical Engineering Graduate Program, University of Western Ontario, Ontario N6A 5K8 (Canada); Imaging Research Laboratories, Robarts Research Institute and Biomedical Imaging Resource, Mayo Clinic, Rochester, Minnesota 55905 (United States); Imaging Research Laboratories, Robarts Research Institute, University of Western Ontario, Ontario N6A 5K8 (Canada); Canadian Surgical Technologies and Advanced Robotics, London, Ontario N6A 5A5 (Canada); Imaging Research Laboratories, Robarts Research Institute, University of Western Ontario, Ontario N6A 5K8 (Canada); Department of Computer Science, University of Western Ontario, Ontario N6A 5B7 (Canada); Canadian Surgical Technologies and Advanced Robotics, London, Ontario N6A 5A5 (Canada); Imaging Research Laboratories, Robarts Research Institute, Biomedical Engineering Graduate Program, University of Western Ontario N6A 5K8 (Canada); and Canadian Surgical Technologies and Advanced Robotics, London, Ontario N6A 5A5 (Canada)

2012-03-15T23:59:59.000Z

426

GRiP - A flexible approach for calculating risk as a function of consequence, vulnerability, and threat.  

SciTech Connect (OSTI)

Get a GRiP (Gravitational Risk Procedure) on risk by using an approach inspired by the physics of gravitational forces between body masses! In April 2010, U.S. Department of Homeland Security Special Events staff (Protective Security Advisors [PSAs]) expressed concern about how to calculate risk given measures of consequence, vulnerability, and threat. The PSAs believed that it is not 'right' to assign zero risk, as a multiplicative formula would imply, to cases in which the threat is reported to be extremely small, and perhaps could even be assigned a value of zero, but for which consequences and vulnerability are potentially high. They needed a different way to aggregate the components into an overall measure of risk. To address these concerns, GRiP was proposed and developed. The inspiration for GRiP is Sir Isaac Newton's Universal Law of Gravitation: the attractive force between two bodies is directly proportional to the product of their masses and inversely proportional to the squares of the distance between them. The total force on one body is the sum of the forces from 'other bodies' that influence that body. In the case of risk, the 'other bodies' are the components of risk (R): consequence, vulnerability, and threat (which we denote as C, V, and T, respectively). GRiP treats risk as if it were a body within a cube. Each vertex (corner) of the cube represents one of the eight combinations of minimum and maximum 'values' for consequence, vulnerability, and threat. The risk at each of the vertices is a variable that can be set. Naturally, maximum risk occurs when consequence, vulnerability, and threat are at their maximum values; minimum risk occurs when they are at their minimum values. Analogous to gravitational forces among body masses, the GRiP formula for risk states that the risk at any interior point of the box depends on the squares of the distances from that point to each of the eight vertices. The risk value at an interior (movable) point will be dominated by the value of one vertex as that point moves closer and closer to that one vertex. GRiP is a visualization tool that helps analysts better understand risk and its relationship to consequence, vulnerability, and threat. Estimates of consequence, vulnerability, and threat are external to GRiP; however, the GRiP approach can be linked to models or data that provide estimates of consequence, vulnerability, and threat. For example, the Enhanced Critical Infrastructure Program/Infrastructure Survey Tool produces a vulnerability index (scaled from 0 to 100) that can be used for the vulnerability component of GRiP. We recognize that the values used for risk components can be point estimates and that, in fact, there is uncertainty regarding the exact values of C, V, and T. When we use T = t{sub o} (where t{sub o} is a value of threat in its range), we mean that threat is believed to be in an interval around t{sub o}. Hence, a value of t{sub o} = 0 indicates a 'best estimate' that the threat level is equal to zero, but still allows that it is not impossible for the threat to occur. When t{sub o} = 0 but is potentially small and not exactly zero, there will be little impact on the overall risk value as long as the C and V components are not large. However, when C and/or V have large values, there can be large differences in risk given t{sub o} = 0, and t{sub o} = epsilon (where epsilon is small but greater than a value of zero). We believe this scenario explains the PSA's intuition that risk is not equal to zero when t{sub o} = 0 and C and/or V have large values. (They may also be thinking that if C has an extremely large value, it is unlikely that T is equal to 0; in the terrorist context, T would likely be dependent on C when C is extremely large.) The PSAs are implicitly recognizing the potential that t{sub o} = epsilon. One way to take this possible scenario into account is to replace point estimates for risk with interval values that reflect the uncertainty in the risk components. In fact, one could argue that T never equals zero for a man-made hazard. This

Whitfield, R. G.; Buehring, W. A.; Bassett, G. W. (Decision and Information Sciences)

2011-04-08T23:59:59.000Z

427

Vulnerability of the Superficial Zone of Immature Articular Cartilage to Compressive Injury  

SciTech Connect (OSTI)

The zonal composition and functioning of adult articular cartilage causes depth-dependent responses to compressive injury. In immature cartilage, shear and compressive moduli as well as collagen and sulfated glycosaminoglycan (sGAG) content also vary with depth. However, there is little understanding of the depth-dependent damage caused by injury. Since injury to immature knee joints most often causes articular cartilage lesions, this study was undertaken to characterize the zonal dependence of biomechanical, biochemical, and matrix-associated changes caused by compressive injury. Disks from the superficial and deeper zones of bovine calves were biomechanically characterized. Injury to the disks was achieved by applying a final strain of 50% compression at 100%/second, followed by biomechanical recharacterization. Tissue compaction upon injury as well as sGAG density, sGAG loss, and biosynthesis were measured. Collagen fiber orientation and matrix damage were assessed using histology, diffraction-enhanced x-ray imaging, and texture analysis. Injured superficial zone disks showed surface disruption, tissue compaction by 20.3 {+-} 4.3% (mean {+-} SEM), and immediate biomechanical impairment that was revealed by a mean {+-} SEM decrease in dynamic stiffness to 7.1 {+-} 3.3% of the value before injury and equilibrium moduli that were below the level of detection. Tissue areas that appeared intact on histology showed clear textural alterations. Injured deeper zone disks showed collagen crimping but remained undamaged and biomechanically intact. Superficial zone disks did not lose sGAG immediately after injury, but lost 17.8 {+-} 1.4% of sGAG after 48 hours; deeper zone disks lost only 2.8 {+-} 0.3% of sGAG content. Biomechanical impairment was associated primarily with structural damage. The soft superficial zone of immature cartilage is vulnerable to compressive injury, causing superficial matrix disruption, extensive compaction, and textural alteration, which results in immediate loss of biomechanical function. In conjunction with delayed superficial sGAG loss, these changes may predispose the articular surface to further softening and tissue damage, thus increasing the risk of development of secondary osteoarthritis.

Rolauffs, R.; Muehleman, C; Li, J; Kurz, B; Kuettner, K; Frank, E; Grodzinsky, A

2010-01-01T23:59:59.000Z

428

Astrocyte-derived nitric oxide in manganese neurotoxicity: from cellular and molecular mechanisms underlying selective neuronal vulnerability in the basal ganglia to potential therapeutic modalities  

E-Print Network [OSTI]

T: Terminal deoxynucleotidyl Transferase Tf: transferrin TH: tyrosine hydroxylase TIF-2: transcriptional intermediate factor-2 TPN: total parenteral nutrition TUNEL: terminal deoxynucleotidyl transferase-mediated dUTP-biotin nick- end labeling ? m..., and this causes many concerns (Lonnerdal, 1994; Krachler and Rossipal, 2000). Individuals receiving total parenteral nutrition (TPN) are at higher risk for Mn toxicity, because the normal mechanisms of Mn metabolism are bypassed (i.e., the gut), and 100...

Liu, Xuhong

2007-04-25T23:59:59.000Z

429

T-668: Vulnerability in a BlackBerry Enterprise Server component could allow information disclosure and partial denial of service  

Broader source: Energy.gov [DOE]

This advisory describes a security issue in the BlackBerry Administration API component. Successful exploitation of the vulnerability could result in information disclosure and partial denial of service (DoS). The BlackBerry Administration API is a BlackBerry Enterprise Server component that is installed on the server that hosts the BlackBerry Administration Service. The BlackBerry Administration API contains multiple web services that receive API requests from client applications. The BlackBerry Administration API then translates requests into a format that the BlackBerry Administration Service can process.

430

Development of a novel technique to assess the vulnerability of micro-mechanical system components to environmentally assisted cracking.  

SciTech Connect (OSTI)

Microelectromechanical systems (MEMS) will play an important functional role in future DOE weapon and Homeland Security applications. If these emerging technologies are to be applied successfully, it is imperative that the long-term degradation of the materials of construction be understood. Unlike electrical devices, MEMS devices have a mechanical aspect to their function. Some components (e.g., springs) will be subjected to stresses beyond whatever residual stresses exist from fabrication. These stresses, combined with possible abnormal exposure environments (e.g., humidity, contamination), introduce a vulnerability to environmentally assisted cracking (EAC). EAC is manifested as the nucleation and propagation of a stable crack at mechanical loads/stresses far below what would be expected based solely upon the materials mechanical properties. If not addressed, EAC can lead to sudden, catastrophic failure. Considering the materials of construction and the very small feature size, EAC represents a high-risk environmentally induced degradation mode for MEMS devices. Currently, the lack of applicable characterization techniques is preventing the needed vulnerability assessment. The objective of this work is to address this deficiency by developing techniques to detect and quantify EAC in MEMS materials and structures. Such techniques will allow real-time detection of crack initiation and propagation. The information gained will establish the appropriate combinations of environment (defining packaging requirements), local stress levels, and metallurgical factors (composition, grain size and orientation) that must be achieved to prevent EAC.

Enos, David George; Goods, Steven Howard

2006-11-01T23:59:59.000Z

431

V-200: Apache Struts DefaultActionMapper Redirection and OGNL...  

Broader source: Energy.gov (indexed) [DOE]

Apache Struts 2.x ABSTRACT: The vulnerabilities can be exploited by malicious people to conduct spoofing attacks and bypass certain security restrictions REFERENCE LINKS:...

432

ARM - Central Authentication Service  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary)morphinanInformationbudapest Comments? We would love to heartotdngovInstrumentswrf-chemHistory Organization

433

CERTIFICATE OF AUTHENTICITY  

Energy Savers [EERE]

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Delicious RankCombustion |Energyon ArmedWaste andAccess toSustainableClimateSealingColdEnergyClimateC C

434

U-217: Red Hat Certificate System Bugs Let Remote Users Conduct Cross-Site Scripting and Denial of Service Attacks  

Broader source: Energy.gov [DOE]

Two vulnerabilities were reported in Red Hat Certificate System. A remote user can conduct cross-site scripting attacks. A remote authenticated user can revoke the CA certificate.

435

A compliance monitoring program for use and operation of the Grasslands Bypass for drainage conveyance in the western San Joaquin Valley  

SciTech Connect (OSTI)

The Bureau of Reclamation (Reclamation) signed a Finding of No Significant Impact (FONSI) No. 92-02-MP dated October 18, 1991 and a Supplement to the FONSI No. 92-03-MP dated April 15, 1991, for use of a 19 mile segment of the San Luis Drain, renamed the Grasslands Bypass, to convey agricultural drainage waters to the San Joaquin River. An Environmental Assessment was prepared and published in support of the FONSI. On September 7, 1995 a Supplemental Environmental Assessment was prepared to update the original document to account for changes to the original project. These changes included a change to the point of entry to the Drain and an increase in the length of the Drain utilized by the Project from 19 to 28 miles. Environmental commitments and a schedule of fees for non-compliance with monthly and annual selenium load targets were also agreed upon for the current Project. Environmental documents preceding the FONSI outlined a monitoring program that obtained general and informal concurrence by technical staff of the participating agencies. A revised version of the proposed monitoring program was distributed by Reclamation for review and comment by the agencies in July 1992. A final monitoring plan document was issued in June 1993 and was subsequently approved by the Oversight Committee. This document includes substantial revisions to the existing June 1993 monitoring plan to reflect the compliance requirements of the current Project.

Quinn, N.W.T.

1995-11-01T23:59:59.000Z

436

T-534: Vulnerability in the PDF distiller of the BlackBerry Attachment Service for the BlackBerry Enterprise Server  

Broader source: Energy.gov [DOE]

BlackBerry advisory describes a security issue that the BlackBerry Attachment Service component of the BlackBerry Enterprise Server is susceptible to. The issue relates to a known vulnerability in the PDF distiller component of the BlackBerry Attachment Service that affects how the BlackBerry Attachment Service processes PDF files.

437

Plutonium working group report on environmental, safety and health vulnerabilities associated with the Department`s plutonium storage. Volume 2, Appendix A: Process and protocol  

SciTech Connect (OSTI)

This appendix contains documentation prepared by the Plutonium ES and H Vulnerability Working Group for conducting the Plutonium ES and H Vulnerability Assessment and training the assessment teams. It has the following five parts. (1) The Project Plan describes the genesis of the project, sets forth the goals, objectives and scope, provides definitions, the projected schedule, and elements of protocol. (2) The Assessment Plan provides a detailed methodology necessary to guide the many professionals who have been recruited to conduct the DOE-wide assessment. It provides guidance on which types and forms of plutonium are to be considered within the scope of the assessment, and lays out the assessment methodology to be used. (3) The memorandum from the Project to Operations Office Managers provides the protocol and direction for participation in the assessment by external stakeholders and members of the public; and the guidance for the physical inspection of plutonium materials in storage. (4) The memorandum from the Project to the assessment teams provides guidance for vulnerability screening criteria, vulnerability evaluation and prioritization process, and vulnerability quantification for prioritization. (5) The Team Training manual was used at the training session held in Colorado Springs on April 19--21, 1994 for all members of the Working Group Assessment Teams and for the leaders of the Site Assessment Teams. The goal was to provide the same training to all of the individuals who would be conducting the assessments, and thereby provide consistency in the conduct of the assessments and uniformity in reporting of the results. The training manual in Section A.5 includes supplemental material provided to the attendees after the meeting.

NONE

1994-09-01T23:59:59.000Z

438

V-225: McAfee Email Gateway SMTP Processing Flaw Lets Remote...  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

Gateway Lets Remote Users Bypass Authentication and Conduct Cross-Site Scripting and Directory Traversal Attacks T-688: McAfee Security Bulletin - McAfee SaaS Endpoint Protection...

439

A Security Solution for IEEE 802.11's Ad-hoc Mode:Password-Authentication and Group Diffie-Hellman Key Exchange  

SciTech Connect (OSTI)

The IEEE 802 standards ease the deployment of networkinginfrastructures and enable employers to accesscorporate networks whiletraveling. These standards provide two modes of communication calledinfrastructure and ad-hoc modes. A security solution for the IEEE802.11's infrastructure mode took several years to reach maturity andfirmware are still been upgraded, yet a solution for the ad-hoc modeneeds to be specified. The present paper is a first attempt in thisdirection. It leverages the latest developments in the area ofpassword-based authentication and (group) Diffie-Hellman key exchange todevelop a provably-secure key-exchange protocol for IEEE 802.11's ad-hocmode. The protocol allows users to securely join and leave the wirelessgroup at time, accommodates either a single-shared password orpairwise-shared passwords among the group members, or at least with acentral server; achieves security against dictionary attacks in theideal-hash model (i.e. random-oracles). This is, to the best of ourknowledge, the first such protocol to appear in the cryptographicliterature.

Emmanuel, Bresson; Olivier, Chevassut; David, Pointcheval

2005-10-01T23:59:59.000Z

440

Cognitive decision errors and organization vulnerabilities in nuclear power plant safety management: Modeling using the TOGA meta-theory framework  

SciTech Connect (OSTI)

In the field of nuclear power plant (NPP) safety modeling, the perception of the role of socio-cognitive engineering (SCE) is continuously increasing. Today, the focus is especially on the identification of human and organization decisional errors caused by operators and managers under high-risk conditions, as evident by analyzing reports on nuclear incidents occurred in the past. At present, the engineering and social safety requirements need to enlarge their domain of interest in such a way to include all possible losses generating events that could be the consequences of an abnormal state of a NPP. Socio-cognitive modeling of Integrated Nuclear Safety Management (INSM) using the TOGA meta-theory has been discussed during the ICCAP 2011 Conference. In this paper, more detailed aspects of the cognitive decision-making and its possible human errors and organizational vulnerability are presented. The formal TOGA-based network model for cognitive decision-making enables to indicate and analyze nodes and arcs in which plant operators and managers errors may appear. The TOGA's multi-level IPK (Information, Preferences, Knowledge) model of abstract intelligent agents (AIAs) is applied. In the NPP context, super-safety approach is also discussed, by taking under consideration unexpected events and managing them from a systemic perspective. As the nature of human errors depends on the specific properties of the decision-maker and the decisional context of operation, a classification of decision-making using IPK is suggested. Several types of initial situations of decision-making useful for the diagnosis of NPP operators and managers errors are considered. The developed models can be used as a basis for applications to NPP educational or engineering simulators to be used for training the NPP executive staff. (authors)

Cappelli, M. [UTFISST, ENEA Casaccia, via Anguillarese 301, Rome (Italy); Gadomski, A. M. [ECONA, Centro Interuniversitario Elaborazione Cognitiva Sistemi Naturali e Artificiali, via dei Marsi 47, Rome (Italy); Sepiellis, M. [UTFISST, ENEA Casaccia, via Anguillarese 301, Rome (Italy); Wronikowska, M. W. [UTFISST, ENEA Casaccia, via Anguillarese 301, Rome (Italy); Poznan School of Social Sciences (Poland)

2012-07-01T23:59:59.000Z

Note: This page contains sample records for the topic "authentication bypass vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


441

The Potential Role of Optical Coherence Tomography in the Evaluation of Vulnerable Carotid Atheromatous Plaques: A Pilot Study  

SciTech Connect (OSTI)

Purpose. The decision to intervene surgically in patients with carotid artery disease is based on the presence of symptoms, along with the severity of carotid artery stenosis as assessed by ultrasound or X-ray computed tomography (CT). Optical coherence tomography (OCT) is a relatively new imaging technique that offers potential in the identification of, as well as the distinction between, stable and unstable atherosclerotic plaques. The purpose of our study was to evaluate whether OCT can be used as a noninvasive diagnostic tool to reveal the morphology of carotid stenosis from the adventitial surface of the carotid artery. To achieve this aim, excised atheromatous plaques were scanned by OCT from the external surface. Methods. Plaques removed at carotid endarterectomy were scanned by OCT from the external surface within 72 hr of surgery and then examined histologically. The images of the histologic slides and the scans were then compared. Results. We examined 10 carotid endarterectomy specimens and were able to identify calcification, cholesterol crystal clefts, and lipid deposits in the OCT images with histologic correlation. The strong light scattering from the calcified tissue and cholesterol crystal clefts limited the depth of light penetration, making observation of the intimal surface and the detail of the fibrous cap difficult. However, we were able to confidently identify the absence of an atherosclerotic plaque by OCT scans even from the external surface. Conclusion. The results of this pilot study demonstrate that OCT can reveal the main features of carotid stenosis but that plaque vulnerability cannot be reliably and precisely assessed if scanned from the external surface with OCT in its present form.

Prabhudesai, Vikramaditya [St. Joseph's Hospital, Diagnostic Imaging (Canada); Phelan, Cordelia [University Hospital of North Staffordshire, NHS Trust, Department of Pathology (United Kingdom); Yang, Ying [Institute of Science and Technology in Medicine, Keele University (United Kingdom)], E-mail: bea00@keele.ac.uk; Wang, Ruikang K. [Oregon Health and Science University, Department of Biomedical Engineering (United States); Cowling, Mark G. [University Hospital of North Staffordshire, NHS Trust, Department of Radiology (United Kingdom)

2006-12-15T23:59:59.000Z

442

Plug Detector Bypass Breaker Guard  

DOE Patents [OSTI]

A method and apparatus wherein the apparatus is a container having an inner chamber, an inlet, an outlet, a breaker assembly having at least one blade within the inner chamber of the container and a motor for driving the blade. Material is supplied to the inner chamber of the container through the inlet of the container and the breaker assembly is operated to reduce any clumped material into unclumped material which is then dispensed from the container through the outlet of the container.

Horton, Joel Richard (Maryville, TN); Dearstone, Robert Link (Powell, TN)

2000-01-01T23:59:59.000Z

443

Vulnerability of Northwestern  

E-Print Network [OSTI]

, USDA Forest Service Warren Lab, provided funding, inspiration, and a steady review of our analysis with geospatial data on their forest stands. We are grateful to Wendell Wallace, Laura Drake, Andrea Hille, Ed-parametric method of statistical analysis called Classification and Regression Tree analysis (CART) on data about

444

Nuclear Fuel Cycle & Vulnerabilities  

SciTech Connect (OSTI)

The objective of safeguards is the timely detection of diversion of significant quantities of nuclear material from peaceful nuclear activities to the manufacture of nuclear weapons or of other nuclear explosive devices or for purposes unknown, and deterrence of such diversion by the risk of early detection. The safeguards system should be designed to provide credible assurances that there has been no diversion of declared nuclear material and no undeclared nuclear material and activities.

Boyer, Brian D. [Los Alamos National Laboratory

2012-06-18T23:59:59.000Z

445

Spent Fuel Working Group report on inventory and storage of the Department`s spent nuclear fuel and other reactor irradiated nuclear materials and their environmental, safety and health vulnerabilities. Volume 2, Working Group Assessment Team reports; Vulnerability development forms; Working group documents  

SciTech Connect (OSTI)

The Secretary of Energy`s memorandum of August 19, 1993, established an initiative for a Department-wide assessment of the vulnerabilities of stored spent nuclear fuel and other reactor irradiated nuclear materials. A Project Plan to accomplish this study was issued on September 20, 1993 by US Department of Energy, Office of Environment, Health and Safety (EH) which established responsibilities for personnel essential to the study. The DOE Spent Fuel Working Group, which was formed for this purpose and produced the Project Plan, will manage the assessment and produce a report for the Secretary by November 20, 1993. This report was prepared by the Working Group Assessment Team assigned to the Hanford Site facilities. Results contained in this report will be reviewed, along with similar reports from all other selected DOE storage sites, by a working group review panel which will assemble the final summary report to the Secretary on spent nuclear fuel storage inventory and vulnerability.

Not Available

1993-11-01T23:59:59.000Z

446

Ch.3 User Authentication Textbook?  

E-Print Network [OSTI]

· account lockout mechanisms · policies against using common passwords but rather hard to guess passwords

Dong, Yingfei

447

Climate change and climate variability affect all regions of the world. U.S. vulnerability to the changes and variations are not only dependent on changes within the U.S. but also on  

E-Print Network [OSTI]

OVERVIEW Climate change and climate variability affect all regions of the world. U.S. vulnerability, it is important to assess emerging threats to national security due to climate change far into the future. Having with national security establish practical responses to climate change and extreme weather events

448

Position Description: Ph.D. Student in Vegetation Modeling and Climate Vulnerability Montana State University is seeking a Ph.D. student for a NASA Applied Sciences project on  

E-Print Network [OSTI]

Information. An overview of the project can be found at (http://www.montana.edu/lccvp/) Application Procedures Montana State University is seeking a Ph.D. student for a NASA Applied Sciences project on vulnerability of biological resources under climate and land use change. The project will use NASA resources to inform climate

Hansen, Andrew J.

449

Aupetit, S., Riff, J., Gallier, V., & Espi, S. (2012). Conceptual and methodological tools for analyzing situations of vulnerability on the road. Examples from a motorcycle riding study. European Conference on Cognitive Ergonomics (ECCE), 28-31 August, Ed  

E-Print Network [OSTI]

Conference on Cognitive Ergonomics (ECCE), 28-31 August, Edinburgh, Scotland. Conceptual and methodological are conventionally used in transport research, and which have limitations for ergonomics research. Keywords of vulnerability when one or more of the dimensions that are given importance in ergonomics is hindered or impaired

Paris-Sud XI, Université de

450

Storms exploding off the surface of the sun can wreak havoc on technologies like satellites, phones, GPS, and electrical power grids. As society's dependence on these technologies grows, so does our vulnerability to changes on the Sun and in space.  

E-Print Network [OSTI]

Storms exploding off the surface of the sun can wreak havoc on technologies like satellites, phones vulnerability to changes on the Sun and in space. For example, GPS is present in almost all aspects of our is expected to total $75 billion by 2013. Meanwhile, the Sun is approaching a heightened period of activity

451

T-593: Microsoft Internet Explorer unspecified code execution  

Broader source: Energy.gov [DOE]

Unspecified vulnerability in Microsoft Internet Explorer 8 on Windows 7 allows remote attackers to bypass Protected Mode and create arbitrary files by leveraging access to a Low integrity process.

452

Replication Bypass of the trans-4-Hydroxynonenal-Derived (6S,8R,11S)-1,N[superscript 2]-Deoxyguanosine DNA Adduct by the Sulfolobus solfataricus DNA Polymerase IV  

SciTech Connect (OSTI)

trans-4-Hydroxynonenal (HNE) is the major peroxidation product of {omega}-6 polyunsaturated fatty acids in vivo. Michael addition of the N{sub 2}-amino group of dGuo to HNE followed by ring closure of N1 onto the aldehyde results in four diastereomeric 1,N{sub 2}-dGuo (1,N{sub 2}-HNE-dGuo) adducts. The (6S,8R,11S)-HNE-1,N{sub 2}-dGuo adduct was incorporated into the 18-mer templates 5'-d(TCATXGAATCCTTCCCCC)-3' and d(TCACXGAATCCTTCCCCC)-3', where X = (6S,8R,11S)-HNE-1,N{sub 2}-dGuo adduct. These differed in the identity of the template 5'-neighbor base, which was either Thy or Cyt, respectively. Each of these templates was annealed with either a 13-mer primer 5'-d(GGGGGAAGGATTC)-3' or a 14-mer primer 5'-d(GGGGGAAGGATTCC)-3'. The addition of dNTPs to the 13-mer primer allowed analysis of dNTP insertion opposite to the (6S,8R,11S)-HNE-1,N{sub 2}-dGuo adduct, whereas the 14-mer primer allowed analysis of dNTP extension past a primed (6S,8R,11S)-HNE-1,N{sub 2}-dGuo:dCyd pair. The Sulfolobus solfataricus P2 DNA polymerase IV (Dpo4) belongs to the Y-family of error-prone polymerases. Replication bypass studies in vitro reveal that this polymerase inserted dNTPs opposite the (6S,8R,11S)-HNE-1,N{sub 2}-dGuo adduct in a sequence-specific manner. If the template 5'-neighbor base was dCyt, the polymerase inserted primarily dGTP, whereas if the template 5'-neighbor base was dThy, the polymerase inserted primarily dATP. The latter event would predict low levels of Gua {yields} Thy mutations during replication bypass when the template 5'-neighbor base is dThy. When presented with a primed (6S,8R,11S)-HNE-1,N{sub 2}-dGuo:dCyd pair, the polymerase conducted full-length primer extension. Structures for ternary (Dpo4-DNA-dNTP) complexes with all four template-primers were obtained. For the 18-mer:13-mer template-primers in which the polymerase was confronted with the (6S,8R,11S)-HNE-1,N{sub 2}-dGuo adduct, the (6S,8R,11S)-1,N{sub 2}-dGuo lesion remained in the ring-closed conformation at the active site. The incoming dNTP, either dGTP or dATP, was positioned with Watson-Crick pairing opposite the template 5'-neighbor base, dCyt or dThy, respectively. In contrast, for the 18-mer:14-mer template-primers with a primed (6S,8R,11S)-HNE-1,N{sub 2}-dGuo:dCyd pair, ring opening of the adduct to the corresponding N{sub 2}-dGuo aldehyde species occurred. This allowed Watson-Crick base pairing at the (6S,8R,11S)-HNE-1,N{sub 2}-dGuo:dCyd pair.

Banerjee, Surajit; Christov, Plamen P.; Kozekova, Albena; Rizzo, Carmelo J.; Egli, Martin; Stone, Michael P. (Vanderbilt)

2014-10-02T23:59:59.000Z

453

Plutonium working group report on environmental, safety and health vulnerabilities associated with the department`s plutonium storage. Volume II, Appendix B, Part 9: Oak Ridge site site team report  

SciTech Connect (OSTI)

This report provides the input to and results of the Department of Energy (DOE) - Oak Ridge Operations (ORO) DOE Plutonium Environment, Safety and Health (ES & H) Vulnerability Assessment (VA) self-assessment performed by the Site Assessment Team (SAT) for the Oak Ridge National Laboratory (ORNL or X-10) and the Oak Ridge Y-12 Plant (Y-12) sites that are managed by Martin Marietta Energy Systems, Inc. (MMES). As initiated (March 15, 1994) by the Secretary of Energy, the objective of the VA is to identify and rank-order DOE-ES&H vulnerabilities associated for the purpose of decision making on the interim safe management and ultimate disposition of fissile materials. This assessment is directed at plutonium and other co-located transuranics in various forms.

NONE

1994-09-01T23:59:59.000Z

454

FUEL CASK IMPACT LIMITER VULNERABILITIES  

SciTech Connect (OSTI)

Cylindrical fuel casks often have impact limiters surrounding just the ends of the cask shaft in a typical 'dumbbell' arrangement. The primary purpose of these impact limiters is to absorb energy to reduce loads on the cask structure during impacts associated with a severe accident. Impact limiters are also credited in many packages with protecting closure seals and maintaining lower peak temperatures during fire events. For this credit to be taken in safety analyses, the impact limiter attachment system must be shown to retain the impact limiter following Normal Conditions of Transport (NCT) and Hypothetical Accident Conditions (HAC) impacts. Large casks are often certified by analysis only because of the costs associated with testing. Therefore, some cask impact limiter attachment systems have not been tested in real impacts. A recent structural analysis of the T-3 Spent Fuel Containment Cask found problems with the design of the impact limiter attachment system. Assumptions in the original Safety Analysis for Packaging (SARP) concerning the loading in the attachment bolts were found to be inaccurate in certain drop orientations. This paper documents the lessons learned and their applicability to impact limiter attachment system designs.

Leduc, D; Jeffery England, J; Roy Rothermel, R

2009-02-09T23:59:59.000Z

455

Vulnerability Scanning Policy 1 Introduction  

E-Print Network [OSTI]

component of any computer security plan as it provides feedback on the effectiveness of security procedures

456

T-647: PHP File Upload Bug May Let Remote Users Overwrite Files on the Target System  

Broader source: Energy.gov [DOE]

PHP is prone to a security-bypass vulnerability.Successful exploits will allow an attacker to delete files from the root directory, which may aid in further attacks. PHP 5.3.6 is vulnerable; other versions may also be affected.

457

T-531: The WebVPN implementation on Cisco Adaptive Security Appliances (ASA) 5500  

Broader source: Energy.gov [DOE]

The WebVPN implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) permits the viewing of CIFS shares even when CIFS file browsing has been disabled, which allows remote authenticated users to bypass intended access restrictions via CIFS requests, aka Bug ID CSCsz80777.

458

authentic food -simply prepared SMALL PLATES  

E-Print Network [OSTI]

smoky wild rice lunch #12;lunch SWEETS CREME BRULEE 6 green tea · vanilla shortbread · burnt sugar VEGAN cheeses · home made pickles · grilled bread lunch #12;GREENS WARM SPINACH SALAD 6/9 spinach · mixed mushrooms · caramelized onions · house made bacon bits warm creamy dressing GREEN SALAD 5/8 mixed greens

Martin, Jeff

459

Low Cost Embedded Network Message Authentication  

E-Print Network [OSTI]

in only 3 or 4 bytes? Approach: Status: Motivation: &Electrical Computer ENGINEERING Chris Szilagyi, Prof

Koopman, Philip

460

Site Sustainability Plan An Authentic Commitment  

E-Print Network [OSTI]

Water 13 Pollution Prevention 15 Sustainable Acquisition 19 Electronic Stewardship and Data Centers 20 per hr C&D construction and demolition CD-2 Critical Decision 2 CEDR Consolidated Energy Data Report, ventilation, and air conditioning ILA industrial, landscaping, and agricultural IPCC Intergovernmental Panel

Note: This page contains sample records for the topic "authentication bypass vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


461

Password secured systems and negative authentication  

E-Print Network [OSTI]

Today's industry, government, and critical infrastructure are dependent on software systems. In their absence, our modern world would come to a stop. Given our dependence, the mounting cyber threat is of critical concern. ...

Madero, Alvaro

2013-01-01T23:59:59.000Z

462

Ghosting Authenticity: Characterization in Corporate Speechwriting  

E-Print Network [OSTI]

the oil or chemical industries, where the top folks are fine in finance or engineering but need to get that message across in normal language and bring out their personality, thats where the speechwriter comes in. Executives must be smart.... We sat together with two very smart guys from the Kraft R & D Center who were on his staff. And we started talking about innovation; thats really all. And somebody made this remark: Invention and innovation dont happen together. So I had a point...

Bruss, Kristine S.

2011-04-01T23:59:59.000Z

463

Authentication : can mobile environments be secured?  

E-Print Network [OSTI]

The Data Encryption Standard (DES) created the public realm of encryption in the mid-1970's when it was fully specified and released into the public domain. The Data Encryption Standard was adopted as a federal standard on November 23, 1976 and authorized... and service provider. TABLE OF CONTENTS CHAPTER Page I INTRODUCTION. A, Statement of the Problem. B. Definitions of Terms, II REVIEW OF THE LITERATURE A. Issues Rehtted to Mobile Environments: An Overview . . . . . B. Sectility Goals and Threats C...

Cropper, Charles Austin

2013-02-22T23:59:59.000Z

464

CERTIFICATE OF AUTHENTICITY | Department of Energy  

Energy Savers [EERE]

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Delicious RankCombustion |Energy UsageAUDITVehiclesTankless orA BRIEFAprilBudgetAbout »OperationsCERTIFICATE OF

465

User Authentication Policy | Argonne Leadership Computing Facility  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May JunDatastreamsmmcrcalgovInstrumentsrucLasDelivered energy consumption by sectorlongUpdates by DianeDemographics UsageUsage Policies

466

Two-Factor Authentication | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "of EnergyEnergyENERGYWomenthe House Committee on EnergyEnergyThe sun risesTheTrentScience Bowl

467

Flexible Layered Authentication Graph for Multimedia Streaming  

E-Print Network [OSTI]

With the increasing demand on multimedia streaming in more and more applications, security issues such as integrity side, lost packets are dropped from the graph and a packet is verifiable if it has a path and all subsequent packets become not verifiable. EMSS [4] makes a great improvement by building multiple

Sun, Qibin

468

Manual authentication for wireless devices Christian Gehrmann  

E-Print Network [OSTI]

is to examine how these services might best be achieved for personal wireless-enabled devices. Using the terminology of Stajano [12], the problem is that of securely `imprinting' a personal device. That is, suppose a user has two wireless-enabled devices, e.g. a mobile phone and a Personal Digital Assistant (PDA

Mitchell, Chris

469

Spent Fuel Working Group report on inventory and storage of the Department`s spent nuclear fuel and other reactor irradiated nuclear materials and their environmental, safety and health vulnerabilities. Volume 3, Site team reports  

SciTech Connect (OSTI)

A self assessment was conducted of those Hanford facilities that are utilized to store Reactor Irradiated Nuclear Material, (RINM). The objective of the assessment is to identify the Hanford inventories of RINM and the ES & H concerns associated with such storage. The assessment was performed as proscribed by the Project Plan issued by the DOE Spent Fuel Working Group. The Project Plan is the plan of execution intended to complete the Secretary`s request for information relevant to the inventories and vulnerabilities of DOE storage of spent nuclear fuel. The Hanford RINM inventory, the facilities involved and the nature of the fuel stored are summarized. This table succinctly reveals the variety of the Hanford facilities involved, the variety of the types of RINM involved, and the wide range of the quantities of material involved in Hanford`s RINM storage circumstances. ES & H concerns are defined as those circumstances that have the potential, now or in the future, to lead to a criticality event, to a worker radiation exposure event, to an environmental release event, or to public announcements of such circumstances and the sensationalized reporting of the inherent risks.

Not Available

1993-11-01T23:59:59.000Z

470

Privacy Vulnerability of Published Anonymous Mobility Traces  

E-Print Network [OSTI]

Sep 20, 2010 ... WS defghipqpriqgpeesghgpqgtuvipqv. wxy??? ?? ???y?? ????????? ????? ????????. ??d. ?ef ..... [7] B. Gedik and L. Liu. Location...

2010-07-07T23:59:59.000Z

471

Texas Water Resources: Vulnerability from Contaminants  

E-Print Network [OSTI]

variability on E. coli transport. To explore the spatio-temporal variability of nitrate across the Trinity and Ogallala aquifers in Texas, an entropy-based method and a numerical study were employed. Results indicate that the overall mean nitrate-N has...

Dwivedi, Dipankar

2012-10-02T23:59:59.000Z

472

Thermal study of vulnerable atherosclerotic plaque  

E-Print Network [OSTI]

methods available in clinical practice. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 3 Differentthermography catheters: (a)thermography basket catheter using thermocouple at the maximum curve of each nitinol wire [3], (b) four deployable... flexible sensor-equipped arms catheter [19], (c) catheter with hydrofoil designed to use blood stream to drive thermistor against vessel wall [13], and (d) balloon-thermography catheter with balloon to inflate for the interruption of the flow during...

Kim, Taehong

2009-05-15T23:59:59.000Z

473

VULNERABILITY AND ADAPTATION TO CLIMATE CHANGE IN  

E-Print Network [OSTI]

(farmers in Yolo County). The University of California Cooperative Extension farm advisors of Yolo County Vineyards, and University of California Cooperative Extension farm advisor in Mendocino County, Glenn Mc from the California Energy Commission's California Climate Change Center JULY 2012 CEC5002012031

474

Predicting Architectural Vulnerability on Multithreaded Processors under  

E-Print Network [OSTI]

-level model correlates the AVF in a contention-free environment with important performance metrics significantly degrading the relia- bility of current high-performance processors. They occur mainly due to the electronic noises caused by energetic nuclear particles (e.g., alpha particles, neutrons, and pions) from

Koppelman, David M.

475

Natural Gas Supply Vulnerability in Europe.  

E-Print Network [OSTI]

??Demand for natural gas has been increasing steadily the past few years. Most European countries depend heavily on natural gas imports due to insufficient gas (more)

Gungor, Bekir

2013-01-01T23:59:59.000Z

476

Introduction to SCADA Protection and Vulnerabilities  

SciTech Connect (OSTI)

Even though deregulation has changed the landscape of the electric utility industry to some extent, a typical large electric utility still owns power generation facilities, power transmission and distribution lines, and substations. Transmission and distribution lines form the segments or spokes of a utilitys grid. Power flow may change through these lines, but control of the system occurs at the nodes of the grid, the generation facilities, and substations. This section discusses each of these node types in more detail as well as how each is controlled.

Ken Barnes; Briam Johnson; Reva Nickelson

2004-03-01T23:59:59.000Z

477

Cancer Vulnerabilities Unveiled by Genomic Loss  

E-Print Network [OSTI]

,2,3,9 Yin Ren,5 Matthew R. Strickland,1 Rebecca Lamothe,1 Steven E. Schumacher,1,2 Aviad Tsherniak,2 Henrike

Bhatia, Sangeeta

478

WATER AND ENERGY SECTOR VULNERABILITY TO CLIMATE  

E-Print Network [OSTI]

of California. This paper describes the development and results from an integrated water resource management application includes management of reservoirs, run-of-river hydropower plants, water supply demand locations. Reservoir operations adapt to capture earlier and greater runoff volumes that result from earlier

479

Climate Change 2007: Impacts, Adaptation and Vulnerability.  

E-Print Network [OSTI]

di uno stato di water stress Sviluppo sostenibile: loun maggiore livello di water stress 9 . Cresceranno i rischi compresa tra il 66 e il 90% Water stress: una nazione

Schiavon, Stefano; Zecchin, Roberto

2007-01-01T23:59:59.000Z

480

Protection of Use Control Vulnerabilities and Designs  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The order establishes the policy, process and procedures for control of sensitive use control information in nuclear weapon data (NWD) categories Sigma 14 and Sigma 15 to ensure that dissemination of the information must be restricted to individuals with valid need to know. Cancels DOE M 452.4-1A

2010-05-14T23:59:59.000Z

Note: This page contains sample records for the topic "authentication bypass vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


481

COMMON VULNERABILITIES IN CRITICAL INFRASTRUCTURE CONTROL SYSTEMS  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

enforcement and auditing. Page 114 SECURITY POLICY Figure 1. PCS administration. A security plan documents the overall security architecture for a system or subsystem. Typical...

482

Protection of Use Control Vulnerabilities and Design  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

This manual establishes a general process and provides direction for controlling access to and disseminating Sigma 14 and 15 nuclear weapon data (NWD) at the Department of Energy (DOE). It supplements DOE O 452.4A, Security and Control of Nuclear Explosives and Nuclear Weapons, dated 12-17-01, which establishes DOE requirements and responsibilities to prevent the deliberate unauthorized use of U.S. nuclear explosives and nuclear weapons. Cancels DOE M 452.4-1. Canceled by DOE O 452.7, 5-14-2010

2004-03-11T23:59:59.000Z

483

Protection of Use Control Vulnerabilities and Designs  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

This Manual establishes a general process and provides direction for controlling access and dissemination of Sigma 14 and 15 Weapon Data at the Department of Energy (DOE). It supplements DOE O 452.4, SECURITY AND CONTROL OF NUCLEAR EXPLOSIVES AND NUCLEAR WEAPONS, which establishes DOE requirements and responsibilities to prevent the deliberate unauthorized use of U.S. nuclear explosives and U.S. nuclear weapons. Canceled by DOE M 452.4-1A. Does not cancel other directives.

1999-07-01T23:59:59.000Z

484

GUNNISON BASIN CLIMATE CHANGE VULNERABILITY ASSESSMENT  

E-Print Network [OSTI]

Climate change is already changing ecosystems and affecting people in the southwestern United States, as well as ecosystem services, e.g., water supply. The climate of the Gunnison Basin, Colorado Fish and Wildlife Service, US Forest Service, Upper Gunnison River Water Conservancy District, Western

Neff, Jason

485

Vulnerability Analysis of Energy Delivery Control Systems  

Broader source: Energy.gov (indexed) [DOE]

coding practices can be found in new and old products alike, and the introduction of Web applications into SCADA systems has created more, as well as new, types of...

486

Measuring and Incorporating Vulnerability into Conservation Planning  

E-Print Network [OSTI]

of biodiversity in situ. To do this, conservation areas must be able to mitigate at least some of the proximate the persistence of biodiversity in situ. Conservation areas can be important in mitigating proximate threats to biodiversity, conservation plan

Queensland, University of

487

Privacy Vulnerability of Published Anonymous Mobility Traces  

E-Print Network [OSTI]

including published media such as news articles or Web blogs. Hence, the adversary ...... [8] C. Dwork, F. McSherry, K. Nissim, and A. Smith, Calibrating noise.

2012-08-01T23:59:59.000Z

488

Guide to Critical Infrastructure Protection Cyber Vulnerability...  

Broader source: Energy.gov (indexed) [DOE]

Implementing NERC Critical Infrastructure Protection Standards New No-Cost ANTFARM Tool Maps Control System Networks to Help Implement Cyber Security Standards "Cybersecurity for...

489

NSTB Summarizes Vulnerable Areas | Department of Energy  

Office of Environmental Management (EM)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "of EnergyEnergyENERGY TAXBalanced Scorecard Federal2 to:DieselEnergy Auditor NREL JobNSRC_MOU.pdfat

490

Vulnerability Analysis of Energy Delivery Control Systems  

Office of Environmental Management (EM)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "of EnergyEnergyENERGYWomen Owned SmallOf The 2012Nuclear GuideReportVictor KaneContractfrom Water0-18381

491

Detecting Network Vulnerabilities Through Graph Theoretical Methods  

E-Print Network [OSTI]

a signi?cant linear relationship between generator size andof those generators. We performed simple linear regression

2007-01-01T23:59:59.000Z

492

US Energy Sector Vulnerabilities to Climate Change  

Broader source: Energy.gov (indexed) [DOE]

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "ofEarly Career Scientists' Research Petroleum ReserveDepartment of Energy AtNoticeMotor Company |

493

US Energy Sector Vulnerabilities to Climate Change  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Delicious RankCombustion |Energy Usage »of EnergyTheTwo New Energyof Energy8,November 2012U.S.Department2

494

U-100: Google Chrome Multiple Vulnerabilities  

Broader source: Energy.gov [DOE]

A remote user can create a specially crafted content that, when loaded by the target user, will execute arbitrary code on the target system. The code will run with the privileges of the target user.

495

Our Changing Climate 2012 Vulnerability & Adaptation  

E-Print Network [OSTI]

/EPA, Natural Resources Agency, Department of Water Resources, Energy Commission, Air Resources Board, Ocean of climate change on the California economy. Cal/EPA entrusted the California Energy Commission and its insights for the energy, water, agriculture, public health, coastal, transportation, and ecological

496

Vulnerability, Risk Management, and Agricultural Development  

E-Print Network [OSTI]

P. (1980). Attitudes Towards Risk: Experimental MeasurementIncentive Flexibility, and Risk. Americal Journal ofCaria, A. S. (2009), Risk Attitudes and The Formation of

Fafchamps, Marcel

2009-01-01T23:59:59.000Z

497

Cyber Security Companies, governments, and consumers depend on secure and reliable  

E-Print Network [OSTI]

Cyber Security Companies, governments, and consumers depend on secure and reliable computer-speed computers all introduce new cyber-security challenges. Cyber- security researchers at the University in the software development cycle. e also creates secure authentication protocols for vulnerable distributed

Hill, Wendell T.

498

COLLECTIVE EFFECTS AND LATTICE IMPLICATIONS FOR AN PEL BYPASS RING  

E-Print Network [OSTI]

has b n written for a VAX-ll/7S0 comput.r . A cDilplete1 than 20 s.cond. of VAX CPU tl R ult. ZAP has b

Bisognano, J.

2010-01-01T23:59:59.000Z

499

Intronic microRNA precursors that bypass Drosha processing  

E-Print Network [OSTI]

additional pre-miRNAs/introns, termed mirtrons, were found in a search of other loci with similar properties the structural features of pre-miRNAs to enter the miRNA-processing pathway without Drosha-mediated cleavage. We

Bartel, David

500

DEVELOPMENT OF BYPASSED OIL RESERVES USING BEHIND CASING RESISTIVITY MEASUREMENTS  

SciTech Connect (OSTI)

Tubing and rods of the S.P. Pedro-Nepple No.1 well were pulled and the well was prepared for running of Schlumberger's Cased Hole Formation Resistivity Tool (CHFR) in selected intervals. The CHFR tool was successfully run and data was captured. The CHFR formation resistivity readings were compared to original open hole resistivity measurements. Separation between the original and CHFR resistivity curves indicate both swept and un-swept sand intervals. Both watered out sand intervals and those with higher remaining oil saturation have been identified. Due to the nature of these turbidite sands being stratigraphically continuous, both the swept and unswept layers have been correlated across to one of the four nearby offset shallow wells. As a result of the cased hole logging, one well was selected for a workover to recomplete and test suspected oil saturated shallow sand intervals. Well S.P. Pedro-Nepple No.2 was plugged back with cement excluding the previously existing production interval, squeeze cemented behind casing, selectively perforated in the shallower ''Bell'' zone and placed on production to develop potential new oil reserves and increase overall well productivity. Prior workover production averaged 3.0 BOPD for the previous six-months from the original ''Meyer'' completion interval. Post workover well production was increased to 5.3 BOPD on average for the following fifteen months. In December 2005, a bridge plug was installed above the ''Bell'' zone to test the ''Foix'' zone. Another cement squeeze was performed behind casing, selectively perforated in the shallower ''Foix'' zone and placed on production. The ''Foix'' test has produced water and a trace of oil for two months.

Michael G. Conner; Jeffrey A. Blesener

2006-04-02T23:59:59.000Z