Powered by Deep Web Technologies
Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


1

Security In Information Systems  

E-Print Network [OSTI]

rights, and they are proposing security policies, security planning, personal data protection laws, etc

Candan, Selçuk

2

PIA - INL SECURITY INFORMATION MANAGEMENT SYSTEM BUSINESS ENCLAVE...  

Office of Environmental Management (EM)

INL SECURITY INFORMATION MANAGEMENT SYSTEM BUSINESS ENCLAVE PIA - INL SECURITY INFORMATION MANAGEMENT SYSTEM BUSINESS ENCLAVE PIA - INL SECURITY INFORMATION MANAGEMENT SYSTEM...

3

Electronic DOE Information Security System (eDISS) PIA, Office...  

Office of Environmental Management (EM)

DOE Information Security System (eDISS) PIA, Office of Health Safety and Security Electronic DOE Information Security System (eDISS) PIA, Office of Health Safety and Security...

4

Classified Automated Information System Security Program  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

To establish uniform requirements, policies, responsibilities, and procedures for the development and implementation of a Department of Energy (DOE) Classified Computer Security Program to ensure the security of classified information in automated data processing (ADP) systems. Cancels DOE O 5637.1. Canceled by DOE O 471.2.

1994-07-15T23:59:59.000Z

5

Classified Information Systems Security Manual  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

This Manual provides requirements and implementation instructions for the graded protection of the confidentiality, integrity, and availability of information processed on all automated information systems used to collect, create, process, transmit, store, and disseminate classified information by, or on behalf of, the Department of Energy (DOE). DOE N 205.4 cancels Chapter III section 8, Incident Reporting, and DOE N 205.3 cancels Chapter VI, paragraph 4j(2), 4j(6); and Chapter VII, paragraph 12a(2)(a). Cancels: DOE M 5639.6A-1. Canceled by DOE M 205.1-4.

1999-08-03T23:59:59.000Z

6

Security Controls for Unclassified Information Systems Manual  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Manual establishes minimum implementation standards for cyber security technical, management, and operational controls that will be followed in all information systems operated by DOE and the information systems. Does not cancel other directives. Canceled by DOE O 205.1B

2009-01-05T23:59:59.000Z

7

Security Controls for Unclassified Information Systems Manual  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Manual establishes minimum implementation standards for cyber security technical, management, and operational controls that will be followed in all information systems operated by DOE and the information systems. Admin Chg 1 dated 9-1-09. Canceled by DOE O 205.1B.

2009-01-05T23:59:59.000Z

8

Security Controls for Unclassified Information Systems Manual  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Manual establishes minimum implementation standards for cyber security technical, management, and operational controls that will be followed in all information systems operated by DOE and the information systems. Admin Chg 1 dated 9-1-09; Admin Chg 2 dated 12-22-09. Canceled by DOE O 205.1B.

2009-01-05T23:59:59.000Z

9

Security Certification & Accreditation of Federal Information Systems A Tutorial  

E-Print Network [OSTI]

assessments of Security Controls in Information Systems To obtain better understanding of Agency- related to hardware, software, firmware) Security Controls in an Information System, to determine the extent to which/29/2009 Security Certification & Assurance of Federal Information Systems Tutorial Questions during C&A Process

Madisetti, Vijay K.

10

Grid Information Security Functional Requirement - Fulfilling Information Security of a Smart Grid System  

E-Print Network [OSTI]

This paper describes the background of smart information infrastructure and the needs for smart grid information security. It introduces the conceptual analysis to the methodology with the application of hermeneutic circle and information security functional requirement identification. Information security for the grid market cover matters includes automation and communications industry that affects the operation of electric power systems and the functioning of the utilities that manage them and its awareness of this information infrastructure has become critical to the reliability of the power system. Community benefits from of cost savings, flexibility and deployment along with the establishment of wireless communications. However, concern revolves around the security protections for easily accessible devices such as the smart meter and the related communications hardware. On the other hand, the changing points between traditional versus smart grid networking trend and the information security importance on...

Ling, Amy Poh Ai; 10.5121/ijgca.2011.2201

2011-01-01T23:59:59.000Z

11

Selection of Model in Developing Information Security Criteria for Smart Grid Security System  

E-Print Network [OSTI]

At present, the "Smart Grid" has emerged as one of the best advanced energy supply chains. This paper looks into the security system of smart grid via the smart planet system. The scope focused on information security criteria that impact on consumer trust and satisfaction. The importance of information security criteria is perceived as the main aspect to impact on customer trust throughout the entire smart grid system. On one hand, this paper also focuses on the selection of the model for developing information security criteria on a smart grid.

Ling, Amy Poh Ai

2011-01-01T23:59:59.000Z

12

Information Security  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The protection and control of classified information is critical to our nation’s security. This Order establishes requirements and responsibilities for Department of Energy (DOE) Departmental Elements, including the National Nuclear Security Administration (NNSA), to protect and control classified information as required by statutes, regulation, Executive Orders, government-wide policy directives and guidelines, and DOE policy and directives. Cancels DOE M 470.4-4A Chg except for Section D.

2011-06-20T23:59:59.000Z

13

Manual of Security Requirements for the Classified Automated Information System Security Program  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

This Manual provides specific instructions and delineates the requirements to ensure the graded security of classified information entrusted to the Department of Energy (DOE) that is processed, stored, transferred, or accessed on Automated Information Systems (AISs) and AIS networks. Canceled by DOE M 471.2-2.

1994-07-15T23:59:59.000Z

14

Certification and Accreditation Process for Information Systems Including National Security Systems  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Notice ensures the effectiveness of security controls on DOE Federal information systems including national security systems. The Notice will also ensure compliance with the requirements of DOE O 205.1, Department of Energy Cyber Security Management Program, dated 3-21-03, and protect DOE information and information systems from unauthorized access, use, disclosure, modification, or destruction. No cancellations. DOE N 205.15, dated 3-18-05, extends this directive until 3-18-06.

2004-02-19T23:59:59.000Z

15

Information Security  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The protection and control of classified information is critical to our nation’s security. This Order establishes requirements and responsibilities for Department of Energy (DOE) Departmental Elements, including the National Nuclear Security Administration (NNSA), to protect and control classified information as required by statutes, regulation, Executive Orders, government-wide policy directives and guidelines, and DOE policy and directives. Cancels DOE M 470.4-4A Chg except for Section D. Admin Chg 1, dated 11-23-2012, cancels DOE O 471.6.

2011-06-20T23:59:59.000Z

16

Information Security  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

This Manual establishes security requirements for the protection and control of information and matter required to be classified or controlled by statutes, regulations, or Department of Energy directives. Attachment E, Technical Surveillance Countermeasures Program, is for Official Use Only. Contact the Office of Security and Safety Performance Assurance at 301-903-3653 if your official duties require you to have access to this part of the directive. Cancels: DOE M 471.2-1B, DOE M 471.2-1C, DOE M 471.2-4, and DOE O 471.2A.

2005-08-26T23:59:59.000Z

17

Information Security  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

Establishes security requirements for the protection and control of information and matter required to be classified or controlled by statutes, regulations, or Department of Energy directives. Section E, Technical Surveillance Countermeasures Program, is Official Use Only. Please contact the DOE Office of Health, Safety and Security at 301-903-0292 if your official duties require you to have access to this part of the directive. Cancels: DOE M 471.2-1B, DOE M 471.2-1C, DOE M 471.2-4, and DOE O 471.2A

2007-06-29T23:59:59.000Z

18

Information Security Program  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

To establish the Department of Energy (DOE) Information Security Program and set forth policies, procedures and responsibilities for the protection and control of classified and sensitive information. The Information Security Program is a system of elements which serve to deter collection activities, This directive does not cancel another directive. Canceled by DOE O 471.2 of 9-28-1995.

1992-10-19T23:59:59.000Z

19

NIST Seeks Input for Planned 2011 Update of Security Control Catalog For Federal Information Systems and Organizations  

E-Print Network [OSTI]

; · Supply chain security; · Industrial/process control systems; and · Privacy. NIST SP 80053, Revision 3 Publication 80053, Recommended Security Controls for Federal Information Systems and Organizations webbased access to the security controls for federal information systems and organizations

20

REVISED CATALOG OF SECURITY CONTROLS FOR FEDERAL INFORMATION SYSTEMS AND ORGANIZATIONS: FOR USE IN BOTH  

E-Print Network [OSTI]

REVISED CATALOG OF SECURITY CONTROLS FOR FEDERAL INFORMATION SYSTEMS AND ORGANIZATIONS: FOR USE's information systems. The uniform approach to describing controls for both national security and nonnational, implement, and assess their security controls most effectively when the process is carried out as part

Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


21

Information Technology Specialist (System Analysis/Information Security)  

Broader source: Energy.gov [DOE]

A successful candidate in this position will provide the technical direction, planning, programming, implementation and operations of the Information Technology (IT) program for the Carlsbad Field...

22

MANAGING THE CONFIGURATION OF INFORMATION SYSTEMS WITH A FOCUS ON SECURITY  

E-Print Network [OSTI]

a well-defined process for managing and controlling secure system configurations, and for managing risks, and the integration of security into the configuration management process throughout the life cycle of the system for establishing secure configurations in information systems; flow charts for SecCM processes and activities

23

Information Security Group IY5512 Computer Security  

E-Print Network [OSTI]

for process that controls interactions between users and resources. · Access control system implements Information Security Group Agenda · Access control basics · ACLs and capabilities · Information flow policies· Information flow policies · Bell-LaPadula Model · Role-Based Access Control · Resources 3 Information Security

Mitchell, Chris

24

Research With Students My principal research activities lie in information systems security with particular emphasis on access control  

E-Print Network [OSTI]

of security, and secure transaction processing. My recent research has expanded beyond information systemsResearch With Students My principal research activities lie in information systems security and mining, semantic web and multimedia delivery. 1 Major Results · Security solutions for workflow systems

25

September 2004 INFORMATION SECURITY  

E-Print Network [OSTI]

September 2004 INFORMATION SECURITY WITHIN THE SYSTEM DEVELOPMENT LIFE CYCLE Annabelle Lee of Standards and Technology Many System Development Life Cycle (SDLC) models exist that can be used. This model assumes that the system will be delivered near the end of its life cycle. Another SDLC model uses

26

A Strategy for Information Security: TOGAF , A. Movasseghi2  

E-Print Network [OSTI]

Security Planning, Information Security, TOGAF 1 Introduction Today's globally distributed network systems

Ertaull, Levent

27

An Information Systems Security Risk Assessment Model Under Dempster- Schafer Theory of Belief Functions  

E-Print Network [OSTI]

This study develops an alternative methodology for the risk analysis of information systems security (ISS), an evidential reasoning approach under the Dempster-Shafer theory of belief functions. The approach has the ...

Sun, Lili; Srivastava, Rajendra P.; Mock, Theodore J.

2006-01-01T23:59:59.000Z

28

Security in Information Systems: New Challenges and Opportunities  

E-Print Network [OSTI]

systems considers the protection of information and of the systems that manage it, against a wide range of threats in order to ensure business continuity, minimize risks and maximize the return on investment. This Special Issue of the international Journal of Universal Computer Science includes papers received from

Jurjens, Jan

29

Security classification of information  

SciTech Connect (OSTI)

This document is the second of a planned four-volume work that comprehensively discusses the security classification of information. The main focus of Volume 2 is on the principles for classification of information. Included herein are descriptions of the two major types of information that governments classify for national security reasons (subjective and objective information), guidance to use when determining whether information under consideration for classification is controlled by the government (a necessary requirement for classification to be effective), information disclosure risks and benefits (the benefits and costs of classification), standards to use when balancing information disclosure risks and benefits, guidance for assigning classification levels (Top Secret, Secret, or Confidential) to classified information, guidance for determining how long information should be classified (classification duration), classification of associations of information, classification of compilations of information, and principles for declassifying and downgrading information. Rules or principles of certain areas of our legal system (e.g., trade secret law) are sometimes mentioned to .provide added support to some of those classification principles.

Quist, A.S.

1993-04-01T23:59:59.000Z

30

Management of Control System Information SecurityI: Control System Patch Management  

SciTech Connect (OSTI)

The use of information technologies in control systems poses additional potential threats due to the frequent disclosure of software vulnerabilities. The management of information security involves a series of policy-making on the vulnerability discovery, disclosure, patch development and patching. In this paper, we use a system approach to devise a model to understand the interdependencies of these decision processes. In more details, we establish a theoretical framework for making patching decision for control systems, taking into account the requirement of functionability of control systems. We illustrate our results with numerical simulations and show that the optimal operation period of control systems given the currently estimated attack rate is roughly around a half a month.

Quanyan Zhu; Miles McQueen; Craig Rieger; Tamer Basar

2011-09-01T23:59:59.000Z

31

Cyber Security Requirements for Wireless Devices and Information Systems  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Notice establishes DOE policy requirements and responsibilities for using wireless networks and devices within DOE and implements the requirements of DOE 0 205.1, Department of Energy Cyber Security Management Program, dated 3-21-03, including requirements for cyber resource protection, risk management, program evaluation, and cyber security plan development and maintenance. No cancellation. DOE N 205.15, dated 3/18/05, extends this directive until 3/18/06.

2004-02-11T23:59:59.000Z

32

Information Security Program  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

Establishes an Information Security Program for the protection and control of classified and sensitive information. Extended until 5-11-06 by DOE N 251.63, dated 5-11-05. DOE O 471.2A, Information Security Program, dated 3/27/1997, extended by DOE N 251.57, dated 4/28/2004. Cancels: DOE O 471.2

1997-03-27T23:59:59.000Z

33

TEC Information Security  

Broader source: Energy.gov (indexed) [DOE]

External Coordination Working Group Information Security E. Ralph Smith, Manager Institutional Programs April 22, 2004 Albuquerque, NM WIPP * Open communications * Notifications *...

34

PIA - INL SECURITY INFORMATION MANAGEMENT SYSTEM BUSINESS ENCLAVE |  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr MayAtmosphericNuclear Security Administration the1 - September 2006 The 2002OpticsPeriodical: VolumeIComplaints - GoldenDepartment of

35

Recommended Security Controls for Federal Information Systems and Organizations  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr MayAtmosphericNuclear Security Administration the1 -the Mid-Infrared at 278, 298,NIST 800-53 Revision 3 + Draft Revision 4 Recommended

36

SELECTING INFORMATION TECHNOLOGY SECURITY  

E-Print Network [OSTI]

be selected and used within the organization's overall program to man age the design, development, and maintenance of its IT security infra structure, and to protect the confiden tiality, integrity objectives and to protect information. Guide to Selecting Information Technology Security Products NIST

37

USING PERFORMANCE MEASUREMENTS TO EVALUATE AND STRENGTHEN INFORMATION SYSTEM SECURITY  

E-Print Network [OSTI]

;Measurements can be used throughout the system development life cycle (SDLC) to monitor the implementation

38

Security Requirements for Remote Access to DOE and Applicable Contractor Information Technology Systems  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Notice establishes DOE policy requirements and responsibilities for remote connections to DOE and contractor information technology systems. The Notice will also ensure compliance with the requirements of DOE O 205.1, Department of Energy Cyber Security Management Program, dated 3-21-03, to protect DOE information and information technology systems commensurate with the risk and magnitude of harm that could result from their unauthorized access, use, disclosure, modification or destruction. DOE N 205.15, dated 3/18/05, extends this directive until 3/18/06. No cancellations.

2004-02-19T23:59:59.000Z

39

The theory of diversity and redundancy in information system security : LDRD final report.  

SciTech Connect (OSTI)

The goal of this research was to explore first principles associated with mixing of diverse implementations in a redundant fashion to increase the security and/or reliability of information systems. Inspired by basic results in computer science on the undecidable behavior of programs and by previous work on fault tolerance in hardware and software, we have investigated the problem and solution space for addressing potentially unknown and unknowable vulnerabilities via ensembles of implementations. We have obtained theoretical results on the degree of security and reliability benefits from particular diverse system designs, and mapped promising approaches for generating and measuring diversity. We have also empirically studied some vulnerabilities in common implementations of the Linux operating system and demonstrated the potential for diversity to mitigate these vulnerabilities. Our results provide foundational insights for further research on diversity and redundancy approaches for information systems.

Mayo, Jackson R. (Sandia National Laboratories, Livermore, CA) [Sandia National Laboratories, Livermore, CA; Torgerson, Mark Dolan; Walker, Andrea Mae; Armstrong, Robert C. (Sandia National Laboratories, Livermore, CA) [Sandia National Laboratories, Livermore, CA; Allan, Benjamin A. (Sandia National Laboratories, Livermore, CA) [Sandia National Laboratories, Livermore, CA; Pierson, Lyndon George

2010-10-01T23:59:59.000Z

40

National Security System Manual  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The manual provides baseline requirements and controls for the graded protection of the confidentiality, integrity, and availability of classified information and information systems used or operated by the Department of Energy (DOE), contractors, and any other organization on behalf of DOE, including the National Nuclear Security Administration. Cancels DOE M 471.2-2. Canceled by DOE O 205.1B.

2007-03-08T23:59:59.000Z

Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


41

Information Security Program  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

Establishes an Information Security Program for the protection and control of classified and sensitive information. Cancels DOE 5630.8A, DOE 5639.1, DOE 5639.5, DOE 5639.6A, DOE 5639.7, DOE M 5632.1C-1, Chapter III, Para. 1, 2, and 4-9

1995-09-28T23:59:59.000Z

42

Enterprise Information Security Management Framework [EISMF  

E-Print Network [OSTI]

There are several technological solutions available in the market to help organizations with information security breach detection and prevention such as intrusion detection and prevention systems, antivirus software, ...

Sharma, Dhirendra, S.M. Massachusetts Institute of Technology

2011-01-01T23:59:59.000Z

43

AT&TSecurity Consulting Information Assurance Federal Information Security  

E-Print Network [OSTI]

the security controls for the information system. The AT&T Consulting methodology is based on National in addressing industry best practices and provide Security Authorization Process, formerly Certification requirements under the Federal Information Security Management Act of 2002, of general support systems

Fisher, Kathleen

44

T-582: RSA systems has resulted in certain information being extracted from RSA systems that relates to RSA SecurID  

Broader source: Energy.gov [DOE]

RSA investigation has revealed that the attack resulted in certain information being extracted from RSA's systems. Some of that information is related to RSA's SecurID two-factor authentication products.

45

Security system signal supervision  

SciTech Connect (OSTI)

This purpose of this NUREG is to present technical information that should be useful to NRC licensees for understanding and applying line supervision techniques to security communication links. A review of security communication links is followed by detailed discussions of link physical protection and DC/AC static supervision and dynamic supervision techniques. Material is also presented on security for atmospheric transmission and video line supervision. A glossary of security communication line supervision terms is appended. 16 figs.

Chritton, M.R. (BE, Inc., Barnwell, SC (United States)); Matter, J.C. (Sandia National Labs., Albuquerque, NM (United States))

1991-09-01T23:59:59.000Z

46

Control Systems Security  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

systems within the nation's critical infrastructure. The CSSP assists control systems vendors and asset ownersoperators in identifying security vulnerabilities and developing...

47

Information Security Manual  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Manual establishes security requirements for the protection and control of matter required to be classified or controlled by statutes, regulations, or U.S. Department of Energy (DOE) directives. Original dated dated 1-16-09. Canceled by DOE O 471.6--except for Section D.

2010-10-12T23:59:59.000Z

48

Information Security Manual  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

This Manual establishes security requirements for the protection and control of matter required to be classified or controlled by statutes, regulations, or U.S. Department of Energy directives. Cancels DOE M 470.4-4 Chg 1. DOE M 470.4-4A Chg 1 issued 10-12-10.

2009-01-16T23:59:59.000Z

49

Smart Grid Information Security (IS) Functional Requirement  

E-Print Network [OSTI]

It is important to implement safe smart grid environment to enhance people's lives and livelihoods. This paper provides information on smart grid IS functional requirement by illustrating some discussion points to the sixteen identified requirements. This paper introduces the smart grid potential hazards that can be referred as a triggering factor to improve the system and security of the entire grid. The background of smart information infrastructure and the needs for smart grid IS is described with the adoption of hermeneutic circle as methodology. Grid information technology and security-s session discusses that grid provides the chance of a simple and transparent access to different information sources. In addition, the transformation between traditional versus smart grid networking trend and the IS importance on the communication field reflects the criticality of grid IS functional requirement identification is introduces. The smart grid IS functional requirements described in this paper are general and ...

Ling, Amy Poh Ai

2011-01-01T23:59:59.000Z

50

Information Security: Coordination of Federal Cyber Security...  

Broader source: Energy.gov (indexed) [DOE]

and Technology Policy establish timelines for developing a federal agenda for cyber security research. GAO also recommends that the Office of Management and Budget (OMB) issue...

51

06 DEC 2013 1 Information Security Guideline  

E-Print Network [OSTI]

responsibilities make informed decisions related to their organization's assets and corresponding security plan the University. 3 Security Plan Intention The executive heads of major University organizations are responsible an Information Security Plan (Plan) that demonstrates due care in securing their assets by meeting the intention

Queitsch, Christine

52

Security Equipment and Systems Certification Program (SESCP)  

SciTech Connect (OSTI)

Sandia National Laboratories (SNL) and Underwriters Laboratories, Inc., (UL) have jointly established the Security Equipment and Systems Certification Program (SESCP). The goal of this program is to enhance industrial and national security by providing a nationally recognized method for making informed selection and use decisions when buying security equipment and systems. The SESCP will provide a coordinated structure for private and governmental security standardization review. Members will participate in meetings to identify security problems, develop ad-hoc subcommittees (as needed) to address these identified problems, and to maintain a communications network that encourages a meaningful exchange of ideas. This program will enhance national security by providing improved security equipment and security systems based on consistent, reliable standards and certification programs.

Steele, B.J. [Sandia National Labs., Albuquerque, NM (United States); Papier, I.I. [Underwriters Labs., Inc., Northbrook, IL (United States)

1996-06-20T23:59:59.000Z

53

Review your system access with your company's Information Security Officer. Access that is not  

E-Print Network [OSTI]

. The FBI may be able to help you determine if these contacts pose any risk to you or your company. Change unusual circumstances or noteworthy incidents to your security officer and to the FBI. Notifying the FBI and country threat assessments are available from the FBI upon request. Good security habits will help protect

Shepp, Larry

54

GAANN -Computer Systems Security GAANN Computer Systems Security  

E-Print Network [OSTI]

GAANN - Computer Systems Security GAANN ­ Computer Systems Security · What is computer systems security? ­ The protection of all aspects of a computer system from unauthorized use · Why is it important? ­ Computing devices have a large impact on our daily life ­ Guaranteeing that the devices perform as desired

Alpay, S. Pamir

55

On Cyber Security for Networked Control Systems  

E-Print Network [OSTI]

her students on security of process control systems. I amcyber-security tools for process control systems. In theon the security mechanisms of process control systems, few

Amin, Saurabh

2011-01-01T23:59:59.000Z

56

Information Sharing and Security in Dynamic Coalitions Charles E. Phillips, Jr.  

E-Print Network [OSTI]

, military, process control . K.6.5 [Management Of Computing And Information Systems]: Security/server, distributed applications, distributed databases. J.7 [Computers In Other Systems]: Command and control security, unauthorized access. General Terms Management, Design, Security. Keywords Access Control

Lee, Ruby B.

57

Third Annual Cyber Security and Information  

E-Print Network [OSTI]

Third Annual Cyber Security and Information Infrastructure Research Workshop May 14-15, 2007 TOWARDS COMPREHENSIVE STRATEGIES THAT MEET THE CYBER SECURITY CHALLENGES OF THE 21ST CENTURY Frederick Sheldon, Axel Krings, Seong-Moo Yoo, and Ali Mili (Editors) #12;CSIIRW07: Cyber Security and Information

Krings, Axel W.

58

Cyberspace security system  

SciTech Connect (OSTI)

A system evaluates reliability, performance and/or safety by automatically assessing the targeted system's requirements. A cost metric quantifies the impact of failures as a function of failure cost per unit of time. The metrics or measurements may render real-time (or near real-time) outcomes by initiating active response against one or more high ranked threats. The system may support or may be executed in many domains including physical domains, cyber security domains, cyber-physical domains, infrastructure domains, etc. or any other domains that are subject to a threat or a loss.

Abercrombie, Robert K; Sheldon, Frederick T; Ferragut, Erik M

2014-06-24T23:59:59.000Z

59

Control Systems Cyber Security Standards Support Activities  

SciTech Connect (OSTI)

The Department of Homeland Security’s Control Systems Security Program (CSSP) is working with industry to secure critical infrastructure sectors from cyber intrusions that could compromise control systems. This document describes CSSP’s current activities with industry organizations in developing cyber security standards for control systems. In addition, it summarizes the standards work being conducted by organizations within the sector and provides a brief listing of sector meetings and conferences that might be of interest for each sector. Control systems cyber security standards are part of a rapidly changing environment. The participation of CSSP in the development effort for these standards has provided consistency in the technical content of the standards while ensuring that information developed by CSSP is included.

Robert Evans

2009-01-01T23:59:59.000Z

60

Building an Information Technology Security Awareness  

E-Print Network [OSTI]

Building an Information Technology Security Awareness and Training Program Mark Wilson and Joan Hash C O M P U T E R S E C U R I T Y NIST Special Publication 800-50 Computer Security Division

Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


61

System security Dr Len Hamey  

E-Print Network [OSTI]

, firewalls, detecting intrusions) Security process cycle policy implementation administration audit risk access with firewall Use generic service banners Use intrusion detection system that can detect;2 Security Services Confidentiality service. Authentication service. Integrity service. Access Control

Hamey, Len

62

RISK MANAGEMENT FRAMEWORK: HELPING ORGANIZATIONS IMPLEMENT EFFECTIVE INFORMATION SECURITY PROGRAMS  

E-Print Network [OSTI]

organizational managers in making informed decisions regarding the security of their information systems. NIST agencies implementing risk-based planning and management also must consider effectiveness, efficiency for their information and information systems with the gains in capabilities and improved support of organizational

63

A Virtual Environment for Interactive Visualization of Power System Economic and Security Information  

E-Print Network [OSTI]

. In contrast, the purpose of the work presented here is to use a VE to interactively visualize more abstract of Illinois at Urbana-Champaign Urbana, IL 61801 USA Abstract Simulation and analysis of power systems often power system data. Thus this work is more akin to scientific visualization. An overview of using VEs

64

Revised: August 2013 INFORMATION SYSTEMS  

E-Print Network [OSTI]

] as the common security framework baseline to be used by the campuses of the University of North Carolina system implementation standards are the NC IT Security Manual, the Control Objectives for Information and related responsibilities 08.02.02 Information security awareness, education, and training 08.02.03 Disciplinary process 08

Howitt, Ivan

65

Information Security | National Nuclear Security Administration  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May JunDatastreamsmmcrcalgovInstrumentsruc DocumentationP-SeriesFlickrinformation for planningtoA JourneyISTI Information Science

66

MSc and Postgraduate Diploma in Information Security  

E-Print Network [OSTI]

of information security need internationally-recognised qualifications which How will the course help my career and understanding of What do employers say? Worldwide Access | Opportunity | International Standards qualifications. #12;`Attending my first Information Security supplier event after graduating made me reali

Royal Holloway, University of London

67

Threats to financial system security  

SciTech Connect (OSTI)

The financial system in the United States is slowly migrating from the bricks and mortar of banks on the city square to branch banks, ATM`s, and now direct linkage through computers to the home. Much work has been devoted to the security problems inherent in protecting property and people. The impact of attacks on the information aspects of the financial system has, however, received less attention. Awareness is raised through publicized events such as the junk bond fraud perpetrated by Milken or gross mismanagement in the failure of the Barings Bank through unsupervised trading activities by Leeson in Singapore. These events, although seemingly large (financial losses may be on the order of several billion dollars), are but small contributors to the estimated $114 billion loss to all types of financial fraud in 1993. Most of the losses can be traced to the contribution of many small attacks perpetrated against a variety of vulnerable components and systems. This paper explores the magnitude of these financial system losses and identifies new areas for security to be applied to high consequence events.

McGovern, D.E.

1997-06-01T23:59:59.000Z

68

Modern Quantum Technologies of Information Security  

E-Print Network [OSTI]

In the paper systematization and classification of modern quantum technologies of the information security against cyber-terrorist attack are carried out. The characteristic of the basic directions of quantum cryptography from the viewpoint of used quantum technologies is given. The qualitative analysis of advantages and disadvantages of concrete quantum protocols is made. The current status of a problem of practical quantum cryptography using in telecommunication networks is considered. In particular, the short review of existing commercial systems of quantum key distribution is given.

Korchenko, Oleksandr; Gnatyuk, Sergiy

2010-01-01T23:59:59.000Z

69

Physical Security Systems | National Nuclear Security Administration  

National Nuclear Security Administration (NNSA)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "ofEarlyEnergyDepartment ofDepartment ofofOxfordVeteransAdministrationPhysical Security Systems |

70

Information Resources Security Planning and Policy Committee -UTDPP1003  

E-Print Network [OSTI]

Information Resources Security Planning and Policy Committee - UTDPP1003 Policy Charge IR Security Planning and Policy Committee Policy Statement The Information Resources Planning, and Policy a security plan to protect information identified as confidential, sensitive or both. 3. Assign management

O'Toole, Alice J.

71

U-200: Red Hat Directory Server Information Disclosure Security...  

Broader source: Energy.gov (indexed) [DOE]

0: Red Hat Directory Server Information Disclosure Security Issue and Vulnerability U-200: Red Hat Directory Server Information Disclosure Security Issue and Vulnerability June 27,...

72

Port security and information technology  

E-Print Network [OSTI]

The terrorist attacks of September 11th 2001 on New York and Washington DC shed light on the many security shortcomings that sea ports and the entire import and export process face. A primary source of these problems is ...

Petrakakos, Nikolaos Harilaos

2005-01-01T23:59:59.000Z

73

On Cyber Security for Networked Control Systems  

E-Print Network [OSTI]

cyber-security analysis of the SCADA system of the Gignac water distributioncyber security of SCADA systems managing other infrastructures (e.g. , oil and natural gas distribution

Amin, Saurabh

2011-01-01T23:59:59.000Z

74

Cyber Security and Resilient Systems  

SciTech Connect (OSTI)

The Department of Energy (DOE) Idaho National Laboratory (INL) has become a center of excellence for critical infrastructure protection, particularly in the field of cyber security. It is one of only a few national laboratories that have enhanced the nation’s cyber security posture by performing industrial control system (ICS) vendor assessments as well as user on-site assessments. Not only are vulnerabilities discovered, but described actions for enhancing security are suggested – both on a system-specific basis and from a general perspective of identifying common weaknesses and their corresponding corrective actions. These cyber security programs have performed over 40 assessments to date which have led to more robust, secure, and resilient monitoring and control systems for the US electrical grid, oil and gas, chemical, transportation, and many other sectors. In addition to cyber assessments themselves, the INL has been engaged in outreach to the ICS community through vendor forums, technical conferences, vendor user groups, and other special engagements as requested. Training programs have been created to help educate all levels of management and worker alike with an emphasis towards real everyday cyber hacking methods and techniques including typical exploits that are used. The asset owner or end user has many products available for its use created from these programs. One outstanding product is the US Department of Homeland Security (DHS) Cyber Security Procurement Language for Control Systems document that provides insight to the user when specifying a new monitoring and control system, particularly concerning security requirements. Employing some of the top cyber researchers in the nation, the INL can leverage this talent towards many applications other than critical infrastructure. Monitoring and control systems are used throughout the world to perform simple tasks such as cooking in a microwave to complex ones such as the monitoring and control of the next generation fighter jets or nuclear material safeguards systems in complex nuclear fuel cycle facilities. It is the intent of this paper to describe the cyber security programs that are currently in place, the experiences and successes achieved in industry including outreach and training, and suggestions about how other sectors and organizations can leverage this national expertise to help their monitoring and control systems become more secure.

Robert S. Anderson

2009-07-01T23:59:59.000Z

75

Algorithms and architecture for multiusers, multi-terminal, multi-layer information theoretic security  

E-Print Network [OSTI]

As modern infrastructure systems become increasingly more complex, we are faced with many new challenges in the area of information security. In this thesis we examine some approaches to security based on ideas from ...

Khisti, Ashish, 1979-

2009-01-01T23:59:59.000Z

76

Secure Control Systems for the Energy Sector  

SciTech Connect (OSTI)

Schweitzer Engineering Laboratories (SEL) will conduct the Hallmark Project to address the need to reduce the risk of energy disruptions because of cyber incidents on control systems. The goals is to develop solutions that can be both applied to existing control systems and designed into new control systems to add the security measures needed to mitigate energy network vulnerabilities. The scope of the Hallmark Project contains four primary elements: 1. Technology transfer of the Secure Supervisory Control and Data Acquisition (SCADA) Communications Protocol (SSCP) from Pacific Northwest National Laboratories (PNNL) to Schweitzer Engineering Laboratories (SEL). The project shall use this technology to develop a Federal Information Processing Standard (FIPS) 140-2 compliant original equipment manufacturer (OEM) module to be called a Cryptographic Daughter Card (CDC) with the ability to directly connect to any PC enabling that computer to securely communicate across serial to field devices. Validate the OEM capabilities with another vendor. 2. Development of a Link Authenticator Module (LAM) using the FIPS 140-2 validated Secure SCADA Communications Protocol (SSCP) CDC module with a central management software kit. 3. Validation of the CDC and Link Authenticator modules via laboratory and field tests. 4. Creation of documents that record the impact of the Link Authenticator to the operators of control systems and on the control system itself. The information in the documents can assist others with technology deployment and maintenance.

Smith, Rhett; Campbell, Jack; Hadley, Mark

2012-03-31T23:59:59.000Z

77

Principles of Secure Information Flow Analysis Geoffrey Smith  

E-Print Network [OSTI]

Principles of Secure Information Flow Analysis Geoffrey Smith School of Computing and Information to explain the #12;2 Geoffrey Smith principles underlying secure information flow analysis and to discuss

Smith, Geoffrey

78

Finance, IT Operations & Information Security Dear Colleagues,  

E-Print Network [OSTI]

1 Finance, IT Operations & Information Security Dear Colleagues, It is hard not to be mindful with the guidance of their senior administrators. The re-organization in some of the finance offices continues the intranet site. #12;2 Harry Dumay, PhD MBA Chief Financial Officer/ Associate Dean for Finance

79

Optimal Information Security Investment with Penetration Testing  

E-Print Network [OSTI]

gathering prior to investing into protection against so-identified threats. Penetration testing is alsoOptimal Information Security Investment with Penetration Testing Rainer B¨ohme and M´ark F´elegyh´azi International Computer Science Institute, Berkeley, California {rainer.boehme|mark}@icsi.berkeley.edu Abstract

Bencsáth, Boldizsár

80

PRIVACY AND SECURITY OF PERSONAL INFORMATION  

E-Print Network [OSTI]

Chapter 1 PRIVACY AND SECURITY OF PERSONAL INFORMATION Economic Incentives and Technological for many, the economic #12;2 incentives have not generated widespread adoption, and government in University acquisti@andrew.cmu.edu Abstract I discuss the evolution of the economic analysis of privacy

Sadeh, Norman M.

Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


81

Information Security Analysis Using Game Theory and Simulation  

SciTech Connect (OSTI)

Information security analysis can be performed using game theory implemented in dynamic simulations of Agent Based Models (ABMs). Such simulations can be verified with the results from game theory analysis and further used to explore larger scale, real world scenarios involving multiple attackers, defenders, and information assets. Our approach addresses imperfect information and scalability that allows us to also address previous limitations of current stochastic game models. Such models only consider perfect information assuming that the defender is always able to detect attacks; assuming that the state transition probabilities are fixed before the game assuming that the players actions are always synchronous; and that most models are not scalable with the size and complexity of systems under consideration. Our use of ABMs yields results of selected experiments that demonstrate our proposed approach and provides a quantitative measure for realistic information systems and their related security scenarios.

Schlicher, Bob G [ORNL] [ORNL; Abercrombie, Robert K [ORNL] [ORNL

2012-01-01T23:59:59.000Z

82

Mobile RFID Security Issues -ICU 1 SCIS 2006: The 2006 Symposium on Cryptography and Information Security  

E-Print Network [OSTI]

Mobile RFID Security Issues - ICU 1 SCIS 2006: The 2006 Symposium on Cryptography and Information Engineers Mobile RFID Security Issues Divyan M. Konidala, Kwangjo Kim Cryptology and Information Security #12;Mobile RFID Security Issues - ICU 2 RFID Technology (1/2) Radio Frequency Identification (RFID

Kim, Kwangjo

83

Ontological Mapping of Information Security Best-Practice Guidelines  

E-Print Network [OSTI]

best-practice guidelines, security ontology, EBIOS, IT Grundschutz Manual. 1 Introduction In recent- schutz Manual [4] to the security ontology by [6]. 2 Ontological Mapping of Information Security Best-PracticeOntological Mapping of Information Security Best-Practice Guidelines Stefan Fenz, Thomas Pruckner

84

Information Resources Security Planning and Policy Committee -UTDPP1003  

E-Print Network [OSTI]

Information Resources Security Planning and Policy Committee - UTDPP1003 Policy Charge IR Security it is confidential, sensitive, both or neither. 2. Prepare a security plan to protect information identified as confidential, sensitive or both. 3. Assign management responsibility for implementing the security plan. 4

O'Toole, Alice J.

85

Find It. Delete It. Protect It. Information Technology Security Strategy  

E-Print Network [OSTI]

that security will be a process rather than project. Achievement of the goal, optimized risk management to external best practices and seek external advice on effectiveness. For critical processes and systems valuable information for governance. This process will achieve the long term Internal Controls Maturity

Sheridan, Jennifer

86

Information Security Plan for Flight Simulator Applications  

E-Print Network [OSTI]

The Department of Defense has a need for an identity management system that uses two factor authentications to ensure that only the correct individuals get access to their top secret flight simulator program. Currently the Department of Defense does not have a web interface sign in system. We will be creating a system that will allow them to access their programs, back office and administrator functions remotely. A security plan outlining our security architecture will be delivered prior to the final code roll out. The plan will include responses to encryption used and the security architecture applied in the final documentation. The code will be delivered in phases to work out any issues that may occur during the implementation

Slaughter, Jason

2011-01-01T23:59:59.000Z

87

THE UNIVERSITY OF TEXAS AT DALLAS INFORMATION SECURITY  

E-Print Network [OSTI]

. Instead, these requirements should be integrated into a comprehensive system security plan. II. Scope

O'Toole, Alice J.

88

Center for Cyber-Security, Information Privacy, and Trust  

E-Print Network [OSTI]

Center for Cyber-Security, Information Privacy, and Trust http://cybersecurity.ist.psu.edu Dr. Peng Liu, Director cai@ist.psu.edu Center for Cyber-Security, Information Privacy, and Trust 16802-6822 The Center for Cyber-Security, Information Privacy, and Trust, aka Lions Center

Squicciarini, Anna Cinzia

89

Center for Cyber-Security, Information Privacy, and Trust  

E-Print Network [OSTI]

Center for Cyber-Security, Information Privacy, and Trust http://cybersecurity.ist.psu.edu Dr. Peng Liu, Director pliu@ist.psu.edu Center for Cyber-Security, Information Privacy, and Trust 16802-6822 The Center for Cyber-Security, Information Privacy, and Trust, aka Lions Center

Giles, C. Lee

90

TOWARD HIGHLY SECURE AND AUTONOMIC COMPUTING SYSTEMS: A HIERARCHICAL APPROACH  

SciTech Connect (OSTI)

The overall objective of this research project is to develop novel architectural techniques as well as system software to achieve a highly secure and intrusion-tolerant computing system. Such system will be autonomous, self-adapting, introspective, with self-healing capability under the circumstances of improper operations, abnormal workloads, and malicious attacks. The scope of this research includes: (1) System-wide, unified introspection techniques for autonomic systems, (2) Secure information-flow microarchitecture, (3) Memory-centric security architecture, (4) Authentication control and its implication to security, (5) Digital right management, (5) Microarchitectural denial-of-service attacks on shared resources. During the period of the project, we developed several architectural techniques and system software for achieving a robust, secure, and reliable computing system toward our goal.

Lee, Hsien-Hsin S

2010-05-11T23:59:59.000Z

91

Systems Security at Chemical and Biochemical Engineering  

E-Print Network [OSTI]

and Biochemical Engineering. The Systems Administrator for Chemical and Biochemical Engineering regularly reviews network security.However, maintaining systems security is a group effort and a never-ending task. Here Administrator regarding security bugs that may affect your personal computer. If a patch is available, download

92

Physical Security System Sensitivity to DBT Perturbations  

E-Print Network [OSTI]

, multiple scenarios are assessed that test different sets of adversary capabilities to better uncover and understand any security system vulnerabilities that may exist. We believe the benefit of identifying these site-specific security vulnerabilities...

Conchewski, Curtis

2012-10-19T23:59:59.000Z

93

MULTIAREA SYSTEM RELIABILITY: THE ECONOMIC EVALUATION OF SYSTEM SECURITY CRITERIA  

E-Print Network [OSTI]

MULTIAREA SYSTEM RELIABILITY: THE ECONOMIC EVALUATION OF SYSTEM SECURITY CRITERIA BY TEOMAN GULER B assessment studies and the quantification of the economics of secure power system operations security and the economics of secure operations in the competitive market environment. The advent

Gross, George

94

Information Security Framework for Small and Medium Sized Businesses  

E-Print Network [OSTI]

prevalent risks to business information and commonly exploited security holes can quickly close the door to a security incident. Just as with traditional burglary attempts, the computer criminals will first look for the path of least resistance when trying...

Michnick, Steven M.

2009-06-17T23:59:59.000Z

95

The Relationship Between Information Security and Fraud Risk Management  

E-Print Network [OSTI]

of Regional Security & Fraud Risk HSBC THE CHINESE UNIVERSITY OF HONG KONG Department of Information current role in HSBC, as the Head of Regional Security & Fraud for Asia Pacific involves financial crime

Huang, Jianwei

96

Site Information | National Nuclear Security Administration  

National Nuclear Security Administration (NNSA)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "ofEarlyEnergyDepartmentNational Nuclearhas 'Natitude'SecurityAdministration rankedInformation | National

97

Study of Security Attributes of Smart Grid Systems- Current Cyber Security Issues  

SciTech Connect (OSTI)

This document provides information for a report to congress on Smart Grid security as required by Section 1309 of Title XIII of the Energy Independence and Security Act of 2007. The security of any future Smart Grid is dependent on successfully addressing the cyber security issues associated with the nation’s current power grid. Smart Grid will utilize numerous legacy systems and technologies that are currently installed. Therefore, known vulnerabilities in these legacy systems must be remediated and associated risks mitigated in order to increase the security and success of the Smart Grid. The implementation of Smart Grid will include the deployment of many new technologies and multiple communication infrastructures. This report describes the main technologies that support Smart Grid and summarizes the status of implementation into the existing U.S. electrical infrastructure.

Wayne F. Boyer; Scott A. McBride

2009-04-01T23:59:59.000Z

98

Control Systems Security Publications Library | Department of...  

Energy Savers [EERE]

Publications Library Control Systems Security Publications Library Publications Library Repository of documents, listed by topic. (Some of the documents in this section require...

99

Developing Secure Power Systems Professional Competence: Alignment...  

Broader source: Energy.gov (indexed) [DOE]

workforce development resources that can aid in the accelerating need for Secure Power Systems Professionals, while at the same time identifying capabilities and competencies to...

100

PKI-based security for peer-to-peer information sharing  

SciTech Connect (OSTI)

The free flow of information is the feature that has made peer-to-peer information sharing applications popular. However, this very feature holds back the acceptance of these applications by the corporate and scientific communities. In these communities it is important to provide confidentiality and integrity of communication and to enforce access control to shared resources. We present a number of security mechanisms that can be used to satisfy these security requirements. Our solutions are based on established and proven security techniques and we utilize existing technologies when possible. As a proof of concept, we have developed an information sharing system, called scishare, which integrates a number of these security mechanisms to provide a secure environment for information sharing. This system will allow a broader set of user communities to benefit from peer-to-peer information sharing.

Berket, Karlo; Essiari, Abdelilah; Muratas, Artur

2004-05-02T23:59:59.000Z

Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


101

Information Technology Security Training Requirements Appendix A --Learning Continuum A-1  

E-Print Network [OSTI]

employees Security Awareness All employees involved with IT systems Security Basics and Literacy Information control. By accrediting a system or application, a manager accepts the associated risk. Accreditation, and Installation Controls -- the process of assuring that adequate controls are considered, evaluated, selected

102

Can We Improve Energy Efficiency of Secure Disk Systems without Modifying Security Mechanisms?  

E-Print Network [OSTI]

Can We Improve Energy Efficiency of Secure Disk Systems without Modifying Security Mechanisms--Improving energy efficiency of security-aware storage systems is challenging, because security and energy security and energy efficiency is to profile encryption algorithms to decide if storage systems would

Qin, Xiao

103

Delegating Network Security with More Information  

E-Print Network [OSTI]

Network security is gravitating towards more centralized control. Strong centralization places a heavy burden on the administrator who has to manage complex security policies and be able to adapt to users' requests. To be ...

Naous, Jad

104

ORO Office Safeguards and Security Clearance Tracking System...  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

Office Safeguards and Security Clearance Tracking System and Visitor Control System PIA, Oak Ridge Operations Office ORO Office Safeguards and Security Clearance Tracking System...

105

Secure Multiparty Computation Based Privacy Preserving Smart Metering System  

E-Print Network [OSTI]

Secure Multiparty Computation Based Privacy Preserving Smart Metering System Cory Thoma Information Ave. Pittsburgh, PA 15213 Email: {tcui,franzf}@ece.cmu.edu Abstract--Smart metering systems provide privacy preserving protocol for smart meter based load management. Using SMC and a proper designed

Franchetti, Franz

106

Multimedia Systems as Immune System to Improve Automotive Security?  

E-Print Network [OSTI]

Multimedia Systems as Immune System to Improve Automotive Security? Jana Dittmann1 , Tobias Hoppe1 and environment. Especially in the field of automotive security, producers are seek- ing cost efficient- using resources. Initially, working in automotive security, it was easy to see that a wide variety

Paris-Sud XI, Université de

107

Secure Information Exchange Gateway for Electric Grid Operations  

SciTech Connect (OSTI)

The major objectives of the SIEGate project were to improve the security posture and minimize the cyber-attack surface of electric utility control centers and to reduce the cost of maintaining control-room-to-control-room information exchange. Major project goals included the design, development, testing, and commercialization of a single security-hardened appliance that could meet industry needs for resisting cyber-attacks while protecting the confidentiality and integrity of a growing volume of real-time information needed to ensure the reliability of the bulk electric system and interoperating with existing data formats and networking technologies. The SIEGate project has achieved its goals and objectives. The SIEGate Design Document, issued in March 2012, presented SIEGate use cases, provided SIEGate requirements, established SIEGate design principles, and prescribed design functionality of SIEGate as well as the components that make up SIEGate. SIEGate Release Version 1.0 was posted in January 2014. Release Version 1.0.83, which was posted on March 28, 2014, fixed many issues discovered by early adopters and added several new features. Release Candidate 1.1, which added additional improvements and bug fixes, was posted in June 2014. SIEGate executables have been downloaded more than 300 times. SIEGate has been tested at PJM, Entergy, TVA, and Southern. Security testing and analysis of SIEGate has been conducted at PNNL and PJM. Alstom has provided a summary of recommended steps for commercialization of the SIEGate Appliance and identified two deployment models with immediate commercial application.

Robertson, F.; Carroll, J.; Sanders, William; Yardley, Timothy; Heine, Erich; Hadley, Mark; McKinnon, David; Motteler, Barbara; Giri, Jay; Walker, William; McCartha, Esrick

2014-09-30T23:59:59.000Z

108

Recommended Practice for Securing Control System Modems  

SciTech Connect (OSTI)

This paper addresses an often overlooked “backdoor” into critical infrastructure control systems created by modem connections. A modem’s connection to the public telephone system is similar to a corporate network connection to the Internet. By tracing typical attack paths into the system, this paper provides the reader with an analysis of the problem and then guides the reader through methods to evaluate existing modem security. Following the analysis, a series of methods for securing modems is provided. These methods are correlated to well-known networking security methods.

James R. Davidson; Jason L. Wright

2008-01-01T23:59:59.000Z

109

Proceedings Second Annual Cyber Security and Information Infrastructure Research Workshop  

SciTech Connect (OSTI)

The workshop theme is Cyber Security: Beyond the Maginot Line Recently the FBI reported that computer crime has skyrocketed costing over $67 billion in 2005 alone and affecting 2.8M+ businesses and organizations. Attack sophistication is unprecedented along with availability of open source concomitant tools. Private, academic, and public sectors invest significant resources in cyber security. Industry primarily performs cyber security research as an investment in future products and services. While the public sector also funds cyber security R&D, the majority of this activity focuses on the specific mission(s) of the funding agency. Thus, broad areas of cyber security remain neglected or underdeveloped. Consequently, this workshop endeavors to explore issues involving cyber security and related technologies toward strengthening such areas and enabling the development of new tools and methods for securing our information infrastructure critical assets. We aim to assemble new ideas and proposals about robust models on which we can build the architecture of a secure cyberspace including but not limited to: * Knowledge discovery and management * Critical infrastructure protection * De-obfuscating tools for the validation and verification of tamper-proofed software * Computer network defense technologies * Scalable information assurance strategies * Assessment-driven design for trust * Security metrics and testing methodologies * Validation of security and survivability properties * Threat assessment and risk analysis * Early accurate detection of the insider threat * Security hardened sensor networks and ubiquitous computing environments * Mobile software authentication protocols * A new "model" of the threat to replace the "Maginot Line" model and more . . .

Sheldon, Frederick T [ORNL; Krings, Axel [ORNL; Yoo, Seong-Moo [ORNL; Mili, Ali [ORNL; Trien, Joseph P [ORNL

2006-01-01T23:59:59.000Z

110

Lecture 13: Control System Cyber Security  

E-Print Network [OSTI]

Today, the industralized world lives in symbiosis with control systems: it depends on power distribution, oil production, public transport, automatic production lines. While the convenience is at hand, still too many control systems are designed without any security in mind, lack basic security protections, and are not even robust enough to withstand basic attacks. The Stuxnet worm attacking Siemens PLCs in 2010 was another close call. Attackers currently enjoy hacking control systems, and aim to switch lights off. This presentation shall recap the current situation and outline why the presenter is still waiting for a change in paradigm. Stefan Lüders, PhD, graduated from the Swiss Federal Institute of Technology in Zurich and joined CERN in 2002. Being initially developer of a common safety system used in all four experiments at the Large Hadron Collider, he gathered expertise in cyber-security issues of control systems. Consequently in 2004, he took over responsibilities in securing CERN's accelerator and...

CERN. Geneva

2013-01-01T23:59:59.000Z

111

Secure videoconferencing equipment switching system and method  

DOE Patents [OSTI]

Examples of systems described herein include videoconferencing systems having audio/visual components coupled to a codec. The codec may be configured by a control system. Communication networks having different security levels may be alternately coupled to the codec following appropriate configuration by the control system. The control system may also be coupled to the communication networks.

Dirks, David H; Gomes, Diane; Stewart, Corbin J; Fischer, Robert A

2013-04-30T23:59:59.000Z

112

Security Analysis and Project Management Systems | ornl.gov  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Security Analysis and Project Management Systems SHARE Security Analysis and Project Management Systems ORNL brings together the subject matter experts with programmers to design,...

113

National SCADA Test Bed - Enhancing control systems security...  

Broader source: Energy.gov (indexed) [DOE]

SCADA Test Bed - Enhancing control systems security in the energy sector (September 2009) National SCADA Test Bed - Enhancing control systems security in the energy sector...

114

Common Cyber Security Vulnerabilities Observed in Control System...  

Broader source: Energy.gov (indexed) [DOE]

Common Cyber Security Vulnerabilities Observed in Control System Assessments by the INL NSTB Program Common Cyber Security Vulnerabilities Observed in Control System Assessments by...

115

Control Systems Security News Archive | Department of Energy  

Office of Environmental Management (EM)

News Archive Control Systems Security News Archive Control Systems Security News Archive September 2010 - Secretary Chu Announces Latest Efforts to Address Cybersecurity August...

116

PARS II New Contractor Information for Interconnection Security...  

Office of Environmental Management (EM)

V1.0 (November 18, 2010) The Department of Energy (DOE) Headquarters Program Cyber Security Plan (PCSP), dated February 2008, requires the Project Assessment and Reporting System...

117

Security approaches for Radio Frequency Identification systems  

E-Print Network [OSTI]

In this thesis, I explore the challenges related to the security of the Electronic Product Code (EPC) class of Radio Frequency Identification (RFID) tags and associated data. RFID systems can be used to improve supply chain ...

Foley, Joseph Timothy, 1976-

2007-01-01T23:59:59.000Z

118

Secure and Efficient Routable Control Systems  

SciTech Connect (OSTI)

This document provides the methods to secure routable control system communication in the electric sector. The approach of this document yields a long-term vision for a future of secure communication, while also providing near term steps and a roadmap. The requirements for the future secure control system environment were spelled out to provide a final target. Additionally a survey and evaluation of current protocols was used to determine if any existing technology could achieve this goal. In the end a four-step path was described that brought about increasing requirement completion and culminates in the realization of the long term vision.

Edgar, Thomas W.; Hadley, Mark D.; Manz, David O.; Winn, Jennifer D.

2010-05-01T23:59:59.000Z

119

CS2SAT: THE CONTROL SYSTEMS CYBER SECURITY SELF-ASSESSMENT TOOL  

SciTech Connect (OSTI)

The Department of Homeland Security National Cyber Security Division has developed the Control System Cyber Security Self-Assessment Tool (CS2SAT) that provides users with a systematic and repeatable approach for assessing the cyber-security posture of their industrial control system networks. The CS2SAT was developed by cyber security experts from Department of Energy National Laboratories and with assistance from the National Institute of Standards and Technology. The CS2SAT is a desktop software tool that guides users through a step-by-step process to collect facility-specific control system information and then makes appropriate recommendations for improving the system’s cyber-security posture. The CS2SAT provides recommendations from a database of industry available cyber-security practices, which have been adapted specifically for application to industry control system networks and components. Each recommendation is linked to a set of actions that can be applied to remediate-specific security vulnerabilities.

Kathleen A. Lee

2008-01-01T23:59:59.000Z

120

INFORMATION SYSTEMS  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

SYSTEMS Providing an efficient, seamless virtual work environment To accelerate progress toward mission goals, our business and operations processes will be aggressively...

Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


121

March 23, 2008 Databases: Information Systems 1 Information Systems  

E-Print Network [OSTI]

March 23, 2008 Databases: Information Systems 1 Information Systems #12;March 23, 2008 Databases: Information Systems 2 Objectives What is an Information System (IS) + Classification of Information Systems + Evolution of Information Systems + Information System Management + Performance Requirements of ISs + #12

Adam, Salah

122

Policy 3505 Information Technology Security 1 OLD DOMINION UNIVERSITY  

E-Print Network [OSTI]

Code of Practice for Information Security Management (ISO/IEC 27002:2005) The international standard Electrotechnical Commission (IEC) A global organization that develops and publishes standards, the private sector, consumer groups, professional associations, and others. International Organization

123

Primer Control System Cyber Security Framework and Technical Metrics  

SciTech Connect (OSTI)

The Department of Homeland Security National Cyber Security Division supported development of a control system cyber security framework and a set of technical metrics to aid owner-operators in tracking control systems security. The framework defines seven relevant cyber security dimensions and provides the foundation for thinking about control system security. Based on the developed security framework, a set of ten technical metrics are recommended that allow control systems owner-operators to track improvements or degradations in their individual control systems security posture.

Wayne F. Boyer; Miles A. McQueen

2008-05-01T23:59:59.000Z

124

T-582: RSA systems has resulted in certain information being...  

Broader source: Energy.gov (indexed) [DOE]

2: RSA systems has resulted in certain information being extracted from RSA systems that relates to RSA SecurID T-582: RSA systems has resulted in certain information being...

125

Implementing Information Security and Its Technology: A LineManagement Perspective  

SciTech Connect (OSTI)

Assuring the security and privacy of institutionalinformation assets is a complex task for the line manager responsible forinternational and multi-national transactions. In the face of an unsureand often conflicting international legal framework, the line managermust employ all available tools in an Integrated Security and PrivacyManagement framework that ranges from legal obligations, to policy, toprocedure, to cutting edge technology to counter the rapidly evolvingcyber threat to information assets and the physical systems thatinformation systems control.

Barletta, William A.

2005-08-22T23:59:59.000Z

126

Design tools for complex dynamic security systems.  

SciTech Connect (OSTI)

The development of tools for complex dynamic security systems is not a straight forward engineering task but, rather, a scientific task where discovery of new scientific principles and math is necessary. For years, scientists have observed complex behavior but have had difficulty understanding it. Prominent examples include: insect colony organization, the stock market, molecular interactions, fractals, and emergent behavior. Engineering such systems will be an even greater challenge. This report explores four tools for engineered complex dynamic security systems: Partially Observable Markov Decision Process, Percolation Theory, Graph Theory, and Exergy/Entropy Theory. Additionally, enabling hardware technology for next generation security systems are described: a 100 node wireless sensor network, unmanned ground vehicle and unmanned aerial vehicle.

Byrne, Raymond Harry; Rigdon, James Brian; Rohrer, Brandon Robinson; Laguna, Glenn A.; Robinett, Rush D. III (.; ); Groom, Kenneth Neal; Wilson, David Gerald; Bickerstaff, Robert J.; Harrington, John J.

2007-01-01T23:59:59.000Z

127

Security needs in embedded systems Tata Elxsi Ltd. India  

E-Print Network [OSTI]

also briefs on the security enforced in a device by the use of proprietary security technology and also will be useless #12;Security needs in embedded systems 2 or unintelligible for anyone who is having unauthorized

128

Space & Security Power Systems Facility  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Working with INL Community Outreach Visitor Information Calendar of Events ATR National Scientific User Facility Center for Advanced Energy Studies Light Water Reactor...

129

TEACHING CONTEXT IN INFORMATION SECURITY Matt Bishop  

E-Print Network [OSTI]

security 1. PROBLEM STATEMENT Software engineers used standard software engineering processes to develop of software are annoying, but delays of an hour are not catastrophic. But in certain environments (notably to use techniques, and--more importantly--how to analyze social, political, and cultural environments

130

TEACHING CONTEXT IN INFORMATION SECURITY Matt Bishop  

E-Print Network [OSTI]

security 1. PROBLEM S A EMEN Software engineers used standard software engineering processes to develop and scenarios drawn from political science, history, and other humanities to force students to apply or derive the process enjoyable, stimulating, and effective. Key words: environment, judgment, instruction, computer

Bishop, Matt

131

Program Information | National Nuclear Security Administration  

National Nuclear Security Administration (NNSA)

and Operating (M&O) Contract Competition Program Information Program Information FY 2015 Performance Evaluation Plan (PEP) FY 2013 Performance Evaluation Report (PER)...

132

Secure Data Transfer Guidance for Industrial Control and SCADA Systems  

SciTech Connect (OSTI)

This document was developed to provide guidance for the implementation of secure data transfer in a complex computational infrastructure representative of the electric power and oil and natural gas enterprises and the control systems they implement. For the past 20 years the cyber security community has focused on preventative measures intended to keep systems secure by providing a hard outer shell that is difficult to penetrate. Over time, the hard exterior, soft interior focus changed to focus on defense-in-depth adding multiple layers of protection, introducing intrusion detection systems, more effective incident response and cleanup, and many other security measures. Despite much larger expenditures and more layers of defense, successful attacks have only increased in number and severity. Consequently, it is time to re-focus the conventional approach to cyber security. While it is still important to implement measures to keep intruders out, a new protection paradigm is warranted that is aimed at discovering attempted or real compromises as early as possible. Put simply, organizations should take as fact that they have been, are now, or will be compromised. These compromises may be intended to steal information for financial gain as in the theft of intellectual property or credentials that lead to the theft of financial resources, or to lie silent until instructed to cause physical or electronic damage and/or denial of services. This change in outlook has been recently confirmed by the National Security Agency [19]. The discovery of attempted and actual compromises requires an increased focus on monitoring events by manual and/or automated log monitoring, detecting unauthorized changes to a system's hardware and/or software, detecting intrusions, and/or discovering the exfiltration of sensitive information and/or attempts to send inappropriate commands to ICS/SCADA (Industrial Control System/Supervisory Control And Data Acquisition) systems.

Mahan, Robert E.; Fluckiger, Jerry D.; Clements, Samuel L.; Tews, Cody W.; Burnette, John R.; Goranson, Craig A.; Kirkham, Harold

2011-09-01T23:59:59.000Z

133

An integrated mobile system for port security  

SciTech Connect (OSTI)

An integrated mobile system for port security is presented. The system is designed to perform active investigations, by using the tagged neutron inspection technique, of suspect dangerous materials as well as passive measurements of neutrons and gamma rays to search and identify radioactive and special nuclear materials. (authors)

Cester, D. [Dipartimento di Fisica, Universita di Padova, Via F. Marzolo 8, Padova I-35131 (Italy); Fabris, D. [INFN Sezione di Padova, Via F. Marzolo 8, Padova I-35131 (Italy); Lunardon, M.; Moretto, S. [Dipartimento di Fisica, Universita di Padova, Via F. Marzolo 8, Padova I-35131 (Italy); Nebbia, G. [INFN Sezione di Padova, Via F. Marzolo 8, Padova I-35131 (Italy); Pesente, S.; Stevanato, L.; Viesti, G. [Dipartimento di Fisica, Universita di Padova, Via F. Marzolo 8, Padova I-35131 (Italy); Neri, F.; Petrucci, S.; Selmi, S.; Tintori, C. [CAEN S.p.A., Via Vetraia 11, I-55049, Viareggio LU (Italy)

2011-07-01T23:59:59.000Z

134

Information Flow for Secure Distributed Applications  

E-Print Network [OSTI]

Private and confidential information is increasingly stored online and increasingly being exposed due to human errors as well as malicious attacks. Information leaks threaten confidentiality, lead to lawsuits, damage ...

Cheng, Winnie Wing-Yee

2009-08-27T23:59:59.000Z

135

Information flow for secure distributed applications  

E-Print Network [OSTI]

Private and confidential information is increasingly stored online and increasingly being exposed due to human errors as well as malicious attacks. Information leaks threaten confidentiality, lead to lawsuits, damage ...

Cheng, Winnie Wing-Yee

2009-01-01T23:59:59.000Z

136

Adaptive security systems -- Combining expert systems with adaptive technologies  

SciTech Connect (OSTI)

The Adaptive Multisensor Integrated Security System (AMISS) uses a variety of computational intelligence techniques to reason from raw sensor data through an array of processing layers to arrive at an assessment for alarm/alert conditions based on human behavior within a secure facility. In this paper, the authors give an overview of the system and briefly describe some of the major components of the system. This system is currently under development and testing in a realistic facility setting.

Argo, P.; Loveland, R.; Anderson, K. [and others

1997-09-01T23:59:59.000Z

137

Vendor Information | Y-12 National Security Complex  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr MayAtmosphericNuclear SecurityTensile Strain Switched Ferromagnetism inS-4500IIVasudha Patri MechanicalofVehicles - ORNL

138

Page 10, Security Forms and Information  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr MayAtmosphericNuclear Security Administration the1 - September 2006 TheSteven Ashby Dr. Steven Para9EnvironmentalPage of 1 pages1 of

139

Processes in Securing Open Architecture Software Systems  

E-Print Network [OSTI]

, and development practices play in facilitating or constrain- ing these processes through the case study. Our/variants. We employ a case study focusing on an OA software system whose security must be continually sustained versus descriptive practice of these processes and tool usage in studies of conventional and open source

Scacchi, Walt

140

Comparison of Routable Control System Security Approaches  

SciTech Connect (OSTI)

This document is an supplement to the 'Secure and Efficient Routable Control Systems.' It addressed security in routable control system communication. The control system environment that monitors and manages the power grid historically has utilized serial communication mechanisms. Leased-line serial communication environments operating at 1200 to 9600 baud rates are common. However, recent trends show that communication media such as fiber, optical carrier 3 (OC-3) speeds, mesh-based high-speed wireless, and the Internet are becoming the media of choice. In addition, a dichotomy has developed between the electrical transmission and distribution environments, with more modern communication infrastructures deployed by transmission utilities. The preceding diagram represents a typical control system. The Communication Links cloud supports all of the communication mechanisms a utility might deploy between the control center and devices in the field. Current methodologies used for security implementations are primarily led by single vendors or standards bodies. However, these entities tend to focus on individual protocols. The result is an environment that contains a mixture of security solutions that may only address some communication protocols at an increasing operational burden for the utility. A single approach is needed that meets operational requirements, is simple to operate, and provides the necessary level of security for all control system communication. The solution should be application independent (e.g., Distributed Network Protocol/Internet Protocol [DNP/IP], International Electrotechnical Commission [IEC] C37.118, Object Linking and Embedding for Process Control [OPC], etc.) and focus on the transport layer. In an ideal setting, a well-designed suite of standards for control system communication will be used for vendor implementation and compliance testing. An expected outcome of this effort is an international standard.

Edgar, Thomas W.; Hadley, Mark D.; Carroll, Thomas E.; Manz, David O.; Winn, Jennifer D.

2011-06-01T23:59:59.000Z

Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


141

Safeguards and Security Systems | ornl.gov  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr MayAtmosphericNuclear Security Administration the1 -the Mid-Infrared0 ResourceAwardsSafeguards and Security Systems SHARE Safeguards

142

Int. J. Information and Computer Security, Vol. 4, No. 4, 2011 365 Copyright 2011 Inderscience Enterprises Ltd.  

E-Print Network [OSTI]

one of the business process security leitmotifs. It defines a mechanism that bridges the gap between workflow and access control systems. Delegation completion and authorisation enforcement are specified in workflow management systems', Int. J. Information and Computer Security, Vol. 4, No. 4, pp.365

Paris-Sud XI, Université de

143

INFORMATION TECHNOLOGY SECURITY SERVICES: HOW TO  

E-Print Network [OSTI]

management procedures that are applied through out the System Development Life Cycle (SDLC). This same

144

Control Systems Cyber Security:Defense in Depth Strategies  

SciTech Connect (OSTI)

Information infrastructures across many public and private domains share several common attributes regarding IT deployments and data communications. This is particularly true in the control systems domain. A majority of the systems use robust architectures to enhance business and reduce costs by increasing the integration of external, business, and control system networks. However, multi-network integration strategies often lead to vulnerabilities that greatly reduce the security of an organization, and can expose mission-critical control systems to cyber threats. This document provides guidance and direction for developing ‘defense-in-depth’ strategies for organizations that use control system networks while maintaining a multi-tier information architecture that requires: Maintenance of various field devices, telemetry collection, and/or industrial-level process systems Access to facilities via remote data link or modem Public facing services for customer or corporate operations A robust business environment that requires connections among the control system domain, the external Internet, and other peer organizations.

David Kuipers; Mark Fabro

2006-05-01T23:59:59.000Z

145

Control Systems Cyber Security: Defense-in-Depth Strategies  

SciTech Connect (OSTI)

Information infrastructures across many public and private domains share several common attributes regarding IT deployments and data communications. This is particularly true in the control systems domain. A majority of the systems use robust architectures to enhance business and reduce costs by increasing the integration of external, business, and control system networks. However, multi-network integration strategies often lead to vulnerabilities that greatly reduce the security of an organization, and can expose mission-critical control systems to cyber threats. This document provides guidance and direction for developing ‘defense-in-depth’ strategies for organizations that use control system networks while maintaining a multi-tier information architecture that requires: • Maintenance of various field devices, telemetry collection, and/or industrial-level process systems • Access to facilities via remote data link or modem • Public facing services for customer or corporate operations • A robust business environment that requires connections among the control system domain, the external Internet, and other peer organizations.

Mark Fabro

2007-10-01T23:59:59.000Z

146

ITL Bulletins are published by the Information Technology Laboratory  

E-Print Network [OSTI]

Security Considerations in the Information System Development Life Cycle, December 2003 Computer Security

147

Security of Foreign Intelligence Information and Sensitive Compartmented Information Facilities  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The order establishes responsibilities and authorities for protecting Foreign Intelligence Information (FII) and Sensitive Compartmented Information Facilities (SCIFs) within DOE. Cancels DOE 5639.8.

1993-07-23T23:59:59.000Z

148

Roadmap: Computer Science Information Security -Bachelor of Science  

E-Print Network [OSTI]

Roadmap: Computer Science ­ Information Security -Bachelor of Science [AS-BS-CS-INSE] College of Arts and Sciences Department of Computer Science Catalog Year: 2012­2013 Page 1 of 2 | Last Updated: 3 Major GPA Important Notes Semester One: [16 Credit Hours] CS 13001 Computer Science I: Programming

Sheridan, Scott

149

Finance, IT Operations& InformationSecurity Dear Colleagues,  

E-Print Network [OSTI]

-examine collectively the customer service aspect of our grant and contract management. A dozen SEAS members, including, is Information Technology. While Indir has stepped into the role of Interim IT Director to keep the proverbial and to check out interesting tips about securing mobile devices and avoiding phishing scams. Harry Dumay, Ph

150

Office of the CISO, December 2010 Information Security Risk Advisory  

E-Print Network [OSTI]

Office of the CISO, December 2010 Information Security Risk Advisory Web Browsing Software attacks that exploit web browsers (e.g., Internet Explorer, Firefox, Safari, Chrome, Opera) are on the rise. Cyber criminals frequently attack web browsers to take control of computers, delete files, steal personally

Queitsch, Christine

151

Improving Energy Efficiency and Security for Disk Systems  

E-Print Network [OSTI]

optimization with security services to enhance the security of energy-efficient large- scale storage systems, to conserve energy in secure storage systems. In this study we develop two ways of integrating confidentiality power consumption are crucial for large-scale data storage systems. Although a handful of studies have

Qin, Xiao

152

Control Systems Security Test Center - FY 2004 Program Summary  

SciTech Connect (OSTI)

In May 2004, the US-CERT Control Systems Security Center (CSSC) was established at Idaho National Laboratory to execute assessment activities to reduce the vulnerability of the nation’s critical infrastructure control systems to terrorist attack. The CSSC implements a program to accomplish the five goals presented in the US-CERT National Strategy for Control Systems Security. This report summarizes the first year funding of startup activities and program achievements that took place in FY 2004 and early FY 2005. This document was prepared for the US-CERT Control Systems Security Center of the National Cyber Security Division of the Department of Homeland Security (DHS). DHS has been tasked under the Homeland Security Act of 2002 to coordinate the overall national effort to enhance the protection of the national critical infrastructure. Homeland Security Presidential Directive HSPD-7 directs federal departments to identify and prioritize the critical infrastructure and protect it from terrorist attack. The US-CERT National Strategy for Control Systems Security was prepared by the National Cyber Security Division to address the control system security component addressed in the National Strategy to Secure Cyberspace and the National Strategy for the Physical Protection of Critical Infrastructures and Key Assets. The US-CERT National Strategy for Control Systems Security identified five high-level strategic goals for improving cyber security of control systems.

Robert E. Polk; Alen M. Snyder

2005-04-01T23:59:59.000Z

153

Ultra Safe And Secure Blasting System  

SciTech Connect (OSTI)

The Ultra is a blasting system that is designed for special applications where the risk and consequences of unauthorized demolition or blasting are so great that the use of an extraordinarily safe and secure blasting system is justified. Such a blasting system would be connected and logically welded together through digital code-linking as part of the blasting system set-up and initialization process. The Ultra's security is so robust that it will defeat the people who designed and built the components in any attempt at unauthorized detonation. Anyone attempting to gain unauthorized control of the system by substituting components or tapping into communications lines will be thwarted in their inability to provide encrypted authentication. Authentication occurs through the use of codes that are generated by the system during initialization code-linking and the codes remain unknown to anyone, including the authorized operator. Once code-linked, a closed system has been created. The system requires all components connected as they were during initialization as well as a unique code entered by the operator for function and blasting.

Hart, M M

2009-07-27T23:59:59.000Z

154

Service Oriented Architecture in Network Security - a novel Organisation in Security Systems  

E-Print Network [OSTI]

Current network security systems are a collection of various security components, which are directly installed in the operating system. These check the whole node for suspicious behaviour. Armouring intrusions e.g. have the ability to hide themselves from being checked. We present in this paper an alternative organisation of security systems. The node is completely virtualized with current virtualization systems so that the operating system with applications and the security system is distinguished. The security system then checks the node from outside and the right security components are provided through a service oriented architecture. Due to the running in a virtual machine, the infected nodes can be halted, duplicated, and moved to other nodes for further analysis and legal aspects. This organisation is in this article analysed and a preliminary implementation showing promising results are discussed.

Hilker, Michael

2008-01-01T23:59:59.000Z

155

Contact Information | National Nuclear Security Administration  

National Nuclear Security Administration (NNSA)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "ofEarlyEnergyDepartment ofDepartmentStewardshipAdministration helps|STEMChernobylMarchInformation |

156

Area Information | Y-12 National Security Complex  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May JunDatastreamsmmcrcalgovInstrumentsruc DocumentationP-Series to someone by E-mailRadioimmunotherapyArchiveAre Earths Rare?Information

157

Transforming our information systems  

E-Print Network [OSTI]

Transforming our information systems and technology Information Systems Development Framework #12 university. In support of this position we are transforming our information systems, servicesDonald Principal and Vice-Chancellor #12;Strategy for transformation Tactical Delivering the services and tools our

Strathclyde, University of

158

Quantitative information-flow tracking for real systems  

E-Print Network [OSTI]

An information-flow security policy constrains a computer system's end-to-end use of information, even as it is transformed in computation. For instance, a policy would not just restrict what secret data could be revealed ...

McCamant, Stephen

2008-01-01T23:59:59.000Z

159

Secure quantum private information retrieval using phase-encoded queries  

E-Print Network [OSTI]

We propose a quantum solution to the classical private information retrieval (PIR) problem, which allows one to query a database in a private manner. The protocol offers privacy thresholds and allows the user to obtain information from a database in a way that offers the potential adversary, in this model the database owner, no possibility of deterministically establishing the query contents. This protocol may also be viewed as a solution to the symmetrically private information retrieval problem in that it can offer database security (inability for a querying user to steal its contents). Compared to classical solutions, the protocol offers substantial improvement in terms of communication complexity. In comparison with the recent quantum private queries {[}Phys. Rev. Lett. 100, 230502 (2008)] protocol, it is more efficient in terms of communication complexity and the number of rounds, while offering a clear privacy parameter. We discuss the security of the protocol and analyze its strengths and conclude that...

Olejnik, L

2011-01-01T23:59:59.000Z

160

Quantifying and managing the risk of information security breaches participants in a supply chain  

E-Print Network [OSTI]

Technical integration between companies can result in an increased risk of information security breaches. This thesis proposes a methodology for quantifying information security risk to a supply chain participant. Given a ...

Bellefeuille, Cynthia Lynn

2005-01-01T23:59:59.000Z

Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


161

ETSU Door Locking Security Systems September 28, 2005  

E-Print Network [OSTI]

security plans. They are: 1. Key System ­ This door lock and key system is managed by the Key Control Shop

Karsai, Istvan

162

Automated Information System (AIS) Alarm System  

SciTech Connect (OSTI)

The Automated Information Alarm System is a joint effort between Los Alamos National Laboratory, Lawrence Livermore National Laboratory, and Sandia National Laboratory to demonstrate and implement, on a small-to-medium sized local area network, an automated system that detects and automatically responds to attacks that use readily available tools and methodologies. The Alarm System will sense or detect, assess, and respond to suspicious activities that may be detrimental to information on the network or to continued operation of the network. The responses will allow stopping, isolating, or ejecting the suspicious activities. The number of sensors, the sensitivity of the sensors, the assessment criteria, and the desired responses may be set by the using organization to meet their local security policies.

Hunteman, W.

1997-05-01T23:59:59.000Z

163

The 5 Waves of Information Security From Kristian Beckman to the Present  

E-Print Network [OSTI]

The 5 Waves of Information Security ­ From Kristian Beckman to the Present Prof SH (Basie) von to the present time. The paper makes use of two papers by the author, Information Security ­ the Third Wave (von Solms, 2000) and Information Security ­ the Fourth Wave (von Solms, 2006), as well as a paper

Boyer, Edmond

164

Credit Leona Securities Asia CLSA UK | Open Energy Information  

Open Energy Info (EERE)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Office of InspectorConcentratingRenewable Solutions LLC Jump to:InformationCrandall, Texas:Credit Leona Securities

165

Information extraction system  

DOE Patents [OSTI]

An information extraction system and methods of operating the system are provided. In particular, an information extraction system for performing meta-extraction of named entities of people, organizations, and locations as well as relationships and events from text documents are described herein.

Lemmond, Tracy D; Hanley, William G; Guensche, Joseph Wendell; Perry, Nathan C; Nitao, John J; Kidwell, Paul Brandon; Boakye, Kofi Agyeman; Glaser, Ron E; Prenger, Ryan James

2014-05-13T23:59:59.000Z

166

University of London International Academy MSc/PG Dip in Information Security  

E-Print Network [OSTI]

a computing system secure. This process starts with defining the proper security requirements, which system level. In order to understand these security controls we need to describe some background material systems will be examined as well as security related issues of computer architecture. Specific well

Royal Holloway, University of London

167

Security  

Broader source: Energy.gov [DOE]

Security refers to the security of the stream of principal and interest repayments and what happens in the event that a secured loan defaults.

168

An Adaptive Policy for Improved Timeliness in Secure Database Systems  

E-Print Network [OSTI]

An Adaptive Policy for Improved Timeliness in Secure Database Systems Sang H. Son * , Rasikan David. Multilevel security requirements introduce a new dimension to transaction processing in real­time database Timeliness, concurrency control, two­phase locking, non­interference, security, miss percentage 1

Son, Sang H.

169

Uni ed Support for Heterogeneous Security Policies in Distributed Systems  

E-Print Network [OSTI]

Uni ed Support for Heterogeneous Security Policies in Distributed Systems Naftaly H. Minsky in this paper a security mechanism that can support e ciently, and in a uni ed manner, a wide range of security policies are de ned formallyandexplicitly,and are enforced bya uni ed mechanism. Each policy under

Minsky, Naftaly

170

Cyber-Physical Systems Security for Smart Grid  

E-Print Network [OSTI]

Cyber-Physical Systems Security for Smart Grid Future Grid Initiative White Paper Power Systems-Physical Systems Security for Smart Grid Prepared for the Project "The Future Grid to Enable Sustainable Energy as one of nine white papers in the project "The Future Grid to Enable Sustainable Energy Systems

171

A Hierarchical Security Architecture for Cyber-Physical Systems  

SciTech Connect (OSTI)

Security of control systems is becoming a pivotal concern in critical national infrastructures such as the power grid and nuclear plants. In this paper, we adopt a hierarchical viewpoint to these security issues, addressing security concerns at each level and emphasizing a holistic cross-layer philosophy for developing security solutions. We propose a bottom-up framework that establishes a model from the physical and control levels to the supervisory level, incorporating concerns from network and communication levels. We show that the game-theoretical approach can yield cross-layer security strategy solutions to the cyber-physical systems.

Quanyan Zhu; Tamer Basar

2011-08-01T23:59:59.000Z

172

Help for the Developers of Control System Cyber Security Standards  

SciTech Connect (OSTI)

A Catalog of Control Systems Security: Recommendations for Standards Developers (Catalog), aimed at assisting organizations to facilitate the development and implementation of control system cyber security standards, has been developed. This catalog contains requirements that can help protect control systems from cyber attacks and can be applied to the Critical Infrastructures and Key Resources of the United States and other nations. The requirements contained in the catalog are a compilation of practices or various industry bodies used to increase the security of control systems from both physical and cyber attacks. They should be viewed as a collection of recommendations to be considered and judiciously employed, as appropriate, when reviewing and developing cyber security standards for control systems. The recommendations in the Catalog are intended to be broad enough to provide any industry using control systems the flexibility needed to develop sound cyber security standards specific to their individual security requirements.

Robert P. Evans

2008-05-01T23:59:59.000Z

173

Control System Applicable Use Assessment of the Secure Computing Corporation - Secure Firewall (Sidewinder)  

SciTech Connect (OSTI)

Battelle’s National Security & Defense objective is, “applying unmatched expertise and unique facilities to deliver homeland security solutions. From detection and protection against weapons of mass destruction to emergency preparedness/response and protection of critical infrastructure, we are working with industry and government to integrate policy, operational, technological, and logistical parameters that will secure a safe future”. In an ongoing effort to meet this mission, engagements with industry that are intended to improve operational and technical attributes of commercial solutions that are related to national security initiatives are necessary. This necessity will ensure that capabilities for protecting critical infrastructure assets are considered by commercial entities in their development, design, and deployment lifecycles thus addressing the alignment of identified deficiencies and improvements needed to support national cyber security initiatives. The Secure Firewall (Sidewinder) appliance by Secure Computing was assessed for applicable use in critical infrastructure control system environments, such as electric power, nuclear and other facilities containing critical systems that require augmented protection from cyber threat. The testing was performed in the Pacific Northwest National Laboratory’s (PNNL) Electric Infrastructure Operations Center (EIOC). The Secure Firewall was tested in a network configuration that emulates a typical control center network and then evaluated. A number of observations and recommendations are included in this report relating to features currently included in the Secure Firewall that support critical infrastructure security needs.

Hadley, Mark D.; Clements, Samuel L.

2009-01-01T23:59:59.000Z

174

'Known Secure Sensor Measurements' for Critical Infrastructure Systems: Detecting Falsification of System State  

SciTech Connect (OSTI)

This paper describes a first investigation on a low cost and low false alarm, reliable mechanism for detecting manipulation of critical physical processes and falsification of system state. We call this novel mechanism Known Secure Sensor Measurements (KSSM). The method moves beyond analysis of network traffic and host based state information, in fact it uses physical measurements of the process being controlled to detect falsification of state. KSSM is intended to be incorporated into the design of new, resilient, cost effective critical infrastructure control systems. It can also be included in incremental upgrades of already in- stalled systems for enhanced resilience. KSSM is based on known secure physical measurements for assessing the likelihood of an attack and will demonstrate a practical approach to creating, transmitting, and using the known secure measurements for detection.

Miles McQueen; Annarita Giani

2011-09-01T23:59:59.000Z

175

IBM Internet Security Systems Threat Insight Monthly  

E-Print Network [OSTI]

the Report 01 Keylogging, by the numbers 02 Securing the Secure Shell ­ Advanced user authentication and key Page 1 #12;Keylogging, by the numbers Introduction During the course of malware analysis, especially

176

On Cyber Security for Networked Control Systems  

E-Print Network [OSTI]

J. [2004], Low-latency cryptographic protection for SCADAlatency high-integrity security retrofit for lecacy SCADA

Amin, Saurabh

2011-01-01T23:59:59.000Z

177

Securing Distributed Storage: Challenges, Techniques, and Systems  

E-Print Network [OSTI]

important security issues related to storage and present a comprehensive survey of the security services, present a critical review of the existing solutions, compare them, and highlight potential research issues time, recent trends in data outsourcing have raised many new privacy issues making security a crucial

Kim, Dae-Shik

178

Secure quantum private information retrieval using phase-encoded queries  

SciTech Connect (OSTI)

We propose a quantum solution to the classical private information retrieval (PIR) problem, which allows one to query a database in a private manner. The protocol offers privacy thresholds and allows the user to obtain information from a database in a way that offers the potential adversary, in this model the database owner, no possibility of deterministically establishing the query contents. This protocol may also be viewed as a solution to the symmetrically private information retrieval problem in that it can offer database security (inability for a querying user to steal its contents). Compared to classical solutions, the protocol offers substantial improvement in terms of communication complexity. In comparison with the recent quantum private queries [Phys. Rev. Lett. 100, 230502 (2008)] protocol, it is more efficient in terms of communication complexity and the number of rounds, while offering a clear privacy parameter. We discuss the security of the protocol and analyze its strengths and conclude that using this technique makes it challenging to obtain the unconditional (in the information-theoretic sense) privacy degree; nevertheless, in addition to being simple, the protocol still offers a privacy level. The oracle used in the protocol is inspired both by the classical computational PIR solutions as well as the Deutsch-Jozsa oracle.

Olejnik, Lukasz [CERN, 1211 Geneva 23, Switzerland and Poznan Supercomputing and Networking Center, Noskowskiego 12/14, PL-61-704 Poznan (Poland)

2011-08-15T23:59:59.000Z

179

Environmental geographic information system.  

SciTech Connect (OSTI)

This document describes how the Environmental Geographic Information System (EGIS) was used, along with externally received data, to create maps for the Site-Wide Environmental Impact Statement (SWEIS) Source Document project. Data quality among the various classes of geographic information system (GIS) data is addressed. A complete listing of map layers used is provided.

Peek, Dennis; Helfrich, Donald Alan; Gorman, Susan

2010-08-01T23:59:59.000Z

180

DOE and Industry Showcase New Control Systems Security Technologies...  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

to design a secure, networked control systems architecture. The project is led by Siemens Corporate Research in partnership with Rutgers University, Siemens Energy, and the...

Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


181

A Summary of Control System Security Standards Activities in...  

Broader source: Energy.gov (indexed) [DOE]

sector standards, guidelines, and technical reports, demonstrating standards coverage by security topic. This work focuses on control systems standards applicable to the energy...

182

UMBC Policy # X-1.00.02 Page 1 of 3 UMBC INFORMATION TECHNOLOGY SECURITY POLICY  

E-Print Network [OSTI]

UMBC Policy # X-1.00.02 Page 1 of 3 UMBC INFORMATION TECHNOLOGY SECURITY POLICY UMBC Policy # X-1.00.02 I. POLICY STATEMENT UMBC's Information Technology (IT) Security Policy is the basis to its IT resources. II. PURPOSE FOR POLICY The purpose of this policy is to establish an IT security

Adali, Tulay

183

The Consequences of Decentralized Security in a Cooperative Storage System  

E-Print Network [OSTI]

The Consequences of Decentralized Security in a Cooperative Storage System Douglas Thain and Engineering University of Notre Dame Abstract Traditional storage systems have considered security trusts the de- cision made elsewhere. However, as storage systems be- come ever more distributed, shared

Thain, Douglas

184

Cyber-Physical Systems Security for Smart Grid  

E-Print Network [OSTI]

Cyber-Physical Systems Security for Smart Grid Future Grid Initiative White Paper Power Systems-Physical Systems Security for Smart Grid Prepared for the Project "The Future Grid to Enable Sustainable Energy Acknowledgements This white paper was developed as one of nine white papers in the project "The Future Grid

185

Voluntary Disclosure and Information Asymmetry: Evidence from the 2005 Securities Offering Reform  

E-Print Network [OSTI]

In 2005, the Securities and Exchange Commission enacted the Securities Offering Reform (Reform), which relaxes “gun-jumping” restrictions, thereby allowing firms to more freely disclose information before equity offerings. ...

SHROFF, NEMIT

186

Proceedings of the 7th World Conference on Information Security Education  

E-Print Network [OSTI]

Proceedings of the 7th World Conference on Information Security Education 9-10 June 2011, Lucerne, Lucerne, Switzerland ISBN: 1-933510-94-3 © IFIP TC11.8 97 moment. Thus, the notion of security varies

Bishop, Matt

187

Evergreen Securities formerly Ethanol Investments | Open Energy Information  

Open Energy Info (EERE)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home5b9fcbce19 NoPublic Utilities Address:011-DNA Jump37. It isInformationexplains a4Evendale, Ohio: EnergySecurities formerly

188

Security guide for subcontractors  

SciTech Connect (OSTI)

This security guide of the Department of Energy covers contractor and subcontractor access to DOE and Mound facilities. The topics of the security guide include responsibilities, physical barriers, personnel identification system, personnel and vehicular access controls, classified document control, protecting classified matter in use, storing classified matter repository combinations, violations, security education clearance terminations, security infractions, classified information nondisclosure agreement, personnel security clearances, visitor control, travel to communist-controlled or sensitive countries, shipment security, and surreptitious listening devices.

Adams, R.C.

1991-01-01T23:59:59.000Z

189

GLOBAL SECURITY SYSTEMGLOBAL SECURITY SYSTEM FOR CONTAINERIZED COMMERCEFOR CONTAINERIZED COMMERCE  

E-Print Network [OSTI]

and mapped. ­ tools such as LTSA will be used to model the system and verify whether the specifications

Austin, Mark

190

MODELING SECURITY IN CYBER-PHYSICAL SYSTEMS  

E-Print Network [OSTI]

network at the Davis-Besse nuclear power plant in Oak Harbor, Ohio, was infected [39]. There have been the behavior of the adversary is controlled by a threat model that captures both the cyber aspects (with-physical systems, threat models, protocols for treaty verification. 1. Introduction The rapid growth of information

Burmester, Mike

191

Ideal Based Cyber Security Technical Metrics for Control Systems  

SciTech Connect (OSTI)

Much of the world's critical infrastructure is at risk from attack through electronic networks connected to control systems. Security metrics are important because they provide the basis for management decisions that affect the protection of the infrastructure. A cyber security technical metric is the security relevant output from an explicit mathematical model that makes use of objective measurements of a technical object. A specific set of technical security metrics are proposed for use by the operators of control systems. Our proposed metrics are based on seven security ideals associated with seven corresponding abstract dimensions of security. We have defined at least one metric for each of the seven ideals. Each metric is a measure of how nearly the associated ideal has been achieved. These seven ideals provide a useful structure for further metrics development. A case study shows how the proposed metrics can be applied to an operational control system.

W. F. Boyer; M. A. McQueen

2007-10-01T23:59:59.000Z

192

Aviation Safety + Security Program GLOBAL EXPERTS IN SAFETY MANAGEMENT SYSTEMS  

E-Print Network [OSTI]

2010- 2011 Aviation Safety + Security Program GLOBAL EXPERTS IN SAFETY MANAGEMENT SYSTEMS Relevance and currency -- that is what drives the Aviation Safety and Security Program of the USC Viterbi that our core course, Aviation Safety Management Systems, is so necessary in ensuring the safety

Wang, Hai

193

Applications for cyber security - System and application monitoring  

SciTech Connect (OSTI)

Standard network security measures are adequate for defense against external attacks. However, many experts agree that the greater threat is from internal sources. Insiders with malicious intentions can change controller instructions, change alarm thresholds, and issue commands to equipment which can damage equipment and compromise control system integrity. In addition to strict physical security the state of the system must be continually monitored. System and application monitoring goes beyond the capabilities of network security appliances. It will include active processes, operating system services, files, network adapters and IP addresses. The generation of alarms is a crucial feature of system and application monitoring. The alarms should be integrated to avoid the burden on operators of checking multiple locations for security violations. Tools for system and application monitoring include commercial software, free software, and ad-hoc tools that can be easily created. System and application monitoring is part of a 'defense-in-depth' approach to a control network security plan. Layered security measures prevent an individual security measure failure from being exploited into a successful security breach. Alarming of individual failures is essential for rapid isolation and correction of single failures. System and application monitoring is the innermost layer of this defense strategy. (authors)

Marron, J. E. [Invensys Process Systems, 33 Commercial Street, Foxboro, MA 02035 (United States)

2006-07-01T23:59:59.000Z

194

Chair of Information Systems IV (ERIS) Institute for Enterprise Systems (InES)  

E-Print Network [OSTI]

workarounds to fulfill daily tasks. Security concept for Enterprise Systems processing business critical data:Master Team Project: Adaptive Usage Control in Enterprise Systems Chair of Information Systems IV (Enterprise Definition and Motivation The Security Evolution Towards a Central Usage Control Policy Hub The Project

Mannheim, Universität

195

ITL BULLETIN FOR AUGUST 2010 ASSESSING THE EFFECTIVENESS OF SECURITY CONTROLS IN FEDERAL  

E-Print Network [OSTI]

discusses the process for assessing the security controls in organizational information systems that are implemented in federal information systems. The selection and assessment of appropriate security controls Controls in Federal Information Systems and Organizations: Building Effective Security Assessment Plans

196

On Building Secure SCADA Systems using Security Eduardo B. Fernandez  

E-Print Network [OSTI]

power generation plants and oil refineries often involve components that are geographically distributed. To continuously monitor and control the different sections of the plant in order to ensure its appropriate the concepts of SCADA systems, analyze the threats and vulnerabilities of these systems, and illustrate

Wu, Jie

197

Secure control systems with application to cyber-physical systems  

SciTech Connect (OSTI)

Control systems are computer-based systems with networked units consisting of sensors, actuators, control processing units, and communication devices. The role of control system is to interact, monitor, and control physical processes. Reactive power control is a fundamental issue in ensuring the security of the power network. It is claimed that Synchronous Condensers (SC) have been used at both distribution and transmission voltage levels to improve stability and to maintain voltages within desired limits under changing load conditions and contingency situations. Performance of PI controller corresponding to various tripping faults are analyzed for SC systems. Most of the eort in protecting these systems has been in protection against random failures or reliability. However, besides failures these systems are subject to various signal attacks for which new analysis are discussed here. When a breach does occur, it is necessary to react in a time commensurate with the physical dynamics of the system as it responds to the attack. Failure to act swiftly enough may result in undesirable, and possibly irreversible, physical eects. Therefore, it is meaningful to evaluate the security of a cyber-physical system, especially to protect it from cyber-attack. Illustrative numerical examples are provided together with an application to the SC systems.

Dong, Jin [ORNL] [ORNL; Djouadi, Seddik M [ORNL] [ORNL; Nutaro, James J [ORNL] [ORNL; Kuruganti, Phani Teja [ORNL] [ORNL

2014-01-01T23:59:59.000Z

198

Information Flow Control for Secure Web Sites Maxwell Norman Krohn  

E-Print Network [OSTI]

smaller, and configure the Web site's security policies. They need only change when the policy changes

199

Information-Theoretically Secure Communication Under Channel Uncertainty  

E-Print Network [OSTI]

. In addition, when the eavesdropper channel realization is strong, a prescribed part of the bits needs to remain secure. We call such codes security embedding codes, referring to the fact that high-security bits are now embedded into the low-security ones. We...

Ly, Hung Dinh

2012-07-16T23:59:59.000Z

200

Homeland Security Challenges Facing Small Water Systems in Texas  

E-Print Network [OSTI]

with small water systems to develop volun- tary assessments of the homeland security threats that they face. EPA provides assistance to small systems through education work- shops and seminars, reports and guidelines, and tutorials on CD. In 2005 EPA...

Dozier, Monty; Theodori, Gene L.; Jensen, Ricard

2007-05-31T23:59:59.000Z

Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


201

Privacy and Security Research Group workshop on network and distributed system security: Proceedings  

SciTech Connect (OSTI)

This report contains papers on the following topics: NREN Security Issues: Policies and Technologies; Layer Wars: Protect the Internet with Network Layer Security; Electronic Commission Management; Workflow 2000 - Electronic Document Authorization in Practice; Security Issues of a UNIX PEM Implementation; Implementing Privacy Enhanced Mail on VMS; Distributed Public Key Certificate Management; Protecting the Integrity of Privacy-enhanced Electronic Mail; Practical Authorization in Large Heterogeneous Distributed Systems; Security Issues in the Truffles File System; Issues surrounding the use of Cryptographic Algorithms and Smart Card Applications; Smart Card Augmentation of Kerberos; and An Overview of the Advanced Smart Card Access Control System. Selected papers were processed separately for inclusion in the Energy Science and Technology Database.

Not Available

1993-05-01T23:59:59.000Z

202

TEPS/BPA Information | National Nuclear Security Administration  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr MayAtmosphericNuclear Security AdministrationcontrollerNanocrystallineForeign Object DamageSystemsU.S. TALKS1 | E nergyTEPS/BPA

203

An Information Security Education Initiative for Engineering and Computer Science  

E-Print Network [OSTI]

and electronic commerce. These applications rely on a collection of switching systems, databases, network Science Board Task Force on Information Warfare { Defense (IW-D) 7]: The reality is that the vulnerability of the Department of Defense { and of the nation { to o ensive information warfare attack is largely a self

204

RT-Based Administrative Models for Community Cyber Security Information Sharing  

E-Print Network [OSTI]

RT-Based Administrative Models for Community Cyber Security Information Sharing Ravi Sandhu, Khalid Zaman Bijon, Xin Jin, and Ram Krishnan Institute for Cyber Security & Department of Computer Science Institute for Cyber Security & Department of Electrical and Computer Engineering University of Texas at San

Sandhu, Ravi

205

Information Security: The Human Perspective Kathleen M. Carley  

E-Print Network [OSTI]

, redundancy, cascade effects, organizational memory, organizational learning, information diffusion, changing), CASOS ­ the center for Computational Analysis of Social and Organizational Systems at Carnegie Mellon network and knowledge management approach to discovering organizational vulnerabilities within companies

Sadeh, Norman M.

206

Aviation Safety + Security Program GLOBAL EXPERTS IN SAFETY MANAGEMENT SYSTEMS  

E-Print Network [OSTI]

2011- 2012 Aviation Safety + Security Program GLOBAL EXPERTS IN SAFETY MANAGEMENT SYSTEMS of aviation safety. Endings signal new beginnings and new beginnings mean evolving challenges for safety. This was the world in which the USC Aviation Safety and Security Program was born in 1952 and this is the world

Wang, Hai

207

RECOMMENDED SECURITY CONTROLS FOR FEDERAL  

E-Print Network [OSTI]

May 2005 RECOMMENDED SECURITY CONTROLS FOR FEDERAL INFORMATION SYSTEMS: GUIDANCE FOR SELECTING COST-EFFECTIVE CONTROLS USING A RISK-BASED PROCESS Shirley Radack, Editor, Computer Security Division, Information-53, Recommended Security Controls for Federal Information Systems The basic questions that organizations should

208

COT 4930/5930 Security for infrastructure systems Critical infrastructure are the systems that support our everyday life and the Dept. of  

E-Print Network [OSTI]

which our normal life is not possible. This information is embodied in a process control system (PCS Infrastructure. Features and requirements. Standards. Requirements. Process control systems, information systemsCOT 4930/5930 Security for infrastructure systems Critical infrastructure are the systems

Richman, Fred

209

Process Control System Cyber Security Standards - An Overview  

SciTech Connect (OSTI)

The use of cyber security standards can greatly assist in the protection of process control systems by providing guidelines and requirements for the implementation of computer-controlled systems. These standards are most effective when the engineers and operators, using the standards, understand what each standard addresses. This paper provides an overview of several standards that deal with the cyber security of process measurements and control systems.

Robert P. Evans

2006-05-01T23:59:59.000Z

210

Applying New Network Security Technologies to SCADA Systems.  

SciTech Connect (OSTI)

Supervisory Control and Data Acquisition (SCADA) systems for automation are very important for critical infrastructure and manufacturing operations. They have been implemented to work in a number of physical environments using a variety of hardware, software, networking protocols, and communications technologies, often before security issues became of paramount concern. To offer solutions to security shortcomings in the short/medium term, this project was to identify technologies used to secure %22traditional%22 IT networks and systems, and then assess their efficacy with respect to SCADA systems. These proposed solutions must be relatively simple to implement, reliable, and acceptable to SCADA owners and operators. 4This page intentionally left blank.

Hurd, Steven A.; Stamp, Jason E. [Sandia National Laboratories, Albuquerque, NM] [Sandia National Laboratories, Albuquerque, NM; Duggan, David P. [Sandia National Laboratories, Albuquerque, NM] [Sandia National Laboratories, Albuquerque, NM; Chavez, Adrian R. [Sandia National Laboratories, Albuquerque, NM] [Sandia National Laboratories, Albuquerque, NM

2006-11-01T23:59:59.000Z

211

Measurable Control System Security through Ideal Driven Technical Metrics  

SciTech Connect (OSTI)

The Department of Homeland Security National Cyber Security Division supported development of a small set of security ideals as a framework to establish measurable control systems security. Based on these ideals, a draft set of proposed technical metrics was developed to allow control systems owner-operators to track improvements or degradations in their individual control systems security posture. The technical metrics development effort included review and evaluation of over thirty metrics-related documents. On the bases of complexity, ambiguity, or misleading and distorting effects the metrics identified during the reviews were determined to be weaker than necessary to aid defense against the myriad threats posed by cyber-terrorism to human safety, as well as to economic prosperity. Using the results of our metrics review and the set of security ideals as a starting point for metrics development, we identified thirteen potential technical metrics - with at least one metric supporting each ideal. Two case study applications of the ideals and thirteen metrics to control systems were then performed to establish potential difficulties in applying both the ideals and the metrics. The case studies resulted in no changes to the ideals, and only a few deletions and refinements to the thirteen potential metrics. This led to a final proposed set of ten core technical metrics. To further validate the security ideals, the modifications made to the original thirteen potential metrics, and the final proposed set of ten core metrics, seven separate control systems security assessments performed over the past three years were reviewed for findings and recommended mitigations. These findings and mitigations were then mapped to the security ideals and metrics to assess gaps in their coverage. The mappings indicated that there are no gaps in the security ideals and that the ten core technical metrics provide significant coverage of standard security issues with 87% coverage. Based on the two case studies and evaluation of the seven assessments, the security ideals demonstrated their value in guiding security thinking. Further, the final set of core technical metrics has been demonstrated to be both usable in the control system environment and provide significant coverage of standard security issues.

Miles McQueen; Wayne Boyer; Sean McBride; Marie Farrar; Zachary Tudor

2008-01-01T23:59:59.000Z

212

Cyber Security Testing and Training Programs for Industrial Control Systems  

SciTech Connect (OSTI)

Service providers rely on industrial control systems (ICS) to manage the flow of water at dams, open breakers on power grids, control ventilation and cooling in nuclear power plants, and more. In today's interconnected environment, this can present a serious cyber security challenge. To combat this growing challenge, government, private industry, and academia are working together to reduce cyber risks. The Idaho National Laboratory (INL) is a key contributor to the Department of Energy National SCADA Test Bed (NSTB) and the Department of Homeland Security (DHS) Control Systems Security Program (CSSP), both of which focus on improving the overall security posture of ICS in the national critical infrastructure. In support of the NSTB, INL hosts a dedicated SCADA testing facility which consists of multiple control systems supplied by leading national and international manufacturers. Within the test bed, INL researchers systematically examine control system components and work to identify vulnerabilities. In support of the CSSP, INL develops and conducts training courses which are designed to increase awareness and defensive capabilities for IT/Control System professionals. These trainings vary from web-based cyber security trainings for control systems engineers to more advanced hands-on training that culminates with a Red Team/ Blue Team exercise that is conducted within an actual control systems environment. INL also provides staffing and operational support to the DHS Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) Security Operations Center which responds to and analyzes control systems cyber incidents across the 18 US critical infrastructure sectors.

Daniel Noyes

2012-03-01T23:59:59.000Z

213

SESSION: CYBER-PHYSICAL SYSTEM SECURITY IN A SMART GRID ENVIROMENT 1 Cyber-Security of SCADA Systems  

E-Print Network [OSTI]

SESSION: CYBER-PHYSICAL SYSTEM SECURITY IN A SMART GRID ENVIROMENT 1 Cyber-Security of SCADA of the power network. From another perspective the authors of [7] attempted to quantify the impact of a cyber is to identify the vulnerabilities of these safety critical infrastruc- tures, determine the impact that possible

Johansson, Karl Henrik

214

Comprehensive test ban treaty international monitoring system security threats and proposed security attributes  

SciTech Connect (OSTI)

To monitor compliance with a Comprehensive Test Ban Treaty (CTBT), a sensing network, referred to as the International Monitoring System (IMS), is being deployed. Success of the IMS depends on both its ability to preform its function and the international community`s confidence in the system. To ensure these goals, steps must be taken to secure the system against attacks that would undermine it; however, it is not clear that consensus exists with respect to the security requirements that should be levied on the IMS design. In addition, CTBT has not clearly articulated what threats it wishes to address. This paper proposes four system-level threats that should drive IMS design considerations, identifies potential threat agents, and collects into one place the security requirements that have been suggested by various elements of the IMS community. For each such requirement, issues associated with the requirement are identified and rationale for the requirement is discussed.

Draelos, T.J.; Craft, R.L.

1996-03-01T23:59:59.000Z

215

Security Requirements for Classified Automatic Data Processing Systems  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

To establish and describe the computer security program for classified automatic data processing (ADP) systems at the Department of Energy (DOE) Headquarters. This directive does not cancel another directive. Canceled by DOE N 251.9.

1985-07-10T23:59:59.000Z

216

Roadmap to Secure Control Systems in the Energy Sector 2006 ...  

Broader source: Energy.gov (indexed) [DOE]

2006 - Presentation to the 2008 ieRoadmap Workshop Roadmap to Secure Control Systems in the Energy Sector 2006 - Presentation to the 2008 ieRoadmap Workshop Presentation by Hank...

217

Run-Time Security Traceability for Evolving Systems1  

E-Print Network [OSTI]

, integrity, authentication and others) and security assumptions on the system environment, can be specified applications (e.g., at BMW [5] and O2 (Germany) [6]). However, it is not enough that the specification

Jurjens, Jan

218

Efficient Private Information Retrieval Using Secure Xiangyao Yu, Christopher W. Fletcher  

E-Print Network [OSTI]

attention from the cryptography and security communities. Two main approaches to solve PIR have appearedEfficient Private Information Retrieval Using Secure Hardware Xiangyao Yu, Christopher W. Fletcher, marten, devadas}@mit.edu ABSTRACT Existing crypto-based Private Information Retrieval (PIR) schemes

Gummadi, Ramakrishna

219

Information encoder/decoder using chaotic systems  

DOE Patents [OSTI]

The present invention discloses a chaotic system-based information encoder and decoder that operates according to a relationship defining a chaotic system. Encoder input signals modify the dynamics of the chaotic system comprising the encoder. The modifications result in chaotic, encoder output signals that contain the encoder input signals encoded within them. The encoder output signals are then capable of secure transmissions using conventional transmission techniques. A decoder receives the encoder output signals (i.e., decoder input signals) and inverts the dynamics of the encoding system to directly reconstruct the original encoder input signals. 32 figs.

Miller, S.L.; Miller, W.M.; McWhorter, P.J.

1997-10-21T23:59:59.000Z

220

Information encoder/decoder using chaotic systems  

DOE Patents [OSTI]

The present invention discloses a chaotic system-based information encoder and decoder that operates according to a relationship defining a chaotic system. Encoder input signals modify the dynamics of the chaotic system comprising the encoder. The modifications result in chaotic, encoder output signals that contain the encoder input signals encoded within them. The encoder output signals are then capable of secure transmissions using conventional transmission techniques. A decoder receives the encoder output signals (i.e., decoder input signals) and inverts the dynamics of the encoding system to directly reconstruct the original encoder input signals.

Miller, Samuel Lee (Albuquerque, NM); Miller, William Michael (Tijeras, NM); McWhorter, Paul Jackson (Albuquerque, NM)

1997-01-01T23:59:59.000Z

Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


221

A Review of the Security of Insulin Pump Infusion Systems  

SciTech Connect (OSTI)

Insulin therapy has enabled diabetic patients to maintain blood glucose control to lead healthier lives. Today, rather than manually injecting insulin using syringes, a patient can use a device, such as an insulin pump, to programmatically deliver insulin. This allows for more granular insulin delivery while attaining blood glucose control. The insulin pump system features have increasingly benefited patients, but the complexity of the resulting system has grown in parallel. As a result security breaches that can negatively affect patient health are now possible. Rather than focus on the security of a single device, we concentrate on protecting the security of the entire system. In this paper we describe the security issues as they pertain to an insulin pump system that includes an embedded system of components including the insulin pump, continuous glucose management system, blood glucose monitor, and other associated devices (e.g., a mobile phone or personal computer). We detail not only the growing wireless communication threat in each system component, but we also describe additional threats to the system (e.g., availability and integrity). Our goal is to help create a trustworthy infusion pump system that will ultimately strengthen pump safety, and we describe mitigating solutions to address identified security issues both for now and in the future.

Klonoff, David C. [Mills-Peninsula Health Services; Paul, Nathanael R [ORNL; Kohno, Tadayoshi [University of Washington, Seattle

2011-01-01T23:59:59.000Z

222

A secure email login system using virtual password  

E-Print Network [OSTI]

In today's world password compromise by some adversaries is common for different purpose. In ICC 2008 Lei et al. proposed a new user authentication system based on the virtual password system. In virtual password system they have used linear randomized function to be secure against identity theft attacks, phishing attacks, keylogging attack and shoulder surfing system. In ICC 2010 Li's given a security attack on the Lei's work. This paper gives modification on Lei's work to prevent the Li's attack with reducing the server overhead. This paper also discussed the problems with current password recovery system and gives the better approach.

Doshi, Nishant

2010-01-01T23:59:59.000Z

223

Senior Systems Engineer | National Nuclear Security Administration  

National Nuclear Security Administration (NNSA)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "ofEarlyEnergyDepartmentNational Nuclearhas 'Natitude'Security

224

December 2003 SECURITY CONSIDERATIONS  

E-Print Network [OSTI]

December 2003 SECURITY CONSIDERATIONS IN THE INFORMATION SYSTEM DEVELOPMENT LIFE CYCLE Shirley security early in the information system development life cycle (SDLC), you may be able to avoid higher and a generic system development life cycle for illustrative purposes, the basic con cepts can be applied

Perkins, Richard A.

225

Security Analysis and Project Management Systems | ornl.gov  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr MayAtmosphericNuclear Security Administrationcontroller systemsBi (2) SrEvaluating the Seasonalsw ' b 0 %Security andSecurity

226

Secure MISO Cognitive Radio System with Perfect and Imperfect CSI  

E-Print Network [OSTI]

Secure MISO Cognitive Radio System with Perfect and Imperfect CSI Taesoo Kwon, Vincent W.S. Wong eavesdrop on the primary link. This paper explores multiple-input single-output (MISO) CR systems where a multiple- input single-output (MISO) beamforming algorithm for the secondary system. However, it only

Wong, Vincent

227

Transmission Pricing of Distributed Multilateral Energy Transactions to Ensure System Security and Guide Economic Dispatch  

E-Print Network [OSTI]

Transmission Pricing of Distributed Multilateral Energy Transactions to Ensure System Security and Guide Economic Dispatch...

Ilic, Marija; Hsieh, Eric; Remanan, Prasad

2004-06-16T23:59:59.000Z

228

Security guide for subcontractors  

SciTech Connect (OSTI)

This guide is provided to aid in the achievement of security objectives in the Department of Energy (DOE) contractor/subcontractor program. The objectives of security are to protect information that, if released, would endanger the common defense and security of the nation and to safeguard plants and installations of the DOE and its contractors to prevent the interruption of research and production programs. The security objective and means of achieving the objective are described. Specific security measures discussed in this guide include physical barriers, personnel identification systems, personnel and vehicular access control, classified document control, protection of classified matter in use, storing classified matter, and repository combinations. Means of dealing with security violations and security infractions are described. Maintenance of a security education program is discussed. Also discussed are methods of handling clearance terminations, visitor control, travel to sensitive countries, and shipment security. The Technical Surveillance Countermeasures Program (TSCM), the Computer Security Program, and the Operations Security Plan (OPSEC) are examined.

Adams, R.C.

1993-06-01T23:59:59.000Z

229

Marine asset security and tracking (MAST) system  

DOE Patents [OSTI]

Methods and apparatus are described for marine asset security and tracking (MAST). A method includes transmitting identification data, location data and environmental state sensor data from a radio frequency tag. An apparatus includes a radio frequency tag that transmits identification data, location data and environmental state sensor data. Another method includes transmitting identification data and location data from a radio frequency tag using hybrid spread-spectrum modulation. Another apparatus includes a radio frequency tag that transmits both identification data and location data using hybrid spread-spectrum modulation.

Hanson, Gregory Richard (Clinton, TN); Smith, Stephen Fulton (Loudon, TN); Moore, Michael Roy (Corryton, TN); Dobson, Eric Lesley (Charleston, SC); Blair, Jeffrey Scott (Charleston, SC); Duncan, Christopher Allen (Marietta, GA); Lenarduzzi, Roberto (Knoxville, TN)

2008-07-01T23:59:59.000Z

230

Pressurized security barrier and alarm system  

DOE Patents [OSTI]

A security barrier for placement across a passageway is made up of interconnected pressurized tubing made up in a grid pattern with openings too small to allow passage. The tubing is connected to a pressure switch, located away from the barrier site, which activates an alarm upon occurrence of a pressure drop. A reinforcing bar is located inside and along the length of the tubing so as to cause the tubing to rupture and set off the alarm upon an intruder`s making an attempt to crimp and seal off a portion of the tubing by application of a hydraulic tool. Radial and rectangular grid patterns are disclosed. 7 figures.

Carver, D.W.

1995-04-11T23:59:59.000Z

231

Pressurized security barrier and alarm system  

DOE Patents [OSTI]

A security barrier for placement across a passageway is made up of interconnected pressurized tubing made up in a grid pattern with openings too small to allow passage. The tubing is connected to a pressure switch, located away from the barrier site, which activates an alarm upon occurrence of a pressure drop. A reinforcing bar is located inside and along the length of the tubing so as to cause the tubing to rupture and set off the alarm upon an intruder's making an attempt to crimp and seal off a portion of the tubing by application of a hydraulic tool. Radial and rectangular grid patterns are disclosed.

Carver, Don W. (Knoxville, TN)

1995-01-01T23:59:59.000Z

232

Integrated Security System | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "of EnergyEnergyENERGYWomentheATLANTA,Fermi NationalBusiness PlanPostingOctoberof Energy U.S.A security

233

Extracting Security Control Requirements University of Tulsa  

E-Print Network [OSTI]

-component systems or systems of systems (SoSs) are difficult to verify because the security controls must to formulate functional requirements from security controls with SoSs as the target. The process starts accepted security controls for "Federal Information Systems and Organizations" [8]. NIST defines security

Gamble, R. F.

234

INDUSTRIAL CONTROL SYSTEM CYBER SECURITY: QUESTIONS AND ANSWERS RELEVANT TO NUCLEAR FACILITIES, SAFEGUARDS AND SECURITY  

SciTech Connect (OSTI)

Typical questions surrounding industrial control system (ICS) cyber security always lead back to: What could a cyber attack do to my system(s) and; how much should I worry about it? These two leading questions represent only a fraction of questions asked when discussing cyber security as it applies to any program, company, business, or organization. The intent of this paper is to open a dialog of important pertinent questions and answers that managers of nuclear facilities engaged in nuclear facility security and safeguards should examine, i.e., what questions should be asked; and how do the answers affect an organization's ability to effectively safeguard and secure nuclear material. When a cyber intrusion is reported, what does that mean? Can an intrusion be detected or go un-noticed? Are nuclear security or safeguards systems potentially vulnerable? What about the digital systems employed in process monitoring, and international safeguards? Organizations expend considerable efforts to ensure that their facilities can maintain continuity of operations against physical threats. However, cyber threats particularly on ICSs may not be well known or understood, and often do not receive adequate attention. With the disclosure of the Stuxnet virus that has recently attacked nuclear infrastructure, many organizations have recognized the need for an urgent interest in cyber attacks and defenses against them. Several questions arise including discussions about the insider threat, adequate cyber protections, program readiness, encryption, and many more. These questions, among others, are discussed so as to raise the awareness and shed light on ways to protect nuclear facilities and materials against such attacks.

Robert S. Anderson; Mark Schanfein; Trond Bjornard; Paul Moskowitz

2011-07-01T23:59:59.000Z

235

Using Multiple Unmanned Systems for a Site Security Task  

SciTech Connect (OSTI)

Unmanned systems are often used to augment the ability of humans to perform challenging tasks. While the value of individual unmanned vehicles have been proven for a variety of tasks, it is less understood how multiple unmanned systems should be used together to accomplish larger missions such as site security. The purpose of this paper is to discuss efforts by researchers at the Idaho National Laboratory (INL) to explore the utility and practicality of operating multiple unmanned systems for a site security mission. This paper reviews the technology developed for a multi-agent mission and summarizes the lessons-learned from a technology demonstration.

Matthew O. Anderson; Curtis W. Nielsen; Mark D. McKay; Derek C. Wadsworth; Ryan C. Hruska; John A. Koudelka

2009-04-01T23:59:59.000Z

236

ISS-011, Vulnerability Assessment Standard 1/3 UCIT INFORMATION SECURITY STANDARDS  

E-Print Network [OSTI]

ISS-011, Vulnerability Assessment Standard 1/3 UCIT INFORMATION SECURITY STANDARDS Vulnerability Assessment Standard Rationale 1 To enable timely identification and mitigation of vulnerabilities and security flaws affecting computing devices within UofC's computing environment. Scope 2 2.1 This standard

Habib, Ayman

237

Economic Incentives of Providing Network Security Services Journal of Information Technology Management 1  

E-Print Network [OSTI]

Economic Incentives of Providing Network Security Services Journal of Information Technology Management 1 THE ECONOMIC INCENTIVES OF PROVIDING NETWORK SECURITY SERVICES ON THE INTERNET INFRASTRUCTURE Li in the economic incentives inherent in providing the defenses as well as uncertainty in current defenses. We

Sadeh, Norman M.

238

Proceedings of the 7 th World Conference on Information Security Education 910 June 2011, Lucerne, Switzerland  

E-Print Network [OSTI]

Proceedings of the 7 th World Conference on Information Security Education 9­10 June 2011, Lucerne, Lucerne, Switzerland ISBN: 1­933510­94­3 © IFIP TC11.8 97 moment. Thus, the notion of security varies

Bishop, Matt

239

Information Security Fortification by Ontological Mapping of the ISO/IEC 27001 Standard  

E-Print Network [OSTI]

Information Security Fortification by Ontological Mapping of the ISO/IEC 27001 Standard Stefan Fenz an ontology-based framework to improve the preparation of ISO/IEC 27001 audits, and to strengthen the security elaborate on how ISO/IEC 27001 artifacts can be inte- grated into this ontology. A basic introduction

240

Security-Constrained Adequacy Evaluation of Bulk Power System Reliability  

E-Print Network [OSTI]

Security-Constrained Adequacy Evaluation of Bulk Power System Reliability Fang Yang, Student Member contingency selection, (b) effects analysis, and (c) reliability index computation. Effects analysis and reliability index computations. The methodology is demonstrated with the IEEE reliability test system. Index

Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


241

Power System Security in Market Clearing and Dispatch Mechanisms  

E-Print Network [OSTI]

congestion" levels, which have a direct effect on market transactions and energy prices. Thus, when result in curtailment of power transactions and increased prices for most market participants. System1 Power System Security in Market Clearing and Dispatch Mechanisms Claudio A. Ca~nizares, Senior

Cañizares, Claudio A.

242

Truffles --Secure File Sharing With Minimal System Administrator Intervention  

E-Print Network [OSTI]

Truffles -- Secure File Sharing With Minimal System Administrator Intervention Peter Reiher Thomas sharing between arbitrary users at arbitrary sites connected by a network. Truffles is an interesting the potential of greatly increasing the workload of system administrators, if the services are not designed

California at Los Angeles, University of

243

AUDIO-VIDEO EVENT RECOGNITION SYSTEM FOR PUBLIC TRANSPORT SECURITY  

E-Print Network [OSTI]

AUDIO-VIDEO EVENT RECOGNITION SYSTEM FOR PUBLIC TRANSPORT SECURITY Van-Thinh Vu Quoc-Cuong Pham Keywords: audio-video surveillance, audio-video event, behavior analysis, event recognition. Abstract This paper presents an audio-video surveillance system for the automatic surveillance in public transport

Paris-Sud XI, Université de

244

Use of a hybrid technology in a critical security system.  

SciTech Connect (OSTI)

Assigning an acceptable level of power reliability in a security system environment requires a methodical approach to design when considering the alternatives tied to the reliability and life of the system. The downtime for a piece of equipment, be it for failure, routine maintenance, replacement, or refurbishment or connection of new equipment is a major factor in determining the reliability of the overall system. In addition to these factors is the condition where the system is static or dynamic in its growth. Most highly reliable security power source systems are supplied by utility power with uninterruptable power source (UPS) and generator backup. The combination of UPS and generator backup with a reliable utility typically provides full compliance to security requirements. In the energy market and from government agencies, there is growing pressure to utilize alternative sources of energy other than fossil fuel to increase the number of local generating systems to reduce dependence on remote generating stations and cut down on carbon effects to the environment. There are also conditions where a security system may be limited on functionality due to lack of utility power in remote locations. One alternative energy source is a renewable energy hybrid system including a photovoltaic or solar system with battery bank and backup generator set. This is a viable source of energy in the residential and commercial markets where energy management schemes can be incorporated and systems are monitored and maintained regularly. But, the reliability of this source could be considered diminished when considering the security system environment where stringent uptime requirements are required.

Trujillo, David J.

2010-10-01T23:59:59.000Z

245

Use of a hybrid technology in a critical security system.  

SciTech Connect (OSTI)

Assigning an acceptable level of power reliability in a security system environment requires a methodical approach to design when considering the alternatives tied to the reliability and life of the system. The downtime for a piece of equipment, be it for failure, routine maintenance, replacement, or refurbishment or connection of new equipment is a major factor in determining the reliability of the overall system. In addition to these factors is the condition where the system is static or dynamic in its growth. Most highly reliable security power source systems are supplied by utility power with uninterruptable power source (UPS) and generator backup. The combination of UPS and generator backup with a reliable utility typically provides full compliance to security requirements. In the energy market and from government agencies, there is growing pressure to utilize alternative sources of energy other than fossil fuel to increase the number of local generating systems to reduce dependence on remote generating stations and cut down on carbon effects to the environment. There are also conditions where a security system may be limited on functionality due to lack of utility power in remote locations. One alternative energy source is a renewable energy hybrid system including a photovoltaic or solar system with battery bank and backup generator set. This is a viable source of energy in the residential and commercial markets where energy management schemes can be incorporated and systems are monitored and maintained regularly. But, the reliability of this source could be considered diminished when considering the security system environment where stringent uptime requirements are required.

Scharmer, Carol; Trujillo, David J.

2010-08-01T23:59:59.000Z

246

GUIDE TO INFORMATION SECURITY TESTING AND ASSESSMENT Shirley Radack, Editor  

E-Print Network [OSTI]

, was written by Karen Scarfone and Murugiah Souppaya of NIST, and by Amanda Cody and Angela Orebaugh of Booz Allen Hamilton. The new guide replaces NIST SP 800-42, Guideline on Network Security Testing. NIST SP

247

Collaboration Topics - System Software | National Nuclear Security...  

National Nuclear Security Administration (NNSA)

Simulation and Computing and Institutional R&D Programs NNSACEA Cooperation in Computer Science Collaboration Topics - System Software Collaboration Topics - System...

248

E-Print Network 3.0 - assessment information system Sample Search...  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

The ISAAC system provides... 29.01.99.M1.26 Information Resources - Information Security Risk Assessment Reviews Page 1 of 3... which adequately provides management with assurance...

249

advancing nuclear security: Topics by E-print Network  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

private information within the system Paris-Sud XI, Universit de 183 Annual Security Report October 2013 Materials Science Websites Summary: of Security Field Operations,...

250

DATABASE SECURITY APPLICATIONS  

E-Print Network [OSTI]

DATABASE SECURITY #12;APPLICATIONS #12;Polyinstantiation for Cover Stories Ravi S. Sandhu and Sushil Jajodia* Center for Secure Information Systems & Department of Information and Software Systems Engineering George Mason University Falffax, VA 22030, USA emaih {sandhu, jajodia}Qsitevax.gmu.edu Abstract

Sandhu, Ravi

251

Process Control System Cyber Security Standards - An Overview  

SciTech Connect (OSTI)

The use of cyber security standards can greatly assist in the protection of critical infrastructure by providing guidelines and requisite imperatives in the implementation of computer-controlled systems. These standards are most effective when the engineers and operators using the standards understand what each of the standards addresses and does not address. This paper provides a review and comparison of ten documents dealing with control system cyber security. It is not meant to be a complete treatment of all applicable standards; rather, this is an exemplary analysis showing the benefits of comparing and contrasting differing documents.

Robert P. Evans; V Stanley Scown; Rolf Carlson; Shabbir Shamsuddin; George Shaw; Jeff Dagle; Paul W Oman; Jeannine Schmidt

2005-10-01T23:59:59.000Z

252

29.01.03.M1.16 Information Resources-Portable Devices: Information Security Page 1 of 3 STANDARD ADMINISTRATIVE PROCEDURE  

E-Print Network [OSTI]

information resources. This includes, but is not limited to: laptops, Personal Digital Assistants (PDAs29.01.03.M1.16 Information Resources- Portable Devices: Information Security Page 1 of 3 STANDARD ADMINISTRATIVE PROCEDURE 29.01.03.M1.16 Information Resources ­ Portable Devices: Information Security Approved

253

March 23, 1999 Copyright 1999 Baptist Health Systems of SF 1 Security Requirements in  

E-Print Network [OSTI]

Management Process Termination Procedures Traning Assigned Security Responcibility Media Controls Physical Baptist Health Systems of SF 9 Technical Security Mechanizms (communication security) Integrity ControlsMarch 23, 1999 Copyright © 1999 Baptist Health Systems of SF 1 Security Requirements in Healthcare

254

Critical issues in process control system security : DHS spares project.  

SciTech Connect (OSTI)

The goals of this event are: (1) Discuss the next-generation issues and emerging risks in cyber security for control systems; (2) Review and discuss common control system architectures; (3) Discuss the role of policy, standards, and supply chain issues; (4) Interact to determine the most pertinent risks and most critical areas of the architecture; and (5) Merge feedback from Control System Managers, Engineers, IT, and Auditors.

Hernandez, Jacquelynne; McIntyre, Annie; Henrie, Morgan

2010-10-01T23:59:59.000Z

255

Security alarm communication and display systems development  

SciTech Connect (OSTI)

Sandia National Laboratories has developed a variety of alarm communication and display systems for a broad spectrum of users. This paper will briefly describe the latest systems developed for the Department of Energy (DOE), the Department of Defense (DoD), and the Department of State (DOS) applications. Applications covered will vary from relatively small facilities to large complex sites. Ongoing system developments will also be discussed. The concluding section will summarize the practical, implementable state-of-the-art features available in new systems. 6 figs.

Waddoups, I.G.

1990-01-01T23:59:59.000Z

256

On Cyber Security for Networked Control Systems  

E-Print Network [OSTI]

buildings and smart structures portend immense datavehicles and buildings equipped with smart meters). Thebuilding’s occupants). The operating systems of upcoming infrastructures such as smart

Amin, Saurabh

2011-01-01T23:59:59.000Z

257

Tools and Methods for Hardening Communication Security of Energy Delivery Systems  

SciTech Connect (OSTI)

This document summarizes the research and development work the TT Government Solutions (TTGS), d.b.a. Applied Communication Sciences (ACS), team performed for the Department of Energy Cybersecurity for Energy Delivery Systems (CEDS) program. It addresses the challenges in protecting critical grid control and data communication, including the identification of vulnerabilities and deficiencies of communication protocols commonly used in energy delivery systems (e.g., ICCP, DNP3, C37.118, C12.22), as well as the development of effective means to detect and prevent the exploitation of such vulnerabilities and deficiencies. The team consists of • TT Government Solutions (TTGS), a leading provider of communications solutions that has extensive experience in commercializing communications solutions. TTGS also has deep cyber security research and development expertise supporting a variety of customers. • University of Illinois at Urbana-Champaign (UIUC), a leader in the cyber security research for the power grid. UIUC brings unique experience in designing secure communication protocols to this project. • Electric Power Research Institute (EPRI), an independent nonprofit that conducts research and development relating to the generation, delivery and use of electricity for the benefit of the public. EPRI brings to this effort its extensive technical expertise and its utility connections, with members representing more than 90 percent of the electricity generated and delivered in the United States. • DTE Energy, the 10th largest electric utility in the US, which helps ensure that this project focuses on the needs of utilities and is rightly positioned to address the needs of the market place. We designed, developed, and demonstrated a modular and extensible ADEC-G (Agent-based, Distributed, Extensible Cybersecurity for the Grid) system for monitoring/detecting abnormal energy delivery systems (EDS) protocol usage and ensuring security coverage. Our approach consists of i. An online system with stateful model based checkers (SMBCs) that helps utilities monitor EDS protocol communication contexts and flag abnormal session behaviors; ii. An offline framework that security tool developers, operators, and auditors can use to verify security properties (leverages formal methods). The modular design of the ADEC-G online system enables its easy extension to cover added protocol features, to introduce new monitoring capabilities, and to apply to additional communication protocols. Its monitoring capabilities and user interface features also facilitate visibilities into ongoing communication patterns and quick grasps of suspicious communication activities. The offline framework provides a platform not only for rigorous validation of security coverage, but also for systematic refinement of checker design leveraging the counter traces generated by the model checking tool. The ADEC-G online monitoring/detection system and the offline validation framework are both operational and have been demonstrated in various settings. The ADEC-G online system has also been integrated into TTGS SecureSmart Managed Security Services offering and been employed to perform security assessment in a section of a utility’s operational network as well as in other Smart Grid security pilot project offerings. TTGS is also in discussions with several system integrators for incorporating the integrated SecureSmart Managed Security Services offering as the cyber security solution for the nce of Operations Technology (OT) and Information Technology (IT).

Gadgil, Shrirang; Lin, Yow-Jian; Ghosh, Abhrajit; Samtani, Sunil; Kang, Jaewon; Siegell, Bruce; Kaul, Vikram; Unger, John; De Bruet, Andre; Martinez, Catherine; Vermeulen, Gerald; Rasche, Galen; Sternfeld, Scott; Berthier, Robin; Bobba, Rakesh; Campbell, Roy; Sanders, Williams; Lin, Yow-Jian

2014-06-30T23:59:59.000Z

258

Analytical foundations of physical security system assessment  

E-Print Network [OSTI]

- tion scenarios or systems. Peck [23] [24] and Peck and Lacombe [25] have explored unattended ground sensors with regard to their employment as part of an intrusion detection system in a force protection role for base camps. They examine environ- mental...

Graves, Gregory Howard

2006-10-30T23:59:59.000Z

259

The Freight Shuttle System: Automated-Secure Trade  

E-Print Network [OSTI]

the same volume) #12;HDD Truck vs. FSS (CO2 required to service the same volume) #12;Next Steps · Finalize footprint guide way ­ To be built within existing highway ROW The Freight Shuttle System 24/7 operations transportation #12;#12;#12;#12;Port of Entry Security #12;Ciudad Juarez El Paso Scan-in-motion Scan

260

Securing Internet Coordinate Embedding Systems Mohamed Ali Kaafar  

E-Print Network [OSTI]

Securing Internet Coordinate Embedding Systems Mohamed Ali Kaafar INRIA Sophia Antipolis, FR mkaafar@sophia.inria.fr Laurent Mathy Lancaster University, UK laurent@comp.lancs.ac.uk Chadi Barakat INRIA Sophia Antipolis, FR barakat@sophia.inria.fr Kave Salamatian LIP6, FR and EPFL, CH kave

Turletti, Thierry

Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


261

CyberPhysical System Security for the Electric Power Grid  

E-Print Network [OSTI]

systems that may be vulnerable to security attacks is discussed in this paper as are control loop successful cyber attacks. Estimating feasible attack impact requires an evaluation of the grid's dependency of the cyber­physical relationships within the smart grid and a specific review of possible attack vectors

Manimaran, Govindarasu

262

Security Architecture of Smart Metering Systems Natasa Zivic1  

E-Print Network [OSTI]

Security Architecture of Smart Metering Systems Natasa Zivic1 and Christoph Ruland1 1 University.Zivic, Christoph.Ruland}@uni-siegen.de Abstract. The main goals of smart metering are the reduction of costs dynamically the power generation and distribution to the requested energy by smart grids. Metering devices

Boyer, Edmond

263

Delegating Network Security with More Information Stanford University  

E-Print Network [OSTI]

's networks. Delegation makes administrators less of a bottle- neck when policy needs to be modified and allows network administration to follow organizational lines. To enable del- egation, we propose ident authority, the network administrator, that administrator has usually had to configure myriad security

264

INFORMATION TECHNOLOGY SECURITY SERVICES http://safecomputing.umich.edu  

E-Print Network [OSTI]

what might be lurking there ready to attack. According to the SANS (SysAdmin, Audit, Network, Security the Internet with an administrator's account, your computer is at an even higher risk since most malicious code is designed to infiltrate your computer by using the total access of the administrator's account against you

Shyy, Wei

265

Data Sciences Technology for Homeland Security Information Management  

E-Print Network [OSTI]

. Samatova, D. Speck, R. Srikant, J. Thomas, M. Wertheimer, P. C. Wong SANDIA REPORT SAND2004-6648 Unlimited Report of the DHS Workshop on Data Sciences September 22-23, 2004 Jointly released by Sandia National, a Lockheed Martin Company, for the United States Department of Energy's National Nuclear Security

Kolda, Tamara G.

266

CMAD IV 11/14/96 Information Security  

E-Print Network [OSTI]

utilities, power pools, vendors etc.. #12;CMAD IV 11/14/96 #12; #12; GridCo LineCo PoolCo Energy Merchant INFO INFO INFO $ $ $ PWR PWR PWR #12;CMAD IV 11/14/96 "Future" Is At Hand · Federal Energy Regulatory protection and audit practices inadequate. · Internal priorities limiting attention to security concerns

California at Davis, University of

267

Asbestos : operating system security for mobile devices  

E-Print Network [OSTI]

This thesis presents the design and implementation of a port of the Asbestos operating system to the ARM processor. The port to the ARM allows Asbestos to run on mobile devices such as cell phones and personal digital ...

Stevenson, Martijn

2006-01-01T23:59:59.000Z

268

Password secured systems and negative authentication  

E-Print Network [OSTI]

Today's industry, government, and critical infrastructure are dependent on software systems. In their absence, our modern world would come to a stop. Given our dependence, the mounting cyber threat is of critical concern. ...

Madero, Alvaro

2013-01-01T23:59:59.000Z

269

A Review of the Security of Insulin Pump Infusion Systems Nathanael Paul, Ph.D. Tadayoshi Kohno, Ph.D. David C. Klonoff, M.D., FACP  

E-Print Network [OSTI]

A Review of the Security of Insulin Pump Infusion Systems Nathanael Paul, Ph.D. Tadayoshi Kohno, Ph is to help create a trustworthy infusion pump system that will ultimately strengthen pump safety, and we safety and information security. From 2005 to 2009, there were 56,000 adverse events in infusion pump

Matsuoka, Yoky

270

T3: Secure, Scalable, Distributed Data Movement and Remote System Control for Enterprise Level Cyber Security  

SciTech Connect (OSTI)

Enterprise level cyber security requires the deployment, operation, and monitoring of many sensors across geographically dispersed sites. Communicating with the sensors to gather data and control behavior is a challenging task when the number of sensors is rapidly growing. This paper describes the system requirements, design, and implementation of T3, the third generation of our transport software that performs this task. T3 relies on open source software and open Internet standards. Data is encoded in MIME format messages and transported via NNTP, which provides scalability. OpenSSL and public key cryptography are used to secure the data. Robustness and ease of development are increased by defining an internal cryptographic API, implemented by modules in C, Perl, and Python. We are currently using T3 in a production environment. It is freely available to download and use for other projects.

Thomas, Gregory S.; Nickless, William K.; Thiede, David R.; Gorton, Ian; Pitre, Bill J.; Christy, Jason E.; Faultersack, Elizabeth M.; Mauth, Jeffery A.

2009-07-20T23:59:59.000Z

271

Cyberspace Security Econometrics System (CSES) - U.S. Copyright TXu 1-901-039  

SciTech Connect (OSTI)

Information security continues to evolve in response to disruptive changes with a persistent focus on information-centric controls and a healthy debate about balancing endpoint and network protection, with a goal of improved enterprise/business risk management. Economic uncertainty, intensively collaborative styles of work, virtualization, increased outsourcing and ongoing compliance pressures require careful consideration and adaptation. The Cyberspace Security Econometrics System (CSES) provides a measure (i.e., a quantitative indication) of reliability, performance, and/or safety of a system that accounts for the criticality of each requirement as a function of one or more stakeholders interests in that requirement. For a given stakeholder, CSES accounts for the variance that may exist among the stakes one attaches to meeting each requirement. The basis, objectives and capabilities for the CSES including inputs/outputs as well as the structural and mathematical underpinnings contained in this copyright.

Abercrombie, Robert K [ORNL] [ORNL; Schlicher, Bob G [ORNL] [ORNL; Sheldon, Frederick T [ORNL] [ORNL; Lantz, Margaret W [ORNL] [ORNL; Hauser, Katie R [ORNL] [ORNL

2014-01-01T23:59:59.000Z

272

Model-driven Security Policy Deployment: Property Oriented Approach  

E-Print Network [OSTI]

and managing the access control rules of an information system are some of the major concerns of security systems. We formally prove the process of de- ploying a security policy related to an information system the deployment of access control security policies. We show how the use of a formal ex- pression of the security

Garcia-Alfaro, Joaquin

273

DOE/DHS INDUSTRIAL CONTROL SYSTEM CYBER SECURITY PROGRAMS: A MODEL FOR USE IN NUCLEAR FACILITY SAFEGUARDS AND SECURITY  

SciTech Connect (OSTI)

Many critical infrastructure sectors have been investigating cyber security issues for several years especially with the help of two primary government programs. The U.S. Department of Energy (DOE) National SCADA Test Bed and the U.S. Department of Homeland Security (DHS) Control Systems Security Program have both implemented activities aimed at securing the industrial control systems that operate the North American electric grid along with several other critical infrastructure sectors (ICS). These programs have spent the last seven years working with industry including asset owners, educational institutions, standards and regulating bodies, and control system vendors. The programs common mission is to provide outreach, identification of cyber vulnerabilities to ICS and mitigation strategies to enhance security postures. The success of these programs indicates that a similar approach can be successfully translated into other sectors including nuclear operations, safeguards, and security. The industry regulating bodies have included cyber security requirements and in some cases, have incorporated sets of standards with penalties for non-compliance such as the North American Electric Reliability Corporation Critical Infrastructure Protection standards. These DOE and DHS programs that address security improvements by both suppliers and end users provide an excellent model for nuclear facility personnel concerned with safeguards and security cyber vulnerabilities and countermeasures. It is not a stretch to imagine complete surreptitious collapse of protection against the removal of nuclear material or even initiation of a criticality event as witnessed at Three Mile Island or Chernobyl in a nuclear ICS inadequately protected against the cyber threat.

Robert S. Anderson; Mark Schanfein; Trond Bjornard; Paul Moskowitz

2011-07-01T23:59:59.000Z

274

SECURING CURRENT AND FUTURE PROCESS CONTROL SYSTEMS  

E-Print Network [OSTI]

in a variety of critical infrastruc- tures, including chemical plants, electrical power generation to the Internet. As a result, they have inherited IT cyber risks, threats and attacks that could affect the safe, transmission and distribution systems, water distribution networks, and waste water treatment plants [3]. Until

Sanders, William H.

275

29.01.03.M1.26 Information Resources Security Risks Assessment Reviews Page 1 of 3 STANDARD ADMINISTRATIVE PROCEDURE  

E-Print Network [OSTI]

29.01.03.M1.26 Information Resources ­ Security Risks Assessment Reviews Page 1 of 3 STANDARD ADMINISTRATIVE PROCEDURE 29.01.03.M1.26 Information Resources ­ Information Security Risk Assessment Reviews security risk assessments are vital procedures for maintaining the security of information resources

276

Technology Transfer Success Stories, Security  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Security Navigate Home About Us Contact Information Hide Thumbs First Previous Pause Next Last Set Speed Slideshow speed: 5 seconds Move Autoinduction system New Image Set...

277

Secure Data Center (Fact Sheet)  

SciTech Connect (OSTI)

This fact sheet describes the purpose, lab specifications, applications scenarios, and information on how to partner with NREL's Secure Data Center at the Energy Systems Integration Facility.

Not Available

2012-08-01T23:59:59.000Z

278

Towards a Standard for Highly Secure SCADA Systems  

SciTech Connect (OSTI)

The critical energy inkstructures include gas, OL and electric power. These Mrastructures are complex and interdependent nmvorks that are vital to the national secwiy and social well being of our nation. Many electric power systems depend upon gas and oil, while fossil energy delive~ systems depend upon elecnic power. The control mechanisms for these Mrastructures are often referred to as SCADA (Supmivry CkmdandDaU Ac@itz&z) systems. SCADA systems provide remote monitoring and centralized control for a distributed tmnsportation infmsmucture in order to facilitate delivery of a commodi~. AIthough many of the SCADA concepts developed in this paper can be applied to automotive mmsponation systems, we will use transportation to refer to the movement of electrici~, gas, and oil. \\ Recently, there have been seveml reports suggesting that the widespread and increasing use of SCADA for control of energy systems provides an increasing opportuni~ for an advers~ to cause serious darnage to the energy inbstmcturei~. This damage could arise through cyber infiltration of the SCADA networks, by physically tampering with the control networks, or through a combination of both means. SCADA system threats decompose into cyber and physical threats. One solution to the SCADA security problem is to design a standard for a highly secure KA.DA system that is both cyber, and physdly secure. Not all-physical threats are possible to guard again% but of those threats that are, high security SCADA provides confidence that the system will continue to operate in their presence. One of the most important problems in SCADA securi~ is the relationship between the cyber and physical vulnerabilities. Cyber intrusion increases physical Vulnerabilities, while in the dual problem physical tampering increases cyber vulnerabilit.ies. There is potential for feedback and the precise dynamics need to be understood. As a first step towards a stan~ the goal of this paper is to facilitate a discussion of the requirements analysis for a highly secure SCADA system. The fi-arnework for the discussion consists of the identification of SCADA security investment areas coupled with the tradeoffs that will force compromises in the solution. For example, computational and bandwidth requirements of a security standard could force the replacement of entire SCADA systems. The requirements for a real-time response in a cascading electric power failure could pose limitations on authentication and encryption mechanisms. The shortest path to the development of a high securi~ SC.ADA standard will be achieved by leveraging existing standards efforts and ensuring that security is being properly addressed in those standards. The Utility Communications Architecture 2.o (UC@, for real-time utili~ decision control, represents one such standard. The development of a SCADA secwiy specification is a complex task that will benefit from a systems engineering approach.

Carlson, R.

1998-09-25T23:59:59.000Z

279

Control Systems Security Standards: Accomplishments And Impacts |  

Office of Environmental Management (EM)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "of Energy Power Systems EngineeringDepartmentSmart GridThird Quarter OverallDepartment of Energy

280

Evaluation of power system security and development of transmission pricing method  

E-Print Network [OSTI]

in the long run. Under this deregulated environment, security assessment and pricing of transmission services have become important issues in power systems. This dissertation provides new methods for power system security assessment and transmission pricing...

Kim, Hyungchul

2004-11-15T23:59:59.000Z

Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


281

On the Computational Practicality of Private Information Retrieval Network Security and Applied Cryptography Lab  

E-Print Network [OSTI]

On the Computational Practicality of Private Information Retrieval Radu Sion Network Security of single-server computational pri- vate information retrieval (PIR) for the purpose of preserv- ing client access patterns leakage. We show that deployment of non-trivial single server PIR protocols on real

Carbunar, Bogdan

282

Information Security: The Human Perspective Kathleen M. Carley  

E-Print Network [OSTI]

, redundancy, cascade effects, organizational memory, organizational learning, information diffusion, changing resource records, and organizational accounting information. Recent cases of industrial espionage all point addressed if both technological and organizational issues are considered simultaneously. How should

Sadeh, Norman M.

283

NIST Computer Security Division csrc.nist.gov Summary of NIST SP 800-53 Revision 4,  

E-Print Network [OSTI]

and Privacy Controls for Federal Information Systems and Organizations Kelley Dempsey Computer Security-53 Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations, which .............................................................. 3 Figure 3: Security Control Selection Process

284

Information technology equipment cooling system  

SciTech Connect (OSTI)

According to one embodiment, a system for removing heat from a rack of information technology equipment may include a sidecar indoor air to liquid heat exchanger that cools warm air generated by the rack of information technology equipment. The system may also include a liquid to liquid heat exchanger and an outdoor heat exchanger. The system may further include configurable pathways to connect and control fluid flow through the sidecar heat exchanger, the liquid to liquid heat exchanger, the rack of information technology equipment, and the outdoor heat exchanger based upon ambient temperature and/or ambient humidity to remove heat from the rack of information technology equipment.

Schultz, Mark D.

2014-06-10T23:59:59.000Z

285

Energy trading and information systems  

SciTech Connect (OSTI)

This document contains reports which were presented at the meeting on Energy Trading and Information Systems. Topics were concerned with the importance and use of information systems to the natural gas industry. Individual papers have been processed separately for the United States Department of Energy databases.

NONE

1995-12-31T23:59:59.000Z

286

Information Systems Management (ISM) 2011 Department of Supply Chain & Information Systems  

E-Print Network [OSTI]

Information Systems Management (ISM) 2011 Department of Supply Chain & Information Systems Information Systems Management Minor Application Overview The Information Systems Management focuses Systems Management and Applications c. MIS 431 (3) Business Data Management d. MIS 446 (3) Information

Yener, Aylin

287

EcoSecurities Brasil Ltd | Open Energy Information  

Open Energy Info (EERE)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home5b9fcbce19 NoPublic Utilities Address:011-DNA Jump37. It is classified asThisEcoGrid EU (Smart Grid Project) JumpEcoSecurities

288

NMMSS Information, Reports & Forms | National Nuclear Security  

National Nuclear Security Administration (NNSA)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "ofEarlyEnergyDepartmentNational Nuclear SecurityNationalApplyMaintaining ForN x NSecurity| National

289

Emergency Public Information | Y-12 National Security Complex  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May JunDatastreamsmmcrcalgovInstrumentsruc DocumentationP-Series toESnet4: Networking for37 East and West Other SLAC ResourcesSecurity /

290

Service oriented architecture governance tools within information security .  

E-Print Network [OSTI]

??Service Oriented Architecture has many advantages. For example, organisations can align business with Information Technology, reuse the developed functionality, reduce development and maintain cost for… (more)

Mokgosi, Letlhogonolo

2012-01-01T23:59:59.000Z

291

Integrated risk information system (IRIS)  

SciTech Connect (OSTI)

The Integrated Risk Information System (IRIS) is an electronic information system developed by the US Environmental Protection Agency (EPA) containing information related to health risk assessment. IRIS is the Agency`s primary vehicle for communication of chronic health hazard information that represents Agency consensus following comprehensive review by intra-Agency work groups. The original purpose for developing IRIS was to provide guidance to EPA personnel in making risk management decisions. This original purpose for developing IRIS was to guidance to EPA personnel in making risk management decisions. This role has expanded and evolved with wider access and use of the system. IRIS contains chemical-specific information in summary format for approximately 500 chemicals. IRIS is available to the general public on the National Library of Medicine`s Toxicology Data Network (TOXNET) and on diskettes through the National Technical Information Service (NTIS).

Tuxen, L. [Environmental Protection Agency, Washington, DC (United States)

1990-12-31T23:59:59.000Z

292

Developing Secure Power Systems Professional Competence: Alignment and Gaps in Workforce Development Programs for Phase 2 of the Secure Power Systems Professional project  

SciTech Connect (OSTI)

This is the final report of Phase 2 of the Secure Power Systems Professional project, a 3 phase project. DOE will post to their website upon release.

O'Neil, Lori Ross; Assante, Michael; Tobey, D. H.; Conway, T. J.; Vanderhorst, Jr, T. J.; Januszewski, III, J.; leo, R.; Perman, K.

2013-08-26T23:59:59.000Z

293

ITS POLICIES AND GUIDELINES CATEGORY: Information Technology, Security, Privacy,  

E-Print Network [OSTI]

devices have been used by cyber- criminals to launch attacks both within and outside universities information resources and to take action to mitigate that threat. Action that is taken will be based resource has been launched; 4) confidential, private, or proprietary electronic information

Gering, Jon C.

294

Private Information Retrieval, Optimal for Users and Secure Coprocessors  

E-Print Network [OSTI]

@dbis.informatik.hu­berlin.de Abstract. A private information retrieval (PIR) protocol allows a user to retrieve one of N records from a database while hiding the identity of the record from the database server. A PIR protocol is optimal Private Information Retrieval (PIR) protocols. Formally, a PIR protocol allows a user to retrieve one of N

Freytag, Johann-Christoph

295

Improving Cyber-Security of Smart Grid Systems via Anomaly Detection and Linguistic Domain Knowledge  

SciTech Connect (OSTI)

The planned large scale deployment of smart grid network devices will generate a large amount of information exchanged over various types of communication networks. The implementation of these critical systems will require appropriate cyber-security measures. A network anomaly detection solution is considered in this work. In common network architectures multiple communications streams are simultaneously present, making it difficult to build an anomaly detection solution for the entire system. In addition, common anomaly detection algorithms require specification of a sensitivity threshold, which inevitably leads to a tradeoff between false positives and false negatives rates. In order to alleviate these issues, this paper proposes a novel anomaly detection architecture. The designed system applies the previously developed network security cyber-sensor method to individual selected communication streams allowing for learning accurate normal network behavior models. Furthermore, the developed system dynamically adjusts the sensitivity threshold of each anomaly detection algorithm based on domain knowledge about the specific network system. It is proposed to model this domain knowledge using Interval Type-2 Fuzzy Logic rules, which linguistically describe the relationship between various features of the network communication and the possibility of a cyber attack. The proposed method was tested on experimental smart grid system demonstrating enhanced cyber-security.

Ondrej Linda; Todd Vollmer; Milos Manic

2012-08-01T23:59:59.000Z

296

EMCAS, an evaluation methodology for safeguards and security systems  

SciTech Connect (OSTI)

EMCAS is an evaluation methodology for safeguards and security systems. It provides a score card of projected or actual system performance for several areas of system operation. In one area, the performance of material control and accounting and security systems, which jointly defend against the insider threat to divert or steal special nuclear material (SNM) using stealth and deceit, is evaluated. Time-dependent and time-independent risk equations are used for both diversion and theft risk calculations. In the case of loss detection by material accounting, a detailed timeliness model is provided to determine the combined effects of loss detection sensitivity and timeliness on the overall effectiveness of the material accounting detection procedure. Calculated risks take into account the capabilities of process area containment/surveillance, material accounting mass balance tests, and physical protection barriers and procedures. In addition, EMCAS evaluates the Material Control and Accounting (MCandA) System in the following areas: (1) system capability to detect errors in the official book inventory of SNM, using mass balance accounting methods, (2) system capability to prevent errors from entering the nuclear material data base during periods of operation between mass balance tests, (3) time to conduct inventories and resolve alarms, and (4) time lost from production to carry out material control and accounting loss detection activities.

Eggers, R.F.; Giese, E.W.; Bichl, F.J.

1987-07-01T23:59:59.000Z

297

EMCAS: An evaluation methodology for safeguards and security systems  

SciTech Connect (OSTI)

EMCAS is an evaluation methodology for safeguards and security systems. It provides a score card of projected or actual system performance for several areas of system operation. In one area, the performance of material control and accounting and security systems, which jointly defend against the insider threat to divert or steal special nuclear material (SNM) using stealth and deceit, is evaluated. Time-dependent and time-independent risk equations are used for both diversion and theft risk calculations. In the case of loss detection by material accounting, a detailed timeliness model is provided to determine the combined effects of loss detection sensitivity and timeliness on the overall effectiveness of the material accounting detection procedure. Calculated risks take into account the capabilities of process area containment/surveillance, material accounting mass balance tests, and physical protection barriers and procedures. In addition, EMCAS evaluates the Material Control and Accounting (MC and A) System in the following areas: (1) system capability to detect errors in the official book inventory of SNM, using mass balance accounting methods, (2) system capability to prevent errors from entering the nuclear material data base during periods of operation between mass balance tests, (3) time to conduct inventories and resolve alarms, and (4) time lost from production to carry out material control and accounting loss detection activities. 3 figs., 5 tabs.

Eggers, R.F.; Giese, E.W.; Bichl, F.J.

1987-01-01T23:59:59.000Z

298

Development of a Window Based Security System for Electronic Data Interchange  

E-Print Network [OSTI]

The Electronic Data Interchange (EDI) is the exchange of standardized documents between computer systems for business use. The objective of this study is to make Electronic Data Interchange secure to use and to eliminate human intervention in the transfer of data between business partners so that productivity and efficiency can be improved and also promote its usage between two or more trading organizations. This paper provides an overview of EDI by describing the traditional problems of exchanging information in business environments and how the EDI solves those problems and gives benefits to the company that makes use of EDI. This paper also introduces the common EDI Standards and explains how it works, how it is used over the internet and the security measures implemented. The system was executed on both local area network and wide area network after a critical study of the existing EDI methods and also implemented using VB.Net programming language. Finally, an interactive program was developed that handle...

Philip, Achimugu; Joshua, Abah

2011-01-01T23:59:59.000Z

299

Security policy concepts for microprocessor-based systems  

SciTech Connect (OSTI)

This report presents security policies for microprocessor-based systems and gives an example of how to enforce these policies, using an independent, hardware-based monitor, in a hypothetical single-processor system. The purpose of these policies is to detect erroneous behavior of the microprocessor system and to guarantee that accesses (read, write, or execute), by executable procedures,to the various system resources (other procedure, data areas, and peripheral ports) are in accordance with rules that are defined precisely and completely. We present the main result of our research as a ''Second-Order Security Policy'', which describes a segmentation of system resources into a number of ''Blocks'' and defines access rights of each ''Process Block'' to all Blocks in the system. The hardware-monitor example is a conceptual design of an independent monitor that we believe can be built to enforce the second-order policy in real time. This approach will be effective in preventing erroneous accesses to data structures and peripherals and in detecting errors in the transfer of program control from Block to Block. 9 refs., 11 figs., 3 tabs.

Axline, R.M. Jr.; Ormesher, R.C.

1989-03-01T23:59:59.000Z

300

IEEE TRANSACTIONS ON POWER SYSTEMS 1 Web-based Security Cost Analysis in Electricity  

E-Print Network [OSTI]

IEEE TRANSACTIONS ON POWER SYSTEMS 1 Web-based Security Cost Analysis in Electricity Markets Hong of transmission security constraints, transactions de- termined by market forces are feasible only when they are within the system's security limits. Thus, transactions in electricity markets need to be evaluated

Cañizares, Claudio A.

Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


301

YASIR: A Low-Latency, High-Integrity Security Retrofit for Legacy SCADA Systems (Extended Version)  

E-Print Network [OSTI]

YASIR: A Low-Latency, High-Integrity Security Retrofit for Legacy SCADA Systems (Extended Version security, and yet incurs minimal end-to-end communication latency. Keywords: SCADA network security, bump links between devices in legacy Supervisory Con- trol And Data Acquisition (SCADA) systems, on which

302

Roadmap to Secure Control Systems in the Energy Sector- January 2006  

Broader source: Energy.gov [DOE]

This document, the Roadmap to Secure Control Systems in the Energy Sector, outlines a coherent plan for improving cyber security in the energy sector. It is the result of an unprecedented...

303

Design principles and patterns for computer systems that are simultaneously secure and usable  

E-Print Network [OSTI]

It is widely believed that security and usability are two antagonistic goals in system design. This thesis argues that there are many instances in which security and usability can be synergistically improved by revising ...

Garfinkel, Simson

2005-01-01T23:59:59.000Z

304

Center for Information & Systems Engineering  

E-Print Network [OSTI]

imaging, video surveillance, modern energy systems and bioinformatics. With a proven track record of scholarship, funding and industry collaboration, CISE faculty bring vast research experience to addressing, information theory, control theory, queuing theory, simulation, and applied probability and statistics. Master

Goldberg, Bennett

305

Energy Management and Information Systems  

E-Print Network [OSTI]

?infrastructure energy?audits,?HVAC?upgrades,? heat?recovery,?etc. Improve?operations processes?and?day?to?day? operations,?retro? commissioning ENERGY?MANAGEMENT?INFORMATION?SYSTEM the?project Hardware ? $3.0?million?investment ? 400+?meters...

Conraud, J.

2013-01-01T23:59:59.000Z

306

Control Systems Security Center Comparison Study of Industrial Control System Standards against the Control Systems Protection Framework Cyber-Security Requirements  

SciTech Connect (OSTI)

Cyber security standards, guidelines, and best practices for control systems are critical requirements that have been delineated and formally recognized by industry and government entities. Cyber security standards provide a common language within the industrial control system community, both national and international, to facilitate understanding of security awareness issues but, ultimately, they are intended to strengthen cyber security for control systems. This study and the preliminary findings outlined in this report are an initial attempt by the Control Systems Security Center (CSSC) Standard Awareness Team to better understand how existing and emerging industry standards, guidelines, and best practices address cyber security for industrial control systems. The Standard Awareness Team comprised subject matter experts in control systems and cyber security technologies and standards from several Department of Energy (DOE) National Laboratories, including Argonne National Laboratory, Idaho National Laboratory, Pacific Northwest National Laboratory, and Sandia National Laboratories. This study was conducted in two parts: a standard identification effort and a comparison analysis effort. During the standard identification effort, the Standard Awareness Team conducted a comprehensive open-source survey of existing control systems security standards, regulations, and guidelines in several of the critical infrastructure (CI) sectors, including the telecommunication, water, chemical, energy (electric power, petroleum and oil, natural gas), and transportation--rail sectors and sub-sectors. During the comparison analysis effort, the team compared the requirements contained in selected, identified, industry standards with the cyber security requirements in ''Cyber Security Protection Framework'', Version 0.9 (hereafter referred to as the ''Framework''). For each of the seven sector/sub-sectors listed above, one standard was selected from the list of standards identified in the identification effort. The requirements in these seven standards were then compared against the requirements given in the Framework. This comparison identified gaps (requirements not covered) in both the individual industry standards and in the Framework. In addition to the sector-specific standards reviewed, the team compared the requirements in the cross-sector Instrumentation, Systems, and Automation Society (ISA) Technical Reports (TR) 99 -1 and -2 to the Framework requirements. The Framework defines a set of security classes separated into families as functional requirements for control system security. Each standard reviewed was compared to this template of requirements to determine if the standard requirements closely or partially matched these Framework requirements. An analysis of each class of requirements pertaining to each standard reviewed can be found in the comparison results section of this report. Refer to Appendix A, ''Synopsis of Comparison Results'', for a complete graphical representation of the study's findings at a glance. Some of the requirements listed in the Framework are covered by many of the standards, while other requirements are addressed by only a few of the standards. In some cases, the scope of the requirements listed in the standard for a particular industry greatly exceeds the requirements given in the Framework. These additional families of requirements, identified by the various standards bodies, could potentially be added to the Framework. These findings are, in part, due to the maturity both of the security standards themselves and of the different industries current focus on security. In addition, there are differences in how communication and control is used in different industries and the consequences of disruptions via security breaches to each particular industry that could affect how security requirements are prioritized. The differences in the requirements listed in the Framework and in the various industry standards are due, in part, to differences in the level and purpose of the standards. While the requir

Robert P. Evans

2005-09-01T23:59:59.000Z

307

ISS-005, Laptop Encryption Standard 1/2 UCIT INFORMATION SECURITY STANDARDS  

E-Print Network [OSTI]

ISS-005, Laptop Encryption Standard 1/2 UCIT INFORMATION SECURITY STANDARDS Laptop Encryption Standard Definitions 1 1.1 Encryption: The process used to protect the confidentiality and integrity contained within it is appropriately encrypted. Applicability 3 This standard applies to all UofC owned

Habib, Ayman

308

University of London International Academy MSc/PG Dip in Information Security  

E-Print Network [OSTI]

from the criminal angle and presenting a study of computer crime and the computer criminal. We criminals. Pre-requisites None Essential Reading Cybercrime: The transformation of crime in the Information should be able to: follow trends in computer crime relate computer security methodologies to criminal

Royal Holloway, University of London

309

Hybrid-Secure MPC: Trading Information-Theoretic Robustness for Computational Privacy  

E-Print Network [OSTI]

Lucas Department of Computer Science, ETH Zurich 8092 Zurich, Switzerland clucas@inf.ethz.ch Dominik Maurer Department of Computer Science, ETH Zurich 8092 Zurich, Switzerland maurer@inf.ethz.ch ABSTRACT controls Supported by the Zurich Information Security Center. Work done while at ETH Zurich, Switzerland

Maurer, Ueli

310

HybridSecure MPC: Trading InformationTheoretic Robustness for Computational Privacy  

E-Print Network [OSTI]

Lucas # Department of Computer Science, ETH Zurich 8092 Zurich, Switzerland clucas@inf.ethz.ch Dominik Maurer # Department of Computer Science, ETH Zurich 8092 Zurich, Switzerland maurer@inf.ethz.ch ABSTRACT--- Cryptographic controls # Supported by the Zurich Information Security Center. + Work done while at ETH Zurich

Maurer, Ueli

311

August 2003 IT SECURITY METRICS  

E-Print Network [OSTI]

, efficiency, effectiveness, and the impact of the security controls. The process steps need not be sequen tial metrics program and provides examples of metrics based on the criti cal elements and security controls and techniques contained in NIST SP 800-26, Security Self-Assessment Guide for Information Technology Systems

312

Gasification Systems Project Information  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr MayAtmospheric Optical Depth7-1D: Vegetation ProposedUsingFun with Big Sky Learning Fun with BigGASIFICATION SYSTEMS U.S. DEPARTMENT

313

Privacy Act System Notices | National Nuclear Security Administration  

National Nuclear Security Administration (NNSA)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "ofEarlyEnergyDepartmentNational Nuclearhas 'Natitude' |Requests | National Nuclear SecuritySystem Notices |

314

MN Office of Energy Security | Open Energy Information  

Open Energy Info (EERE)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home5b9fcbce19 No revision hasInformation Earth's Heat JumpIncMAKGalway Bay IEOWCCatcher.pngWavemill <MN Office of Energy

315

Security-Widefield, Colorado: Energy Resources | Open Energy Information  

Open Energy Info (EERE)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data CenterFranconia, Virginia:FAQ < RAPID Jump to:Seadov Pty Ltd Jump to: navigation, search Name: Seadov PtySeboeis,Information

316

Transportation Routing Analysis Geographic Information System (TRAGIS)  

E-Print Network [OSTI]

Transportation Routing Analysis Geographic Information System (TRAGIS) Model and Network Databases The Transportation Routing Analysis Geographic Information System (TRAGIS) model is a geographic information system tool for modeling transportation routing. TRAGIS offers numerous options for route calculation

317

Evolution of toxicology information systems  

SciTech Connect (OSTI)

Society today is faced with new health risk situations that have been brought about by recent scientific and technical advances. Federal and state governments are required to assess the many potential health risks to exposed populations from the products (chemicals) and by-products (pollutants) of these advances. Because a sound analysis of any potential health risk should be based on the use of relevant information, it behooves those individuals responsible for making the risk assessments to know where to obtain needed information. This paper reviews the origins of toxicology information systems and explores the specialized information center concept that was proposed in 1963 as a means of providing ready access to scientific and technical information. As a means of illustrating this concept, the operation of one specialized information center (the Environmental Mutagen Information Center at Oak Ridge National Laboratory) will be discussed. Insights into how toxicological information resources came into being, their design and makeup, will be of value to those seeking to acquire information for risk assessment purposes. 7 refs., 1 fig., 4 tabs.

Wassom, J.S.; Lu, P.Y. [Oak Ridge National Laboratory, TN (United States)

1990-12-31T23:59:59.000Z

318

Quality Assurance forQuality Assurance for Security-Critical SystemsSecurity-Critical Systems  

E-Print Network [OSTI]

Munich Extensive collaboration with industry (BMW,Extensive collaboration with industry (BMW, Hypo (rather than breaking) them.breaking) them. Assumptions on system context, physical environment.Assumptions on system context, physical environment. Attacker may use unintended/unnoticed functionalityAttacker may

Jurjens, Jan

319

Department of Energy Cyber Security Management Program  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The purpose of the Department of Energy (DOE) Cyber Security Management Program (hereafter called the Program) is to protect all DOE cyber information and information systems in order to implement the requirements of applicable laws required to maintain national security and ensure DOE business operations proceed without security events such as interruption or compromise. Cancels DOE N 205.1

2003-03-21T23:59:59.000Z

320

Department of Energy Cyber Security Management  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The purpose of the DOE Cyber Security Management Program is to protect all DOE cyber information and information systems in order to implement the requirements of applicable laws required to maintain national security and ensure DOE business operations proceed without security events such as interruption or compromise. Cancels DOE O 205.1. Canceled by DOE O 205.1B.

2006-12-04T23:59:59.000Z

Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


321

Lemnos interoperable security project.  

SciTech Connect (OSTI)

With the Lemnos framework, interoperability of control security equipment is straightforward. To obtain interoperability between proprietary security appliance units, one or both vendors must now write cumbersome 'translation code.' If one party changes something, the translation code 'breaks.' The Lemnos project is developing and testing a framework that uses widely available security functions and protocols like IPsec - to form a secure communications channel - and Syslog, to exchange security log messages. Using this model, security appliances from two or more different vendors can clearly and securely exchange information, helping to better protect the total system. Simplify regulatory compliance in a complicated security environment by leveraging the Lemnos framework. As an electric utility, are you struggling to implement the NERC CIP standards and other regulations? Are you weighing the misery of multiple management interfaces against committing to a ubiquitous single-vendor solution? When vendors build their security appliances to interoperate using the Lemnos framework, it becomes practical to match best-of-breed offerings from an assortment of vendors to your specific control systems needs. The Lemnos project is developing and testing a framework that uses widely available open-source security functions and protocols like IPsec and Syslog to create a secure communications channel between appliances in order to exchange security data.

Halbgewachs, Ronald D.

2010-03-01T23:59:59.000Z

322

Modeling and simulation for cyber-physical system security research, development and applications.  

SciTech Connect (OSTI)

This paper describes a new hybrid modeling and simulation architecture developed at Sandia for understanding and developing protections against and mitigations for cyber threats upon control systems. It first outlines the challenges to PCS security that can be addressed using these technologies. The paper then describes Virtual Control System Environments (VCSE) that use this approach and briefly discusses security research that Sandia has performed using VCSE. It closes with recommendations to the control systems security community for applying this valuable technology.

Pollock, Guylaine M.; Atkins, William Dee; Schwartz, Moses Daniel; Chavez, Adrian R.; Urrea, Jorge Mario; Pattengale, Nicholas; McDonald, Michael James; Cassidy, Regis H.; Halbgewachs, Ronald D.; Richardson, Bryan T.; Mulder, John C.

2010-02-01T23:59:59.000Z

323

Information Systems Host: Sanjeev Dewan  

E-Print Network [OSTI]

Ghose is an Associate Professor of Information, Operations, and Management Sciences and the Robert L by its shared technology infrastructure. He has worked on product reviews, reputation and rating systems, sponsored search advertising, mobile commerce, mobile apps, mobile ads, crowd funding, and online markets

Loudon, Catherine

324

Engineering, Computing and Information Systems  

E-Print Network [OSTI]

, D, P Ocean Engineering-M Radiation Health Physics-B, M, D, P Wood Science and Technology-B, P ArtsEngineering, Computing and Information Systems Bioengineering-B, P Biological and Ecological Engineering-M, D Bioresource Research-B, P Chemical Engineering-B, M, D, P Civil Engineering-B, M, D, P

Escher, Christine

325

Secure Fragment Allocation in a Distributed Storage System with Heterogeneous Vulnerabilities  

E-Print Network [OSTI]

Secure Fragment Allocation in a Distributed Storage System with Heterogeneous Vulnerabilities Yun--There is a growing demand for large-scale dis- tributed storage systems to support resource sharing and fault attention has yet been paid to security solutions designed for distributed storage systems

Qin, Xiao

326

An Equal Opportunity Employer / Operated by Los Alamos National Security, LLC for the U.S. Department of Energy's NNSA Los Alamos National Security, LLC Request for Information on how industry may partner with the  

E-Print Network [OSTI]

.S. Department of Energy's NNSA Los Alamos National Security, LLC Request for Information on how industry may Employer / Operated by Los Alamos National Security, LLC for the U.S. Department of Energy's NNSA scaling

327

Cyber Security Incident Management Manual  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The manual establishes minimum requirements for a structured cyber security incident detection and management process for detecting, identifying, categorizing, containing, reporting, and mitigating cyber security incidents involving DOE information and information systems operated by DOE or by contractors on behalf of the Department. No cancellations. Admin Chg 1 dated 9-1-09.

2009-01-08T23:59:59.000Z

328

Cyber Security Incident Management Manual  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The manual establishes minimum requirements for a structured cyber security incident detection and management process for detecting, identifying, categorizing, containing, reporting, and mitigating cyber security incidents involving DOE information and information systems operated by DOE or by contractors on behalf of the Department. No cancellations.

2009-01-08T23:59:59.000Z

329

Database Security: A Historical Perspective  

E-Print Network [OSTI]

The importance of security in database research has greatly increased over the years as most of critical functionality of the business and military enterprises became digitized. Database is an integral part of any information system and they often hold sensitive data. The security of the data depends on physical security, OS security and DBMS security. Database security can be compromised by obtaining sensitive data, changing data or degrading availability of the database. Over the last 30 years the information technology environment have gone through many changes of evolution and the database research community have tried to stay a step ahead of the upcoming threats to the database security. The database research community has thoughts about these issues long before they were address by the implementations. This paper will examine the different topics pertaining to database security and see the adaption of the research to the changing environment. Some short term database research trends will be ascertained ...

Lesov, Paul

2010-01-01T23:59:59.000Z

330

Selective Versioning in a Secure Disk System Appears in the Proceedings of the 17th USENIX Security Symposium  

E-Print Network [OSTI]

Symposium Swaminathan Sundararaman Stony Brook University Gopalan Sivathanu Stony Brook University Erez are minimal. 1 Introduction Protecting disk data against malicious damage is one of the key requirements in computer systems security. Stored data is one the most valuable assets for most or- ganizations and damage

Zadok, Erez

331

Selective Versioning in a Secure Disk System Appears in the Proceedings of the 17th USENIX Security Symposium  

E-Print Network [OSTI]

Symposium Swaminathan Sundararaman Stony Brook University Gopalan Sivathanu Stony Brook University Erez are minimal. 1 Introduction Protecting disk data against malicious damage is one of the key requirements in computer systems security. Stored data is one the most valuable assets for most or­ ganizations and damage

Zadok, Erez

332

SRS upgrades helium recovery system | National Nuclear Security...  

National Nuclear Security Administration (NNSA)

detectors employed by the United States Department of Homeland Security to detect neutron activity from nuclear material. Savannah River Nuclear Solutions, LLC, the management...

333

Securing Offshore Infrastructures Through a Global Alert and Graded Response System  

E-Print Network [OSTI]

1 « SARGOS » Securing Offshore Infrastructures Through a Global Alert and Graded Response System and graded response system to answer the recent but strong need for securing critical civilian offshore of their 2009 global safety program (CSOSG). 1. Introduction Offshore oil installations are critical energy

Paris-Sud XI, Université de

334

Supervisory Control Strategies for Enhancing System Security and Privacy Christoforos N. Hadjicostis  

E-Print Network [OSTI]

cyber-infrastructures (ranging from defense and banking to health care and power distribution sys- temsSupervisory Control Strategies for Enhancing System Security and Privacy Christoforos N. Hadjicostis Abstract-- Enhancing the security and reliability of auto- mated systems that control vital

Hadjicostis, Christoforos

335

Secure Communication and Authentication Against Off-line Dictionary Attacks in Smart Grid Systems  

E-Print Network [OSTI]

Secure Communication and Authentication Against Off-line Dictionary Attacks in Smart Grid Systems This paper studies the security requirements for remote authentication and communication in smart grid to smart grid systems. For example, in order to unlock the credentials stored in tamper

Wang, Yongge

336

Louisiana State University System 3810 West Lakeshore Drive  

E-Print Network [OSTI]

State University System Information Security Plan ­ PM-36 This document is a coordinated effort Care Services Division This Information Security Plan is considered to be "living

337

Multi-objective Optimization for Pricing System Security in Electricity Markets  

E-Print Network [OSTI]

marginal prices throughout the system. Keywords--Electricity markets, locational marginal prices, maximum1 Multi-objective Optimization for Pricing System Security in Electricity Markets Federico Milano while yielding better market conditions through increased transaction levels and improved locational

Cañizares, Claudio A.

338

Photovoltaic Geographical Information System | Open Energy Information  

Open Energy Info (EERE)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home5b9fcbce19 No revision hasInformation Earth'sOklahoma/GeothermalOrangePeru: Energy

339

Solar Systems | Open Energy Information  

Open Energy Info (EERE)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data CenterFranconia, Virginia:FAQ < RAPID Jump to:Seadov Pty Ltd Jump to:Information Silver PeakSystems Jump to: navigation, search

340

STUDENT INFORMATION SYSTEMS: 2008-2009 MANUAL  

E-Print Network [OSTI]

STUDENT INFORMATION SYSTEMS: 2008-2009 MANUAL Student Academic Affairs Office College of Education #12;ii #12;SIS Manual: 2008-2009 iii TABLE OF CONTENTS ABOUT STUDENT INFORMATION SYSTEMS (SIS.............................................................................................1 STUDENTS

Gilbert, Matthew

Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


341

Northwest Habitat Institute Integrated Habitat and Biodiversity Information SystemIntegrated Habitat and Biodiversity Information System  

E-Print Network [OSTI]

Northwest Habitat Institute Integrated Habitat and Biodiversity Information SystemIntegrated Habitat and Biodiversity Information System (IBIS) for the Columbia River Basin(IBIS) for the Columbia

342

ITL BULLETIN FOR NOVEMBER 2010 THE EXCHANGE OF HEALTH INFORMATION: DESIGNING A SECURITY  

E-Print Network [OSTI]

is adequately addressed throughout the system development life cycle, and that data protection mechanisms. This approach involves addressing the protection of health information throughout the system development life cycle, and applying protective mechanisms, including contingency and disaster recovery planning

343

Background Information for the Nevada National Security Site Integrated Sampling Plan, Revision 0  

SciTech Connect (OSTI)

This document describes the process followed to develop the Nevada National Security Site (NNSS) Integrated Sampling Plan (referred to herein as the Plan). It provides the Plan’s purpose and objectives, and briefly describes the Underground Test Area (UGTA) Activity, including the conceptual model and regulatory requirements as they pertain to groundwater sampling. Background information on other NNSS groundwater monitoring programs—the Routine Radiological Environmental Monitoring Plan (RREMP) and Community Environmental Monitoring Program (CEMP)—and their integration with the Plan are presented. Descriptions of the evaluations, comments, and responses of two Sampling Plan topical committees are also included.

Farnham, Irene; Marutzky, Sam

2014-12-01T23:59:59.000Z

344

Information Concerning Reliability Impacts under Various System...  

Broader source: Energy.gov (indexed) [DOE]

Concerning Reliability Impacts under Various System Configurations of the Mirant Potomac River Plant Information Concerning Reliability Impacts under Various System Configurations...

345

AgSec: Secure and Efficient CDMA-based Aggregation for Smart Metering Systems  

E-Print Network [OSTI]

AgSec: Secure and Efficient CDMA-based Aggregation for Smart Metering Systems Navid Alamatsaz-based data aggregation method provides access to all the data of all the smart meters in the root node, which in this case is the Utility Center, while keeping the smart metering data secure. The efficiency

Namboodiri, Vinod

346

Topic 7 : Smart Grid Privacy and Security 1Networking and Distributed Systems  

E-Print Network [OSTI]

Topic 7 : Smart Grid Privacy and Security 1Networking and Distributed Systems Department Tech UniversityCommunications and Control in Smart Grid 2 · Smart Meter Privacy · Concerns · Possible Solutions · Smart Grid Security · Load Altering Attacks · False Data Injection Attacks · Impact

Mohsenian-Rad, Hamed

347

Security Metricsfor Process Control Systems | Department of Energy  

Energy Savers [EERE]

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Office of Inspector GeneralDepartment of Energyof the Americas | DepartmentDepartment of Energy SecuritySecurity

348

MANAGEMENT INFORMATION SYSTEMS (MIS) CONCENTRATION FOR UNDERGRADUATES  

E-Print Network [OSTI]

MANAGEMENT INFORMATION SYSTEMS (MIS) CONCENTRATION FOR UNDERGRADUATES The management information systems concentration, like a major, focuses on the use of information technology for value creation creation. Link to Rensselaer 2012-2013 Catalog Required Courses MGMT 4240 Systems Analysis & Design MGMT

Salama, Khaled

349

How information systems communicate as documents  

E-Print Network [OSTI]

How information systems communicate as documents: the concept of authorial voice Melanie Feinberg of document, we can better understand how information systems communicate to their users, and we can use, Information systems, Knowledge management Paper type Research paper 1. Introduction Conventionally

Feinberg, Melanie

350

Using Operational Security (OPSEC) to Support a Cyber Security...  

Broader source: Energy.gov (indexed) [DOE]

Cyber Security: Defense in Depth Strategies The Chief Information Officer (CIO) at the U 2014 Headquarters Facilities Master Security Plan - Chapter 8, Operations Security Program...

351

Composite Data Products (CDPs) from the Hydrogen Secure Data Center (HSDC) at the Energy Systems Integration Facility (ESIF), NREL  

DOE Data Explorer [Office of Scientific and Technical Information (OSTI)]

The Hydrogen Secure Data Center (HSDC) at NREL's Energy Systems Integration Facility (ESIF) plays a crucial role in NREL's independent, third-party analysis of hydrogen fuel cell technologies in real-world operation. NREL partners submit operational, maintenance, safety, and cost data to the HSDC on a regular basis. NREL's Technology Validation Team uses an internal network of servers, storage, computers, backup systems, and software to efficiently process raw data, complete quarterly analysis, and digest large amounts of time series data for data visualization. While the raw data are secured by NREL to protect commercially sensitive and proprietary information, individualized data analysis results are provided as detailed data products (DDPs) to the partners who supplied the data. Individual system, fleet, and site analysis results are aggregated into public results called composite data products (CDPs) that show the status and progress of the technology without identifying individual companies or revealing proprietary information. These CDPs are available from this NREL website: 1) Hydrogen Fuel Cell Vehicle and Infrastructure Learning Demonstration; 2) Early Fuel Cell Market Demonstrations; 3) Fuel Cell Technology Status [Edited from http://www.nrel.gov/hydrogen/facilities_secure_data_center.html].

352

Accumulating Automata and Cascaded Equations Automata for Communicationless Information Theoretically Secure Multi-Party Computation  

E-Print Network [OSTI]

number 428/11), Cabarnit Cyber Security MAGNET Consortium, Grant from the Institute for Future Defense;1 Introduction Secure multi-party computation (MPC) is a powerful concept in secure distributed computing Theoretically Secure Multi-Party Computation (Preliminary Report) Shlomi Dolev1 and Niv Gilboa2 and Ximing Li1 1

353

Risk assessment of climate systems for national security.  

SciTech Connect (OSTI)

Climate change, through drought, flooding, storms, heat waves, and melting Arctic ice, affects the production and flow of resource within and among geographical regions. The interactions among governments, populations, and sectors of the economy require integrated assessment based on risk, through uncertainty quantification (UQ). This project evaluated the capabilities with Sandia National Laboratories to perform such integrated analyses, as they relate to (inter)national security. The combining of the UQ results from climate models with hydrological and economic/infrastructure impact modeling appears to offer the best capability for national security risk assessments.

Backus, George A.; Boslough, Mark Bruce Elrick; Brown, Theresa Jean; Cai, Ximing [University of Illinois-Urbana; Conrad, Stephen Hamilton; Constantine, Paul [Stanford University; Dalbey, Keith R.; Debusschere, Bert J.; Fields, Richard; Hart, David Blaine; Kalinina, Elena Arkadievna; Kerstein, Alan R.; Levy, Michael [National Center for Atmospheric Research; Lowry, Thomas Stephen; Malczynski, Leonard A.; Najm, Habib N.; Overfelt, James Robert; Parks, Mancel Jordan; Peplinski, William J.; Safta, Cosmin; Sargsyan, Khachik; Stubblefield, William Anthony; Taylor, Mark A.; Tidwell, Vincent Carroll; Trucano, Timothy Guy; Villa, Daniel L.

2012-10-01T23:59:59.000Z

354

Transmission pricing of distributed multilateral energy transactions to ensure system security and guide economic dispatch  

E-Print Network [OSTI]

In this paper we provide a simulations-based demonstration of a hybrid electricity market that combines the distributed competitive advantages of decentralized markets with the system security guarantees of centralized ...

Ilic, Marija D.

2002-01-01T23:59:59.000Z

355

Developing Secure Power Systems Professional Competence: Alignment and Gaps in Workforce Development Programs—Summary Report  

SciTech Connect (OSTI)

This document is a summarization of the report, Developing Secure Power Systems Professional Competence: Alignment and Gaps in Workforce Development Programs, the final report for phase 2 of the SPSP (DOE workforce study) project.

O'Neil, Lori Ross; Assante, Michael; Tobey, D. H.; Conway, T. J.; Vanderhorst, Jr, T. J.; Januszewski, III, J.; Leo, R.; Perman, K.

2013-07-01T23:59:59.000Z

356

Handling Cyber Security Alerts and Advisories and Reporting Cyber Security Incidents  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

To establish Department of Energy (DOE) requirements and responsibilities for reporting cyber security incidents involving classified and unclassified systems and responding to cyber security alerts and advisories; and to implement requirements of DOE N 205.1, Unclassified Cyber Security Program, and DOE M 471.2-2, Classified Information Systems Security Manual. DOE N 205.13, dated 7-6-04, extends this notice until 7-6-05. Cancels DOE M 471.2-2, Chapter III, section 8.

2002-03-18T23:59:59.000Z

357

Abstractions for Model Checking System Security Jason Douglas Franklin  

E-Print Network [OSTI]

School of Computer Science Carnegie Mellon University Pittsburgh, PA 15213 Thesis Committee: Anupam Datta, Abstraction, Parametricity, Refinement #12;To those that favor thought before blind action. #12;iv #12. In this thesis, we develop a framework that enables au- tomated, verifiable security guarantees for a wide range

358

Transmission System Expansion Plans in View Point of Deterministic, Probabilistic and Security Reliability Criteria  

E-Print Network [OSTI]

Transmission System Expansion Plans in View Point of Deterministic, Probabilistic and Security control system as well as reasonable strength of grid originally. Because investment for power system the stability, and dynamic characteristics of the new system. A main reason of the separated work process

359

YASIR: A Low-Latency, High-Integrity Security Retrofit for Legacy SCADA Systems  

E-Print Network [OSTI]

YASIR: A Low-Latency, High-Integrity Security Retrofit for Legacy SCADA Systems Patrick P. Tsang-to-end communication latency. 1 Introduction 1.1 SCADA Systems Supervisory Control And Data Acquisition (SCADA) systems Supervisory Control And Data Acquisition (SCADA) systems, on which the proper operations of critical

Smith, Sean W.

360

Legal Resources Information System for Information Agencies of Specialized Libraries  

E-Print Network [OSTI]

In recent years, the rapid development of information technology and communication has a strong impact to industry information - the library. The mission of the industry when in fact the great social place to see the library as knowledge management. Vietnam is in the process of building the rule of law socialist orientation and improves the legal system. So in the current development process, the law library plays an important role in the retention, dissemination and provision of legal information service of legislative, executive and judiciary, particularly especially research, teaching and learning of law school. But the response of the legal information library information agencies remains limited compared to the increasing demand of users.

Nguyen, Phuc V

2011-01-01T23:59:59.000Z

Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


361

August 2005 ADVISING USERS ON INFORMATION TECHNOLOGY  

E-Print Network [OSTI]

of secure access control to facilities and to information systems. NIST recently developed supplementary the need for better quality and security of the processes for identifying individuals, Homeland Security quality and security of the processes for identifying individuals, Homeland Security Presidential

362

Geographic Information System At International Geothermal Area...  

Open Energy Info (EERE)

Area, Indonesia (Nash, Et Al., 2002) Jump to: navigation, search GEOTHERMAL ENERGYGeothermal Home Exploration Activity: Geographic Information System At International Geothermal...

363

Security Framework for Control System Data Classification and Protection |  

Energy Savers [EERE]

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Office of Inspector GeneralDepartment of Energyof the Americas | DepartmentDepartment of Energy Security Framework

364

An XML Security Framework that Integrates NIST RBAC, MAC and DAC Policies  

E-Print Network [OSTI]

is to integrate the local security (existing systems) and their associated access control models into a global is to ensure that local security policies (of constituent systems) and access control mechanisms are satisfied. As a result, the XML security framework requires the inclusion of a secure information engineering process

Demurjian, Steven A.

365

An Experience in Testing the Security of Real-world Electronic Voting Systems  

E-Print Network [OSTI]

systems or nuclear plant monitors. Unfortunately, voting systems have a history of failures that seems to indicate that their quality is not up to the task. Because of the alarming frequency and impact of California and Ohio, whose goals were to perform the security testing of the electronic voting systems used

Vigna, Giovanni

366

LESSONS LEARNED FROM CYBER SECURITY ASSESSMENTS OF SCADA AND ENERGY MANAGEMENT SYSTEMS  

SciTech Connect (OSTI)

The results from ten cyber security vulnerability assessments of process control, SCADA and energy management systems, or components of those systems were reviewed to identify common problem areas. The common vulnerabilities ranged from conventional IT security issues to specific weaknesses in control system protocols. In each vulnerability category, relative measures were assigned to the severity of the vulnerability and ease with which an attacker could exploit the vulnerability. Suggested mitigations are identified in each category. Recommended mitigations having the highest impact on reducing vulnerability are listed for asset owners and system vendors.

Ray Fink

2006-10-01T23:59:59.000Z

367

The Benefits of Student Research in Information Systems Security Education  

E-Print Network [OSTI]

to batteries. At the age of eight, I learned the difference between series and parallel circuits and how benefitted from that choice. Mrs. Demerec's classroom was like no other. Housed in the old cafeteria for the younger students. For example, in fourth grade I painted some cardboard boxes to look like houses

Irvine, Cynthia E.

368

Information System Security Manager (ISSM) | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "ofEarly Career Scientists'Montana.ProgramJulietipDepartment ofTheDepartmentEnergy Industry

369

Information System Security Officer (ISSO) | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "ofEarly Career Scientists'Montana.ProgramJulietipDepartment ofTheDepartmentEnergy IndustryISSO is the

370

Zicom Electronic Security Systems Ltd | Open Energy Information  

Open Energy Info (EERE)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Office of Inspector GeneralDepartmentAUDIT REPORTOpenWende NewSowitec doWinvest FinancingYantaiYourXingxingZicom

371

Electronic DOE Information Security System (eDISS) PIA  

Energy Savers [EERE]

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Delicious RankCombustion |EnergyonSupport Maine Wind Projectof Energy EPA andDepartment ofProgramAward | Department

372

Sandia Explosive Inventory and Information System  

SciTech Connect (OSTI)

The Explosive Inventory and Information System (EIS) is being developed and implemented by Sandia National Laboratories (SNL) to incorporate a cradle to grave structure for all explosives and explosive containing devices and assemblies at SNL from acquisition through use, storage, reapplication, transfer or disposal. The system does more than track all material inventories. It provides information on material composition, characteristics, shipping requirements; life cycle cost information, plan of use; and duration of ownership. The system also provides for following the processes of explosive development; storage review; justification for retention; Resource, Recovery and Disposition Account (RRDA); disassembly and assembly; and job description, hazard analysis and training requirements for all locations and employees involved with explosive operations. In addition, other information systems will be provided through the system such as the Department of Energy (DOE) and SNL Explosive Safety manuals, the Navy`s Department of Defense (DoD) Explosive information system, and the Lawrence Livermore National Laboratories (LLNL) Handbook of Explosives.

Clements, D.A.

1994-08-01T23:59:59.000Z

373

Cyber-Physical System Security With Deceptive Virtual Hosts for Industrial Control Networks  

SciTech Connect (OSTI)

A challenge facing industrial control network administrators is protecting the typically large number of connected assets for which they are responsible. These cyber devices may be tightly coupled with the physical processes they control and human induced failures risk dire real-world consequences. Dynamic virtual honeypots are effective tools for observing and attracting network intruder activity. This paper presents a design and implementation for self-configuring honeypots that passively examine control system network traffic and actively adapt to the observed environment. In contrast to prior work in the field, six tools were analyzed for suitability of network entity information gathering. Ettercap, an established network security tool not commonly used in this capacity, outperformed the other tools and was chosen for implementation. Utilizing Ettercap XML output, a novel four-step algorithm was developed for autonomous creation and update of a Honeyd configuration. This algorithm was tested on an existing small campus grid and sensor network by execution of a collaborative usage scenario. Automatically created virtual hosts were deployed in concert with an anomaly behavior (AB) system in an attack scenario. Virtual hosts were automatically configured with unique emulated network stack behaviors for 92% of the targeted devices. The AB system alerted on 100% of the monitored emulated devices.

T. Vollmer; M. Manic

2014-05-01T23:59:59.000Z

374

Sandia National Laboratories: Northrop Grumman Information Systems  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr MayAtmosphericNuclear Security Administration the1 -theErik Spoerke SSLSMolten-Salt StorageNo More Green Waste in theInformation

375

Concepts and applications of wireless security systems for tactical, portable, and fixed sites  

SciTech Connect (OSTI)

Intrusion detection systems sometimes use radio signals to convey sensor status in areas that wire conduits do not service or as a redundant path to wired systems. Some applications benefit from radio technology by minimizing setup time and reducing installation and operation costs. In recent years with the explosion in wireless communications, these radio-based security systems have become more capable while lowering costs, size, and power consumption. However, the very nature of radio communication raises issues regarding setup, operation, and security of these systems. Sandia National Laboratories, in cooperation with government and industry, has addressed many of these issues through the analysis and development of security systems, communications protocols, and operational procedures. Message encryption and frequent channel supervision are used to enhance security. Installation and maintenance of these systems are simplified by incorporating built-in radio link analysis, menu-driven configuration equipment, and other techniques. Commercial communications satellites and spread-spectrum radios are also being integrated to provide unique capabilities to the security community. The status of this work is presented here along with details of its development.

Harrington, J.J.

1997-06-01T23:59:59.000Z

376

E-Print Network 3.0 - automation simulation system Sample Search...  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Summary: Information and Reservation System" "Automated Phone Book Management System" "Simulation of Searching Family... HMI" "Security System Simulator" "Performance Comparison...

377

Wind energy systems information user study  

SciTech Connect (OSTI)

This report describes the results of a series of telephone interviews with potential users of information on wind energy conversion. These interviews, part of a larger study covering nine different solar technologies, attempted to identify: the type of information each distinctive group of information users needed, and the best way of getting information to that group. Groups studied include: wind energy conversion system researchers; wind energy conversion system manufacturer representatives; wind energy conversion system distributors; wind turbine engineers; utility representatives; educators; county agents and extension service agents; and wind turbine owners.

Belew, W.W.; Wood, B.L.; Marle, T.L.; Reinhardt, C.L.

1981-01-01T23:59:59.000Z

378

Recommended Practice for Securing Control System Modems | Department of  

Office of Environmental Management (EM)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "of Energy Power.pdf11-161-LNG |September 15,2015 |Rebecca Matulka AboutEnergy Practice for Securing

379

PIA - Security Clearance Tracking System | Department of Energy  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr MayAtmosphericNuclear Security Administration the1 - September 2006 The 2002OpticsPeriodical:Rocky Mountain OTC GSSofDepartment

380

PIA - Security Clearance Work Tracking and Budget System | Department of  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr MayAtmosphericNuclear Security Administration the1 - September 2006 The 2002OpticsPeriodical:Rocky Mountain OTC

Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


381

Pantex Occupational Health System (OHS), National Nuclear Security  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr MayAtmosphericNuclear Security Administration the1 - September 2006 TheSteven Ashby Dr. StevenPanoramic Holography: Toward

382

Rapid Deployment Shelter System | Y-12 National Security Complex  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr MayAtmosphericNuclear Security Administration the1 -the Mid-Infrared at 278, 298, and 323Program2Raftopoulos(MeVcm²/mg) LET vs.Rapid

383

Rapid Deployment Shelter System, Application | Y-12 National Security  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr MayAtmosphericNuclear Security Administration the1 -the Mid-Infrared at 278, 298, and 323Program2Raftopoulos(MeVcm²/mg) LET

384

Benchmarking Grid Information Systems Laurence Field1  

E-Print Network [OSTI]

Benchmarking Grid Information Systems Laurence Field1 and Rizos Sakellariou2 1 CERN, Geneva. Grid information systems play a central role in today's pro- duction Grid infrastructures, enabling the discovery of a range of in- formation about the Grid services that exist in an infrastructure. As the number

Sakellariou, Rizos

385

Cyber Security Incident Management Manual  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The manual establishes minimum requirements for a structured cyber security incident detection and management process for detecting, identifying, categorizing, containing, reporting, and mitigating cyber security incidents involving DOE information and information systems operated by DOE or by contractors on behalf of the Department. Admin Chg 1 dated 9-1-09; Admin Chg 2 dated 12-22-09. Canceled by DOE O 205.1B.

2009-01-08T23:59:59.000Z

386

TVMDL Procedures TVMDL Procedure 29.01.03.V1.01 Information Security and Computer Use Page 1 of 27  

E-Print Network [OSTI]

TVMDL Procedures TVMDL Procedure 29.01.03.V1.01 Information Security and Computer Use Page 1 of 27.01.04 PROCEDURE STATEMENT This procedure establishes information resources security and management guidelines for all Texas Veterinary Medical Diagnostic Laboratory (TVMDL) positions. Reason for Procedure Under

387

Energy Security and Restoration Exercise Program/Best Practices and Information Sharing  

SciTech Connect (OSTI)

The first year of this cooperative agreement focused on the following elements: curriculum development and presentation, curriculum maintenance, enhancements, and effectiveness, and smart card initiative. During the second year of this grant, with redirection from DOE, the IUOE modified its mission statement under the cooperative agreement. It states: 'The mission of the IUOE is to provide expertise to provide best practices, information sharing, and develop scenarios and conduct exercises ranging in size and complexity from table top to national level to prepare all stakeholders to protect and restore energy infrastructure should an event, terrorist or natural, occur'. The Program developed a number of products under this Cooperative Agreement. These products include: FOSTER (Facility Operations Safety Training Event Response) Curriculum and Training Models, Alternative Energy Supply - Generators Training Module, Liquefied Natural Gas Training Module, Education Program - Distributed Generations, Compendium of Resources and References, Energy Security and Restoration Training Manual, Manual of Situations and Scenarios Developed for Emergency Exercises, Manual of Best Practices/Lessons Learned for Energy Load Management, Training Plan, Strategic Information and Exercise Plan, National Certification Plan Report, and a Smart Card Project Report.

Barbara McCabe; John Kovach

2009-03-30T23:59:59.000Z

388

Cognitive Systems Foundations of Information Processing  

E-Print Network [OSTI]

1 Cognitive Systems Foundations of Information Processing in Natural and Artificial Systems 2010 Cognitive Systems 1: Topics · Perception · Memory and Reasoning · Learning and Action · Communication 3 Cognitive Systems 2: Topics · Methods from psychology, neuroscience, informatics: Cognitive modeling

Bremen, Universität

389

Sensorpedia: Information Sharing Across Autonomous Sensor Systems  

SciTech Connect (OSTI)

The concept of adapting social media technologies is introduced as a means of achieving information sharing across autonomous sensor systems. Historical examples of interoperability as an underlying principle in loosely-coupled systems is compared and contrasted with corresponding tightly-coupled, integrated systems. Examples of ad hoc information sharing solutions based on Web 2.0 social networks, mashups, blogs, wikis, and data tags are presented and discussed. The underlying technologies of these solutions are isolated and defined, and Sensorpedia is presented as a formalized application for implementing sensor information sharing across large-scale enterprises with incompatible autonomous sensor systems.

Gorman, Bryan L [ORNL; Resseguie, David R [ORNL; Tomkins-Tinch, Christopher H [ORNL

2009-01-01T23:59:59.000Z

390

Biomass energy systems information user study  

SciTech Connect (OSTI)

The results of a series of telephone interviews with groups of users of information on biomass energy systems are described. These results, part of a larger study on many different solar technologies, identify types of information each group needed and the best ways to get information to each group. This report is 1 of 10 discussing study results. The overall study provides baseline data about information needs in the solar community. Results from 12 biomass groups of respondents are analyzed in this report: Federally Funded Researchers (2 groups), Nonfederally Funded Researchers (2 groups), Representatives of Manufacturers (2 groups), Representatives of State Forestry Offices, Private Foresters, Forest Products Engineers, Educators, Cooperative Extension Service County Agents, and System Managers. The data will be used as input to the determination of information products and services the Solar Energy Research Institute, the Solar Energy Information Data Bank Network, and the entire information outreach community should be preparing and disseminating.

Belew, W.W.; Wood, B.L.; Marle, T.L.; Reinhardt, C.L.

1981-02-01T23:59:59.000Z

391

Security Requirements for Management Systems using Mobile Agents H. Reiser G. Vogt  

E-Print Network [OSTI]

Security Requirements for Management Systems using Mobile Agents H. Reiser G. Vogt Munich Network Management Team Munich Network Management Team University of Munich, Germany Munich University of Technology and distributed management systems based on mobile agents have certain advantages over centralized and static

392

YASIR: A Low-Latency, High-Integrity Security Retrofit for Legacy SCADA Systems  

E-Print Network [OSTI]

YASIR: A Low-Latency, High-Integrity Security Retrofit for Legacy SCADA Systems Patrick P. Tsang in Supervisory Control And Data Acquisition (SCADA) systems. Previous BITW solutions fail to provide minimal end-to-end communication latency. A microcontroller prototype of our solution is under development

393

River Protection Project information systems assessment  

SciTech Connect (OSTI)

The Information Systems Assessment Report documents the results from assessing the Project Hanford Management Contract (PHMC) Hanford Data Integrator 2000 (HANDI 2000) system, Business Management System (BMS) and Work Management System phases (WMS), with respect to the System Engineering Capability Assessment Model (CAM). The assessment was performed in accordance with the expectations stated in the fiscal year (FY) 1999 Performance Agreement 7.1.1, item (2) which reads, ''Provide an assessment report on the selected Integrated Information System by July 31, 1999.'' This report assesses the BMS and WMS as implemented and planned for the River Protection Project (RPP). The systems implementation is being performed under the PHMC HANDI 2000 information system project. The project began in FY 1998 with the BMS, proceeded in FY 1999 with the Master Equipment List portion of the WMS, and will continue the WMS implementation as funding provides. This report constitutes an interim quality assessment providing information necessary for planning RPP's information systems activities. To avoid confusion, HANDI 2000 will be used when referring to the entire system, encompassing both the BMS and WMS. A graphical depiction of the system is shown in Figure 2-1 of this report.

JOHNSON, A.L.

1999-07-28T23:59:59.000Z

394

Interdependence of the Electricity Generation System and the Natural Gas System and Implications for Energy Security  

E-Print Network [OSTI]

Approved for public release; distribution is unlimited. Lexington Massachusetts This page intentionally left blank. EXECUTIVE SUMMARY Concern about energy security on domestic Department of Defense installations has led to the possibility of using natural gas-fired electricity generators to provide power in the event of electric grid failures. As natural gas is an increasingly base-load fuel for electricity generation in the United States, the electricity generation system has become increasingly dependent on the operation of the natural gas system. However, as the natural gas system is also partly dependent on electricity for its ability to deliver natural gas from the well-head to the consumer, the question arises of whether, in the event of an electric grid failure, the natural gas would continue to flow. As the natural gas transmission system largely uses natural gas from the pipelines as a source of power, once the gas has been extracted from the ground, the system is less dependent on the electric grid. However, some of the drilling rigs, processing units, and pipeline compressors do depend on electric power, making the vulnerability to the system to a disruption in the national electricity supply network vary depending on the cause, breadth, and geographic location of the disruption. This is due to the large numbers of players in the natural gas production and

N. Judson; N. Judson

2013-01-01T23:59:59.000Z

395

Presentation to the Control Systems Security Outreach Coordination Meeting  

E-Print Network [OSTI]

CIEGE- Learners construct and defend a cyber network in online game. SAST Systems Administrator Simulation Trainer

396

Neptune Systems | Open Energy Information  

Open Energy Info (EERE)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data CenterFranconia, Virginia: Energy Resources Jump to:46 -Energieprojekte3InformationofServices TMSNemaha-Marshall E C

397

Division of Information Information Systems Documentation Enterprise Systems Management Framework Version 6.0  

E-Print Network [OSTI]

Division of Information Information Systems Documentation Enterprise Systems Management Framework Version 6.0 Enterprise Systems Management Framework Version: 6.0 Date: 2 Jan 2008 Status: Endorsed Systems Management Framework Version 6.0 DOCUMENT DETAILS Document Number CIS 0002/200504466 Document

Botea, Adi

398

Syllabus Information Depiction System (SIDS) user's guide  

SciTech Connect (OSTI)

The Syllabus Information Depiction System (SIDS) is an automated tool designed to track the aircrew training syllabi of the Marine Corps. This report is the User's Manual for this data base system, providing users with instructions to help them use the system more efficiently. This document contains printed screen layouts that will guide the user step-by-step through the written instructions.

Waterman, D.K.; Skinner, N.L.

1987-10-01T23:59:59.000Z

399

Cyber Security Requirements for Risk Management  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Notice ensures that system owners consistently assess the threats to and vulnerabilities of systems in order to implement adequate security controls. The Notice will also ensure compliance with the requirements of DOE O 205.1, Department of Energy Cyber Security Management Program, dated 3-21-03, and protect DOE information and information systems from unauthorized access, use, disclosure, modification, or destruction. DOE N 205.15, dated 3/18/05, extends this directive until 3/18/06.

2004-02-19T23:59:59.000Z

400

The renewable electric plant information system  

SciTech Connect (OSTI)

This report explains the procedures used for creating the Renewable Electric Plant Information System (REPiS) database, describes the database fields, and summarizes the data. The REPiS database contains comprehensive information on grid-connected renewable electric generation plants in the United States. Originally designed in 1987 and updated in 1990, the database includes information through 1994. The report also illustrates ways of using the data for analysis is and describes how researchers validated the data.

Sinclair, K.

1995-12-01T23:59:59.000Z

Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


401

Policy enabled information sharing system  

DOE Patents [OSTI]

A technique for dynamically sharing information includes executing a sharing policy indicating when to share a data object responsive to the occurrence of an event. The data object is created by formatting a data file to be shared with a receiving entity. The data object includes a file data portion and a sharing metadata portion. The data object is encrypted and then automatically transmitted to the receiving entity upon occurrence of the event. The sharing metadata portion includes metadata characterizing the data file and referenced in connection with the sharing policy to determine when to automatically transmit the data object to the receiving entity.

Jorgensen, Craig R.; Nelson, Brian D.; Ratheal, Steve W.

2014-09-02T23:59:59.000Z

402

Verno Systems | Open Energy Information  

Open Energy Info (EERE)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data CenterFranconia, Virginia:FAQ < RAPID Jump to:Seadov PtyInformation UCOpen EnergyVelankani GroupLoading map...Vermontville,Verno

403

Arisdyne Systems | Open Energy Information  

Open Energy Info (EERE)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home5b9fcbce19 NoPublic Utilities Address: 160 East 300AlgoilEnergy InformationArcata,Koblitz Jump to:ArgonautMaine:Optical

404

NRG Systems | Open Energy Information  

Open Energy Info (EERE)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home5b9fcbce19 No revision hasInformation Earth's HeatMexico: EnergyMithun JumpMuscoy, California:NewNREL/Ventyx Utility

405

Paradyme Systems | Open Energy Information  

Open Energy Info (EERE)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home5b9fcbce19 No revision hasInformation Earth'sOklahoma/GeothermalOrange County isParadise, Nevada: Energy Resources Jump

406

Vitex Systems | Open Energy Information  

Open Energy Info (EERE)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home5b9fcbce19 NoPublic Utilities Address: 160 East 300 South Place: Salt Lake City,Division of Oil andInformation

407

Equipalcool Systems | Open Energy Information  

Open Energy Info (EERE)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home5b9fcbce19 NoPublic Utilities Address:011-DNA Jump37. It isInformation ContractsCGNPCEolian RenewableEprice

408

Hydrothermal System | Open Energy Information  

Open Energy Info (EERE)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home5b9fcbce19 No revision hasInformation Earth's Heat Jump to:PhotonHolyName HousingIII WindHybridsCarCalifornia,onHydrothermal

409

Land Information Systems in Developing Countries  

E-Print Network [OSTI]

development. Afrika-Studiesentrum, Lieden: Andersson, Sune (1986). Cadastre as a Base for Land Information-378. Andersson, Sune (1988). Examples and Lessons in LIS. International Federation of Surveyors- FIG Land Information System Workshop. Bali, Indonesia: FIG. 253-256. Andersson, Sune (1988). Problems and Issues

California at Santa Barbara, University of

410

Information Sources for Small Water Systems  

E-Print Network [OSTI]

Managers of small waters systems must have information about a variety of topics. This publication lists essential printed and electronic resources on disaster preparedness, national drinking water standards, private water well management, water...

Dozier, Monty; Theodori, Gene L.; Jensen, Ricard

2007-02-19T23:59:59.000Z

411

Transportation Routing Analysis Geographic Information System...  

Broader source: Energy.gov (indexed) [DOE]

Analysis Geographic Information System (TRAGIS) to Spent Fuel Routing Analysis P. E. Johnson R.R. Rawl Oak Ridge National Laboratory TRAGIS is being used by OCRWM to identify...

412

Trust Model for Security Automation Data 1.0 (TMSAD)  

E-Print Network [OSTI]

Trust Model for Security Automation Data 1.0 (TMSAD) HaroldBooth AdamHalbardier NIST Interagency Report 7802 #12;NIST Interagency Report 7802 Trust Model for Security Automation Data 1.0 (TMSAD) Harold FOR SECURITY AUTOMATION DATA 1.0 (TMSAD) iii Reports on Computer Systems Technology The Information Technology

413

Pilot Systems | Open Energy Information  

Open Energy Info (EERE)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data CenterFranconia, Virginia: Energy ResourcesLoadingPenobscot County, Maine: EnergyPierce County, Nebraska:Pilgrim HotSystems Place: London,

414

Design for a Decentralized Security System for Network Attached Storage  

E-Print Network [OSTI]

Storage Systems, held jointly with the 17th IEEE Symposium on Mass Storage Systems, College Park, MD reliability, since one drive having a catastrophic failure such as catching on fire will not damage the other. This mechanism ensures that any files on the file server are protected from reading or from undetected

Miller, Ethan L.

415

Closure Report for Corrective Action Unit 562: Waste Systems, Nevada National Security Site, Nevada  

SciTech Connect (OSTI)

This Closure Report (CR) presents information supporting closure of Corrective Action Unit (CAU) 562, Waste Systems, and provides documentation supporting the completed corrective actions and confirmation that closure objectives for CAU 562 were met. This CR complies with the requirements of the Federal Facility Agreement and Consent Order (FFACO) that was agreed to by the State of Nevada; the U.S. Department of Energy (DOE), Environmental Management; the U.S. Department of Defense; and DOE, Legacy Management (FFACO, 1996 as amended). CAU 562 consists of the following 13 Corrective Action Sites (CASs), located in Areas 2, 23, and 25 of the Nevada National Security Site: · CAS 02-26-11, Lead Shot · CAS 02-44-02, Paint Spills and French Drain · CAS 02-59-01, Septic System · CAS 02-60-01, Concrete Drain · CAS 02-60-02, French Drain · CAS 02-60-03, Steam Cleaning Drain · CAS 02-60-04, French Drain · CAS 02-60-05, French Drain · CAS 02-60-06, French Drain · CAS 02-60-07, French Drain · CAS 23-60-01, Mud Trap Drain and Outfall · CAS 23-99-06, Grease Trap · CAS 25-60-04, Building 3123 Outfalls Closure activities began in October 2011 and were completed in April 2012. Activities were conducted according to the Corrective Action Plan for CAU 562 (U.S. Department of Energy, National Nuclear Security Administration Nevada Site Office [NNSA/NSO], 2011). The corrective actions included No Further Action and Clean Closure. Closure activities generated sanitary waste and hazardous waste. Some wastes exceeded land disposal limits and required offsite treatment prior to disposal. Other wastes met land disposal restrictions and were disposed in appropriate onsite or offsite landfills. NNSA/NSO requests the following: · A Notice of Completion from the Nevada Division of Environmental Protection to NNSA/NSO for closure of CAU 562 · The transfer of CAU 562 from Appendix III to Appendix IV, Closed Corrective Action Units, of the FFACO

NSTec Environmental Restoration

2012-08-15T23:59:59.000Z

416

Neighborhood Watch: Security and Privacy Analysis of Automatic Meter Reading Systems  

E-Print Network [OSTI]

Neighborhood Watch: Security and Privacy Analysis of Automatic Meter Reading Systems Ishtiaq Rouf gruteser@winlab.rutgers.edu ABSTRACT Research on smart meters has shown that fine-grained en- ergy usage data poses privacy risks since it allows inferences about activities inside the home. While smart meter

Xu, Wenyuan

417

Re-Dispatching Generation to Increase Power System Security Margin and Support Low Voltage Bus  

E-Print Network [OSTI]

Re-Dispatching Generation to Increase Power System Security Margin and Support Low Voltage Bus by re-dispatching generator outputs, using a normal vector found at a voltage collapse boundary or a low voltage boundary (LVB). This method uses the normal vector as an indicator to change the generation

418

CITI Technical Report 01-6 SC-CFS: Smartcard Secured Cryptographic File System  

E-Print Network [OSTI]

guessing attack, and minimizes the damage caused by physical attack and bug exploitation. January 16, 2001- tionary attack possible. An adversary can ob- tain ciphertext through physical attack or bug exploitationCITI Technical Report 01-6 SC-CFS: Smartcard Secured Cryptographic File System Naomaru Itoi Center

Michigan, University of

419

North American Electricity Infrastructure: System Security, Quality, Reliability, Availability, and Efficiency  

E-Print Network [OSTI]

1 North American Electricity Infrastructure: System Security, Quality, Reliability, Availability for reliable and disturbance-free electricity. The massive power outages in the United States, Canada, UK and Italy in 2003 underscored electricity infrastructure's vulnerabilities [1-11]. This vital yet complex

Amin, S. Massoud

420

Secure Systems Editor: S.W. Smith, sws@cs.dartmouth.edu  

E-Print Network [OSTI]

Secure Systems Editor: S.W. Smith, sws@cs.dartmouth.edu side of the picture--the computers which we train students, young and old, to be effective cyber-citizens; and the media coverage or produce more effective tailors. S.W. SMITH Dartmouth College T oalargeextent,computingsystemsareu

Smith, Sean W.

Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


421

Optimal Resource Allocation for Security in Reliability Systems M. N. Azaiez  

E-Print Network [OSTI]

systems, about protecting nuclear power plants against terrorist attacks or sabotage, or about ensuring, the threat is usually assumed to be static, rather than responding in an adaptive way to the defenses to defense against intentional threats to security have dealt either with components in isolation (Major

Wang, Hai

422

Improving Control System Cyber-State Awareness using Known Secure Sensor Measurements  

SciTech Connect (OSTI)

Abstract—This paper presents design and simulation of a low cost and low false alarm rate method for improved cyber-state awareness of critical control systems - the Known Secure Sensor Measurements (KSSM) method. The KSSM concept relies on physical measurements to detect malicious falsification of the control systems state. The KSSM method can be incrementally integrated with already installed control systems for enhanced resilience. This paper reviews the previously developed theoretical KSSM concept and then describes a simulation of the KSSM system. A simulated control system network is integrated with the KSSM components. The effectiveness of detection of various intrusion scenarios is demonstrated on several control system network topologies.

Ondrej Linda; Milos Manic; Miles McQueen

2012-09-01T23:59:59.000Z

423

Drilling Systems | Open Energy Information  

Open Energy Info (EERE)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home5b9fcbce19 NoPublic Utilities Address:011-DNA Jump to:52c8ff988c1DeringDolgeville,Massachusetts:Drax SiemensSystems Jump to:

424

Altergy Systems | Open Energy Information  

Open Energy Info (EERE)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home5b9fcbce19 NoPublic Utilities Address: 160 East 300Algoil JumpAltergy Systems Place: Folsom, California Zip: 95630 Product:

425

Communication Systems Laboratory A Mutual Information Invariance  

E-Print Network [OSTI]

Communication Systems Laboratory A Mutual Information Invariance Approach to Symmetry in DMCs Bike is identical to cyclic- shift symmetry. n Q I= ( )1 (1, ) ,i T j TQ i j- = #12;Communication Systems. · There exists a set of column-preserving row permutations i i=1,...k (including the identity) such that for any

Jalali. Bahram

426

Cyber Security Indications and Warning System (SV): CRADA 1573.94 Project Accomplishments Summary  

SciTech Connect (OSTI)

As the national focus on cyber security increases, there is an evolving need for a capability to provide for high-speed sensing of events, correlation of events, and decision-making based on the adverse events seen across multiple independent large-scale network environments. The purpose of this Shared Vision project, Cyber Security Indications and Warning System, was to combine both Sandia's and LMC's expertise to discover new solutions to the challenge of protecting our nation's infrastructure assets. The objectives and scope of the proposal was limited to algorithm and High Performance Computing (HPC) model assessment in the unclassified environment within funding and schedule constraints. The interest is the identification, scalability assessment, and applicability of current utilized cyber security algorithms as applied in an HPC environment.

Hu, Tan Chang (PI, Sandia); Robinson, David G. (Technical PI)

2011-09-08T23:59:59.000Z

427

Sandia National Laboratories: National Security Missions: Defense Systems  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary)morphinanInformation Desert Southwest RegionatSearch WelcomeScience SSRLLibrarySandia'sNSTTF SolarReserve Isand

428

Sandia National Laboratories: National Security Missions: Defense Systems  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary)morphinanInformation Desert Southwest RegionatSearch WelcomeScience SSRLLibrarySandia'sNSTTF SolarReserve

429

Sandia National Laboratories: National Security Missions: Defense Systems  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary)morphinanInformation Desert Southwest RegionatSearch WelcomeScience SSRLLibrarySandia'sNSTTF SolarReserveand

430

IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, VOL. 9, NO. 3, MARCH 2014 451 Integrated Security Analysis on Cascading  

E-Print Network [OSTI]

complex network systems, including com- munication network, social network and smart grid, have become, we simulated attacks on different components (buses and branches) in the grid and evaluated of different loading and overloading situations on cascading failures was also evaluated by testing different

He, Haibo

431

Designing security into software  

E-Print Network [OSTI]

When people talk about software security, they usually refer to security applications such as antivirus software, firewalls and intrusion detection systems. There is little emphasis on the security in the software itself. ...

Zhang, Chang Tony

2006-01-01T23:59:59.000Z

432

90 Communications of the Association for Information Systems (Volume 9, 2002) 90-104 The Work System Method for Understanding Information Systems and Information Systems Research  

E-Print Network [OSTI]

, systems analysis, information system development, implementation, system life cycle I. INTRODUCTION parts of the system. The dynamic view is based on the "work system life cycle model," which shows how represents its static view. The work system life cycle model represents its dynamic view of how systems

Bieber, Michael

433

Cyber-Security of Networked Control Systems Karl Henrik Johansson  

E-Print Network [OSTI]

to cyber-threats with many poten@al points of aRacks · How systems · ARack on power network state es@mator · Stealthy minimum-effort a) but no disclosure resources ·If the zero is unstable, then the plant state can be moved

Johansson, Karl Henrik

434

Security Engineering for Ambient Intelligence: A Manifesto  

E-Print Network [OSTI]

: +34952131397 amg@lcc.uma.es Carsten Rudolph Fraunhofer Institute for Secure Information Technology (SIT), Rheinstrasse 75, D-64295 Darmstadt, Germany Tel: +496151869344 Fax: +496151869224 Carsten.Rudolph@sit.fraunhofer challenges for the design and engineering of secure and dependable systems. This chapter describes SERENITY

Spanoudakis, George

435

Interdependent infrastructures and multi-mode attacks and failures: improving the security of urban water systems and fire response  

E-Print Network [OSTI]

This dissertation examines the interdependence between urban water distribution systems and urban fire response. The focus on interdependent critical infrastructures is driven by concern for security of water systems and the effects on related...

Bristow, Elizabeth Catherine

2009-05-15T23:59:59.000Z

436

An interactive spatial information management system on the internet: the fire ant spatial information management system  

E-Print Network [OSTI]

to that information. The primary purpose of any information management system is to provide users with information that is complete, accurate, and in real-time (Obermeyer and Pinto 1994). The Internet has the capability to do just that with spatial data...

Dudek, Timothy Kirk

2000-01-01T23:59:59.000Z

437

An Equal Opportunity Employer / Operated by Los Alamos National Security, LLC for the U.S. Department of Energy's NNSA Request for Information  

E-Print Network [OSTI]

.S. Department of Energy's NNSA ASM-SUB Request for Information Los Alamos National Laboratory Field Instruments by Los Alamos National Security, LLC for the U.S. Department of Energy's NNSA General Tasks On

438

Guidance for FY2014 Facilities Information Management System...  

Office of Environmental Management (EM)

Guidance for FY2014 Facilities Information Management System Data Validations Guidance for FY2014 Facilities Information Management System Data Validations FY 2014 FIMS Data...

439

Energy Management and Information Systems Study - 2014 BTO Peer...  

Energy Savers [EERE]

Management and Information Systems Study - 2014 BTO Peer Review Energy Management and Information Systems Study - 2014 BTO Peer Review Presenter: Jessica Granderson, Lawrence...

440

Control Systems Cyber Security: Defense in Depth Strategies | Department of  

Office of Environmental Management (EM)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "of Energy Power Systems EngineeringDepartmentSmart GridThird Quarter Overall

Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


441

Common Cyber Security Vulnerabilities Observed in Control System  

Office of Environmental Management (EM)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "of Energy Power Systems EngineeringDepartmentSmart Grid RFI: AddressingEnergy

442

Small Business Sourcing System | National Nuclear Security Administration  

National Nuclear Security Administration (NNSA)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "ofEarlyEnergyDepartment ofDepartmentStewardship Science AcademicLaboratory |Sourcing System | National

443

Information Assurance Module WVU: Biometric Systems & Information Assurance  

E-Print Network [OSTI]

:Sweden>, O: Sweden> S dominates O S:Sweden>, O:Sweden, crypto}> S does not dominate O. S:Sweden, crypto}>, O:Sweden> S dominates O 1 - 9 Commercial Security

Cukic, Bojan

444

Information storage capacity of discrete spin systems  

SciTech Connect (OSTI)

Understanding the limits imposed on information storage capacity of physical systems is a problem of fundamental and practical importance which bridges physics and information science. There is a well-known upper bound on the amount of information that can be stored reliably in a given volume of discrete spin systems which are supported by gapped local Hamiltonians. However, all the previously known systems were far below this theoretical bound, and it remained open whether there exists a gapped spin system that saturates this bound. Here, we present a construction of spin systems which saturate this theoretical limit asymptotically by borrowing an idea from fractal properties arising in the Sierpinski triangle. Our construction provides not only the best classical error-correcting code which is physically realizable as the energy ground space of gapped frustration-free Hamiltonians, but also a new research avenue for correlated spin phases with fractal spin configurations. -- Highlights: •We propose a spin model with fractal ground states and study its coding properties. •We show that the model asymptotically saturates a theoretical limit on information storage capacity. •We discuss its relations to various theoretical physics problems.

Yoshida, Beni, E-mail: rouge@caltech.edu

2013-11-15T23:59:59.000Z

445

Function analysis for waste information systems  

SciTech Connect (OSTI)

This study has a two-fold purpose. It seeks to identify the functional requirements of a waste tracking information system and to find feasible alternatives for meeting those requirements on the Oak Ridge Reservation (ORR) and the Portsmouth (PORTS) and Paducah (PGDP) facilities; identify options that offer potential cost savings to the US government and also show opportunities for improved efficiency and effectiveness in managing waste information; and, finally, to recommend a practical course of action that can be immediately initiated. In addition to identifying relevant requirements, it also identifies any existing requirements that are currently not being completely met. Another aim of this study is to carry out preliminary benchmarking by contacting representative companies about their strategic directions in waste information. The information obtained from representatives of these organizations is contained in an appendix to the document; a full benchmarking effort, however, is beyond the intended scope of this study.

Sexton, J.L.; Neal, C.T.; Heath, T.C.; Starling, C.D.

1996-04-01T23:59:59.000Z

446

Personnel Security  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Order establishes requirements for a successful, efficient and cost-effective personnel security program to ensure accurate, timely and equitable determinations of individuals’ eligibility for access to classified information and fitness for placement or retention in national security positions. Cancels DOE M 470.4-5, DOE N 470.4 and DOE N 470.5. Admin Chg 1, 10-8-13.

2011-07-27T23:59:59.000Z

447

A systems-theoretic security model for large scale, complex systems applied to the US air transportation system  

E-Print Network [OSTI]

Classical risk-based or game-theoretic security models rely on assumptions from reliability theory and rational expectations economics that are not applicable to security threats. Additionally, these models suffer from ...

Laracy, Joseph R. (Joseph Raymond)

2007-01-01T23:59:59.000Z

448

Cyber safety : a systems thinking and systems theory approach to managing cyber security risks  

E-Print Network [OSTI]

If we are to manage cyber security risks more effectively in today's complex and dynamic Web 2.0 environment, then a new way of thinking is needed to complement traditional approaches. According to Symantec's 2014 Internet ...

Salim, Hamid M

2014-01-01T23:59:59.000Z

449

A geocoding information system for Greenland  

E-Print Network [OSTI]

A geocoding information system for Greenland Janis Siksnans Kongens Lyngby 2012 IMM-MSc-2012-48 #12-XXXX #12;Summary Currently, addressing practices in Greenland do not fully support geocoding. Addressing the current addressing practices in Greenland. Asiaq is a public organization of the Government of Greenland

450

Implementation guidance for industrial-level security systems using radio frequency alarm links  

SciTech Connect (OSTI)

Spread spectrum (SS) RF transmission technologies have properties that make the transmitted signal difficult to intercept, interpret, and jam. The digital code used in the modulation process results in a signal that has high reception reliability and supports multiple use of frequency bands and selective addressing. These attributes and the relatively low installation cost of RF systems make SSRF technologies candidate for communications links in security systems used for industrial sites, remote locations, and where trenching or other disturbances of soil or structures may not be desirable or may be costly. This guide provides a description of such a system and presents implementation methods that may be of engineering benefit.

Swank, R.G.

1996-07-12T23:59:59.000Z

451

Recommendation 171: Commendation for Waste Information Management System  

Broader source: Energy.gov [DOE]

The ORSSAB commends DOE and Florida International University for development of the Waste Information Management System.

452

Randomization in Traffic Information Sharing Systems Masaaki Tanizaki  

E-Print Network [OSTI]

, we consider a traffic information sharing system based on Floating Car Data (FCD). FCD is oneRandomization in Traffic Information Sharing Systems Masaaki Tanizaki Intelligent Media Systems to the server. The traffic information sharing system broadcasts speed information updated by such transmission

Wolfson, Ouri E.

453

InPower Systems | Open Energy Information  

Open Energy Info (EERE)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home5b9fcbce19 No revision hasInformation Earth's Heat Jump to:PhotonHolyNameInformationsourceenhanced geothermal system

454

Geographic Information System Resources to Support  

E-Print Network [OSTI]

Security Subtask 12.4 Deliverable Production of a common GIS database which focuses on environmental for both sugar and fiber, and algae for oil or other intermediate products. The objective of this report interruptions in supply and fluctuations in fuel prices. In recognition of this energy security dilemma

455

Office of Security Policy  

Broader source: Energy.gov [DOE]

The Office of Security Policy is the central source within the Department of Energy for the development and analysis of safeguards and security policies and standards affecting facilities, nuclear materials, personnel, and classified information.

456

Summary of The 3rd Control System Cyber-Security (CS)2/HEP Workshop  

E-Print Network [OSTI]

Over the last decade modern accelerator and experiment control systems have increasingly been based on commercial-off-the-shelf products (VME crates, programmable logic controllers (PLCs), supervisory control and data acquisition (SCADA) systems, etc.), on Windows or Linux PCs, and on communication infrastructures using Ethernet and TCP/IP. Despite the benefits coming with this (r)evolution, new vulnerabilities are inherited, too: Worms and viruses spread within seconds via the Ethernet cable, and attackers are becoming interested in control systems. The Stuxnet worm of 2010 against a particular Siemens PLC is a unique example for a sophisticated attack against control systems [1]. Unfortunately, control PCs cannot be patched as fast as office PCs. Even worse, vulnerability scans at CERN using standard IT tools have shown that commercial automation systems lack fundamental security precautions: Some systems crashed during the scan, others could easily be stopped or their process data being ...

Lüders, S

2011-01-01T23:59:59.000Z

457

ITL BULLETIN FOR MAY 2013 ITL PUBLISHES SECURITY AND PRIVACY CONTROLS FOR FEDERAL AGENCIES  

E-Print Network [OSTI]

The selection and implementation of security and privacy controls for information systems and organizations systems and organizations. Controls are also designed to satisfy a set of defined security requirements for federal information systems and organizations. It describes a process for selecting controls to protect

458

Secure Cryptographic Key Management System (CKMS) Considerations for Smart Grid Devices  

SciTech Connect (OSTI)

In this paper, we examine some unique challenges associated with key management in the Smart Grid and concomitant research initiatives: 1) effectively model security requirements and their implementations, and 2) manage keys and key distribution for very large scale deployments such as Smart Meters over a long period of performance. This will set the stage to: 3) develop innovative, low cost methods to protect keying material, and 4) provide high assurance authentication services. We will present our perspective on key management and will discuss some key issues within the life cycle of a cryptographic key designed to achieve the following: 1) control systems designed, installed, operated, and maintained to survive an intentional cyber assault with no loss of critical function, and 2) widespread implementation of methods for secure communication between remote access devices and control centers that are scalable and cost-effective to deploy.

Abercrombie, Robert K [ORNL] [ORNL; Sheldon, Frederick T [ORNL] [ORNL; Aldridge, Hal [ORNL] [ORNL; Duren, Mike [Sypris Electronics, LLC] [Sypris Electronics, LLC; Ricci, Tracy [Sypris Electronics, LLC] [Sypris Electronics, LLC; Bertino, Elisa [ORNL] [ORNL; Kulatunga, Athula [Purdue University] [Purdue University; Navaratne, Uditha Sudheera [Purdue University] [Purdue University

2011-01-01T23:59:59.000Z

459

What can I do with a degree in Information Systems?  

E-Print Network [OSTI]

leader, network manager, database administrator, business analyst, PC support, information systems the programs and systems that an organisation should use · Creates networks Database administrator · Monitors, business administration and organisational behaviour. Information Systems. #12;Business `Welcome

Hickman, Mark

460

Waste Management Information System (WMIS) User Guide  

SciTech Connect (OSTI)

This document provides the user of the Waste Management Information System (WMIS) instructions on how to use the WMIS software. WMIS allows users to initiate, track, and close waste packages. The modular design supports integration and utilization of data throuh the various stages of waste management. The phases of the waste management work process include generation, designation, packaging, container management, procurement, storage, treatment, transportation, and disposal.

R. E. Broz

2008-12-22T23:59:59.000Z

Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


461

Naps Systems Oy | Open Energy Information  

Open Energy Info (EERE)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data CenterFranconia, Virginia: Energy Resources Jump to:46 -Energieprojekte3Informationof EnergyNapa County, California:NapierNaps Systems

462

Alstom Energy Systems | Open Energy Information  

Open Energy Info (EERE)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Office of InspectorConcentrating SolarElectricEnergy InformationTuriAlexandriaAlstom Energy Systems Jump to:

463

Environmental Solar Systems | Open Energy Information  

Open Energy Info (EERE)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Office of Inspector GeneralDepartmentAUDIT REPORTOpen Energy Information EnergySolar Systems Jump to: navigation,

464

The encryption requirement can be waived for certain circumstances. Contact the Chief Information Security Officer (CISO) to seek an exemption. All exemptions must be approved by the CISO.  

E-Print Network [OSTI]

' Information Technology policies require that any mobile device containing institutional data must be encrypted Security Officer (CISO) to seek an exemption. All exemptions must be approved by the CISO. This directive Information Technology Appropriate Use Policy · Colorado School of Mines Administrative Data Policy Mines

465

UNIVERSITY OF PITTSBURGH AT GREENSBURG Management -Information Systems  

E-Print Network [OSTI]

UNIVERSITY OF PITTSBURGH AT GREENSBURG Management - Information Systems u n d e r g r a d u a t e p r o g r a m Management - Information Systems 48 credits Bachelor of Science Management - Information Accounting MGMT 1818 Management Science INFSCI 0010 Introduction to Information Systems and Society Area

Sibille, Etienne

466

Scaling of Health Information Systems in India: Challenges and Approaches  

E-Print Network [OSTI]

on experiences from an ongoing project to implement health information systems within the primary health care in the context of health care and health information systems (HIS) in developing countries, whichScaling of Health Information Systems in India: Challenges and Approaches Sundeep Sahay Information

Sahay, Sundeep

467

Cybersecurity Management in the States: The Emerging Role of Chief Information Security Officers  

E-Print Network [OSTI]

The importance of safeguarding information created and shared on computers and the Internet has increased significantly in recent years, as society has become increasingly dependent on information technology in government, ...

Goodyear, Marilu; Goerdel, Holly T.; Portillo, Shannon; Williams, Linda M.

2010-01-01T23:59:59.000Z

468

Information processing systems, reasoning modules, and reasoning system design methods  

DOE Patents [OSTI]

Information processing systems, reasoning modules, and reasoning system design methods are described. According to one aspect, an information processing system includes working memory comprising a semantic graph which comprises a plurality of abstractions, wherein the abstractions individually include an individual which is defined according to an ontology and a reasoning system comprising a plurality of reasoning modules which are configured to process different abstractions of the semantic graph, wherein a first of the reasoning modules is configured to process a plurality of abstractions which include individuals of a first classification type of the ontology and a second of the reasoning modules is configured to process a plurality of abstractions which include individuals of a second classification type of the ontology, wherein the first and second classification types are different.

Hohimer, Ryan E; Greitzer, Frank L; Hampton, Shawn D

2014-03-04T23:59:59.000Z

469

Energy, information science, and systems science  

SciTech Connect (OSTI)

This presentation will discuss global trends in population, energy consumption, temperature changes, carbon dioxide emissions, and energy security programs at Los Alamos National Laboratory. LANL's capabilities support vital national security missions and plans for the future. LANL science supports the energy security focus areas of impacts of Energy Demand Growth, Sustainable Nuclear Energy, and Concepts and Materials for Clean Energy. The innovation pipeline at LANL spans discovery research through technology maturation and deployment. The Lab's climate science capabilities address major issues. Examples of modeling and simulation for the Coupled Ocean and Sea Ice Model (COSIM) and interactions of turbine wind blades and turbulence will be given.

Wallace, Terry C [Los Alamos National Laboratory; Mercer - Smith, Janet A [Los Alamos National Laboratory

2011-02-01T23:59:59.000Z

470

Gas informations systems as an asset, not an expense  

SciTech Connect (OSTI)

The utilization of information systems in the natural gas industry is described. Opportunities for the acquisition of important business information and corporate issues are illustrated.

Neill, C.

1995-12-31T23:59:59.000Z

471

Precise Enforcement of Progress-Sensitive Security Scott Moore  

E-Print Network [OSTI]

Precise Enforcement of Progress-Sensitive Security Scott Moore Harvard University Aslan Askarov-security (e.g., public or trusted) information. Our system is parameterized on a termination oracle of a program, then an attacker may be able to make a system unavail- able, by causing a server loop to exit (e

Chong, Stephen

472

Security Conditions  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

This Notice ensures that DOE uniformly meets the requirements of the Homeland Security Advisory System outlined in Homeland Security Presidential Directive-3, Threat Conditions and Associated Protective Measures, dated 3-11-02, and provides responses specified in Presidential Decision Directive 39, U.S. Policy on Counterterrorism (U), dated 6-21-95. It cancels DOE N 473.8, Security Conditions, dated 8-7-02. Extended until 7-7-06 by DOE N 251.64, dated 7-7-05 Cancels DOE N 473.8

2004-07-08T23:59:59.000Z

473

Building Energy Information Systems: User Case Studies  

SciTech Connect (OSTI)

Measured energy performance data are essential to national efforts to improve building efficiency, as evidenced in recent benchmarking mandates, and in a growing body of work that indicates the value of permanent monitoring and energy information feedback. This paper presents case studies of energy information systems (EIS) at four enterprises and university campuses, focusing on the attained energy savings, and successes and challenges in technology use and integration. EIS are broadly defined as performance monitoring software, data acquisition hardware, and communication systems to store, analyze and display building energy information. Case investigations showed that the most common energy savings and instances of waste concerned scheduling errors, measurement and verification, and inefficient operations. Data quality is critical to effective EIS use, and is most challenging at the subsystem or component level, and with non-electric energy sources. Sophisticated prediction algorithms may not be well understood but can be applied quite effectively, and sites with custom benchmark models or metrics are more likely to perform analyses external to the EIS. Finally, resources and staffing were identified as a universal challenge, indicating a need to identify additional models of EIS use that extend beyond exclusive in-house use, to analysis services.

Granderson, Jessica; Piette, Mary Ann; Ghatikar, Girish

2010-03-22T23:59:59.000Z

474

A Secured Health Care Application Architecture for Cyber-Physical Systems  

E-Print Network [OSTI]

Cyber-physical systems (CPS) can be viewed as a new generation of systems with integrated control, communication and computational capabilities. Like the internet transformed how humans interact with one another, cyber-physical systems will transform how people interact with the physical world. Currently, the study of CPS is still in its infancy and there exist many research issues and challenges ranging from electricity power, health care, transportation and smart building etc. In this paper, an introduction of CPeSC3 (cyber physical enhanced secured wireless sensor networks (WSNs) integrated cloud computing for u-life care) architecture and its application to the health care monitoring and decision support systems is given. The proposed CPeSC3 architecture is composed of three main components, namely 1) communication core, 2) computation core, and 3) resource scheduling and management core. Detailed analysis and explanation are given for relevant models such as cloud computing, real time scheduling and secu...

Wang, Jin; Lee, Sungyoung; Shu, Lei; Xia, Feng

2012-01-01T23:59:59.000Z

475

Decontamination Systems Information and Research Program  

SciTech Connect (OSTI)

The Decontamination Systems Information and Research Program at West Virginia University consists of research and development associated with hazardous waste remediation problems at the Department of Energy complex and elsewhere. This program seeks to facilitate expedited development and implementation of solutions to the nation`s hazardous waste clean-up efforts. By a unique combination of university research and private technology development efforts, new paths toward implementing technology and speeding clean-ups are achievable. Mechanisms include aggressive industrial tie-ins to academic development programs, expedited support of small business technology development efforts, enhanced linkages to existing DOE programs, and facilitated access to hazardous waste sites. The program topically falls into an information component, which includes knowledge acquisition, technology evaluation and outreach activities and an R and D component, which develops and implements new and improved technologies. Projects began in February 1993 due to initiation of a Cooperative Agreement between West Virginia University and the Department of Energy.

Berg, M.; Sack, W.A.; Gabr, M. [and others

1994-12-31T23:59:59.000Z

476

Personnel Security  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The order establishes requirements that will enable DOE to operate a successful, efficient, cost-effective personnel security program that will ensure accurate, timely and equitable determinations of individuals’ eligibility for access to classified information and Special Nuclear Material (SNM). Admin Chg 1, 10-8-13.

2011-07-27T23:59:59.000Z

477

IT Security Plan for Flight Simulation Program  

E-Print Network [OSTI]

Information security is one of the most important aspects of technology, we cannot protect the best interests of our organizations' assets (be that personnel, data, or other resources), without ensuring that these assetsare protected to the best of their ability. Within the Defense Department, this is vital to the security of not just those assets but also the national security of the United States. Compromise insecurity could lead severe consequences. However, technology changes so rapidly that change has to be made to reflect these changes with security in mind. This article outlines a growing technological change (virtualization and cloud computing), and how to properly address IT security concerns within an operating environment. By leveraging a series of encrypted physical and virtual systems, andnetwork isolation measures, this paper delivered a secured high performance computing environment that efficiently utilized computing resources, reduced overall computer processing costs, and ensures confidentia...

Hood, David; 10.5121/ijcsea.2011.1510

2011-01-01T23:59:59.000Z

478

Analyzing risk and uncertainty for improving water distribution system security from malevolent water supply contamination events  

E-Print Network [OSTI]

. Fig. 4.11. Tank level time series. Initial Storage Tank Level 0.00 0.05 0.10 0.15 0.20 0.25 30 31 32 33 34 35 36 37 Head (m) PDF Val u e Tank Level Time Series 104 105 106 107 108 109 110 111 112 0 10203040506070 Hours H ead ( m ) 29 In the case... ANALYZING RISK AND UNCERTAINTY FOR IMPROVING WATER DISTRIBUTION SYSTEM SECURITY FROM MALEVOLENT WATER SUPPLY CONTAMINATION EVENTS A Thesis by JACOB MANUEL TORRES Submitted to the Office of Graduate Studies of Texas A&M...

Torres, Jacob Manuel

2009-05-15T23:59:59.000Z

479

AMI System Security Requirements - v1_01-1 | Department of Energy  

Energy Savers [EERE]

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Delicious RankCombustionImprovement3 Beryllium-Associated6-05.pdf AL2006-05.pdfAMI System Security Requirements -

480

VRB Power Systems | Open Energy Information  

Open Energy Info (EERE)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data CenterFranconia, Virginia:FAQ < RAPID Jump to:Seadov PtyInformation UC 19-6-401UpsonUtah StateLoadingGrantEnergyVRB Power Systems

Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


481

A123Systems | Open Energy Information  

Open Energy Info (EERE)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home5b9fcbce19 NoPublic Utilities Address: 160 East 300 SouthWater Rights,Information Of The Transiel40-282LegalA123Systems Jump

482

Enova Systems Inc | Open Energy Information  

Open Energy Info (EERE)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home5b9fcbce19 NoPublic Utilities Address:011-DNA Jump37. It isInformation ContractsCGNPC JV Jump to:GeothermalEnnovateSystems

483

Cyber Security & Smart Grid  

E-Print Network [OSTI]

Cyber Security & Smart Grid Jonathan Shapiro Texas Institute The Clean Air Through Energy Efficiency (CATEE) Conference Cyber Security & Smart Grid ESL-KT-11-11-23 CATEE 2011, Dallas, Texas, Nov. 7 ? 9, 2011 Cyber Security and The Smart... and communication protocols. ESL-KT-11-11-23 CATEE 2011, Dallas, Texas, Nov. 7 ? 9, 2011 Smart Grid Systems ?Current Cyber Security Issues ? Advanced Metering Infrastructure (AMI) Security ? The wireless devices are used in the smart meters located...

Shapiro, J.

2011-01-01T23:59:59.000Z

484

Exploration and Impacts of Utilizing Computerized Information Systems  

E-Print Network [OSTI]

, preparing and analyzing budgets , research and development , quality control , purchase and inventory in application of computerized information systems in order to perform their works . A total of (200 information systems ( accounting , financial , payroll and loans , purchase and inventory control

485

Energy information systems (EIS): Technology costs, benefit, and best  

E-Print Network [OSTI]

LBNL-6476E 1 Energy information systems (EIS): Technology costs, benefit, and best practice uses, Lin, G, Piette, MA. Energy information systems (EIS): Technology costs, benefits, and best practice

486

Cyber Security Architecture Guidelines  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

This Guide provides supplemental information on the implementation of cyber security architectures throughout the Department of Energy. Canceled by DOE N 205.18

2001-03-08T23:59:59.000Z

487

Design of a digital dissertation information management system  

E-Print Network [OSTI]

Gobinda G. Chowdhury,G.G.C. Program: Electronic Library and Information Systems Volume 36 pp 152-165

Gobinda G.; Chowdhury, G.G.C.; Program: Electronic Library and Information Systems Volume 36 pp 152-165 [More Details

488

AP1000 Design for Security  

SciTech Connect (OSTI)

Nuclear power plants are protected from potential security threats through a combination of robust structures around the primary system and other vital equipment, security systems and equipment, and defensive strategy. The overall objective for nuclear power plant security is to protect public health and safety by ensuring that attacks or sabotage do not challenge the ability to safely shutdown the plant or protect from radiological releases. In addition, plants have systems, features and operational strategies to cope with external conditions, such as loss of offsite power, which could be created as part of an attack. Westinghouse considered potential security threats during design of the AP1000 PWR. The differences in plant configuration, safety system design, and safe shutdown equipment between existing plants and AP1000 affect potential vulnerabilities. This paper provides an evaluation of AP1000 with respect to vulnerabilities to security threats. The AP1000 design differs from the design of operating PWRs in the US in the configuration and the functional requirements for safety systems. These differences are intentional departures from conventional PWR designs which simplify plant design and enhance overall safety. The differences between the AP1000 PWR and conventional PWRs can impact vulnerabilities to security threats. The NRC addressed security concerns as part of their reviews for AP1000 Design Certification, and did not identify any security issues of concern. However, much of the detailed security design information for the AP1000 was deferred to the combined Construction and Operating License (COL) phase as many of the security issues are site-specific. Therefore, NRC review of security issues related to the AP1000 is not necessarily complete. Further, since the AP1000 plant design differs from existing PWRs, it is not obvious that the analyses and assessments prepared for existing plants also apply to the AP1000. We conclude that, overall, the AP1000 is less vulnerable to security threats such as malevolent use of vehicles (land, water or air), than are conventional PWRs. Further, the AP1000 is less vulnerable to external events (e.g., loss of transmission) than conventional PWRs. For some of the threats evaluated the AP1000 is comparable to conventional PWRs, while for other threats the AP1000 is inherently less vulnerable. (authors)

Long, L.B. [Southern Nuclear Operating Company, 40 Inverness Center Parkway, Birmingham, AL 35242 (United States); Cummins, W.E.; Winters, J.W. [Westinghouse Electric Company, 4350 Northern Pike, Monroeville, PA 15146 (United States)

2006-07-01T23:59:59.000Z

489

Oak Ridge Environmental Information System (OREIS) functional system design document  

SciTech Connect (OSTI)

The OREIS Functional System Design document provides a detailed functional description of the Oak Ridge Environmental Information System (OREIS). It expands the system requirements defined in the OREIS Phase 1-System Definition Document (ES/ER/TM-34). Documentation of OREIS development is based on the Automated Data Processing System Development Methodology, a Martin Marietta Energy Systems, Inc., procedure written to assist in developing scientific and technical computer systems. This document focuses on the development of the functional design of the user interface, which includes the integration of commercial applications software. The data model and data dictionary are summarized briefly; however, the Data Management Plan for OREIS (ES/ER/TM-39), a companion document to the Functional System Design document, provides the complete data dictionary and detailed descriptions of the requirements for the data base structure. The OREIS system will provide the following functions, which are executed from a Menu Manager: (1) preferences, (2) view manager, (3) macro manager, (4) data analysis (assisted analysis and unassisted analysis), and (5) spatial analysis/map generation (assisted ARC/INFO and unassisted ARC/INFO). Additional functionality includes interprocess communications, which handle background operations of OREIS.

Birchfield, T.E. [Martin Marietta Energy Systems, Inc., Piketon, OH (United States). Computing and Telecommunications Services; Brown, M.O.; Coleman, P.R. [Oak Ridge National Lab., TN (United States). Computing Applications Div.] [and others

1994-03-01T23:59:59.000Z

490

WP1: Targeted and informative forecast system design  

E-Print Network [OSTI]

WP1: Targeted and informative forecast system design Emma Suckling, Leonard A. Smith and David Stainforth EQUIP Meeting ­ August 2011 Edinburgh #12;Targeted and informative forecast system design Develop models to support decision making (1.4) #12;Targeted and informative forecast system design KEY QUESTIONS

Stevenson, Paul

491

Forest Products Market Information Systems in the UNECE region.  

E-Print Network [OSTI]

Forest Products Market Information Systems in the UNECE region. L. Farquharson August 2007 #12;#12;A report into Forest Products Market Information Systems_____________________________ 1 1. EXECUTIVE____________________________________________________15 #12;2 ____________________________ A report into Forest Products Market Information Systems 2 1

492

ASSESS (Analytic System and Software for Evaluating Safeguards and Security) update: Current status and future developments  

SciTech Connect (OSTI)

The Analytic System and Software for Evaluating Safeguards and Security (ASSESS) has been released for use by DOE field offices and their contractors. In October, 1989, we offered a prototype workshop to selected representatives of the DOE community. Based on the prototype results, we held the first training workshop at the Central Training Academy in January, 1990. Four additional workshops are scheduled for FY 1990. ASSESS is a state-of-the-art analytical tool for management to conduct integrated evaluation of safeguards systems at facilities handling facilities. Currently, ASSESS focuses on the threat of theft/diversion of special nuclear material by insiders, outsiders, and a special form of insider/outsider collusion. ASSESS also includes a neutralization module. Development of the tool is continuing. Plans are underway to expand the capabilities of ASSESS to evaluate against violent insiders, to validate the databases, to expand the neutralization module, and to assist in demonstrating compliance with DOE Material Control and Accountability (MC A) Order 5633.3. These new capabilities include the ability to: compute a weighted average for performance capability against a spectrum of insider adversaries; conduct defense-in-depth analyses; and analyze against protracted theft scenarios. As they become available, these capabilities will be incorporated in our training program. ASSESS is being developed jointly by Lawrence Livermore and Sandia National Laboratories under the sponsorship of the Department of Energy (DOE) Office of Safeguards and Security.

Al-Ayat, R.A. (Lawrence Livermore National Lab., CA (USA)); Cousins, T.D. (USDOE, Washington, DC (USA)); Hoover, E.R. (Sandia National Labs., Albuquerque, NM (USA))

1990-07-15T23:59:59.000Z

493

Energy Security | ornl.gov  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Energy Security SHARE Energy Security ORNL has supported the DOE Cybersecurity for Energy Delivery Systems (CEDS) program in making advances in cybersecurity capabilities for...

494

Department of Energy Cyber Security Program  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The order sets forth requirements and responsibilities for a Departmental Cyber Security Program (CSP) that protects information and information systems for the Department of Energy (DOE). Chg 1 dated 12-7-2012; Chg 2 dated 3-11-2013; Chg 3, dated 4-29-2014, cancels Chg 2.

2011-05-16T23:59:59.000Z

495

Sandia National Laboratories Information Design Assurance Red TeamTM  

E-Print Network [OSTI]

, and process control system security. Sandia is a multiprogram laboratory operated by Sandia Corporation-disciplinary assessment team working to improve the security of critical systems through systematic analysis using metrics, and tools for analyzing the security robustness of information systems contributing to our

Fuerschbach, Phillip

496

Mobile Geographic Information Systems (GIS) for Humanitarian Demining  

E-Print Network [OSTI]

this goal, surveys of hazardous areas, describing their location and contents, are used to produce threat maps for a given location and secure adequate funding from donor organizations for clearance operations. The focus of this study is a mobile GIS system...

Dunbar, Matthew D.

2010-04-27T23:59:59.000Z

497

ENFORMS: A Distributed, Multimedia Environmental Information System  

E-Print Network [OSTI]

and national security, extend international cooperation, and improve our ability to understand and manage will launch many new platforms into earth orbit, including the satellites that will make up the Earth, satellite imagery, aerial photographs, color­coded charts, audio files, and animations. The user accesses

Cheng, Betty H.C.

498

Information Technology Specialist (Systems Analysis/ Applications Software)  

Broader source: Energy.gov [DOE]

(See Frequently Asked Questions for more information). Where would I be working ? Western Area Power Administration, Corporate Services Office, Office of the Chief Information Officer, Enterprise...

499

Proc. Second European Symposium on Research in Computer Security, Toulouse, France, November 1992, pages 307-328.  

E-Print Network [OSTI]

Information Systems & Department of Information and Software Systems Engineering George Mason University of polyinstantiation, for the purpose of implementing cover stories in multilevel secure relational database systems, pages 307-328. Polyinstantiation for Cover Stories Ravi S. Sandhu and Sushil Jajodia1 Center for Secure

Sandhu, Ravi

500

Analysis of operations and cyber security policies for a system of cooperating Flexible Alternating Current Transmission System (FACTS) devices.  

SciTech Connect (OSTI)

Flexible Alternating Current Transmission Systems (FACTS) devices are installed on electric power transmission lines to stabilize and regulate power flow. Power lines protected by FACTS devices can increase power flow and better respond to contingencies. The University of Missouri Rolla (UMR) is currently working on a multi-year project to examine the potential use of multiple FACTS devices distributed over a large power system region in a cooperative arrangement in which the FACTS devices work together to optimize and stabilize the regional power system. The report describes operational and security challenges that need to be addressed to employ FACTS devices in this way and recommends references, processes, technologies, and policies to address these challenges.

Phillips, Laurence R.; Tejani, Bankim; Margulies, Jonathan; Hills, Jason L.; Richardson, Bryan T.; Baca, Micheal J.; Weiland, Laura

2005-12-01T23:59:59.000Z