Powered by Deep Web Technologies
Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


1

Federal Information Systems Security Educators' Association ...  

Science Conference Proceedings (OSTI)

Federal Information Systems Security Educators' Association (FISSEA). Summary: The Federal Information Systems Security ...

2013-01-15T23:59:59.000Z

2

National Security Information Systems (NSIS) -National Security Systems &  

NLE Websites -- All DOE Office Websites (Extended Search)

NSSA: National Security Information Systems NSSA: National Security Information Systems Nonproliferation & National Security (NPNS) Overview Technical Nonproliferation Policy Support Strategic Trade Control Review of export license applications Multilateral Export Control Arrangements Interdiction Engagement & Training INECP INSEP GIPP Safeguards Concepts and Approaches Human Capital Development Additional Protocol Technical Assistance National Security Systems & Assessments National Security Information Systems Vulnerability Assessment Team (VAT) Radiation Detection & Response (RDR) Contact NPNS Other Major Programs Work with Argonne Contact us For Employees Site Map Help Join us on Facebook Follow us on Twitter NE Division on Flickr Nonproliferation and National Security Program National Security Systems & Assessments

3

The National Information Systems Security Conference ...  

Science Conference Proceedings (OSTI)

The National Information Systems Security Conference announces its Keynote and Banquet Speakers. August Bequai, Esq ...

1996-10-28T23:59:59.000Z

4

Information technology - Security techniques - Information security management systems - Requirements  

E-Print Network (OSTI)

ISO/IEC 27001:2005 covers all types of organizations (e.g. commercial enterprises, government agencies, not-for profit organizations). ISO/IEC 27001:2005 specifies the requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented Information Security Management System within the context of the organization's overall business risks. It specifies requirements for the implementation of security controls customized to the needs of individual organizations or parts thereof. ISO/IEC 27001:2005 is designed to ensure the selection of adequate and proportionate security controls that protect information assets and give confidence to interested parties. ISO/IEC 27001:2005 is intended to be suitable for several different types of use, including the following: use within organizations to formulate security requirements and objectives; use within organizations as a way to ensure that security risks are cost effectively managed; use within organizations to ensure comp...

International Organization for Standardization. Geneva

2005-01-01T23:59:59.000Z

5

PIA - INL SECURITY INFORMATION MANAGEMENT SYSTEM BUSINESS ENCLAVE...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

INL SECURITY INFORMATION MANAGEMENT SYSTEM BUSINESS ENCLAVE PIA - INL SECURITY INFORMATION MANAGEMENT SYSTEM BUSINESS ENCLAVE PIA - INL SECURITY INFORMATION MANAGEMENT SYSTEM...

6

Argonne's National Security Information Systems National  

NLE Websites -- All DOE Office Websites (Extended Search)

National Security National Security Information Systems National Security The NSIS team has worked with various government agencies and programs over the past 15 years to create customized technological solutions that meet specific needs, while also fulfilling national security objectives, improving efficiency and reducing costs. Applying a broad range of expertise and experience, the Argonne team develops both unclassified and classified information technology (IT) systems for national security and nonproliferation programs, with a focus on security operations, international treaty implementation, export control and law enforcement support. Some examples of NSIS-developed systems include:  Electronic Facility Clearance (e-FCL) System for the U.S. Department of Defense (DOD)

7

Federal Information Systems Security Educators' Association ...  

Science Conference Proceedings (OSTI)

... of the Federal Information Systems Security Educator's ... and those involved in instructional design and curriculum ... NIST that is designed to improve ...

2012-02-07T23:59:59.000Z

8

Electronic DOE Information Security System (eDISS) PIA, Office...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

DOE Information Security System (eDISS) PIA, Office of Health Safety and Security Electronic DOE Information Security System (eDISS) PIA, Office of Health Safety and Security...

9

Audit Report, Evaluation of Classified Information Systems Security...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Report, Evaluation of Classified Information Systems Security Program, DOEIG-0518 Audit Report, Evaluation of Classified Information Systems Security Program, DOEIG-0518 All...

10

Argonne's National Security Information Systems  

E-Print Network (OSTI)

was asked by the DOE National Nuclear Security Administration (NNSA) to install the ARG-US RFID equipment in the NNSA vehicles (a Peterbilt truck and a Dodge Sprinter van) and integration with the in-vehicle Omni about the DOE/NNSA's Global Threat Reduction Initiative (GTRI) for voluntary security enhancements

Kemner, Ken

11

Grid Information Security Functional Requirement - Fulfilling Information Security of a Smart Grid System  

E-Print Network (OSTI)

This paper describes the background of smart information infrastructure and the needs for smart grid information security. It introduces the conceptual analysis to the methodology with the application of hermeneutic circle and information security functional requirement identification. Information security for the grid market cover matters includes automation and communications industry that affects the operation of electric power systems and the functioning of the utilities that manage them and its awareness of this information infrastructure has become critical to the reliability of the power system. Community benefits from of cost savings, flexibility and deployment along with the establishment of wireless communications. However, concern revolves around the security protections for easily accessible devices such as the smart meter and the related communications hardware. On the other hand, the changing points between traditional versus smart grid networking trend and the information security importance on...

Ling, Amy Poh Ai; 10.5121/ijgca.2011.2201

2011-01-01T23:59:59.000Z

12

FISSEA - Federal Information Systems Security Educators' ...  

Science Conference Proceedings (OSTI)

... to two CISOs at the US Department of Energy. ... Prior to EES, Al worked for Keane Federal Systems, Inc ... the FBI on all matters of cyber security policy. ...

13

List of Major Information Systems,National Nuclear Security Administration  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

List of Major Information Systems,National Nuclear Security List of Major Information Systems,National Nuclear Security Administration ADaPT Networked: List of Major Information Systems,National Nuclear Security Administration ADaPT Networked: List of Major Information Systems, Defense Line of Business National Nuclear Security Administration ADaPT Networked: Develops and deploys emerging information networking technology to production processes in support of the U.S. nuclear weapons stockpile. National Nuclear Security Administration ADaPT Network Infrastructure: Develops and deploys emerging information networking technology to production processes in support of the U.S. nuclear weapons stockpile. .major_information_systems.pdf List of Major Information Systems,National Nuclear Security Administration ADaPT Networked:

14

Security and Privacy Controls for Federal Information Systems ...  

Science Conference Proceedings (OSTI)

Page 1. NIST Special Publication 800-53 Revision 4 Security and Privacy Controls for Federal Information Systems and Organizations Appendix F ...

2013-05-09T23:59:59.000Z

15

Security and Privacy Controls for Federal Information Systems  

Science Conference Proceedings (OSTI)

NIST Special Publication 800-53. Revision 4. Security and Privacy Controls for Federal Information Systems. and Organizations. JOINT TASK FORCE ...

2013-06-18T23:59:59.000Z

16

DOC Information System Security Conference on Innovating ...  

Science Conference Proceedings (OSTI)

... B. Walsh, Acting Director, Cyber Security Program, Department of Homeland Security. ... R. Clark, Senior Advisor National and Cyber Security, DOC. ...

2013-06-28T23:59:59.000Z

17

22nd National Information Systems Security Conference  

Science Conference Proceedings (OSTI)

... Techniques Dr. Roshan Thomas, NAI Labs ... Kubic, National Security Agency Tom Shake, MIT ... Security Implementations Bret Hartman, Concept Five ...

2000-10-25T23:59:59.000Z

18

Selection of Model in Developing Information Security Criteria for Smart Grid Security System  

E-Print Network (OSTI)

At present, the "Smart Grid" has emerged as one of the best advanced energy supply chains. This paper looks into the security system of smart grid via the smart planet system. The scope focused on information security criteria that impact on consumer trust and satisfaction. The importance of information security criteria is perceived as the main aspect to impact on customer trust throughout the entire smart grid system. On one hand, this paper also focuses on the selection of the model for developing information security criteria on a smart grid.

Ling, Amy Poh Ai

2011-01-01T23:59:59.000Z

19

FISSEA - Federal Information Systems Security Educators' ...  

Science Conference Proceedings (OSTI)

... 9:15 NIST Welcome William Barker, NIST Computer Security Division NO BIO and Presentation Available. ... BIO & Abstract Presentation. ...

20

FISSEA - Federal Information Systems Security Educators' ...  

Science Conference Proceedings (OSTI)

... Jim Wiggins, Federal IT Security Institute ... Gale Warshawsky, Department of Energy: Lawrence Livermore ... Notice & Privacy Policy Send comments or ...

Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


21

20th National Information Systems Security Conference  

Science Conference Proceedings (OSTI)

... NIST does not accept any other credit cards. ... and CD-ROM of the conference proceedings will be ... In January 1981, the National Computer Security ...

22

Guidelines for System Security and Information System Management  

Science Conference Proceedings (OSTI)

This document provides a concise set of guidelines and best practices for performing risk assessment, security management, and system management within utility automation networks.

2008-06-09T23:59:59.000Z

23

20th National Information Systems Security Conference  

Science Conference Proceedings (OSTI)

... 7 and banquet on Oct. 8. The fee for the pre-conference workshops on Oct. 6 is $100. To receive registration information, contact: ...

24

Security and Privacy Controls for Federal Information Systems ...  

Science Conference Proceedings (OSTI)

... JOINT TASK FORCE TRANSFORMATION INITIATIVE ... aspects of information security (ie, technical ... physical, personnel, cyber-physical); and 4. Is ...

2013-05-09T23:59:59.000Z

25

Securing a Wireless Networked Control System Using Information Fusion  

Science Conference Proceedings (OSTI)

Security of a wireless sensor network practically governs its usability in several applications. Especially, in applications like Industrial control systems which use NCS and SCADA systems, the security affects the stability of the system. We propose ...

Brijesh Kashyap Chejerla, Sanjay Madria

2012-10-01T23:59:59.000Z

26

List of Major Information Systems,National Nuclear Security Administra...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

emerging information networking technology to production processes in support of the U.S. nuclear weapons stockpile. National Nuclear Security Administration ADaPT Network...

27

User Awareness of Security Countermeasures and Its Impact on Information Systems Misuse: A Deterrence Approach  

Science Conference Proceedings (OSTI)

Intentional insider misuse of information systems resources (i.e., IS misuse) represents a significant threat to organizations. For example, industry statistics suggest that between 50%--75% of security incidents originate from within an organization. ... Keywords: IS misuse, IS security, end-user security, general deterrence theory, security countermeasures, security management

John D'Arcy; Anat Hovav; Dennis Galletta

2009-03-01T23:59:59.000Z

28

Circuits of power in creating de jure standards: shaping an international information systems security standard  

Science Conference Proceedings (OSTI)

This paper addresses the role of power and politics in setting standards. It examines the interaction of external contingencies, powerful agents, resources, meaning, and membership of relevant social and institutional groupings in generating successful ... Keywords: information systems security management, information systems security standards, institutionalization, power and politics, security management code of practice

James Backhouse; Carol W. Hsu; Leiser Silva

2006-08-01T23:59:59.000Z

29

Formalizing information security knowledge  

Science Conference Proceedings (OSTI)

Unified and formal knowledge models of the information security domain are fundamental requirements for supporting and enhancing existing risk management approaches. This paper describes a security ontology which provides an ontological structure for ... Keywords: information security, risk management, security ontology

Stefan Fenz; Andreas Ekelhart

2009-03-01T23:59:59.000Z

30

CMS System Security Plan Procedure  

Science Conference Proceedings (OSTI)

... TASK 5: SYSTEM DECOMMISSION. ... BPSSM Business Partners Systems Security Manual. ... of Information Technology, Policy, Procedures, & Audits. ...

2009-06-30T23:59:59.000Z

31

Zicom Electronic Security Systems Ltd | Open Energy Information  

Open Energy Info (EERE)

Zicom Electronic Security Systems Ltd Zicom Electronic Security Systems Ltd Jump to: navigation, search Name Zicom Electronic Security Systems Ltd. Place Mumbai, Maharashtra, India Zip 400093 Sector Solar, Wind energy Product Mumbai-based electronic security systems integrator. The firm plans to sell its security business and foray into solar and wind power. Coordinates 19.076191°, 72.875877° Loading map... {"minzoom":false,"mappingservice":"googlemaps3","type":"ROADMAP","zoom":14,"types":["ROADMAP","SATELLITE","HYBRID","TERRAIN"],"geoservice":"google","maxzoom":false,"width":"600px","height":"350px","centre":false,"title":"","label":"","icon":"","visitedicon":"","lines":[],"polygons":[],"circles":[],"rectangles":[],"copycoords":false,"static":false,"wmsoverlay":"","layers":[],"controls":["pan","zoom","type","scale","streetview"],"zoomstyle":"DEFAULT","typestyle":"DEFAULT","autoinfowindows":false,"kml":[],"gkml":[],"fusiontables":[],"resizable":false,"tilt":0,"kmlrezoom":false,"poi":true,"imageoverlays":[],"markercluster":false,"searchmarkers":"","locations":[{"text":"","title":"","link":null,"lat":19.076191,"lon":72.875877,"alt":0,"address":"","icon":"","group":"","inlineLabel":"","visitedicon":""}]}

32

An optimal probabilistic solution for information confinement, privacy, and security in RFID systems  

Science Conference Proceedings (OSTI)

In this paper, we provide the following contributions to enhance the security of RFID based systems. First, we assume that among multiple servers storing the information related to the tags some of them can be compromised. For this new threat scenario, ... Keywords: Information confinement, Privacy, Probabilistic algorithm, RFID systems, Security

Roberto Di Pietro; Refik Molva

2011-05-01T23:59:59.000Z

33

A security risk analysis model for information systems: Causal relationships of risk factors and vulnerability propagation analysis  

Science Conference Proceedings (OSTI)

With the increasing organizational dependence on information systems, information systems security has become a very critical issue in enterprise risk management. In information systems, security risks are caused by various interrelated internal and ... Keywords: Ant colony optimization, Bayesian networks, Information systems, Security risk, Vulnerability propagation

Nan Feng, Harry Jiannan Wang, Minqiang Li

2014-01-01T23:59:59.000Z

34

Human Errors in Information Security  

E-Print Network (OSTI)

The purpose of the paper is to target audience and stakeholder individuals whom are in charge of securing the assets of their organisations and institutions. This paper starts by providing a brief overview of information security, outlining the main goals and techniques of the discipline. The paper also discusses the role of human factors and how the information security research community has recognised the increasingly crucial role of human behaviour in many security failures. This is followed by a literature review of human errors in information security. Finally, this paper discusses Reason's Generic Error Modelling System (GEMS) as a potential model for explaining human errors in information security [18]. The terms computer security, network security and information security are used interchangeably in this paper.

Munir Ahmed; Lukman Sharif; Muhammad Kabir; Maha Al-maimani

2012-01-01T23:59:59.000Z

35

Foundation for system security  

Science Conference Proceedings (OSTI)

We provide a coherent framework for the design and analysis of secure systems. Our framework is inspired by Lawrence Lessig's modalities of control, by Niklas Luhmann's theory of trust, by existing models of information security, and by existing models ...

Clark Thomborson

2009-01-01T23:59:59.000Z

36

Information Security Guide  

E-Print Network (OSTI)

Information Security Guide For Government Executives Pauline Bowen Elizabeth Chew Joan Hash #12; Table of Contents Introduction 1 Why do I need to invest in information security? 2 Where do I need to focus my attention in accomplishing critical information security goals? 4 What are the key activities

37

GAO Information Security Issues Update  

Science Conference Proceedings (OSTI)

... Critical IT Systems & Infrastructure - NNSA Supercomputers CP & Security - State Security System - Wireless Security - IRS e*File ...

2010-10-08T23:59:59.000Z

38

Quantitatively assessing the vulnerability of critical information systems: A new method for evaluating security enhancements  

Science Conference Proceedings (OSTI)

This paper proposes a new approach for assessing the organization's vulnerability to information-security breaches. Although much research has been done on qualitative approaches, the literature on numerical approaches to quantify information-security ... Keywords: Information security, Information-security measurement, Risk analysis, Security threats, Vulnerability measurement

Sandip C. Patel; James H. Graham; Patricia A. S. Ralston

2008-12-01T23:59:59.000Z

39

Security classification of information  

Science Conference Proceedings (OSTI)

This document is the second of a planned four-volume work that comprehensively discusses the security classification of information. The main focus of Volume 2 is on the principles for classification of information. Included herein are descriptions of the two major types of information that governments classify for national security reasons (subjective and objective information), guidance to use when determining whether information under consideration for classification is controlled by the government (a necessary requirement for classification to be effective), information disclosure risks and benefits (the benefits and costs of classification), standards to use when balancing information disclosure risks and benefits, guidance for assigning classification levels (Top Secret, Secret, or Confidential) to classified information, guidance for determining how long information should be classified (classification duration), classification of associations of information, classification of compilations of information, and principles for declassifying and downgrading information. Rules or principles of certain areas of our legal system (e.g., trade secret law) are sometimes mentioned to .provide added support to some of those classification principles.

Quist, A.S.

1993-04-01T23:59:59.000Z

40

ITL Bulletin Information Security in the System Development ...  

Science Conference Proceedings (OSTI)

... 800-17) c. CC product reevaluation (Additional References: CC) d. Assessment ... Security into the Capital Planning and Investment Control Process ...

2012-04-05T23:59:59.000Z

Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


41

Information Security | National Nuclear Security Administration  

National Nuclear Security Administration (NNSA)

Information Security | National Nuclear Security Administration Information Security | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog Information Security Home > About Us > Our Programs > Nuclear Security > Information Security Information Security Information security deals with requirements for the protection and control of information and matter required to be classified or controlled by

42

Management of Control System Information SecurityI: Control System Patch Management  

SciTech Connect

The use of information technologies in control systems poses additional potential threats due to the frequent disclosure of software vulnerabilities. The management of information security involves a series of policy-making on the vulnerability discovery, disclosure, patch development and patching. In this paper, we use a system approach to devise a model to understand the interdependencies of these decision processes. In more details, we establish a theoretical framework for making patching decision for control systems, taking into account the requirement of functionability of control systems. We illustrate our results with numerical simulations and show that the optimal operation period of control systems given the currently estimated attack rate is roughly around a half a month.

Quanyan Zhu; Miles McQueen; Craig Rieger; Tamer Basar

2011-09-01T23:59:59.000Z

43

SECURITY METRICS: MEASUREMENTS TO SUPPORT THE CONTINUED DEVELOPMENT OF INFORMATION SECURITY TECHNOLOGY  

E-Print Network (OSTI)

SECURITY METRICS: MEASUREMENTS TO SUPPORT THE CONTINUED DEVELOPMENT OF INFORMATION SECURITY TECHNOLOGY Shirley Radack, Editor Computer Security Division Information Technology Laboratory National and to protect their systems and information from security threats and risks. There have been many past efforts

44

A decision support system for secure information sharing  

Science Conference Proceedings (OSTI)

In both the commercial and defense sectors a compelling need is emerging for highly dynamic, yet risk optimized, sharing of information across traditional organizational boundaries. Risk optimal decisions to disseminate mission critical tactical intelligence ... Keywords: description logic, flexible information sharing, justification for non-shareability, semantic reasoner

Achille Fokoue; Mudhakar Srivatsa; Pankaj Rohatgi; Peter Wrobel; John Yesberg

2009-06-01T23:59:59.000Z

45

Information Assurance: Dependability and Security in Networked Systems  

Science Conference Proceedings (OSTI)

In today's fast paced, infocentric environment, professionals increasingly rely on networked information technology to do business. Unfortunately, with the advent of such technology came new and complex problems that continue to threaten the availability, ... Keywords: Networking

Yi Qian; David Tipper; Prashant Krishnamurthy; James Joshi

2007-11-01T23:59:59.000Z

46

HAN System Security Requirements  

Science Conference Proceedings (OSTI)

This report, "Home Area Network (HAN) Security Requirements," identifies and discusses the key cyber security requirements for different interfaces of HAN-based systems. These cyber security requirements for HAN interfaces are derived from the Department of Homeland Security (DHS) "Catalog of Control Systems Security," which provides an excellent checklist of general security requirements.

2009-12-22T23:59:59.000Z

47

Enterprise Information Security Management Framework [EISMF  

E-Print Network (OSTI)

There are several technological solutions available in the market to help organizations with information security breach detection and prevention such as intrusion detection and prevention systems, antivirus software, ...

Sharma, Dhirendra, S.M. Massachusetts Institute of Technology

2011-01-01T23:59:59.000Z

48

Secure naming in information-centric networks  

Science Conference Proceedings (OSTI)

In this paper, we present a secure naming system to locate resources in information-centric networks. The main goal is to allow secure content retrieval from multiple unknown or untrusted sources. The proposal uses a new, flexible naming scheme that ... Keywords: architecture, information networking, naming system

Walter Wong; Pekka Nikander

2010-11-01T23:59:59.000Z

49

Fenix Secure Operating System: Principles, Models and Architecture  

Science Conference Proceedings (OSTI)

The paper introduces design principles of Secure Operating System Fenix developed in Information Security Centre of Saint-Petersburg Technical University. Fenix is a special purpose secure operating system supposed to be a basis for secure information ...

Dmitry P. Zegzhda; Pavel G. Stepanov; Alexey D. Otavin

2001-05-01T23:59:59.000Z

50

Physical Security Systems | National Nuclear Security Administration  

National Nuclear Security Administration (NNSA)

Physical Security Systems | National Nuclear Security Administration Physical Security Systems | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog Physical Security Systems Home > About Us > Our Programs > Nuclear Security > Physical Security Systems Physical Security Systems After the 9/11 terrorist attacks, NNSA took steps to protect its critical

51

Physical Security Systems | National Nuclear Security Administration  

NLE Websites -- All DOE Office Websites (Extended Search)

Physical Security Systems | National Nuclear Security Administration Physical Security Systems | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog Physical Security Systems Home > About Us > Our Programs > Nuclear Security > Physical Security Systems Physical Security Systems After the 9/11 terrorist attacks, NNSA took steps to protect its critical

52

Emergency Information | National Nuclear Security Administration  

National Nuclear Security Administration (NNSA)

Information | National Nuclear Security Administration Information | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog The National Nuclear Security Administration Emergency Information Home > Field Offices > Welcome to the Sandia Field Office > Emergency Information Emergency Information The Sandia Field Office (SFO) Emergency Management System is designed to

53

Security system signal supervision  

SciTech Connect

This purpose of this NUREG is to present technical information that should be useful to NRC licensees for understanding and applying line supervision techniques to security communication links. A review of security communication links is followed by detailed discussions of link physical protection and DC/AC static supervision and dynamic supervision techniques. Material is also presented on security for atmospheric transmission and video line supervision. A glossary of security communication line supervision terms is appended. 16 figs.

Chritton, M.R. (BE, Inc., Barnwell, SC (United States)); Matter, J.C. (Sandia National Labs., Albuquerque, NM (United States))

1991-09-01T23:59:59.000Z

54

Public Safety and Security Information in MML  

Science Conference Proceedings (OSTI)

Public Safety and Security Information in MML. ... MML plays a key role in enhancing the nation's homeland security. Through ...

2010-10-05T23:59:59.000Z

55

Information security policy compliance: an empirical study of rationality-based beliefs and information security awareness  

Science Conference Proceedings (OSTI)

Many organizations recognize that their employees, who are often considered the weakest link in information security, can also be great assets in the effort to reduce risk related to information security. Since employees who comply with the information ... Keywords: behavioral issues of information security, compliance, information security awareness, information security management, information security policy, theory of planned behavior

Burcu Bulgurcu; Hasan Cavusoglu; Izak Benbasat

2010-09-01T23:59:59.000Z

56

T-592: Cisco Security Advisory: Cisco Secure Access Control System...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: Cisco Security Advisory: Cisco Secure Access Control System Unauthorized Password Change Vulnerability T-592: Cisco Security Advisory: Cisco Secure Access Control System...

57

Cyber Security Guidelines, Information Technology Division, ITD  

NLE Websites -- All DOE Office Websites (Extended Search)

BNL Cyber Security Guidelines BNL Cyber Security Guidelines Appropriate Use Unauthorized and Malicious Access and Actions Blatant Disregard for Laboratory Computer Security Privacy of Electronic Files, and E-MAIL Publishing & Accessing Information on Electronic Networks The Laboratory's main concerns are protecting data and systems critical to operations in pursuit of its mission. The Laboratory's Computer Security Plan covers Laboratory systems, whether on-site and connected directly to the Laboratory network, or on- or off-site and connected to the Laboratory network by the telephone system or other means. The procedures and rules described here cover these systems no matter who is the owner or the method of connection to the network. Laboratory employees and registered users are responsible for their own actions under the computer security policy, as well as for the actions of any person who they permit to access a Laboratory system.

58

Information sharing and security in dynamic coalitions  

Science Conference Proceedings (OSTI)

Today, information sharing is critical to almost every institution. There is no more critical need for information sharing than during an international crisis, when international coalitions dynamically form. In the event of a crisis, whether it is humanitarian ... Keywords: access control, distributed systems, dynamic coalitions, information security

Charles E. Phillips, Jr.; T.C. Ting; Steven A. Demurjian

2002-06-01T23:59:59.000Z

59

Information Security: Coordination of Federal Cyber Security...  

NLE Websites -- All DOE Office Websites (Extended Search)

a federal agenda for cyber security research. GAO also recommends that the Office of Management and Budget (OMB) issue guidance to agencies for providing cyber security research...

60

Detecting illicit leakage of information in operating systems  

Science Conference Proceedings (OSTI)

Keywords: analysis, audit collection, data transmission, information flow, multi-level secure systems, operating system security

Shiuh-Pyng Shieh; Virgil D. Gligor

1996-01-01T23:59:59.000Z

Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


61

Secure video communications system  

DOE Patents (OSTI)

A secure video communications system having at least one command network formed by a combination of subsystems. The combination of subsystems to include a video subsystem, an audio subsystem, a communications subsystem, and a control subsystem. The video communications system to be window driven and mouse operated, and having the ability to allow for secure point-to-point real-time teleconferencing.

Smith, Robert L. (Idaho Falls, ID)

1991-01-01T23:59:59.000Z

62

Securing Control Systems Modems  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Recommended Practice for Securing Recommended Practice for Securing Control System Modems January 2008 iii ABSTRACT This paper addresses an often overlooked "backdoor" into critical infrastructure control systems created by modem connections. A modem's connection to the public telephone system is similar to a corporate network connection to the Internet. By tracing typical attack paths into the system, this paper provides the reader with an analysis of the problem and then guides the reader through methods to evaluate existing modem security. Following the analysis, a series of methods for securing modems is provided. These methods are correlated to well-known networking security methods. iv ACKNOWLEDGEMENT This document was developed for the U.S. Department of Homeland

63

Federal Information Security Management Act (FISMA) ...  

Science Conference Proceedings (OSTI)

Federal Information Security Management Act (FISMA) Implementation Project. Summary: The FISMA Implementation Project ...

2013-01-15T23:59:59.000Z

64

Information Security: Coordination of Federal Cyber Security Research and  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Security: Coordination of Federal Cyber Security Security: Coordination of Federal Cyber Security Research and Development Information Security: Coordination of Federal Cyber Security Research and Development GAO recommends that the Office of Science and Technology Policy establish timelines for developing a federal agenda for cyber security research. GAO also recommends that the Office of Management and Budget (OMB) issue guidance to agencies for providing cyber security research data to repositories. In commenting on a draft of this report, OMB stated that it would review the need for such guidance. Information Security: Coordination of Federal Cyber Security Research and Development More Documents & Publications Networking and Information Technology Research and Development Supplement to the President's Budget (February 2010)

65

Information Technology (IT) Security Day, Boulder  

Science Conference Proceedings (OSTI)

Information Technology (IT) Security Day, Boulder. Purpose: The NIST ... Agenda: 9:00am- 10:00am Mobile Device Security. 10:30am ...

2013-06-10T23:59:59.000Z

66

Integrated Security System | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Integrated Security System Integrated Security System A security platform providing multi-layer intrusion detection and security management for a networked energy control systems...

67

Applied Information Security, 1st edition  

Science Conference Proceedings (OSTI)

Applied Information Security guides readers through the installation and basic operation of IT Security software used in the industry today. Dos Commands; Password Auditors; Data Recovery & Secure Deletion; Packet Sniffer; Port Scanners; Vulnerability ...

Randy Boyle

2009-07-01T23:59:59.000Z

68

Security challenges in embedded systems  

Science Conference Proceedings (OSTI)

Embedded systems security is a significant requirement in emerging environments, considering the increasing deployment of embedded systems in several application domains. The large number of deployed embedded systems, their limited resources and their ... Keywords: Communication system security, computer security, embedded systems, security

Dimitrios N. Serpanos; Artemios G. Voyiatzis

2013-03-01T23:59:59.000Z

69

Smart Grid Information Security (IS) Functional Requirement  

E-Print Network (OSTI)

It is important to implement safe smart grid environment to enhance people's lives and livelihoods. This paper provides information on smart grid IS functional requirement by illustrating some discussion points to the sixteen identified requirements. This paper introduces the smart grid potential hazards that can be referred as a triggering factor to improve the system and security of the entire grid. The background of smart information infrastructure and the needs for smart grid IS is described with the adoption of hermeneutic circle as methodology. Grid information technology and security-s session discusses that grid provides the chance of a simple and transparent access to different information sources. In addition, the transformation between traditional versus smart grid networking trend and the IS importance on the communication field reflects the criticality of grid IS functional requirement identification is introduces. The smart grid IS functional requirements described in this paper are general and ...

Ling, Amy Poh Ai

2011-01-01T23:59:59.000Z

70

CMS System Security Plan Template  

Science Conference Proceedings (OSTI)

System Security Plan (SSP) Template Instructions. This template contains boiler plate language. Each template must be ...

2009-06-30T23:59:59.000Z

71

British American Security Information  

E-Print Network (OSTI)

Nuclear weapons policy looks set to feature as a political issue in the 2015 general election. A broad consensus on UK nuclear weapons policy since of the end of the Cold War amongst the party leaderships of the three main Westminster parties has been disturbed by the debate on whether and, if so, how to replace the current Trident nuclear weapons system. This has been exacerbated by a coalition government in which the Liberal Democrats have broken ranks and moved towards active consideration of a smaller, cheaper replacement for Trident that does not entail continuous deployment of nuclear weapons at sea. The Conservative leadership remains committed to a like-for-like replacement of the current system in line with the policy adopted by the

Dr. Nick Ritchie; Paul Ingram

2013-01-01T23:59:59.000Z

72

Program Review for Information Security Management ...  

Science Conference Proceedings (OSTI)

... The PRISMA is based upon existing federal directives including Federal Information Security Management Act (FISMA), NIST guidelines and other ...

2013-01-15T23:59:59.000Z

73

NIST Launches New Information Technology Security Effort  

Science Conference Proceedings (OSTI)

... project focuses on cybersecurity for the electrical power grid by developing a prototype secure information architecture for substations and control ...

2010-10-05T23:59:59.000Z

74

SCADA system security, complexity, and security proof  

Science Conference Proceedings (OSTI)

Modern Critical infrastructures have command and control systems. These command and control systems are commonly called supervisory control and data acquisition (SCADA). In the past, SCADA system has a closed operational environment, so these systems ... Keywords: 11770-2 mechanism 9, Formal security poof, SCADA, key management

Reda Shbib; Shikun Zhou; Khalil Alkadhimi

2012-11-01T23:59:59.000Z

75

A metadata calculus for secure information sharing  

Science Conference Proceedings (OSTI)

In both commercial and defense sectors a compelling need is emerging for rapid, yet secure, dissemination of information to the concerned actors. Traditional approaches to information sharing that rely on security labels (e.g., Multi-Level Security (MLS)) ... Keywords: access control, information flow, risk management

Mudhakar Srivatsa; Dakshi Agrawal; Steffen Reidt

2009-11-01T23:59:59.000Z

76

V-192: Symantec Security Information Manager Input Validation...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

in Symantec Security Information Manager PLATFORM: Symantec Security Information Manager Appliance Version 4.7.x and 4.8.0 ABSTRACT: Symantec was notified of multiple security...

77

Control Systems Cyber Security Standards Support Activities  

Science Conference Proceedings (OSTI)

The Department of Homeland Securitys Control Systems Security Program (CSSP) is working with industry to secure critical infrastructure sectors from cyber intrusions that could compromise control systems. This document describes CSSPs current activities with industry organizations in developing cyber security standards for control systems. In addition, it summarizes the standards work being conducted by organizations within the sector and provides a brief listing of sector meetings and conferences that might be of interest for each sector. Control systems cyber security standards are part of a rapidly changing environment. The participation of CSSP in the development effort for these standards has provided consistency in the technical content of the standards while ensuring that information developed by CSSP is included.

Robert Evans

2009-01-01T23:59:59.000Z

78

National information security policy and its implementation: A case study in Taiwan  

Science Conference Proceedings (OSTI)

Cyberspace is no longer safe. From business organizations to countries, the requirements of information security and assurance have become one of the most important functions to ensure continued operations. The goal of this study is twofold. First, we ... Keywords: BS7799, ISO27001, Information security, Information security management system (ISMS), National information security policy

Cheng-Yuan Ku; Yi-Wen Chang; David C. Yen

2009-08-01T23:59:59.000Z

79

Industrial Control Systems Security  

Science Conference Proceedings (OSTI)

... Risk Management Architecture security focus Physical interaction ... Cybersecurity Cybersecurity Framework Smart Grid Program ...

2013-06-05T23:59:59.000Z

80

Towards an ethical code for information security?  

Science Conference Proceedings (OSTI)

Most computer scientists reflexively reject the idea of a malicious universe due to its conflict with the dominant scientific paradigm of a non-teleological impartially disinterested universe. While computer scientists might not view the universe as ... Keywords: Kuhn, NSPW, code of ethics, command and control, computer security, cybersecurity, ethical code, ethics, information security, new security paradigms workshop, paradigm, professional ethics, regulation

Steven J. Greenwald; Brian D. Snow; Richard Ford; Richard Thieme

2009-08-01T23:59:59.000Z

Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


81

Convergence of Corporate and Information Security  

E-Print Network (OSTI)

As physical and information security boundaries have become increasingly blurry many organizations are experiencing challenges with how to effectively and efficiently manage security within the corporate. There is no current standard or best practice offered by the security community regarding convergence; however many organizations such as the Alliance for Enterprise Security Risk Management (AESRM) offer some excellent suggestions for integrating a converged security program. This paper reports on how organizations have traditionally managed asset protection, why that is changing and how to establish convergence to optimize security value to the business within an enterprise.

Syed,; Donahue, Shannon E

2010-01-01T23:59:59.000Z

82

Contact Information | National Nuclear Security Administration  

National Nuclear Security Administration (NNSA)

Follow this link to skip to the main content Facebook Flickr RSS Twitter YouTube Contact Information | National Nuclear Security Administration Our Mission Managing the Stockpile...

83

NMMSS Information, Reports & Forms | National Nuclear Security  

National Nuclear Security Administration (NNSA)

Information, Reports & Forms | National Nuclear Security Information, Reports & Forms | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog NMMSS Information, Reports & Forms Home > About Us > Our Programs > Nuclear Security > Nuclear Materials Management & Safeguards System > NMMSS Information, Reports & Forms NMMSS Information, Reports & Forms

84

Towards evaluating security implementations using the Information Security Maturity Model (ISMM).  

E-Print Network (OSTI)

??Information security is a common and ever-present concern for both private and public sector organizations. Information security protects information from a wide range of threats, (more)

Alaboodi, Saad Saleh

2007-01-01T23:59:59.000Z

85

Cyber Security Incidents, Information Technology Division, ITD  

NLE Websites -- All DOE Office Websites (Extended Search)

Reporting Computing Security Incidents Reporting Computing Security Incidents Incident Reporting Hotline: 631-344-8484 Security Incidents A computer security incident can range from a simple virus to the disclosure of sensitive information. Incidents can be minor, important, or significant. Incidents that must be reported include computer or network related activity, internal or external to the Laboratory, that may impact the Laboratory's mission. Examples of such activities include: the possibility of: loss of data; denial of services; compromise of computer security; unauthorized access to data that the Laboratory is required to control by law, regulation, or DOE orders; investigative activity by legal, law enforcement, bureaucratic, or political authorities; or a public relations embarrassment.

86

GAO-06-811 Information Security: Coordination of Federal Cyber Security Research and Development  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

the Chairman, Committee on the Chairman, Committee on Government Reform, House of Representatives INFORMATION SECURITY Coordination of Federal Cyber Security Research and Development September 2006 GAO-06-811 What GAO Found United States Government Accountability Office Why GAO Did This Study Highlights Accountability Integrity Reliability September 2006 INFORMATION SECURITY Coordination of Federal Cyber Security Research and Development Highlights of GAO-06-811, a report to Chairman, Committee on Government Reform, House of Representatives Research and development (R&D) of cyber security technology is essential to creating a broader range of choices and more robust tools for building secure, networked computer systems in the federal government and in the private sector. The National

87

FORTUNA-A framework for the design and development of hardware-based secure systems  

Science Conference Proceedings (OSTI)

Security requires a holistic view. In this work we contribute to this goal by taking a new viewpoint, with the proposal of the logic-probabilistic framework FORTUNA to support the design and development of hardware-based-security systems (HwBSS). It ... Keywords: Formal methods for security, Hardware-based security, Information security, Security evaluation tool, Security metrics

Roberto Gallo, Henrique Kawakami, Ricardo Dahab

2013-08-01T23:59:59.000Z

88

Matching information security vulnerabilities to organizational security profiles: a genetic algorithm approach  

Science Conference Proceedings (OSTI)

Organizations are making substantial investments in information security to reduce the risk presented by vulnerabilities in their information technology (IT) infrastructure. However, each security technology only addresses specific vulnerabilities and ... Keywords: Genetic algorithms, Information security

Mukul Gupta; Jackie Rees; Alok Chaturvedi; Jie Chi

2006-03-01T23:59:59.000Z

89

Matching information security vulnerabilities to organizational security profiles: a genetic algorithm approach  

Science Conference Proceedings (OSTI)

Organizations are making substantial investments in information security to reduce the risk presented by vulnerabilities in their information technology (IT) infrastructure. However, each security technology only addresses specific vulnerabilities and ... Keywords: genetic algorithms, information security

Mukul Gupta; Jackie Rees; Alok Chaturvedi; Jie Chi

2006-03-01T23:59:59.000Z

90

MN Office of Energy Security | Open Energy Information  

Open Energy Info (EERE)

MN Office of Energy Security MN Office of Energy Security Jump to: navigation, search Name MN Office of Energy Security Place St. Paul, MN Website http://www.mnofficeofenergysec References MN Office of Energy Security[1] Information About Partnership with NREL Partnership with NREL Yes Partnership Type Test & Evaluation Partner Partnering Center within NREL Electricity Resources & Building Systems Integration LinkedIn Connections CrunchBase Profile No CrunchBase profile. Create one now! MN Office of Energy Security is a company located in St. Paul, MN. References ↑ "MN Office of Energy Security" Retrieved from "http://en.openei.org/w/index.php?title=MN_Office_of_Energy_Security&oldid=379158" Categories: Clean Energy Organizations Companies Organizations

91

Neutralization: new insights into the problem of employee systems security policy violations  

Science Conference Proceedings (OSTI)

Employees' failure to comply with information systems security policies is a major concern for information technology security managers. In efforts to understand this problem, IS security researchers have traditionally viewed violations of IS security ... Keywords: IS security, IS security policies, compliance, deterrence theory, neutralization theory

Mikko Siponen; Anthony Vance

2010-09-01T23:59:59.000Z

92

Port security and information technology  

E-Print Network (OSTI)

The terrorist attacks of September 11th 2001 on New York and Washington DC shed light on the many security shortcomings that sea ports and the entire import and export process face. A primary source of these problems is ...

Petrakakos, Nikolaos Harilaos

2005-01-01T23:59:59.000Z

93

Analytical foundations of physical security system assessment  

E-Print Network (OSTI)

Physical security systems are intended to prevent or mitigate potentially catastrophic loss of property or life. Decisions regarding the selection of one system or configuration of resources over another may be viewed as design decisions within a risk theoretic setting. The problem of revealing a clear preference among design alternatives, using only a partial or inexact delineation of event probabilities, is examined. In this dissertation, an analytical framework for the assessment of the risk associated with a physical security system is presented. Linear programming is used to determine bounds on the expected utility of an alternative, and conditions for the separation of preferences among alternatives are shown. If distinguishable preferences do not exist, techniques to determine what information may help to separate preferences are presented. The linear programming approach leads to identification of vulnerabilities in a security system through an examination of the solution to the dual problem. Security of a hypothetical military forward operating base is considered as an illustrative example. For two alternative security schemes, the uncertainty inherent in the scenario is represented using probability assessments consisting of bounds on event probabilities and exact probability assignments. Application of the framework reveals no separation of preferences between the alternatives. Examination of the primal and dual solutions to the linear programming problems, however, reveals insights into information which, if obtained, could lead to a separation of preferences as well as information on vulnerabilities in one of the alternative security postures.

Graves, Gregory Howard

2006-08-01T23:59:59.000Z

94

Choice and Chance: A Conceptual Model of Paths to Information Security Compromise  

Science Conference Proceedings (OSTI)

No longer the exclusive domain of technology experts, information security is now a management issue. Through a grounded approach using interviews, observations, and secondary data, we advance a model of the information security compromise process from ... Keywords: computer crime, information security management, information systems risk management

Sam Ransbotham; Sabyasachi Mitra

2009-03-01T23:59:59.000Z

95

Neumann Receives Computer System Security Award  

Science Conference Proceedings (OSTI)

... in the area of information security and assurance. ... significant long-term contributions to computer security ... trade, and improve the quality of life. ...

2012-12-13T23:59:59.000Z

96

PARS II New Contractor Information for Interconnection Security Agreement  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

New Contractor Information for Interconnection Security Agreement New Contractor Information for Interconnection Security Agreement V1.0 (November 18, 2010) The Department of Energy (DOE) Headquarters Program Cyber Security Plan (PCSP), dated February 2008, requires the Project Assessment and Reporting System (PARS) II System Owner and the contractor sign an Interconnection Security Agreement (ISA). The requirement for an Interconnection Security Agreement can be found on page 182 of the PCSP. The ISA template is available for review on the PARS II portal (http://management.energy.gov/online_resources/pars2.htm) under Contractor Documents. Before the contractor begins sending data to PARS II, DOE will send the ISA to the contractor for review and signature. In order to prepare the ISA for review and signature, the PARS II Support Team needs

97

Verifying a secure information flow analyzer  

Science Conference Proceedings (OSTI)

Denotational semantics for a substantial fragment of Java is formalized by deep embedding in PVS, making extensive use of dependent types. A static analyzer for secure information flow for this language is proved correct, that is, it enforces noninterference.

David A. Naumann

2005-08-01T23:59:59.000Z

98

PIA - Security Clearance Tracking System | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Security Clearance Tracking System PIA - Security Clearance Tracking System PIA - Security Clearance Tracking System PIA - Security Clearance Tracking System More Documents &...

99

ETTP Security Access Control System (ESACS) | Department of Energy  

NLE Websites -- All DOE Office Websites (Extended Search)

ETTP Security Access Control System (ESACS) ETTP Security Access Control System (ESACS) ETTP Security Access Control System (ESACS) ETTP Security Access Control System (ESACS) More...

100

Contact Information | National Nuclear Security Administration  

National Nuclear Security Administration (NNSA)

Information | National Nuclear Security Administration Information | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog Contact Information Home > About Us > Our Programs > Defense Programs > Military Academic Collaborations > Contact Information Contact Information At each of NNSA's eight sites, leading-edge research and development is

Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


101

Information Security Policies Made Easy Version 11, Version 11 edition  

Science Conference Proceedings (OSTI)

Information Security Policies Made Easy, Version 11 is the new and updated version of the gold standard information security policy resource used by over 7000 organizations worldwide. Based on the 25 year consulting and security experience of Charles ...

Charles Cresson Wood; Dave Lineman

2009-09-01T23:59:59.000Z

102

Site Information | National Nuclear Security Administration  

NLE Websites -- All DOE Office Websites (Extended Search)

Information | National Nuclear Security Administration Information | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog Site Information Home > About Us > Our Programs > Defense Programs > Military Academic Collaborations > Site Information Site Information The NNSA's nuclear security enterprise spans eight sites, including three national laboratories, with more than six decades of cutting-edge nuclear

103

Site Information | National Nuclear Security Administration  

National Nuclear Security Administration (NNSA)

Information | National Nuclear Security Administration Information | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog Site Information Home > About Us > Our Programs > Defense Programs > Military Academic Collaborations > Site Information Site Information The NNSA's nuclear security enterprise spans eight sites, including three national laboratories, with more than six decades of cutting-edge nuclear

104

Information-Theoretically Secure Communication Under Channel Uncertainty  

E-Print Network (OSTI)

Secure communication under channel uncertainty is an important and challenging problem in physical-layer security and cryptography. In this dissertation, we take a fundamental information-theoretic view at three concrete settings and use them to shed insight into efficient secure communication techniques for different scenarios under channel uncertainty. First, a multi-input multi-output (MIMO) Gaussian broadcast channel with two receivers and two messages: a common message intended for both receivers (i.e., channel uncertainty for decoding the common message at the receivers) and a confidential message intended for one of the receivers but needing to be kept asymptotically perfectly secret from the other is considered. A matrix characterization of the secrecy capacity region is established via a channel-enhancement argument and an extremal entropy inequality previously established for characterizing the capacity region of a degraded compound MIMO Gaussian broadcast channel. Second, a multilevel security wiretap channel where there is one possible realization for the legitimate receiver channel but multiple possible realizations for the eavesdropper channel (i.e., channel uncertainty at the eavesdropper) is considered. A coding scheme is designed such that the number of secure bits delivered to the legitimate receiver depends on the actual realization of the eavesdropper channel. More specifically, when the eavesdropper channel realization is weak, all bits delivered to the legitimate receiver need to be secure. In addition, when the eavesdropper channel realization is strong, a prescribed part of the bits needs to remain secure. We call such codes security embedding codes, referring to the fact that high-security bits are now embedded into the low-security ones. We show that the key to achieving efficient security embedding is to jointly encode the low-security and high-security bits. In particular, the low-security bits can be used as (part of) the transmitter randomness to protect the high-security ones. Finally, motivated by the recent interest in building secure, robust and efficient distributed information storage systems, the problem of secure symmetrical multilevel diversity coding (S-SMDC) is considered. This is a setting where there are channel uncertainties at both the legitimate receiver and the eavesdropper. The problem of encoding individual sources is first studied. A precise characterization of the entire admissible rate region is established via a connection to the problem of secure coding over a three-layer wiretap network and utilizing some basic polyhedral structure of the admissible rate region. Building on this result, it is then shown that the simple coding strategy of separately encoding individual sources at the encoders can achieve the minimum sum rate for the general S-SMDC problem.

Ly, Hung Dinh

2012-05-01T23:59:59.000Z

105

Bioinformatics Systems | National Security | ORNL  

NLE Websites -- All DOE Office Websites (Extended Search)

Initiatives Cyber Security Nuclear Forensics Bioinformatics Videos Workshops National Security Home | Science & Discovery | National Security | Initiatives | Bioinformatics SHARE...

106

Security Forms and Information | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Services » New Employee Orientation » Security Forms and Services » New Employee Orientation » Security Forms and Information Security Forms and Information Homeland Security Presidential Directive HSPD-12 established new policy for a common identification standard for Federal Employees and contractors. As of October 27, 2005, all new Federal employees assigned to the DOE Headquarters complex are required to present two identity source documents (i.e., U.S. Passport, driver's license, identification card with photograph issued by a Federal, state, or local government agency, etc.), have their fingerprints taken, and undergo a background investigation (the identity proofing process) prior to reporting for duty or being issued a DOE standard badge (identity or PIV badge). Most likely, your HR representative and/or administrative personnel have

107

Quantum-safe cryptography and information security  

E-Print Network (OSTI)

Quantum-safe cryptography and information security 2 August 2013 Michele Mosca #12;2 Information;6 Next generation cryptographic infrastructure · Must be quantum-safe · Should have algorithmic agility built-in #12;7 Quantum-safe cryptographic infrastructure quantum cryptography+ Both sets

Le Roy, Robert J.

108

Cyber Security and Resilient Systems  

Science Conference Proceedings (OSTI)

The Department of Energy (DOE) Idaho National Laboratory (INL) has become a center of excellence for critical infrastructure protection, particularly in the field of cyber security. It is one of only a few national laboratories that have enhanced the nations cyber security posture by performing industrial control system (ICS) vendor assessments as well as user on-site assessments. Not only are vulnerabilities discovered, but described actions for enhancing security are suggested both on a system-specific basis and from a general perspective of identifying common weaknesses and their corresponding corrective actions. These cyber security programs have performed over 40 assessments to date which have led to more robust, secure, and resilient monitoring and control systems for the US electrical grid, oil and gas, chemical, transportation, and many other sectors. In addition to cyber assessments themselves, the INL has been engaged in outreach to the ICS community through vendor forums, technical conferences, vendor user groups, and other special engagements as requested. Training programs have been created to help educate all levels of management and worker alike with an emphasis towards real everyday cyber hacking methods and techniques including typical exploits that are used. The asset owner or end user has many products available for its use created from these programs. One outstanding product is the US Department of Homeland Security (DHS) Cyber Security Procurement Language for Control Systems document that provides insight to the user when specifying a new monitoring and control system, particularly concerning security requirements. Employing some of the top cyber researchers in the nation, the INL can leverage this talent towards many applications other than critical infrastructure. Monitoring and control systems are used throughout the world to perform simple tasks such as cooking in a microwave to complex ones such as the monitoring and control of the next generation fighter jets or nuclear material safeguards systems in complex nuclear fuel cycle facilities. It is the intent of this paper to describe the cyber security programs that are currently in place, the experiences and successes achieved in industry including outreach and training, and suggestions about how other sectors and organizations can leverage this national expertise to help their monitoring and control systems become more secure.

Robert S. Anderson

2009-07-01T23:59:59.000Z

109

On Cyber Security for Networked Control Systems  

E-Print Network (OSTI)

security efforts by establishing the national SCADA test bed program INL [INL/EXT- 05-00671, Idaho National Laboratory. US-CERT [2008], Control Systems Security

Amin, Saurabh

2011-01-01T23:59:59.000Z

110

System and method for secure group transactions  

DOE Patents (OSTI)

A method and a secure system, processing on one or more computers, provides a way to control a group transaction. The invention uses group consensus access control and multiple distributed secure agents in a network environment. Each secure agent can organize with the other secure agents to form a secure distributed agent collective.

Goldsmith, Steven Y. (Rochester, MN)

2006-04-25T23:59:59.000Z

111

FTCP Site Specific Information - Office of Health, Safety & Security...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Security FTCP Site Specific Information - Office of Health, Safety & Security FTCP Agent Organization Name Phone E-Mail HSS HQ Pat Worthington Bradley Davy 301903-6929 301...

112

NIST SP 800-16 (Draft), Information Security Training ...  

Science Conference Proceedings (OSTI)

... security concepts that are fundamental for the ... 800-100, Information Security Handbook: A Guide ... Formative evaluation answers the question: Are ...

2013-04-25T23:59:59.000Z

113

The U.S. Department of Energy, National Nuclear Security Agency's Use of Geographic Information Systems for Nuclear Emergency Response Support  

SciTech Connect

The U.S, Department of Energy (DOE), National Nuclear Security Agency's (NNSA) Remote Sensing Laboratory (RSL) provides Geographic Information System (GIS) support during nuclear emergency response activities. As directed by the NNSA, the RSL GIS staff maintains databases and equipment for rapid field deployment during an emergency response. When on location, GIS operators provide information products to on-site emergency managers as well as to emergency managers at the DOE Headquarters (HQ) Emergency Operations Center (EOC) in Washington, D.C. Data products are derived from multiple information sources in the field including radiological prediction models, field measurements taken on the ground and from the air, and pertinent information researched on the Internet. The GIS functions as a central data hub where it supplies the information to response elements in the field, as well as to headquarters officials at HQ during emergency response activities.

A. L. Guber

2001-06-01T23:59:59.000Z

114

OFFICE OF HEALH, SAFETY AND SECURITY INFORMATION COLLECTION PACKAGE  

NLE Websites -- All DOE Office Websites (Extended Search)

HEALH, SAFETY AND SECURITY HEALH, SAFETY AND SECURITY INFORMATION COLLECTION PACKAGE OMB 1910-0300: ES&H Reporting Systems Description of Collections April 10, 2012 The information obtained from DOE contractors by this information collection is used by Department management at the appropriate levels to manage the work pertaining to environment, safety and health throughout DOE and will include automated reporting of information into the following systems: Computerized Accident/Incident Reporting System (CAIRS) - The CAIRS is a database used to collect and analyze DOE and DOE contractor reports of injuries, illnesses, and other accidents that occur during DOE operations as described in DOE O 231.1B, Environment, Safety and Health Reporting. This system contains information from reporting contractors and

115

Intrusion ripple analysis in distributed information systems  

Science Conference Proceedings (OSTI)

Security is a very important aspect of distributed computing systems, especially in distributed information environments involving wide-area networks, such as internets. This paper addresses how a security breach, such as intrusion, propagates through ... Keywords: computer crime, distributed information systems, internets, intrusion ripple analysis, networked information system, ripple effect analysis, security breach propagation, software maintenance, wide-area networks

S. S. Yau; Jun Zhu

1997-10-01T23:59:59.000Z

116

Control Systems Security Publications Library | Department of...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Electricity Advisory Committee Technology Development Transmission Planning Smart Grid Energy Delivery Systems Cybersecurity Control Systems Security News Archive Control...

117

Secure Control Systems for the Energy Sector  

Science Conference Proceedings (OSTI)

Schweitzer Engineering Laboratories (SEL) will conduct the Hallmark Project to address the need to reduce the risk of energy disruptions because of cyber incidents on control systems. The goals is to develop solutions that can be both applied to existing control systems and designed into new control systems to add the security measures needed to mitigate energy network vulnerabilities. The scope of the Hallmark Project contains four primary elements: 1. Technology transfer of the Secure Supervisory Control and Data Acquisition (SCADA) Communications Protocol (SSCP) from Pacific Northwest National Laboratories (PNNL) to Schweitzer Engineering Laboratories (SEL). The project shall use this technology to develop a Federal Information Processing Standard (FIPS) 140-2 compliant original equipment manufacturer (OEM) module to be called a Cryptographic Daughter Card (CDC) with the ability to directly connect to any PC enabling that computer to securely communicate across serial to field devices. Validate the OEM capabilities with another vendor. 2. Development of a Link Authenticator Module (LAM) using the FIPS 140-2 validated Secure SCADA Communications Protocol (SSCP) CDC module with a central management software kit. 3. Validation of the CDC and Link Authenticator modules via laboratory and field tests. 4. Creation of documents that record the impact of the Link Authenticator to the operators of control systems and on the control system itself. The information in the documents can assist others with technology deployment and maintenance.

Smith, Rhett; Campbell, Jack; Hadley, Mark

2012-03-31T23:59:59.000Z

118

NIST.gov - Computer Security Division - Computer Security ...  

Science Conference Proceedings (OSTI)

... Digital Age - Information Security Transformation for the ... to Information Systems (Transforming the Certification ... for Smart Grid Cyber Security (NIST ...

119

Control Systems Security News Archive | Department of Energy  

NLE Websites -- All DOE Office Websites (Extended Search)

Delivery Systems Cybersecurity Control Systems Security News Archive Control Systems Security News Archive Control Systems Security News Archive September 2010 - Secretary Chu...

120

Information Security Analysis Using Game Theory and Simulation  

SciTech Connect

Information security analysis can be performed using game theory implemented in dynamic simulations of Agent Based Models (ABMs). Such simulations can be verified with the results from game theory analysis and further used to explore larger scale, real world scenarios involving multiple attackers, defenders, and information assets. Our approach addresses imperfect information and scalability that allows us to also address previous limitations of current stochastic game models. Such models only consider perfect information assuming that the defender is always able to detect attacks; assuming that the state transition probabilities are fixed before the game assuming that the players actions are always synchronous; and that most models are not scalable with the size and complexity of systems under consideration. Our use of ABMs yields results of selected experiments that demonstrate our proposed approach and provides a quantitative measure for realistic information systems and their related security scenarios.

Schlicher, Bob G [ORNL; Abercrombie, Robert K [ORNL

2012-01-01T23:59:59.000Z

Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


121

Advanced Metering Infrastructure (AMI) System Security Requirements  

Science Conference Proceedings (OSTI)

This report identifies key cyber security requirements and suggests basic security approaches for safeguarding the many interfaces of Advanced Metering Infrastructure (AMI) systems. These requirements, which were developed through a clearly defined security assessment procedure, are generic; but they can be used to develop more specific security requirements based on actual configurations and environments.

2009-12-21T23:59:59.000Z

122

Cyber Security, Information Technology Division, ITD  

NLE Websites -- All DOE Office Websites (Extended Search)

Brookhaven Cyber Security Requirements Brookhaven Cyber Security Requirements Backup Data Sensitivity Physical Protection Computer Security Incidents Software Copyright Laws Virus Protection Passwords Accounts Backup Data ALWAYS BACKUP YOUR DATA. Keep the backups in a protected area. The more critical the data the more often you should backup. REQUIREMENTS: Users ("data owners") are responsible for determining what data requires protection and how their data is to be recovered if the online copy is destroyed (either by accidental or malicious damage). Users may choose not to back up data, but if so they must make sure they know how to recreate the lost data if needed. If backup is necessary then the users must coordinate a backup plan. This may either be an individual backup done by the users themselves or coordinated with the system managers into a regular system backup plan.

123

An efficient approach to support querying secure outsourced XML information  

Science Conference Proceedings (OSTI)

Data security is well-recognized a vital issue in an information system that is supported in an outsource environment. However, most of conventional XML encryption proposals treat confidential parts of an XML document as whole blocks of text and apply ...

Yin Yang; Wilfred Ng; Ho Lam Lau; James Cheng

2006-06-01T23:59:59.000Z

124

Visitor_Security_and_Safety_Information  

NLE Websites -- All DOE Office Websites (Extended Search)

in a designated lot near the main lobby and auditorium. Office of Health, Safety and Security Office of Security Operations Office of Headquarters Security Operations United...

125

In defense of the realm: understanding the threats to information security  

Science Conference Proceedings (OSTI)

The popular press is replete with information about attacks on information systems. Viruses, worms, hackers, and employee abuse and misuse have created a dramatic need for understanding and implementing quality information security. In order to accomplish ...

Michael E. Whitman

2004-02-01T23:59:59.000Z

126

Designing Secure SCADA Systems Using Security Patterns  

Science Conference Proceedings (OSTI)

Critical infrastructure systems are those systems that support our daily lives and their protection is fundamental. The key component of a critical infrastructure system is the process control system, also known as the supervisory, control, and data ...

Eduardo B. Fernandez; Maria M. Larrondo-Petrie

2010-01-01T23:59:59.000Z

127

ITL Bulletin - ITL Updates Glossary of Key Information Security ...  

Science Conference Proceedings (OSTI)

... ITL UPDATES GLOSSARY OF KEY INFORMATION SECURITY TERMS ... ITL plans to keep the glossary current by providing updates online. ...

2013-06-12T23:59:59.000Z

128

Current News and Information | National Nuclear Security Administratio...  

National Nuclear Security Administration (NNSA)

News and Information | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response...

129

V-192: Symantec Security Information Manager Input Validation Flaws Permit  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

92: Symantec Security Information Manager Input Validation Flaws 92: Symantec Security Information Manager Input Validation Flaws Permit Cross-Site Scripting, SQL Injection, and Information Disclosure Attacks V-192: Symantec Security Information Manager Input Validation Flaws Permit Cross-Site Scripting, SQL Injection, and Information Disclosure Attacks July 4, 2013 - 6:00am Addthis PROBLEM: Several vulnerabilities were reported in Symantec Security Information Manager PLATFORM: Symantec Security Information Manager Appliance Version 4.7.x and 4.8.0 ABSTRACT: Symantec was notified of multiple security issues impacting the SSIM management console REFERENCE LINKS: SecurityTracker Alert ID: 1028727 Symantec Security Advisory SYM13-006 CVE-2013-1613 CVE-2013-1614 CVE-2013-1615 IMPACT ASSESSMENT: Medium DISCUSSION: The console does not properly filter HTML code from user-supplied input

130

Enforcement of DOE Classified Information Security Requirements Under Title  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

of DOE Classified Information Security Requirements of DOE Classified Information Security Requirements Under Title 10, Code of Federal Regulations, Part 824 Enforcement of DOE Classified Information Security Requirements Under Title 10, Code of Federal Regulations, Part 824 In publishing 10 CFR Part 824, DOE has determined that civil penalties under Part 824 will only be assessed for violations of requirements for the protection of classified information (Restricted Data, Formerly Restricted Data and National Security Information). The rule does not include civil penalties relating to failure to protect sensitive but unclassified information. IMPLEMENTATION GUIDANCE More Documents & Publications Safety and Security Enforcement Process Overview Preliminary Notice, Battelle Energy Alliance, LLC, SEA-2011-01

131

Fifth Annual Health Information Security Conference Runs ...  

Science Conference Proceedings (OSTI)

... conference is an opportunity for HIPAA security rule implementers; security, privacy and compliance officers; assessment teams and audit staff in ...

2012-04-17T23:59:59.000Z

132

House of Security House of Security: Locale, Roles and Resources for Ensuring Information Security Research-in-Progress  

E-Print Network (OSTI)

In this paper we redefine information security by extending its definition in three salient avenues: locale (beyond the boundary of an enterprise to include partner organizations), role (beyond the information custodians view to include information consumers and managers views), and resource (beyond technical dimensions to include managerial dimensions). Based on our definition, we develop a model of information security, which we call the House of Security.

Wee Horng Ang; Yang W. Lee; Stuart E. Madnick; Michael Siegel; Diane M. Strong; Richard Y. Wang; Chrisy Yao; Wee Horng Ang; Stuart E. Madnick; Michael Siegel; Richard Y. Wang; Yang W. Lee; Dinsha Mistress; Diane M. Strong; Chrisy Yao

2006-01-01T23:59:59.000Z

133

A VIKOR technique based on DEMATEL and ANP for information security risk control assessment  

Science Conference Proceedings (OSTI)

As companies and organizations have grown to rely on their computer systems and networks, the issue of information security management has become more significant. To maintain their competitiveness, enterprises should safeguard their information and ... Keywords: Analytic network process (ANP), DEMATEL, Information security, Multiple criteria decision making (MCDM), Risk control assessment, VIKOR

Yu-Ping Ou Yang; How-Ming Shieh; Gwo-Hshiung Tzeng

2013-05-01T23:59:59.000Z

134

National Security Information Classification Guidance Fundamental Review, June 2012  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Security Security Information Fundamental Classification Guidance Review Report to the Information Security Oversight Office June 2012 United States Department of Energy Washington, DC 20585 Department of Energy | June 2012 National Security Information Fundamental Classification Guidance Review | Page iii Executive Summary Section 1.9 of Executive Order (E.O.) 13526, Classified National Security Information, dated December 29, 2009, directs agency heads to complete a comprehensive review of agency classification guides to ensure they reflect current circumstances and to identify classified information that no longer requires protection and can be declassified. To meet this requirement, the Department of Energy (DOE), under the direction of the Senior Agency Official, devoted

135

National SCADA Test Bed Enhancing control systems security in...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

SCADA Test Bed Enhancing control systems security in the energy sector National SCADA Test Bed Enhancing control systems security in the energy sector Improving the security of...

136

Control Systems Security Standards: Accomplishments And Impacts |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Control Systems Security Standards: Accomplishments And Impacts Control Systems Security Standards: Accomplishments And Impacts Control Systems Security Standards: Accomplishments And Impacts This report describes the accomplishments and impacts of the standards team towards achieving these three goals and describes the follow-on efforts that need to be made toward meeting the priority strategies defined in the DOE/DHS Roadmap to Secure Control Systems in the Energy Sector. Control Systems Security Standards: Accomplishments & Impacts More Documents & Publications A Summary of Control System Security Standards Activities in the Energy Sector (October 2005) Roadmap to Secure Control Systems in the Energy Sector 2006 - Presentation to the 2008 ieRoadmap Workshop DOE/OE National SCADA Test Bed Fiscal Year 2009 Work Plan

137

TOWARD HIGHLY SECURE AND AUTONOMIC COMPUTING SYSTEMS: A HIERARCHICAL APPROACH  

SciTech Connect

The overall objective of this research project is to develop novel architectural techniques as well as system software to achieve a highly secure and intrusion-tolerant computing system. Such system will be autonomous, self-adapting, introspective, with self-healing capability under the circumstances of improper operations, abnormal workloads, and malicious attacks. The scope of this research includes: (1) System-wide, unified introspection techniques for autonomic systems, (2) Secure information-flow microarchitecture, (3) Memory-centric security architecture, (4) Authentication control and its implication to security, (5) Digital right management, (5) Microarchitectural denial-of-service attacks on shared resources. During the period of the project, we developed several architectural techniques and system software for achieving a robust, secure, and reliable computing system toward our goal.

Lee, Hsien-Hsin S

2010-05-11T23:59:59.000Z

138

Pantex Occupational Health System (OHS), National Nuclear Security...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Pantex Occupational Health System (OHS), National Nuclear Security Administration Pantex Site Office Pantex Occupational Health System (OHS), National Nuclear Security...

139

Cyber Security, Information Technology Division, ITD  

NLE Websites -- All DOE Office Websites (Extended Search)

ITD Home Cyber Security Links Cyber Security Home Network Access Antivirus Measures SSH Gateways Remote Access Computer Security Incidents Cyber Security Homepage Report a Security Incident Hotline: 631.344.8484 Email: security@bnl.gov Cyber Security Note: The links below supplement the Cyber Security, Unclassified SBMS subject area. Network Access Cyber Security image Network Access Registration - New connections to BNL's internal network must complete the registration process described in this link. Machines that are not registered will be denied access to the Laboratory's network. Proxy Configuration Virtual Private Network (VPN) RSA SecurID User Guide Desktop Security Locking Your Computer Disable Automatic Login (Mac OS X) Virus Protection Secure Shell (SSH) Resources

140

Cyber Security, Information Technology Division, ITD  

NLE Websites -- All DOE Office Websites (Extended Search)

RSA SecurID User Guide VPN Home What is RSA SecurID? RSA SecurID two-factor authentication is based on something you know (a password or PIN) and something you have (an...

Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


141

Study of Security Attributes of Smart Grid Systems- Current Cyber Security Issues  

SciTech Connect

This document provides information for a report to congress on Smart Grid security as required by Section 1309 of Title XIII of the Energy Independence and Security Act of 2007. The security of any future Smart Grid is dependent on successfully addressing the cyber security issues associated with the nations current power grid. Smart Grid will utilize numerous legacy systems and technologies that are currently installed. Therefore, known vulnerabilities in these legacy systems must be remediated and associated risks mitigated in order to increase the security and success of the Smart Grid. The implementation of Smart Grid will include the deployment of many new technologies and multiple communication infrastructures. This report describes the main technologies that support Smart Grid and summarizes the status of implementation into the existing U.S. electrical infrastructure.

Wayne F. Boyer; Scott A. McBride

2009-04-01T23:59:59.000Z

142

Scalable security for petascale parallel file systems  

Science Conference Proceedings (OSTI)

Petascale, high-performance file systems often hold sensitive data and thus require security, but authentication and authorization can dramatically reduce performance. Existing security solutions perform poorly in these environments because they cannot ... Keywords: capabilities, high-performance computing, scalability, secure object-based storage

Andrew W. Leung; Ethan L. Miller; Stephanie Jones

2007-11-01T23:59:59.000Z

143

A Case Study: Preparing for the Smart Grids - Identifying Current Practice for Information Security Incident Management in the Power Industry  

Science Conference Proceedings (OSTI)

The power industry faces the implementation of smart grids, which will introduce new information security threats to the power automation systems. The ability to appropriately prepare for, and respond to, information security incidents, is of utmost ... Keywords: Information security, incident respons, smart grids

Maria B. Line

2013-03-01T23:59:59.000Z

144

Information Model for Policy-Based Network Security Management  

Science Conference Proceedings (OSTI)

Policy Based Network Management (PBNM) for network security has been paid much attention as a solution to consistent and unified management of security systems including IDS (Intrusion Detection System) and Firewall. In this paper, we define NSPIM (Network ...

Sook-Yeon Kim; Myung-Eun Kim; Kiyoung Kim; Jongsoo Jang

2002-01-01T23:59:59.000Z

145

Distribution System Cyber Security Architecture  

Science Conference Proceedings (OSTI)

The National Institute of Standards and Technology (NIST) has developed the NISTIR 7628: Guidelines for Smart Grid Cyber Security, while ASAP-SG has developed both the Security Profile for AMI (v2.0) and the Security Profile for Distribution Management. These documents are necessarily high level and generic, covering a broad range of smart grid assets, and focus exclusively on determining the security requirements. However, utilities and their vendors often cannot get a clear picture of what existing tec...

2010-12-31T23:59:59.000Z

146

Secure Systems and Applications Group  

Science Conference Proceedings (OSTI)

... technologies, and on developing security solutions ... the earliest stages of technology development through proof ... industry, and to develop tests, test ...

2013-01-17T23:59:59.000Z

147

A Tiered Security System for Mobile Devices  

E-Print Network (OSTI)

We have designed a tiered security system for mobile devices where each security tier holds user-defined security triggers and actions. It has a friendly interface that allows users to easily define and configure the different circumstances and actions they need according to context. The system can be set up and activated from any browser or directly on the mobile device itself. When the security system is operated from a Web site or server, its configuration can be readily shared across multiple devices. When operated directly from the mobile device, no server is needed for activation. Many different types of security circumstances and actions can be set up and employed from its tiers. Security circumstances can range from temporary misplacement of a mobile device at home to malicious theft in a hostile region. Security actions can range from ringing a simple alarm to automatically erasing, overwriting, and re-erasing drives.

Bardsley, Scott; Morris, R Paul

2008-01-01T23:59:59.000Z

148

Systems security and functional readiness  

SciTech Connect

In Protective Programming Planning, it is important that every facility or installation be configured to support the basic functions and mission of the using organization. This paper addresses the process of identifying the key functional operations of our facilities in Europe and providing the security necessary to keep them operating in natural and man-made threat environments. Functional Readiness is important since many of our existing facilities in Europe were not constructed to meet the demands of today's requirements. There are increased requirements for real-time systems with classified terminals and stringent access control, tempest and other electronic protection devices. One must prioritize the operations of these systems so that essential functions are provided even when the facilities are affected by overt or covert hostile activities.

Bruckner, D.G.

1988-01-01T23:59:59.000Z

149

Collaboration Topics - System Software | National Nuclear Security...  

National Nuclear Security Administration (NNSA)

Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog The National Nuclear Security Administration Collaboration Topics - System Software Home > About Us > Our...

150

Information Security Policy & Guidelines and provides minimum policies and  

E-Print Network (OSTI)

guidelines for agencies to follow in their implementation of the Tasmanian Government Information Security Charter. This document outlines a Risk Assessment and Management process agencies can use to support their information security planning. The methodology expands on AS/NZS 4360:2004 Risk Management to provide a consistent framework for agencies to assess their information security risks. The standard is an essential reference document to the methodology.

unknown authors

2005-01-01T23:59:59.000Z

151

Freedom of Information Act (FOIA) | National Nuclear Security...  

NLE Websites -- All DOE Office Websites (Extended Search)

Freedom of Information Act (FOIA) | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency...

152

DOE O 471.6 Admin Chg. 1, Information Security  

Directives, Delegations, and Requirements

The protection and control of classified information is critical to our nation??s security. This Order establishes requirements and responsibilities for ...

2011-06-20T23:59:59.000Z

153

Antivirus Procedures, Cyber Security, Information Technology...  

NLE Websites -- All DOE Office Websites (Extended Search)

Anti-virus Software Trend OfficeScan for PCs & Trend Micro Security for Mac Anti-Virus procedures are an important component of BNL's host-based security architecture. Anti-Virus...

154

Delegating Network Security with More Information  

E-Print Network (OSTI)

Network security is gravitating towards more centralized control. Strong centralization places a heavy burden on the administrator who has to manage complex security policies and be able to adapt to users' requests. To be ...

Naous, Jad

155

NISTIR 7359, Information Security Guide For Government ...  

Science Conference Proceedings (OSTI)

... These benefits include: Business success/resilience. Effective security ensures that vital services are delivered in all operating conditions. ...

2012-02-29T23:59:59.000Z

156

Processes in securing open architecture software systems  

Science Conference Proceedings (OSTI)

Our goal is to identify and understand issues that arise in the development and evolution processes for securing open architecture (OA) software systems. OA software systems are those developed with a mix of closed source and open source software components ... Keywords: Open architecture, configuration, continuous software development, process integration, process modeling, security

Walt Scacchi, Thomas A. Alspaugh

2013-05-01T23:59:59.000Z

157

Secure videoconferencing equipment switching system and method  

DOE Patents (OSTI)

A switching system and method are provided to facilitate use of videoconference facilities over a plurality of security levels. The system includes a switch coupled to a plurality of codecs and communication networks. Audio/Visual peripheral components are connected to the switch. The switch couples control and data signals between the Audio/Visual peripheral components and one but nor both of the plurality of codecs. The switch additionally couples communication networks of the appropriate security level to each of the codecs. In this manner, a videoconferencing facility is provided for use on both secure and non-secure networks.

Hansen, Michael E. (Livermore, CA)

2009-01-13T23:59:59.000Z

158

Definition: Cyber Security Incident | Open Energy Information  

Open Energy Info (EERE)

Security Incident Security Incident Jump to: navigation, search Dictionary.png Cyber Security Incident Any malicious act or suspicious event that: Compromises, or was an attempt to compromise, the Electronic Security Perimeter or Physical Security Perimeter of a Critical Cyber Asset, or, Disrupts, or was an attempt to disrupt, the operation of a Critical Cyber Asset.[1] Related Terms Electronic Security Perimeter References ↑ Glossary of Terms Used in Reliability Standards An LikeLike UnlikeLike You like this.Sign Up to see what your friends like. inline Glossary Definition Retrieved from "http://en.openei.org/w/index.php?title=Definition:Cyber_Security_Incident&oldid=480296" Categories: Definitions ISGAN Definitions What links here Related changes Special pages Printable version

159

Quantum Public-Key Encryption with Information Theoretic Security  

E-Print Network (OSTI)

We propose a definition for the information theoretic security of a quantum public-key encryption scheme, and present bit-oriented and two-bit-oriented encryption schemes satisfying our security definition via the introduction of a new public-key algorithm structure. We extend the scheme to a multi-bitoriented one, and conjecture that it is also information theoretically secure, depending directly on the structure of our new algorithm.

Jiangyou Pan; Li Yang

2010-06-02T23:59:59.000Z

160

Knowledge management within information security: the case of Barings Bank  

Science Conference Proceedings (OSTI)

Managing the growing problem of computer fraud within organisations has led researchers and practitioners to emphasise the need to take into account the 'social' aspects of information security. In addition, wider organisational issues such as ... Keywords: Barings Bank, KM, computer fraud, information security management, knowledge management, manager awareness, opportunities, organisational functions, social aspects, tacit knowledge, technical aspects

Shalini Kesar

2008-07-01T23:59:59.000Z

Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


161

The Board's Role: Executive and board roles in information security  

Science Conference Proceedings (OSTI)

Corporate information in all its forms is a business asset and needs to be recognised as such. This implies that the ultimate responsibility for security must be accepted by the business and not merely delegated to a chief information security officer ...

Paul Williams

2007-08-01T23:59:59.000Z

162

ORO Office Safeguards and Security Clearance Tracking System...  

NLE Websites -- All DOE Office Websites (Extended Search)

Office Safeguards and Security Clearance Tracking System and Visitor Control System PIA, Oak Ridge Operations Office ORO Office Safeguards and Security Clearance Tracking System...

163

Physical Security System Sensitivity to DBT Perturbations  

E-Print Network (OSTI)

This thesis examines how perturbing selected adversary capabilities in a design basis threat (DBT) may affect the assessment of a facility's security system performance. We found that using a strictly defined DBT to design and analytically test facility security systems can lead to invalid assessments that security measures are meeting standards. Design Basis Threats are intended to represent the most severe yet realistic attack a facility might face. However, the static nature of the standard DBT makes it unable to test the performance of a facility security system in the case where a specialized adversary may possess different capabilities than defined in the DBT. Our analysis of security system performance for various modeled facilities revealed significant vulnerabilities to certain perturbations of adversary capabilities. These vulnerabilities went undetected when the original strictly defined graded DBT was used in the assessment procedure. By maximizing one adversary capability at the expense of others, a specialized adversary force was able to efficiently defeat each facility. To address this problem, we proposed employing a so-called "point-based" DBT as an alternative to the existing strictly defined DBT. In a point-based DBT, multiple scenarios are assessed that test different sets of adversary capabilities to better uncover and understand any security system vulnerabilities that may exist. We believe the benefit of identifying these site-specific security vulnerabilities will outweigh the additional cost of generating a point-based DBT, especially if the vulnerabilities are identified during the initial design of the security system.

Conchewski, Curtis

2012-08-01T23:59:59.000Z

164

Security | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Security Security Security Security program under Office of Health, Safety and Security developes security policy, provides security expertise to assist field elements in planning site protection strategies and coordinates with domestic authorities to provide safeguards and security technical assistance, technical systems support, and technology development and deployment opportunities. Departmental Personnel Security, also ensures that Departmental personnel security programs (included the National Nuclear Security Administration) are consistent and effectively implemented. Headquarters Facilities Master Security Plan The purpose of the Headquarters Facility Master Security Plan (HQFMSP) is to inform employees, contractors, and visitors of the security procedures

165

IT Security for Automation Systems Motivations and Mechanisms  

E-Print Network (OSTI)

The protection of safety-critical and infrastructure systems (such as automation systems for utilities, but also for manufacturing plants) against electronic and communication network based attacks becomes more and more important. This paper examines how such safety-critical plants and automation systems can be secured against information system and network based attacks. Based on the defense-in-depth approach, a conceptional, generic security zone model for use in analysis and synthesis of a plant security architecture is proposed, and for each of its zones a survey of the available and appropriate security mechanisms for delay, detection, and reaction is given. Der Schutz von sicherheitskritischen Systemen und Infrastruktureinrichtungen (wie zum Beispiel der Automatisierungsanlagen von Versorgungsunternehmen, aber auch von Fabrikationsanlagen) gegen

Martin Naedele; Abb Schweiz Ag

2004-01-01T23:59:59.000Z

166

Information Security and Privacy Advisory Board (ISPAB) ...  

Science Conference Proceedings (OSTI)

... of future of gov Network 2020/MTIPS/TIC Earl Crane, Director for Federal Cybersecurity, National Security Staff, The White House Tim Polk ...

2013-06-17T23:59:59.000Z

167

Site Information | National Nuclear Security Administration  

NLE Websites -- All DOE Office Websites (Extended Search)

nonproliferation, bio threats, global climate modeling and other critical problems. NTS Nevada National Security Site (NNSS), near Las Vegas, Nev., is where the U.S....

168

Information Security and Privacy Advisory Board (ISPAB) ...  

Science Conference Proceedings (OSTI)

... simulated testing set up in fifteen government facilities. ... It is essential to understand the relationship ... to present his paper on Cyber Security Doctrine. ...

2011-07-20T23:59:59.000Z

169

CGI Information Technology Security Evaluation & Test Facility  

Science Conference Proceedings (OSTI)

... [17CMH2/02] Test methods for Physical Security Level 4, in accordance with FIPS 140-2. Cryptographic Modules Software 1 Testing. ...

2013-08-02T23:59:59.000Z

170

SecTTS: A secure track & trace system for RFID-enabled supply chains  

Science Conference Proceedings (OSTI)

Due to the highly sensitive business information communicated within RFID-enabled supply chain networks, there is an urgent need for a secure and effective track & trace system. In this paper, we aim to design and implement a secure track & trace system ... Keywords: EPCglobal network, RFID, Relay policy, Security, Supply chains

Jie Shi; Yingjiu Li; Wei He; Darren Sim

2012-08-01T23:59:59.000Z

171

Index of Energy Security Risk | Open Energy Information  

Open Energy Info (EERE)

Index of Energy Security Risk Index of Energy Security Risk Jump to: navigation, search Tool Summary Name: Index of Energy Security Risk Agency/Company /Organization: United States Chamber of Commerce, Institute for 21st Century Energy Sector: Energy Focus Area: Non-renewable Energy, Renewable Energy Topics: Co-benefits assessment, - Energy Security Resource Type: Publications Website: www.energyxxi.org/images/Energy_Index_2011_FINAL.pdf Cost: Free Index of Energy Security Risk Screenshot References: Index of Energy Security Risk[1] "This 2011 edition of the Index incorporates the most current energy data, including the Energy Information Administration's (EIA) Annual Energy Outlook 2011 (AEO 2011), to provide an up-to-date assessment of the trends having the greatest impact on energy security since the first Index was

172

Situated Usability Testing for Security Systems  

Science Conference Proceedings (OSTI)

While usability testing is well established, assessing the usability of security software, tools, or methods deserves more careful consideration. It has been argued that dealing with security has become too difficult for individuals or organizations to manage effectively or to use conveniently. As difficult as it is for system administrators and developers to deal with, security is even more challenging for casual users. Indeed, it is much too easy for casual/home users to configure the security of their systems in non-optimal ways that leave their systems inadvertently insecure. This is exacerbated by the fact that casual users are focused on matters other than security, and likely would prefer not even to think about security. This brief report argues that when security and/or privacy are part of the equation, traditional methods for usability testing should be re-considered. The purpose of this brief report is to argue for and outline a method associated with a new approach to usability testing for examining usable security issues.

Greitzer, Frank L.

2011-03-02T23:59:59.000Z

173

Security Forms | National Nuclear Security Administration  

National Nuclear Security Administration (NNSA)

Management & Safeguards System Security Forms Federal Information Processing Standards Publications (FIPS PUBS) FIPS-Associated Documents FIPS 140-2 Security Requirements...

174

Collaboration Topics - System Software | National Nuclear Security  

National Nuclear Security Administration (NNSA)

System Software | National Nuclear Security System Software | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog The National Nuclear Security Administration Collaboration Topics - System Software Home > About Us > Our Programs > Defense Programs > Future Science & Technology Programs > Office of Advanced Simulation and Computing and

175

Recommended Practice for Securing Control System Modems  

SciTech Connect

This paper addresses an often overlooked backdoor into critical infrastructure control systems created by modem connections. A modems connection to the public telephone system is similar to a corporate network connection to the Internet. By tracing typical attack paths into the system, this paper provides the reader with an analysis of the problem and then guides the reader through methods to evaluate existing modem security. Following the analysis, a series of methods for securing modems is provided. These methods are correlated to well-known networking security methods.

James R. Davidson; Jason L. Wright

2008-01-01T23:59:59.000Z

176

NERSC Increases System Storage and Security for Users  

NLE Websites -- All DOE Office Websites (Extended Search)

Increases System Storage and Security for Users NERSC Increases System Storage and Security for Users April 28, 2009 Franklin Upgrades Improve IO Performance Throughout the month...

177

A Summary of Control System Security Standards Activities in...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

A Summary of Control System Security Standards Activities in the Energy Sector (October 2005) A Summary of Control System Security Standards Activities in the Energy Sector...

178

Common Cyber Security Vulnerabilities Observed in Control System...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Common Cyber Security Vulnerabilities Observed in Control System Assessments by the INL NSTB Program Common Cyber Security Vulnerabilities Observed in Control System Assessments by...

179

Security Analysis and Project Management Systems | ornl.gov  

NLE Websites -- All DOE Office Websites (Extended Search)

Security Analysis and Project Management Systems SHARE Security Analysis and Project Management Systems ORNL brings together the subject matter experts with programmers to design,...

180

IT-Security for Safety-Critical Automation Systems  

E-Print Network (OSTI)

The protection of safety-critical and infrastructure systems (such as automation systems for utilities, but also for manufacturing plants) against electronic and communication network based attacks becomes more and more important. This paper investigates how such safety-critical plants and automation systems can be secured against information system and network based attacks. The two common approaches, hard perimeter, and defense-in-depth are discussed. Based on the defense-in-depth approach, a conceptional, generic security zone model for use in analysis and synthesis of a plant security architecture is proposed, and for each of its zones a survey of the available and appropriate security mechanisms is given. Using an example from the substation automation domain, it is shown how threats and counter-measures can be systematically derived and how the specific system and usage characteristics of automation systems (or at least their restricted safety critical sub-functions) can be exploited in a positive way to deploy security mechanisms that would in this form not be available and applicable to home or office information systems. 1.

Martin Naedele

2002-01-01T23:59:59.000Z

Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


181

Secure and Efficient Routable Control Systems  

SciTech Connect

This document provides the methods to secure routable control system communication in the electric sector. The approach of this document yields a long-term vision for a future of secure communication, while also providing near term steps and a roadmap. The requirements for the future secure control system environment were spelled out to provide a final target. Additionally a survey and evaluation of current protocols was used to determine if any existing technology could achieve this goal. In the end a four-step path was described that brought about increasing requirement completion and culminates in the realization of the long term vision.

Edgar, Thomas W.; Hadley, Mark D.; Manz, David O.; Winn, Jennifer D.

2010-05-01T23:59:59.000Z

182

Security approaches for Radio Frequency Identification systems  

E-Print Network (OSTI)

In this thesis, I explore the challenges related to the security of the Electronic Product Code (EPC) class of Radio Frequency Identification (RFID) tags and associated data. RFID systems can be used to improve supply chain ...

Foley, Joseph Timothy, 1976-

2007-01-01T23:59:59.000Z

183

Information Security Architecture: An Integrated Approach to Security in the Organization, 2nd edition  

Science Conference Proceedings (OSTI)

By providing clear and organized methods, this text incorporates the knowledge developed during the past decade that has pushed the information security lifecycle from infancy to a more mature, understandable, and manageable state.

Jan Killmeyer

2006-01-01T23:59:59.000Z

184

Office of Headquarters Security Operations - Headquarters Information...  

NLE Websites -- All DOE Office Websites (Extended Search)

The Office of Health, Safety and Security HSS Logo Department of Energy Seal Left Tab SEARCH Right Tab TOOLS Right Tab Left Tab HOME Right Tab Left Tab ABOUT US Right Tab Left Tab...

185

IPS - Secure Internet Payment System  

Science Conference Proceedings (OSTI)

There are a number of questions one might ask about security of money transactions on the Internet. A first question might be: "Why do we need to protect money transaction on the Internet?" The Internet is an insecure and unreliable communication medium ...

Zoran Djuric

2005-04-01T23:59:59.000Z

186

Benchmarking e-business security: A model and framework, Proceedings of 3rd Australian information security management conference  

E-Print Network (OSTI)

The dynamic nature of threats and vulnerabilities within the E-business environment can impede online functionality, compromise organisational or customer information, contravene security implementations and thereby undermine online customer confidence. To negate these problems, E-business security has to become proactive, by reviewing and continuously improving security to strengthen E-business security measures and policies. This can be achieved through benchmarking the security measures and policies utilised within the Ebusiness, against recognised information technology (IT) and information security (IS) security standards.

Graeme Pye; Matthew J. Warren

2005-01-01T23:59:59.000Z

187

GAO Challenges and Efforts to Secure Control Systems (March 2004) |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

GAO Challenges and Efforts to Secure Control Systems (March 2004) GAO Challenges and Efforts to Secure Control Systems (March 2004) GAO Challenges and Efforts to Secure Control Systems (March 2004) Computerized control systems perform vital functions across many of our nation's critical infrastructures. For example, in natural gas distribution, they can monitor and control the pressure and flow of gas through pipelines. In October 1997, the President's Commission on Critical Infrastructure Protection emphasized the increasing vulnerability of control systems to cyber attacks. The House Committee on Government Reform and its Subcommittee on Technology, Information Policy, Intergovernmental Relations and the Census asked GAO to report on potential cyber vulnerabilities, focusing on (1) significant cybersecurity risks associated with control systems (2) potential and reported cyber attacks

188

NNSA PERSONNEL SECURITY CLEARANCE ACTION REQUEST Required: SUBJECT INFORMATION  

NLE Websites -- All DOE Office Websites (Extended Search)

PERSONNEL SECURITY PERSONNEL SECURITY CLEARANCE ACTION REQUEST Required: SUBJECT INFORMATION Contractor Federal Name (Last, First, Middle): Suffix: Date of Birth: Social Security Number: Place of Birth (city and state/country): Citizenship(s): Email Address: Employer (legal name): Job Title: Required: LOCATION/BILLING Work Location: Contracting Office Location/SON: Prime Contract Number: Sub-contract Number: Facility Code: Employer Code: Required: CLEARANCE ACTION Requested Action(s): Clearance Level: (for employer/contract above) Clearance History Never held a clearance Previously held Currently holds Key Management Personnel (KMP)? Human Reliability Program (HRP)? PERSONNEL SECURITY USE ONLY: DOE Clearance: Special Access Program (SAP)? Yes No CLEARANCE JUSTIFICATION NARRATIVE

189

Aerial Measuring System | National Nuclear Security Administration  

National Nuclear Security Administration (NNSA)

Measuring System | National Nuclear Security Administration Measuring System | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog Aerial Measuring System Home > About Us > Our Programs > Emergency Response > Responding to Emergencies > Consequence Management > Aerial Measuring System Aerial Measuring System AMS Logo NNSA's Aerial Measuring System (AMS) provides specialized airborne

190

CS2SAT: THE CONTROL SYSTEMS CYBER SECURITY SELF-ASSESSMENT TOOL  

Science Conference Proceedings (OSTI)

The Department of Homeland Security National Cyber Security Division has developed the Control System Cyber Security Self-Assessment Tool (CS2SAT) that provides users with a systematic and repeatable approach for assessing the cyber-security posture of their industrial control system networks. The CS2SAT was developed by cyber security experts from Department of Energy National Laboratories and with assistance from the National Institute of Standards and Technology. The CS2SAT is a desktop software tool that guides users through a step-by-step process to collect facility-specific control system information and then makes appropriate recommendations for improving the systems cyber-security posture. The CS2SAT provides recommendations from a database of industry available cyber-security practices, which have been adapted specifically for application to industry control system networks and components. Each recommendation is linked to a set of actions that can be applied to remediate-specific security vulnerabilities.

Kathleen A. Lee

2008-01-01T23:59:59.000Z

191

Network Security Management for Transmission Systems  

Science Conference Proceedings (OSTI)

The electric power grid is increasingly dependent on information technology and telecommunication infrastructures. While great benefits will result from this influx of technology, a holistic and granular awareness of all elements of the information infrastructure supporting a control subsystem will be critical to ensure long term reliability and security. The management of this information infrastructure requires connectivity and analytics to support both IT and OT assets in a unified ...

2012-12-31T23:59:59.000Z

192

Information Security Management Handbook, Volume 1, 6th edition  

Science Conference Proceedings (OSTI)

Promoting the view that the management, ethics, and values of an organization leads directly to its information security program, this guide addresses up-to-date issues in this increasingly important area.

Harold F. Tipton; Micki Krause

2007-02-01T23:59:59.000Z

193

Primer Control System Cyber Security Framework and Technical Metrics  

Science Conference Proceedings (OSTI)

The Department of Homeland Security National Cyber Security Division supported development of a control system cyber security framework and a set of technical metrics to aid owner-operators in tracking control systems security. The framework defines seven relevant cyber security dimensions and provides the foundation for thinking about control system security. Based on the developed security framework, a set of ten technical metrics are recommended that allow control systems owner-operators to track improvements or degradations in their individual control systems security posture.

Wayne F. Boyer; Miles A. McQueen

2008-05-01T23:59:59.000Z

194

EEO Complaints Information for Managers | National Nuclear Security  

National Nuclear Security Administration (NNSA)

Information for Managers | National Nuclear Security Information for Managers | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog EEO Complaints Information for Managers Home > About Us > Our Operations > Management and Budget > Office of Civil Rights > EEO Complaints Information for Managers EEO Complaints Information for Managers

195

Secure Smart Grid Association | Open Energy Information  

Open Energy Info (EERE)

Secure Smart Grid Association Secure Smart Grid Association Jump to: navigation, search Name Secure Smart Grid Association Address 2374 S Josephine St Place Denver, Colorado Zip 80210 Region Rockies Area Number of employees 1-10 Year founded 2009 Phone number 303-997-2824 Coordinates 39.673446°, -104.9575629° Loading map... {"minzoom":false,"mappingservice":"googlemaps3","type":"ROADMAP","zoom":14,"types":["ROADMAP","SATELLITE","HYBRID","TERRAIN"],"geoservice":"google","maxzoom":false,"width":"600px","height":"350px","centre":false,"title":"","label":"","icon":"","visitedicon":"","lines":[],"polygons":[],"circles":[],"rectangles":[],"copycoords":false,"static":false,"wmsoverlay":"","layers":[],"controls":["pan","zoom","type","scale","streetview"],"zoomstyle":"DEFAULT","typestyle":"DEFAULT","autoinfowindows":false,"kml":[],"gkml":[],"fusiontables":[],"resizable":false,"tilt":0,"kmlrezoom":false,"poi":true,"imageoverlays":[],"markercluster":false,"searchmarkers":"","locations":[{"text":"","title":"","link":null,"lat":39.673446,"lon":-104.9575629,"alt":0,"address":"","icon":"","group":"","inlineLabel":"","visitedicon":""}]}

196

BRC-Systems and Emerging Technologies Security Research ...  

Science Conference Proceedings (OSTI)

... Systems and Emerging Technologies Security Research Group Biometric Standards and Related Technical Developments. ...

2013-08-01T23:59:59.000Z

197

Cyber Security Module  

NLE Websites -- All DOE Office Websites (Extended Search)

Cyber Security Module Cyber security training is required for all facility users and must be submitted before or upon arrival at the GUV Center. System Requirements and Information...

198

First Analysis Securities Corporation | Open Energy Information  

Open Energy Info (EERE)

First Analysis Securities Corporation First Analysis Securities Corporation Jump to: navigation, search Logo: First Analysis Securities Corporation Name First Analysis Securities Corporation Address One South Wacker Drive, Suite 3900 Place Chicago, Illinois Zip 60606 Product Private equity, venture capital, investment banking and equity research. Year founded 1981 Phone number (312) 258-1400 Website http://www.firstanalysis.com/ Coordinates 41.8819019°, -87.6367295° Loading map... {"minzoom":false,"mappingservice":"googlemaps3","type":"ROADMAP","zoom":14,"types":["ROADMAP","SATELLITE","HYBRID","TERRAIN"],"geoservice":"google","maxzoom":false,"width":"600px","height":"350px","centre":false,"title":"","label":"","icon":"","visitedicon":"","lines":[],"polygons":[],"circles":[],"rectangles":[],"copycoords":false,"static":false,"wmsoverlay":"","layers":[],"controls":["pan","zoom","type","scale","streetview"],"zoomstyle":"DEFAULT","typestyle":"DEFAULT","autoinfowindows":false,"kml":[],"gkml":[],"fusiontables":[],"resizable":false,"tilt":0,"kmlrezoom":false,"poi":true,"imageoverlays":[],"markercluster":false,"searchmarkers":"","locations":[{"text":"","title":"","link":null,"lat":41.8819019,"lon":-87.6367295,"alt":0,"address":"","icon":"","group":"","inlineLabel":"","visitedicon":""}]}

199

TEPS/BPA Information | National Nuclear Security Administration  

National Nuclear Security Administration (NNSA)

TEPS/BPA Information | National Nuclear Security Administration TEPS/BPA Information | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog TEPS/BPA Information Home > About Us > Our Operations > Acquisition and Project Management > Technical, Engineering, and Programmatic Support (TEPS) Blanket Purchase Agreements (BPAs) > TEPS/BPA Information

200

Design tools for complex dynamic security systems.  

SciTech Connect

The development of tools for complex dynamic security systems is not a straight forward engineering task but, rather, a scientific task where discovery of new scientific principles and math is necessary. For years, scientists have observed complex behavior but have had difficulty understanding it. Prominent examples include: insect colony organization, the stock market, molecular interactions, fractals, and emergent behavior. Engineering such systems will be an even greater challenge. This report explores four tools for engineered complex dynamic security systems: Partially Observable Markov Decision Process, Percolation Theory, Graph Theory, and Exergy/Entropy Theory. Additionally, enabling hardware technology for next generation security systems are described: a 100 node wireless sensor network, unmanned ground vehicle and unmanned aerial vehicle.

Byrne, Raymond Harry; Rigdon, James Brian; Rohrer, Brandon Robinson; Laguna, Glenn A.; Robinett, Rush D. III (.; ); Groom, Kenneth Neal; Wilson, David Gerald; Bickerstaff, Robert J.; Harrington, John J.

2007-01-01T23:59:59.000Z

Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


201

Implementing Information Security and Its Technology: A LineManagement Perspective  

Science Conference Proceedings (OSTI)

Assuring the security and privacy of institutionalinformation assets is a complex task for the line manager responsible forinternational and multi-national transactions. In the face of an unsureand often conflicting international legal framework, the line managermust employ all available tools in an Integrated Security and PrivacyManagement framework that ranges from legal obligations, to policy, toprocedure, to cutting edge technology to counter the rapidly evolvingcyber threat to information assets and the physical systems thatinformation systems control.

Barletta, William A.

2005-08-22T23:59:59.000Z

202

Membership Information | National Nuclear Security Administration  

National Nuclear Security Administration (NNSA)

Information Membership Information "Promoting Equal Opportunity and Cultural Diversity for APAs in Government" The FAPAC - New Mexico membership application form is...

203

IBM Internet Security Systems Threat Insight Monthly  

E-Print Network (OSTI)

. http://docs.info.apple.com/article.html?artnum=303411 BEA Systems - 2007 Daylight Savings Time ChangesIBM Internet Security Systems X-Force ® Threat Insight Monthly www.iss.netwww.iss.net February 2007 Shellcode Heuristics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 The 2007 Daylight

204

On the importance of securing telephony systems  

Science Conference Proceedings (OSTI)

In the following work we present an easy to read essay about the array of threats that modern telephony systems face, that will prove, hopefully, useful for both administrators and simple users. We have taxonomized these threats and we have further provided ... Keywords: communication systems security, telephony fraud, telephony threats

Iosif I. Androulidakis

2009-01-01T23:59:59.000Z

205

Secure Data Transfer Guidance for Industrial Control and SCADA Systems  

SciTech Connect

This document was developed to provide guidance for the implementation of secure data transfer in a complex computational infrastructure representative of the electric power and oil and natural gas enterprises and the control systems they implement. For the past 20 years the cyber security community has focused on preventative measures intended to keep systems secure by providing a hard outer shell that is difficult to penetrate. Over time, the hard exterior, soft interior focus changed to focus on defense-in-depth adding multiple layers of protection, introducing intrusion detection systems, more effective incident response and cleanup, and many other security measures. Despite much larger expenditures and more layers of defense, successful attacks have only increased in number and severity. Consequently, it is time to re-focus the conventional approach to cyber security. While it is still important to implement measures to keep intruders out, a new protection paradigm is warranted that is aimed at discovering attempted or real compromises as early as possible. Put simply, organizations should take as fact that they have been, are now, or will be compromised. These compromises may be intended to steal information for financial gain as in the theft of intellectual property or credentials that lead to the theft of financial resources, or to lie silent until instructed to cause physical or electronic damage and/or denial of services. This change in outlook has been recently confirmed by the National Security Agency [19]. The discovery of attempted and actual compromises requires an increased focus on monitoring events by manual and/or automated log monitoring, detecting unauthorized changes to a system's hardware and/or software, detecting intrusions, and/or discovering the exfiltration of sensitive information and/or attempts to send inappropriate commands to ICS/SCADA (Industrial Control System/Supervisory Control And Data Acquisition) systems.

Mahan, Robert E.; Fluckiger, Jerry D.; Clements, Samuel L.; Tews, Cody W.; Burnette, John R.; Goranson, Craig A.; Kirkham, Harold

2011-09-01T23:59:59.000Z

206

Cyber Security Procurement Language for Control Systems Version 1.8 |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Cyber Security Procurement Language for Control Systems Version 1.8 Cyber Security Procurement Language for Control Systems Version 1.8 Cyber Security Procurement Language for Control Systems Version 1.8 Supervisory Control and Data Acquisition (SCADA), Process Control System (PCS), Distributed Control System (DCS), etc. generally refer to the systems which control, monitor, and manage the nation's critical infrastructures such as electric power generators, subway systems, dams, telecommunication systems, natural gas pipelines, and many others. Simply stated, a control system gathers information and then performs a function based on established parameters or information it received. Cyber Security Procurement Language for Control Systems Version 1.8 More Documents & Publications AMI System Security Requirements - v1_01-1

207

DOE and Industry Showcase New Control Systems Security Technologies...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Electricity Advisory Committee Technology Development Transmission Planning Smart Grid Energy Delivery Systems Cybersecurity Control Systems Security News Archive Control...

208

On Cyber Security for Networked Control Systems  

E-Print Network (OSTI)

9.2.2 Security Interdependence . . . . . . Bounded Control7 Security Constrained Networked Control 7.1Inputs 9 Security Interdependencies for Networked 9.1

Amin, Saurabh

2011-01-01T23:59:59.000Z

209

NNSA Policy System | National Nuclear Security Administration  

NLE Websites -- All DOE Office Websites (Extended Search)

Policy System | National Nuclear Security Administration Policy System | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog NNSA Policy System Home > About Us > Our Operations > Management and Budget > NNSA Policy System NNSA Policy System The NNSA's Policy System is established under the authority of Section 3212(d) of Public Law 106-65, the National Defense Authorization Act for

210

Information Security and Privacy Advisory Board (ISPAB)  

Science Conference Proceedings (OSTI)

... Institute of Standards and Technology (NIST), the Secretary of Commerce and the Director of the Office of Management and Budget on information ...

2013-01-15T23:59:59.000Z

211

Control Systems Security Standards: Accomplishments & Impacts  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

019 019 Unlimited Release November 2007 Control Systems Security Standards Accomplishments & Impacts Ronald Halbgewachs Prepared by Sandia National Laboratories Albuquerque, New Mexico 87185 and Livermore, California 94550 Sandia is a multiprogram laboratory operated by Sandia Corporation, a Lockheed Martin Company, for the United States Department of Energy's National Nuclear Security Administration under Contract DE-AC04-94AL85000. Approved for public release; further dissemination unlimited. 2 Issued by Sandia National Laboratories, operated for the United States Department of Energy by Sandia Corporation. NOTICE: This report was prepared as an account of work sponsored by an agency of the United States Government. Neither the United States Government, nor any agency

212

Comparison of Routable Control System Security Approaches  

SciTech Connect

This document is an supplement to the 'Secure and Efficient Routable Control Systems.' It addressed security in routable control system communication. The control system environment that monitors and manages the power grid historically has utilized serial communication mechanisms. Leased-line serial communication environments operating at 1200 to 9600 baud rates are common. However, recent trends show that communication media such as fiber, optical carrier 3 (OC-3) speeds, mesh-based high-speed wireless, and the Internet are becoming the media of choice. In addition, a dichotomy has developed between the electrical transmission and distribution environments, with more modern communication infrastructures deployed by transmission utilities. The preceding diagram represents a typical control system. The Communication Links cloud supports all of the communication mechanisms a utility might deploy between the control center and devices in the field. Current methodologies used for security implementations are primarily led by single vendors or standards bodies. However, these entities tend to focus on individual protocols. The result is an environment that contains a mixture of security solutions that may only address some communication protocols at an increasing operational burden for the utility. A single approach is needed that meets operational requirements, is simple to operate, and provides the necessary level of security for all control system communication. The solution should be application independent (e.g., Distributed Network Protocol/Internet Protocol [DNP/IP], International Electrotechnical Commission [IEC] C37.118, Object Linking and Embedding for Process Control [OPC], etc.) and focus on the transport layer. In an ideal setting, a well-designed suite of standards for control system communication will be used for vendor implementation and compliance testing. An expected outcome of this effort is an international standard.

Edgar, Thomas W.; Hadley, Mark D.; Carroll, Thomas E.; Manz, David O.; Winn, Jennifer D.

2011-06-01T23:59:59.000Z

213

Cyber security in power systems .  

E-Print Network (OSTI)

??Many automation and power control systems are integrated into the 'Smart Grid' concept for efficiently managing and delivering electric power. This integrated approach created several (more)

Sridharan, Venkatraman

2012-01-01T23:59:59.000Z

214

Attachment 2 … List of Major Information Systems  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

1 - List of Major Information Systems 1 - List of Major Information Systems Defense Line of Business National Nuclear Security Administration ADaPT Networked: Develops and deploys emerging information networking technology to production processes in support of the U.S. nuclear weapons stockpile. National Nuclear Security Administration ADaPT Network Infrastructure: Develops and deploys emerging information networking technology to production processes in

215

Security  

Science Conference Proceedings (OSTI)

... Security. Organizations need standards, guidelines, and ... to support health IT implementations. HIPAA Security Rule Toolkit. ...

2011-12-05T23:59:59.000Z

216

Mitigations for Security Vulnerabilities Found in Control System Networks |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Mitigations for Security Vulnerabilities Found in Control System Mitigations for Security Vulnerabilities Found in Control System Networks Mitigations for Security Vulnerabilities Found in Control System Networks Industry is aware of the need for Control System (CS) security, but in on-site assessments, Idaho National Laboratory (INL) has observed that security procedures and devices are not consistently and effectively implemented. The Department of Homeland Security (DHS), National Cyber Security Division (NCSD), established the Control Systems Security Center (CSSC) at INL to help industry and government improve the security of the CSs used in the nation's critical infrastructures. One of the main CSSC objectives is to identify control system vulnerabilities and develop effective mitigations for them. This paper discusses common problems and vulnerabilities seen in

217

Information Security Management Handbook, Sixth Edition, Volume 2, 6th edition  

Science Conference Proceedings (OSTI)

A compilation of the fundamental knowledge, skills, techniques, and tools require by all security professionals, Information Security Handbook, Sixth Edition sets the standard on which all IT security programs and certifications are based. Considered ...

Harold F. Tipton; Micki Krause

2008-03-01T23:59:59.000Z

218

Senior Systems Engineer | National Nuclear Security Administration  

National Nuclear Security Administration (NNSA)

Senior Systems Engineer | National Nuclear Security Administration Senior Systems Engineer | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog Home > About Us > Who We Are > In The Spotlight > Regina Griego Senior Systems Engineer Regina Griego Regina Griego Role: Senior Systems Engineer Profile: Regina Griego has been elected a fellow of the International Council on

219

Management Information Systems (MIS) Sample Occupations  

E-Print Network (OSTI)

Support Specialist Computer and Information Systems Manager Computer Training Specialist Consultant Data Recruiter Knowledge Manager Logistics Manager Management Analysis MIS Director/Specialist Network Securities & Exchange Commission Website Design Companies Wholesale & Retail Companies Operations Manager

Ronquist, Fredrik

220

Area Information | Y-12 National Security Complex  

NLE Websites -- All DOE Office Websites (Extended Search)

Visiting Us / Area Information Visiting Us / Area Information Area Information Guides, Area Maps, Airport... Airport, About: McGhee Tyson Airport Airport: map to Oak Ridge/Knoxville Oak Ridge: City Guide for City of Oak Ridge, Tennessee Knoxville: maps for visitors Oak Ridge: area map with location of Y-12 Visitor's Center Oak Ridge: map of city streets Roane County: Roane County Guide Resources: News, History... Knoxville: Knoxville, Tennessee Knoxville: Museums Knoxville: Knoxville News-Sentinel Oak Ridge: City of Oak Ridge Oak Ridge: Chamber of Commerce Oak Ridge: Convention and Visitors Bureau Oak Ridge: Oak Ridger Oak Ridge: Secret City History Area Attractions: To Do and See Knoxville: Clarence Brown Theater Knoxville: Frank H. McClung Museum Knoxville: Knoxville Opera Company, Francis Graffeo, General

Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


221

Proceedings of the 6th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber security and information intelligence challenges and strategies  

SciTech Connect

As our dependence on the cyber infrastructure grows more complex and more distributed, the systems that compose it become more prone to failures and exploitation. Intelligence refers to discrete or private information, which possess currency and relevance. The ability to abstract, evaluate, and understand such information underlies its accuracy and true value. The collection, analysis and utilization of information constitutes a business-, sociopolitical-, military-intelligence activity that ultimately poses significant advantages and liabilities to the survivability of "our" society. The aim of this workshop (www.csiir.ornl.gov/csiirw) was to discuss (and publish) novel theoretical and empirical research focused on the many different aspects of cyber security and information intelligence. The scope will vary from methodologies and tools to systems and applications to more precise definition of the various problems and impacts. Topics include: Scalable trustworthy systems Enterprise-level metrics Coping with insider and life-cycle threats Coping with malware and polymorphism Phishing/whaling, spam and cyber crime High assurance system survivability Cyber security for the Smart Grid Digital provenance and data integrity Privacy-aware security and usable security Social networking models for managing trust and security A principle goal of the workshop was to foster discussions and dialog among the 150 registered attendees from North America, Europe, Asia, and Africa. This goal was initiated and facilitated by 14 plenary keynote addresses including a banquet presentation and the CIO / CTO perspectives panel. A total of 98 papers (i.e., extended abstracts [EAs]) were submitted and 54 EAs were accepted plus 11 posters were invited. All of the abstracts and either presentation materials or posters are included in the proceedings. The subject areas span the topics above and were organized into eight tracks: Trust, Design, Malware, Network, Privacy and Metrics, Enterprise, Survivability and Formal Methods.

Sheldon, Frederick T [ORNL; Prowell, Stacy J [ORNL; Krings, Axel [University of Idaho; Abercrombie, Robert K [ORNL

2010-01-01T23:59:59.000Z

222

Small Business Information Security Workshop - for 2013  

Science Conference Proceedings (OSTI)

... Misinformation or worse (misled customers) Loss of (eCommerce) business ... Network ... Power down your system at the end of the day ...

2013-06-13T23:59:59.000Z

223

VA Medical Device Protection Program Information Security ...  

Science Conference Proceedings (OSTI)

... Photo Source: Idaho Department of Commerce 3 ... in patient healthcare for diagnosis, treatment or monitoring; ... medical system: Any group of devices ...

2011-03-10T23:59:59.000Z

224

Service Oriented Architecture in Network Security - a novel Organisation in Security Systems  

E-Print Network (OSTI)

Current network security systems are a collection of various security components, which are directly installed in the operating system. These check the whole node for suspicious behaviour. Armouring intrusions e.g. have the ability to hide themselves from being checked. We present in this paper an alternative organisation of security systems. The node is completely virtualized with current virtualization systems so that the operating system with applications and the security system is distinguished. The security system then checks the node from outside and the right security components are provided through a service oriented architecture. Due to the running in a virtual machine, the infected nodes can be halted, duplicated, and moved to other nodes for further analysis and legal aspects. This organisation is in this article analysed and a preliminary implementation showing promising results are discussed.

Hilker, Michael

2008-01-01T23:59:59.000Z

225

Control Systems Security Test Center - FY 2004 Program Summary  

Science Conference Proceedings (OSTI)

In May 2004, the US-CERT Control Systems Security Center (CSSC) was established at Idaho National Laboratory to execute assessment activities to reduce the vulnerability of the nations critical infrastructure control systems to terrorist attack. The CSSC implements a program to accomplish the five goals presented in the US-CERT National Strategy for Control Systems Security. This report summarizes the first year funding of startup activities and program achievements that took place in FY 2004 and early FY 2005. This document was prepared for the US-CERT Control Systems Security Center of the National Cyber Security Division of the Department of Homeland Security (DHS). DHS has been tasked under the Homeland Security Act of 2002 to coordinate the overall national effort to enhance the protection of the national critical infrastructure. Homeland Security Presidential Directive HSPD-7 directs federal departments to identify and prioritize the critical infrastructure and protect it from terrorist attack. The US-CERT National Strategy for Control Systems Security was prepared by the National Cyber Security Division to address the control system security component addressed in the National Strategy to Secure Cyberspace and the National Strategy for the Physical Protection of Critical Infrastructures and Key Assets. The US-CERT National Strategy for Control Systems Security identified five high-level strategic goals for improving cyber security of control systems.

Robert E. Polk; Alen M. Snyder

2005-04-01T23:59:59.000Z

226

Geographical Information System-Based Decision Tool.pub  

NLE Websites -- All DOE Office Websites (Extended Search)

Safety Security Vehicle Technologies Research Brief A geographical information system (GIS) based decision support tool that enables transportation planners to carry out...

227

Wireless Policy, Cyber Security, Information Technology Division, ITD  

NLE Websites -- All DOE Office Websites (Extended Search)

Brookhaven Wireless Access Policy Brookhaven Wireless Access Policy Title: Deployment and Management of 802.11 and Related Wireless Standards Applicability: All Employees, Guests, System Administrators, and Management General Approved Technology Authentication Setting the Service Set Identifier (SSID) Exceptions Responsibilities of Requestor Responsibilities of the ITD WAP System Administrator Responsibility of Chief of Cyber Security Wireless Policy Definitions Standards-Based Management System (SBMS) Subject Area: Cyber Security, Unclassified Using Computing Resources (Steps 7-11 apply to BNL's wireless networks) General The purpose of the wireless policy and related standards and guidelines is to assure that Brookhaven National Laboratory's (BNL's) employees, guests, and contractors have access to a reliable, robust, and integrated wireless network, and to increase the security of the campus wireless network to the extent possible.

228

Scalable Security for Petascale Parallel File Systems  

E-Print Network (OSTI)

Y. Hu. Snare: A strong security scheme for network-attachedThekkath. Block-level security for network-attached disks.and J. Satran. The OSD security protocol. In Proc. 3rd IEEE

Leung, Andrew W.; Miller, Ethan L; Jones, Stephanie

2007-01-01T23:59:59.000Z

229

New NIST Pub Can Help IT Managers Assess Security ...  

Science Conference Proceedings (OSTI)

... the security controls in federal information systems ... with respect to meeting organizational security policies. ... the Departments of Energy, Justice and ...

2011-05-03T23:59:59.000Z

230

Proceedings of the 4th Annual Workshop on Cyber Security and Information Intelligence Research: Developing Strategies To Meet The Cyber Security And Information Intelligence Challenges Ahead  

Science Conference Proceedings (OSTI)

As our dependence on the cyber infrastructure grows ever larger, more complex and more distributed, the systems that compose it become more prone to failures and/or exploitation. Intelligence is information valued for its currency and relevance rather than its detail or accuracy. Information explosion describes the pervasive abundance of (public/private) information and the effects of such. Gathering, analyzing, and making use of information constitutes a business- / sociopolitical- / military-intelligence gathering activity and ultimately poses significant advantages and liabilities to the survivability of "our" society. The combination of increased vulnerability, increased stakes and increased threats make cyber security and information intelligence (CSII) one of the most important emerging challenges in the evolution of modern cyberspace "mechanization." The goal of the workshop was to challenge, establish and debate a far-reaching agenda that broadly and comprehensively outlined a strategy for cyber security and information intelligence that is founded on sound principles and technologies. We aimed to discuss novel theoretical and applied research focused on different aspects of software security/dependability, as software is at the heart of the cyber infrastructure.

Sheldon, Frederick T [ORNL; Krings, Axel [ORNL; Abercrombie, Robert K [ORNL; Mili, Ali [New Jersey Insitute of Technology

2008-01-01T23:59:59.000Z

231

DOE Cyber Security Role, Competency and Functional Matrix  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

5/4/2011 5/4/2011 DOE Cyber Security Role, Competency and Functional Matrix DOE Cyber Security EBK: A Competency and Functional Framework for Cyber Security Workforce Development DOE Cyber Security Functional Roles Chief Information Officer (CIO) Information Owner/Steward Chief Information Security Officer (CISO) Authorizing Official (AO) AO Designated Representative (AODR) Common Control Provider Information System Owner Cyber Security Program Manager (CSPM) Information System Security Officer (ISSO) Information Security Architect Information System Security Engineer Security Control Assessor Core Competencies Data Security ● ● ● ● ● ● ● ● ● ● Enterprise Continuity ● ● ● ● ● ● ● ● ● ● ●

232

Report on emergency electrical power supply systems for nuclear fuel cycle and reactor facilities security systems  

SciTech Connect

The report includes information that will be useful to those responsible for the planning, design and implementation of emergency electric power systems for physical security and special nuclear materials accountability systems. Basic considerations for establishing the system requirements for emergency electric power for security and accountability operations are presented. Methods of supplying emergency power that are available at present and methods predicted to be available in the future are discussed. The characteristics of capacity, cost, safety, reliability and environmental and physical facility considerations of emergency electric power techniques are presented. The report includes basic considerations for the development of a system concept and the preparation of a detailed system design.

1977-01-01T23:59:59.000Z

233

Glossary of Key Information Security Terms (Draft)  

E-Print Network (OSTI)

Certain commercial entities, equipment, or materials may be identified in this document in order to describe an experimental procedure or concept adequately. Such identification is not intended to imply recommendation or endorsement by NIST, nor is it intended to imply that the entities, materials, or equipment are necessarily the best available for the purpose. There may be references in this publication to other publications currently under development by NIST in accordance with its assigned statutory responsibilities. The information in this publication, including concepts and methodologies, may be used by Federal agencies even before the completion of such companion publications. Thus, until each publication is completed, current requirements, guidelines, and procedures, where they exist, remain operative. For planning and transition purposes, Federal agencies may wish to closely follow the development of these new publications by NIST. Organizations are encouraged to review all draft publications during public comment periods and

Richard Kissel; Richard Kissel

2012-01-01T23:59:59.000Z

234

Ultra Safe And Secure Blasting System  

SciTech Connect

The Ultra is a blasting system that is designed for special applications where the risk and consequences of unauthorized demolition or blasting are so great that the use of an extraordinarily safe and secure blasting system is justified. Such a blasting system would be connected and logically welded together through digital code-linking as part of the blasting system set-up and initialization process. The Ultra's security is so robust that it will defeat the people who designed and built the components in any attempt at unauthorized detonation. Anyone attempting to gain unauthorized control of the system by substituting components or tapping into communications lines will be thwarted in their inability to provide encrypted authentication. Authentication occurs through the use of codes that are generated by the system during initialization code-linking and the codes remain unknown to anyone, including the authorized operator. Once code-linked, a closed system has been created. The system requires all components connected as they were during initialization as well as a unique code entered by the operator for function and blasting.

Hart, M M

2009-07-27T23:59:59.000Z

235

Freedom of Information Act (FOIA) | National Nuclear Security  

National Nuclear Security Administration (NNSA)

(FOIA) | National Nuclear Security (FOIA) | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog Freedom of Information Act (FOIA) Home > About Us > Our Operations > NNSA Office of General Counsel > Freedom of Information Act (FOIA) Freedom of Information Act (FOIA) The FOIA establishes the premise that people should have access to

236

DOE Cites Battelle Energy Alliance, LLC for Classified Information Security Violations  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

February 25,2011 February 25,2011 CERTIFIED MAIL RETURN RECEIPT REQUESTED Mr. John 1. Grossenbacher Director, Idaho National Laboratory and President, Battelle Energy Alliance, LLC P. O. Box 1625 Idaho Falls, Idaho 83415-3695 SEA-20ll-01 Dear Mr. Grossenbacher: The Office of Health, Safety and Security's Office of Enforcement has completed its investigation into the facts and circumstances associated with an incident of security concern regarding the introduction of classified information into unapproved information systems (security event) at the U.S. Department of Energy's (DOE) Idaho National Laboratory (INL). Based on the on-site investigation and evaluation of the evidence in this matter, and in consideration of information presented by you and other Battelle Energy Alliance, LLC (BEA)

237

A survey of security in multi-agent systems  

Science Conference Proceedings (OSTI)

Multi-agent systems (MAS) are a relatively new software paradigm that is being widely accepted in several application domains to address large and complex tasks. However, with the use of MAS in open, distributed and heterogeneous applications, the security ... Keywords: Agents, Multi-agent systems, Multi-agents, Security, Security in MAS

Rodolfo Carneiro Cavalcante; Ig Ibert Bittencourt; Alan Pedro da Silva; Marlos Silva; Evandro Costa; Robrio Santos

2012-04-01T23:59:59.000Z

238

Ideal based cyber security technical metrics for control systems  

Science Conference Proceedings (OSTI)

Much of the world's critical infrastructure is at risk from attack through electronic networks connected to control systems. Security metrics are important because they provide the basis for management decisions that affect the protection of the ... Keywords: control system security, cyber security metrics

Wayne Boyer; Miles McQueen

2007-10-01T23:59:59.000Z

239

Corporate Information Systems | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Corporate Information Systems Corporate Information Systems Corporate Information Systems The mission of the Office of Corporate Information Systems (CF-40) is to plan and manage the design, development, operation and maintenance of the Department's Integrated Management Navigation (iManage) program and projects; identify and implement business process automation initiatives; provide technical support for legacy systems operations and maintenance; provide technical support for web design, development and maintenance; manage cyber security and enterprise architecture activities; and serve as the liaison to Chief Information Officer for Information Technology services. Functions: Plan and manage the design, integration, and implementation of the Department's corporate business systems through the iManage program,

240

Quantifying and managing the risk of information security breaches participants in a supply chain  

E-Print Network (OSTI)

Technical integration between companies can result in an increased risk of information security breaches. This thesis proposes a methodology for quantifying information security risk to a supply chain participant. Given a ...

Bellefeuille, Cynthia Lynn

2005-01-01T23:59:59.000Z

Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


241

A privilege management system for a secure network  

Science Conference Proceedings (OSTI)

Modern research projects may involve dozens of geographically distributed collaborators who access distributed information, applications workstations and devices. We are developing an architecture and methods for distributed, decentralized privilege ... Keywords: CEBAF, Chinese Institute of High Energy Physics, Continuous Electron Beam Accelerator Facility, DICCE project, Distributed Informatics Computing and Collaborative Environments project, ESnet, Internet, Old Dominion University, US Department of Energy's Energy Science Network, World Wide Web based interfaces, X-windows, authentication, authorisation, authorization, computer network management, design, distributed computing environment networks, distributed information, implementation, network interfaces, privilege management system, secure network

K. J. Maly; A. Gupta; B. Kvande; I. B. Levinstein; R. Mukkamala; M. Olson; R. Whitney; R. Chambers

1996-06-01T23:59:59.000Z

242

A method for modeling and quantifying the security attributes of intrusion tolerant systems  

Science Conference Proceedings (OSTI)

Complex software and network based information server systems may exhibit failures. Quite often, such failures may not be accidental. Instead some failures may be caused by deliberate security intrusions with the intent ranging from simple mischief, ... Keywords: MTTSF, QoS, intrusion tolerance, security attributes, semi Markov model

Bharat B. Madan; Katerina Goeva-Popstojanova; Kalyanaraman Vaidyanathan; Kishor S. Trivedi

2004-03-01T23:59:59.000Z

243

Recommended Practice for Securing Control System Modems | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Practice for Securing Control System Modems Practice for Securing Control System Modems Recommended Practice for Securing Control System Modems This paper addresses an often overlooked "backdoor" into critical infrastructure control systems created by modem connections. A modem's connection to the public telephone system is similar to a corporate network connection to the Internet. By tracing typical attack paths into the system, this paper provides the reader with an analysis of the problem and then guides the reader through methods to evaluate existing modem security. Following the analysis, a series of methods for securing modems is provided. These methods are correlated to well-known networking security methods. Recommended Practice for Securing Control System Modems More Documents & Publications

244

Microsoft Word - AMI System Security Requirements - v1_01-1.doc  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

UCAIUG: AMI-SEC-ASAP UCAIUG: AMI-SEC-ASAP AMI System Security Requirements V1.01 ASAP 12/17/2008 AMI System Security Specification v1.0 Page i Executive Summary 1 This document provides the utility industry and vendors with a set of security requirements for 2 Advanced Metering Infrastructure (AMI). These requirements are intended to be used in the 3 procurement process, and represent a superset of requirements gathered from current cross- 4 industry accepted security standards and best practice guidance documents. 5 6 This document provides substantial supporting information for the use of these requirements 7 including scope, context, constraints, objectives, user characteristics, assumptions, and 8

245

Security Framework for Control System Data Classification and...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Framework for Control System Data Classification and Protection Security Framework for Control System Data Classification and Protection This document presents a data...

246

Firms' information security investment decisions: Stock market evidence of investors' behavior  

Science Conference Proceedings (OSTI)

In the information society, it is important for firms to manage their core information resources securely. However, the difficulty of measuring the return on an IT security investment is one of the critical obstacles for firms in making such investment ... Keywords: Abnormal returns, Event methodology, Information security investment, Investors' behavior, Market value, Sarbanes-Oxley Act (SOX)

Sangmi Chai; Minkyun Kim; H. Raghav Rao

2011-03-01T23:59:59.000Z

247

Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies  

SciTech Connect

The Annual Cyber Security and Information Intelligence Research Workshop [CSIIRW] was be held at Oak Ridge National Laboratory in Oak Ridge, TN on April 21 - 23, 2010. The aim of this workshop is to introduce and discuss novel theoretical and empirical research focused on (the many) different aspects of software security/dependability, because as we know, the heart of the cyber infrastructure is software. As our dependence on the cyber infrastructure grows more complex and more distributed, the systems that compose it become more prone to failures and exploitation. Intelligence refers to discrete or private information which possess currency and relevance. The ability to abstract, evaluate, and understand such information underlies its accuracy and true value (wiki). The collection, analysis and utilization of information constitutes a business-, sociopolitical-, military-intelligence activity that ultimately poses significant advantages and liabilities to the survivability of "our" society. Cyber crime is a very serious and growing problem which now has an annual global turnover in the criminal world of more than 1000 BUSD [recent numbers from an FBI white paper] with the hardest hit industries being the banks and the insurance companies. A recent EU study of the banking world showed that more than 60% of cyber crime in banks was carried out by insiders of which ~65% by senior managers. Moreover, cyber security practice and policy is largely heuristic, reactive, and increasingly cumbersome, struggling to keep pace with rapidly evolving threats. Advancing beyond this reactive posture will require a transformation in computing and communication systems architecture and new capabilities that do not merely solve today s plethora of security enigmas, but enable comprehensive game-changing strategies [A Scientific R&D Approach to Cyber Security, C. Catlett, et al., Community-driven report submitted to the DOE, Dec. 2008]. The aim of this workshop is to discuss (and publish) novel theoretical and empirical research focused on the many different aspects of cyber security and information intelligence. The scope will vary from methodologies and tools to systems and applications to more precise definition of the various problems and impacts. We encourage the participation of researchers and practitioners from a wide range of professional disciplines to ensure a comprehensive understanding of the needs, stakes and the ever evolving context of cyberspace.

Sheldon, Frederick T [ORNL; Prowell, Stacy J [ORNL; Abercrombie, Robert K [ORNL; Krings, Axel [ORNL

2010-01-01T23:59:59.000Z

248

Security-Constrained Adequacy Evaluation of Bulk Power System Reliability  

E-Print Network (OSTI)

Security-Constrained Adequacy Evaluation of Bulk Power System Reliability Fang Yang, Student Member. Stefopoulos, Student Member, IEEE Abstract -- A framework of security-constrained adequacy evaluation (SCAE electric load while satisfying security constraints. It encompasses three main steps: (a) critical

249

Control System Applicable Use Assessment of the Secure Computing Corporation - Secure Firewall (Sidewinder)  

Science Conference Proceedings (OSTI)

Battelles National Security & Defense objective is, applying unmatched expertise and unique facilities to deliver homeland security solutions. From detection and protection against weapons of mass destruction to emergency preparedness/response and protection of critical infrastructure, we are working with industry and government to integrate policy, operational, technological, and logistical parameters that will secure a safe future. In an ongoing effort to meet this mission, engagements with industry that are intended to improve operational and technical attributes of commercial solutions that are related to national security initiatives are necessary. This necessity will ensure that capabilities for protecting critical infrastructure assets are considered by commercial entities in their development, design, and deployment lifecycles thus addressing the alignment of identified deficiencies and improvements needed to support national cyber security initiatives. The Secure Firewall (Sidewinder) appliance by Secure Computing was assessed for applicable use in critical infrastructure control system environments, such as electric power, nuclear and other facilities containing critical systems that require augmented protection from cyber threat. The testing was performed in the Pacific Northwest National Laboratorys (PNNL) Electric Infrastructure Operations Center (EIOC). The Secure Firewall was tested in a network configuration that emulates a typical control center network and then evaluated. A number of observations and recommendations are included in this report relating to features currently included in the Secure Firewall that support critical infrastructure security needs.

Hadley, Mark D.; Clements, Samuel L.

2009-01-01T23:59:59.000Z

250

Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies  

Science Conference Proceedings (OSTI)

Our reliance on the cyber infrastructure has further grown and the dependencies have become more complex. The infrastructure and applications running on it are not generally governed by the rules of bounded systems and inherit the properties of unbounded systems, such as the absence of global control, borders and barriers. Furthermore, the quest for increasing functionality and ease of operation is often at the cost of controllability, potentially opening up avenues for exploitation and failures. Intelligence is information valued for its currency and relevance rather than its detail or accuracy. In the presence of information explosion, i.e., the pervasive abundance of (public/private) information and the effects of such, intelligence has the potential to shift the advantages in the dynamic game of defense and attacks in cyber space. Gathering, analyzing, and making use of information constitutes a business-/sociopolitical-/military-intelligence gathering activity and ultimately poses significant advantages and liabilities to the survivability of "our" society. The combination of increased vulnerability, increased stakes and increased threats make cyber security and information intelligence (CSII) one of the most important emerging challenges in the evolution of modern cyberspace. The goal of the workshop is to establish, debate and challenge the far-reaching agenda that broadly and comprehensively outlines a strategy for cyber security and information intelligence that is founded on sound principles and technologies.

Sheldon, Frederick T [ORNL; Peterson, Greg D [ORNL; Krings, Axel [ORNL; Abercrombie, Robert K [ORNL; Mili, Ali [New Jersey Insitute of Technology

2009-01-01T23:59:59.000Z

251

A Hierarchical Security Architecture for Cyber-Physical Systems  

SciTech Connect

Security of control systems is becoming a pivotal concern in critical national infrastructures such as the power grid and nuclear plants. In this paper, we adopt a hierarchical viewpoint to these security issues, addressing security concerns at each level and emphasizing a holistic cross-layer philosophy for developing security solutions. We propose a bottom-up framework that establishes a model from the physical and control levels to the supervisory level, incorporating concerns from network and communication levels. We show that the game-theoretical approach can yield cross-layer security strategy solutions to the cyber-physical systems.

Quanyan Zhu; Tamer Basar

2011-08-01T23:59:59.000Z

252

NNSA Policy System | National Nuclear Security Administration  

National Nuclear Security Administration (NNSA)

Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure...

253

Aerial Measuring System | National Nuclear Security Administration  

National Nuclear Security Administration (NNSA)

Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure...

254

ORO Office Safeguards and Security Clearance Tracking System and Visitor  

NLE Websites -- All DOE Office Websites (Extended Search)

Office Safeguards and Security Clearance Tracking System and Office Safeguards and Security Clearance Tracking System and Visitor Control System PIA, Oak Ridge Operations Office ORO Office Safeguards and Security Clearance Tracking System and Visitor Control System PIA, Oak Ridge Operations Office ORO Office Safeguards and Security Clearance Tracking System and Visitor Control System PIA, Oak Ridge Operations Office ORO Office Safeguards and Security Clearance Tracking System and Visitor Control System PIA, Oak Ridge Operations Office More Documents & Publications Occupational Medicine - Assistant PIA, Idaho National Laboratory ORO Verification of Employment Tracking System(VETS) PIA, Oak ridge Operations Office iManage Strategic Integrated Procurement Enterprise System (STRIPES) PIA, Office of Procurement and Assistance Management

255

Process Control Systems in the Chemical Industry: Safety vs. Security  

Science Conference Proceedings (OSTI)

Traditionally, the primary focus of the chemical industry has been safety and productivity. However, recent threats to our nations critical infrastructure have prompted a tightening of security measures across many different industry sectors. Reducing vulnerabilities of control systems against physical and cyber attack is necessary to ensure the safety, security and effective functioning of these systems. The U.S. Department of Homeland Security has developed a strategy to secure these vulnerabilities. Crucial to this strategy is the Control Systems Security and Test Center (CSSTC) established to test and analyze control systems equipment. In addition, the CSSTC promotes a proactive, collaborative approach to increase industry's awareness of standards, products and processes that can enhance the security of control systems. This paper outlines measures that can be taken to enhance the cybersecurity of process control systems in the chemical sector.

Jeffrey Hahn; Thomas Anderson

2005-04-01T23:59:59.000Z

256

Secure quantum private information retrieval using phase-encoded queries  

Science Conference Proceedings (OSTI)

We propose a quantum solution to the classical private information retrieval (PIR) problem, which allows one to query a database in a private manner. The protocol offers privacy thresholds and allows the user to obtain information from a database in a way that offers the potential adversary, in this model the database owner, no possibility of deterministically establishing the query contents. This protocol may also be viewed as a solution to the symmetrically private information retrieval problem in that it can offer database security (inability for a querying user to steal its contents). Compared to classical solutions, the protocol offers substantial improvement in terms of communication complexity. In comparison with the recent quantum private queries [Phys. Rev. Lett. 100, 230502 (2008)] protocol, it is more efficient in terms of communication complexity and the number of rounds, while offering a clear privacy parameter. We discuss the security of the protocol and analyze its strengths and conclude that using this technique makes it challenging to obtain the unconditional (in the information-theoretic sense) privacy degree; nevertheless, in addition to being simple, the protocol still offers a privacy level. The oracle used in the protocol is inspired both by the classical computational PIR solutions as well as the Deutsch-Jozsa oracle.

Olejnik, Lukasz [CERN, 1211 Geneva 23, Switzerland and Poznan Supercomputing and Networking Center, Noskowskiego 12/14, PL-61-704 Poznan (Poland)

2011-08-15T23:59:59.000Z

257

Security guide for subcontractors  

Science Conference Proceedings (OSTI)

This security guide of the Department of Energy covers contractor and subcontractor access to DOE and Mound facilities. The topics of the security guide include responsibilities, physical barriers, personnel identification system, personnel and vehicular access controls, classified document control, protecting classified matter in use, storing classified matter repository combinations, violations, security education clearance terminations, security infractions, classified information nondisclosure agreement, personnel security clearances, visitor control, travel to communist-controlled or sensitive countries, shipment security, and surreptitious listening devices.

Adams, R.C.

1991-01-01T23:59:59.000Z

258

Secure Retrieval of FFTF Testing, Design, and Operating Information  

Science Conference Proceedings (OSTI)

One of the goals of the Advanced Fuel Cycle Initiative (AFCI) is to preserve the knowledge that has been gained in the United States on Liquid Metal Reactors (LMR). In addition, preserving LMR information and knowledge is part of a larger international collaborative activity conducted under the auspices of the International Atomic Energy Agency (IAEA). A similar program is being conducted for EBR-II at the Idaho Nuclear Laboratory (INL) and international programs are also in progress. Knowledge preservation at the FFTF is focused on the areas of design, construction, startup, and operation of the reactor. As the primary function of the FFTF was testing, the focus is also on preserving information obtained from irradiation testing of fuels and materials. This information will be invaluable when, at a later date, international decisions are made to pursue new LMRs. In the interim, this information may be of potential use for international exchanges with other LMR programs around the world. At least as important in the United States, which is emphasizing large-scale computer simulation and modeling, this information provides the basis for creating benchmarks for validating and testing these large scale computer programs. Although the preservation activity with respect to FFTF information as discussed below is still underway, the team of authors above is currently retrieving and providing experimental and design information to the LMR modeling and simulation efforts for use in validating their computer models. On the Hanford Site, the FFTF reactor plant is one of the facilities intended for decontamination and decommissioning consistent with the cleanup mission on this site. The reactor facility has been deactivated and is being maintained in a cold and dark minimal surveillance and maintenance mode until final decommissioning is pursued. In order to ensure protection of information at risk, the program to date has focused on sequestering and secure retrieval. Accomplishments include secure retrieval of: more than 400 boxes of FFTF information, several hundred microfilm reels including Clinch River Breeder Reactor (CRBR) information, and 40 boxes of information on the Fuels and Materials Examination Facility (FMEF). All information preserved to date is now being stored and categorized consistent with the IAEA international standardized taxonomy. Earlier information largely related to irradiation testing is likewise being categorized. The fuel test results information exists in several different formats depending upon the final stage of the test evaluation. In some cases there is information from both non-destructive and destructive examination while in other cases only non-destructive results are available. Non-destructive information would include disassembly records, dimensional profilometry, gamma spectrometry, and neutron radiography. Information from destructive examinations would include fission gas analysis, metallography, and photomicrographs. Archiving of FFTF data, including both the reactor plant and the fuel test information, is being performed in coordination with other data archiving efforts underway under the aegis of the AFCI program. In addition to the FFTF efforts, archiving of data from the EBR-II reactor is being carried out by INL. All material at risk associated with FFTF documentation has been secured in a timely manner consistent with the stated plan. This documentation is now being categorized consistent with internationally agreed upon IAEA standards. Documents are being converted to electronic format for transfer to a large searchable electronic database being developed by INL. In addition, selected FFTF information is being used to generate test cases for large-scale simulation modeling efforts and for providing Design Data Need (DDN) packages as requested by the AFCI program.

Butner, R. Scott; Wootan, David W.; Omberg, Ronald P.; Makenas, Bruce J.; Nielsen, Deborah

2009-10-01T23:59:59.000Z

259

Prototype system brings advantages of wireless technology to secure  

National Nuclear Security Administration (NNSA)

Prototype system brings advantages of wireless technology to secure Prototype system brings advantages of wireless technology to secure environment | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog Home > NNSA Blog > Prototype system brings advantages of wireless technology ... Prototype system brings advantages of wireless technology to secure environment

260

Roadmap to Secure Control Systems in the Energy Sector 2006 ...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

the Energy Sector More Documents & Publications Security is Not an Option DOE National SCADA Test Bed Program Multi-Year Plan Roadmap to Achieve Energy Delivery Systems...

Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


261

Security Controls for Computer Systems (U): Report of ...  

Science Conference Proceedings (OSTI)

... This first step is essential in order that ... other computing systems, any facilities for security ... management controls and procedures, facility clearance is ...

2013-04-15T23:59:59.000Z

262

Securing Wide Area Measurement Systems | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

measurement system (WAMS) security conducted by Pacific Northwest National Laboratory (PNNL) as a project funded by the National SCADA Test Bed Program in cooperation with the...

263

Agent Tcl: A flexible and secure mobile-agent system  

E-Print Network (OSTI)

An information agent manages all or a portion of a user's information space. The electronic resources in this space are often distributed across a network and can contain tremendous quantities of data. Mobile agents provide efficient access to such resources and are a powerful tool for implementing information agents. A mobile agent is an autonomous program that can migrate from machine to machine in a heterogeneous network. By migrating to the location of a resource, the agent can access the resource efficiently even if network conditions are poor or the resource has a low-level interface. Telescript is the best-known mobile-agent system. Telescript, however, requires the programmer to learn and work with a complex object-oriented language and a complex security model. Agent Tcl, on the other hand, is a simple, flexible, and secure system that is based on the Tcl scripting language and the Safe Tcl extension. In this paper we describe the architecture of Agent Tcl and its current implementation.

Robert S. Gray

1996-01-01T23:59:59.000Z

264

Security Enforcement Reporting Criteria  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Classified Information Security Noncompliance Reporting Criteria January 2012 MANDATORY SECURITY INCIDENT REPORTING Classified information security noncompliances are categorized...

265

Proceedings of the 2nd international conference on Security of information and networks  

Science Conference Proceedings (OSTI)

It is our great pleasure to welcome you to the 2nd International Conference on Security of Information and Networks -- SIN 2009, this year organized in technical cooperation with ACM Special Interest Group on Security, Audit and Control (SIGSAC). ...

Atilla Eli; Oleg Makarevich; Mehmet Orgun; Alexander Chefranov; Josef Pieprzyk; Yuri Anatolievich Bryukhomitsky; S?dd?ka Berna rs

2009-10-01T23:59:59.000Z

266

Security Issues and Challenges for Cyber Physical System  

Science Conference Proceedings (OSTI)

In this paper, we investigate the security challenges and issues of cyber-physical systems. (1)We abstract the general workflow of cyber physical systems, (2)identify the possible vulnerabilities, attack issues, adversaries characteristics and a set ... Keywords: Cyber-Physical System, Security, actuation, context-aware

Eric Ke Wang; Yunming Ye; Xiaofei Xu; S. M. Yiu; L. C. K. Hui; K. P. Chow

2010-12-01T23:59:59.000Z

267

Cyber-Physical Systems Security for Smart Grid  

E-Print Network (OSTI)

Cyber-Physical Systems Security for Smart Grid Future Grid Initiative White Paper Power Systems-Physical Systems Security for Smart Grid Prepared for the Project "The Future Grid to Enable Sustainable Energy, mitigation, and resilience ­ is among the most important R&D needs for the emerging smart grid. One

268

Cyber-Physical Systems Security for Smart Grid  

E-Print Network (OSTI)

Cyber-Physical Systems Security for Smart Grid Future Grid Initiative White Paper Power Systems-Physical Systems Security for Smart Grid Prepared for the Project "The Future Grid to Enable Sustainable Energy important R&D needs for the emerging smart grid. One of the overarching goals of the future research

269

Proposed Information Sharing Security Approach for Security Personnels, Vertical Integration, Semantic Interoperability Architecture and Framework for Digital Government  

E-Print Network (OSTI)

This paper mainly depicts the conceptual overview of vertical integration, semantic interoperability architecture such as Educational Sector Architectural Framework (ESAF) for New Zealand government and different interoperability framework solution for digital government. In this paper, we try to develop a secure information sharing approach for digital government to improve home land security. This approach is a role and cooperation based approach for security personnel of different government departments. In order to run any successful digital government of any country in the world, it is necessary to interact with their citizen and to share secure information via different network among the citizen or other government. Consequently, in order to smooth the progress of users to cooperate with and share information without darkness and flawlessly transversely different networks and databases universally, a safe and trusted information-sharing environment has been renowned as a very important requirement and t...

Headayetullah, Md; Biswas, Sanjay; Puthal, B

2011-01-01T23:59:59.000Z

270

'Known Secure Sensor Measurements' for Critical Infrastructure Systems: Detecting Falsification of System State  

Science Conference Proceedings (OSTI)

This paper describes a first investigation on a low cost and low false alarm, reliable mechanism for detecting manipulation of critical physical processes and falsification of system state. We call this novel mechanism Known Secure Sensor Measurements (KSSM). The method moves beyond analysis of network traffic and host based state information, in fact it uses physical measurements of the process being controlled to detect falsification of state. KSSM is intended to be incorporated into the design of new, resilient, cost effective critical infrastructure control systems. It can also be included in incremental upgrades of already in- stalled systems for enhanced resilience. KSSM is based on known secure physical measurements for assessing the likelihood of an attack and will demonstrate a practical approach to creating, transmitting, and using the known secure measurements for detection.

Miles McQueen; Annarita Giani

2011-09-01T23:59:59.000Z

271

Energy Independence and Security Act of 2007 | Open Energy Information  

Open Energy Info (EERE)

Links Energy Independence and Security Act of 2007 Retrieved from "http:en.openei.orgwindex.php?titleEnergyIndependenceandSecurityActof2007&oldid255460" Category: Stubs...

272

MODELING SECURITY IN CYBER-PHYSICAL SYSTEMS  

E-Print Network (OSTI)

network at the Davis-Besse nuclear power plant in Oak Harbor, Ohio, was infected [39]. There have been-physical systems, threat models, protocols for treaty verification. 1. Introduction The rapid growth of information) sys- tems that monitor power, gas/oil transportation, water and waste-water distribution. Such systems

Burmester, Mike

273

Cyber Security Procurement Methodology for Power Delivery Systems  

Science Conference Proceedings (OSTI)

Determining how to apply cyber security requirements for new power delivery systems requires cyber security experts, power system engineers, and procurement organizations to work together with vendors to implement and maintain cyber security controls. Improper or incomplete implementation of controls due to lack of proper requirements and/or division of responsibilities between the utility and vendor can often result in costly backfit to meet requirements.The Electric Power Research ...

2012-12-31T23:59:59.000Z

274

Cyber Security | More Science | ORNL  

NLE Websites -- All DOE Office Websites (Extended Search)

System-of-systems analysis Visualization tools for complex information Next-generation smart grid technologies Quantum computing, security, and data fusion For more information,...

275

A testbed for secure and robust SCADA systems  

Science Conference Proceedings (OSTI)

The Supervisory Control and Data Acquisition System (SCADA) monitor and control real-time systems. SCADA systems are the backbone of the critical infrastructure, and any compromise in their security can have grave consequences. Therefore, there is a ...

Annarita Giani; Gabor Karsai; Tanya Roosta; Aakash Shah; Bruno Sinopoli; Jon Wiley

2008-07-01T23:59:59.000Z

276

DOE and Industry Showcase New Control Systems Security Technologies at  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Technology Development » Energy Delivery Systems Technology Development » Energy Delivery Systems Cybersecurity » Control Systems Security News Archive » DOE and Industry Showcase New Control Systems Security Technologies at DistribuTECH DOE and Industry Showcase New Control Systems Security Technologies at DistribuTECH DistribuTECH Conference Tuesday-Thursday, March 23-25, 2010 Tampa Convention Center Booth #231 Tampa, FL Join the Department of Energy and its industry partners as they showcase six new products and technologies designed to secure the nation's energy infrastructure from cyber attack on Tuesday through Thursday, March 23-25. Visit Booth #231 at the DistribuTECH 2010 Conference & Exhibition in Tampa, FL, to see first-hand demonstrations of several newly commercialized control systems security products-each developed through a

277

7/26/2011 University of Texas at Austin Information Technology Services ITS Security Operations A. Security Consultant Scope of Work  

E-Print Network (OSTI)

7/26/2011 University of Texas at Austin ­ Information Technology Services ITS Security;7/26/2011 University of Texas at Austin ­ Information Technology Services ITS Security Operations 2 ii. Document of Texas at Austin ­ Information Technology Services ITS Security Operations 3 iii. Attend

Texas at Austin, University of

278

Research challenges for the security of control systems  

Science Conference Proceedings (OSTI)

In this paper we attempt to answer two questions: (1) Why should we be interested in the security of control systems? And (2) What are the new and fundamentally different requirements and problems for the security of control systems? We also propose ...

Alvaro A. Crdenas; Saurabh Amin; Shankar Sastry

2008-07-01T23:59:59.000Z

279

Developing Secure Power Systems Professional Competence: Alignment and Gaps  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Developing Secure Power Systems Professional Competence: Alignment Developing Secure Power Systems Professional Competence: Alignment and Gaps in Workforce Development Programs - Phase 2 (July/August 2013) Developing Secure Power Systems Professional Competence: Alignment and Gaps in Workforce Development Programs - Phase 2 (July/August 2013) DOE has recognized that the electricity industry needs workforce development resources that can aid in the accelerating need for Secure Power Systems Professionals, while at the same time identifying capabilities and competencies to protect and enable the modernized grid currently being built. In the spring of 2011 a project was initiated to identify those capabilities and competencies along with assessing the need and qualifications for a certification program for Secure Power Systems

280

Privacy and Security Research Group workshop on network and distributed system security: Proceedings  

Science Conference Proceedings (OSTI)

This report contains papers on the following topics: NREN Security Issues: Policies and Technologies; Layer Wars: Protect the Internet with Network Layer Security; Electronic Commission Management; Workflow 2000 - Electronic Document Authorization in Practice; Security Issues of a UNIX PEM Implementation; Implementing Privacy Enhanced Mail on VMS; Distributed Public Key Certificate Management; Protecting the Integrity of Privacy-enhanced Electronic Mail; Practical Authorization in Large Heterogeneous Distributed Systems; Security Issues in the Truffles File System; Issues surrounding the use of Cryptographic Algorithms and Smart Card Applications; Smart Card Augmentation of Kerberos; and An Overview of the Advanced Smart Card Access Control System. Selected papers were processed separately for inclusion in the Energy Science and Technology Database.

Not Available

1993-05-01T23:59:59.000Z

Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


281

Guideline for Securing Control Systems and Corporate Network Interfaces  

Science Conference Proceedings (OSTI)

Until recent years, many electric utilities have dealt with the cyber security issues of protecting control system networks by keeping the control system and corporate system networks physically separate. Others have prohibited remote access to control system networks, requiring all connections be made onsite. While these techniques effectively protect the system from external cyber-security-based threats, they are restricting a growing requirement for access, particularly among corporate users who need ...

2005-12-05T23:59:59.000Z

282

Secure Safety: Secure Remote Access to Critical Safety Systems in Offshore Installations  

Science Conference Proceedings (OSTI)

Safety Instrumented Systems (SIS) as defined in IEC 61508 and IEC 61511 are very important for the safety of offshore oil & natural gas installations. SIS typically include the Emergency Shutdown System (ESD) that ensures that process systems return ... Keywords: Offshore, Process Control, Safety Instrumented Systems, Secure remote access

Martin Gilje Jaatun; Tor Olav Grtan; Maria B. Line

2008-06-01T23:59:59.000Z

283

Security in the Telecommunications Information Networking Architecture --the CrySTINA Approach \\Lambda  

E-Print Network (OSTI)

Security in the Telecommunications Information Networking Architecture -- the CrySTINA Approach results of the CrySTINA project. We analyze and structure the security problem domain in the TINA­C architecture and present our approach to pro­ vide the necessary security functionality in the form of self

Bencsáth, Boldizsár

284

Lincoln Electric System | Open Energy Information  

Open Energy Info (EERE)

Lincoln Electric System Lincoln Electric System Place Nebraska Utility Id 11018 Utility Location Yes Ownership M NERC Location MRO NERC MRO Yes RTO SPP Yes Operates Generating Plant Yes Activity Generation Yes Activity Transmission Yes Activity Buying Transmission Yes Activity Distribution Yes Activity Wholesale Marketing Yes References EIA Form EIA-861 Final Data File for 2010 - File1_a[1] Energy Information Administration Form 826[2] LinkedIn Connections CrunchBase Profile No CrunchBase profile. Create one now! This article is a stub. You can help OpenEI by expanding it. Utility Rate Schedules Grid-background.png 1000 W Mercury Vapor- Security Light Lighting 150 W High Pressure Sodium - Security Light Lighting 175 W Mercury Vapor- Security Light Lighting 250 W High Pressure Sodium - Security Light Lighting

285

NIST SP 800-100, Information Security Handbook: A Guide for ...  

Science Conference Proceedings (OSTI)

... The handbook is therefore useful to any manager who requires a ... Agency information security policy should address the fundamentals of agency ...

2013-06-11T23:59:59.000Z

286

Secure transfer of measurement data in open systems  

Science Conference Proceedings (OSTI)

The liberalization of different markets which are liable to legal metrology accelerates the need for transferring measuring data over open networks. This increases the involvement of communication technology in measuring systems and raises new security ... Keywords: Digital signatures, Legal metrology, SELMA, Secure data transfer

Luigi Lo Iacono; Christoph Ruland; Norbert Zisky

2006-01-01T23:59:59.000Z

287

Implementing information-theoretically secure oblivious transfer from packet reordering  

Science Conference Proceedings (OSTI)

If we assume that adversaries have unlimited computational capabilities, secure computation between mutually distrusting players can not be achieved using an error-free communication medium. However, secure multi-party computation becomes possible when ... Keywords: delay, noisy channels, oblivious transfer, packet reordering, secure multi-party computation

Paolo Palmieri; Olivier Pereira

2011-11-01T23:59:59.000Z

288

Cyber Security and Information Intelligence Research Workshop (CSIIRW'11) Proceedings  

SciTech Connect

The energy industry is embarking upon an infrastructure transformation that will result in a national power grid that is more intelligent, robust, resilient, and secure. While the final form will not be known for quite some time, clearly a smarter grid will make better use of information. Whether an electric utility is making real-time adjustments in response to changing load conditions, or commercial and private consumers are making better choices, the timely availability of this information will become increasingly critical. Ultimately, the overall efficiency, reliability, and resilience of the grid is inextricably linked to information. Unfortunately, "the electric power sector is second from the bottom of all major U.S. industries in terms of R&D spending as a percentage of revenue, exceeding only pulp and paper [Amin2011]." Moreover, U.S. officials worry that cyber-spies could use their [demonstrated] access to shut down the grid or take control of power plants during a time of crisis or war [CIO09, WSJ09]. Moreover, Massachusetts Institute of Technology (MIT) released the results of a two-year study, The Future of the Electric Grid.

Sheldon, Frederick T [ORNL; Abercrombie, Robert K [ORNL; Krings, Axel [ORNL

2011-01-01T23:59:59.000Z

289

Measurable Control System Security through Ideal Driven Technical Metrics  

Science Conference Proceedings (OSTI)

The Department of Homeland Security National Cyber Security Division supported development of a small set of security ideals as a framework to establish measurable control systems security. Based on these ideals, a draft set of proposed technical metrics was developed to allow control systems owner-operators to track improvements or degradations in their individual control systems security posture. The technical metrics development effort included review and evaluation of over thirty metrics-related documents. On the bases of complexity, ambiguity, or misleading and distorting effects the metrics identified during the reviews were determined to be weaker than necessary to aid defense against the myriad threats posed by cyber-terrorism to human safety, as well as to economic prosperity. Using the results of our metrics review and the set of security ideals as a starting point for metrics development, we identified thirteen potential technical metrics - with at least one metric supporting each ideal. Two case study applications of the ideals and thirteen metrics to control systems were then performed to establish potential difficulties in applying both the ideals and the metrics. The case studies resulted in no changes to the ideals, and only a few deletions and refinements to the thirteen potential metrics. This led to a final proposed set of ten core technical metrics. To further validate the security ideals, the modifications made to the original thirteen potential metrics, and the final proposed set of ten core metrics, seven separate control systems security assessments performed over the past three years were reviewed for findings and recommended mitigations. These findings and mitigations were then mapped to the security ideals and metrics to assess gaps in their coverage. The mappings indicated that there are no gaps in the security ideals and that the ten core technical metrics provide significant coverage of standard security issues with 87% coverage. Based on the two case studies and evaluation of the seven assessments, the security ideals demonstrated their value in guiding security thinking. Further, the final set of core technical metrics has been demonstrated to be both usable in the control system environment and provide significant coverage of standard security issues.

Miles McQueen; Wayne Boyer; Sean McBride; Marie Farrar; Zachary Tudor

2008-01-01T23:59:59.000Z

290

Process Control System Cyber Security Standards - An Overview  

Science Conference Proceedings (OSTI)

The use of cyber security standards can greatly assist in the protection of process control systems by providing guidelines and requirements for the implementation of computer-controlled systems. These standards are most effective when the engineers and operators, using the standards, understand what each standard addresses. This paper provides an overview of several standards that deal with the cyber security of process measurements and control systems.

Robert P. Evans

2006-05-01T23:59:59.000Z

291

NCNR Information Management System  

Science Conference Proceedings (OSTI)

... Use TLS 1.0 (Security section under Advanced tab); Enable Java Scripting (Scripting section from Custom Level under Security tab); ...

292

US National Nuclear Security Administration NNSA | Open Energy Information  

Open Energy Info (EERE)

Nuclear Security Administration NNSA Nuclear Security Administration NNSA Jump to: navigation, search Name US National Nuclear Security Administration (NNSA) Place Washington, DC Zip 20585 Product Washington D.C.-based nuclear body established by the United States Congress as a separately organized agency within the US Department of Energy. References US National Nuclear Security Administration (NNSA)[1] LinkedIn Connections CrunchBase Profile No CrunchBase profile. Create one now! This article is a stub. You can help OpenEI by expanding it. US National Nuclear Security Administration (NNSA) is a company located in Washington, DC . References ↑ "US National Nuclear Security Administration (NNSA)" Retrieved from "http://en.openei.org/w/index.php?title=US_National_Nuclear_Security_Administration_NNSA&oldid=352617

293

Cyber Security Testing and Training Programs for Industrial Control Systems  

DOE Green Energy (OSTI)

Service providers rely on industrial control systems (ICS) to manage the flow of water at dams, open breakers on power grids, control ventilation and cooling in nuclear power plants, and more. In today's interconnected environment, this can present a serious cyber security challenge. To combat this growing challenge, government, private industry, and academia are working together to reduce cyber risks. The Idaho National Laboratory (INL) is a key contributor to the Department of Energy National SCADA Test Bed (NSTB) and the Department of Homeland Security (DHS) Control Systems Security Program (CSSP), both of which focus on improving the overall security posture of ICS in the national critical infrastructure. In support of the NSTB, INL hosts a dedicated SCADA testing facility which consists of multiple control systems supplied by leading national and international manufacturers. Within the test bed, INL researchers systematically examine control system components and work to identify vulnerabilities. In support of the CSSP, INL develops and conducts training courses which are designed to increase awareness and defensive capabilities for IT/Control System professionals. These trainings vary from web-based cyber security trainings for control systems engineers to more advanced hands-on training that culminates with a Red Team/ Blue Team exercise that is conducted within an actual control systems environment. INL also provides staffing and operational support to the DHS Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) Security Operations Center which responds to and analyzes control systems cyber incidents across the 18 US critical infrastructure sectors.

Daniel Noyes

2012-03-01T23:59:59.000Z

294

A privacy expectations and security assurance offer system  

Science Conference Proceedings (OSTI)

Consumers accessing web sites for information or to purchase products face limited opportunity to express their privacy preferences, and even less recourse if security violations lead to inadvertent disclosure of privacy sensitive information. A privacy ... Keywords: e-commerce, incentives, insurance, privacy

Jeffrey Hunker

2008-07-01T23:59:59.000Z

295

Energy Information Systems website  

NLE Websites -- All DOE Office Websites (Extended Search)

and visualize the energy use of their buildings. Please visit the recently updated Energy Information System website for EETD research papers, case studies, and a download...

296

Activities to Secure Control Systems in the Energy Sector  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

sector sector NSTB November 2008 Hank Kenchington - Program Manager Office of Electricity of Delivery and Energy Reliability U.S. Department of Energy Activities to Secure Control Systems in the Energy Sector * 2,000,000 Miles of Oil Pipelines * 1,300,000 Miles of Gas Pipelines * 2,000 Petroleum Terminals * ~1,000,000 Wells * Extensive Ports, Refineries, Transportation, and LNG Facilities * 160,000 Miles of Electrical Transmission lines * ~17,000 Generators; 985,000 Megawatts (net summer capacity) * Over 3,100 Electric Utilities, with 131 million customers Refinery Locations, Crude and Product Pipelines Source: Energy Information Administration, Office of Oil & Gas LNG Import Facilities (Reactivation underway) Legend Interstate Pipelines Intrastate and Other Pipelines

297

Security Analysis of Emerging Remote Obstetrics Monitoring Systems  

E-Print Network (OSTI)

assume home-based systems have a higher level of security protections. A password protection mechanism and management will need to be in place. No medical professionals to operate monitoring device in home-based

Wu, Jie

298

Homeland Security Challenges Facing Small Water Systems in Texas  

E-Print Network (OSTI)

This fact sheet describes Homeland Security issues that affect Texas and the nation. It includes an overview of some of the key water resource issues associated with preventing intentional contamination of water supplies served by small water systems.

Dozier, Monty; Theodori, Gene L.; Jensen, Ricard

2007-05-31T23:59:59.000Z

299

Security Automation Conference & Workshop  

Science Conference Proceedings (OSTI)

... Security Automation Conference & Workshop. ... Richard Hale, DISA - Information Security & Security Automation in DoD (coming soon); ...

300

HIPAA Security Rule  

Science Conference Proceedings (OSTI)

Related ActivitiesHIPAA Security RuleHealth Information Exchange (HIE) Security Architecture. Related ... HIPAA Security Rule. NIST ...

2011-11-21T23:59:59.000Z

Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


301

AMI System Security Requirements - v1_01-1 | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

AMI System Security Requirements - v101-1 AMI System Security Requirements - v101-1 This document provides the utility industry and vendors with a set of security requirements...

302

Cyberspace security: How to develop a security strategy  

E-Print Network (OSTI)

Despite all visible dividers, the Internet is getting us closer and closer, but with a great price. Our security is the price. The internatl. community is fully aware of the urgent need to secure the cyberspace as you see the multiplication of security standards and national schemes interpreting them beyond borders: ISO 15408, ISO 17799, and ISO 27001. Even though some countries, incl. the Security Big Six (SB6), are equipped with their security books and may feel relatively safe; this remains a wrong sense of security as long as they share their networks with entities of less security. The standards impose security best practices and system specifications for the development of information security management systems. Partners beyond borders have to be secure as this is only possible if all entities connected to the partnership remain secure. Unfortunately, there is no way to verify the continuous security of partners without periodic security auditing and certification, and members who do not comply should ...

Raggad, Bel G

2007-01-01T23:59:59.000Z

303

Security on the US Fusion Grid  

E-Print Network (OSTI)

Foster, et al. , A Security Architecture for ComputationalComputer and Communications Security Conf. 83, T.W. FredianInformation and System Security ( TISSEC) J.R. Burruss, et

Burruss, Justin R.; Fredian, Tom W.; Thompson, Mary R.

2005-01-01T23:59:59.000Z

304

Data security on the national fusion grid  

E-Print Network (OSTI)

Foster, et al. , A Security Architecture for ComputationalComputer and Communications Security Conf. 83, T.W. FredianInformation and System Security ( TISSEC) J.R. Burruss, et

Burruss, Justine R.; Fredian, Tom W.; Thompson, Mary R.

2005-01-01T23:59:59.000Z

305

Proceedings of the 7th Annual Workshop on Cyber Security and Information Intelligence Research: Energy Infrastructure Cyber Protection  

Science Conference Proceedings (OSTI)

The energy industry is embarking upon an infrastructure transformation that will result in a national power grid that is more intelligent, robust, resilient, and secure. While the final form will not be known for quite some time, clearly a smarter grid will make better use of information. Whether an electric utility is making real-time adjustments in response to changing load conditions, or commercial and private consumers are making better choices, the timely availability of this information will become increasingly critical. Ultimately, the overall efficiency, reliability, and resilience of the grid is inextricably linked to information. Unfortunately, "the electric power sector is second from the bottom of all major U.S. industries in terms of R&D spending as a percentage of revenue, exceeding only pulp and paper [Amin2011]." Moreover, U.S. officials worry that cyber-spies could use their [demonstrated] access to shut down the grid or take control of power plants during a time of crisis or war [CIO09, WSJ09]. Protecting and trusting information is not unique to the grid. Indeed, the information security market is worth tens of billions of dollars, almost exclusively in cyber security products and services. Yet, solutions designed for the Internet are often not appropriate for securing the energy grid, which has a different set of priorities and communication needs. Any viable information security solution must address those unique challenges and features. The discussion at the CSIIR Workshop was primarily focused about the Energy Infrastructure Cyber Protection (ENCyP) Initiative. ENCyP is a multidisciplinary strategic theme oriented on cyber protection for the most critical and most vulnerable components of Energy Delivery System (EDS). The initiative derived from ORNL's focus on energy and cyber-physical defenses. On this basis we received just over 100 submissions stemming from both novel theoretical and empirical research focused on the many different aspects of ENCyP. We encouraged the participation of researchers and practitioners from a wide range of professional disciplines to ensure a comprehensive understanding of the needs, stakes and the evolving context ENCyP. Topics included: Security assurance/interoperability for Energy Delivery Systems (EDS) Scalable/trusted control (cyber-physical) systems security Visual analytics for cyber security Next generation control systems vulnerability assessment Wireless Smart Grid security SCADA, EDS communications security test beds Use cases and attack scenarios for EDS Wide area monitoring, protection & control AMI, demand-response, distribution grid management security Electric transportation & distributed energy resources security Policy/standards driven architectures for EDS Anti-tamper device architectures Cryptographic key management for EDS Security risk assessment and management for EDS Insider and life-cycle threats Automated vulnerability detection Access control management and authentication services for EDS Secure information exchange gateway & watchdog switches Bio-Inspired technologies for enhancing EDS cybersecurity A principle goal of the workshop was to foster discussions and dialog among the 210 registered attendees from North and South America, Europe, Asia, and Africa. This goal was initiated and facilitated by 8 plenary keynote addresses including our banquet and reception speakers. There were also six invited speakers, including two panels of government and national laboratory representatives. A total of one hundred and three papers (i.e., extended abstracts [EAs]) were submitted involving over three hundred independent reviews from more than one hundred reviewers. Thirty two percent of the papers that were submitted received two reviews while all of the rest of the papers received three or more. Fifty-four EAs were accepted. Twenty-five posters were invited. All of the EAs, presentations and posters are included in our proceedings. The subject areas span the topics above and were organized into nine tracks: Security Assurance for EDS; Wide Area Mo

Sheldon, Frederick T [ORNL; Abercrombie, Robert K [ORNL; Krings, Axel [University of Idaho

2011-01-01T23:59:59.000Z

306

Lincoln Electric System | Open Energy Information  

Open Energy Info (EERE)

System System (Redirected from LES) Jump to: navigation, search Name Lincoln Electric System Place Nebraska Utility Id 11018 Utility Location Yes Ownership M NERC Location MRO NERC MRO Yes RTO SPP Yes Operates Generating Plant Yes Activity Generation Yes Activity Transmission Yes Activity Buying Transmission Yes Activity Distribution Yes Activity Wholesale Marketing Yes References EIA Form EIA-861 Final Data File for 2010 - File1_a[1] Energy Information Administration Form 826[2] LinkedIn Connections CrunchBase Profile No CrunchBase profile. Create one now! This article is a stub. You can help OpenEI by expanding it. Utility Rate Schedules Grid-background.png 1000 W Mercury Vapor- Security Light Lighting 150 W High Pressure Sodium - Security Light Lighting 175 W Mercury Vapor- Security Light Lighting

307

U-200: Red Hat Directory Server Information Disclosure Security...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Successful exploitation of the security issue requires that the audit log is enabled (disabled by default). 2) The vulnerability is caused due to an error when changing password...

308

Towards Security Evaluation BASED ON EVIDENCE COLLECTION  

E-Print Network (OSTI)

Information security evaluation of software-intensive systems typically relies heavily on the experience of the security professionals. Obviously, automated approaches are needed in this field. Unfortunately, there is no practical approach to carrying out security evaluation in a systematic way. Here we introduce a general-level holistic framework for security evaluation based on security behaviour modelling and security evidence collection, and discuss its applicability to the design of security evaluation experimentation setups in real-world systems.

Reijo Savola

2006-01-01T23:59:59.000Z

309

Roadmap to Secure Control Systems in the Energy Sector  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Roadmap Roadmap to Secure Control Systems in the Energy Sector -  - Foreword T his document, the Roadmap to Secure Control Systems in the Energy Sector, outlines a coherent plan for improing cyber security in the energy sector. It is the result of an unprecedented collaboration between the energy sector and goernment to identify concrete steps to secure control systems used in the electricity, oil, and natural gas sectors oer the next ten years. The Roadmap proides a strategic framework for guiding industry and goernment efforts based on a clear ision supported by goals and time-based milestones. It addresses the energy sector's most urgent challenges as well as longer-term needs and practices. A distinctie feature of this collaboratie effort is the actie inolement and leadership of energy asset

310

Executive information system  

DOE Green Energy (OSTI)

The Executive Information System (EIS) is a computer-based information handling system. The system has been designed and implemented for Energy Conversion and Utilization Technologies to allow program managers easy access and tracking of certain types of reporting at various levels of management interaction, to simplify the handling of program-related data, and to streamline the preparation of reporting documents and responses to requests for information from the program. The EIS is especially useful in assisting DOE program managers in the routine dissemination of reports and information. The characteristics of each component of the EIS are discussed. A user's guide to the EIS is included in this report.

Vitullo, M.; Winter, C.; Johnson, D.R.

1984-07-01T23:59:59.000Z

311

Environmental geographic information system.  

Science Conference Proceedings (OSTI)

This document describes how the Environmental Geographic Information System (EGIS) was used, along with externally received data, to create maps for the Site-Wide Environmental Impact Statement (SWEIS) Source Document project. Data quality among the various classes of geographic information system (GIS) data is addressed. A complete listing of map layers used is provided.

Peek, Dennis; Helfrich, Donald Alan; Gorman, Susan

2010-08-01T23:59:59.000Z

312

Network and System Management for Reliability and Cyber Security  

Science Conference Proceedings (OSTI)

The evolving control of the electric power grid is increasingly dependent on information technology and telecommunication infrastructures, which, like the grid itself, must be managed in a holistic way to ensure reliability and security. The management of this information infrastructure requires connectivity and analytics to support both information technology (IT) and operational technology (OT) assets in a unified manner.This project utilized a telecommunications modeled network ...

2012-11-28T23:59:59.000Z

313

U-200: Red Hat Directory Server Information Disclosure Security Issue and  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

200: Red Hat Directory Server Information Disclosure Security 200: Red Hat Directory Server Information Disclosure Security Issue and Vulnerability U-200: Red Hat Directory Server Information Disclosure Security Issue and Vulnerability June 27, 2012 - 7:00am Addthis PROBLEM: A security issue and a vulnerability have been reported in Red Hat Directory Server, which can be exploited by malicious users to disclose sensitive information. PLATFORM: Red Hat Directory Server 8.x ABSTRACT: If an LDAP user had changed their password, and the directory server had not been restarted since that change, an attacker able to bind to the directory server could obtain the plain text version of that user's password. Reference Links: Original Advisory Secunia ID 49734 CVE-2012-2678, CVE-2012-2746 IMPACT ASSESSMENT: Medium Discussion: 1) The security issue is caused due to new passwords being saved to the

314

U-200: Red Hat Directory Server Information Disclosure Security Issue and  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

0: Red Hat Directory Server Information Disclosure Security 0: Red Hat Directory Server Information Disclosure Security Issue and Vulnerability U-200: Red Hat Directory Server Information Disclosure Security Issue and Vulnerability June 27, 2012 - 7:00am Addthis PROBLEM: A security issue and a vulnerability have been reported in Red Hat Directory Server, which can be exploited by malicious users to disclose sensitive information. PLATFORM: Red Hat Directory Server 8.x ABSTRACT: If an LDAP user had changed their password, and the directory server had not been restarted since that change, an attacker able to bind to the directory server could obtain the plain text version of that user's password. Reference Links: Original Advisory Secunia ID 49734 CVE-2012-2678, CVE-2012-2746 IMPACT ASSESSMENT: Medium Discussion: 1) The security issue is caused due to new passwords being saved to the

315

Office of Security  

NLE Websites -- All DOE Office Websites (Extended Search)

Security Security Home Sub Offices › Security Policy › Security Assistance › Departmental Personnel Security Mission & Functions › Security Policy › Security Assistance › Departmental Personnel Security Human Reliability Program (HRP) Guidance Documents Security Technology Information Archive (STIA) Related Links › DOE › DOE CIO › NNSA › DOE CFO › NTC › S&S PIR Contact Us HSS Logo Welcome to the Office of Security Mission and Functions The Office of Security (HS-50) developes security policy, provides security expertise to assist field elements in planning site protection strategies and coordinates with domestic authorities to provide safeguards and security technical assistance, technical systems support, and technology development and deployment opportunities. The Office of Security, through the Office of Departmental Personnel Security, also ensures that Departmental personnel security programs (included the National Nuclear Security Administration) are consistent and effectively implemented.

316

MINIMUM SECURITY REQUIREMENTS FOR FEDERAL  

E-Print Network (OSTI)

March 2006 MINIMUM SECURITY REQUIREMENTS FOR FEDERAL INFORMATION AND INFORMATION SYSTEMS: FEDERAL INFORMATION PROCESSING STANDARD (FIPS) 200 APPROVED BY THE SECRETARY OF COMMERCE MINIMUM SECURITY REQUIREMENTS BY THE SECRETARY OF COMMERCE Shirley Radack, EditorShirley Radack, Editor Computer Security Division

317

Small Business Sourcing System | National Nuclear Security Administration  

National Nuclear Security Administration (NNSA)

Sourcing System | National Nuclear Security Administration Sourcing System | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog Small Business Sourcing System Home > About Us > Our Operations > Acquisition and Project Management > Small Business > Small Business Toolbox > Small Business Sourcing System Small Business Sourcing System

318

Project Management and Systems Support | National Nuclear Security  

NLE Websites -- All DOE Office Websites (Extended Search)

Project Management and Systems Support | National Nuclear Security Project Management and Systems Support | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog Project Management and Systems Support Home > About Us > Our Operations > Acquisition and Project Management > Project Management and Systems Support Project Management and Systems Support Goal

319

Project Management and Systems Support | National Nuclear Security  

National Nuclear Security Administration (NNSA)

Project Management and Systems Support | National Nuclear Security Project Management and Systems Support | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog Project Management and Systems Support Home > About Us > Our Operations > Acquisition and Project Management > Project Management and Systems Support Project Management and Systems Support Goal

320

Remote Access to the BNL Network, Cyber Security, Information Technology  

NLE Websites -- All DOE Office Websites (Extended Search)

Virtual Private Network (VPN) Virtual Private Network (VPN) at Brookhaven CryptoCard tokens (hard or soft) will not supported after December 31, 2010. Please switch to RSA SecurID tokens as soon as possible. Contact the ITD Helpdesk at x5522 (631-344-5522) or send an email to itdhelp@bnl.gov if you have questions or concerns. The VPN service allows remote users to securely access the Brookhaven internal network through their own personal Internet Service Provider, so that it appears as if their home computer is right on the BNL internal network. Requirements Some form of internet connectivity. Only BNL employees can access this service. You must have a RSA SecurID token. Desktop VPN Client Clientless VPN Obtain a RSA SecurID Token RSA SecurID User Guide Last Modified: September 23, 2013

Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


321

FISSEA - Federal Information Systems Security Educators' ...  

Science Conference Proceedings (OSTI)

... Newsletter Winner: Susan Farrand, Department of Energy Training Exercise ... Newsletter Winner (PDF): Rian Campbell, Federal Reserve Bank of ...

322

Information System Security Best Practices for UOCAVA ...  

Science Conference Proceedings (OSTI)

... software. The lifecycle of the hardware portion of a server or PC includes acquisition, modification, and decommissioning. ...

2011-09-15T23:59:59.000Z

323

Secure Systems Editors: Patrick McDaniel, mcdaniel@cse.psu.edu  

E-Print Network (OSTI)

the smartgrid technology. His research interests include network and systems security, telecommunications

McDaniel, Patrick Drew

324

INDUSTRIAL CONTROL SYSTEM CYBER SECURITY: QUESTIONS AND ANSWERS RELEVANT TO NUCLEAR FACILITIES, SAFEGUARDS AND SECURITY  

SciTech Connect

Typical questions surrounding industrial control system (ICS) cyber security always lead back to: What could a cyber attack do to my system(s) and; how much should I worry about it? These two leading questions represent only a fraction of questions asked when discussing cyber security as it applies to any program, company, business, or organization. The intent of this paper is to open a dialog of important pertinent questions and answers that managers of nuclear facilities engaged in nuclear facility security and safeguards should examine, i.e., what questions should be asked; and how do the answers affect an organization's ability to effectively safeguard and secure nuclear material. When a cyber intrusion is reported, what does that mean? Can an intrusion be detected or go un-noticed? Are nuclear security or safeguards systems potentially vulnerable? What about the digital systems employed in process monitoring, and international safeguards? Organizations expend considerable efforts to ensure that their facilities can maintain continuity of operations against physical threats. However, cyber threats particularly on ICSs may not be well known or understood, and often do not receive adequate attention. With the disclosure of the Stuxnet virus that has recently attacked nuclear infrastructure, many organizations have recognized the need for an urgent interest in cyber attacks and defenses against them. Several questions arise including discussions about the insider threat, adequate cyber protections, program readiness, encryption, and many more. These questions, among others, are discussed so as to raise the awareness and shed light on ways to protect nuclear facilities and materials against such attacks.

Robert S. Anderson; Mark Schanfein; Trond Bjornard; Paul Moskowitz

2011-07-01T23:59:59.000Z

325

Security Notice | Y-12 National Security Complex  

NLE Websites -- All DOE Office Websites (Extended Search)

Security Notice Security Notice Security Notice Security Information This website is part of a federal computer system used to accomplish federal functions. Y-12 uses software programs to monitor this website for security purposes to ensure it remains available to all users and to protect information in the system. By accessing this website, you are expressly consenting to these monitoring activities. Unauthorized attempts to defeat or circumvent security features; to use the system for other than intended purposes; to deny service to authorized users; to access, obtain, alter, damage, or destroy information; or otherwise to interfere with the system or its operation - all are prohibited. Evidence of such acts may be disclosed to law enforcement authorities and result in criminal prosecution under the Computer Fraud and

326

On Cyber Security for Networked Control Systems  

E-Print Network (OSTI)

on control systems . . . . . . . . . . . . . . . . 7.2control system. . . . . . . . . . . . . . . . . . . . . . . . . .8 Stabilization of Networked Control Systems using 8.1

Amin, Saurabh

2011-01-01T23:59:59.000Z

327

Crops reap benefits of Pantex irrigation system | National Nuclear Security  

National Nuclear Security Administration (NNSA)

Crops reap benefits of Pantex irrigation system | National Nuclear Security Crops reap benefits of Pantex irrigation system | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog The National Nuclear Security Administration Crops reap benefits of Pantex irrigation system Home > content > Crops reap benefits of Pantex irrigation system Crops reap benefits of Pantex irrigation system

328

Marine asset security and tracking (MAST) system  

DOE Patents (OSTI)

Methods and apparatus are described for marine asset security and tracking (MAST). A method includes transmitting identification data, location data and environmental state sensor data from a radio frequency tag. An apparatus includes a radio frequency tag that transmits identification data, location data and environmental state sensor data. Another method includes transmitting identification data and location data from a radio frequency tag using hybrid spread-spectrum modulation. Another apparatus includes a radio frequency tag that transmits both identification data and location data using hybrid spread-spectrum modulation.

Hanson, Gregory Richard (Clinton, TN); Smith, Stephen Fulton (Loudon, TN); Moore, Michael Roy (Corryton, TN); Dobson, Eric Lesley (Charleston, SC); Blair, Jeffrey Scott (Charleston, SC); Duncan, Christopher Allen (Marietta, GA); Lenarduzzi, Roberto (Knoxville, TN)

2008-07-01T23:59:59.000Z

329

Pressurized security barrier and alarm system  

DOE Patents (OSTI)

A security barrier for placement across a passageway is made up of interconnected pressurized tubing made up in a grid pattern with openings too small to allow passage. The tubing is connected to a pressure switch, located away from the barrier site, which activates an alarm upon occurrence of a pressure drop. A reinforcing bar is located inside and along the length of the tubing so as to cause the tubing to rupture and set off the alarm upon an intruder`s making an attempt to crimp and seal off a portion of the tubing by application of a hydraulic tool. Radial and rectangular grid patterns are disclosed.

Carver, D.W.

1994-12-31T23:59:59.000Z

330

Pressurized security barrier and alarm system  

DOE Patents (OSTI)

A security barrier for placement across a passageway is made up of interconnected pressurized tubing made up in a grid pattern with openings too small to allow passage. The tubing is connected to a pressure switch, located away from the barrier site, which activates an alarm upon occurrence of a pressure drop. A reinforcing bar is located inside and along the length of the tubing so as to cause the tubing to rupture and set off the alarm upon an intruder`s making an attempt to crimp and seal off a portion of the tubing by application of a hydraulic tool. Radial and rectangular grid patterns are disclosed. 7 figures.

Carver, D.W.

1995-04-11T23:59:59.000Z

331

Pressurized security barrier and alarm system  

DOE Patents (OSTI)

A security barrier for placement across a passageway is made up of interconnected pressurized tubing made up in a grid pattern with openings too small to allow passage. The tubing is connected to a pressure switch, located away from the barrier site, which activates an alarm upon occurrence of a pressure drop. A reinforcing bar is located inside and along the length of the tubing so as to cause the tubing to rupture and set off the alarm upon an intruder's making an attempt to crimp and seal off a portion of the tubing by application of a hydraulic tool. Radial and rectangular grid patterns are disclosed.

Carver, Don W. (Knoxville, TN)

1995-01-01T23:59:59.000Z

332

Cyber Security Through Science | More Science | ORNL  

NLE Websites -- All DOE Office Websites (Extended Search)

System-of-systems analysis Visualization tools for complex information Next-generation smart grid technologies Quantum computing, security, and data fusion For more information,...

333

Nevada National Security Site Cleanup Information Is Just a Click Away with  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Nevada National Security Site Cleanup Information Is Just a Click Nevada National Security Site Cleanup Information Is Just a Click Away with Computer Map, Database - New Interactive Map Makes NNSS Data More Accessible to the Public Nevada National Security Site Cleanup Information Is Just a Click Away with Computer Map, Database - New Interactive Map Makes NNSS Data More Accessible to the Public December 27, 2012 - 12:00pm Addthis Shown here is a screenshot of the interactive map, which makes Nevada National Security Site data more accessible to the public. Shown here is a screenshot of the interactive map, which makes Nevada National Security Site data more accessible to the public. LAS VEGAS, NV - For decades, the Nevada Site Office (NSO) has been investigating, characterizing, identifying, and performing corrective

334

Open Energy Information Systems  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

OpenEIS (energy information OpenEIS (energy information systems) Jessica Granderson Lawrence Berkeley National Laboratory JGranderson@lbl.gov, 510.486.6792 April 3, 2013 2 | Building Technologies Office eere.energy.gov Purpose & Objectives Problem Statement: Advanced algorithms and analyses can enable 5-40% savings, yet are rarely adopted; 3 relevant barriers include: 1. Lack of awareness that simple analytics can be used to generate valuable insights and actionable information, without further training

335

Open Energy Information Systems  

NLE Websites -- All DOE Office Websites (Extended Search)

OpenEIS (energy information OpenEIS (energy information systems) Jessica Granderson Lawrence Berkeley National Laboratory JGranderson@lbl.gov, 510.486.6792 April 3, 2013 2 | Building Technologies Office eere.energy.gov Purpose & Objectives Problem Statement: Advanced algorithms and analyses can enable 5-40% savings, yet are rarely adopted; 3 relevant barriers include: 1. Lack of awareness that simple analytics can be used to generate valuable insights and actionable information, without further training

336

Remote Access to the BNL Network, Cyber Security, Information...  

NLE Websites -- All DOE Office Websites (Extended Search)

Virtual Private Network (VPN) at Brookhaven CryptoCard tokens (hard or soft) will not supported after December 31, 2010. Please switch to RSA SecureID tokens as soon as possible....

337

How to Lock Your Computer, Cyber Security, Information Technology...  

NLE Websites -- All DOE Office Websites (Extended Search)

How to Lock Your Computer One way to increase security on your computer is to use a password-protected screen saver. All Brookhaven computers are now required to run a...

338

Current News and Information | National Nuclear Security Administratio...  

National Nuclear Security Administration (NNSA)

Y-12 Earn 11 R&D 100 Awards Jul 2, 2013 US, International Partners Remove Last Remaining HEU from Vietnam, Set Nuclear Security Milestone View All > Timeline Curious about NNSA...

339

Feature: Information Security, Business and the Internet - Part 2  

Science Conference Proceedings (OSTI)

This article considers the perception of a selected number of small to medium-sized enterprises towards the security problems of E-commerce. It emphasizes the need for common sense and personal responsibility of individual business users. The centralized ...

Clive Blatchford

2000-02-01T23:59:59.000Z

340

Information Management, Analytics & Optimization Services IMS Security Health Check Service Offering  

E-Print Network (OSTI)

Offering The IMS Security Health Check is a special service offering from the IMS Laboratory TechnicalInformation Management, Analytics & Optimization Services IMS Security Health Check Service two to three weeks after the conclusion of the on-site visit. · Service from the IMS Laboratory

Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


341

Climate Registry Information System | Open Energy Information  

Open Energy Info (EERE)

Climate Registry Information System Climate Registry Information System Jump to: navigation, search Tool Summary LAUNCH TOOL Name: Climate Registry Information System Agency/Company /Organization: The Climate Registry Sector: Climate Focus Area: Greenhouse Gas Phase: Determine Baseline, Evaluate Effectiveness and Revise as Needed Resource Type: Online calculator User Interface: Website Website: www.theclimateregistry.org/climate-registry-information-system-cris/ Web Application Link: www.theclimateregistry.org/climate-registry-information-systhttps://ww Cost: Free References: General Reporting Protocol[1] The Climate Registry Information System (CRIS) is the official online greenhouse gas calculation, reporting, and verifcation tool for The Climate Registry, a North American registry through which members voluntarily

342

Computational Systems & Software Environment | National Nuclear Security  

National Nuclear Security Administration (NNSA)

Computational Systems & Software Environment | National Nuclear Security Computational Systems & Software Environment | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog CSSE Computational Systems & Software Environment Home > About Us > Our Programs > Defense Programs > Future Science & Technology Programs > Office of Advanced Simulation and Computing and

343

Using Multiple Unmanned Systems for a Site Security Task  

SciTech Connect

Unmanned systems are often used to augment the ability of humans to perform challenging tasks. While the value of individual unmanned vehicles have been proven for a variety of tasks, it is less understood how multiple unmanned systems should be used together to accomplish larger missions such as site security. The purpose of this paper is to discuss efforts by researchers at the Idaho National Laboratory (INL) to explore the utility and practicality of operating multiple unmanned systems for a site security mission. This paper reviews the technology developed for a multi-agent mission and summarizes the lessons-learned from a technology demonstration.

Matthew O. Anderson; Curtis W. Nielsen; Mark D. McKay; Derek C. Wadsworth; Ryan C. Hruska; John A. Koudelka

2009-04-01T23:59:59.000Z

344

Argonne Team Challenges Physical Security  

NLE Websites -- All DOE Office Websites (Extended Search)

Engineering & Systems Analysis Engineering & Systems Analysis Success Stories For further information, contact Roger Johnston, rogerj@anl.gov "Real security is thinking like the bad guys," maintains Roger Johnston, head of Argonne's VAT. Argonne Team Challenges Physical Security Physical security-the art of protecting tangible assets-is the counterpart to cyber security. Physical security can take the form of locks, tamper-indicating seals, guards who stand watch

345

Secure Domain Name System (DNS) Deployment Guide  

Science Conference Proceedings (OSTI)

... developed on the basis of analysis of operating ... determine whether it has the information regarding the ... server for the zone marketing.example.com ...

2013-09-19T23:59:59.000Z

346

InkTag: secure applications on an untrusted operating system  

Science Conference Proceedings (OSTI)

InkTag is a virtualization-based architecture that gives strong safety guarantees to high-assurance processes even in the presence of a malicious operating system. InkTag advances the state of the art in untrusted operating systems in both the design ... Keywords: application protection, paraverification, virtualization-based security

Owen S. Hofmann; Sangman Kim; Alan M. Dunn; Michael Z. Lee; Emmett Witchel

2013-04-01T23:59:59.000Z

347

A secure monitoring and control system for Wireless Sensor Networks  

Science Conference Proceedings (OSTI)

The maintenance of Wireless Sensor Networks (WSNs) can carry high or prohibitive costs, particularly, if the WSN is deployed in unattended areas. Secure monitoring and control of the WSN is vital, however, practical systems are rare and limited with ... Keywords: Monitoring,Wireless sensor networks,Control systems,Intrusion detection,Elliptic curve cryptography

Michael Riecker, Rainer Thome, Dingwen Yuan, Matthias Hollick

2012-10-01T23:59:59.000Z

348

Control Systems Security News Archive | Department of Energy  

NLE Websites -- All DOE Office Websites (Extended Search)

News Archive News Archive Control Systems Security News Archive Control Systems Security News Archive September 2010 - Secretary Chu Announces Latest Efforts to Address Cybersecurity August 2010: - DOE 2010 Cybersecurity Peer Review Update March 2010 - DOE and Industry Showcase New Control Systems Security Technologies at DistribuTECH Feb. 2010 - DOE Issues National Energy Sector Cyber Organization Notice of Intent Nov. 2009 - New TCIPG Research Program Builds on Past Successes with Nearly $18.8 Million DOE Award October 2009 - DOE NSTB researchers demonstrated R&D successes to asset owners at EnergySec Conference September 2009 - ISA approves standard for wireless automation in process control applications Sept. 2009 - Government and Industry a Force for Collaboration at the

349

The Mobil Integrated C{sup 3} (command control and communications) and Security System  

SciTech Connect

The current political and economic situations suggest that significant reductions of nuclear forces outside the US will continue. This implies that in times of crisis the rapid deployment of nuclear weapons into a theater may be required. This paper describes a proposed Mobile Integrated C{sup 3} and Security System (MICSS). The MICSS, together with associated personnel, could satisfy the command and control and security requirements of a deployed nuclear operation. Rapid deployment poses unique nuclear weapon surety difficulties that must be overcome for the operation to be effective and survivable. The MICSS must be portable, reliable, limited in size, and easily emplaced to facilitate movement, reduce the possibility of detection, and minimize manpower requirements. The MICSS will be based on existing technology. Sandia has designed prototype mobile command centers for the military. These command centers are based on an approach that stresses modularity, standards, and the use of an open architecture. Radio, telephone, satellite communications, communication security, and global positioning system equipment has been successfully integrated into the command centers. Sandia is also supporting the development of portable security systems for the military. These systems are rapidly deployable and mission flexible and are capable of intrusion detection, area and alarm display, night assessment, and wireless sensor communications. This paper is organized as follows: Background information about the prototype mobile command centers will be presented first. Background information about portable security systems concepts will then be given. Next, an integrated communications and security system will be presented, and finally, the design and status of a prototype MICSS will be described.

Eras, A.; Brown, R.D.

1993-06-15T23:59:59.000Z

350

THE DEPARTMENT'S UNCLASSIFIED CYBER SECURITY PROGRAM, IG-0519...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

THE DEPARTMENT'S UNCLASSIFIED CYBER SECURITY PROGRAM, IG-0519 THE DEPARTMENT'S UNCLASSIFIED CYBER SECURITY PROGRAM, IG-0519 Protecting unclassified information systems continues to...

351

Use of a hybrid technology in a critical security system.  

SciTech Connect

Assigning an acceptable level of power reliability in a security system environment requires a methodical approach to design when considering the alternatives tied to the reliability and life of the system. The downtime for a piece of equipment, be it for failure, routine maintenance, replacement, or refurbishment or connection of new equipment is a major factor in determining the reliability of the overall system. In addition to these factors is the condition where the system is static or dynamic in its growth. Most highly reliable security power source systems are supplied by utility power with uninterruptable power source (UPS) and generator backup. The combination of UPS and generator backup with a reliable utility typically provides full compliance to security requirements. In the energy market and from government agencies, there is growing pressure to utilize alternative sources of energy other than fossil fuel to increase the number of local generating systems to reduce dependence on remote generating stations and cut down on carbon effects to the environment. There are also conditions where a security system may be limited on functionality due to lack of utility power in remote locations. One alternative energy source is a renewable energy hybrid system including a photovoltaic or solar system with battery bank and backup generator set. This is a viable source of energy in the residential and commercial markets where energy management schemes can be incorporated and systems are monitored and maintained regularly. But, the reliability of this source could be considered diminished when considering the security system environment where stringent uptime requirements are required.

Scharmer, Carol; Trujillo, David J.

2010-08-01T23:59:59.000Z

352

Use of a hybrid technology in a critical security system.  

SciTech Connect

Assigning an acceptable level of power reliability in a security system environment requires a methodical approach to design when considering the alternatives tied to the reliability and life of the system. The downtime for a piece of equipment, be it for failure, routine maintenance, replacement, or refurbishment or connection of new equipment is a major factor in determining the reliability of the overall system. In addition to these factors is the condition where the system is static or dynamic in its growth. Most highly reliable security power source systems are supplied by utility power with uninterruptable power source (UPS) and generator backup. The combination of UPS and generator backup with a reliable utility typically provides full compliance to security requirements. In the energy market and from government agencies, there is growing pressure to utilize alternative sources of energy other than fossil fuel to increase the number of local generating systems to reduce dependence on remote generating stations and cut down on carbon effects to the environment. There are also conditions where a security system may be limited on functionality due to lack of utility power in remote locations. One alternative energy source is a renewable energy hybrid system including a photovoltaic or solar system with battery bank and backup generator set. This is a viable source of energy in the residential and commercial markets where energy management schemes can be incorporated and systems are monitored and maintained regularly. But, the reliability of this source could be considered diminished when considering the security system environment where stringent uptime requirements are required.

Trujillo, David J.

2010-10-01T23:59:59.000Z

353

Training programs for the systems approach to nuclear security.  

Science Conference Proceedings (OSTI)

In support of the US Government and the International Atomic Energy Agency (IAEA) Nuclear Security Programmes, Sandia National Laboratories (SNL) has advocated and practiced a risk-based, systematic approach to nuclear security. The risk equation has been implemented as the basis for a performance methodology for the design and evaluation of Physical Protection Systems against a Design Basis Threat (DBT) for theft or sabotage of nuclear and/or radiological materials. Since integrated systems must include people as well as technology and the man-machine interface, a critical aspect of the human element is to train all stakeholders in nuclear security on the systems approach. Current training courses have been beneficial but are still limited in scope. SNL has developed two primary international courses and is completing development of three new courses that will be offered and presented in the near term. In the long-term, SNL envisions establishing a comprehensive nuclear security training curriculum that will be developed along with a series of forthcoming IAEA Nuclear Security Series guidance documents.

Ellis, Doris E.

2005-07-01T23:59:59.000Z

354

Process Control System Cyber Security Standards - An Overview  

Science Conference Proceedings (OSTI)

The use of cyber security standards can greatly assist in the protection of critical infrastructure by providing guidelines and requisite imperatives in the implementation of computer-controlled systems. These standards are most effective when the engineers and operators using the standards understand what each of the standards addresses and does not address. This paper provides a review and comparison of ten documents dealing with control system cyber security. It is not meant to be a complete treatment of all applicable standards; rather, this is an exemplary analysis showing the benefits of comparing and contrasting differing documents.

Robert P. Evans; V Stanley Scown; Rolf Carlson; Shabbir Shamsuddin; George Shaw; Jeff Dagle; Paul W Oman; Jeannine Schmidt

2005-10-01T23:59:59.000Z

355

Consistency-based System Security Techniques  

E-Print Network (OSTI)

terminates the operation of the wireless system that isDuring the operation mode of the wireless system when theHT-embedded wireless system enters the operation mode. The

Wei, Sheng

2013-01-01T23:59:59.000Z

356

Proxy Documentation, Cyber Security, Information Technology Division, ITD  

NLE Websites -- All DOE Office Websites (Extended Search)

Proxy Configuration Proxy Configuration Here you will find instructions for using the FTP and Web proxies. Keep in mind that depending on where you access the proxies from (whether you are inside or outside of the BNL network), the process will differ slightly. For FTP, you will not be required to enter any passwords to use the proxies while on the BNL network. However, when accessing the proxies from an outside network (e.g. anything not .bnl.gov), you will be required to authenticate using a RSA SecurID Token. If you do not already have one of these, please visit the RSA SecurID User Guide for instructions on obtaining one. Users who are only interested in configuring their web browsers need NOT bother with RSA SecurID, as the web proxies will not be needed when you are outside the BNL network.

357

Modeling Quantum Information Systems abstract  

Science Conference Proceedings (OSTI)

Paul E. Black and Andrew W. Lane, Modeling Quantum Information Systems, Proc. SPIE, Vol. 5436, Quantum Information ...

2013-05-07T23:59:59.000Z

358

Roadmap to Secure Control Systems in the Energy: Executive Summary  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Foreword Foreword T his document, the Roadmap to Secure Control Systems in the Energy Sector, outlines a coherent plan for improving cyber security in the energy sector. It is the result of an unprecedented collaboration between the energy sector and government to identify concrete steps to secure control systems used in the electricity, oil, and natural gas sectors over the next ten years. The Roadmap provides a strategic framework for guiding industry and government efforts based on a clear vision supported by goals and time-based milestones. It addresses the energy sector's most urgent challenges as well as longer-term needs and practices. A distinctive feature of this collaborative effort is the active involvement and leadership of energy asset owners and operators in developing the Roadmap content and priorities. The Roadmap synthesizes

359

Geographic Information System | Open Energy Information  

Open Energy Info (EERE)

Geographic Information System Geographic Information System Jump to: navigation, search GEOTHERMAL ENERGYGeothermal Home Exploration Technique: Geographic Information System Details Activities (24) Areas (11) Regions (4) NEPA(0) Exploration Technique Information Exploration Group: Data and Modeling Techniques Exploration Sub Group: Data Techniques Parent Exploration Technique: Data Techniques Information Provided by Technique Lithology: Any mapable information Stratigraphic/Structural: Any mapable information Hydrological: Any mapable information Thermal: Any mapable information Cost Information Low-End Estimate (USD): 70.007,000 centUSD 0.07 kUSD 7.0e-5 MUSD 7.0e-8 TUSD / hour Median Estimate (USD): 80.008,000 centUSD 0.08 kUSD 8.0e-5 MUSD 8.0e-8 TUSD / hour High-End Estimate (USD): 150.0015,000 centUSD

360

NIM (NERSC Information Management) system  

NLE Websites -- All DOE Office Websites (Extended Search)

NERSC Information Management (NIM) portal The NERSC Information Management (NIM) system is a web portal used to view and modify user account, usage, and allocations information....

Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


361

DOE/CX-00007 CATEGORICAL EXCLUSION SAFEGUARDS AND SECURITY ENHANCED ASSESSMENT SYSTEM  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

07 07 CATEGORICAL EXCLUSION SAFEGUARDS AND SECURITY ENHANCED ASSESSMENT SYSTEM (PROJECT S-221) HANFORD SITE, RICHLAND, WASHINGTON PROPOSED ACTION The U.S. Department of Energy (DOE) proposes to install six wooden utility poles to support the safeguards and security enhanced assessment system. LOCATION OF ACTION The locations of the proposed action are generally within and around 200 East Area of the Hanford Site. The specific locations cannot be disclosed due to their safeguards and security related nature, and the locations have been designated Official Use Only. It is the policy of the DOE to make records available to the public to the greatest extent possible, in keeping with the spirit of the Freedom of Information Act (FOIA), while at the same time

362

Security Assistance | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Security Assistance Security Assistance Security Assistance Welcome to Security Assistance Samuel N. Callahan, Director Mission and Functions The Office of Health, Safety, and Security (HSS) created the Office of Security Assistance Program to provide timely technical assistance and system support to field and Headquarters elements to enhance site security programs, upon request. The program is comprised of technologists and subject matter experts from all security disciplines including Program Management, Protection Program Operations, Information Security, Materials Control and Accountability, and Personnel Security. HSS is committed to building a security assistance program to serve the interests of the Department based upon the needs of our customers - with emphasis on customer-focus and meeting multi-disciplinary security needs. In Fiscal

363

Office of Security Assistance  

NLE Websites -- All DOE Office Websites (Extended Search)

Security Security Home Sub Offices › Security Policy › Security Assistance › Departmental Personnel Security Mission & Functions › Security Policy › Security Assistance › Departmental Personnel Security Human Reliability Program (HRP) Guidance Documents Security Technology Information Archive (STIA) Related Links › DOE › DOE CIO › NNSA › DOE CFO › NTC › S&S PIR Contact Us HSS Logo Director's Perspective Welcome to the Office of Security Assistance Samuel N. Callahan, Director Mission and Functions The Office of Health, Safety, and Security (HSS) created the Office of Security Assistance Program to provide timely technical assistance and system support to field and Headquarters elements to enhance site security programs, upon request. The program is comprised of technologists and subject matter experts from all security disciplines including Program Management, Protection Program Operations, Information Security, Materials Control and Accountability, and Personnel Security. HSS is committed to building a security assistance program to serve the interests of the Department based upon the needs of our customers - with emphasis on customer-focus and meeting multi-disciplinary security needs. In Fiscal Year 2007, HSS performed extensive assistance activities at the request of DOE/NNSA program offices and field sites. The activities ranged from special and routine site survey assistance, physical and technical security inspections in support of the Office of Intelligence, Vulnerability Assessment and Design Basis Threat (DBT) implementation assistance, third-party, adversary support, and DBT implementation and planning validation activities associated with the Site Assistance Visits and Technology Assistance Visits. The security assistance provided to our customers included technical expertise tailored to augment site capabilities in critical fields.

364

Training Management Information System  

Science Conference Proceedings (OSTI)

The Training Management Information System (TMIS) is an integrated information system for all training related activities. TMIS is at the leading edge of training information systems used in the nuclear industry. The database contains all the necessary records to confirm the department's adherence to accreditation criteria and houses all test questions, student records and information needed to evaluate the training process. The key to the TMIS system is that the impact of any change (i.e., procedure change, new equipment, safety incident in the commercial nuclear industry, etc.) can be tracked throughout the training process. This ensures the best training can be performed that meets the needs of the employees. TMIS is comprised of six functional areas: Job and Task Analysis, Training Materials Design and Development, Exam Management, Student Records/Scheduling, Evaluation, and Commitment Tracking. The system consists of a VAX 6320 Cluster with IBM and MacIntosh computers tied into an ethernet with the VAX. Other peripherals are also tied into the system: Exam Generation Stations to include mark sense readers for test grading, Production PC's for Desk-Top Publishing of Training Material, and PC Image Workstations. 5 figs.

Rackley, M.P.

1989-01-01T23:59:59.000Z

365

Revision 1 Glossary of Key Information Security Terms  

E-Print Network (OSTI)

We have received numerous requests to provide a summary glossary for our publications and other relevant sources, and to make the glossary available to practitioners. As a result of these requests, this glossary of common security terms has been extracted from NIST Federal

Richard Kissel; Patrick D. Gallagher; Director Introduction

2011-01-01T23:59:59.000Z

366

Secure distribution of confidential information via self-destructing data  

Science Conference Proceedings (OSTI)

Control and ownership of data is difficult in any environment and with the increase in electronic data and records, the need to maintain ownership and control redistribution of data is becoming increasingly important. We propose a first-level protection ... Keywords: computer networks, data retrieval, data security

Jason Croft; Robert Signorile

2009-11-01T23:59:59.000Z

367

NERSC Increases System Storage and Security for Users  

NLE Websites -- All DOE Office Websites (Extended Search)

Increases Increases System Storage and Security for Users NERSC Increases System Storage and Security for Users April 28, 2009 Franklin Upgrades Improve I/O Performance Throughout the month of March the Cray XT4 machine Franklin underwent a series of upgrades and improvements, including a major I/O upgrade. The disk capacity of the scratch file system was increased by 30% to 460 TB, and the I/O bandwidth was nearly tripled to an aggregate write performance of 32 GB/sec, compared to 11 GB/s before the upgrade. Instead of adding the new hardware to the existing scratch file system, NERSC chose to implement a second scratch file system so that Franklin now has two scratch file systems, each with a peak write bandwidth of 16 GB/sec. "We doubled the amount of I/O hardware and nearly tripled the bandwidth,

368

T3: Secure, Scalable, Distributed Data Movement and Remote System Control for Enterprise Level Cyber Security  

Science Conference Proceedings (OSTI)

Enterprise level cyber security requires the deployment, operation, and monitoring of many sensors across geographically dispersed sites. Communicating with the sensors to gather data and control behavior is a challenging task when the number of sensors is rapidly growing. This paper describes the system requirements, design, and implementation of T3, the third generation of our transport software that performs this task. T3 relies on open source software and open Internet standards. Data is encoded in MIME format messages and transported via NNTP, which provides scalability. OpenSSL and public key cryptography are used to secure the data. Robustness and ease of development are increased by defining an internal cryptographic API, implemented by modules in C, Perl, and Python. We are currently using T3 in a production environment. It is freely available to download and use for other projects.

Thomas, Gregory S.; Nickless, William K.; Thiede, David R.; Gorton, Ian; Pitre, Bill J.; Christy, Jason E.; Faultersack, Elizabeth M.; Mauth, Jeffery A.

2009-07-20T23:59:59.000Z

369

Secure Manufacturing | Y-12 National Security Complex  

NLE Websites -- All DOE Office Websites (Extended Search)

Secure Secure Manufacturing Secure Manufacturing The depth and breadth of Y-12's manufacturing capabilities and expertise enable Y-12 to address current and emerging national security challenges by providing leadership and direction to perform the following activities: solving unique, high-risk manufacturing problems; eliminating the most difficult manufacturability and development obstacles; protecting classified and proprietary materials, components, and information; developing unique technologies to optimize manufacturing and systems performance; and executing projects cost effectively and with timeliness. Y-12 accomplishes this mission to meet the national security challenges of today and those of the future, with capability and expertise in the following areas:

370

Critical issues in process control system security : DHS spares project.  

SciTech Connect

The goals of this event are: (1) Discuss the next-generation issues and emerging risks in cyber security for control systems; (2) Review and discuss common control system architectures; (3) Discuss the role of policy, standards, and supply chain issues; (4) Interact to determine the most pertinent risks and most critical areas of the architecture; and (5) Merge feedback from Control System Managers, Engineers, IT, and Auditors.

Hernandez, Jacquelynne; McIntyre, Annie; Henrie, Morgan

2010-10-01T23:59:59.000Z

371

Towards secure multi-sited transactional revision control systems  

Science Conference Proceedings (OSTI)

Version control systems play a very important role in maintaining the revision history of software and facilitating software evolution. As the software development process is gradually taking the form of a collaborative effort among several teams hosted ... Keywords: Configuration management, Security, Transaction processing, Version control

Junxing Zhang; Indrajit Ray

2007-03-01T23:59:59.000Z

372

Towards a secure Frequency Monitoring NETwork (FNET) system  

Science Conference Proceedings (OSTI)

Reactive and real-time wide area monitoring systems (WAMS), such as the Frequency Monitoring NETwork (FNET) developed at Virginia Tech, allow for the gathering of frequency data throughout the entire power grid. FNET uses the Internet as a communication ... Keywords: FNET, Smart Grid, cyber security

Joseph L. McDaniel; Ambareen Siraj

2010-04-01T23:59:59.000Z

373

DOE/DHS INDUSTRIAL CONTROL SYSTEM CYBER SECURITY PROGRAMS: A MODEL FOR USE IN NUCLEAR FACILITY SAFEGUARDS AND SECURITY  

SciTech Connect

Many critical infrastructure sectors have been investigating cyber security issues for several years especially with the help of two primary government programs. The U.S. Department of Energy (DOE) National SCADA Test Bed and the U.S. Department of Homeland Security (DHS) Control Systems Security Program have both implemented activities aimed at securing the industrial control systems that operate the North American electric grid along with several other critical infrastructure sectors (ICS). These programs have spent the last seven years working with industry including asset owners, educational institutions, standards and regulating bodies, and control system vendors. The programs common mission is to provide outreach, identification of cyber vulnerabilities to ICS and mitigation strategies to enhance security postures. The success of these programs indicates that a similar approach can be successfully translated into other sectors including nuclear operations, safeguards, and security. The industry regulating bodies have included cyber security requirements and in some cases, have incorporated sets of standards with penalties for non-compliance such as the North American Electric Reliability Corporation Critical Infrastructure Protection standards. These DOE and DHS programs that address security improvements by both suppliers and end users provide an excellent model for nuclear facility personnel concerned with safeguards and security cyber vulnerabilities and countermeasures. It is not a stretch to imagine complete surreptitious collapse of protection against the removal of nuclear material or even initiation of a criticality event as witnessed at Three Mile Island or Chernobyl in a nuclear ICS inadequately protected against the cyber threat.

Robert S. Anderson; Mark Schanfein; Trond Bjornard; Paul Moskowitz

2011-07-01T23:59:59.000Z

374

T-582: RSA systems has resulted in certain information being extracted from  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: RSA systems has resulted in certain information being 2: RSA systems has resulted in certain information being extracted from RSA systems that relates to RSA SecurID T-582: RSA systems has resulted in certain information being extracted from RSA systems that relates to RSA SecurID March 17, 2011 - 11:45pm Addthis PROBLEM: Recently EMC's security systems identified an extremely sophisticated cyber attack in progress, targeting their RSA business unit. RSA took a variety of aggressive measures against the threat to protect their business and their customers, including further hardening of their IT infrastructure. PLATFORM: RSA SecurID implementations ABSTRACT: RSA investigation has revealed that the attack resulted in certain information being extracted from RSA's systems. Some of that information is related to RSA's SecurID two-factor authentication products.

375

Bellingham, Washington, Control System Cyber Security Case ...  

Science Conference Proceedings (OSTI)

... of software used on the Olympic system was shipped to Houston to allow the ... site, the maximum bandwidth of the communication channel and the ...

2007-10-24T23:59:59.000Z

376

Towards Security of Integrated Enterprise Systems ...  

Science Conference Proceedings (OSTI)

... corrective actions (Merit Projecta 98, p. 8). The enterprise system management framework should include an object repository (Yankee 97, p.2 ...

1999-11-05T23:59:59.000Z

377

SRS upgrades helium recovery system | National Nuclear Security  

NLE Websites -- All DOE Office Websites (Extended Search)

upgrades helium recovery system | National Nuclear Security upgrades helium recovery system | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog Home > NNSA Blog > SRS upgrades helium recovery system SRS upgrades helium recovery system Posted By Office of Public Affairs Savannah River Site (SRS) Tritium Programs recently completed a project to design, build and relocate a new system for separating and capturing

378

Proceedings of the 2006 IEEE Workshop on Information Assurance and Security  

E-Print Network (OSTI)

Military Academy, West Point, NY, 21­23 June 2006 PalProtect: A Collaborative Security Approach to Comment the design and implementation of PalPro- tect, a plug-in for the popular WordPress blogging soft- ware. PalProtect of peers. PalProtect is a concrete example of a collaborative security system. II. Related Work

Locasto, Michael E.

379

Security problems with a SC-CNN-based Chaotic Masking Secure Communication System  

E-Print Network (OSTI)

This paper studies the security of a chaotic cryptosystem based on the Chua circuit and implemented with State Controlled Cellular Neural Networks. It is shown that the plaintext can be retrieved by ciphertext band-pass filtering after an imperfect decoding with wrong receiver parameters. It is also shown that the key space of the system can be notably reduced easing a brute force attack. The system parameters were determined with high precision through the analysis of the decoding error produced by the mismatch between receiver and transmitter parameters.

A. B. Orue; G. Alvarez; F. Montoya; C. Sanchez-Avila

2007-06-20T23:59:59.000Z

380

Countering automated exploits with system security CAPTCHAS  

Science Conference Proceedings (OSTI)

Many users routinely log in to their system with system administrator privileges. This is especially true of home users. The advantage of this setup is that these users can do everything necessary to fulfil their tasks with the computer. The disadvantage ...

Dinan Gunawardena; Jacob Scott; Alf Zugenmaier; Austin Donnelly

2005-04-01T23:59:59.000Z

Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


381

EEO Complaints Information for Managers | National Nuclear Security...  

National Nuclear Security Administration (NNSA)

Complaints Information for Managers Home > About Us > Our Operations > Management and Budget > Office of Civil Rights > EEO Complaints Information for Managers EEO Complaints...

382

Information Systems Engineering Guidance (ISEG)  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Departmental Information Systems Engineering (DISE) Departmental Information Systems Engineering (DISE) Volume 1 Information Systems Engineering Lifecycle January 31, 2002 Software Quality and Systems Engineering Program Office of the Associate CIO of Architecture, Standards & Planning Office of the Chief Information Officer Title Page Document Series: Departmental Information Systems Engineering Document Name: Volume 1, Information Systems Engineering Lifecycle Publication Date: 01/31/02 Document Owner: Software Quality and Systems Engineering Program Office of the Associate CIO of Architecture, Standards & Planning The concepts and processes in this document are aligned with the DOE Information Management (IM) Strategic Plan Mission and Goals. The Information Management Mission is:

383

Security-Widefield, Colorado: Energy Resources | Open Energy Information  

Open Energy Info (EERE)

Security-Widefield, Colorado: Energy Resources Security-Widefield, Colorado: Energy Resources Jump to: navigation, search Equivalent URI DBpedia Coordinates 38.7640957°, -104.7404269° Loading map... {"minzoom":false,"mappingservice":"googlemaps3","type":"ROADMAP","zoom":14,"types":["ROADMAP","SATELLITE","HYBRID","TERRAIN"],"geoservice":"google","maxzoom":false,"width":"600px","height":"350px","centre":false,"title":"","label":"","icon":"","visitedicon":"","lines":[],"polygons":[],"circles":[],"rectangles":[],"copycoords":false,"static":false,"wmsoverlay":"","layers":[],"controls":["pan","zoom","type","scale","streetview"],"zoomstyle":"DEFAULT","typestyle":"DEFAULT","autoinfowindows":false,"kml":[],"gkml":[],"fusiontables":[],"resizable":false,"tilt":0,"kmlrezoom":false,"poi":true,"imageoverlays":[],"markercluster":false,"searchmarkers":"","locations":[{"text":"","title":"","link":null,"lat":38.7640957,"lon":-104.7404269,"alt":0,"address":"","icon":"","group":"","inlineLabel":"","visitedicon":""}]}

384

Office of Headquarters Security Operations: Headquarters Security...  

NLE Websites -- All DOE Office Websites (Extended Search)

Headquarters Security Operations Home Sub Offices HQ Security Officers (HSO) Program Office of Information Security Office of Headquarters Personnel Office of...

385

Asbestos : operating system security for mobile devices  

E-Print Network (OSTI)

This thesis presents the design and implementation of a port of the Asbestos operating system to the ARM processor. The port to the ARM allows Asbestos to run on mobile devices such as cell phones and personal digital ...

Stevenson, Martijn

2006-01-01T23:59:59.000Z

386

Photovoltaic Geographical Information System | Open Energy Information  

Open Energy Info (EERE)

Photovoltaic Geographical Information System Photovoltaic Geographical Information System Jump to: navigation, search Tool Summary LAUNCH TOOL Name: Photovoltaic Geographical Information System Focus Area: Renewable Energy Topics: Opportunity Assessment & Screening Website: re.jrc.ec.europa.eu/pvgis/ Equivalent URI: cleanenergysolutions.org/content/photovoltaic-geographical-information Language: English Policies: Deployment Programs DeploymentPrograms: Demonstration & Implementation This tool provides a geographical inventory of solar energy resources and an assessment of the electricity generation from photovoltaic systems in Europe, Africa, and southwest Asia. The tools allows for analysis of the technical, environmental, and socio-economic factors of solar electricity generation. Users may access maps and posters generated using the tool, as

387

Secure Video Surveillance System (SVSS) for unannounced safeguards inspections.  

Science Conference Proceedings (OSTI)

The Secure Video Surveillance System (SVSS) is a collaborative effort between the U.S. Department of Energy (DOE), Sandia National Laboratories (SNL), and the Brazilian-Argentine Agency for Accounting and Control of Nuclear Materials (ABACC). The joint project addresses specific requirements of redundant surveillance systems installed in two South American nuclear facilities as a tool to support unannounced inspections conducted by ABACC and the International Atomic Energy Agency (IAEA). The surveillance covers the critical time (as much as a few hours) between the notification of an inspection and the access of inspectors to the location in facility where surveillance equipment is installed. ABACC and the IAEA currently use the EURATOM Multiple Optical Surveillance System (EMOSS). This outdated system is no longer available or supported by the manufacturer. The current EMOSS system has met the project objective; however, the lack of available replacement parts and system support has made this system unsustainable and has increased the risk of an inoperable system. A new system that utilizes current technology and is maintainable is required to replace the aging EMOSS system. ABACC intends to replace one of the existing ABACC EMOSS systems by the Secure Video Surveillance System. SVSS utilizes commercial off-the shelf (COTS) technologies for all individual components. Sandia National Laboratories supported the system design for SVSS to meet Safeguards requirements, i.e. tamper indication, data authentication, etc. The SVSS consists of two video surveillance cameras linked securely to a data collection unit. The collection unit is capable of retaining historical surveillance data for at least three hours with picture intervals as short as 1sec. Images in .jpg format are available to inspectors using various software review tools. SNL has delivered two SVSS systems for test and evaluation at the ABACC Safeguards Laboratory. An additional 'proto-type' system remains at SNL for software and hardware testing. This paper will describe the capabilities of the new surveillance system, application and requirements, and the design approach.

Galdoz, Erwin G. (Brazilian-Argentine Agency for Accounting and Control of Nuclear Materials (ABACC), Rio de Janeiro, Brazil); Pinkalla, Mark

2010-09-01T23:59:59.000Z

388

Measuring network security using dynamic bayesian network  

Science Conference Proceedings (OSTI)

Given the increasing dependence of our societies on networked information systems, the overall security of these systems should be measured and improved. Existing security metrics have generally focused on measuring individual vulnerabilities without ... Keywords: attack graph, intrusion detection, security, security metric

Marcel Frigault; Lingyu Wang; Anoop Singhal; Sushil Jajodia

2008-10-01T23:59:59.000Z

389

Improving security applications using indoor location systems on wireless sensor networks  

Science Conference Proceedings (OSTI)

One of the fields in which companies are investing more money is security, either personal security to avoid industrial accidents or security against intrusions. There is also the huge effort that the scientific community is doing developing all required ... Keywords: IEEE 802.15.4, ILS, indoor location systems, security applications, wireless sensor networks

Josep Paradells; Jordi Vilaseca; Jordi Casademont

2009-01-01T23:59:59.000Z

390

Communications Security Analysis for Control System Networks: Preliminary Report  

Science Conference Proceedings (OSTI)

Communications capabilities in the control system network are expanding and security issues are becoming more important as the electric power industry migrates from relatively slow, serial communications to high-speed, asynchronous communications. This report surveys current and evolving wired and wireless high-speed communication technologies to create a roadmap for planning control system network upgrades before regulation or equipment obsolescence and reliability concerns become issues. Technologies s...

2007-02-15T23:59:59.000Z

391

Framework for Evaluating Cyber Security Posture for Power Delivery Systems  

Science Conference Proceedings (OSTI)

While many asset owners and operators are performing self-assessments of their control systems, the methods used vary widely across the electric sector. This lack of consistent criteria and metrics makes it difficult to benchmark and compare the cyber security posture of power delivery systems.The objective of this technical update is to develop an evaluation framework that uses both the Department of Energy (DOE) Electricity Subsector Cybersecurity Capability Maturity Model (ES-C2M2) ...

2013-11-28T23:59:59.000Z

392

Security and Privacy Notice  

NLE Websites -- All DOE Office Websites (Extended Search)

Security and Privacy Notice Security and Privacy Notice Thank you for visiting the Office of Health, Safety and Security (HSS) web site and reviewing our position on security and privacy. SECURITY NOTICE This web site is part of a Federal computer system and is the property of the United States Government. It is for authorized use only. The Department of Energy monitors this web site for security purposes to ensure it remains available and to protect information in the system. The Department of Energy uses software programs and additional equipment to monitor network traffic to identify unauthorized attempts to access, obtain, alter, damage or destroy information, or otherwise to interfere with the system or its operation. Any and all uses of this system and all files on this system

393

Newsletters | National Nuclear Security Administration  

National Nuclear Security Administration (NNSA)

Newsletters Home > About Us > Our Programs > Nuclear Security > Nuclear Materials Management & Safeguards System > NMMSS Information, Reports & Forms > Newsletters Newsletters U.S....

394

Secure Data Center (Fact Sheet)  

DOE Green Energy (OSTI)

This fact sheet describes the purpose, lab specifications, applications scenarios, and information on how to partner with NREL's Secure Data Center at the Energy Systems Integration Facility.

Not Available

2012-08-01T23:59:59.000Z

395

Cyber and Network Security Homepage  

Science Conference Proceedings (OSTI)

Cyber and Network Security. Cyber and network security is focused on ensuring three security objectives of information ...

2010-10-05T23:59:59.000Z

396

Nuclear criticality information system  

SciTech Connect

The nuclear criticality safety program at LLNL began in the 1950's with a critical measurements program which produced benchmark data until the late 1960's. This same time period saw the rapid development of computer technology useful for both computer modeling of fissile systems and for computer-aided management and display of the computational benchmark data. Database management grew in importance as the amount of information increased and as experimental programs were terminated. Within the criticality safety program at LLNL we began at that time to develop a computer library of benchmark data for validation of computer codes and cross sections. As part of this effort, we prepared a computer-based bibliography of criticality measurements on relatively simple systems. However, it is only now that some of these computer-based resources can be made available to the nuclear criticality safety community at large. This technology transfer is being accomplished by the DOE Technology Information System (TIS), a dedicated, advanced information system. The NCIS database is described.

Koponen, B.L.; Hampel, V.E.

1981-11-30T23:59:59.000Z

397

Application of autonomic agents for global information grid management and security  

Science Conference Proceedings (OSTI)

In the near future, the U.S. DoD will activate a newly created Global Information Grid (GIG) providing an agile, robust, interoperable and collaborative communication network. This GIG is viewed as the single most important contributor to combat power ... Keywords: autonomia, autonomic agents, global information grid, net-centric warfare, network security

Don P. Cox; Youssif Al-Nashif; Salim Hariri

2007-07-01T23:59:59.000Z

398

Integrated training for the Department of Energy stadnard security system  

SciTech Connect

Lawrence Livermore National Laboratory has been successful in designing and providing technical performance-based training for the Argus security system. This training has been developed for technical and operational staff at facilities installing or using the Argus security system. The Argus training program is designed to instruct candidates to become the trainers for their facilities. The design criteria of the Argus training program includes: Meeting orders of the Department of Energy and the Department of Defense, Being flexible for a changing environment, Customizing lessons to site`s needs, and Configuring for a specific job. The Argus training staff has implemented a successful process for designing and developing integrated training to sup port complex systems, each with its own operational needs, and adapting it to specific sites.

Wadsworth, M.

1997-06-01T23:59:59.000Z

399

Securing information gateways with derivation-constrained access control  

Science Conference Proceedings (OSTI)

In pervasive computing environments, information gateways derive specific information, such as a person's location, from raw data provided by a service, such as a videostream offered by a camera. Here, access control to confidential raw data provided ...

Urs Hengartner; Peter Steenkiste

2006-04-01T23:59:59.000Z

400

3-Year Renewal Request of OMB 1910-0818, Security, Information Request  

NLE Websites -- All DOE Office Websites (Extended Search)

HSS Topical Areas HSS Topical Areas Quality Assurance Enforcement / Oversight Environment HSS Outreach and Communications HSPD-12 Nuclear Materials Management & Safeguards System (NMMSS) HSS Internal Operations Council on Environmental Quality (CEQ) Office of Health, Safety and Security Collection Package Human Reliability Program OMB 1910-5122 Description of Collections 1. Human Reliability Program Certification (DOE F 470.3). Under the Department of Energy Human Reliability Program (HRP), individuals who are applicants for or incumbents in designated positions must be evaluated to ensure that they meet the requirements for certification in the program. This form documents that each part of the evaluation has been completed and records the determination by the HRP Certifying Official. The collection and documentation of this information is required by the HRP regulation found in the Code of Federal Regulations at 10 CFR 712. Form may be viewed at: http://energy.gov/cio/downloads/doe-f-4703

Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


401

Spatially Informed Plant PRA Models for Security Assessment  

SciTech Connect

Traditional risk models can be adapted to evaluate plant response for situations where plant systems and structures are intentionally damaged, such as from sabotage or terrorism. This paper describes a process by which traditional risk models can be spatially informed to analyze the effects of compound and widespread harsh environments through the use of 'damage footprints'. A 'damage footprint' is a spatial map of regions of the plant (zones) where equipment could be physically destroyed or disabled as a direct consequence of an intentional act. The use of 'damage footprints' requires that the basic events from the traditional probabilistic risk assessment (PRA) be spatially transformed so that the failure of individual components can be linked to the destruction of or damage to specific spatial zones within the plant. Given the nature of intentional acts, extensive modifications must be made to the risk models to account for the special nature of the 'initiating events' associated with deliberate adversary actions. Intentional acts might produce harsh environments that in turn could subject components and structures to one or more insults, such as structural, fire, flood, and/or vibration and shock damage. Furthermore, the potential for widespread damage from some of these insults requires an approach that addresses the impacts of these potentially severe insults even when they occur in locations distant from the actual physical location of a component or structure modeled in the traditional PRA. (authors)

Wheeler, Timothy A. [Sandia National Laboratories, PO Box 5800, Albuquerque, NM 87185 (United States); Thomas, Willard [Omicron Safety and Risk Technologies, Inc., 2500 Louisiana Boulevard, Suite 410. Albuquerque, NM 87110 (United States); Thornsbury, Eric [U.S. Nuclear Regulatory Commission, Washington, DC 20555-0001 (United States)

2006-07-01T23:59:59.000Z

402

Security assessment of power systems including energy storage. Progress report, July 1, 1978--September 30, 1978  

DOE Green Energy (OSTI)

Progress in assessing the security of power systems is reviewed. Further evaluation has been performed on the previously developed simplified model of the current-fed force-commutated converter (CFFCC). Validation studies were performed using the CFFCC as a control interface between a one-machine, three-bus power system equivalent and a superconducting magnetic energy storage device. The highlights of this investigation are reported. The identification of power system electromechanical models from systems measurements, with only normal load variation as a disturbing input, is being studied. A maximum liklihood estimation procedure has been partly developed. The procedure uses auto correlation information as an input rather than the observed time series.

Carroll, D.P.; Triezenberg, D.M.

1978-10-01T23:59:59.000Z

403

Agentc: Agent-based system for securing maritime transit  

E-Print Network (OSTI)

Recent rise in maritime piracy prompts the search for novel techniques for addressing the problem. We therefore developed AgentC, a prototype system that demonstrates how agent-based traffic management techniques can be used to improve the security of transit through piracy-affected areas. Combining agent-based modeling and simulation of maritime traffic and novel route planning and vessel scheduling techniques, the system shows the promising potential of agent-based methods for increasing maritime security. Real-world data sources Control and presentation interface (Google Earth) Route planning and scheduling Optimum group transit formation Maritime traffic simulation Maritime environment model Randomized transit routing FSM-based vessel behavior models Optimum transit patrolling Inter-agent communication channels

Michal Jakob; Branislav Boansk; Michal P?chou?ek

2011-01-01T23:59:59.000Z

404

Definition: Geographic Information System | Open Energy Information  

Open Energy Info (EERE)

Geographic Information System Geographic Information System Jump to: navigation, search Dictionary.png Geographic Information System A GIS is an organized collection of computer hardware, software, geographic data, and personnel designed to efficiently capture, store, update, manipulate, analyze, and display all forms of geographically referenced information[1] View on Wikipedia Wikipedia Definition References ↑ http://ciesin.columbia.edu/docs/005-331/005-331.html Ret LikeLike UnlikeLike You like this.Sign Up to see what your friends like. rieved from "http://en.openei.org/w/index.php?title=Definition:Geographic_Information_System&oldid=579407" Category: Definitions What links here Related changes Special pages Printable version Permanent link Browse properties 429 Throttled (bot load)

405

Drilling Waste Management Information System  

NLE Websites -- All DOE Office Websites (Extended Search)

The Drilling Waste Management Information System is an online resource for technical and regulatory information on practices for managing drilling muds and cuttings, including...

406

Security analysis of communication system based on the synchronization of different order chaotic systems  

E-Print Network (OSTI)

This work analyzes the security weakness of a recently proposed communication method based on chaotic modulation and masking using synchronization of two chaotic systems with different orders. It is shown that its application to secure communication is unsafe, because it can be broken in two different ways, by high-pass filtering and by reduced order system synchronization, without knowing neither the system parameter values nor the system key.

G. Alvarez; L. Hernandez; J. Munoz; F. Montoya; Shujun Li

2005-06-27T23:59:59.000Z

407

Freedom of Information Act Related Sites | National Nuclear Security...  

National Nuclear Security Administration (NNSA)

agency established by Congress in 1988 to provide safety oversight of the nuclear weapons complex operated by the DOE. National Technical Information Service A centralized...

408

Secure communication of static information by electronic means  

DOE Patents (OSTI)

A method and apparatus (10) for the secure transmission of static data (16) from a tag (11) to a remote reader (12). Each time the static data (16) is to be transmitted to the reader (12), the 10 bits of static data (16) are combined with 54 bits of binary data (21), which constantly change from one transmission to the next, into a 64-bit number (22). This number is then encrypted and transmitted to the remote reader (12) where it is decrypted (26) to produce the same 64 bit number that was encrypted in the tag (11). With a continual change in the value of the 64 bit number (22) in the tag, the encrypted numbers transmitted to the reader (12) will appear to be dynamic in character rather than being static.

Gritton, Dale G. (Pleasanton, CA)

1994-01-01T23:59:59.000Z

409

Disable Automatic Login, Cyber Security, Information Technology Division,  

NLE Websites -- All DOE Office Websites (Extended Search)

Disable Automatic Login Disable Automatic Login Automatic Login MUST be disabled... Follow the steps below to verify that auto login is disabled. Verify Security Settings Select Personal Section: Click Make sure the following required boxes are checked. - Require password to wake this computer from sleep or screen saver - Disable automatic login If so, close panel. If not, continue... Note: Mac users should have the panel locked at all times. Click the lock image to lock the panel if its open to prevent further changes. To unlock the above panel, click the lock image to bring up the login box. Insert your username & password, click . You should now be able to make changes to the panel.

410

Secure communication of static information by electronic means  

DOE Patents (OSTI)

This invention is comprised of a method and apparatus for the secure transmission of static data from a tag to a remote reader. Each time the static data is to be transmitted to the reader, the 10 bits of static data are combined with 54 bits of binary data, which constantly change from one transmission to the next, into a 64-bit number. This number is then encrypted and transmitted to the remote reader where it is decrypted to produce the same 64 bit number that was encrypted in the tag. With a continual change in the value of the 64 bit number in the tag, the encrypted numbers transmitted to the reader will appear to be dynamic in character rather than being static.

Gritton, D.G.

1991-12-31T23:59:59.000Z

411

Developing Secure Power Systems Professional Competence: Alignment and Gaps in Workforce Development Programs for Phase 2 of the Secure Power Systems Professional project  

SciTech Connect

This is the final report of Phase 2 of the Secure Power Systems Professional project, a 3 phase project. DOE will post to their website upon release.

O'Neil, Lori Ross; Assante, Michael; Tobey, D. H.; Conway, T. J.; Vanderhorst, Jr, T. J.; Januszewski, III, J.; leo, R.; Perman, K.

2013-08-26T23:59:59.000Z

412

GAO-04-354, CRITICAL INFRASTRUCTURE PROTECTION: Challenges and Efforts to Secure Control Systems  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Report to Congressional Requesters Report to Congressional Requesters United States General Accounting Office GAO March 2004 CRITICAL INFRASTRUCTURE PROTECTION Challenges and Efforts to Secure Control Systems GAO-04-354 www.gao.gov/cgi-bin/getrpt?GAO-04-354. To view the full product, including the scope and methodology, click on the link above. For more information, contact Robert F. Dacey at (202) 512-3317 or daceyr@gao.gov. Highlights of GAO-04-354, a report to congressional requesters March 2004 CRITICAL INFRASTRUCTURE PROTECTION Challenges and Efforts to Secure Control Systems In addition to general cyber threats, which have been steadily increasing, several factors have contributed to the escalation of the risks of cyber attacks against control systems. These include the adoption of standardized

413

Information Systems Engineering Guidance (ISEG)  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Departmental Information Systems Engineering (DISE) Departmental Information Systems Engineering (DISE) Guidance Volume 2 Managing DOE IT Projects March 26, 2002 Revised December 27, 2002 Developed by the Software Quality and Systems Engineering Program Office of the Chief Information Officer Departmental Information Systems Engineering Guidance Title Page Document Series: Departmental Information Systems Engineering (DISE) Guidance Document Name: Volume 2, Managing DOE IT Projects Publication Date: 03/26/03, Revised 12/27/02 Document Owner: Office of the Chief Information Officer Software Quality and Systems Engineering Brenda Coblentz, IM-21, Program Manager Acknowledgement: Wayne Jones, author of the DOE (HQ) IM Project Management Guide, September 1998

414

PNNL: Security & Privacy  

NLE Websites -- All DOE Office Websites (Extended Search)

Security & Privacy Security & Privacy Thank you for visiting the Pacific Northwest National Laboratory (PNNL) website (pnnl.gov) and reviewing our security and privacy policies. The following policies apply to all pages and sites in the pnnl.gov domain, unless otherwise noted. Security Notice This website is part of a Federal computer system used to accomplish Federal functions. The Department of Energy monitors this website for security purposes to ensure it remains available to all users and to protect information in the system. By accessing this website, you are expressly consenting to these monitoring activities. Unauthorized attempts to defeat or circumvent security features, to use the system for other than intended purposes, to deny service to authorized users, to access, obtain, alter, damage, or destroy information, or

415

Quantifying security threats and their impact  

Science Conference Proceedings (OSTI)

In earlier works, we present a computational infrastructure that allows an analyst to estimate the security of a system in terms of the loss that each stakeholder stands to sustain as a result of security breakdowns. In this paper, we illustrate this ... Keywords: cyber security metrics, information security, risk management

Anis Ben Aissa; Robert K. Abercrombie; Frederick T. Sheldon; Ali Mili

2009-04-01T23:59:59.000Z

416

NIST SP 800-53 Revision 3, Recommended Security Controls ...  

Science Conference Proceedings (OSTI)

Page 1. NIST Special Publication 800-53 Revision 3 Recommended Security Controls for Federal Information Systems and Organizations ...

2012-02-06T23:59:59.000Z

417

Policies: Homeland Security Presidential Directive/Hspd-7  

Science Conference Proceedings (OSTI)

... appropriate systems, mechanisms, and procedures to share homeland security information relevant ... (a) commercial nuclear reactors for generating ...

418

Contribution of corporate social responsibility to information security management  

Science Conference Proceedings (OSTI)

Contemporary societies develop scepticism about the social responsibility of businesses. There are expectations that firms/corporations/industries/companies make more than just economic contributions. In the area of information technology, more and more ...

Theodosios Tsiakis

2009-11-01T23:59:59.000Z

419

PARS II New Contractor Information for Interconnection Security...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

the tables below and return this form to the PARS II Support Team at DL-CF-40PARS2Support@hq.doe.gov. Contractor Point of Contact Information Name Position CompanyOrganization...

420

Security data extraction from IEC 61850 ACSI models for network and system management  

Science Conference Proceedings (OSTI)

The international standard IEC 62351 proposed the format of abstract data object for secure smart grid controls which is named as Network and System Management (NSM). It is devised to respond not only deliberate attacks such as cyber hacking and sabotage, ... Keywords: IEC 61850, IEC 62351, network and system management, power grid security, smart grid security

Chung-Hyo Kim; Moon-Seok Choi; Seong-Ho Ju; Yong-Hun Lim; Jong-Mock Baek

2011-08-01T23:59:59.000Z

Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


421

Design principles and patterns for computer systems that are simultaneously secure and usable  

E-Print Network (OSTI)

It is widely believed that security and usability are two antagonistic goals in system design. This thesis argues that there are many instances in which security and usability can be synergistically improved by revising ...

Garfinkel, Simson

2005-01-01T23:59:59.000Z

422

A collaborative framework for multi-area dynamic security assessment of large scale systems  

E-Print Network (OSTI)

that our knowledge of power system dynamics and the quality of available dynamic security analysis software- security assessment (load-flow computations) [4]­[10]. But there remain several open questions which have

Wehenkel, Louis

423

Security and Elections  

E-Print Network (OSTI)

World Conf. Information Security Education, 2007, pp. 1724;Security andElections IEEE Security & Privacy, 10(5):6467, Sept. -

Bishop, Matt; Peisert, Sean

2012-01-01T23:59:59.000Z

424

Improving Cyber-Security of Smart Grid Systems via Anomaly Detection and Linguistic Domain Knowledge  

Science Conference Proceedings (OSTI)

The planned large scale deployment of smart grid network devices will generate a large amount of information exchanged over various types of communication networks. The implementation of these critical systems will require appropriate cyber-security measures. A network anomaly detection solution is considered in this work. In common network architectures multiple communications streams are simultaneously present, making it difficult to build an anomaly detection solution for the entire system. In addition, common anomaly detection algorithms require specification of a sensitivity threshold, which inevitably leads to a tradeoff between false positives and false negatives rates. In order to alleviate these issues, this paper proposes a novel anomaly detection architecture. The designed system applies the previously developed network security cyber-sensor method to individual selected communication streams allowing for learning accurate normal network behavior models. Furthermore, the developed system dynamically adjusts the sensitivity threshold of each anomaly detection algorithm based on domain knowledge about the specific network system. It is proposed to model this domain knowledge using Interval Type-2 Fuzzy Logic rules, which linguistically describe the relationship between various features of the network communication and the possibility of a cyber attack. The proposed method was tested on experimental smart grid system demonstrating enhanced cyber-security.

Ondrej Linda; Todd Vollmer; Milos Manic

2012-08-01T23:59:59.000Z

425

Control Systems Security Publications Library | Department of Energy  

NLE Websites -- All DOE Office Websites (Extended Search)

Publications Library Publications Library Control Systems Security Publications Library Publications Library Repository of documents, listed by topic. (Some of the documents in this section require Adobe Acrobat Reader. You can download a free copy of the Reader by visiting Adobe.) VULNERABILITY REPORTS PERIODICAL ARTICLES ENERGY SECTOR ROADMAP AND ROADMAP IMPLEMENTATION DOE NSTB PROGRAM PLANNING AND RESOURCE DOCUMENTS PROJECT FACT SHEETS TRAINING MATERIALS AND RECOMMENDED PRACTICES ASSESSMENT AND TECHNICAL PUBLICATIONS SANDIA NATIONAL LABORATORIES REPORTS FOR NSTB PACIFIC NORTHWEST NATIONAL LABORATORY REPORTS FOR NSTB IDAHO NATIONAL LABORATORY REPORTS FOR NSTB FEDERAL GUIDANCE AND POLICY DOCUMENTS VULNERABILITY REPORTS INL Common Vulnerabilities Report - 2008 NERC Top 10 Vulnerabilities of Control Systems and Their Associated

426

Analysis of costs-benefits tradeoffs of complex security systems  

SciTech Connect

Essential to a systems approach to design of security systems is an analysis of the cost effectiveness of alternative designs. While the concept of analysis of costs and benefits is straightforward, implementation can be at the least tedious and, for complex designs and alternatives, can become nearly intractable without the help of structured analysis tools. PACAIT--Performance and Cost Analysis Integrated Tools--is a prototype tool. The performance side of the analysis collates and reduces data from ASSESS, and existing DOE PC-based security systems performance analysis tool. The costs side of the analysis uses ACE, an existing DOD PC-based costs analysis tool. Costs are reported over the full life-cycle of the system, that is, the costs to procure, operate, maintain and retire the system and all of its components. Results are collected in Microsoft{reg_sign} Excel workbooks and are readily available to analysts and decision makers in both tabular and graphical formats and at both the system and path-element levels.

Hicks, M.J. [Sandia National Labs., Albuquerque, NM (United States). Security Systems Analysis and Development Dept.

1996-12-31T23:59:59.000Z

427

Capacity Utilization Study for Aviation Security Cargo Inspection Queuing System  

SciTech Connect

In this paper, we conduct performance evaluation study for an aviation security cargo inspection queuing system for material flow and accountability. The queuing model employed in our study is based on discrete-event simulation and processes various types of cargo simultaneously. Onsite measurements are collected in an airport facility to validate the queuing model. The overall performance of the aviation security cargo inspection system is computed, analyzed, and optimized for the different system dynamics. Various performance measures are considered such as system capacity, residual capacity, throughput, capacity utilization, subscribed capacity utilization, resources capacity utilization, subscribed resources capacity utilization, and number of cargo pieces (or pallets) in the different queues. These metrics are performance indicators of the system s ability to service current needs and response capacity to additional requests. We studied and analyzed different scenarios by changing various model parameters such as number of pieces per pallet, number of TSA inspectors and ATS personnel, number of forklifts, number of explosives trace detection (ETD) and explosives detection system (EDS) inspection machines, inspection modality distribution, alarm rate, and cargo closeout time. The increased physical understanding resulting from execution of the queuing model utilizing these vetted performance measures should reduce the overall cost and shipping delays associated with new inspection requirements.

Allgood, Glenn O [ORNL; Olama, Mohammed M [ORNL; Lake, Joe E [ORNL; Brumback, Daryl L [ORNL

2010-01-01T23:59:59.000Z

428

PIA - Security Clearance Work Tracking and Budget System | Department...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Publications Freedom of Information and Privacy Act Database PIA, Idaho Operations Office Occupational Injury & Illness System (01&15) PIA, Idaho National Laboratory TRAIN-PIA.pdf...

429

Control Systems Cyber Security: Defense in Depth Strategies ...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

and direction for developing 'defense-in-depth' strategies for organizations that use control system networks while maintaining a multi-tier information architecture. Control...

430

Cryptographic and Security Testing  

Science Conference Proceedings (OSTI)

Directory of Accredited Laboratories. Cryptographic and Security Testing. ... TX. atsec information security corporation, Austin, TX [200658- 0] VA. ...

2013-12-27T23:59:59.000Z

431

National reconstruction information management system  

Science Conference Proceedings (OSTI)

National Reconstruction Information Management System (NARIMS) is a revolutionary concept designed and developed by the National Reconstruction Bureau, Government of Pakistan, to work as an aid in support of the Local Governments under the Devolution ... Keywords: administration, asset management, community development, decision support, e-governance, financial, geographical information system, human resource management, information management system, local government, monitoring, performance evaluation

Daniyal Aziz; Syed Adnan Shah; Deeba Gilani

2007-12-01T23:59:59.000Z

432

CMAD IV 11/14/96 Information Security  

E-Print Network (OSTI)

utilities, power pools, vendors etc.. #12;CMAD IV 11/14/96 #12; #12; GridCo LineCo PoolCo Energy Merchant INFO INFO INFO $ $ $ PWR PWR PWR #12;CMAD IV 11/14/96 "Future" Is At Hand · Federal Energy Regulatory Commission (FERC) 889 ­ information on transmission availability and prices. ­ equal access for wholesale

California at Davis, University of

433

Smartgrid supervisory control and data acquisition (SCADA) system security issues and counter measures.  

E-Print Network (OSTI)

??This project discusses security issues, countermeasures and research issues in the Supervisory Control And Data Acquisition (SCADA) system. SCADA system is used in power sector (more)

Sunku Ravindranath, Raksha

2010-01-01T23:59:59.000Z

434

Lemnos interoperable security project.  

Science Conference Proceedings (OSTI)

With the Lemnos framework, interoperability of control security equipment is straightforward. To obtain interoperability between proprietary security appliance units, one or both vendors must now write cumbersome 'translation code.' If one party changes something, the translation code 'breaks.' The Lemnos project is developing and testing a framework that uses widely available security functions and protocols like IPsec - to form a secure communications channel - and Syslog, to exchange security log messages. Using this model, security appliances from two or more different vendors can clearly and securely exchange information, helping to better protect the total system. Simplify regulatory compliance in a complicated security environment by leveraging the Lemnos framework. As an electric utility, are you struggling to implement the NERC CIP standards and other regulations? Are you weighing the misery of multiple management interfaces against committing to a ubiquitous single-vendor solution? When vendors build their security appliances to interoperate using the Lemnos framework, it becomes practical to match best-of-breed offerings from an assortment of vendors to your specific control systems needs. The Lemnos project is developing and testing a framework that uses widely available open-source security functions and protocols like IPsec and Syslog to create a secure communications channel between appliances in order to exchange security data.

Halbgewachs, Ronald D.

2010-03-01T23:59:59.000Z

435

NIST SP 800-137, Information Security Continuous Monitoring ...  

Science Conference Proceedings (OSTI)

... with commissioning or decommissioning the system ... www.itl.nist.gov/div898/ handbook/ppc/section3 ... tools and manual procedures, are organized ...

2012-02-09T23:59:59.000Z

436

NIST SP 800-115, Technical Guide to Information Security ...  

Science Conference Proceedings (OSTI)

... targets for penetration testing, generating topology maps, determining ... The first part is the start of actual ... A good starting point is to evaluate system ...

2012-02-09T23:59:59.000Z

437

Office of Health, Safety and Security - Information Collection  

NLE Websites -- All DOE Office Websites (Extended Search)

Environment HSS Outreach and Communications HSPD-12 Nuclear Materials Management & Safeguards System (NMMSS) HSS Internal Operations Council on Environmental Quality (CEQ)...

438

BNL Password Procedures, Cyber Security,Information Technology Division,  

NLE Websites -- All DOE Office Websites (Extended Search)

Password Policy, Procedures, and Guidance Password Policy, Procedures, and Guidance Password Policy Choosing a Good Password - Online Random Password Generator Password Do's and Don'ts Password Protection Password Changing Password Change Process - Using Windows NT/2000/XP Operating Systems - Unix Systems Users not logged into the BNL Domain Password Policy for BlackBerry and Windows-based Hand-held Wireless Devices Password Policy Based upon DOE Notice N205.3 and guidance in DOE G 205.3-1, all BNL computer platforms capable of supporting password protection systems must have passwords that are in accord with the following. Password contains at least eight non-blank characters, provided such passwords are allowed by the operating system or application. Password contains a combination of letters (a mixture of upper and lowercase), numbers, and at least one special character within the first seven positions, provided such passwords are allowed by the operating system or application.

439

Security tasks are highly interdependent.  

E-Print Network (OSTI)

Motivation Security tasks are highly interdependent. To improve security tools, we need to understand how security practitioners collaborate in their organizations. Security practitioners in context Exchange of Information Develop security tools that: · Integrate information from different communication

440

Internet Security Glossary  

Science Conference Proceedings (OSTI)

This Glossary (191 pages of definitions and 13 pages of references) provides abbreviations, explanations, and recommendations for use of information system security terminology. The intent is to improve the comprehensibility of writing that deals with ...

R. Shirey

2000-05-01T23:59:59.000Z

Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


441

Implementing data security in student lifecycle management system at the university of Prishtina  

Science Conference Proceedings (OSTI)

In this paper is presented a novel approach for fulfilling the data security criteria in a Student Lifecycle Management System at the University of Prishtina. The four main criteria of data security such as: privacy, authentication, integrity and non-repudiation ... Keywords: X.509 certificate, authentication, digital signature, non-repudiation, privacy, security, smart cards, student lifecycle management

Blerim Rexha; Haxhi Lajqi; Myzafere Limani

2010-07-01T23:59:59.000Z

442

ESCORT: a decentralized and localized access control system for mobile wireless access to secured domains  

Science Conference Proceedings (OSTI)

In this work we design and implement ESCORT, a backward compatible, efficient, and secure access control system, to facilitate mobile wireless access to secured wireless LANs. In mobile environments, a mobile guest may frequently ... Keywords: decentralized access control, identity privacy, location privacy, mobile privacy, wireless security

Jiejun Kong; Shirshanka Das; Edward Tsai; Mario Gerla

2003-09-01T23:59:59.000Z

443

Improved security for commercial container transports using an innovative active RFID system  

Science Conference Proceedings (OSTI)

The huge number of containers daily involved in the global transportation system opens important logistic and security issues. The matter of improving the management of goods in the harbor and the serious vulnerability problem of containers are relevant ... Keywords: Electronic seals, RFID technology, Secure supply chain, Secure transport, Wireless communications

Francesco Rizzo; Marcello Barboni; Lorenzo Faggion; Graziano Azzalin; Marco Sironi

2011-05-01T23:59:59.000Z

444

Security Analysis and Implementation of JUITImage Based Authentication System Using Kerberos Protocol  

Science Conference Proceedings (OSTI)

Secure environments protect their resources against unauthorized access by enforcing access control mechanisms. So when increasing security is an issue text based passwords are not enough to counter such problems. The need for something more secure along ... Keywords: Image Based Authentication System, AJAX, MySQL, Diffie-Hellman key Exchange, Kerberos Protocol, Keystroke Logging, Tempest Attack, Shoulder Attack, Brute-force Attack

Nitin; Durg Singh Chauhan; Vivek Kumar Sehgal; Ankit Mahanot; Pallavi Singh; Sohit Ahuja; Utkarsh Shrivastava; Manisha Rana; Vineet Punjabi; Shivam Vinay; Nakul Sharma

2008-05-01T23:59:59.000Z

445

Information Delivery Systems Portal  

Science Conference Proceedings (OSTI)

... Information Retrieval Research Conference Adds Tracks on Medical Records, Crowd-sourcing and Micro-blogging. >> see ...

2012-12-05T23:59:59.000Z

446

Secure Contexts (Extended Abstract)  

E-Print Network (OSTI)

Information flow security in a multilevel system aims at guaranteeing that no high level information is revealed to low levels. A usual requirement to ensure information flow security for a process is that no generic attacker can induce a high-to-low information flow. This requirement is too demanding when we have some knowledge about the contexts where the process is going to run. To deal with these situations we introduce the notion of secure contexts for a process. The notion is parametric with respect to both the observational equivalence and the operation used to characterize the low level behavior. In the paper we mainly analyze the cases of bisimulation and trace equivalence. We describe how to build secure contexts in these cases and we show that two well-known security properties, BNDC and NDC, are just special instances of our general notion.

Annalisa Bossi; Damiano Macedonio; Carla Piazza; Sabina Rossi

2003-01-01T23:59:59.000Z

447

CyberForensics: Understanding Information Security Investigations, 1st edition  

Science Conference Proceedings (OSTI)

This fascinating and highly topical subject has a history dating back to the secret world of 1970s Cold War espionage, when the US military and Central intelligence agencies, aided by the latest mainframe systems, were the first to use computer forensics ...

Jennifer Bayuk

2010-09-01T23:59:59.000Z

448

Headquarters Personnel Security Operations | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Headquarters Personnel Security Operations Headquarters Personnel Security Operations Headquarters Personnel Security Operations Mission and Functions Mission Provide a comprehensive Personnel Security Program for the DOE Headquarters complex. Ensure that DOE classified information, materials, buildings and information systems are safeguarded from compromise by only granting security clearances and building access to trustworthy individuals. This is accomplished through conscientious, just, and thoughtful application of Federal rules and statutes with the goal of ensuring that only individuals whose character, associations, and loyalty do not endanger the common defense are granted access to DOE classified information, materials, buildings and information systems. Functions The primary function of the Office of Headquarters Personnel

449

National SCADA Test Bed Enhancing control systems security in the energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

SCADA Test Bed Enhancing control systems security in the SCADA Test Bed Enhancing control systems security in the energy sector National SCADA Test Bed Enhancing control systems security in the energy sector Improving the security of energy control systems has become a national priority. Since the mid-1990's, security experts have become increasingly concerned about the threat of malicious cyber attacks on the vital supervisory control and data acquisition (SCADA) and distributed control systems (DCS) used to monitor and manage our energy infrastructure. Many of the systems still in use today were designed to operate in closed, proprietary networks. National SCADA Test Bed Enhancing control systems security in the energy sector More Documents & Publications NSTB Summarizes Vulnerable Areas Transmission and Distribution World March 2007: DOE Focuses on Cyber

450

New Tools to Help Configure Secure Operating Systems  

Science Conference Proceedings (OSTI)

... assist federal agencies in complying with computer security requirements mandated by the government's Office of Management and Budget (OMB). ...

2013-07-08T23:59:59.000Z

451

ITL Bulletin Security Of Bluetooth Systems And Devices ...  

Science Conference Proceedings (OSTI)

... hopping spread spectrum (FHSS) technology for transmissions. ... but provides for minimal transmission security. ... for radio link power control, which ...

2013-04-16T23:59:59.000Z

452

Secure Data Center (Fact Sheet), Energy Systems Integration Facility...  

NLE Websites -- All DOE Office Websites (Extended Search)

engineering. Partners at the ESIF's Secure Data Center include: * Government agencies * Vehicle manufacturers * Transit agencies * Hydrogen suppliers * Fuel cell developers *...

453

Information Delivery Systems News  

Science Conference Proceedings (OSTI)

... Information Retrieval Research Conference Adds Tracks on Medical Records, Crowd-sourcing and Micro-blogging Release Date: 02/15/2011 ...

2010-05-24T23:59:59.000Z

454

PIA - Human Resources System/Payroll System | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

System PIA - Human Resources - Personal Information Change Request - Idaho National Engineering Laboratory PIA - INL SECURITY INFORMATION MANAGEMENT SYSTEM BUSINESS ENCLAVE...

455

Modeling Internet Security Investments: The Case of Dealing with Information Uncertainty  

E-Print Network (OSTI)

Modern distributed communication networks like the Internet and censorship-resistant networks (also a part of the Internet) are characterized by nodes (users) interconnected with one another via communication links. In this regard, the security of individual nodes depend not only on their own efforts, but also on the efforts and underlying connectivity structure of neighboring network nodes. By the term 'effort', we imply the amount of investments made by a user in security mechanisms like antivirus softwares, firewalls, etc., to improve its security. However, often due to the large magnitude of such networks, it is not always possible for nodes to have complete effort and connectivity structure information about all their neighbor nodes. Added to this is the fact that in many applications, the Internet users are selfish and are not willing to co-operate with other users on sharing effort information. In this paper, we adopt a non-cooperative game-theoretic approach to analyze individual user security in a co...

Pal, Ranjan

2011-01-01T23:59:59.000Z

456

Analysis of Secure Mobile Grid Systems: A systematic approach  

Science Conference Proceedings (OSTI)

Developing software through systematic processes is becoming more and more important due to the growing complexity of software development. It is important that the development process used integrates security aspects from the first stages at the same ... Keywords: Requirements Analysis, Reusable use cases, Secure mobile Grid development, Security

David G. Rosado; Eduardo Fernndez-Medina; Javier Lpez; Mario Piattini

2010-05-01T23:59:59.000Z

457

A Summary of Control System Security Standards Activities in the Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

A Summary of Control System Security Standards Activities in the A Summary of Control System Security Standards Activities in the Energy Sector (October 2005) A Summary of Control System Security Standards Activities in the Energy Sector (October 2005) This document is a compilation of the activities and initiatives concerning control system security that are influencing the standards process in the development of secure communication protocols and systems. Also contained in this report is a comparison of several of the sector standards, guidelines, and technical reports, demonstrating standards coverage by security topic. This work focuses on control systems standards applicable to the energy (oil, gas, and electric, but not nuclear) sector. Summary of CS Standards Activities in the Energy Sector.pdf More Documents & Publications

458

Modeling and simulation for cyber-physical system security research, development and applications.  

SciTech Connect

This paper describes a new hybrid modeling and simulation architecture developed at Sandia for understanding and developing protections against and mitigations for cyber threats upon control systems. It first outlines the challenges to PCS security that can be addressed using these technologies. The paper then describes Virtual Control System Environments (VCSE) that use this approach and briefly discusses security research that Sandia has performed using VCSE. It closes with recommendations to the control systems security community for applying this valuable technology.

Pollock, Guylaine M.; Atkins, William Dee; Schwartz, Moses Daniel; Chavez, Adrian R.; Urrea, Jorge Mario; Pattengale, Nicholas; McDonald, Michael James; Cassidy, Regis H.; Halbgewachs, Ronald D.; Richardson, Bryan T.; Mulder, John C.

2010-02-01T23:59:59.000Z

459

T-592: Cisco Security Advisory: Cisco Secure Access Control System Unauthorized Password Change Vulnerability  

Energy.gov (U.S. Department of Energy (DOE))

Cisco Secure ACS operates as a centralized RADIUS and TACACS+ server, combining user authentication, user and administrator device access control, and policy control into a centralized identity networking solution.

460

Privacy/Security Policy  

NLE Websites -- All DOE Office Websites (Extended Search)

Privacy/Security Privacy/Security Privacy/Security Policy This web site is part of a federal computer system used to accomplish federal functions. Read the following important privacy and security information carefully. Security Notice October 31, 2000 This web site is part of a federal computer system used to accomplish federal functions. The Department of Energy monitors this web site for security purposes to ensure that it remains available to all users and to protect information in the system. By accessing this web site, you are expressly consenting to these monitoring activities. Unauthorized attempts to defeat or circumvent security features, to use the system for other than intended purposes, to deny service to authorized users, to access, obtain, alter, damage, or destroy information, or otherwise to interfere with the system or its operation are prohibited. Evidence of such acts may be disclosed to law enforcement authorities and result in criminal prosecution under the Computer Fraud and Abuse Act of 1986 (Pub. L. 99-474) and the National Information Infrastructure Protection Act of 1996 (Pub. L. 104-294), (18 U.S.C. 1030), or other applicable criminal laws.

Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


461

Cyber Security Solutions for Instrumentation and Control Systems, Topic 3: Security Status Monitoring  

Science Conference Proceedings (OSTI)

Cyber security standards have been produced in response to continual threats to business and process control networks. Many standards have been drafted and subsequently revised and are now being enforced for compliance. In recent years, electric utilities have established cyber security programs to ensure compliance with the requirements set forth in the North American Electric Reliability Corporations Critical Infrastructure Protection standards and related requirements in the international ...

2013-11-08T23:59:59.000Z

462

The Risk Assessment Information System  

NLE Websites -- All DOE Office Websites (Extended Search)

Plant: Relative Risk Ranking Sites Plant: Relative Risk Ranking Sites These rankings are based on the EM-40 Release Site Methodology. Select a release site to receive information concerning that site. Please note that not all of the listed sites are linked to further information. Abandoned Nitric Acid Pipeline ACN Drum Yard Bear Creek Burial Grounds Bear Creek Contaminated Floodplain Soils Beta-4 Security Pits Building 81-10 Area Mercury Contaminated Soils Building 9201-2 Transformer and Capacitor Storage Area Building 9201-3 Coolant Salt Technology Facility Building 9201-4 Building 9201-4 External Pipes Building 9201-5E Northeast Yard Waste Storage Area Building 9202 East Pad Waste Storage Area Building 9204-2 West Yard Waste Storage Area Building 9206 Underground Tank Building 9215 West Pad Waste Storage Area

463

Using Operational Security (OPSEC) to Support a Cyber Security...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Using Operational Security (OPSEC) to Support a Cyber Security Culture in Control Systems Environments Using Operational Security (OPSEC) to Support a Cyber Security Culture in...

464

DOE O 5639.8A, Security of Foreign Intelligence Information and Sensitive Compartmented Information Facilities  

Directives, Delegations, and Requirements

The order establishes responsibilities and authorities for protecting Foreign Intelligence Information (FII) and Sensitive Compartmented Information Facilities ...

1993-07-23T23:59:59.000Z

465

PRIVACY/SECURITY NOTICE  

NLE Websites -- All DOE Office Websites (Extended Search)

PRIVACY/SECURITY NOTICE PRIVACY/SECURITY NOTICE By continuing to use this system you indicate your awareness of and consent to the following terms and conditions of use. LOG OFF IMMEDIATELY if you do not agree to the conditions stated in this warning. SECURITY NOTICE This Web site is part of a Federal computer system used to accomplish Federal functions. The Department of Energy monitors this Web site for security purposes to ensure it remains available to all users and to protect information in the system. The system employs software programs to monitor network traffic to identify unauthorized activities. By accessing this Web site, you are expressly consenting to these monitoring activities. Unauthorized attempts to defeat or circumvent security features; to use the system for other than intended purposes; to deny service to authorized

466

The investigation of the structural properties of machines for the design of secure and trustworthy systems  

Science Conference Proceedings (OSTI)

In this paper, we investigate the problem of designing secure and trustworthy systems based on the notion of attack space. In particular, we consider the study of structural properties of a system at a design or architectural level. This preliminary ... Keywords: attack space, design for trustworthiness, secure systems, structure theory

Edward Jung; Chih-Cheng Hung; Guangzhi Ma; Seonho Choi

2011-11-01T23:59:59.000Z

467

Hardware-assisted security enhanced Linux in embedded systems: a proposal  

Science Conference Proceedings (OSTI)

As computing and communications increasingly pervade our lives, security and protection of sensitive data and systems are emerging as extremely important issues. This is especially true for embedded systems, often operating in non-secure environments, ... Keywords: SELinux, access controls, embedded systems

Leandro Fiorin; Alberto Ferrante; Konstantinos Padarnitsas; Stefano Carucci

2010-10-01T23:59:59.000Z

468

American National Standard for Information Systems Data ...  

Science Conference Proceedings (OSTI)

Page 1. Information Technology: American National Standard for Information Systems Data Format for the Interchange of ...

2010-04-28T23:59:59.000Z

469

Information Systems Group Homepage  

Science Conference Proceedings (OSTI)

... computational methods, data/knowledge mining tools, and semantic services using systems-based approaches, to advance measurement science ...

2012-06-26T23:59:59.000Z

470

Geographic Information System (Monaster And Coolbaugh, 2007)...  

Open Energy Info (EERE)

Geographic Information System (Monaster And Coolbaugh, 2007) Jump to: navigation, search GEOTHERMAL ENERGYGeothermal Home Exploration Activity: Geographic Information System...

471

Developing Secure Power Systems Professional Competence: Alignment and Gaps in Workforce Development Programs for Phase 2 of the Secure Power Systems Professional project  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

53 53 Prepared for the U.S. Department of Energy under Contract DE-AC05-76RL01830 Developing Secure Power Systems Professional Competence: Alignment and Gaps in Workforce Development Programs for Phase 2 of the Secure Power Systems Professional project LR O'Neil TJ Vanderhorst, Jr MJ Assante J Januszewski, III DH Tobey R Leo TJ Conway K Perman August 2013 PNNL- 22653 Developing Secure Power Systems Professional Competence: Alignment and Gaps in Workforce Development Programs for Phase 2 of the Secure Power Systems Professional project LR O'Neil TJ Vanderhorst, Jr MJ Assante J Januszewski, III DH Tobey R Leo TJ Conway K Perman Contributors: SGC Panel Members August 2013 Prepared by: Pacific Northwest National Laboratory and

472

CYBER SECURITY METRICS AND MEASURES  

Science Conference Proceedings (OSTI)

... CYBER SECURITY METRICS AND MEASURES ... Keywords: cyber security; metrics; measures; software; computer systems; IT ...

2013-05-07T23:59:59.000Z

473

Final Version of Industrial Control Systems Security Guide ...  

Science Conference Proceedings (OSTI)

... Stouffer recommends using the new guide along with Guidelines for Smart Grid Cyber Security (NISTIR 7628), which NIST issued last September ...

2011-06-21T23:59:59.000Z

474

Information Systems | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Information Systems Information Systems Information Systems Project Assessment and Reporting System (PARS II) PARS II is the Department's official "System of Record" for capital asset project performance information. Because PARS II uses the same data as maintained in our contractors' project management systems, everyone from the Federal Project Director's staff to the Secretary of Energy will have easy access to the same data. The PARS II software application is managed by the MA Office of Acquisition and Project Management and is used by federal and contractor personnel across the nation to record and track the progress of major construction and environmental cleanup projects. Questions or comments about PARS II should be directed to the PARS II Help Desk via email at i-Manage.eas@hq.doe.gov or by calling 301-903-2500

475

Techniques for Enhanced Physical-Layer Security  

E-Print Network (OSTI)

Information-theoretic security--widely accepted as the strictest notion of security--relies on channel coding techniques that exploit the inherent randomness of propagation channels to strengthen the security of communications systems. Within this paradigm, we explore strategies to improve secure connectivity in a wireless network. We first consider the intrinsically secure communications graph (iS-graph), a convenient representation of the links that can be established with information-theoretic security on a large-scale network. We then propose and characterize two techniques--sectorized transmission and eavesdropper neutralization--which are shown to dramatically enhance the connectivity of the iS-graph.

Pinto, Pedro C; Win, Moe Z

2010-01-01T23:59:59.000Z

476

CRITICAL INFRASTRUCTURE PROTECTION Multiple Efforts to Secure Control  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

CRITICAL INFRASTRUCTURE PROTECTION Multiple Efforts to Secure CRITICAL INFRASTRUCTURE PROTECTION Multiple Efforts to Secure Control Systems Are Under Way, but Challenges Remain CRITICAL INFRASTRUCTURE PROTECTION Multiple Efforts to Secure Control Systems Are Under Way, but Challenges Remain GAO is making recommendations to the Department of Homeland Security (DHS) to develop a strategy for coordinating control systems security efforts and to enhance information sharing with relevant stakeholders. DHS officials did not agree or disagree with GAO's recommendations, but stated that they would take them under advisement. CRITICAL INFRASTRUCTURE PROTECTION Multiple Efforts to Secure Control Systems Are Under Way, but Challenges Remain More Documents & Publications GAO Challenges and Efforts to Secure Control Systems (March 2004)

477

NETL: Produced Water Management Information System  

NLE Websites -- All DOE Office Websites (Extended Search)

PWMIS Home Produced Water Management Information System The Produced Water Management Information System is an online resource for technical and regulatory information for managing...

478

Design and Simulation of a Four-channel Security System of Rocket Fuze  

Science Conference Proceedings (OSTI)

The light armored equipment has been widely used in modern wars, but it is vulnerable to be destroyed by the incoming projectile, so its battlefield survivability can not be guaranteed. In this paper, a four-channel security system has been designed ... Keywords: rocket fuse, security system, multi-point detonation, directional detonation

Shao-Jie Ma; Hao Qin; He Zhang; Hui Li

2010-06-01T23:59:59.000Z

479

Secure virtual architecture: a safe execution environment for commodity operating systems  

Science Conference Proceedings (OSTI)

This paper describes an efficient and robust approach to provide a safe execution environment for an entire operating system, such as Linux, and all its applications. The approach, which we call Secure Virtual Architecture (SVA), defines ... Keywords: compiler, memory safety, operating systems, security, type safety, typed assembly language, virtual machine

John Criswell; Andrew Lenharth; Dinakar Dhurjati; Vikram Adve

2007-10-01T23:59:59.000Z

480

Development & expansion of an industrial control system security laboratory and an international research collaboration  

Science Conference Proceedings (OSTI)

In this paper, we describe the incremental building of a unique industrial control system laboratory designed to investigate security vulnerabilities and to support development of mitigating tools and techniques. The laboratory has been built over time ... Keywords: SCADA, critical infrastructure security, industrial control systems, test bed

Rayford B. Vaughn; Thomas Morris; Elena Sitnikova

2013-01-01T23:59:59.000Z

Note: This page contains sample records for the topic "information systems security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


481

Secure Communication and Authentication Against Off-line Dictionary Attacks in Smart Grid Systems  

E-Print Network (OSTI)

Secure Communication and Authentication Against Off-line Dictionary Attacks in Smart Grid Systems This paper studies the security requirements for remote authentication and communication in smart grid to smart grid systems. For example, in order to unlock the credentials stored in tamper

Wang, Yongge

482

Effect of imperfect Faraday mirrors on security of a Faraday-Michelson quantum cryptography system  

E-Print Network (OSTI)

The one-way Faraday-Michelson system is a very useful practical quantum cryptography system where Faraday mirrors(FMs) play an important role. In this paper we analyze the security of this system against imperfect FMs. We consider the security loophole caused by the imperfect FMs in Alice's and Bob's security zones. Then we implement a passive Faraday mirror attack in this system. By changing the values of the imperfection parameters of Alice's FMs, we calculate the quantum bit error rate between Alice and Bob induced by Eve and the probability that Eve obtains outcomes successfully. It is shown that the imperfection of one of Alice's two FMs makes the system sensitive to the attack. At last we give a modified key rate as a function of the Faraday mirror imperfections. The security analysis indicates that both Alice's and Bob's imperfect FMs can compromise the secure key.

Wang Weilong; Gao Ming; Ma Zhi

2013-10-29T23:59:59.000Z

483

Computerized international geothermal information systems  

DOE Green Energy (OSTI)

The computerized international geothermal energy information system is reviewed. The review covers establishment of the Italy - United States linked data centers by the NATO Committee on Challenges of Modern Society, through a bilateral agreement, and up to the present time. The result of the information exchange project is given as the bibliographic and numerical data available from the data centers. Recommendations for the exchange of computerized geothermal information at the international level are discussed.

Phillips, S.L.; Lawrence, J.D.; Lepman, S.R.

1980-03-01T23:59:59.000Z

484

Power System Dynamic Security Analysis Using Artificial Intelligence Systems: Phase 1 -- Feasibility Evaluation  

Science Conference Proceedings (OSTI)

On-line transient stability analysis, using actual system conditions, will allow more realistic stability limits. The result will be improved economy through increased transfers across the transmission grid. This feasibility evaluation explores ways of using artificial intelligence and other techniques to solve the computational problems associated with dynamic security analysis.

1994-04-26T23:59:59.000Z

485

Roadmap to Secure Control Systems in the Energy: Executive Summary - 2006 |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Energy: Executive Summary Energy: Executive Summary - 2006 Roadmap to Secure Control Systems in the Energy: Executive Summary - 2006 This document, the Roadmap to Secure Control Systems in the Energy Sector, outlines a coherent plan for improving cyber security in the energy sector. It is the result of an unprecedented collaboration between the energy sector and government to identify concrete steps to secure control systems used in the electricity, oil, and natural gas sectors over the next ten years. The Roadmap provides a strategic framework for guiding industry and government efforts based on a clear vision supported by goals and time-based milestones. It addresses the energy sector's most urgent challenges as well as longer-term needs and practices. Roadmap to Secure Control Systems in the Energy: Executive Summary

486

Roadmap to Secure Control Systems in the Energy Sector - 2006 | Department  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

- 2006 - 2006 Roadmap to Secure Control Systems in the Energy Sector - 2006 This document, the Roadmap to Secure Control Systems in the Energy Sector, outlines a coherent plan for improving cyber security in the energy sector. It is the result of an unprecedented collaboration between the energy sector and government to identify concrete steps to secure control systems used in the electricity, oil, and natural gas sectors over the next ten years. The Roadmap provides a strategic framework for guiding industry and government efforts based on a clear vision supported by goals and time-based milestones. It addresses the energy sector's most urgent challenges as well as longer-term needs and practices. Roadmap to Secure Control Systems in the Energy Sector More Documents & Publications

487

GFI Network Security and PCI Compliance Power Tools  

Science Conference Proceedings (OSTI)

For system administrators and IT security professionals to properly secure their networks, it is imperative that they utilize tools which constantly scan their networks and report back suspicious activity and/or the presence of known security vulnerabilities. ... Keywords: Applied, Computer Science, Computers, Information Management, Security

Brien Posey

2008-09-01T23:59:59.000Z

488

Security Risks, Low-tech User Interfaces, and Implantable Medical Devices: A Case Study with Insulin Pump Infusion Systems  

SciTech Connect

Portable implantable medical device systems are playing a larger role in modern health care. Increasing attention is now being given to the wireless control interface of these systems. Our position is that wireless security in portable implantable medical device systems is just a part of the overall system security, and increased attention is needed to address low-tech security issues.

Paul, Nathanael R [ORNL; Kohno, Tadayoshi [University of Washington, Seattle

2012-01-01T23:59:59.000Z

489

NIST.gov - Computer Security Division - Computer Security ...  

Science Conference Proceedings (OSTI)

... Automated Information Flows for Situational Awareness; Transformation of Dynamic Security ... Cyber security leadership in the Executive Branch. ...

490

Improving Security of Oil Pipeline SCADA Systems Using Service-Oriented Architectures  

Science Conference Proceedings (OSTI)

Oil pipeline Supervisory Control and Data Acquisition (SCADA) systems monitor and help control pipes transporting both crude and refined petroleum products. Typical SCADA system architectures focus on centralized data collection and control --- however, ... Keywords: SCADA, architecture, petroleum, pipeline, security, services

Nary Subramanian

2008-11-01T23:59:59.000Z

491

Security User Studies: Methodologies and Best Practices  

E-Print Network (OSTI)

Interest in usable security-- the research, development, and study of systems that are both usable and secure-- has been growing both in the CHI and information security communities in the past several years. Despite this interest, however, the process of designing and conducting security-related user studies remains extremely difficult. Users deal with security infrequently and irregularly, and most do not notice or care about security until it is missing or broken. Security is rarely a primary goal or task of users, making many traditional HCI evaluation techniques difficult or even impossible to use. This workshop will bring together researchers and practitioners from the HCI and information security communities to explore methodological challenges and best practices for conducting security-related user studies.

Serge Egelman; Jen King; Robert C. Miller; Nick Ragouzis; Erika Shehan

2006-01-01T23:59:59.000Z

492

YASIR: A Low-Latency, High-Integrity Security Retrofit for Legacy SCADA Systems ?  

E-Print Network (OSTI)

We construct a bump-in-the-wire (BITW) solution that retrofits security into time-critical communications over bandwidth-limited serial links between devices in Supervisory Control And Data Acquisition (SCADA) systems. Previous BITW solutions fail to provide the necessary security within timing constraints; the previous solution that does provide the necessary security is not BITW. At a comparable hardware cost, our BITW solution provides sufficient security, and yet incurs minimal end-to-end communication latency. A microcontroller prototype of our

Patrick P. Tsang; Sean W. Smith

2007-01-01T23:59:59.000Z

493

An Introduction to Computer Security: the NIST Handbook  

Science Conference Proceedings (OSTI)

An Introduction to Computer Security: the NIST Handbook Keywords: computer security, contingency planning, cryptography, guidance, information assurance, risk management, security audit, security controls, security policy

Barbara Guttman; Edward A. Roback

1995-10-01T23:59:59.000Z

494

Technical Services | Y-12 National Security Complex  

NLE Websites -- All DOE Office Websites (Extended Search)

Technical Technical Services Technical Services Technical services spans Y-12 disciplines that support manufacturing at Y-12. Information Systems (National Security Systems Development) Provide solutions for information security, including the protection of national security, proprietary and any other class of highly sensitive information. Develop highly integrated, enterprise level software applications for use within the federal space and adaptable to commercial application. Leverage the transformative information technology capabilities of the NNSA to a broad spectrum of federal applications for rapidly deployed, cost effective and reproducible technical solutions. Develop virtual collaborative networks for cluster manufacturing. Develop, test, and implement operational cyber security strategies

495

CyberPhysical System Security for the Electric Power Grid  

E-Print Network (OSTI)

on the vulnerabil- ity of SCADA protocols. Security venues such as DEFCON, Blackhat, and RSA have recently included implementation vulnerabilities that allow attack- ers to execute arbitrary code in specific SCADA protocols