摘要 :
Information technology (IT) security is an issue of vital importance for all IT-based systems. As IT is penetrating the society, IT security becomes increasingly important. Unfortunately, IT security is intrinsically difficult to ...
展开
Information technology (IT) security is an issue of vital importance for all IT-based systems. As IT is penetrating the society, IT security becomes increasingly important. Unfortunately, IT security is intrinsically difficult to handle and motivate. Security assessment is a central ability in the striving for adequate levels of IT security in systems. In this report, an effort to enable system-wide IT security assessment is described. The presented results include: A study of current security evaluation methods$ Terminology for the area of security assessment$ A framework for system security assessment$ A method for system security assessment$ A framework for system component security assessment$ A method for system component security assessment.
收起
摘要 :
The objective of this effort was to coordinate research and development activities throughout private industry, academic laboratories, and private research laboratories to support the development of a national strategy for securin...
展开
The objective of this effort was to coordinate research and development activities throughout private industry, academic laboratories, and private research laboratories to support the development of a national strategy for securing cyberspace. The approach explored the development of cyber technology strategies and programs related to the mission and roles of Homeland Security Advanced Research Projects Agency. Program goals with external clients including IT industry, critical infrastructure sectors, and academics were also explored.
收起
摘要 :
The Department of Transportation's Pipeline and Hazardous Materials Safety Administration (PHMSA) is responsible for the safe and secure transportation of hazardous materials. Hazardous materials are essential to the economy of th...
展开
The Department of Transportation's Pipeline and Hazardous Materials Safety Administration (PHMSA) is responsible for the safe and secure transportation of hazardous materials. Hazardous materials are essential to the economy of the United States and the well-being of its people. Every day millions of tons of hazardous materials are safely transported by plane, train, truck, or vessel in quantities ranging from several ounces to thousands of gallons. In the wrong hands, however, hazardous materials can pose a significant security threat, particularly those that can be used as weapons of mass destruction. Addressing this security threat is vital to our citizens and our economy. Since September 11, 2001, PHMSA has worked closely with hazardous materials shippers and carriers, as well as Federal, state, and local government agencies, to improve the security of hazardous materials in our Nation's transportation system. The hazardous materials industry can do a lot to improve hazardous materials transportation security. The information presented in this report is intended to encourage you to include security considerations in all of your operations and to assist you in managing the potential security risks associated with the transportation of hazardous materials. There are two strategies that are critical to managing transportation security risks. The first is to develop and implement security plans. The second is to assure that employees who handle and transport hazardous materials are trained to recognize and react to potential security problems. PHMSA has established new security requirements that make use of these two strategies for hazardous materials transported in commerce.
收起
摘要 :
The use of mobile handheld devices within the workplace is expanding rapidly. These devices are no longer viewed as coveted gadgets for early technology adopters, but have instead become indispensable tools that offer competitive ...
展开
The use of mobile handheld devices within the workplace is expanding rapidly. These devices are no longer viewed as coveted gadgets for early technology adopters, but have instead become indispensable tools that offer competitive business advantages for the mobile workforce. While these devices provide productivity benefits, they also pose new risks to an organizations security by the information they contain or can access remotely. Enabling adequate user authentication is the first line of defense against unauthorized use of an unattended, lost, or stolen handheld device. Smart cards have long been the choice of authentication mechanism for many organizations; however, few handheld devices easily support readers for standard-size smart cards. This report describes two novel types of smart cards that use standard interfaces supported by handheld devices, avoiding use of the more cumbersome standard-size smart card readers. These solutions are aimed at helping organization apply smart cards for authentication and other security services. Details of the design and implementation are provided.
收起
摘要 :
A method for evaluating security models is developed and applied to the model of Bell and LaPadula. The method shows the inadequacy of the Bell and LaPadula model, in particular,and the impossibility of any adequate definition of ...
展开
A method for evaluating security models is developed and applied to the model of Bell and LaPadula. The method shows the inadequacy of the Bell and LaPadula model, in particular,and the impossibility of any adequate definition of a secure system based solely on the notion of a secure state. The implications for the fruitfulness of seeking a global definition of a secure system and for the state of foundational research in computer security, in general, is discussed.
收起
摘要 :
This report presents the results of a survey designed to describe the shape of current Security Awareness Training and Education (SATE) programs in DoD, focusing on the military services. Overall, the security representatives who ...
展开
This report presents the results of a survey designed to describe the shape of current Security Awareness Training and Education (SATE) programs in DoD, focusing on the military services. Overall, the security representatives who were interviewed rated their SATE programs as moderately successful. However, five areas are identified where modest changes could improve the effectiveness of such programs. They are: instructional media enhancements, security manager training, SATE policy and requirements, security manager support, and security inspections. Recommendations in each of the five areas are presented.
收起
摘要 :
Computer security assurance provides a basis for one to have confidence thatsecurity measures, both technical and operational, work as intended. Use of products with an appropriate degree of assurance contributes to security and a...
展开
Computer security assurance provides a basis for one to have confidence thatsecurity measures, both technical and operational, work as intended. Use of products with an appropriate degree of assurance contributes to security and assurance of the system as a whole and thus should be an important factor in IT
收起
摘要 :
Since the mid-1980s, limited use has been made of vehicle tracking using satellite communications to mitigate the security and safety risks created by the highway transportation of certain types of hazardous materials. However, ve...
展开
Since the mid-1980s, limited use has been made of vehicle tracking using satellite communications to mitigate the security and safety risks created by the highway transportation of certain types of hazardous materials. However, vehicle-tracking technology applied to safety and security is increasingly being researched and piloted, and it has been the subject of several government reports and legislative mandates. At the same time, the motor carrier industry has been investing in and implementing vehicle tracking, for a number of reasons, particularly the increase in efficiency achieved through better management of both personnel (drivers) and assets (trucks or, as they are known, tractors; cargo loads; and trailers). While vehicle tracking and immobilization technologies can play a significant role in preventing truck-borne hazardous materials from being used as weapons against key targets, they are not a silver bullet. However, the experience of DTTS and the FMCSA and TSA pilot projects indicates that when these technologies are combined with other security measures, and when the information they provide is used in conjunction with information supplied outside of the tracking system, they can provide defensive value to any effort to protect assets from attacks using hazmat as a weapon. This report is a sister publication to MTI Report 09-03, Potential Terrorist Uses of Highway-Borne Hazardous Materials. That publication was created in response to the Department of Homeland Securitys request that the Mineta Transportation Institutes National Transportation Security Center of Excellence provide research and insights regarding the security risks created by the highway transportation of hazardous materials.
收起