43rd Annual 2009 International Carnahan Conference on Security Technology最新文献_第3页

Integrated installing ISO 9000 and ISO 27000 management systems on an organization 在组织中集成安装ISO 9000和ISO 27000管理体系

43rd Annual 2009 International Carnahan Conference on Security Technology Pub Date : 2009-11-13 DOI: 10.1109/CCST.2009.5335527

Chiang Wang, Dwen-Ren Tsai

{"title":"Integrated installing ISO 9000 and ISO 27000 management systems on an organization","authors":"Chiang Wang, Dwen-Ren Tsai","doi":"10.1109/CCST.2009.5335527","DOIUrl":"https://doi.org/10.1109/CCST.2009.5335527","url":null,"abstract":"In response to the diversification and the rapid evolution of business environment, it is a rising tendency that organization needs to adopt some relevant management systems in order to continuously reinforce its information management mechanisms. Meanwhile, the arrangement for introducing any new management system needs to comply with a series of regulatory procedures and standards. In order to exert and maintain multiple management systems in an efficient as well as better quality way, their common/similar management functionalities should be integrated and modularized. For instance, consider the internal control systems of both ISO 9001 Quality Management and ISO 27001 Information Security Management in terms of their documents and records control, correction and prevention, internal audit, management review, and the cyclic management of Plan-Do-Check-Act (PDCA). How to achieve an effective integration and modularization, with an organization's current resources is an important task for the organization in order to carry out its management improvement This research centers on comparison as well as integration of the internal control systems of both ISO 9001 Quality Management and ISO 27001 Information Security Management. We explore the commonality of these two management systems and then proceed to integrate them into an effective management model. We anticipate that such management integration model will benefit the intended management of an organization very efficiently. We adopt an exploratory hypothesis research method to proceed toward our research goal. Then we present our research result with a case study on a private enterprise whose information process center is located across the country. This integration work is still in progress and intends to implement the PDCA cyclic management mechanism for integrated ISO management systems.","PeriodicalId":117285,"journal":{"name":"43rd Annual 2009 International Carnahan Conference on Security Technology","volume":"21 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-11-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127458929","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 30

Delay sensitive low-cost security mechanism for mobile IP 延迟敏感的低成本移动IP安全机制

43rd Annual 2009 International Carnahan Conference on Security Technology Pub Date : 2009-11-13 DOI: 10.1109/CCST.2009.5335570

A. Shah, N. Thanthry, R. Pendse

{"title":"Delay sensitive low-cost security mechanism for mobile IP","authors":"A. Shah, N. Thanthry, R. Pendse","doi":"10.1109/CCST.2009.5335570","DOIUrl":"https://doi.org/10.1109/CCST.2009.5335570","url":null,"abstract":"With the advances in the processing capabilities of wireless devices such as Smart Phones and laptops, the demand for staying connected to the internet has steadily increased. This demand is strengthened further by the introduction of internet connectivity within the airplanes. Mobile IP is one of the protocols that have been proposed to support user/network mobility. Mobile IP introduces new entities such as Home Agent and Foreign Agent to facilitate user/network mobility. As the user/network (mobile client) move from one network to another all their connections need to be handed off from one mobile agent to another to maintain seamless connectivity. While effective handoff mechanism by itself is an active research field, security combined with effective handoff introduces new challenges. While these security mechanisms help in maintaining security and privacy of the user, they introduce additional processing delay thereby affecting the performance. In this paper, the authors propose a novel low cost security mechanism that ensures the security of the communication. It will be shown that the proposed mechanism will secure mobile node communication without affecting the performance. While the proposed architecture requires the mobility agents to cache additional information, the analysis carried out by the authors indicates that the additional cost is compensated by the added security for the communication between the mobile client and the mobility agents.","PeriodicalId":117285,"journal":{"name":"43rd Annual 2009 International Carnahan Conference on Security Technology","volume":"91 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-11-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126718397","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 1

Simulating search comb performance 模拟搜索梳性能

43rd Annual 2009 International Carnahan Conference on Security Technology Pub Date : 2009-11-13 DOI: 10.1109/CCST.2009.5335540

A. Belyavin

引用次数: 1

The impact of color composition on X-ray image interpretation in aviation security screening 航空安检中彩色成分对x射线图像判读的影响

43rd Annual 2009 International Carnahan Conference on Security Technology Pub Date : 2009-11-13 DOI: 10.1109/CCST.2009.5335539

C. C. von Bastian, A. Schwaninger, S. Michel

引用次数: 5

Competency requirements for aviation security 航空保安能力要求

43rd Annual 2009 International Carnahan Conference on Security Technology Pub Date : 2009-11-13 DOI: 10.1109/CCST.2009.5335574

Mohammad Karimbocus

引用次数: 5

The use of secure RFID to support the resolution of emergency crises 使用安全的RFID来支持解决紧急危机

43rd Annual 2009 International Carnahan Conference on Security Technology Pub Date : 2009-11-13 DOI: 10.1109/CCST.2009.5335517

G. Baldini, Michael Braun, Erwin Hess, Franco Oliveri, Hermann Seuschek

{"title":"The use of secure RFID to support the resolution of emergency crises","authors":"G. Baldini, Michael Braun, Erwin Hess, Franco Oliveri, Hermann Seuschek","doi":"10.1109/CCST.2009.5335517","DOIUrl":"https://doi.org/10.1109/CCST.2009.5335517","url":null,"abstract":"The resolution of emergency crises and natural disasters is heavily dependent, among other things, on efficient supply chain management to bring the necessary material to the first time responders. The supply chain used in the resolution of emergency crises must have capabilities of agility and flexibility to respond to the challenges, which are typical of these scenarios. Emergency crises are often characterized by a chaotic environment and by a general lack of infrastructures, which are usually degraded or destroyed as a consequence of the source of crisis. Such conditions make the task to maintain the supply chain and provide the delivery of correct equipment and goods to the right places and at the right time more difficult. RFID has been increasingly considered, in the context of emergency crisis scenarios, to address the described challenges and to improve the supply chain. An important requirement is security. RFID devices must not be tampered with and they should be resistant to security attacks (e.g. spoofing, eavesdropping, cloning) to ensure that the supply chain is not disrupted by criminals and that cargo and goods are not stolen. In this context, this paper will present the application and benefits of the recent technological breakthroughs developed by Siemens and Infineon Technologies in the field of secure RFID. This paper will analyze practical utilization of this type of device in the resolution of emergency crises to guarantee the reliability of sealing of the goods and their identification. The establishment of a logistics tracking framework based on secure RFID has the potential to greatly increase the effectiveness of future emergency crises response operations.","PeriodicalId":117285,"journal":{"name":"43rd Annual 2009 International Carnahan Conference on Security Technology","volume":"19 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-11-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128833389","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 7

Information security metric integrating enterprise objectives 集成企业目标的信息安全度量

43rd Annual 2009 International Carnahan Conference on Security Technology Pub Date : 2009-11-13 DOI: 10.1109/CCST.2009.5335549

B. Karabey, N. Baykal

{"title":"Information security metric integrating enterprise objectives","authors":"B. Karabey, N. Baykal","doi":"10.1109/CCST.2009.5335549","DOIUrl":"https://doi.org/10.1109/CCST.2009.5335549","url":null,"abstract":"Security is one of the key concerns in the domain of information technology systems. Maintaining the confidentiality, integrity and availability of such systems, mandates a rigorous prior analysis of the security risks that confront these systems. In order to analyze, mitigate and recover from these risks a metrics based approach is essential in prioritizing the response strategies against these risks. In addition to that the enterprise objectives must be focally integrated in the definition, impact calculation and prioritization phases of this analysis to come up with metrics that are useful both for the technical and managerial communities within an organization. Also the inclusion of enterprise objectives in the identification of information assets will act as a preliminary filter to overcome the real life scalability issues inherent with such threat modeling efforts. Within this study an attack tree based approach will be utilized to offer an information security risk metric that integrates the enterprise objectives with the information asset vulnerabilities within an organization. In the essential step of enterprise resource identification, the resource-based view of a company will be utilized.","PeriodicalId":117285,"journal":{"name":"43rd Annual 2009 International Carnahan Conference on Security Technology","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-11-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128036454","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 3

Discriminative common vector for face identification 人脸识别的判别公共向量

43rd Annual 2009 International Carnahan Conference on Security Technology Pub Date : 2009-11-13 DOI: 10.1109/CCST.2009.5335551

C. Travieso, Patricia Botella, J. B. Alonso, Miguel A. Ferrer

引用次数: 6

Writer recognition by characters, words and sentences 作者通过字符、单词和句子识别

43rd Annual 2009 International Carnahan Conference on Security Technology Pub Date : 2009-11-13 DOI: 10.1109/CCST.2009.5335523

Martin Gehrke, K. Steinke, Robert Dzido

{"title":"Writer recognition by characters, words and sentences","authors":"Martin Gehrke, K. Steinke, Robert Dzido","doi":"10.1109/CCST.2009.5335523","DOIUrl":"https://doi.org/10.1109/CCST.2009.5335523","url":null,"abstract":"The methods developed in the research project “Herbar Digital” are to help plant taxonomists to master the great amount of material of about 3.5 million dried plants on paper sheets belonging to the Botanic Museum Berlin in Germany. Frequently the collector of the plant is unknown. So a procedure had to be developed in order to determine the writer of the handwriting on the sheet. In the present work the static character is transformed into a dynamic form. This is done with the model of an inert ball which is rolled through the written character. During this off-line writer recognition, different mathematical procedures are used such as the reproduction of the write line of individual characters by Legendre polynomials. When only one character is used, a recognition rate of about 40% is obtained. By combining multiple characters, the recognition rate rises considerably and reaches 98.7% with 13 characters and 93 writers (chosen randomly from the international IAMdatabase [3]). Another approach tries to identify the writer by handwritten words. The word is cut out and transformed into a 6-dimensional time series and compared e.g. by means of DTW-methods. A global statistical approach using the whole handwritten sentences results in a similar recognition rate of more than 98%. By combining the methods, a recognition rate of 99.5% is achieved.","PeriodicalId":117285,"journal":{"name":"43rd Annual 2009 International Carnahan Conference on Security Technology","volume":"22 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-11-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130745272","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 8

A rapid deployment guided radar sensor 一种快速部署制导雷达传感器

43rd Annual 2009 International Carnahan Conference on Security Technology Pub Date : 2009-11-13 DOI: 10.1109/CCST.2009.5335532

K. Harman, B. Hodgins, J. Patchell, M. Maki

{"title":"A rapid deployment guided radar sensor","authors":"K. Harman, B. Hodgins, J. Patchell, M. Maki","doi":"10.1109/CCST.2009.5335532","DOIUrl":"https://doi.org/10.1109/CCST.2009.5335532","url":null,"abstract":"A need has long existed for a rapid deployment, terrain following security sensor for use around portable resources, along an avenue of approach, or for the temporary replacement of a failed sensor. Existing solutions such as portable microwave or passive infra-red (PIR) sensors are relatively inexpensive, but cannot work over uneven terrain, around corners, or in foliage. The cost and installation complexity of these sensors increases rapidly as more units are required. The Repels® RF sensor provides many of the required features, but uses sensor cables that are overtly mounted above ground. The OmniTrax® technology was first introduced at the 2004 Carnahan Conference, applying Ultra Wide Band radar principles to a ranging leaky cable guided radar sensor. In 2007, a program called TFDIDS (Terrain Following Deployable Intrusion Detection Sensor) was initiated in conjunction with the US Air Force, to apply the advancements in this ranging technology to the rapid deployment sensor needs defined by the USAF Tactical Automated Sensor System (TASS). This advancement includes a novel invention employing the processing of dual parallel leaky sensor cables, termed Stereo OmniTrax. This processing dramatically improves the discrimination between human intrusion threats and small nuisance targets or environmental effects. The TFDIDS system provides a complete lightweight sensor kit for the rapid deployment (less than 30 minutes) of a 100 m detection zone, and later, for the sensor's retrieval and reuse. TFDIDS interfaces to standard Government Furnished Equipment (GFE) including USAF powering and communications devices. This paper outlines the key elements of the TFDIDS design, describes its components, and explains how TFDIDS provides reliable detection using a surface sensor cable deployment. Initial performance results are presented, from tests conducted at the Senstar SITE in 2008. The test applications include through-the-woods, on tarmac and on typical open field surfaces.","PeriodicalId":117285,"journal":{"name":"43rd Annual 2009 International Carnahan Conference on Security Technology","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-11-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115421400","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 2