43rd Annual 2009 International Carnahan Conference on Security Technology最新文献

{"title":"A comparison between two leadership models for security checkpoints","authors":"Wetter Olive Emil, Laube René, Hofer Franziska","doi":"10.1109/CCST.2009.5335563","DOIUrl":"https://doi.org/10.1109/CCST.2009.5335563","url":null,"abstract":"The impact of leadership structure and behavior on team or crew performance is well known and has been demonstrated in various studies (see e.g. Guzzo & Dickson, 1996; Zaccaro, Rittmann, & Marks, 2001). However, as far as we know, there is no empirical study available on leadership structures and crew performance in the applied setting of airport security control. This study compares the structure and impact of two different leadership models for security control. The first (older) model consists of one supervisor per sector. In the supervisor's sector, there are three to eight crews at work, each consisting of five security officers (SOs). Each crew independently manages and operates one line of the checkpoint. One of the five SOs in a crew is the crew leader (CL), who works together with the crew as a normal crew member but has a few additional tasks to fulfill. The second (newer) model, which focuses more on integrated crew resource management (CRM) criteria, consists of one supervisor, assisted by two CLs per sector. Together, they form a cohesive leading team. The CLs do not work in the crews anymore but manage two to three lines from behind. The crews still consist of five SOs. It is the new CLs' task to quickly isolate and manage problematic cases so that those do not block the line anymore. Like this, the workload of each team member is reduced. Another task is to keep an eye on the working quality and to communicate with the crews in such a way that working quality is enhanced. The impact of this reinforced leadership on indicators of working quality such as compliance with rules and regulations, as well as its impact on passenger flow (throughput) are analyzed using different statistical procedures such as T-tests, U-tests and Chi-square tests. Moreover, the job models of the new leadership structure are presented in detail and SOs' ratings of their acceptance and liking of both systems are presented. In sum, this study offers another, different approach to the human factors perspective in airport security focusing on leadership structures, crew resource management, and their effects.","PeriodicalId":117285,"journal":{"name":"43rd Annual 2009 International Carnahan Conference on Security Technology","volume":"34 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-11-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128739287","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"What is security culture? Does it differ in content from general organisational culture?","authors":"J. Malcolmson","doi":"10.1109/CCST.2009.5335511","DOIUrl":"https://doi.org/10.1109/CCST.2009.5335511","url":null,"abstract":"There is increasing interest from regulators and government departments concerned with enhancing security in organisational culture, more specifically the notion of security culture.","PeriodicalId":117285,"journal":{"name":"43rd Annual 2009 International Carnahan Conference on Security Technology","volume":"40 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-11-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126336458","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Body scanning technology: An Early Human Factors Analysis","authors":"Celine Lilliane, Aurore Jacques","doi":"10.1109/CCST.2009.5335557","DOIUrl":"https://doi.org/10.1109/CCST.2009.5335557","url":null,"abstract":"In March 2009, QinetiQ conducted an Early Human Factors Analysis (EHFA) on behalf of the UK Department for Transport (DfT) for the implementation of body scanning technology in the airport security screening context. EHFA is a well-established technique, used extensively as part of UK Ministry of Defence (MoD) acquisition [10]. This was the first time EHFA was used in the security domain. The aim of EHFA is to provide an early indication of where key Human Factors (HF) issues and risks associated with body scanners lie so that mitigation strategies can be developed. EHFA is structured around seven Human Factors Domains ranging from Manpower and Training to System Safety and Human Factors Engineering.","PeriodicalId":117285,"journal":{"name":"43rd Annual 2009 International Carnahan Conference on Security Technology","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-11-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130916206","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Evaluation methodology for analyzing usability factors in biometrics","authors":"B. Fernandez-Saavedra, R. Alonso-Moreno, Jaime Uriarte-Antonio, R. Sánchez-Reillo","doi":"10.1109/CCST.2009.5335513","DOIUrl":"https://doi.org/10.1109/CCST.2009.5335513","url":null,"abstract":"In recent years, biometrics is more and more used in many security applications. This fact has led suppliers and researches to analyze biometric algorithms power and vulnerabilities, as to improve the feasibility of this technology. Nevertheless, as many authors claim, biometric performance does also depend on other factors such as usability and/or user acceptance, which can influence significantly their performance. Only a few of these factors have already been studied, using specific approaches and only for certain biometric modalities, such us fingerprint and face. However, there is not a general and independent methodology implemented to assess how these factors affect biometric system performance and to produce intercomparable results. Based on previous works and following procedures and requirements addressed in the International Standard ISO/IEC 19795–2 for scenario evaluations [1], authors have developed a general methodology to analyze end-to-end system performance when some usability factors are modified. Such factors cover different ways of presenting biometric characteristics to the sensor and also the biometric characteristic variability caused by illness or climatic changes. A generic and controlled scenario has been modelled to carry on all sets of trials. Then, the methodology has been particularized defining specific protocols, methods and considerations for each parameter to assess. Furthermore, details for analysing these parameters through different modalities have been defined. In addition, this methodology has been checked for one modality considering different usability aspects in order to obtain the feedback that is necessary to test its validity and viability and to detect points of interest for improvement. Results, main conclusions and suggestions for test operators will be presented.","PeriodicalId":117285,"journal":{"name":"43rd Annual 2009 International Carnahan Conference on Security Technology","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-11-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115033949","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Using speed measures to predict performance in x-ray luggage screening tasks","authors":"A. Wales, Tobias Halbherr, A. Schwaninger","doi":"10.1109/CCST.2009.5335536","DOIUrl":"https://doi.org/10.1109/CCST.2009.5335536","url":null,"abstract":"The visual inspection of x-ray images of luggage items at airports is a challenging task, where detection rates suffer when threat item complexity increases [1].The relationship between threat-item types, aspects of image difficulty, and decision time are explored using a combination of Drury's Two-Component Model [2] and Signal Detection Theory [3]. 67 professional screeners completed a 2048-image battery that manipulated various image-based difficulty factors. A strong linear relationship between hit rate and decision time was found (r2 = 0.64), with the hardest images showing a marked increase in decision time and decrease in hit-rate. The search time was found to be relatively stable across the threat categories, but decision time increased in proportion to detection rate decreases. Decision time is shown to closely reflect changes in detection sensitivity caused by different threat and image difficulties.","PeriodicalId":117285,"journal":{"name":"43rd Annual 2009 International Carnahan Conference on Security Technology","volume":"14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-11-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122102827","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Secure key management scheme for hierarchical access control based on ECC","authors":"Yu-Li Lina, Chien-Lung Hsu, Tzong-Chen Wu, So-Lin Yen, C. Tseng","doi":"10.1109/CCST.2009.5335515","DOIUrl":"https://doi.org/10.1109/CCST.2009.5335515","url":null,"abstract":"In a key management scheme for hierarchical access control, each higher security class can derive the cryptographic keys of his lower security classes. In 2006, Jang and Wang proposed an efficient key management scheme based on elliptic curve cryptosystems. This paper, however, will demonstrate a compromising attack on Jang-Wang scheme to show that the secret keys of some security classes will be compromised. This paper further proposed an improvement to eliminate the pointed out security leak.","PeriodicalId":117285,"journal":{"name":"43rd Annual 2009 International Carnahan Conference on Security Technology","volume":"77 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-11-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129774496","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A signature exchange model for heterogeneous intrusion detection systems","authors":"Dwen-Ren Tsai, Chien-Ning Huang","doi":"10.1109/CCST.2009.5335528","DOIUrl":"https://doi.org/10.1109/CCST.2009.5335528","url":null,"abstract":"In this paper, we propose an UML-based generic format set of intrusion signatures for heterogeneous intrusion detecting systems (IDSs) via analyzing signature formats of three popular IDS products. We also propose an attack signature exchange model of heterogeneous IDSs. With this model, an attack signature generated by one IDS could be adopted by different IDSs easily. The proposed XML-based generic signature format set is designed to be extensible, and therefore it should be easy to incorporate new features in the future. When a software vendor releases its software patch packages together with the signatures addressing the potential attacks, the signatures detected can be easily and promptly included into IDSs reported from different vendors using this model.","PeriodicalId":117285,"journal":{"name":"43rd Annual 2009 International Carnahan Conference on Security Technology","volume":"11 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-11-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133866308","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Assessment of X-ray image interpretation competency of aviation security screeners","authors":"Saskia M. Steiner-Koller, A. Bolfing, A. Schwaninger","doi":"10.1109/CCST.2009.5335569","DOIUrl":"https://doi.org/10.1109/CCST.2009.5335569","url":null,"abstract":"The competency of an aviation security screener to detect prohibited items in X-ray images quickly and reliably is important for any airport security system. This paper details the requirements and principles for reliable, valid, and standardized competency assessment as well as different methods that can be applied for this purpose. First, the concepts of reliability, validity and standardization are explained. Then, threat image projection (TIP) as a means to assess X-ray image interpretation competency is discussed. This is followed by a discussion of computer-based tests, which provide another often more reliable and standardized option for measuring x-ray image interpretation competency. Finally, the application of computerbased tests in an EU funded project (VIA Project, www.viaproject.eu) are presented.","PeriodicalId":117285,"journal":{"name":"43rd Annual 2009 International Carnahan Conference on Security Technology","volume":"31 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-11-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134309536","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Why do airport security screeners sometimes fail in covert tests?","authors":"A. Schwaninger","doi":"10.1109/CCST.2009.5335568","DOIUrl":"https://doi.org/10.1109/CCST.2009.5335568","url":null,"abstract":"This paper discusses covert testing data and key human factors. First, different reasons why airport security screeners sometimes fail to detect threats when covert tests are conducted at airports are discussed. Key human factors are identified and analyzed with regard to covert test results. It is explained that pre-employment selection and training are indispensable prerequisites for good operational performance of airport security screeners. However, they alone cannot guarantee that screeners react appropriately when tested with real threat items at a security checkpoint. Humans often fail if something happens that they do not expect. Therefore, it is recommended to conduct covert tests on a regular basis so that screeners become prepared and get trained to react appropriately. A recently conducted study on covert tests provides empirical evidence in favor of this view.","PeriodicalId":117285,"journal":{"name":"43rd Annual 2009 International Carnahan Conference on Security Technology","volume":"59 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-11-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129728273","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Architectural design for large-scale campus-wide captive portal","authors":"K. Koht-Arsa, A. Phonphoem, S. Sanguanpong","doi":"10.1109/CCST.2009.5335561","DOIUrl":"https://doi.org/10.1109/CCST.2009.5335561","url":null,"abstract":"Managing high workload and concurrent accesses are challenging tasks for captive portal. The large number of clients generally creates high workload to the system. Furthermore, some worm or Trojan infected clients create a lot more traffic by spreading themselves through the network via HTTP protocol. Such stateful traffic typically leads to network attack, especially a SYN-Flooding. Additionally, some misbehaved software installed in client machines may periodically and/or automatically download, send updates information through the Internet, or repeatedly reconnect to certain designated servers without the high workload awareness. In this paper, the stateless mini HTTP redirector has been proposed. All traffic will be redirected to stateless robust URL target redirector which will eventually send traffic through raw socket, hence bypassing the operating system's TCP/IP stack. With stateless characteristics, the system can absolutely protect the SYN-flooding attack. Moreover, the system includes the user-gent detection module for minimizing the high workload effects from misbehaved software on client machines.","PeriodicalId":117285,"journal":{"name":"43rd Annual 2009 International Carnahan Conference on Security Technology","volume":"71 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-11-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130941023","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}