Proceedings 39th Annual 2005 International Carnahan Conference on Security Technology最新文献

{"title":"Secure sensor platform (SSP) for materials' sealing and monitoring applications","authors":"B. Schoeneman, S. Blankenau","doi":"10.1109/CCST.2005.1594832","DOIUrl":"https://doi.org/10.1109/CCST.2005.1594832","url":null,"abstract":"For over a decade, Sandia National Laboratories has collaborated with domestic and international partners in the development of intelligent radio frequency (RF) loop seals and sensor technologies for multiple applications. Working with US industry, the International Atomic Energy Agency and Russian institutes; the Sandia team continues to utilize gains in technology performance to develop and deploy increasingly sophisticated platforms. Seals of this type are typically used as item monitors to detect unauthorized actions and malicious attacks in storage and transportation applications. The spectrum of current seal technologies at Sandia National Laboratories ranges from Sandia's initial T-1 design incorporating bi-directional RF communication with a loop seal and tamper indicating components to the highly flexible secure sensor platform (SSP). Sandia National Laboratories is currently pursuing the development of the next generation fiber optic loop seal. This new device is based upon the previously designed multi-mission electronic sensor and communication platform that launched the development of the T-1A which is currently in production at Honeywell FM&T for the Savannah River Site. The T-1A is configured as an active fiber optic seal with authenticated, bi-directional RF communications capable of supporting a number of sensors. The next generation fiber optic loop seal, the secure sensor platform (SSP), is enhancing virtually all of the existing capabilities of the T-1A and is adding many new features and capabilities. The versatility of this new device allows the capabilities to be selected and tailored to best fit the specific application. This paper discusses the capabilities of this new generation fiber optic loop seal as well as the potential application theater which can range from rapid, remotely-monitored, temporary deployments to long-term item storage monitoring supporting International nuclear non-proliferation. This next generation technology suite addresses the combination of sealing requirements with requirements in unique materials' identification, environmental monitoring, and remote long-term secure communications.","PeriodicalId":411051,"journal":{"name":"Proceedings 39th Annual 2005 International Carnahan Conference on Security Technology","volume":"229 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116236898","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"From a wired to a wireless secure EPR: can we re-use existing security solutions?","authors":"A. Ferreira, E. Oliveira-Palhares, R. Correia, A. Costa-Pereira","doi":"10.1109/CCST.2005.1594852","DOIUrl":"https://doi.org/10.1109/CCST.2005.1594852","url":null,"abstract":"The use of electronic information systems within the healthcare environment has become essential in order to enable the sharing of patient data. Several constraints during the development of IT solutions often imply that security is an afterthought. The use of wireless technology has been adopted in some healthcare organizations where, the access to patient's information and clinical activities becomes ubiquitous and closer to the point of decision. There are, however, specific security problems inherent to wireless technology. The main objective of this study is to design a secure wireless solution from a wired system already in use. This paper shows that it is possible to use the security solutions developed for a wired system as a platform to implement a secure wireless version. This can save time and resources whilst minimizing most security risks inherent to wireless technologies.","PeriodicalId":411051,"journal":{"name":"Proceedings 39th Annual 2005 International Carnahan Conference on Security Technology","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126731658","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Mechanisms for attack protection on a prevention framework","authors":"J. Garcia, S. Castillo, G. Navarro, J. Borrell","doi":"10.1109/CCST.2005.1594872","DOIUrl":"https://doi.org/10.1109/CCST.2005.1594872","url":null,"abstract":"Current research in intrusion detection systems (IDSs), targeted towards preventing computer attacks, is mainly focused on improving detection and reaction mechanisms, without presetting the protection of the system itself. This way, if an attacker compromises the security of the detection system, she may be able to disarm the detection or reaction mechanisms, as well as delete log entries that may reveal her actions. Given this scenario, we introduce in this paper the use of an access control mechanism, embedded into the operating system's kernel, to handle the protection of the system itself once it has been compromised by an attacker","PeriodicalId":411051,"journal":{"name":"Proceedings 39th Annual 2005 International Carnahan Conference on Security Technology","volume":"12 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116017338","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Test and evaluation report for X-ray detection of threats using different X-ray functions","authors":"B. Klock","doi":"10.1109/CCST.2005.1594826","DOIUrl":"https://doi.org/10.1109/CCST.2005.1594826","url":null,"abstract":"Improvements in the technologies available to aviation security at the checkpoint are essential for efficient and effective operations. X-ray systems in airports are designed to display images of baggage and contents, including guns, knives, other weapons, and explosives. X-ray systems have various functions to enhance the image displayed to maximize the screeners' ability to determine if carry-on bags contain potential threats. The growing sophistication of terrorists has led to the ability to conceal improvised explosive devices (IEDs) in everyday objects. The use of X-ray image enhancement aids may help screeners detect small and artfully concealed threats giving them the best image first. The purpose of this project was to determine if any of the X-ray functions (i.e., color, crystal clear, inverse, organic stripping, inorganic stripping, high density, low density, black and white) increase X-ray screeners' threat (i.e., IEDs, guns, knives, and other prohibited items) detection performance. An investigation to determine screener maximum performance when detecting artfully concealed IEDs was also of interest. A special set of threat bag images contained artfully concealed IEDs at full and sub-certification weights. This test evaluated experienced X-ray screeners' threat detection of threats in X-ray images. Eighty-four screeners were tested on Rapiscan Security Products X-ray emulators at three airport sites (28 screeners per site). All screeners were required to participate in the assessment of two sets of X-ray images (400 images with color only and 400 images with other X-ray functions). Each set of bag images contained 72 threat bags and 328 innocent bags. The threat images contained: guns, knives, or prohibited items, or IEDs at full and sub-certification weights (i.e., 1/4 , 1/2 and 3/4 ). The screeners were required to decide if an X-ray image was innocent or if the image contained a threat.","PeriodicalId":411051,"journal":{"name":"Proceedings 39th Annual 2005 International Carnahan Conference on Security Technology","volume":"102 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116559511","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A model for the evaluation of barriers and containers and their resistance to physical attack","authors":"D. Armstrong","doi":"10.1109/CCST.2005.1594844","DOIUrl":"https://doi.org/10.1109/CCST.2005.1594844","url":null,"abstract":"One role of The Home Office Scientific Development Branch (HOSDB) is to evaluate the performance of security barriers and containers to assess whether they are suitable for use by the wider government and industry. The information and knowledge gained from these evaluations allows HOSDB to provide accurate advice to its wide customer base. Evaluations of this type have been undertaken for more than twenty years against national standards. However, standards and test specifications of this kind, designed to test products against the typical threat to domestic or commercial premises, have never provided an exact fit to HOSDB requirements. HOSDB needed an evaluation standard which dealt with a higher level of threat and had greater flexibility in the choice of attack tools available to the evaluation team. The physical barriers attack standard (PBAS) has been developed to provide a tailor made evaluation methodology for HOSDB and its key sponsors. As an alternative to toolkit based performance standards, PBAS introduces a tool scoring system, which uses a blend of different risk and performance metrics to score each tool. This paper describes the PBAS methodology and discusses its main principles of operation. The requirement is discussed with reference made to the existing national standards and those historically used by HOSDB. The paper discusses the key tool metrics used by PBAS: noise; weight; portability; availability; and effectiveness. The tool selection and scoring process is described in detail. The advantages of PBAS are also highlighted in comparison to the previous evaluation methodology. The paper then describes the problems and issues associated with the new model and what needs to be done in order to address these. The points made throughout the paper are supported with evidence collected from a feasibility study carried out in 2004 through a series of live evaluations","PeriodicalId":411051,"journal":{"name":"Proceedings 39th Annual 2005 International Carnahan Conference on Security Technology","volume":"12 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122751673","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"The application of information technologies to electronic security installations. Actual situation and future vision","authors":"F. G. Gómez, C. M. Hernández","doi":"10.1109/CCST.2005.1594886","DOIUrl":"https://doi.org/10.1109/CCST.2005.1594886","url":null,"abstract":"The presentation reviews the state-of-the-art of those information technology solutions that are susceptible of being used at the security facilities. From communications between security equipment to the latest developments regarding digital video processing, passing through alarm monitoring and management, nowadays there are tools that make easier the development of information technologies. It describes real applications and security services, implemented at the facilities in which the mentioned technologies contribute with innovating solutions of high added value as a result of their versatility, cost/performance ratio, reliability and intrinsic security. The presentation ends with a view about the future of the electronic security facilities that will use the latest technological IT advances as the starting points for their development.","PeriodicalId":411051,"journal":{"name":"Proceedings 39th Annual 2005 International Carnahan Conference on Security Technology","volume":"64 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114590302","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Protocol and applications for sharing quantum private keys","authors":"Han-Wei Wang, Tien-Sheng Lin, I. Tsai, S. Kuo","doi":"10.1109/CCST.2005.1594855","DOIUrl":"https://doi.org/10.1109/CCST.2005.1594855","url":null,"abstract":"Transmitting message in secret is getting more and more important nowadays. In the classical world, the message we sent run the risk of being intercepted by an attacker. As a result, we have to encrypt the message, or send it using a private channel. However, if we transmit messages via such methods, there are still some ways to decipher the information. For example, a powerful computer can be used to decrypt the message or try to steal the message from the private channel. In quantum cryptography, entanglement can be used as a secure channel to transmit information with absolute secrecy. From this perspective, quantum entanglement pairs are equivalent to a quantum private key. However, like the classical key distribution problem, the entanglement has to be shared before it can be used. In this paper, we propose a protocol that can be used to distribute such entanglement pairs securely, so they can be subsequently used to transmit messages with perfect security. The security of this protocol is based on the laws of nature, instead of unproven mathematical hard problems","PeriodicalId":411051,"journal":{"name":"Proceedings 39th Annual 2005 International Carnahan Conference on Security Technology","volume":"37 5","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114096925","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Experimental network of marine environmental observation, surveillance and control in the Canary Islands waters (RED ACOMAR)","authors":"V. Arana, F. Cabrera, P. Dorta, E. Jimenez, I. Villar, A. Deniz, A. Miranda, J. Bergès, E. Holgado, R. Rodriguez, C. Barrera, O. Llinâs, M. Villagarcía","doi":"10.1109/CCST.2005.1594869","DOIUrl":"https://doi.org/10.1109/CCST.2005.1594869","url":null,"abstract":"In this paper, the ACOMAR RED network is introduced. This network is an experimental complex oceanographic data acquisition system according to GOOS program targets (EuroGOOS in Europe). We can outline features such as authorized users running external queries or the system sending messages via email or SMS when measurements are outside a certain range. We shall describe the different parts of the network that have been developed: sensors, buoys, transport network, control unit and database","PeriodicalId":411051,"journal":{"name":"Proceedings 39th Annual 2005 International Carnahan Conference on Security Technology","volume":"5 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134060604","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Full hardware solution for processing iris biometrics","authors":"J. Liu-Jimenez, R. Sánchez-Reillo, C. Sánchez-Ávila","doi":"10.1109/CCST.2005.1594849","DOIUrl":"https://doi.org/10.1109/CCST.2005.1594849","url":null,"abstract":"As security is becoming one of the most important concerns in information society, the use of biometrics is increasing everyday. Iris recognition is a biometric technique that presents low error rates with simpler matching algorithms than other biometrics techniques. Unfortunately feature extraction methods with iris biometrics are computational cost consuming. When developing new identification tokens, computational cost and processing time should be reduced, to provide cheaper devices, which could allow a viable solution in a commercial system. The authors, in this paper develop a different hardware solution to be applied to a biometric token, which provides lower processing time and higher security than commercial systems","PeriodicalId":411051,"journal":{"name":"Proceedings 39th Annual 2005 International Carnahan Conference on Security Technology","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130850889","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A distributed vulnerability detection system for an intranet","authors":"G. Corral, A. Zaballos, X. Cadenas, A. Grané","doi":"10.1109/CCST.2005.1594863","DOIUrl":"https://doi.org/10.1109/CCST.2005.1594863","url":null,"abstract":"Security must be an integral element of any network. An organization's network is the basic environment connecting all users, servers and applications. Internal network security has to ensure that the corporate network is secure; therefore it includes tracking physical, endpoint and application security issues. Security testing is a crucial instrument to control network security, but there exists a need for an automated security system which helps security analysts and testers. This paper reviews the main topics related to vulnerability assessment in intranets and proposes a new distributed system to analyze security capability and vulnerability detection in intranets. The system design and implementation is also presented. This proposal is based on the open source security testing methodology manual and it is part of a wider system for automating vulnerability detection called Consensus.","PeriodicalId":411051,"journal":{"name":"Proceedings 39th Annual 2005 International Carnahan Conference on Security Technology","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128821680","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}