Downloads & Free Reading Options - Results

Thesis advisor, R. Mitchell Brown

Cryptographic protocols rely on message-passing to coordinate activity among principals. Each principal maintains local state in individual local sessions only as needed to complete that session. However, in some protocols a principal also uses state to coordinate its different local sessions. Sometimes the non-local, mutable state is used as a means, for example with smart cards or Trusted Platform Modules. Sometimes it is the purpose of running the protocol, for example in commercial transactions. Many richly developed tools and techniques, based on well-understood foundations, are available for design and analysis of pure message-passing protocols. But the presence of cross-session state poses difficulties for these techniques. In this paper we provide a framework for modeling stateful protocols. We define a hybrid analysis method. It leverages theorem-proving---in this instance, the PVS prover---for reasoning about computations over state. It combines that with an "enrich-by-need" approach---embodied by CPSA---that focuses on the message-passing part. As a case study we give a full analysis of the Envelope Protocol, due to Mark Ryan.

In response to the escalating cybersecurity threats, this research focuses on leveraging text mining techniques to analyze network security data effectively. The study utilizes user-generated reports detailing attacks on server networks. Employing clustering algorithms, these reports are grouped based on threat levels. Additionally, a classification algorithm discerns whether network activities pose security risks. The research achieves a noteworthy 93% accuracy in text classification, showcasing the efficacy of these techniques. The novelty lies in classifying security threat report logs according to their threat levels. Prioritizing high-risk threats, this approach aids network management in strategic focus. By enabling swift identification and categorization of network security threats, this research equips organizations to take prompt, targeted actions, enhancing overall network security.

In our paper at PROOFS 2013, we formally studied a few known countermeasures to protect CRT-RSA against the BellCoRe fault injection attack. However, we left Vigilant's countermeasure and its alleged repaired version by Coron et al. as future work, because the arithmetical framework of our tool was not sufficiently powerful. In this paper we bridge this gap and then use the same methodology to formally study both versions of the countermeasure. We obtain surprising results, which we believe demonstrate the importance of formal analysis in the field of implementation security. Indeed, the original version of Vigilant's countermeasure is actually broken, but not as much as Coron et al. thought it was. As a consequence, the repaired version they proposed can be simplified. It can actually be simplified even further as two of the nine modular verifications happen to be unnecessary. Fortunately, we could formally prove the simplified repaired version to be resistant to the BellCoRe attack, which was considered a "challenging issue" by the authors of the countermeasure themselves.

The Attacks done by Viruses, Worms, Hackers, etc. are a Network Security-Problem in many Organisations. Current Intrusion Detection Systems have significant Disadvantages, e.g. the need of plenty of Computational Power or the Local Installation. Therefore, we introduce a novel Framework for Network Security which is called SANA. SANA contains an artificial Immune System with artificial Cells which perform certain Tasks in order to to support existing systems to better secure the Network against Intrusions. The Advantages of SANA are that it is efficient, adaptive, autonomous, and massively-distributed. In this Article, we describe the Architecture of the artificial Immune System and the Functionality of the Components. We explain briefly the Implementation and discuss Results.

... p

This paper considers a smart grid cyber-security problem analyzing the vulnerabilities of electric power networks to false data attacks. The analysis problem is related to a constrained cardinality minimization problem. The main result shows that an $l_1$ relaxation technique provides an exact optimal solution to this cardinality minimization problem. The proposed result is based on a polyhedral combinatorics argument. It is different from well-known results based on mutual coherence and restricted isometry property. The results are illustrated on benchmarks including the IEEE 118-bus and 300-bus systems.

Assurance of information-flow security by formal methods is mandated in security certification of separation kernels. As an industrial standard for improving safety, ARINC 653 has been complied with by mainstream separation kernels. Due to the new trend of integrating safe and secure functionalities into one separation kernel, security analysis of ARINC 653 as well as a formal specification with security proofs are thus significant for the development and certification of ARINC 653 compliant Separation Kernels (ARINC SKs). This paper presents a specification development and security analysis method for ARINC SKs based on refinement. We propose a generic security model and a stepwise refinement framework. Two levels of functional specification are developed by the refinement. A major part of separation kernel requirements in ARINC 653 are modeled, such as kernel initialization, two-level scheduling, partition and process management, and inter-partition communication. The formal specification and its security proofs are carried out in the Isabelle/HOL theorem prover. We have reviewed the source code of one industrial and two open-source ARINC SK implementations, i.e. VxWorks 653, XtratuM, and POK, in accordance with the formal specification. During the verification and code review, six security flaws, which can cause information leakage, are found in the ARINC 653 standard and the implementations.

Assurance of information-flow security by formal methods is mandated in security certification of separation kernels. As an industrial standard for improving safety, ARINC 653 has been complied with by mainstream separation kernels. Due to the new trend of integrating safe and secure functionalities into one separation kernel, security analysis of ARINC 653 as well as a formal specification with security proofs are thus significant for the development and certification of ARINC 653 compliant Separation Kernels (ARINC SKs). This paper presents a specification development and security analysis method for ARINC SKs based on refinement. We propose a generic security model and a stepwise refinement framework. Two levels of functional specification are developed by the refinement. A major part of separation kernel requirements in ARINC 653 are modeled, such as kernel initialization, two-level scheduling, partition and process management, and inter-partition communication. The formal specification and its security proofs are carried out in the Isabelle/HOL theorem prover. We have reviewed the source code of one industrial and two open-source ARINC SK implementations, i.e. VxWorks 653, XtratuM, and POK, in accordance with the formal specification. During the verification and code review, six security flaws, which can cause information leakage, are found in the ARINC 653 standard and the implementations.

Assurance of information-flow security by formal methods is mandated in security certification of separation kernels. As an industrial standard for improving safety, ARINC 653 has been complied with by mainstream separation kernels. Due to the new trend of integrating safe and secure functionalities into one separation kernel, security analysis of ARINC 653 as well as a formal specification with security proofs are thus significant for the development and certification of ARINC 653 compliant Separation Kernels (ARINC SKs). This paper presents a specification development and security analysis method for ARINC SKs based on refinement. We propose a generic security model and a stepwise refinement framework. Two levels of functional specification are developed by the refinement. A major part of separation kernel requirements in ARINC 653 are modeled, such as kernel initialization, two-level scheduling, partition and process management, and inter-partition communication. The formal specification and its security proofs are carried out in the Isabelle/HOL theorem prover. We have reviewed the source code of one industrial and two open-source ARINC SK implementations, i.e. VxWorks 653, XtratuM, and POK, in accordance with the formal specification. During the verification and code review, six security flaws, which can cause information leakage, are found in the ARINC 653 standard and the implementations.

The Internet of Things (IoT) provides information and safety governance. The Internet of Things connects people and objects from all over the universe. The Internet of Things can be employed for a broad range of purposes, which include vehicular response, building automation, rapid medical support, as well as intelligent buildings. In an existing IoT network, a large variety of sensors might well be supplemented by a limited array of sensors, but instead, IoT could be positioned on a common network, consuming energy and resources. In this specific situation, sensing technology has been considered with the Internet of Things as an integration objective. The three primary phases of the detection and management architectural style are detecting, data responding, and regulation. Wireless sensed data is usually necessary to operate the detection device in Wireless Sensor networks (WSNs). To accomplish information exchange, the WSN transceiver module employs an ultra-low leverage radio frequency (RF) signal. The integration of wireless sensor systems and the internet of things with appropriate security specifications are elaborated on in this paper.

This report offers an overview of actions taken by Congress and the President to provide FY2022 appropriations for accounts funded by the Departments of Labor, Health and Human Services, and Education, and Related Agencies (LHHS) appropriations bill. This bill includes all accounts funded through the annual appropriations process at the Department of Labor (DOL) and Department of Education (ED). It also provides annual appropriations for most agencies within the Department of Health and Human Services (HHS), with certain exceptions (e.g., the Food and Drug Administration is funded via the Agriculture bill). The LHHS bill also provides funds for more than a dozen related agencies, including the Social Security Administration (SSA). This report primarily focuses on regular FY2022 LHHS discretionary funding enacted during the annual appropriations process. Note that the totals in the report tables do not include emergency-designated appropriations. Those amounts are displayed separately and are in addition to regular appropriations. This report is divided into several sections. The opening section provides an explanation of the scope of the LHHS bill (and hence, the scope of this report) and an introduction to important terminology and concepts that carry throughout the report. Next is a series of sections describing major congressional actions on FY2022 appropriations and (for context) a review of the conclusion of the FY2021 appropriations process. This is followed by a high-level summary and analysis of proposed appropriations for FY2022, compared to FY2021 funding levels. The body of the report concludes with overview sections for each of the major titles of the bill: DOL, HHS, ED, and Related Agencies (RA). These sections provide selected highlights from FY2022 proposed funding levels compared to FY2021. Appendix A provides a summary of budget enforcement activities for FY2022. Appendix B provides an overview of the LHHS floor amendments that were offered in the House during its consideration of H.R. 4502.

2015 paid leave analysis grantee information : New Hampshire Employment Security Document uploaded from the website of the Women's Bureau, United States Department of Labor

Lei Xue, The Hong Kong Polytechnic University; Yajin Zhou, unaffiliated; Ting Chen, University of Electronic Science and Technology of China; Xiapu Luo, The Hong Kong Polytechnic University; Guofei Gu, Texas A&M University It’s an essential step to understand malware’s behaviors for developing effective solutions. Though a number of systems have been proposed to analyze Android malware, they have been limited by incomplete view of inspection on a single layer. What’s worse, various new techniques (e.g., packing, anti-emulator, etc.) employed by the latest malware samples further make these systems ineffective. In this paper, we propose Malton, a novel on-device non-invasive analysis platform for the new Android runtime (i.e., the ART runtime). As a dynamic analysis tool, Malton runs on real mobile devices and provides a comprehensive view of malware’s behaviors by conducting multi-layer monitoring and information flow tracking, as well as efficient path exploration. We have carefully evaluated Malton using real-world malware samples. The experimental results showed that Malton is more effective than existing tools, with the capability to analyze sophisticated malware samples and provide a comprehensive view of malicious behaviors of these samples. View the full program: https://www.usenix.org/sec17/program Source: https://www.youtube.com/watch?v=rXRm6RneY7A Uploader: USENIX

Lei Xue, The Hong Kong Polytechnic University; Yajin Zhou, unaffiliated; Ting Chen, University of Electronic Science and Technology of China; Xiapu Luo, The Hong Kong Polytechnic University; Guofei Gu, Texas A&M University It’s an essential step to understand malware’s behaviors for developing effective solutions. Though a number of systems have been proposed to analyze Android malware, they have been limited by incomplete view of inspection on a single layer. What’s worse, various new techniques (e.g., packing, anti-emulator, etc.) employed by the latest malware samples further make these systems ineffective. In this paper, we propose Malton, a novel on-device non-invasive analysis platform for the new Android runtime (i.e., the ART runtime). As a dynamic analysis tool, Malton runs on real mobile devices and provides a comprehensive view of malware’s behaviors by conducting multi-layer monitoring and information flow tracking, as well as efficient path exploration. We have carefully evaluated Malton using real-world malware samples. The experimental results showed that Malton is more effective than existing tools, with the capability to analyze sophisticated malware samples and provide a comprehensive view of malicious behaviors of these samples. View the full program: https://www.usenix.org/sec17/program Source: https://www.youtube.com/watch?v=rXRm6RneY7A Uploader: USENIX

Lei Xue, The Hong Kong Polytechnic University; Yajin Zhou, unaffiliated; Ting Chen, University of Electronic Science and Technology of China; Xiapu Luo, The Hong Kong Polytechnic University; Guofei Gu, Texas A&M University It’s an essential step to understand malware’s behaviors for developing effective solutions. Though a number of systems have been proposed to analyze Android malware, they have been limited by incomplete view of inspection on a single layer. What’s worse, various new techniques (e.g., packing, anti-emulator, etc.) employed by the latest malware samples further make these systems ineffective. In this paper, we propose Malton, a novel on-device non-invasive analysis platform for the new Android runtime (i.e., the ART runtime). As a dynamic analysis tool, Malton runs on real mobile devices and provides a comprehensive view of malware’s behaviors by conducting multi-layer monitoring and information flow tracking, as well as efficient path exploration. We have carefully evaluated Malton using real-world malware samples. The experimental results showed that Malton is more effective than existing tools, with the capability to analyze sophisticated malware samples and provide a comprehensive view of malicious behaviors of these samples. View the full program: https://www.usenix.org/sec17/program Source: https://www.youtube.com/watch?v=rXRm6RneY7A Uploader: USENIX

Information fusion includes signals, features, and decision-level analysis over various types of data including imagery, text, and cyber security detection. With the maturity of data processing, the explosion of big data, and the need for user acceptance; the Dynamic Data-Driven Application System (DDDAS) philosophy fosters insights into the usability of information systems solutions. In this paper, we exp lore a notion of an adaptive adjustment of secure communication trust analysis that seeks a balance between standard static solutions versus dynamic -data driven updates. A use case is provided in determining trust for a cyber security scenario exploring comparisons of Bayesian versus evidential reasoning for dynamic security detection updates. Using the evidential reasoning proportional conflict redistribution (PCR) method, we demonstrate improved trust for dynamically changing detections of denial of service attacks.

Information fusion includes signals, features, and decision-level analysis over various types of data including imagery, text, and cyber security detection. With the maturity of data processing, the explosion of big data, and the need for user acceptance; the Dynamic Data-Driven Application System (DDDAS) philosophy fosters insights into the usability of information systems solutions. In this paper, we exp lore a notion of an adaptive adjustment of secure communication trust analysis that seeks a balance between standard static solutions versus dynamic -data driven updates. A use case is provided in determining trust for a cyber security scenario exploring comparisons of Bayesian versus evidential reasoning for dynamic security detection updates. Using the evidential reasoning proportional conflict redistribution (PCR) method, we demonstrate improved trust for dynamically changing detections of denial of service attacks.

Information fusion includes signals, features, and decision-level analysis over various types of data including imagery, text, and cyber security detection. With the maturity of data processing, the explosion of big data, and the need for user acceptance; the Dynamic Data-Driven Application System (DDDAS) philosophy fosters insights into the usability of information systems solutions. In this paper, we exp lore a notion of an adaptive adjustment of secure communication trust analysis that seeks a balance between standard static solutions versus dynamic -data driven updates. A use case is provided in determining trust for a cyber security scenario exploring comparisons of Bayesian versus evidential reasoning for dynamic security detection updates. Using the evidential reasoning proportional conflict redistribution (PCR) method, we demonstrate improved trust for dynamically changing detections of denial of service attacks.

Congressional dissatisfaction with the policies and management of United States Security Assistance programs has led to several legislative actions in the past 15 years. The culminating legislation was the International Security Assistance and Arms Export Control Act of 1976. The thesis presents an overview of the world's arm market and examines the U.S. activities in this market. Numerous trends in the U.S. activity which contributed to congressional concern are explored as are several objectionable practices which have become associated with this trade. Legislation in the period 1961 through 1974 is examined to demonstrate congressional efforts at controlling Security Assistance programs prior to legislating the Act of 1976. The provisions of the International Security Assistance and Arms Export Control Act of 1976 are analyzed and the rationale for several of these provisions is included. The initial impact of the Act as it relates to the Congress, Carter Admininistration, Departments of State and Defense, and industry are indicated. Conclusions are drawn concerning the potential for Security Assistance programs to continue as a tool of American foreign policy.

No Description

No Description

Operating a large, space power system requires classifying the system's status and analyzing its security. Conventional algorithms are used by terrestrial electric utilities to provide such information to their dispatchers, but their application aboard Space Station Freedom will consume too much processing time. A new approach for monitoring and analysis using adaptive pattern techniques is presented. This approach yields an on-line security monitoring and analysis algorithm that is accurate and fast; and thus, it can free the Space Station Freedom's power control computers for other tasks.

Operating a large, space power system requires classifying the system's status and analyzing its security. Conventional algorithms are used by terrestrial electric utilities to provide such information to their dispatchers, but their application aboard Space Station Freedom will consume too much processing time. A new approach for monitoring and analysis using adaptive pattern techniques is presented. This approach yields an on-line security monitoring and analysis algorithm that is accurate and fast; and thus, it can free the Space Station Freedom's power control computers for other tasks.

Document number CIA-RDP79M00096A000100070006-3 declassified and released through the CIA's CREST database. Previously available only on four computers located outside of Washington D.C., the Agency was successfully pressured into putting the files online as a result of a MuckRock lawsuit and the efforts of Emma Best. The metadata was collected by Data.World, and the files are now being archived and made text searchable by the Internet Archive.

Analysis Of The Security Of Communications, 26 June 1945

In cloud computing technology, user can store large amount of data on storage provided by cloud and make use of resources as and when required, due to which, it becomes very significant. As a result, cloud computing technology has recently become a new model, by which we can host and deliver services over the internet. In cloud computing, resources are shared between different computers and other devices by means of the internet. There are so many issues, which have been observed in a cloud computing environment that need to be addressed. These issues can be categorized as: Security, Protection, Identity Management, Management of resources, Management of Power and Energy, Data Isolation, Availability of resources and Heterogeneity of resources. The first point of security, where, cryptography can facilitate cloud computing is secure storage, but the major disadvantages of secure storage is that we cannot perform processing on encrypted data. This paper presents the challenges and issues of security aspects in cloud computing method. We first look into the impacts of the distinctive characteristics of cloud computing, namely, multi-tenancy, elasticity and third party control, upon the security requirements. Then, we analyze the cloud security requirements in terms of the fundamental issues, i.e., confidentiality, integrity, availability, audit and compliance.

This 2007 U.S. Attorney's Office memorandum RE "Proposed Amendment to Department of Defense Procedures to Permit the National Security Agency to Conduct Analysis of Communications Metadata Associated with Persons in the United States" had the purpose "To Recommend Attorney General approval pursuant to Executive Order 12333 of a Proposed Amendment to Procedures Governing the National Security Agency's Signals Intelligence Activities (S//SI)." It was first published online by the Guardian newspaper here: http://www.guardian.co.uk/world/interactive/2013/jun/27/nsa-data-collection-justice-department

The rise in the number of intra-state conflicts, following the end of the Cold War, and the reluctance of traditional extra regional actors to intervene, have thrust upon the region the onus of resolving its own conflicts. This determination to assume the security responsibility as a prerequisite for sustainable development resulted in a series of interventions by a regional force under the Economic Community of West African States (ECOWAS) umbrella. As a result, ECOWAS is the most experienced organization in Africa, and even beyond, in terms of conflict management. This experience has resulted in the realization that the region needs to increase the current ECOWAS PKO capabilities to make the ECOWAS Standby Force (ESF) a more effective security force. This new mechanism structure under the construct of one of Africa's Regional Economic Communities (REC) is generating hope in terms of local capabilities able to sustain a peace management model designed by Africans themselves. Political will, as well as full dedication by ECOWAS member states, remain minimum requirements to ensure that a greater PKO capability is realized.

This thesis considers the best use of network traffic data to increase cyber security. This operational problem is one of great concern to network administrators and users generally. Our specific task was performed for the Network Security Division of the Army Research Laboratory, who requested we analyze a dataset of cyber-attacks masked in a background of representative network traffic (the Skaion dataset). We find that substantial preprocessing must done before statistical methods can be applied to raw network data, that no single predictor is sufficient, and that the most effective statistical analysis is logistic regression. Our approach is novel in that we consider not only single predictor events, but also combinations of reports from multiple tools. While we consider a number of different statistical techniques, we find that the most satisfactory model is based on logistic regression. Finally, we conclude that while the Skaion dataset is valuable in terms of its new approach to network traffic emulation, the 1999 KDD Cup and DARPA-MIT datasets-despite their many shortcomings-are more clearly organized and accessible to academic study. Cyber security is a globally important problem and datasets like Skaion's must maximize opportunities for cross-disciplinary academic endeavors.

The goal of the project was to develop new methods to discover security vulnerabilities and security exploits. The research involved static analysis, dynamic analysis, and symbolic execution of software at both the source-code and machine-code levels. An aspect that distinguished the approach taken in the project from previous work was the attempt to uncover security problems due to differences in outlook between different levels of a system -- an approach called cross-boundary security analysis. The term refers both to (i) translation effects where the source-level outlook and the machine-code-level outlook differ, as well as (ii) differences in outlook between a source-level view of a component's API and the machine code that implements the component, which can sometimes allow a sequence of API calls to drive a program to a bad state. In both cases, one has two different artifacts that are supposed to have the same semantics, but whose semantics actually differ.

Information security in Process-aware Information System (PAIS) relies on many factors, including security of business process and the underlying system and technologies. Moreover, humans can be the weakest link that creates pathway to vulnerabilities, or the worst enemy that compromises a well-defended system. Since a system is as secure as its weakest link, information security can only be achieved in PAIS if all factors are secure. In this paper, we address two research questions: how to conduct a cross-layer security analysis that couple security concerns at business process layer as well as at the technical layer; and how to include human factor into the security analysis for the identification of human-oriented vulnerabilities and threats. We propose a methodology that supports the tracking of security interdependencies between functional, technical, and human aspects which contribute to establish a holistic approach to information security in PAIS. We demonstrate the applicability with a scenario from the payment card industry.

In today's business and operational environments, multiple organizations routinely work collaboratively to acquire, develop, deploy, and maintain technical capabilities via a set of interdependent, networked systems. Measurement in these distributed management environments can be an extremely challenging problem. The CERT(R) Program, part of Carnegie Mellon University's Software Engineering Institute (SEI), is developing the Integrated Measurement and Analysis Framework (IMAF) to enable effective measurement in distributed environments, including acquisition programs, supply chains, and systems of systems. The IMAF defines an approach that integrates subjective and objective data from multiple sources (targeted analysis, reports, and tactical measurement) and provides decision makers with a consolidated view of current conditions. This report is the first in a series that addresses how to measure software security in complex environments. It poses several research questions and hypotheses and presents a foundational set of measurement concepts. It also describes how meaningful measures provide the information that decision makers need when they need it and in the right form. Finally, this report provides a conceptual overview of the IMAF, describes methods for qualitatively and quantitatively collecting data to inform the framework, and suggests how to use the IMAF to derive meaningful measures for analyzing software security performance.

CyberCIEGE is an interactive game simulating realistic scenarios that teaches the players Information Assurance (IA) concepts. The existing game scenarios only provide a high-level abstraction of the networked environment, e.g., nodes do not have Internet protocol (IP) addresses or belong to proper subnets, and there is no packet-level network simulation. This research explored endowing the game with network level traffic analysis, and implementing a game scenario to take advantage of this new capability. Traffic analysis is presented to players in a format similar to existing tools such that learned skills may be easily transferred to future real-world situations. A network traffic analysis tool simulation within CyberCIEGE was developed and this new tool provides the player with traffic analysis capability. Using existing taxonomies of cyber-attacks, the research identified a subset of network-based attacks most amenable to modeling and representation within CyberCIEGE. From the attacks identified, a complementary CyberCIEGE scenario was developed to provide the player with new educational opportunities for network analysis and threat identification. From the attack scenario, players also learn about the effects of these cyber-attacks and glean a more informed understanding of appropriate mitigation measures.

The United States and Soviet Union recognize the importance of the Horn of Africa. A key to peace and stability on the Horn is Somalia. The US and USSR have both aided Somalia in an attempt to influence events on the Horn and support their national interests. The US needs to pursue a positive policy towards Somalia. Somalia's border conflicts and internal tribal rivalries impact US interests. Somalia's neighbors respond negatively to military aid to Somalia. The US must find ways to achieve its goals placate Somalia's neighbors. Somalia's economy is weak and Somalia needs US help to get military aid. How the US approaches the delivery of military aid and the training of the Somali military will determine the impact and effectiveness of the aid. The study concludes that the US should provide limited military aid to Somalia; that an existing plan can be used; and that a review should be conducted to make sure that the Somalis cna support any equipment that is provided. (Author)

The United States and Soviet Union recognize the importance of the Horn of Africa. A key to peace and stability on the Horn is Somalia. The US and USSR have both aided Somalia in an attempt to influence events on the Horn and support their national interests. The US needs to pursue a positive policy towards Somalia. Somalia's border conflicts and internal tribal rivalries impact US interests. Somalia's neighbors respond negatively to military aid to Somalia. The US must find ways to achieve its goals placate Somalia's neighbors. Somalia's economy is weak and Somalia needs US help to get military aid. How the US approaches the delivery of military aid and the training of the Somali military will determine the impact and effectiveness of the aid. The study concludes that the US should provide limited military aid to Somalia; that an existing plan can be used; and that a review should be conducted to make sure that the Somalis cna support any equipment that is provided. (Author)

The American Security in the 21st Century is presented Supporting Research and Analysis

This report provides an overview of instructional systems design and its implications for analyzing curricula in the fields of information management and networked systems longevity. Measurable benchmarks for assessment of training and educational resources are offered in order to fully illustrate how to perform instructional gap analysis. This report also addresses issues of instructional approaches and metrics, performance objectives, educational measurement, and mission vs. learning objectives, and includes a selected listing of related coursework in the appendices.

The purpose of this thesis is to assess the actual and potential consequences of the inter-American democracy regime in the post-Cold War world. This thesis has three major arguments. First, the inter-American democracy regime \"matters\" because it can positively impact state and individual behavior in the post-Cold War inter-American system. Second, the three principles that constitute this regime (democracy, interdependence, and international organizations) are mutually reinforcing in perpetuating the \"community of democracies\" in the Western Hemisphere. Finally, this inter-American \"community of democracies\" is plausibly on a path to a pluralistic security community based on the logic of the post-Cold War inter-American democracy regime. This thesis places the actual and potential consequences of this regime into a broader, systemic context. This thesis critically examines two high-profile cases of democratic crisis, Paraguay (1996) and Peru (2000) to assess the actual impact of the post-Cold War inter-American democracy regime. These research findings are later extrapolated to assess the potential impact of this regime in the post-Cold War inter-American system. In short, this thesis concludes that, in the post-Cold War world, the Western Hemisphere is evidence of a liberal, qualitative peace.

The purpose of this thesis is to assess the actual and potential consequences of the inter-American democracy regime in the post-Cold War world. This thesis has three major arguments. First, the inter-American democracy regime \"matters\" because it can positively impact state and individual behavior in the post-Cold War inter-American system. Second, the three principles that constitute this regime (democracy, interdependence, and international organizations) are mutually reinforcing in perpetuating the \"community of democracies\" in the Western Hemisphere. Finally, this inter-American \"community of democracies\" is plausibly on a path to a pluralistic security community based on the logic of the post-Cold War inter-American democracy regime. This thesis places the actual and potential consequences of this regime into a broader, systemic context. This thesis critically examines two high-profile cases of democratic crisis, Paraguay (1996) and Peru (2000) to assess the actual impact of the post-Cold War inter-American democracy regime. These research findings are later extrapolated to assess the potential impact of this regime in the post-Cold War inter-American system. In short, this thesis concludes that, in the post-Cold War world, the Western Hemisphere is evidence of a liberal, qualitative peace.

The purpose of this thesis is to assess the actual and potential consequences of the inter-American democracy regime in the post-Cold War world. This thesis has three major arguments. First, the inter-American democracy regime \"matters\" because it can positively impact state and individual behavior in the post-Cold War inter-American system. Second, the three principles that constitute this regime (democracy, interdependence, and international organizations) are mutually reinforcing in perpetuating the \"community of democracies\" in the Western Hemisphere. Finally, this inter-American \"community of democracies\" is plausibly on a path to a pluralistic security community based on the logic of the post-Cold War inter-American democracy regime. This thesis places the actual and potential consequences of this regime into a broader, systemic context. This thesis critically examines two high-profile cases of democratic crisis, Paraguay (1996) and Peru (2000) to assess the actual impact of the post-Cold War inter-American democracy regime. These research findings are later extrapolated to assess the potential impact of this regime in the post-Cold War inter-American system. In short, this thesis concludes that, in the post-Cold War world, the Western Hemisphere is evidence of a liberal, qualitative peace.

This technical report is a survey of existing techniques which could potentially be used in the analysis of security architectures. The report has been structured to section the analysis process over three phases: the capture of a specific architecture in a suitable representation, discovering attacks on the captured architecture, and then assessing and comparing different security architectures. Each technique presented in this report has been recognised as being potentially useful for one phase of the analysis. By presenting a set of potentially useful techniques, it is hoped that designers and decision-makers involved in the development and maintenance of security architectures will be able to develop a more complete, justified and usable methodology other than those currently being used to perform analyses.

202869 Defining Homeland Security Analysis and Congressional Considerations

IDA conducted an economic analysis of two NNSA approaches to transforming and modernizing the U.S. nuclear weapons production complex. One approach envisions consolidating all nuclear weapon production functions into a single site called a Consolidated Nuclear Production Center (CNPC). The other approach Distributed Centers of Excellence (DCE) proposes modernizing the current complex in place. The IDA study team estimated the likely investment costs associated with each modernization alternative and the recurring savings that would result from the CNPC versus the DCE approach. We found that the CNPC proposal requires substantially greater investments and the savings are insufficient to justify the extra expenditures. In addition we found no cost basis for moving either pit production or assembly/disassembly from their present locations. We found a positive net present value for moving secondary production from its present location; however the break-even point for the investment is at least 30 years away. In addition IDA reviewed the suitability of using the NNSA Nuclear Enterprise model for cost estimating.

The Senate Intelligence Committee considered the nomination of David Glawe to serve as under secretary for intelligence and analysis at the Homeland Security Department. He's a former assistant commissioner in the Office of Intelligence with the U.S. Customs and Border Protection. Members questioned him in areas including information sharing among the intelligence community, the duplication of efforts among the Homeland Security Department and lessons learned from the Sept. 11, 2001 terrorist attacks. The committee is chaired by Sen. Richard Burr (R-NC). Sponsor: Senate Select Intelligence Committee

The United States is a global power with global interests and global responsibilities. The U.S. Army constitutes one of the means available to the United States to pursue and achieve its foreign policy goals. The end of the Cold War, and especially the events of September 11, 2001, have led to a redefinition of the U.S. Army s role. In this new environment, the purpose of the U.S. Army is not only to win the war but also to win the peace. In this monograph, Dr. Yannis A. Stivachtis, an international security analyst who currently serves as Associate Professor of International and Strategic Studies at Virginia Tech, argues that due to the presence of several weak states in the international system, the United States needs to devise and employ strategies aimed at preventing and managing the outbreak of domestic conflicts that have the potential of undermining regional and international peace and stability. He notes that states differ from one another in many ways and therefore their national security question is context dependent. As a result, U.S. strategists should be fully aware of what constitutes a security issue for social groups and individuals in third countries. Thus, U.S. strategic planning and actions should be based on the adoption of the broaden definition of security as well as the idea of human security. Since international stability is based on the stability of states, the United States needs to assist the creation and maintenance of strong states. The Strategic Studies Institute is pleased to offer this monograph as a contribution to the discussions of how to better prepare the U.S. Army to transition from purely military operations (winning the war) to peace-building operations (winning the peace) and work effectively with local leaders and groups toward creating stronger states.

This report entails the Proceedings of the Fifth International Conference Mathematical Methods, Models, and Architectures for Computer Networks Security (MMM-ACNS-2010), and includes the First International Workshop Scientific Analysis and Policy Support for Cyber Security. The main objectives of the MMM-ACNS-2010 Conference are to discuss state-of-the-art in mathematical methods and models for computer networks and information security to promote a better understanding of recent achievements and trends in the computer network security, as well as making use of recent achievements in the area of advanced information technologies for computer network and information assurance Security assurance of resident information and computer networks' software is one of the important problems of the modern computer science and information technology. The problem importance is confirmed by ever increasing multiplicity and diversity of threads and vulnerabilities of computer networks, permanently increasing significance and value of information itself, and by potentially devastating consequences of successful attacks on integrity, resource availability and information confidentiality. Unauthorized access to computer network facilities and network resources, especially in global networks participating in real-time control operations, may be truly disastrous.

This report entails the Proceedings of the Fifth International Conference Mathematical Methods, Models, and Architectures for Computer Networks Security (MMM-ACNS-2010), and includes the First International Workshop Scientific Analysis and Policy Support for Cyber Security. The main objectives of the MMM-ACNS-2010 Conference are to discuss state-of-the-art in mathematical methods and models for computer networks and information security to promote a better understanding of recent achievements and trends in the computer network security, as well as making use of recent achievements in the area of advanced information technologies for computer network and information assurance Security assurance of resident information and computer networks' software is one of the important problems of the modern computer science and information technology. The problem importance is confirmed by ever increasing multiplicity and diversity of threads and vulnerabilities of computer networks, permanently increasing significance and value of information itself, and by potentially devastating consequences of successful attacks on integrity, resource availability and information confidentiality. Unauthorized access to computer network facilities and network resources, especially in global networks participating in real-time control operations, may be truly disastrous.

This paper will provide a comparative analysis of the United States (U.S.) Department of Homeland Security's Emergency Preparedness and Response directorate and the Israel Defense Forces Home Front Command. It will focus on the preparedness aspect of homeland security and will address similarities and differences of both organizations, recent initiatives within each organization, and collaborative efforts between the United States and Israel in support of homeland security. It will illustrate that both organizations have made great strides in their homeland security efforts but there is still much that needs to be done. The U.S. Department of Homeland Security was established on January 23, 2003, in response to the September 11, 2001, terrorist attacks against the World Trade Center and the Pentagon. The Emergency Preparedness and Response Directorate of the U.S. Department of Homeland Security is built upon the long and solid track record of the Federal Emergency Management Agency (FEMA). It oversees the federal government's national response and recovery strategy and ensures our nation is prepared for natural disasters and terrorist attacks. Israel does not have a Department of Homeland Security. Israel established its Home Front Command, an entity of the Israel Defense Force (IDF), in February 1992, largely as a result of events of the 1991 Gulf War. The Home Front Command falls under the minister of defense within the IDF. There are certainly lessons the United States can learn from Israel's 35-year battle against terrorism. We must not forget, however, that Israel is a small country approximately the size of our state of New Jersey. Therefore, many of Israel's security initiatives are simply not practical or feasible for implementation within the United States of America.

A computer Security/Recovery System (CS/RS) model was designed with the goal of implementing it into a Relational Database Management System. In addition, the relational database was to serve as a pedagogical tool for teaching database management and manipulation techniques as well as security measures and issues. Toward these goals, an extensive literature search and analysis of the current state of the art Computer Security models was required in order to identify current unresolved issues and areas of research. The advantages and disadvantages associated with six computer security models were explored and addressed in this thesis. Then the requirements for a CS/RS model were indentified and defined, and based on certain favorable criteria, one of the computer security models analyzed was selected. Further, only one of the six models had ever been implemented using a relational database and none had ever been implemented using a microcomputer. Consequently, the ability to take one of the existing computer security models and to apply the security concepts used within this model was not an easy task and in some instances was not possible. Finally, the CS/RS model designed did not include the hierarchically ordered military security sensitivity levels. (Author)