12 Matching Results

Search Results

Advanced search parameters have been applied.

Comprehensive test ban treaty international monitoring system security threats and proposed security attributes

Description: To monitor compliance with a Comprehensive Test Ban Treaty (CTBT), a sensing network, referred to as the International Monitoring System (IMS), is being deployed. Success of the IMS depends on both its ability to preform its function and the international community`s confidence in the system. To ensure these goals, steps must be taken to secure the system against attacks that would undermine it; however, it is not clear that consensus exists with respect to the security requirements that should be levied on the IMS design. In addition, CTBT has not clearly articulated what threats it wishes to address. This paper proposes four system-level threats that should drive IMS design considerations, identifies potential threat agents, and collects into one place the security requirements that have been suggested by various elements of the IMS community. For each such requirement, issues associated with the requirement are identified and rationale for the requirement is discussed.
Date: March 1, 1996
Creator: Draelos, T.J. & Craft, R.L.
Partner: UNT Libraries Government Documents Department

Initial CTBT international monitoring system security findings and recommendations

Description: An initial security evaluation of the proposed International Monitoring System (IMS) suggests safeguards at various points in the IMS to provide reliable information to the user community. Modeling the IMS as a network of information processing nodes provides a suitable architecture for assessing data surety needs of the system. The recommendations in this paper include the use of public-key authentication for data from monitoring stations and for commands issued to monitoring stations. Other monitoring station safeguards include tamper protection of sensor subsystems, preservation of data (i.e. short-term archival), and limiting the station`s network services. The recommendations for NDCs focus on the need to provide a backup to the IDC for data archival and data routing. Safeguards suggested for the IDC center on issues of reliability. The production of event bulletins should employ {open_quotes}two-man{close_quotes} procedures. As long as the data maintains its integrity, event bulletins can be produced by NDCs as well. The effective use of data authentication requires a sound key management system. Key management systems must be developed for the authentication of data, commands, and event bulletins if necessary. It is recommended that the trust placed in key management be distributed among multiple parties. The recommendations found in this paper offer safeguards for identified vulnerabilities in the IMS with regard to data surety. However, several outstanding security issues still exist. These issues include the need to formalize and obtain a consensus on a threat model and a trust model for the IMS. The final outstanding security issue that requires in-depth analysis concerns the IDC as a potential single point of failure in the current IMS design.
Date: August 1, 1996
Creator: Craft, R.L. & Draelos, T.J.
Partner: UNT Libraries Government Documents Department

Designing Smart Health Care Technology into the Home of the Future

Description: This editorial paper presents a vision for intelligent health care in the home of the future, focusing on technologies with the highest potential payoff given targeted government funding over the next ten years. A secure, plug-and-play information framework provides the starting point for identifying technologies that must be developed before home-based devices can know their context and assimilate information to support care decisions.
Date: April 20, 1999
Creator: Craft, R.L. & Warren, S.
Partner: UNT Libraries Government Documents Department

Authentication of data for monitoring a comprehensive test ban treaty

Description: The important issue of data integrity in the CTBT International Monitoring System (IMS) is discussed and a brief tutorial on data authentication techniques is offered. The utilization of data authentication as a solution to the data integrity problem is evaluated. Public key data authentication is recommended for multilateral monitoring regimes such as the CTBT. The ramifications and system considerations of applying data authentication at various locations in the IMS, or not at all, are reviewed in a data surety context. The paper concludes with a recommendation of authenticating data at all critical monitoring stations.
Date: May 1, 1996
Creator: Craft, R.L. & Draelos, T.J.
Partner: UNT Libraries Government Documents Department

Analytic tools for information warfare

Description: Information warfare and system surety (tradeoffs between system functionality, security, safety, reliability, cost, usability) have many mechanisms in common. Sandia`s experience has shown that an information system must be assessed from a {ital system} perspective in order to adequately identify and mitigate the risks present in the system. While some tools are available to help in this work, the process is largely manual. An integrated, extensible set of assessment tools would help the surety analyst. This paper describes one approach to surety assessment used at Sandia, identifies the difficulties in this process, and proposes a set of features desirable in an automated environment to support this process.
Date: May 1, 1996
Creator: Vandewart, R.L. & Craft, R.L.
Partner: UNT Libraries Government Documents Department

Designing Smart Health Care Technology into the Home of the Future

Description: The US health care industry is experiencing a substantial paradigm shift with regard to home care due to the convergence of several technology areas. Increasingly-capable telehealth systems and the internet are not only moving the point of care closer to the patient, but the patient can now assume a more active role in his or her own care. These technologies, coupled with (1) the migration of the health care industry to electronic patient records and (2) the emergence of a growing number of enabling health care technologies (e.g., novel biosensors, wearable devices, and intelligent software agents), demonstrate unprecedented potential for delivering highly automated, intelligent health care in the home. This editorial paper presents a vision for the implementation of intelligent health care technology in the home of the future, focusing on areas of research that have the highest potential payoff given targeted government funding over the next ten years. Here, intelligent health care technology means smart devices and systems that are aware of their context and can therefore assimilate information to support care decisions. A systems perspective is used to describe a framework under which devices can interact with one another in a plug-and-play manner. Within this infrastructure, traditionally passive sensors and devices will have read/write access to appropriate portions of an individual's electronic medical record. Through intelligent software agents, plug-and-play mechanisms, messaging standards, and user authentication tools, these smart home-based medical devices will be aware of their own capabilities, their relationship to the other devices in the home system, and the identity of the individual(s) from whom they acquire data. Information surety technology will be essential to maintain the confidentiality of patient-identifiable medical information and to protect the integrity of geographically dispersed electronic medical records with which each home-based system will interact.
Date: April 7, 1999
Creator: Warren, S.; Craft, R.L. & Bosma, J.T.
Partner: UNT Libraries Government Documents Department

Understanding the system in risk assessment

Description: In the assessment of a system, understanding the system is central. Even so, most of the current literature takes a narrow view of understanding, making only the catalog of system ``assets`` explicit, while maintaining the balance of the analyst`s understanding inside the analyst`s head. This can lead to problems with non-repeatability and incompleteness of assessment results. This paper introduces the notion of using explicit system models to document the analyst`s understanding of the system and shows that, from these models, standard assessment products, such as fault trees and event trees, can be automatically derived. This paper also presents five ``views`` of a system that can be used to document the analyst`s understanding of the system. These views go well beyond the standard instruction to identify the system`s assets to show that a much richer understanding of the system can be required for effective assessment.
Date: February 1, 1998
Creator: Craft, R.; Vandewart, R.; Wyss, G. & Funkhouser, D.
Partner: UNT Libraries Government Documents Department

An open framework for risk management

Description: Risk assessment methodologies are ready to enter their third generation. In this next generation, assessment will be based on a whole system understanding of the system to be assessed. To realize this vision of risk management, the authors have begun development of an extensible software tool kit. This tool kit breaks with the traditional approach to assessment by having the analyst spend the majority of the assessment time building an explicit model that documents in a single framework the various facets of the system, such as the system`s behavior, structure, and history. Given this explicit model of the system, a computer is able to automatically produce a standard assessment products, such as fault trees and event trees. This brings with it a number of advantages relative to current risk management tools. Among these are a greater sense of completeness and correctness in assessment results and the ability to preserve and later employ lessons learned.
Date: August 1, 1998
Creator: Craft, R.; Vandewart, R.; Wyss, G. & Funkhouser, D.
Partner: UNT Libraries Government Documents Department

A key management concept for the CTBT International Monitoring System

Description: Cryptographic authentication (commonly referred to as ``technical authentication`` in Working Group B) is an enabling technology which ensures the integrity of sensor data and security of digital networks under various data security compromise scenarios. The use of cryptographic authentication,however, implies the development of a key management infrastructure for establishing trust in the generation and distribution of cryptographic keys. This paper proposes security and operational requirements for a CTBT (Comprehensive Test Ban Treaty) key management system and, furthermore, presents a public key based solution satisfying the requirements. The key management system is instantiated with trust distribution technologies similar to those currently implemented in industrial public key infrastructures. A complete system solution is developed.
Date: August 1, 1997
Creator: Herrington, P.; Draelos, T.; Craft, R.; Brickell, E.; Frankel, Y. & Silvestri, M.
Partner: UNT Libraries Government Documents Department

Recasting risk analysis methods in terms of object-oriented modeling techniques

Description: For more than two decades, risk analysts have relied on powerful logic-based models to perform their analyses. However, the applicability of these models has been limited because they can be complex and expensive to develop. Analysts must frequently start from scratch when analyzing a new (but similar) system because the understanding of how the system works exists only in the mind of the analyst and is only incompletely instantiated in the actual logic model. This paper introduces the notion of using explicit object-oriented system models, such as those embodied in computer-aided software engineering (CASE) tools, to document the analyst`s understanding of the system and appropriately capture how the system works. It also shows that from these models, standard assessment products, such as fault trees and event trees, can be automatically derived.
Date: August 1, 1998
Creator: Wyss, G.D.; Craft, R.L.; Vandewart, R.L. & Funkhouser, D.R.
Partner: UNT Libraries Government Documents Department

A Proposed Information Architecture for Telehealth System Interoperability

Description: Telemedicine technology is rapidly evolving. Whereas early telemedicine consultations relied primarily on video conferencing, consultations today may utilize video conferencing, medical peripherals, store-and-forward capabilities, electronic patient record management software, and/or a host of other emerging technologies. These remote care systems rely increasingly on distributed, collaborative information technology during the care delivery process, in its many forms. While these leading-edge systems are bellwethers for highly advanced telemedicine, the remote care market today is still immature. Most telemedicine systems are custom-designed and do not interoperate with other commercial offerings. Users are limited to a set of functionality that a single vendor provides and must often pay high prices to obtain this functionality, since vendors in this marketplace must deliver entire systems in order to compete. Besides increasing corporate research and development costs, this inhibits the ability of the user to make intelligent purchasing decisions regarding best-of-breed technologies. We propose a secure, object-oriented information architecture for telemedicine systems that promotes plug-and-play interaction between system components through standardized interfaces, communication protocols, messaging formats, and data definitions. In this architecture, each component functions as a black box, and components plug together in a lego-like fashion to achieve the desired device or system functionality. The architecture will support various ongoing standards work in the medical device arena.
Date: April 7, 1999
Creator: Warren, S.; Craft, R.L.; Parks, R.C.; Gallagher, L.K.; Garcia, R.J. & Funkhouser, D.R.
Partner: UNT Libraries Government Documents Department

A Proposed Information Architecture for Telehealth System Interoperability

Description: We propose an object-oriented information architecture for telemedicine systems that promotes secure `plug-and-play' interaction between system components through standardized interfaces, communication protocols, messaging formats, and data definitions. In this architecture, each component functions as a black box, and components plug together in a ''lego-like'' fashion to achieve the desired device or system functionality. Introduction Telemedicine systems today rely increasingly on distributed, collaborative information technology during the care delivery process. While these leading-edge systems are bellwethers for highly advanced telemedicine, most are custom-designed and do not interoperate with other commercial offerings. Users are limited to a set of functionality that a single vendor provides and must often pay high prices to obtain this functionality, since vendors in this marketplace must deliver en- tire systems in order to compete. Besides increasing corporate research and development costs, this inhibits the ability of the user to make intelligent purchasing decisions regarding best-of-breed technologies. This paper proposes a reference architecture for plug-and-play telemedicine systems that addresses these issues.
Date: April 20, 1999
Creator: Craft, R.L.; Funkhouser, D.R.; Gallagher, L.K.; Garica, R.J.; Parks, R.C. & Warren, S.
Partner: UNT Libraries Government Documents Department