Search results for: NIST SP 800-53
Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 48

Search results for: NIST SP 800-53

48 Analysis of Practical Guidelines for Mobile Device Security in Indonesia Based on NIST SP 1800-4

Authors: Mardiyansyah Mardiyansyah, Hendrik Maulana, Eka Kurnia Sari, Imam Baehaki, Mohammad Agus Prihandono

Abstract:

Mobile device has become a key feature in Indonesian society and the economy, including government and private sector. Enterprises and government agencies already have a concern about mobile device security. However, small and medium enterprises (SME) do not have that sense yet, especially the new startups company. Indonesia has several laws, regulations, and standards for managing security in mobile devices. Currently, Indonesian information security policies have not been harmonized, each government organization and large enterprise has its own rules and policies. It leads to a conflict of interest among government agencies. This will certainly cause ineffectiveness in the implementation of policies. Therefore, an analysis of various government policies, regulations, and standards related to information security, especially on mobile devices, is carried out. This analysis is conducted to map the existing regulatory policies and standards into practical guidelines regarding NIST's information security to show the effectiveness of NIST SP 1800-4 towards existing policies. This work focused on the mapping of the NIST SP 1800-4 framework towards existing regulations, standards, and guidelines in Indonesia. The research approach is literature study to identify existing regulations, standards, and guidelines then the regulation mapped into the NIST SP 1800-4 framework and analyzed whether the framework could be applied to the organization in Indonesia. Finally, the finding and recommendations by documenting the security characteristics can be concluded. Based on the research finding, some of the regulations, standards, and guidelines in Indonesia are relevant to the elements in the NIST SP 1800-4 framework. From mapping analysis, the strength and weakness of mobile device security in Indonesia can be reported. It also can be concluded that the application of NIST SP 1800-4 can improve the effectiveness of mobile device security policies in Indonesia.

Keywords: mobile security, mobile security framework, NIST SP 1800-4, regulations

Procedia PDF Downloads 153
47 Statistical Randomness Testing of Some Second Round Candidate Algorithms of CAESAR Competition

Authors: Fatih Sulak, Betül A. Özdemir, Beyza Bozdemir

Abstract:

In order to improve symmetric key research, several competitions had been arranged by organizations like National Institute of Standards and Technology (NIST) and International Association for Cryptologic Research (IACR). In recent years, the importance of authenticated encryption has rapidly increased because of the necessity of simultaneously enabling integrity, confidentiality and authenticity. Therefore, at January 2013, IACR announced the Competition for Authenticated Encryption: Security, Applicability, and Robustness (CAESAR Competition) which will select secure and efficient algorithms for authenticated encryption. Cryptographic algorithms are anticipated to behave like random mappings; hence, it is important to apply statistical randomness tests to the outputs of the algorithms. In this work, the statistical randomness tests in the NIST Test Suite and the other recently designed randomness tests are applied to six second round algorithms of the CAESAR Competition. It is observed that AEGIS achieves randomness after 3 rounds, Ascon permutation function achieves randomness after 1 round, Joltik encryption function achieves randomness after 9 rounds, Morus state update function achieves randomness after 3 rounds, Pi-cipher achieves randomness after 1 round, and Tiaoxin achieves randomness after 1 round.

Keywords: authenticated encryption, CAESAR competition, NIST test suite, statistical randomness tests

Procedia PDF Downloads 315
46 Challenges of Implementing Zero Trust Security Based on NIST SP 800-207

Authors: Mazhar Hamayun

Abstract:

Organizations need to take a holistic approach to their Zero Trust strategic and tactical security needs. This includes using a framework-agnostic model that will ensure all enterprise resources are being accessed securely, regardless of their location. Such can be achieved through the implementation of a security posture, monitoring the posture, and adjusting the posture through the Identify, Detect, Protect, Respond, and Recover Methods, The target audience of this document includes those involved in the management and operational functions of risk, information security, and information technology. This audience consists of the chief information security officer, chief information officer, chief technology officer, and those leading digital transformation initiatives where Zero Trust methods can help protect an organization’s data assets.

Keywords: ZTNA, zerotrust architecture, microsegmentation, NIST SP 800-207

Procedia PDF Downloads 87
45 Security of Database Using Chaotic Systems

Authors: Eman W. Boghdady, A. R. Shehata, M. A. Azem

Abstract:

Database (DB) security demands permitting authorized users and prohibiting non-authorized users and intruders actions on the DB and the objects inside it. Organizations that are running successfully demand the confidentiality of their DBs. They do not allow the unauthorized access to their data/information. They also demand the assurance that their data is protected against any malicious or accidental modification. DB protection and confidentiality are the security concerns. There are four types of controls to obtain the DB protection, those include: access control, information flow control, inference control, and cryptographic. The cryptographic control is considered as the backbone for DB security, it secures the DB by encryption during storage and communications. Current cryptographic techniques are classified into two types: traditional classical cryptography using standard algorithms (DES, AES, IDEA, etc.) and chaos cryptography using continuous (Chau, Rossler, Lorenz, etc.) or discreet (Logistics, Henon, etc.) algorithms. The important characteristics of chaos are its extreme sensitivity to initial conditions of the system. In this paper, DB-security systems based on chaotic algorithms are described. The Pseudo Random Numbers Generators (PRNGs) from the different chaotic algorithms are implemented using Matlab and their statistical properties are evaluated using NIST and other statistical test-suits. Then, these algorithms are used to secure conventional DB (plaintext), where the statistical properties of the ciphertext are also tested. To increase the complexity of the PRNGs and to let pass all the NIST statistical tests, we propose two hybrid PRNGs: one based on two chaotic Logistic maps and another based on two chaotic Henon maps, where each chaotic algorithm is running side-by-side and starting from random independent initial conditions and parameters (encryption keys). The resulted hybrid PRNGs passed the NIST statistical test suit.

Keywords: algorithms and data structure, DB security, encryption, chaotic algorithms, Matlab, NIST

Procedia PDF Downloads 265
44 Determining the Appropriate Methodology for the Security Evaluation of Equipment Related to Information and Communication Technology in the Industry

Authors: Sofia Ahanj Sofia Ahanj, Mahsa Rahmani Mahsa Rahmani, Zahra Sadeghigol, Vida Nobakht Vida Nobakht

Abstract:

Providing security in the electricity industry, as one of the vital infrastructures of the country, is one of the essential operations that must be taken in order to improve the security of the country. Resistant security strategies need to be regularly implemented as a dynamic process to improve security, and security evaluation is one of the most important steps in this process. Methodology in the field of evaluation in both technical and managerial dimensions is discussed in the laboratory. There are various standards in the field of general ICT technical-security evaluation. The most important are ISO / IEC 15408, ISO / IEC 27001 and NIST SP 800-53. In the present paper, these standards are first examined. Then, the standards and reports in the industrial field have been reviewed and compared, and finally, based on the results and special considerations of information and communication technology equipment in the electricity industry, the appropriate methodology has been presented.

Keywords: security standards, ISO/IEC 15408, ISA/IEC 62443 series, NIST SP 800-53, NISTIR 7628

Procedia PDF Downloads 168
43 Design and Implementation of Pseudorandom Number Generator Using Android Sensors

Authors: Mochamad Beta Auditama, Yusuf Kurniawan

Abstract:

A smartphone or tablet require a strong randomness to establish secure encrypted communication, encrypt files, etc. Therefore, random number generation is one of the main keys to provide secrecy. Android devices are equipped with hardware-based sensors, such as accelerometer, gyroscope, etc. Each of these sensors provides a stochastic process which has a potential to be used as an extra randomness source, in addition to /dev/random and /dev/urandom pseudorandom number generators. Android sensors can provide randomness automatically. To obtain randomness from Android sensors, each one of Android sensors shall be used to construct an entropy source. After all entropy sources are constructed, output from these entropy sources are combined to provide more entropy. Then, a deterministic process is used to produces a sequence of random bits from the combined output. All of these processes are done in accordance with NIST SP 800-22 and the series of NIST SP 800-90. The operation conditions are done 1) on Android user-space, and 2) the Android device is placed motionless on a desk.

Keywords: Android hardware-based sensor, deterministic process, entropy source, random number generation/generators

Procedia PDF Downloads 376
42 Cybersecurity Engineering BS Degree Curricula Design Framework and Assessment

Authors: Atma Sahu

Abstract:

After 9/11, there will only be cyberwars. The cyberwars increase in intensity the country's cybersecurity workforce's hiring and retention issues. Currently, many organizations have unfilled cybersecurity positions, and to a lesser degree, their cybersecurity teams are understaffed. Therefore, there is a critical need to develop a new program to help meet the market demand for cybersecurity engineers (CYSE) and personnel. Coppin State University in the United States was responsible for developing a cybersecurity engineering BS degree program. The CYSE curriculum design methodology consisted of three parts. First, the ACM Cross-Cutting Concepts standard's pervasive framework helped curriculum designers and students explore connections among the core courses' knowledge areas and reinforce the security mindset conveyed in them. Second, the core course context was created to assist students in resolving security issues in authentic cyber situations involving cyber security systems in various aspects of industrial work while adhering to the NIST standards framework. The last part of the CYSE curriculum design aspect was the institutional student learning outcomes (SLOs) integrated and aligned in content courses, representing more detailed outcomes and emphasizing what learners can do over merely what they know. The CYSE program's core courses express competencies and learning outcomes using action verbs from Bloom's Revised Taxonomy. This aspect of the CYSE BS degree program's design is based on these three pillars: the ACM, NIST, and SLO standards, which all CYSE curriculum designers should know. This unique CYSE curriculum design methodology will address how students and the CYSE program will be assessed and evaluated. It is also critical that educators, program managers, and students understand the importance of staying current in this fast-paced CYSE field.

Keywords: cyber security, cybersecurity engineering, systems engineering, NIST standards, physical systems

Procedia PDF Downloads 95
41 Streamlining Cybersecurity Risk Assessment for Industrial Control and Automation Systems: Leveraging the National Institute of Standard and Technology’s Risk Management Framework (RMF) Using Model-Based System Engineering (MBSE)

Authors: Gampel Alexander, Mazzuchi Thomas, Sarkani Shahram

Abstract:

The cybersecurity landscape is constantly evolving, and organizations must adapt to the changing threat environment to protect their assets. The implementation of the NIST Risk Management Framework (RMF) has become critical in ensuring the security and safety of industrial control and automation systems. However, cybersecurity professionals are facing challenges in implementing RMF, leading to systems operating without authorization and being non-compliant with regulations. The current approach to RMF implementation based on business practices is limited and insufficient, leaving organizations vulnerable to cyberattacks resulting in the loss of personal consumer data and critical infrastructure details. To address these challenges, this research proposes a Model-Based Systems Engineering (MBSE) approach to implementing cybersecurity controls and assessing risk through the RMF process. The study emphasizes the need to shift to a modeling approach, which can streamline the RMF process and eliminate bloated structures that make it difficult to receive an Authorization-To-Operate (ATO). The study focuses on the practical application of MBSE in industrial control and automation systems to improve the security and safety of operations. It is concluded that MBSE can be used to solve the implementation challenges of the NIST RMF process and improve the security of industrial control and automation systems. The research suggests that MBSE provides a more effective and efficient method for implementing cybersecurity controls and assessing risk through the RMF process. The future work for this research involves exploring the broader applicability of MBSE in different industries and domains. The study suggests that the MBSE approach can be applied to other domains beyond industrial control and automation systems.

Keywords: authorization-to-operate (ATO), industrial control systems (ICS), model-based system’s engineering (MBSE), risk management framework (RMF)

Procedia PDF Downloads 95
40 Radio Frequency Identification Encryption via Modified Two Dimensional Logistic Map

Authors: Hongmin Deng, Qionghua Wang

Abstract:

A modified two dimensional (2D) logistic map based on cross feedback control is proposed. This 2D map exhibits more random chaotic dynamical properties than the classic one dimensional (1D) logistic map in the statistical characteristics analysis. So it is utilized as the pseudo-random (PN) sequence generator, where the obtained real-valued PN sequence is quantized at first, then applied to radio frequency identification (RFID) communication system in this paper. This system is experimentally validated on a cortex-M0 development board, which shows the effectiveness in key generation, the size of key space and security. At last, further cryptanalysis is studied through the test suite in the National Institute of Standards and Technology (NIST).

Keywords: chaos encryption, logistic map, pseudo-random sequence, RFID

Procedia PDF Downloads 401
39 Towards a Common Architecture for Cloud Computing Interoperability

Authors: Sana Kouchi, Hassina Nacer, Kadda Beghdad-bey

Abstract:

Cloud computing is growing very fast in the market and has become one of the most controversial discussed developments in recent years. Cloud computing providers become very numerous in these areas and each of them prefers its own cloud computing infrastructure, due to the incompatibility of standards and cloud access formats, which prevents them from accepting to support cloud computing applications in a standardized manner, this heterogeneity creates the problem of interoperability between clouds, and considering that cloud customers are probably in search of an interoperable cloud computing, where they will have total control over their applications and simply migrate their services as needed, without additional development investment. A cloud federation strategy should be considered. In this article, we propose a common architecture for the cloud that is based on existing architectures and also the use of best practices from ICT frameworks, such as IBM, ITIL, NIST, etc., to address the interoperability of architectures issues in a multi-cloud system.

Keywords: cloud computing, reference architecture, interoperability, standard

Procedia PDF Downloads 173
38 Investigation of Bremsstrahlung, Braking Radiation from Beta-Emitting Radioactive Sources

Authors: Metin Kömsöken, Ayşe Güneş Tanır, Onur Karaman

Abstract:

Usage of high energy charged particles for diagnosis and treatment has been widespread in medicine. The main purpose is to investigate that Bremsstrahlung which occurs by tissue interactions with charged particles should not be neglected. Nuclear stopping power (Bremsstrahlung) was calculated for lung, brain, skin, muscle, bone (cortical) and water targets for the energies of electrons obtained from LINAC used in radiotherapy and of β+ sources used in positron emission tomography (PET). These calculations were done by using the four different analytical functions including classical Bethe-Bloch, Tsoulfanidis, modified Bethe-Bloch and modified Tsoulfanidis equations. It was concluded that obtained results were compatible with that of National Institute of Standards and Technology (NIST-ESTAR).

Keywords: β- emitting source, bremsstrahlung, therapeutic radionuclides, LINAC

Procedia PDF Downloads 333
37 Hyperchaos-Based Video Encryption for Device-To-Device Communications

Authors: Samir Benzegane, Said Sadoudi, Mustapha Djeddou

Abstract:

In this paper, we present a software development of video streaming encryption for Device-to-Device (D2D) communications by using Hyperchaos-based Random Number Generator (HRNG) implemented in C#. The software implements and uses the proposed HRNG to generate key stream for encrypting and decrypting real-time video data. The used HRNG consists of Hyperchaos Lorenz system which produces four signal outputs taken as encryption keys. The generated keys are characterized by high quality randomness which is confirmed by passing standard NIST statistical tests. Security analysis of the proposed encryption scheme confirms its robustness against different attacks.

Keywords: hyperchaos Lorenz system, hyperchaos-based random number generator, D2D communications, C#

Procedia PDF Downloads 371
36 Comparison of Wet and Microwave Digestion Methods for the Al, Cu, Fe, Mn, Ni, Pb and Zn Determination in Some Honey Samples by ICPOES in Turkey

Authors: Huseyin Altundag, Emel Bina, Esra Altıntıg

Abstract:

The aim of this study is determining amount of Al, Cu, Fe, Mn, Ni, Pb and Zn in the samples of honey which are gathered from Sakarya and Istanbul regions. In this study the evaluation of the trace elements in honeys samples are gathered from Sakarya and Istanbul, Turkey. The sample preparation phase is performed via wet decomposition method and microwave digestion system. The accuracy of the method was corrected by the standard reference material, Tea Leaves (INCY-TL-1) and NIST SRM 1515 Apple leaves. The comparison between gathered data and literature values has made and possible resources of the contamination to the samples of honey have handled. The obtained results will be presented in ICCIS 2015: XIII International Conference on Chemical Industry and Science.

Keywords: Wet decomposition, Microwave digestion, Trace element, Honey, ICP-OES

Procedia PDF Downloads 462
35 Stability of Essential Oils in Pang-Rum by Gas Chromatography-Mass Spectrometry

Authors: K. Jarmkom, P. Eakwaropas, W. Khobjai, S. Techaeoi

Abstract:

Ancient Thai perfumed powder was used as a fragrance for clothing, food, and the body. Plant-based natural Thai perfume products are known as Pang-Rum. The objective of this study was to evaluate the stability of essential oils after six months of incubation. The chemical compositions were determined by gas chromatography-mass spectrometry (GC-MS), in terms of the qualitative composition of the isolated essential oil. The isolation of the essential oil of natural products by incubate sample for 5 min at 40 ºC is described. The volatile components were identified by percentage of total peak areas comparing their retention times of GC chromatograph with NIST mass spectral library. The results show no significant difference in the seven chromatograms of perfumed powder (Pang-Rum) both with binder and without binder. Further identification was done by GC-MS. Some components of Pang-Rum with/without binder were changed by temperature and time.

Keywords: GC-MS analysis, essential oils, stability, Pang-Rum

Procedia PDF Downloads 272
34 Biotransformation of Monoterpenes by Whole Cells of Eleven Praxelis clematidea-Derived Endophytic Fungi

Authors: Daomao Yang, Qizhi Wang

Abstract:

Monoterpenoids are mainly found in plant essential oils and they are ideal substrates for biotransformation into oxygen-containing derivatives with important commercial value due to their low price and simple structure. In this paper, eleven strains of endophytic fungi from Praxelis clematidea were used as test strains to conduct the whole cell biotransformation of the monoterpenoids: (+)-limonene, (-)-limonene and myrcene. The fungi were inoculated in 50 ml Sabouraud medium and incubated at 30 ℃ with the agitation of 150 r/min for 6 d, and then 0.5% (v/v) substrates were added into the medium and biotransformed for further 3 d. Afterwards the cultures were filtered, and extracted using equal volume of ethyl acetate. The metabolites were analyzed by GC-MS technique with NIST database. The Total Ion Chromatogram of the extractions from the eleven strains showed that the main product of (+)- and (-)-limonene biotransformation was limonene-1,2-diol, while it is limonene and linalool oxide for biotransformation of myrcene. This work will help screen the microorganisms to biotransform the monoterpenes.

Keywords: endophytic fungi, (+)–limonene, (-)–limonene, myrcene

Procedia PDF Downloads 126
33 Optimization of a Combined Ejector-Vapor Compression Refrigeration Systems with R134a

Authors: Ilhem Ouelhazi, Mouna Elakhdar, Lakdar Kairouani

Abstract:

A computer simulation model for a combined ejector-vapor compression cycle that uses working fluid R134a. A refrigeration system was developed which combines a basic vapor compression refrigeration cycle with an ejector cooling cycle. A one-dimensional mathematical model was developed using the equations governing the flow and thermodynamics based on the constant area ejector flow model. The effects of the operating parameters on the cooling capacity, the performance coefficient, and the entrainment ratio are studied. The current model is based on the NIST-REFPROP database for refrigerants properties calculations. The simulated performance is compared with the available experimental data from the literature for validation.

Keywords: combined refrigeration cycle, constant area ejector, R134a, ejector-cooling cycle, performance, mathematical simulation, vapor compression cycle

Procedia PDF Downloads 226
32 Efficient Internal Generator Based on Random Selection of an Elliptic Curve

Authors: Mustapha Benssalah, Mustapha Djeddou, Karim Drouiche

Abstract:

The random number generation (RNG) presents a significant importance for the security and the privacy of numerous applications, such as RFID technology and smart cards. Since, the quality of the generated bit sequences is paramount that a weak internal generator for example, can directly cause the entire application to be insecure, and thus it makes no sense to employ strong algorithms for the application. In this paper, we propose a new pseudo random number generator (PRNG), suitable for cryptosystems ECC-based, constructed by randomly selecting points from several elliptic curves randomly selected. The main contribution of this work is the increasing of the generator internal states by extending the set of its output realizations to several curves auto-selected. The quality and the statistical characteristics of the proposed PRNG are validated using the Chi-square goodness of fit test and the empirical Special Publication 800-22 statistical test suite issued by NIST.

Keywords: PRNG, security, cryptosystem, ECC

Procedia PDF Downloads 445
31 A Socio-Technical Approach to Cyber-Risk Assessment

Authors: Kitty Kioskli, Nineta Polemi

Abstract:

Evaluating the levels of cyber-security risks within an enterprise is most important in protecting its information system, services and all its digital assets against security incidents (e.g. accidents, malicious acts, massive cyber-attacks). The existing risk assessment methodologies (e.g. eBIOS, OCTAVE, CRAMM, NIST-800) adopt a technical approach considering as attack factors only the capability, intention and target of the attacker, and not paying attention to the attacker’s psychological profile and personality traits. In this paper, a socio-technical approach is proposed in cyber risk assessment, in order to achieve more realistic risk estimates by considering the personality traits of the attackers. In particular, based upon principles from investigative psychology and behavioural science, a multi-dimensional, extended, quantifiable model for an attacker’s profile is developed, which becomes an additional factor in the cyber risk level calculation.

Keywords: attacker, behavioural models, cyber risk assessment, cybersecurity, human factors, investigative psychology, ISO27001, ISO27005

Procedia PDF Downloads 165
30 Analysis of Bank Characteristics in a Hydrogen Refueling Station

Authors: Bo Hyun Kim, Sarng Woo Karng

Abstract:

In constructing a hydrogen refueling station, minimizing the volume and reducing the number of banks enable lessening the construction cost. This study aims at performing the dynamic simulation on 250 kg/day of a refueling station for light-duty vehicles. The primary compressor boosts hydrogen from a tube trailer of 250 to 480 bar and stores it in a medium-pressure bank. Then, additional compression of hydrogen from 480 to 900 bar is carried out and stored in a high-pressure bank. Economic analysis was conducted considering the amount of electricity consumed by compression corresponding to the volume and the number of banks (cascade system) in charging mode. NIST REFPROP was selected as the equation of state on the ASPEN HYSYS for thermodynamic analysis of the tube-trailer, the compressors, the chillers, and the banks. Compared to a single high-pressure bank system of 3000 L, the volume of the cascade high-pressure banks (bank1: 250 L and bank 2: 1850 L) was reduced by 30%, and the power consumption of the chiller for precooling was also decreased by 16%.

Keywords: light-duty vehicles, economic analysis, cascade system, hydrogen refueling station

Procedia PDF Downloads 93
29 Density Measurement of Mixed Refrigerants R32+R1234yf and R125+R290 from 0°C to 100°C and at Pressures up to 10 MPa

Authors: Xiaoci Li, Yonghua Huang, Hui Lin

Abstract:

Optimization of the concentration of components in mixed refrigerants leads to potential improvement of either thermodynamic cycle performance or safety performance of heat pumps and refrigerators. R32+R1234yf and R125+R290 are two promising binary mixed refrigerants for the application of heat pumps working in the cold areas. The p-ρ-T data of these mixtures are one of the fundamental and necessary properties for design and evaluation of the performance of the heat pumps. Although the property data of mixtures can be predicted by the mixing models based on the pure substances incorporated in programs such as the NIST database Refprop, direct property measurement will still be helpful to reveal the true state behaviors and verify the models. Densities of the mixtures of R32+R1234yf an d R125+R290 are measured by an Anton Paar U shape oscillating tube digital densimeter DMA-4500 in the range of temperatures from 0°C to 100 °C and pressures up to 10 MPa. The accuracy of the measurement reaches 0.00005 g/cm³. The experimental data are compared with the predictions by Refprop in the corresponding range of pressure and temperature.

Keywords: mixed refrigerant, density measurement, densimeter, thermodynamic property

Procedia PDF Downloads 297
28 Review of K0-Factors and Related Nuclear Data of the Selected Radionuclides for Use in K0-NAA

Authors: Manh-Dung Ho, Van-Giap Pham, Van-Doanh Ho, Quang-Thien Tran, Tuan-Anh Tran

Abstract:

The k0-factors and related nuclear data, i.e. the Q0-factors and effective resonance energies (Ēr) of the selected radionuclides which are used in the k0-based neutron activation analysis (k0-NAA), were critically reviewed to be integrated in the “k0-DALAT” software. The k0- and Q0-factors of some short-lived radionuclides: 46mSc, 110Ag, 116m2In, 165mDy, and 183mW, were experimentally determined at the Dalat research reactor. The other radionuclides selected are: 20F, 36S, 49Ca, 60mCo, 60Co, 75Se, 77mSe, 86mRb, 115Cd, 115mIn, 131Ba, 134mCs, 134Cs, 153Gd, 153Sm, 159Gd, 170Tm, 177mYb, 192Ir, 197mHg, 239U and 239Np. The reviewed data as compared with the literature data were biased within 5.6-7.3% in which the experimental re-determined factors were within 6.1 and 7.3%. The NIST standard reference materials: Oyster Tissue (1566b), Montana II Soil (2711a) and Coal Fly Ash (1633b) were used to validate the new reviewed data showing that the new data gave an improved k0-NAA using the “k0-DALAT” software with a factor of 4.5-6.8% for the investigated radionuclides.

Keywords: neutron activation analysis, k0-based method, k0 factor, Q0 factor, effective resonance energy

Procedia PDF Downloads 126
27 Accidental Compartment Fire Dynamics: Experiment, Computational Fluid Dynamics Weakness and Expert Interview Analysis

Authors: Timothy Onyenobi

Abstract:

Accidental fires and its dynamic as it relates to building compartmentation and the impact of the compartment morphology, is still an on-going area of study; especially with the use of computational fluid dynamics (CFD) modeling methods. With better knowledge on this subject come better solution recommendations by fire engineers. Interviews were carried out for this study where it was identified that the response perspectives to accidental fire were different with the fire engineer providing qualitative data which is based on “what is expected in real fires” and the fire fighters provided information on “what actually obtains in real fires”. This further led to a study and analysis of two real and comprehensively instrumented fire experiments: the Open Plan Office Project by National Institute of Standard and Technology (NIST) USA (to study time to flashover) and the TF2000 project by the Building Research Establishment (BRE) UK (to test for conformity with Building Regulation requirements). The findings from the analysis of the experiments revealed the relative yet critical weakness of fire prediction using a CFD model (usually used by fire engineers) as well as explained the differences in response perspectives of the fire engineers and firefighters from the interview analysis.

Keywords: CFD, compartment fire, experiment, fire fighters, fire engineers

Procedia PDF Downloads 338
26 Levels of Selected Heavy Metals in Varieties of Vegetable oils Consumed in Kingdom of Saudi Arabia and Health Risk Assessment of Local Population

Authors: Muhammad Waqar Ashraf

Abstract:

Selected heavy metals, namely Cu, Zn, Fe, Mn, Cd, Pb, and As, in seven popular varieties of edible vegetable oils collected from Saudi Arabia, were determined by graphite furnace atomic absorption spectrometry (GF-AAS) using microwave digestion. The accuracy of procedure was confirmed by certified reference materials (NIST 1577b). The concentrations for copper, zinc, iron, manganese, lead and arsenic were observed in the range of 0.035 - 0.286, 0.955 - 3.10, 17.3 - 57.8, 0.178 - 0.586, 0.011 - 0.017 and 0.011 - 0.018 µg/g, respectively. Cadmium was found to be in the range of 2.36 - 6.34 ng/g. The results are compared internationally and with standards laid down by world health agencies. A risk assessment study has been carried out to assess exposure to these metals via consumption of vegetable oils. A comparison has been made with safety intake levels for these heavy metals recommended by Institute of Medicine of the National Academies (IOM), US Environmental Protection Agency (US EPA) and Joint FAO/WHO Expert Committee on Food Additives (JECFA). The results indicated that the dietary intakes of the selected heavy metals from daily consumption of 25 g of edible vegetable oils for a 70 kg individual should pose no significant health risk to local population.

Keywords: vegetable oils, heavy metals, contamination, health risk assessment

Procedia PDF Downloads 452
25 Method Validation for Determining Platinum and Palladium in Catalysts Using Inductively Coupled Plasma Optical Emission Spectrometry

Authors: Marin Senila, Oana Cadar, Thorsten Janisch, Patrick Lacroix-Desmazes

Abstract:

The study presents the analytical capability and validation of a method based on microwave-assisted acid digestion for quantitative determination of platinum and palladium in catalysts using inductively coupled plasma optical emission spectrometry (ICP-OES). In order to validate the method, the main figures of merit such as limit of detection and limit of quantification, precision and accuracy were considered and the measurement uncertainty was estimated based on the bottom-up approach according to the international guidelines of ISO/IEC 17025. Limit of detections, estimated from blank signal using 3 s criterion, were 3.0 mg/kg for Pt and respectively 3.6 mg/kg for Pd, while limits of quantification were 9.0 mg/kg for Pt and respectively 10.8 mg/kg for Pd. Precisions, evaluated as standard deviations of repeatability (n=5 parallel samples), were less than 10% for both precious metals. Accuracies of the method, verified by recovery estimation certified reference material NIST SRM 2557 - pulverized recycled monolith, were 99.4 % for Pt and 101% for Pd. The obtained limit of quantifications and accuracy were satisfactory for the intended purpose. The paper offers all the steps necessary to validate the determination method for Pt and Pd in catalysts using inductively coupled plasma optical emission spectrometry.

Keywords: catalyst analysis, ICP-OES, method validation, platinum, palladium

Procedia PDF Downloads 167
24 Levels of Toxic Metals in Different Tissues of Lethrinus miniatus Fish from Arabian Gulf

Authors: Muhammad Waqar Ashraf, Atiq A. Mian

Abstract:

In the present study, accumulation of eight heavy metals, lead (Pb), cadmium (Cd), manganese (Mn), copper (Cu), zinc (Zn), iron (Fe), nickel (Ni) and chromium (Cr)was determined in kidney, heart, liver and muscle tissues of Lethrinus miniatus fish caught from Arabian Gulf. Metal concentrations in all the samples were measured using Atomic Absorption Spectroscopy. Analytical validation of data was carried out by applying the same digestion procedure to standard reference material (NIST-SRM 1577b bovine liver). Levels of lead (Pb) in the liver tissue (0.60µg/g) exceeded the limit set by European Commission (2005) at 0.30 µg/g. Zinc concentration in all tissue samples were below the maximum permissible limit (50 µg/g) as set by FAO. Maximum mean cadmium concentration was found 0.15 µg/g in the kidney tissues. Highest content of Mn in the studied tissues was seen in the kidney tissue (2.13 µg/g), whereas minimum was found in muscle tissue (0.87 µg/g). The present study led to the conclusion that muscle tissue is the least contaminated tissue in Lethrinus miniatus and consumption of organs should be avoided as much as possible.

Keywords: lethrinus miniatus, arabian gulf, heavy metals, atomic absorption spectroscopy

Procedia PDF Downloads 356
23 Levels of Heavy Metals in Different Tissues of Lethrinus Miniatus Fish from Arabian Gulf

Authors: Muhammad Waqar Ashraf

Abstract:

In the present study, accumulation of eight heavy metals, lead (Pb), cadmium (Cd), manganese (Mn), copper (Cu), zinc (Zn), iron (Fe), nickel (Ni) and chromium (Cr)was determined in kidney, heart, liver and muscle tissues of Lethrinus Miniatus fish caught from Arabian Gulf. Metal concentrations in all the samples were measured using Graphite Furnace Atomic Absorption Spectroscopy (GF-AAS). Analytical validation of data was carried out by applying the same digestion procedure to standard reference material (NIST-SRM 1577b bovine liver). Levels of lead (Pb) in the liver tissue (0.60µg/g) exceeded the limit set by European Commission (2005) at 0.30 µg/g. Zinc concentration in all tissue samples were below the maximum permissible limit (50 µg/g) as set by FAO. Maximum mean cadmium concentration was found to be 0.15 µg/g in the kidney tissues. Highest content of Mn in the studied tissues was seen in the kidney tissue (2.13 µg/g), whereas minimum was found in muscle tissue (0.87 µg/g). The present study led to the conclusion that muscle tissue is the least contaminated tissue in Lethrinus Miniatus and consumption of organs should be avoided as much as possible.

Keywords: Arabian gulf, Lethrinus miniatus, heavy metals, atomic absorption spectroscopy

Procedia PDF Downloads 273
22 Modification Encryption Time and Permutation in Advanced Encryption Standard Algorithm

Authors: Dalal N. Hammod, Ekhlas K. Gbashi

Abstract:

Today, cryptography is used in many applications to achieve high security in data transmission and in real-time communications. AES has long gained global acceptance and is used for securing sensitive data in various industries but has suffered from slow processing and take a large time to transfer data. This paper suggests a method to enhance Advance Encryption Standard (AES) Algorithm based on time and permutation. The suggested method (MAES) is based on modifying the SubByte and ShiftRrows in the encryption part and modification the InvSubByte and InvShiftRows in the decryption part. After the implementation of the proposal and testing the results, the Modified AES achieved good results in accomplishing the communication with high performance criteria in terms of randomness, encryption time, storage space, and avalanche effects. The proposed method has good randomness to ciphertext because this method passed NIST statistical tests against attacks; also, (MAES) reduced the encryption time by (10 %) than the time of the original AES; therefore, the modified AES is faster than the original AES. Also, the proposed method showed good results in memory utilization where the value is (54.36) for the MAES, but the value for the original AES is (66.23). Also, the avalanche effects used for calculating diffusion property are (52.08%) for the modified AES and (51.82%) percentage for the original AES.

Keywords: modified AES, randomness test, encryption time, avalanche effects

Procedia PDF Downloads 248
21 Comparison of Different in vitro Models of the Blood-Brain Barrier for Study of Toxic Effects of Engineered Nanoparticles

Authors: Samir Dekali, David Crouzier

Abstract:

Due to their new physico-chemical properties engineered nanoparticles (ENPs) are increasingly employed in numerous industrial sectors (such as electronics, textile, aerospace, cosmetics, pharmaceuticals, food industry, etc). These new physico-chemical properties can also represent a threat for the human health. Consumers can notably be exposed involuntarily by different routes such as inhalation, ingestion or through the skin. Several studies recently reported a possible biodistribution of these ENPs on the blood-brain barrier (BBB). Consequently, there is a great need for developing BBB in vitro models representative of the in vivo situation and capable of rapidly and accurately assessing ENPs toxic effects and their potential translocation through this barrier. In this study, several in vitro models established with micro-endothelial brain cell lines of different origins (bEnd.3 mouse cell line or a new human cell line) co-cultivated or not with astrocytic cells (C6 rat or C8-B4 mouse cell lines) on Transwells® were compared using different endpoints: trans-endothelial resistance, permeability of the Lucifer yellow and protein junction labeling. Impact of NIST diesel exhaust particles on BBB cell viability is also discussed.

Keywords: nanoparticles, blood-brain barrier, diesel exhaust particles, toxicology

Procedia PDF Downloads 440
20 A Framework for Security Risk Level Measures Using CVSS for Vulnerability Categories

Authors: Umesh Kumar Singh, Chanchala Joshi

Abstract:

With increasing dependency on IT infrastructure, the main objective of a system administrator is to maintain a stable and secure network, with ensuring that the network is robust enough against malicious network users like attackers and intruders. Security risk management provides a way to manage the growing threats to infrastructures or system. This paper proposes a framework for risk level estimation which uses vulnerability database National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) and the Common Vulnerability Scoring System (CVSS). The proposed framework measures the frequency of vulnerability exploitation; converges this measured frequency with standard CVSS score and estimates the security risk level which helps in automated and reasonable security management. In this paper equation for the Temporal score calculation with respect to availability of remediation plan is derived and further, frequency of exploitation is calculated with determined temporal score. The frequency of exploitation along with CVSS score is used to calculate the security risk level of the system. The proposed framework uses the CVSS vectors for risk level estimation and measures the security level of specific network environment, which assists system administrator for assessment of security risks and making decision related to mitigation of security risks.

Keywords: CVSS score, risk level, security measurement, vulnerability category

Procedia PDF Downloads 321
19 Approaches to Ethical Hacking: A Conceptual Framework for Research

Authors: Lauren Provost

Abstract:

The digital world remains increasingly vulnerable, making the development of effective cybersecurity approaches even more critical in supporting the success of the digital economy and national security. Although approaches to cybersecurity have shifted and improved in the last decade with new models, especially with cloud computing and mobility, a record number of high severity vulnerabilities were recorded in the National Institute of Standards and Technology (NIST), and its National Vulnerability Database (NVD) in 2020. This is due, in part, to the increasing complexity of cyber ecosystems. Security must be approached with a more comprehensive, multi-tool strategy that addresses the complexity of cyber ecosystems, including the human factor. Ethical hacking has emerged as such an approach: a more effective, multi-strategy, comprehensive approach to cyber security's most pressing needs, especially understanding the human factor. Research on ethical hacking, however, is limited in scope. The two main objectives of this work are to (1) provide highlights of case studies in ethical hacking, (2) provide a conceptual framework for research in ethical hacking that embraces and addresses both technical and nontechnical security measures. Recommendations include an improved conceptual framework for research centered on ethical hacking that addresses many factors and attributes of significant attacks that threaten computer security; a more robust, integrative multi-layered framework embracing the complexity of cybersecurity ecosystems.

Keywords: ethical hacking, literature review, penetration testing, social engineering

Procedia PDF Downloads 219