Intelligent Sensors Security

The paper is focused on the security issues of sensors provided with processors and software and used for high-risk applications. Common IT related threats may cause serious consequences for sensor system users. To improve their robustness, sensor systems should be developed in a restricted way that would provide them with assurance. One assurance creation methodology is Common Criteria (ISO/IEC 15408) used for IT products and systems. The paper begins with a primer on the Common Criteria, and then a general security model of the intelligent sensor as an IT product is discussed. The paper presents how the security problem of the intelligent sensor is defined and solved. The contribution of the paper is to provide Common Criteria (CC) related security design patterns and to improve the effectiveness of the sensor development process

Desempeño profesional de los bibliotecarios escolares de Secundaria Básica del municipio Majagua

At Junior High Schools in Majagua municipality some insufficiencies are found in training school librarians to meet their technical and methodological functions; thus in order to enhance the transformations in the quality of education, the scientific and methodological work was designed and implemented with the objective of proposing actions to increase the preparation of school librarians and the quality of their professional performance.En las escuelas de la enseñanza Secundaria Básica del municipio Majagua se manifiestan insuficiencias en la preparación de los bibliotecarios escolares para el cumplimiento de las funciones técnicas y metodológicas; a fin de favorecer las transformaciones en la calidad de la educación, se diseñó y ejecutó el trabajo científico metodológico con el objetivo de proponer acciones para elevar la preparación del bibliotecario escolar y la calidad de su desempeño profesional

Addendum to CEM

This document is an Addendum to the current version of the [CEM] document. The [CEM] document is used by any ITSEF in order to perform evaluation of TOE submitted. However, the [CEM] is a generic document that is technologic agnostic. Hence, the aim to this document is to provide additional information to the [CEM] as a form of suggestion. This information could be used to perform the evaluation of a MILS system or MILS component. First, this document studies the current status of various technological domains with regards to the Common Criteria standard. In the second part, this document develops, like for many other technological domains, the “Attack Potential”. It is a refinement for the MILS technology of the five essential criterion of an attack: elapsed time, expertise of the attacker needed, knowledge of the TOE needed, windows of opportunity needed and equipment required for the attack. Like for the Smartcard domain or the the Point of Interaction domain, this document suggest values and definition to be used for an evaluation of a MILS system. This section is written in a form that is compatible to the JIL consortium. Later, this document suggests an “Attack method” for the MILS domain. The aim is to suggest attack path that could be used to perform the evaluation of a MILS system. In addition, this section suggests the JIL quotation for each attack. The JIL quotation is a standardized way of evaluating the resources needed and the complexity of an attack. In the fourth section, this document suggests a refinement of the CEM document in the context of MILS system. Indeed, CEM is not complete and some work units to be performed are not defined. This section suggests an interpretation of the missing work units of the CEM in the context of MILS domain. Finally, this document deals with the concept of Composition. This concept is well defined in the case of Hardware based technology. However, this concept has never been pushed to the Software layer. This section suggests a methodology that allows performing an evaluation of a software platform (like an Operating System) and then taking benefit of this certification to compose with applications