There have been a lot of research exertions and studies to improve the safety of critical infrastructures using the Security Operations Center (SOC). As part of efforts, the purpose of this research is to propose a fr...There have been a lot of research exertions and studies to improve the safety of critical infrastructures using the Security Operations Center (SOC). As part of efforts, the purpose of this research is to propose a framework to automate the SOC’s performance of triage, containment and escalation. The research leveraged on qualitative desk review to collect data for analysis, deduced strengths and weaknesses for the current SOC implementations and used that as a basis for proposing the framework. In view of the constant evolution of SOC operations and capabilities coupled with the huge volumes of data collected for analysis, an efficient framework for SOC operations is proposed. The qualitative analysis is used to deduce strengths and weaknesses for the current SOC implementations as a premise for proposing the framework. It consists of eight interactive stages that further leverage on a proposed algorithm for baselining, remediation and escalation. The result of this research is a proposed framework that serves as a unique contribution to enhancing the SOC’s ability to automatically perform triage, containment and escalation. Supplementary to similar and earlier work reviewed, the framework is proposed as the way forward to automatically enable SOC setups with the capacity to efficiently perform triage of security threats, vulnerabilities and incidents, effectively contain identified breaches and appropriately escalate for prompt and accurate solutions.展开更多
Background:Emergency Operations Center(EOC)is a place to provide response to public health emergencies.Chinese Center for Disease Control and Prevention(China CDC)'s EOC was officially established in 2016,which ha...Background:Emergency Operations Center(EOC)is a place to provide response to public health emergencies.Chinese Center for Disease Control and Prevention(China CDC)'s EOC was officially established in 2016,which has been the core department for the public health emergencies and risk response.In recent years,we have been continuously improving the function of EOC through many incidents.In the study,we hope to share the construction status,operation management experience of China CDC's EOC and the response process in the human avian influenza A(H7N9)outbreak.Main text:The China CDC's EOC mainly focus on building the five core elements including sites/places and facilities,information and data,plans and procedures,training and exercises,and logistics.Based on summarizing previous emergency respons巳the China CDC's EOC established its own incident management and the standardized response procedures.The event-specific data,context-specific data and event management data could be obtained through various source.The logistics department of the EOC also provides comprehensive support.The well-trained staff is another necessary conditions for its operation.Through sharing the response process of H7N9 outbreak,it further explains the EOC's functions in the five phases of outbreak response,such as the formulation of the incident response framework,monitoring,personnel dispatch and resource mobilization.Conclusions:The EOC con tributes to faster and more efficient responses during emergencies which en able a greater reduction in morbidity and mortality.Compared with the traditional incident response process,under the command and coordination of China CDC's EOC,each group involved in the response has a clearer goal,responsibilities and tasks at each stage.Meanwhile,each group also gave full play to its own expertise and advantages.As a whole,incident response tended to be more specialized and precise,which generally improves the efficiency of incident response.However,different countries and regions have different response processes to the events.We still suggested that appropriate emerge ncy operati on plan should be made according to the complexity of in cident response in the region when constructing response mechanism,through our experience.And the China CDC's EOC is still at growing and groping phase.展开更多
Public Health Emergency Operation Center (PHEOC) was conceptualized and established for coordinatinginformation and resources towards goal-oriented response in large scale public health emergency. Yet, theactivities u...Public Health Emergency Operation Center (PHEOC) was conceptualized and established for coordinatinginformation and resources towards goal-oriented response in large scale public health emergency. Yet, theactivities undertaken by PHEOCs and their intended goals have not been fully optimized in current scenario.This paper revisited the collective efforts invested in PHEOC conceptualization and development, identified theopportunities and challenges in compliance with standards and framework, demonstrated the accountabilityof PHEOC network, thereby promoted best practice guidance for global public health emergency preparednessand response. This review will help navigate emergency response complexities leveraging PHEOC partnershipsand advance the ability to detect and respond to public health emergencies in low resource settings. The reviewshows that the information on how to adapt best practice guidance to local circumstances could incentivizethe full implementation of prevention, early detection and response to outbreaks. Identifying and correctingdeficiencies in effectiveness evaluation will provide the basis for continuous PHEOC improvement. With thegradually reopening economies and public services in some countries, there is an urgent need to emphasize andvalidate the collective efforts undertaken by PHEOCs for tackling the COVID-19 pandemic.展开更多
This paper expounds the origin of urban operational coordination problem in historical setting, points out that operational coordination problem is essential to cities, induces the major challenges and opportunities f...This paper expounds the origin of urban operational coordination problem in historical setting, points out that operational coordination problem is essential to cities, induces the major challenges and opportunities for urban operating coordination at present, and takes IBM Intelligent Operation Center as example to illustrate the typical solutions with the detailed case study of the Intelligent Operation Center in Rio de Janerio.展开更多
Advanced intelligent or "smart" meters are being deployed in Asia. A result of deployment of smart meters, with associated equipment, is the electric power industry faced with new and changing threats, vulnerabiliti...Advanced intelligent or "smart" meters are being deployed in Asia. A result of deployment of smart meters, with associated equipment, is the electric power industry faced with new and changing threats, vulnerabilities and re-evaluate traditional approaches to cyber security. Protection against emerging cyber-security threats targeting smart meter infrastructures will increase risk to both the utility and customer if not addressed within initial rollouts. This paper will discuss the issues in SMI (smart meter infrastructures) deployments that pertain to cyber security. It will cover topics such as the threats to operations, infrastructure, network and people and organization and their associated risks. SMI deployments include not only the smart meter, but also the interfaces for home energy management systems as well as communication interfaces back to the utility. Utilities must recognize and anticipate the new threat landscape that can attack and compromise the meter and the associated field network collectors. They must also include threats to the WAN (wide-area-network) backhaul networks, smart meter headends, MDMS (meter data management systems) and their interfaces to CIS (customer information systems) and billing and OMS (outage management systems). Lessons learned from SMI implementations from North America, Europe and recently, Japan, will be discussed. How white-box and black-box testing techniques are applied to determine the threat impact to the SMI. Finally, organizational change risk will be discussed and how utilities have responded to re-organizing and developing a security governance structure for the SMI and other smart grid applications.展开更多
Let T = U|T| be the polar decomposition of a bounded linear operator T on a Hilbert space. The transformation T = |T|^1/2 U|T|^1/2 is called the Aluthge transformation and Tn means the n-th Aluthge transformatio...Let T = U|T| be the polar decomposition of a bounded linear operator T on a Hilbert space. The transformation T = |T|^1/2 U|T|^1/2 is called the Aluthge transformation and Tn means the n-th Aluthge transformation. Similarly, the transformation T(*)=|T*|^1/2 U|T*|&1/2 is called the *-Aluthge transformation and Tn^(*) means the n-th *-Aluthge transformation. In this paper, firstly, we show that T(*) = UV|T^(*)| is the polar decomposition of T(*), where |T|^1/2 |T^*|^1/2 = V||T|^1/2 |T^*|^1/2| is the polar decomposition. Secondly, we show that T(*) = U|T^(*)| if and only if T is binormal, i.e., [|T|, |T^*|]=0, where [A, B] = AB - BA for any operator A and B. Lastly, we show that Tn^(*) is binormal for all non-negative integer n if and only if T is centered, and so on.展开更多
文摘There have been a lot of research exertions and studies to improve the safety of critical infrastructures using the Security Operations Center (SOC). As part of efforts, the purpose of this research is to propose a framework to automate the SOC’s performance of triage, containment and escalation. The research leveraged on qualitative desk review to collect data for analysis, deduced strengths and weaknesses for the current SOC implementations and used that as a basis for proposing the framework. In view of the constant evolution of SOC operations and capabilities coupled with the huge volumes of data collected for analysis, an efficient framework for SOC operations is proposed. The qualitative analysis is used to deduce strengths and weaknesses for the current SOC implementations as a premise for proposing the framework. It consists of eight interactive stages that further leverage on a proposed algorithm for baselining, remediation and escalation. The result of this research is a proposed framework that serves as a unique contribution to enhancing the SOC’s ability to automatically perform triage, containment and escalation. Supplementary to similar and earlier work reviewed, the framework is proposed as the way forward to automatically enable SOC setups with the capacity to efficiently perform triage of security threats, vulnerabilities and incidents, effectively contain identified breaches and appropriately escalate for prompt and accurate solutions.
基金This work was supported by National Key Research and Development Project(Grant No.2018YFC0809903-02)National Science and Technology Major Project of China(Grant Nos.2018ZX10101002-003,2018ZX10201-002-008-002).
文摘Background:Emergency Operations Center(EOC)is a place to provide response to public health emergencies.Chinese Center for Disease Control and Prevention(China CDC)'s EOC was officially established in 2016,which has been the core department for the public health emergencies and risk response.In recent years,we have been continuously improving the function of EOC through many incidents.In the study,we hope to share the construction status,operation management experience of China CDC's EOC and the response process in the human avian influenza A(H7N9)outbreak.Main text:The China CDC's EOC mainly focus on building the five core elements including sites/places and facilities,information and data,plans and procedures,training and exercises,and logistics.Based on summarizing previous emergency respons巳the China CDC's EOC established its own incident management and the standardized response procedures.The event-specific data,context-specific data and event management data could be obtained through various source.The logistics department of the EOC also provides comprehensive support.The well-trained staff is another necessary conditions for its operation.Through sharing the response process of H7N9 outbreak,it further explains the EOC's functions in the five phases of outbreak response,such as the formulation of the incident response framework,monitoring,personnel dispatch and resource mobilization.Conclusions:The EOC con tributes to faster and more efficient responses during emergencies which en able a greater reduction in morbidity and mortality.Compared with the traditional incident response process,under the command and coordination of China CDC's EOC,each group involved in the response has a clearer goal,responsibilities and tasks at each stage.Meanwhile,each group also gave full play to its own expertise and advantages.As a whole,incident response tended to be more specialized and precise,which generally improves the efficiency of incident response.However,different countries and regions have different response processes to the events.We still suggested that appropriate emerge ncy operati on plan should be made according to the complexity of in cident response in the region when constructing response mechanism,through our experience.And the China CDC's EOC is still at growing and groping phase.
基金supported by the National Natural ScienceFoundation of China (No. 72042014).
文摘Public Health Emergency Operation Center (PHEOC) was conceptualized and established for coordinatinginformation and resources towards goal-oriented response in large scale public health emergency. Yet, theactivities undertaken by PHEOCs and their intended goals have not been fully optimized in current scenario.This paper revisited the collective efforts invested in PHEOC conceptualization and development, identified theopportunities and challenges in compliance with standards and framework, demonstrated the accountabilityof PHEOC network, thereby promoted best practice guidance for global public health emergency preparednessand response. This review will help navigate emergency response complexities leveraging PHEOC partnershipsand advance the ability to detect and respond to public health emergencies in low resource settings. The reviewshows that the information on how to adapt best practice guidance to local circumstances could incentivizethe full implementation of prevention, early detection and response to outbreaks. Identifying and correctingdeficiencies in effectiveness evaluation will provide the basis for continuous PHEOC improvement. With thegradually reopening economies and public services in some countries, there is an urgent need to emphasize andvalidate the collective efforts undertaken by PHEOCs for tackling the COVID-19 pandemic.
文摘This paper expounds the origin of urban operational coordination problem in historical setting, points out that operational coordination problem is essential to cities, induces the major challenges and opportunities for urban operating coordination at present, and takes IBM Intelligent Operation Center as example to illustrate the typical solutions with the detailed case study of the Intelligent Operation Center in Rio de Janerio.
文摘Advanced intelligent or "smart" meters are being deployed in Asia. A result of deployment of smart meters, with associated equipment, is the electric power industry faced with new and changing threats, vulnerabilities and re-evaluate traditional approaches to cyber security. Protection against emerging cyber-security threats targeting smart meter infrastructures will increase risk to both the utility and customer if not addressed within initial rollouts. This paper will discuss the issues in SMI (smart meter infrastructures) deployments that pertain to cyber security. It will cover topics such as the threats to operations, infrastructure, network and people and organization and their associated risks. SMI deployments include not only the smart meter, but also the interfaces for home energy management systems as well as communication interfaces back to the utility. Utilities must recognize and anticipate the new threat landscape that can attack and compromise the meter and the associated field network collectors. They must also include threats to the WAN (wide-area-network) backhaul networks, smart meter headends, MDMS (meter data management systems) and their interfaces to CIS (customer information systems) and billing and OMS (outage management systems). Lessons learned from SMI implementations from North America, Europe and recently, Japan, will be discussed. How white-box and black-box testing techniques are applied to determine the threat impact to the SMI. Finally, organizational change risk will be discussed and how utilities have responded to re-organizing and developing a security governance structure for the SMI and other smart grid applications.
基金Science Foundation of Minisitry of Education of China (No.208081)
文摘Let T = U|T| be the polar decomposition of a bounded linear operator T on a Hilbert space. The transformation T = |T|^1/2 U|T|^1/2 is called the Aluthge transformation and Tn means the n-th Aluthge transformation. Similarly, the transformation T(*)=|T*|^1/2 U|T*|&1/2 is called the *-Aluthge transformation and Tn^(*) means the n-th *-Aluthge transformation. In this paper, firstly, we show that T(*) = UV|T^(*)| is the polar decomposition of T(*), where |T|^1/2 |T^*|^1/2 = V||T|^1/2 |T^*|^1/2| is the polar decomposition. Secondly, we show that T(*) = U|T^(*)| if and only if T is binormal, i.e., [|T|, |T^*|]=0, where [A, B] = AB - BA for any operator A and B. Lastly, we show that Tn^(*) is binormal for all non-negative integer n if and only if T is centered, and so on.
