An official website of the United States government
The adoption of big data analytics in healthcare applications is overwhelming not only because of the huge volume of data being analyzed, but also because of the heterogeneity and sensitivity of the data. Effective and efficient analysis and visualization of secure patient health records are needed to e.g., find new trends in disease management, determining risk factors for diseases, and personalized medicine. In this paper, we propose a novel community cloud architecture to help clinicians and researchers to have easy/increased accessibility to data sets from multiple sources, while also ensuring security compliance of data providers is not compromised. Our cloud-based system design configuration with cloudlet principles ensures application performance has high-speed processing, and data analytics is sufficiently scalable while adhering to security standards (e.g., HIPAA, NIST). Through a case study, we show how our community cloud architecture can be implemented along with best practices in an ophthalmology case study which includes health big data (i.e., Health Facts database, I2B2, Millennium) hosted in a campus cloud infrastructure featuring virtual desktop thin-clients and relevant Data Classification Levels in storage.
more »
« less
This content will become publicly available on September 10, 2026
Automating the RMF: Lessons from the FedRAMP 20x Pilot
The U.S. Federal Risk and Authorization Management Program (FedRAMP) has long relied on extensive sets of controls and static documentation to assess cloud systems. However, this manual, point-in-time approach has struggled to keep pace with cloud-native development. FedRAMP 20x, a 2025 pilot program, reimagines the NIST Risk Management Framework (RMF): replacing traditional NIST 800-53 controls with Key Security Indicators (KSIs), using automated, machine-readable evidence, and emphasizing continuous reporting and authorization. This case study presents a practitioner-led field report from an industry participant who led multiple FedRAMP 20x pilot submissions and engaged directly with the FedRAMP PMO, 3PAOs, and community working groups. It explores how KSIs, continuous evidence pipelines, and DevSecOps integration can streamline authorization and improve cyber risk management. The study shows FedRAMP 20x as a live testbed for implementing the RMF in a cloud-native, automation-first approach and shares actionable recommendations for risk professionals seeking to modernize compliance and support real-time, risk-informed decision-making.
more »
« less
- Award ID(s):
- 2336409
- PAR ID:
- 10657272
- Publisher / Repository:
- Arxiv. Presented at SiRAcon 25, September 9-11, 2025.
- Date Published:
- Format(s):
- Medium: X
- Location:
- Boston, MA
- Sponsoring Org:
- National Science Foundation
More Like this
-
-
The construction industry's shift to data-driven project management has led to the increasing adoption of various sensing technologies. The transition triggers a demand for a workforce skilled in both the technical and analytical aspects of these tools. While sensing technologies and data analytics can support construction processes, the inherent complexity of sensor data processing often exceeds the skill sets of the graduating workforce. Further, integrating sensor-based applications into construction curricula lacks evidence to support effectiveness in training future professionals. Computational thinking-supported data practices can allow construction students to perform sensor data analytics, spanning from data generation to visualization. This pilot study utilizes InerSens, a block programming interface, as a pedagogical tool to develop construction students’ computational thinking through sensor-based ergonomic risk assessment. Twenty-six undergraduate students were engaged in instructional units using wearable sensors, data, and InerSens. The effectiveness of the approach was evaluated by examining students' perceived self-efficacy in sensor data analytics skills, task performance and reflections, and technology acceptance. Results show gains in self-efficacy, positive technology acceptance, and satisfactory performance on course assignments. The study contributes to the Learning-for-Use, constructivism, and constructionism frameworks by integrating computational thinking into graphical and interactive programming objects to develop procedural knowledge and by summatively assessing how construction students learn to address challenges with sensor data analytics.more » « less
-
Abstract The global spread of invasive species in aquatic ecosystems has prompted population control efforts to mitigate negative impacts on native species and ecosystem functions. Removal programs that optimally allocate removal effort across space and time offer promise for improving invader suppression or eradication, especially given the limited resources available to these programs. However, science‐based guidance to inform such programs remains limited. This study leverages two intensive fish removal programs for nonnative green sunfish (Lepomis cyanellus) in intermittent streams of the Bill Williams River basin in Arizona, USA, to explore alternative management strategies involving variable allocation of removal effort in time and space and compare static versus dynamic decision rules. We used Bayesian hierarchical modeling to estimate demographic parameters using existing removal data, with evidence that both removal programs led to at least a 0.39 probability of eradication. Simulated alternative management strategies revealed that population suppression, but not eradication, could be achieved with reduced effort and that dynamic management practices that respond to species abundance in real time can improve the efficiency of removal efforts. High removal frequency and program duration, including continued monitoring after zero fish were captured, contributed to successful population control. With management efforts struggling to keep pace with the rising spread and impacts of invasive species, this research demonstrates the utility of quantitative removal models to help improve invasive removal programs and robustly evaluate the success of population suppression and eradication.more » « less
-
Background: Hypertension is a major risk factor for cardiovascular disease and requires long-term health treatment and ongoing monitoring to the extent that traditional management approaches may be limited in providing. Adopting appropriate digital tools like mobile health technology (mHealth) could be an effective strategy for improving the control and management of this public health burden. This pilot studyevaluated the feasibility of the AHOMKA care model at two tertiary hospitals in Ghana. Outcome measures were changes in systolic (SBP) and diastolic (DBP) blood pressure model acceptance by patients and health care providers.Objective: This study sought to assess the overall pattern of home blood pressure self-monitoring among participants from two teaching hospitals in southern Ghana, using mHealth.Methods: Participants attending two (2) cardiology clinics were recruited for this mixed-method pilot study over a period of eight (8) weeks. Following a longitudinal single-group approach, we conducted structured interviews at the baseline and end-line and used exports of the AHOMKA mHealth application, in-depth interviews and focus group discussions with patients and healthcare providers. Repeated measuresanalysis of variance was adopted to assess differences in SBP and DBP between baseline and end line.Results: This pilot study involved 27 participants with a mean of 50.4 ± 11.0 years-approximately 1:1 male-female participation. Mean SBP decreased by 11.6 mm Hg (95% CI = 15.0 to -8.2), from an average of 138.6 mmHg at baseline to 126.2 mmHg at endline. Average DBP was also significantly reduced by 3.0 mmHg (95% CI = -5.5 to -0.5), from an average of 87.0 mmHg at baseline to 83.0 mmHg at endline. Patients and healthcare providers were satisfied and optimistic about the AHOMKA care model.Conclusion: The encouraging trend in BP outcomes and high response rate from this pilot study provides evidence for further investigation involving the assessment of the effectiveness of the AHOMKA care model while culturally adapting the model to the Ghanaian context. In the spectrum of hypertension interventions, AHOMKA has the potential to ease the burden on the public health systemmore » « less
-
This research examines the contrasting artificial intelligence (AI) governance strategies of the European Union (EU) and China, focusing on the dichotomy between human-centric and state-driven policies. The EU's approach, exemplified by the EU AI Act, emphasizes transparency, fairness, and individual rights protection, enforcing strict regulations for high-risk AI applications to build public trust. Conversely, China's state-driven model prioritizes rapid AI deployment and national security, often at the expense of individual privacy, as seen through its flexible regulatory framework and substantial investment in AI innovation. By applying the United States' National Institute of Standards and Technology (NIST) AI Risk Management Framework's Map, Measure, Manage, and Govern functions, this study explores how both regions balance technological advancement with ethical oversight. The study ultimately suggests that a harmonized approach, integrating elements of both models, could promote responsible global AI development and regulation.more » « less
