Access-rights Analysis in the Presence of Subjects

Modern software development and run-time environments, such as Java and the Microsoft .NET Common Language Runtime (CLR), have adopted a declarative form of access control. Permissions are granted to code providers, and during execution, the platform verifies compatibility between the permissions required by a security-sensitive operation and those granted to the executing code. While convenient, configuring the access-control policy of a program is not easy. If a code component is not granted sufficient permissions, authorization failures may occur. Thus, security administrators tend to define overly permissive policies, which violate the Principle of Least Privilege (PLP). A considerable body of research has been devoted to building program-analysis tools for computing the optimal policy for a program. However, Java and the CLR also allow executing code under the authority of a subject (user or service), and no program-analysis solution has addressed the challenges of determining the policy of a program in the presence of subjects. This paper introduces Subject Access Rights Analysis (SARA), a novel analysis algorithm for statically computing the permissions required by subjects at run time. We have applied SARA to 348 libraries in IBM WebSphere Application Server - a commercial enterprise application server written in Java that consists of >2 million lines of code and is required to support the Java permission- and subject-based security model. SARA detected 263 PLP violations, 219 cases of policies with missing permissions, and 29 bugs that led code to be unnecessarily executed under the authority of a subject. SARA corrected all these vulnerabilities automatically, and additionally synthesized fresh policies for all the libraries, with a false-positive rate of 5% and an average running time of 103 seconds per library. SARA also implements mechanisms for mitigating the risk of false negatives due to reflection and native code; according to a thorough result evaluation based on testing, no false negative was detected. SARA enabled IBM WebSphere Application Server to receive the Common Criteria for Information Technology Security Evaluation Assurance Level 4 certification

Integration against the state: irregular migrants’ agency between deportation and regularisation in the United Kingdom

Reducing the number of foreigners residing unlawfully within the borders of a state requires either their removal or the legalisation of their presence within the territory. Increasingly, governments also employ measures of internal control and limit irregular migrants’ access to rights and services in order to encourage them to leave autonomously. This article aims to contribute to current debates on how to conceptualise and account for the agency that irregular migrants themselves exercise in such contexts. Within critical migration and citizenship studies, many of their everyday actions have been described as ‘acts of citizenship’ but also as instances of ‘becoming imperceptible’, neither of which captures the whole range of strategies irregular migrants employ to strengthen their fragile position vis-à-vis the state. I argue that conceptualising their agency in terms of (self-)integration allows us to account for both: practices through which they actively become political subjects as well as those that precisely constitute a deliberate refusal to do so. Empirically, this is underpinned by an analysis of recent policy developments in the United Kingdom and a series of semi-structured interviews I conducted during 8 months of fieldwork in London with migrants experiencing different kinds and degrees of irregularity

The emotional valence of subliminal priming effects perception of facial expressions

We investigated, in young healthy subjects, how the affective content of subliminally presented priming images and their specific visual attributes impacted conscious perception of facial expressions. The priming images were broadly categorised as aggressive, pleasant, or neutral and further subcategorised by the presence of a face and by the centricity (egocentric or allocentric vantage-point) of the image content. Subjects responded to the emotion portrayed in a pixelated target-face by indicating via key-press if the expression was angry or neutral. Priming images containing a face compared to those not containing a face significantly impaired performance on neutral or angry targetface evaluation. Recognition of angry target-face expressions was selectively impaired by pleasant prime images which contained a face. For egocentric primes, recognition of neutral target-face expressions was significantly better than of angry expressions. Our results suggest that, first, the affective primacy hypothesis which predicts that affective information can be accessed automatically, preceding conscious cognition, holds true in subliminal priming only when the priming image contains a face. Second, egocentric primes interfere with the perception of angry target-face expressions suggesting that this vantage-point, directly relevant to the viewer, perhaps engages processes involved in action preparation which may weaken the priority of affect processing.Accepted manuscrip

Timing of bariatric surgery in people with obesity and diabetes

The use of bariatric surgery in the clinical management of type 2 diabetes in severely obese subjects has been included in the clinical practice recommendations released by the most influential diabetologic associations. However, the timing during the diabetic course in which this use may have the better benefit/risk ratio remains debated. Is it better to use surgery very early in the course of the disease in order to anticipate clinical deterioration, or we should favour a delayed approach in which we reserve the more risky surgery only to patients not adequately controlled with the maximal pharmacologic strategy? In this paper, past and recent evidences about the role of bariatric surgery in the different stages of the clinical course of type 2 diabetes have been revised, starting from pre-diabetes and ending to long-standing diabetic state with established or end-stage macro- and micro-vascular complications. Available evidences strongly advocate in favor of the application of bariatric surgery in the early phase of this course, possibly in the pre-diabetic or in very early diabetic stages. To reserve surgery to more advanced and complicated stages of the disease seems to confer less benefits for the clinical course of diabetes and exposes these more frail patients to the possible side effects of a rapid weight loss

On Properties of Policy-Based Specifications

The advent of large-scale, complex computing systems has dramatically increased the difficulties of securing accesses to systems' resources. To ensure confidentiality and integrity, the exploitation of access control mechanisms has thus become a crucial issue in the design of modern computing systems. Among the different access control approaches proposed in the last decades, the policy-based one permits to capture, by resorting to the concept of attribute, all systems' security-relevant information and to be, at the same time, sufficiently flexible and expressive to represent the other approaches. In this paper, we move a step further to understand the effectiveness of policy-based specifications by studying how they permit to enforce traditional security properties. To support system designers in developing and maintaining policy-based specifications, we formalise also some relevant properties regarding the structure of policies. By means of a case study from the banking domain, we present real instances of such properties and outline an approach towards their automatised verification.Comment: In Proceedings WWV 2015, arXiv:1508.0338

Relationship Between Oral Health and Clinical Osteoporosis Among Hospitalized Patients with and Without Diabetes

Objective: Diabetes mellitus (DM) is associated with poor oral health and osteoporosis (OP). The aim of this study was to assess the relationship between OP, periodontal disease (PD), and other dental and health outcomes in a cohort of hospitalized patients with and without DM. Method: Using a cross-sectional study design, we enrolled consecutive hospitalized patients. We administered a questionnaire to gather demographic information, oral health history, smoking history, and history of OP. We inspected their dentition and reviewed their charts. Data were analyzed using t-tests, chi-square tests, and logistic regression models. Result: Out of 301 patients enrolled, 275 had PD, 102 had DM, and 30 had OP. In univariate analyses, factors associated with OP included older age... (See full abstract in article)

Clinical features of alcoholic hepatitis in latinos and caucasians: A single center experience.

AimTo study differences of presentation, management, and prognosis of alcoholic hepatitis in Latinos compared to Caucasians.MethodsWe retrospectively screened 876 charts of Caucasian and Latino patients who were evaluated at University of California Davis Medical Center between 1/1/2002-12/31/2014 with the diagnosis of alcoholic liver disease. We identified and collected data on 137 Caucasians and 64 Latinos who met criteria for alcoholic hepatitis, including chronic history of heavy alcohol use, at least one episode of jaundice with bilirubin ≥ 3.0 or coagulopathy, new onset of liver decompensation or acute liver decompensation in known cirrhosis within 12 wk of last drink.ResultsThe mean age at presentation of alcoholic hepatitis was not significantly different between Latinos and Caucasians. There was significant lower rate of overall substance abuse in Caucasians compared to Latinos and Latinos had a higher rate of methamphetamine abuse (12.5% vs 0.7%) compared to Caucasians. Latinos had a higher mean number of hospitalizations (5.3 ± 5.6 vs 2.7 ± 2.7, P = 0.001) and mean Emergency Department visits (9.5 ± 10.8 vs 4.5 ± 4.1, P = 0.017) for alcohol related issues and complications compared to Caucasians. There was significantly higher rate of complications of portal hypertension including gastrointestinal bleeding (79.7% vs 45.3%, P < 0.001), spontaneous bacterial peritonitis (26.6% vs 9.5%, P = 0.003), and encephalopathy (81.2% vs 55.5%, P = 0.001) in Latinos compared to Caucasians.ConclusionLatinos have significant higher rates of utilization of acute care services for manifestations alcoholic hepatitis and complications suggesting poor access to outpatient care

Unknowable bodies, unthinkable sexualities: lesbian and transgender legal invisibility in the Toronto women's bathhouse raid

Although litigation involving sexual orientation and gender identity discrimination claims has generated considerable public attention in recent years, lesbian and transgender bodies and sexualities still remain largely invisible in Anglo-American courts. While such invisibility is generally attributed to social norms that fail to recognize lesbian and transgender experiences, the capacity to 'not see' or 'not know' queer bodies and sexualities also involves wilful acts of ignorance. Drawing from R. v Hornick (2002) a Canadian case involving the police raid of a women's bathhouse, this article explores how lesbian and transgender bodies and sexualities are actively rendered invisible via legal knowledge practices, norms and rationalities. It argues that limited knowledge and limited thinking not only regulate the borders of visibility and belonging, but play an active part in shaping identities, governing conduct and producing subjectivity

Derrida's Territorial Knowledge of Justice

Peter Fitzpatrick’s writings prove once and for all that it is possible for a law professor to write in beautiful English. His work also proves once and for all that the dominating tradition of Anglo-American legal philosophy and of law teaching has been barking up the wrong tree: namely, that the philosopher and professional law teachers can understand justice as nested in empty forms, better known as rules, doctrines, principles, policies, and other standards. The more rigorous our analysis or decomposition of the forms, we have believed, the more closely do we access the identity of laws. Justice has been assumed to be a matter of intellectually accessing such analysed forms. Fitzpatrick’s articles and books embody an implicit critique of the analytic view of law and of justice. My entry point into this critique is his preoccupation with Jacques Derrida’s theory of laws as universals and with Derrida’s theory of justice as an inaccessible immediacy or presence in context-specific or concrete experienced events. Each event is experienced in an official’s decision. Such a decision represents what Derrida, Fitzpatrick, and Hegel call ‘individuality’. Derrida’s theory of law presents a conundrum. Derrida misses the possibility that law may exist by virtue of its content rather than its form. Derrida misses this possibility because, heavily influenced by Kant (in Derrida’s theory of law), Derrida associates law with universals. This is so because Kant (and Derrida) are preoccupied with the identity of what counts as a law (lois) rather than with a law’s legitimacy. A universal cannot exist unless it is legitimate, and it is legitimate, I claim, by virtue of its content. In his association of law with universals, Derrida presupposes that legal knowledge exists with reference to a territorial-like boundary. The forms are represented or signified by signs (signifiers) within a boundary of the ultimate form (the state, the nation, or humanity). This ultimate form as a universal, like the discrete rules or forms, lacks socially contingent content. A boundary separates knowable universals from the unknowable world on the exteriority of the boundary. The unknowable world is constituted by concrete events experienced in context-specific circumstances. In his legal theory Derrida hones in upon the decision as the experienced event. In a decision, one is present or immediate with the event. Derrida considers such immediacy as justice. The immediacy, however, can only be represented as a sign (sometimes called a signifier). The sign, in turn, represents an empty signified or form, according to Derrida. Because the immediacy remains a representation rather than a presentation of the experienced event, laws as universals cannot be just. The rupture between the inaccessible immediacy of a decision on the one hand and the represented empty forms on the other is critical to Derrida’s theory of law. I claim that this rupture permeates Derrida’s writings about law because Derrida possesses a territorial-like sense of legal knowledge. I shall argue to this effect as follows. In the first section I shall explain the importance of Fitzpatrick’s exposure of the vacuity of the foundation of the system or structure of universals. In the second section I shall flesh out two elements of Derrida’s legal theory: law as form and the ipseity or concrete event that the form excludes from law. This takes me to the third section, where I shall elaborate how Derrida’s legal theory presupposes knowledge as territorial. I shall argue in the final section that this very sense of territorial knowledge prevents justice from accessing law and law from accessing justice. I conclude with the hint of a very different sense of law, one that draws from experiential knowledge in contradistinction to territorial knowledge