U.S. NAC Guidance for poliovirus potentially infectious materials

The U.S. NAC Interim Guidance for U.S. Laboratory Facilities to Store and Work with Poliovirus Potentially Infectious Materials applies to all U.S. laboratory facilities possessing WPV/VDPV and OPV PIM. Please note that WHO classifies VDPV with WPV, as described in the WPV definition above. This U.S. NAC guidance document describes biosafety, security, and other measures to store and handle PV PIM in a safe and secure manner by mitigating the risks PV poses to personnel, the environment, and the global eradication of poliovirus. While not all PV PIM will contain PV, the WHO considers the probability that such material could contain PV to be a significant risk to the environment and community, if not contained properly.The measures described herein are stratified based on the risks associated with each PIM type, based on the WHO Guidance to minimize risks for facilities collecting, handling, or storing materials potentially infectious for polioviruses (WHO PIM Guidance). Any U.S. facility in possession of PIM may adopt additional biosafety and security measures over and above the measures described in this, or other applicable U.S. NAC and WHO documents, to ensure PV PIM safety and security.Called also: U.S. NAC Guidance for poliovirus potentially infectious materials.NAC.AUDIT.EXT.005.01Publication date from document properties.NAC.AUDIT_.EXT_.005.01-US-NAC-PIM-Guidance-2022.pd

PIM-Enclave: Bringing Confidential Computation Inside Memory

Demand for data-intensive workloads and confidential computing are the prominent research directions shaping the future of cloud computing. Computer architectures are evolving to accommodate the computing of large data better. Protecting the computation of sensitive data is also an imperative yet challenging objective; processor-supported secure enclaves serve as the key element in confidential computing in the cloud. However, side-channel attacks are threatening their security boundaries. The current processor architectures consume a considerable portion of its cycles in moving data. Near data computation is a promising approach that minimizes redundant data movement by placing computation inside storage. In this paper, we present a novel design for Processing-In-Memory (PIM) as a data-intensive workload accelerator for confidential computing. Based on our observation that moving computation closer to memory can achieve efficiency of computation and confidentiality of the processed information simultaneously, we study the advantages of confidential computing \emph{inside} memory. We then explain our security model and programming model developed for PIM-based computation offloading. We construct our findings into a software-hardware co-design, which we call PIM-Enclave. Our design illustrates the advantages of PIM-based confidential computing acceleration. Our evaluation shows PIM-Enclave can provide a side-channel resistant secure computation offloading and run data-intensive applications with negligible performance overhead compared to baseline PIM model

“Those blimmin Ts and Cs”:a mixed methods analysis of how people manage personal information, privacy, and impressions

Interconnected and smart technologies complicate personal information management (PIM) because users delegate the storing, organizing, and retrieving of personal information to smart and mobile service providers. Meta-level PIM activities are required to maintain the privacy and security of personal information. This study provides insights into how users of location tracking, mobile apps, and smart home technologies perceive PIM and privacy. We turn to the privacy as contextual integrity (CI) and impression management (IM) literatures to explore informational norms and interpersonal dynamics in PIM. This study is based on a mixed methods design to analyze focus groups and interviews with 106 British and Dutch respondents. Combining unsupervised Latent Dirichlet allocation (LDA) topic modeling and thematic analysis, we reveal discursive patterns in respondent accounts of technology use and provide an in-depth interpretation of these patterns. Our findings indicate that PIM practices are associated with the perceived appropriateness of information flows, anthropomorphic interpretations of technologies, and interpersonal surveillance. Thus, impressions are managed toward social actors as well as technology providers. We contribute to PIM research with a demonstration of how PIM in mobile, smart, and location-based technology use cannot be separated from contextual factors and strategies to manage impressions of habits and behaviors.</p

Anonymous subject identification and privacy information management in video surveillance

The widespread deployment of surveillance cameras has raised serious privacy concerns, and many privacy-enhancing schemes have been recently proposed to automatically redact images of selected individuals in the surveillance video for protection. Of equal importance are the privacy and efficiency of techniques to first, identify those individuals for privacy protection and second, provide access to original surveillance video contents for security analysis. In this paper, we propose an anonymous subject identification and privacy data management system to be used in privacy-aware video surveillance. The anonymous subject identification system uses iris patterns to identify individuals for privacy protection. Anonymity of the iris-matching process is guaranteed through the use of a garbled-circuit (GC)-based iris matching protocol. A novel GC complexity reduction scheme is proposed by simplifying the iris masking process in the protocol. A user-centric privacy information management system is also proposed that allows subjects to anonymously access their privacy information via their iris patterns. The system is composed of two encrypted-domain protocols: The privacy information encryption protocol encrypts the original video records using the iris pattern acquired during the subject identification phase; the privacy information retrieval protocol allows the video records to be anonymously retrieved through a GC-based iris pattern matching process. Experimental results on a public iris biometric database demonstrate the validity of our framework

Arguing security: validating security requirements using structured argumentation

This paper proposes using both formal and structured informal arguments to show that an eventual realized system can satisfy its security requirements. These arguments, called 'satisfaction arguments', consist of two parts: a formal argument based upon claims about domain properties, and a set of informal arguments that justify the claims. Building on our earlier work on trust assumptions and security requirements, we show how using satisfaction arguments assists in clarifying how a system satisfies its security requirements, in the process identifying those properties of domains that are critical to the requirements

Arguing satisfaction of security requirements

This chapter presents a process for security requirements elicitation and analysis, based around the construction of a satisfaction argument for the security of a system. The process starts with the enumeration of security goals based on assets in the system, then uses these goals to derive security requirements in the form of constraints. Next, a satisfaction argument for the system is constructed, using a problem-centered representation, a formal proof to analyze properties that can be demonstrated, and structured informal argumentation of the assumptions exposed during construction of the argument. Constructing the satisfaction argument can expose missing and inconsistent assumptions about system context and behavior that effect security, and a completed argument provides assurances that a system can respect its security requirements