Vulnerability anti-patterns:a timeless way to capture poor software practices (Vulnerabilities)

There is a distinct communication gap between the software engineering and cybersecurity communities when it comes to addressing reoccurring security problems, known as vulnerabilities. Many vulnerabilities are caused by software errors that are created by software developers. Insecure software development practices are common due to a variety of factors, which include inefficiencies within existing knowledge transfer mechanisms based on vulnerability databases (VDBs), software developers perceiving security as an afterthought, and lack of consideration of security as part of the software development lifecycle (SDLC). The resulting communication gap also prevents developers and security experts from successfully sharing essential security knowledge. The cybersecurity community makes their expert knowledge available in forms including vulnerability databases such as CAPEC and CWE, and pattern catalogues such as Security Patterns, Attack Patterns, and Software Fault Patterns. However, these sources are not effective at providing software developers with an understanding of how malicious hackers can exploit vulnerabilities in the software systems they create. As developers are familiar with pattern-based approaches, this paper proposes the use of Vulnerability Anti-Patterns (VAP) to transfer usable vulnerability knowledge to developers, bridging the communication gap between security experts and software developers. The primary contribution of this paper is twofold: (1) it proposes a new pattern template – Vulnerability Anti-Pattern – that uses anti-patterns rather than patterns to capture and communicate knowledge of existing vulnerabilities, and (2) it proposes a catalogue of Vulnerability Anti-Patterns (VAP) based on the most commonly occurring vulnerabilities that software developers can use to learn how malicious hackers can exploit errors in software

History-sensitive versus future-sensitive approaches to security in distributed systems

We consider the use of aspect-oriented techniques as a flexible way to deal with security policies in distributed systems. Recent work suggests to use aspects for analysing the future behaviour of programs and to make access control decisions based on this; this gives the flavour of dealing with information flow rather than mere access control. We show in this paper that it is beneficial to augment this approach with history-based components as is the traditional approach in reference monitor-based approaches to mandatory access control. Our developments are performed in an aspect-oriented coordination language aiming to describe the Bell-LaPadula policy as elegantly as possible. Furthermore, the resulting language has the capability of combining both history- and future-sensitive policies, providing even more flexibility and power.Comment: In Proceedings ICE 2010, arXiv:1010.530

The attachment system and physiology in adulthood: normative processes, individual differences, and implications for health.

Attachment theory provides a conceptual framework for understanding intersections between personality and close relationships in adulthood. Moreover, attachment has implications for stress-related physiology and physical health. We review work on normative processes and individual differences in the attachment behavioral system, as well as their associations with biological mechanisms related to health outcomes. We highlight the need for more basic research on normative processes and physiology and discuss our own research on individual differences in attachment and links with physiology. We then describe a novel perspective on attachment and physiology, wherein stress-related physiological changes may also be viewed as supporting the social-cognitive and emotion regulatory functions of the attachment system through providing additional energy to the brain, which has implications for eating behavior and health. We close by discussing our work on individual differences in attachment and restorative processes, including sleep and skin repair, and by stressing the importance of developing biologically plausible models for describing how attachment may impact chronic illness

Health Equity Series: Food Insecurity December 2015

In order to address health equity, it is important to acknowledge the factors that create inequitable health outcomes, such as socioeconomic factors and other inequalities related to race and gender. Although individual responsibility and personal health behaviors have an impact on health outcomes, understanding how the social determinants of health (e.g., education, housing, employment, transportation) play a significant role in both health behaviors and health outcomes is important when attempting to achieve health equity for all Missourians.For the purpose of this report, health equity will be discussed through the examination of Missouri's food system, including how social determinants of health impact food security and food access, as well as the connection between disparities in health outcomes and an inequitable food system

Sun Devils Together: Breaking Stigmas on Student Homelessness

abstract: In universities, such as Arizona State, students are becoming homeless at an alarming rate. These homeless ASU students are often invisible, as seen through the lack of information on who they are and what resources the university has developed to help them. Typically, students arrive at university campuses with most of the resources required for them to pursue a degree. However, several economic factors such as unemployment or financial instability can impact these resources which influence students ability to stay enrolled in classes. This feature is reflected in the well understood concept of the starving student. Despite this paradigm, the fact remains that students under this stress are attending classes and are under financial stress to do so while being unable to meet their basic needs. These intertwined elements result in ASU students becoming exposed to cyclical needs-insecurities including homelessness. Therefore, the team decided to develop a project called Sun Devils Together which addresses the needs of ASUs students facing homelessness and overall aims to help increase the accessibility of available resources through reducing the silo effect that occurs due to lack of communication between different departments and increases faculty, staff, and student awareness regarding the issue. In order to achieve this, the team has collaborated with the Assistant Dean of Students to produce a training module for ASU faculty, professional staff, and students. The team is contributing information to the creation of a new website that will have all the resources available to students in one place. In addition, the team will create a coded pamphlet with a map of resources that will be given out to different departments around campus that students may potentially reach out to for help while informing those departments regarding the existence of other departments that work towards the same cause

Feelings of dual-insecurity among European workers: A multi-level analysis

This article analyses European Social Survey data for 22 countries. We assess the relationship between feelings of employment and income insecurity (dual-insecurity) among workers and national flexicurity policies in the areas of lifelong learning, active labour market policy, modern social security systems and flexible and reliable contractual arrangements. We find that dual-insecurity feelings are lower in countries that score better on most flexicurity polices, but these effects are in all cases outweighed by levels of GDP per capita. Thus feelings of insecurity are reduced more by the affluence of a country than by its social policies. However, affluence is strongly correlated with the policy efforts designed to reduce insecurity, especially active labour market policies and life-long learning, two policy areas that are threatened with cuts as a result of austerity