Autonomous Information Unit for Fine-Grain Data Access Control and Information Protection in a Net-Centric System

As communication and networking technologies advance, networks will become highly complex and heterogeneous, interconnecting different network domains. There is a need to provide user authentication and data protection in order to further facilitate critical mission operations, especially in the tactical and mission-critical net-centric networking environment. The Autonomous Information Unit (AIU) technology was designed to provide the fine-grain data access and user control in a net-centric system-testing environment to meet these objectives. The AIU is a fundamental capability designed to enable fine-grain data access and user control in the cross-domain networking environments, where an AIU is composed of the mission data, metadata, and policy. An AIU provides a mechanism to establish trust among deployed AIUs based on recombining shared secrets, authentication and verify users with a username, X.509 certificate, enclave information, and classification level. AIU achieves data protection through (1) splitting data into multiple information pieces using the Shamir's secret sharing algorithm, (2) encrypting each individual information piece using military-grade AES-256 encryption, and (3) randomizing the position of the encrypted data based on the unbiased and memory efficient in-place Fisher-Yates shuffle method. Therefore, it becomes virtually impossible for attackers to compromise data since attackers need to obtain all distributed information as well as the encryption key and the random seeds to properly arrange the data. In addition, since policy can be associated with data in the AIU, different user access and data control strategies can be included. The AIU technology can greatly enhance information assurance and security management in the bandwidth-limited and ad hoc net-centric environments. In addition, AIU technology can be applicable to general complex network domains and applications where distributed user authentication and data protection are necessary. AIU achieves fine-grain data access and user control, reducing the security risk significantly, simplifying the complexity of various security operations, and providing the high information assurance across different network domains

ConXsense - Automated Context Classification for Context-Aware Access Control

We present ConXsense, the first framework for context-aware access control on mobile devices based on context classification. Previous context-aware access control systems often require users to laboriously specify detailed policies or they rely on pre-defined policies not adequately reflecting the true preferences of users. We present the design and implementation of a context-aware framework that uses a probabilistic approach to overcome these deficiencies. The framework utilizes context sensing and machine learning to automatically classify contexts according to their security and privacy-related properties. We apply the framework to two important smartphone-related use cases: protection against device misuse using a dynamic device lock and protection against sensory malware. We ground our analysis on a sociological survey examining the perceptions and concerns of users related to contextual smartphone security and analyze the effectiveness of our approach with real-world context data. We also demonstrate the integration of our framework with the FlaskDroid architecture for fine-grained access control enforcement on the Android platform.Comment: Recipient of the Best Paper Awar

The use of routine health facility data for micro-stratification of malaria risk in mainland Tanzania

BACKGROUND: Current efforts to estimate the spatially diverse malaria burden in malaria-endemic countries largely involve the use of epidemiological modelling methods for describing temporal and spatial heterogeneity using sparse interpolated prevalence data from periodic cross-sectional surveys. However, more malaria-endemic countries are beginning to consider local routine data for this purpose. Nevertheless, routine information from health facilities (HFs) remains widely under-utilized despite improved data quality, including increased access to diagnostic testing and the adoption of the electronic District Health Information System (DHIS2). This paper describes the process undertaken in mainland Tanzania using routine data to develop a high-resolution, micro-stratification risk map to guide future malaria control efforts. METHODS: Combinations of various routine malariometric indicators collected from 7098 HFs were assembled across 3065 wards of mainland Tanzania for the period 2017-2019. The reported council-level prevalence classification in school children aged 5-16 years (PfPR(5-16)) was used as a benchmark to define four malaria risk groups. These groups were subsequently used to derive cut-offs for the routine indicators by minimizing misclassifications and maximizing overall agreement. The derived-cutoffs were converted into numbered scores and summed across the three indicators to allocate wards into their overall risk stratum. RESULTS: Of 3065 wards, 353 were assigned to the very low strata (10.5% of the total ward population), 717 to the low strata (28.6% of the population), 525 to the moderate strata (16.2% of the population), and 1470 to the high strata (39.8% of the population). The resulting micro-stratification revealed malaria risk heterogeneity within 80 councils and identified wards that would benefit from community-level focal interventions, such as community-case management, indoor residual spraying and larviciding. CONCLUSION: The micro-stratification approach employed is simple and pragmatic, with potential to be easily adopted by the malaria programme in Tanzania. It makes use of available routine data that are rich in spatial resolution and that can be readily accessed allowing for a stratification of malaria risk below the council level. Such a framework is optimal for supporting evidence-based, decentralized malaria control planning, thereby improving the effectiveness and allocation efficiency of malaria control interventions

Effect of a machine learning-based severe sepsis prediction algorithm on patient survival and hospital length of stay: a randomised clinical trial.

IntroductionSeveral methods have been developed to electronically monitor patients for severe sepsis, but few provide predictive capabilities to enable early intervention; furthermore, no severe sepsis prediction systems have been previously validated in a randomised study. We tested the use of a machine learning-based severe sepsis prediction system for reductions in average length of stay and in-hospital mortality rate.MethodsWe conducted a randomised controlled clinical trial at two medical-surgical intensive care units at the University of California, San Francisco Medical Center, evaluating the primary outcome of average length of stay, and secondary outcome of in-hospital mortality rate from December 2016 to February 2017. Adult patients (18+) admitted to participating units were eligible for this factorial, open-label study. Enrolled patients were assigned to a trial arm by a random allocation sequence. In the control group, only the current severe sepsis detector was used; in the experimental group, the machine learning algorithm (MLA) was also used. On receiving an alert, the care team evaluated the patient and initiated the severe sepsis bundle, if appropriate. Although participants were randomly assigned to a trial arm, group assignments were automatically revealed for any patients who received MLA alerts.ResultsOutcomes from 75 patients in the control and 67 patients in the experimental group were analysed. Average length of stay decreased from 13.0 days in the control to 10.3 days in the experimental group (p=0.042). In-hospital mortality decreased by 12.4 percentage points when using the MLA (p=0.018), a relative reduction of 58.0%. No adverse events were reported during this trial.ConclusionThe MLA was associated with improved patient outcomes. This is the first randomised controlled trial of a sepsis surveillance system to demonstrate statistically significant differences in length of stay and in-hospital mortality.Trial registrationNCT03015454

Defense against Insider Threat: a Framework for Gathering Goal-based Requirements

Insider threat is becoming comparable to outsider threat in frequency of security events. This is a worrying situation, since insider attacks have a high probability of success because insiders have authorized access and legitimate privileges. Despite their importance, insider threats are still not properly addressed by organizations. We contribute to reverse this situation by introducing a framework composed of a method for identification and assessment of insider threat risks and of two supporting deliverables for awareness of insider threat. The deliverables are: (i) attack strategies structured in four decomposition trees, and (ii) a matrix which correlates defense strategies, attack strategies and control principles. The method output consists of goal-based requirements for the defense against insiders

Neighborhood Typology and Cardiometabolic Pregnancy Outcomes in the Maternal Adiposity Metabolism and Stress Study.

ObjectiveThis study aimed to assess associations between neighborhood typologies classified across multiple neighborhood domains and cardiometabolic pregnancy outcomes and determine variation in effectiveness of a mindfulness-based stress-reduction intervention on outcomes across neighborhood types.MethodsNeighborhoods of participants in the Maternal Adiposity Metabolism and Stress (MAMAS) intervention (n = 208) were classified across dimensions of socioeconomic, food, safety, and service/resource environments using latent class analysis. The study estimated associations between neighborhood type and three cardiometabolic pregnancy outcomes-glucose tolerance (GT) during pregnancy, excessive gestational weight gain, and 6-month postpartum weight retention (PPWR)-using marginal regression models. Interaction between neighborhood type and intervention was assessed.ResultsFive neighborhood types differing across socioeconomic, food, and resource environments were identified. Compared with poor, well-resourced neighborhoods, middle-income neighborhoods with low resources had higher risk of impaired GT (relative risk [RR]: 4.1; 95% confidence Interval [CI]: 1.1, 15.5), and wealthy, well-resourced neighborhoods had higher PPWR (beta: 3.9 kg; 95% CI: 0.3, 7.5). Intervention effectiveness varied across neighborhood type with wealthy, well-resourced and poor, moderately resourced neighborhoods showing improvements in GT scores. PPWR was higher in intervention compared with control groups within wealthy, well-resourced neighborhoods.ConclusionsConsideration of multidimensional neighborhood typologies revealed important nuances in intervention effectiveness on cardiometabolic pregnancy outcomes

Specifying Exposure Classification Parameters for Sensitivity Analysis: Family Breast Cancer History

One of the challenges to implementing sensitivity analysis for exposure misclassification is the process of specifying the classification proportions (eg, sensitivity and specificity). The specification of these assignments is guided by three sources of information: estimates from validation studies, expert judgment, and numerical constraints given the data. The purpose of this teaching paper is to describe the process of using validation data and expert judgment to adjust a breast cancer odds ratio for misclassification of family breast cancer history. The parameterization of various point estimates and prior distributions for sensitivity and specificity were guided by external validation data and expert judgment. We used both nonprobabilistic and probabilistic sensitivity analyses to investigate the dependence of the odds ratio estimate on the classification error. With our assumptions, a wider range of odds ratios adjusted for family breast cancer history misclassification resulted than portrayed in the conventional frequentist confidence interval.Children's Cancer Research Fund, Minneapolis, MN, US