593 research outputs found

    Parametric timed model checking for guaranteeing timed opacity

    Get PDF
    Information leakage can have dramatic consequences on systems security. Among harmful information leaks, the timing information leakage is the ability for an attacker to deduce internal information depending on the system execution time. We address the following problem: given a timed system, synthesize the execution times for which one cannot deduce whether the system performed some secret behavior. We solve this problem in the setting of timed automata (TAs). We first provide a general solution, and then extend the problem to parametric TAs, by synthesizing internal timings making the TA secure. We study decidability, devise algorithms, and show that our method can also apply to program analysis.Comment: This is the author (and extended) version of the manuscript of the same name published in the proceedings of ATVA 2019. This work is partially supported by the ANR national research program PACS (ANR-14-CE28-0002), the ANR-NRF research program (ProMiS) and by ERATO HASUO Metamathematics for Systems Design Project (No. JPMJER1603), JS

    Describing secure interfaces with interface automata

    Get PDF
    Interface automata are a model that allows for the representation of stateful interfaces. In this paper we introduce a variant of interface automata, which we call interface structure for security (ISS), that allows for the modelling of security. We focus on the property of non interference, more precisely in bisimulation-based non interference for reactive systems. We define the notion of compatible interfaces in this setting meaning that they can be composed so that a secure interface can be synthesized from the composition. In fact, we provide an algorithm that determines whether an ISS can be made secure by controlling (more specifically, pruning) some public input actions, and if so, synthesize the secure ISS. In addition, we also provide some sufficient conditions on the components ISS to ensure that their composition is secure (and hence no synthesis process is needed).Fil: Lee, Matias David. Consejo Nacional de Investigaciones Científicas y Técnicas. Centro Científico Tecnológico Conicet - Córdoba; Argentina. Universidad Nacional de Córdoba. Facultad de Matemática, Astronomía y Física; ArgentinaFil: D'argenio, Pedro Ruben. Universidad Nacional de Córdoba. Facultad de Matemática, Astronomía y Física; Argentina. Consejo Nacional de Investigaciones Científicas y Técnicas. Centro Científico Tecnológico Conicet - Córdoba; Argentin

    Configuring Timing Parameters to Ensure Execution-Time Opacity in Timed Automata

    Full text link
    Timing information leakage occurs whenever an attacker successfully deduces confidential internal information by observing some timed information such as events with timestamps. Timed automata are an extension of finite-state automata with a set of clocks evolving linearly and that can be tested or reset, making this formalism able to reason on systems involving concurrency and timing constraints. In this paper, we summarize a recent line of works using timed automata as the input formalism, in which we assume that the attacker has access (only) to the system execution time. First, we address the following execution-time opacity problem: given a timed system modeled by a timed automaton, given a secret location and a final location, synthesize the execution times from the initial location to the final location for which one cannot deduce whether the secret location was visited. This means that for any such execution time, the system is opaque: either the final location is not reachable, or it is reachable with that execution time for both a run visiting and a run not visiting the secret location. We also address the full execution-time opacity problem, asking whether the system is opaque for all execution times; we also study a weak counterpart. Second, we add timing parameters, which are a way to configure a system: we identify a subclass of parametric timed automata with some decidability results. In addition, we devise a semi-algorithm for synthesizing timing parameter valuations guaranteeing that the resulting system is opaque. Third, we report on problems when the secret has itself an expiration date, thus defining expiring execution-time opacity problems. We finally show that our method can also apply to program analysis with configurable internal timings.Comment: In Proceedings TiCSA 2023, arXiv:2310.18720. This invited paper mainly summarizes results on opacity from two recent works published in ToSEM (2022) and at ICECCS 2023, providing unified notations and concept names for the sake of consistency. In addition, we prove a few original results absent from these work

    Detection of Microorganisms using MALDI and ion mobility mass spectrometry

    Get PDF
    Matrix-assisted laser ablation desorption ionization MALDI and ion mobility (IM) MALDI mass spectrometry (MS) were used for the detection and identification of microorganisms. MALDI MS is an analytical tool that separates ions by their mass-to-charge ratio (m/z) and is routinely used for bioanalysis because of its sensitivity, selectivity, general applicability, and tolerance to impurities. Ion mobility is a gas phase technique that separates ions based on their charge and collision cross-section. In this research, MALDI-TOF MS and MALDI-IM-TOF MS analysis were conducted in parallel to assess the effectiveness of MALDI-IM-TOF MS for microorganism identification. Whole cell bacteria Escherichia coli strain W 9637 and Bacillus subtilis 6633 were prepared and analyzed using both MALDI-TOF MS and MALDI-IM-TOF MS. The signals from both analysis methods were identified using a microbial database. Vacuum ultraviolet (VUV) post-ionization MALDI-IM-TOF MS was also used and additional peaks that could not be detected using MALDI-TOF MS and MALDI-IM-TOF MS were observed from B. subtilis. MALDI MS was used in combination with mass spectral fingerprinting software for the identification of whole cell bacteria in the presence of potential environmental interferants. Whole bacteria were analyzed in the presence of fumed silica, bentonite, and pollen from Juglans nigra (black walnut) at various mass ratios. The effect of the interferants on the identifications of bacteria at the genus and species level was evaluated using the bacteria fingerprinting software MB. The results showed that correct species identification for E. coli 35218, could be determined with fumed silica, bentonite, and pollen at a mass ratio of 1:1; whereas, at the same mass ratio, with diesel particulate, only genus identification could be made. Species identification for E. aerogenes 13048 with fumed silica and pollen at a mass ratio of 1:1 was achieved. Genus identification was determined for E.aerogenes with bentonite and diesel particulate. As the mass ratio of the interferant increased, the likelihood of species identification decreased with the exception of E. aerogenes with fumed silica and pollen. Under ambient conditions, laser ablation sample transfer using a mid-infrared laser at 2.94 ƒÝm was used to ablate gram-negative E. coli 35218 and gram-positive B. cereus 11178 bacterial colony particulate from a petri dish into a solvent droplet suspended above the petri dish. The solvent droplet containing the captured material was then transferred to a nanostructured-assisted laser desorption ionization (NALDI) target for analysis on a matrix-assisted laser desorption ionization (MALDI) time-of-flight (TOF) mass spectrometer (MS). Several peaks that were observed in the NALDI spectra of both gram-negative and gram-positive correspond to phospholipid classes, phosphatidylethanolamine (PE) and phosphatidylglycerol (PG). Additional phospholipids diglycosyldiglyceride (DGDG), triacylglyceride (TAG) and a lipopeptide, which are typically found in gram-positive bacteria were observed in the NALDI spectrum of B. cereus. Using LAST NALDI, phospholipids could be identified from both bacterial species without any sample pretreatment

    Aspects of flow injection atomic absorption spectrometry

    Get PDF
    The literature relevant to the generation of volatile hydrides for analytical atomic spectroscopy has been reviewed, with particular reference to atomic absorption spectrometry (AAS). This reveals some conflicting information concerning the nature of various interference effects and strategies to overcome them. The use of flow injection (FI) procedures has been demonstrated by several research groups, to be beneficial. A review of the literature concerning the application of FI techniques to AAS shows that there is a sustained interest in the use of such a combination for analytical purposes. In particular, an interest in the on-line coupling of chemical pretreatment of samples is evident. Atomic absorption spectrometry has a limited working range and requires frequent calibration, consequently, there is a need for a rapid, precise on-line dilution procedure. The potential of FI systems with wide bore manifold tubing for on-line dilution was assessed and found to be limited by variations in dispersion coefficient arising from differences in specific gravities between the sample and carrier fluids. This could be overcome only by the use of unrealistically high flow rates. The use of FI procedures for the generation of volatile hydrides of selenium and arsenic was investigated. Optimization studies of system parameters, including the atomization step, were undertaken which demonstrated the benefits in applying FI in hydride generation atomic absorption spectrometry (HGAAS). Analytical methods were devised and evaluated for the determination of Se in copper metal and As in nickel alloy. These procedures involved the use of an on-line matrix removal step in which potentially interfering matrix elements were retained on a strong cation exchange resin (Dowex 50W). The manifold was designed so that the FI value acted as the interface between the matrix isolation stage and the vapour generation stage, a strategy which allowed independent optimization of each stage. Location of the ion exchange resin in the sample loop of a six-port rotary valve allowed the resin to be regenerated easily and rapidly, with a throughput capability of the order of 50 h⁻¹ and permit the proposed full automation of the whole analytical procedure. In the determination of As in nickel alloy a novel stopped-flow pre-reduction step was developed to permit AsIII quantification, therefore, achieve optimum sensitivity. The two systems permitted limits of detection for Se and As of 2.1 and 3.9 ng ml⁻¹ respectively. Direct comparisons were made with existing matrix isolation systems to emphasise the benefits of system design

    Steroid Assays in Paediatric Endocrinology

    Get PDF
    Most steroid disorders of the adrenal cortex come to clinical attention in childhood and in order to investigate these problems, there are many challenges to the laboratory which need to be appreciated to a certain extent by clinicians. The analysis of sex steroids in biological fluids from neonates, over adrenarche and puberty present challenges of specificities and concentrations often in small sample sizes. Different reference ranges are also needed for interpretations. For around 40 years, quantitative assays for the steroids and their regulatory peptide hormones have been possible using immunoassay techniques. Problems are recognised and this review aims to summarise the benefits and failings of immunoassays and introduce where tandem mass spectrometry is anticipated to meet the clinical needs for steroid analysis in paediatric endocrine investigations. It is important to keep a dialogue between clinicians and the laboratory, especially when any laboratory result does not make sense in the clinical investigation

    Investigations of urinary alpha-1 acid glycoprotein

    Get PDF
    The primary objective of this thesis was to investigate the mechanisms of post-exercise and altitude-induced proteinuria by measuring urinary alpha-1 acid glycoprotein (a1-AGP), a sensitive marker of glomerular leak. Following a review of literature providing the rationale for urinalysis of a1-AGP (Chapters 1 and 2), initial experimental chapters outlined the development and validation of a novel immunoturbidimetric assay for low-concentration a1-AGP (Chapter 3), as well as, the application and analysis completed to establish a normative reference range from collected samples and a systematic literature review (Chapter 4). The novel immunoassay was further utilised to evaluate the contribution of hypoxia to post-exercise and altitude-induced a1-AGP excretion, combining data from field- and chamber-based studies (Chapters 5 and 6). The final experimental chapter (Chapter 7) examined a1-AGP excretion during ascent to high altitude, but without an acute exercise stimulus. The synthesis of the thesis findings and discussion of future directions (Chapter 8) highlighted that profound systemic hypoxaemia did not influence the degree of post-exercise proteinuria, which was more attributable to exercise intensity, however, nocturnal oxygenation during ascent did influence altitude-induced a1-AGP excretion. Collectively, this thesis advances techniques for the urinalysis of a1-AGP and increases understanding of the causes of post-exercise and altitude-induced proteinuria

    Principles of Security and Trust

    Get PDF
    This open access book constitutes the proceedings of the 8th International Conference on Principles of Security and Trust, POST 2019, which took place in Prague, Czech Republic, in April 2019, held as part of the European Joint Conference on Theory and Practice of Software, ETAPS 2019. The 10 papers presented in this volume were carefully reviewed and selected from 27 submissions. They deal with theoretical and foundational aspects of security and trust, including on new theoretical results, practical applications of existing foundational ideas, and innovative approaches stimulated by pressing practical problems

    The Use of Fab' Enzyme Conjugates for the Measurement of Urinary Growth Hormone

    Get PDF
    This project was initiated following work performed within this Institute to produce antibodies against human growth hormone for use in a serum immunoradiometric assay (IRMA) and some work to investigate the use of insulin like growth factor I (IGF-I) as a diagnostic and management tool for patients with particular growth disorders. Following initial attempts by other workers within the Institute to measure urinary growth hormone, it was concluded that an IRMA was unlikely to be capable of providing adequate sensitivity for this application. This project was intended to investigate the possibility of using the available antibodies in a fluorimetric assay, using similar methodologies to those of Ishikawa et. al. (1987), (1988), to provide a sensitive assay for measuring urinary growth hormone on a routine basis. The production of a suitable antibody fragment from sheep polyclonal IgG was the first major hurdle in the project and it was not until this problem was successfully traversed, by the use of an alternative method to that of Ishikawa et. al. (1988), that it was possible to progress onto production of a peroxidase conjugate or to develop a working assay. In the resulting assay, microtitration wells were used as an alternative separation system to polystyrene beads, for reasons of practicability. Initially a number of colourimetric peroxidase substrates were used in the optimization of the assay, and later when appropriate measuring equipment became available, fluorimetric and luminometric substrates were used in the hope of achieving enhanced sensitivity. The luminometric substrate,which was only investigated briefly at the last stage of the project, provided an assay with sensitivity in the range necessary for a urine growth hormone assay. A number of problems were encountered when attempting to measure growth hormone in urine due to the presence of matrix effects, and attempts were made to eliminate these as far as possible from the assay. Hence a significant proportion of the work carried out involved investigating these matrix effects and showed that dialysis of the urine samples produced unsatisfactory results. An assay was developed with the sensitivity required to measure growth hormone in urine but the matrix effects of urine samples on the assay could not be overcome adequately. Perhaps the realistic conclusion to be drawn is that a successful assay of this type requires investment in state of the art microtitre plate equipment, detection systems and the best available antibodies and enzyme labels. These are most likely to be provided by a commercial company with an international market for the product and the necessary financial backing
    corecore