On Secure Implementation of an IHE XUA-Based Protocol for Authenticating Healthcare Professionals

The importance of the Electronic Health Record (EHR) has been addressed in recent years by governments and institutions.Many large scale projects have been funded with the aim to allow healthcare professionals to consult patients data. Properties such as confidentiality, authentication and authorization are the key for the success for these projects. The Integrating the Healthcare Enterprise (IHE) initiative promotes the coordinated use of established standards for authenticated and secure EHR exchanges among clinics and hospitals. In particular, the IHE integration profile named XUA permits to attest user identities by relying on SAML assertions, i.e. XML documents containing authentication statements. In this paper, we provide a formal model for the secure issuance of such an assertion. We first specify the scenario using the process calculus COWS and then analyse it using the model checker CMC. Our analysis reveals a potential flaw in the XUA profile when using a SAML assertion in an unprotected network. We then suggest a solution for this flaw, and model check and implement this solution to show that it is secure and feasible

A reduced semantics for deciding trace equivalence using constraint systems

Many privacy-type properties of security protocols can be modelled using trace equivalence properties in suitable process algebras. It has been shown that such properties can be decided for interesting classes of finite processes (i.e., without replication) by means of symbolic execution and constraint solving. However, this does not suffice to obtain practical tools. Current prototypes suffer from a classical combinatorial explosion problem caused by the exploration of many interleavings in the behaviour of processes. M\"odersheim et al. have tackled this problem for reachability properties using partial order reduction techniques. We revisit their work, generalize it and adapt it for equivalence checking. We obtain an optimization in the form of a reduced symbolic semantics that eliminates redundant interleavings on the fly.Comment: Accepted for publication at POST'1

Non-collaborative Attackers and How and Where to Defend Flawed Security Protocols (Extended Version)

Security protocols are often found to be flawed after their deployment. We present an approach that aims at the neutralization or mitigation of the attacks to flawed protocols: it avoids the complete dismissal of the interested protocol and allows honest agents to continue to use it until a corrected version is released. Our approach is based on the knowledge of the network topology, which we model as a graph, and on the consequent possibility of creating an interference to an ongoing attack of a Dolev-Yao attacker, by means of non-collaboration actuated by ad-hoc benign attackers that play the role of network guardians. Such guardians, positioned in strategical points of the network, have the task of monitoring the messages in transit and discovering at runtime, through particular types of inference, whether an attack is ongoing, interrupting the run of the protocol in the positive case. We study not only how but also where we can attempt to defend flawed security protocols: we investigate the different network topologies that make security protocol defense feasible and illustrate our approach by means of concrete examples.Comment: 29 page

New results on rewrite-based satisfiability procedures

Program analysis and verification require decision procedures to reason on theories of data structures. Many problems can be reduced to the satisfiability of sets of ground literals in theory T. If a sound and complete inference system for first-order logic is guaranteed to terminate on T-satisfiability problems, any theorem-proving strategy with that system and a fair search plan is a T-satisfiability procedure. We prove termination of a rewrite-based first-order engine on the theories of records, integer offsets, integer offsets modulo and lists. We give a modularity theorem stating sufficient conditions for termination on a combinations of theories, given termination on each. The above theories, as well as others, satisfy these conditions. We introduce several sets of benchmarks on these theories and their combinations, including both parametric synthetic benchmarks to test scalability, and real-world problems to test performances on huge sets of literals. We compare the rewrite-based theorem prover E with the validity checkers CVC and CVC Lite. Contrary to the folklore that a general-purpose prover cannot compete with reasoners with built-in theories, the experiments are overall favorable to the theorem prover, showing that not only the rewriting approach is elegant and conceptually simple, but has important practical implications.Comment: To appear in the ACM Transactions on Computational Logic, 49 page

Shear viscosity and chemical equilibration of the QGP

We have investigated, in the frame work of the transport approach, different aspects of the QGP created in Heavy Ion Collisions at RHIC and LHC energies. The shear viscosity $\eta$ has been calculated by using the Green-Kubo relation at the cascade level. We have compared the numerical results for $\eta$ obtained from the Green-Kubo correlator with the analytical formula in both the Relaxation Time Approximation (RTA) and the Chapman-Enskog approximation (CE). From this comparison we show that in the range of temperature explored in a Heavy Ion collision the RTA underestimates the viscosity by about a factor of 2, while a good agreement is found between the CE approximation and Gree-Kubo relation already at first order of approximation. The agreement with the CE approximation supplies an analytical formula that allows to develop kinetic transport theory at fixed shear viscosity to entropy density ratio, $\eta/s$. We show some results for the build up of anisotropic flows $v_{2}$ in a transport approach at fixed shear viscosity to entropy density ratio, $\eta/s$. We study the impact of a T-dependent $\eta/s(T)$ on the generation of the elliptic flows at both RHIC and LHC. We show that the transport approach provides, in a unified way, a tool able to naturally describe the $v_{2}(p_{T})$ in a wide range of $p_{T}$, including also the description of the rise and fall and saturation of the $v_{2}(p_{T})$ observed at LHC. Finally, we have studied the evolution of the quark-gluon composition employing a Boltzmann-Vlasov transport approach that include: the mean fields dynamics, associated to the quasi-particle model, and the elastic and inelastic collisions for massive quarks and gluons. Following the chemical evolution from an initial gluon dominated plasma we predict a quark dominance close to $T_{C}$ paving the way to an hadronization via quark coalescence.Comment: 15 pages, 10 figures, Invited Talk given by S. Plumari at the 11th International Conference on Nucleus-Nucleus Collisions (NN2012), San Antonio, Texas, USA, May 27-June 1, 2012. To appear in the NN2012 Proceedings in Journal of Physics: Conference Series (JPCS

Fast-slow partially hyperbolic systems versus Freidlin-Wentzell random systems

We consider a simple class of fast-slow partially hyperbolic dynamical systems and show that the (properly rescaled) behaviour of the slow variable is very close to a Friedlin--Wentzell type random system for times that are rather long, but much shorter than the metastability scale. Also, we show the possibility of a "sink" with all the Lyapunov exponents positive, a phenomenon that turns out to be related to the lack of absolutely continuity of the central foliation.Comment: To appear in Journal of Statistical Physic

Chemical Profile of Lipophilic Fractions of Different Parts of Zizyphus lotus L. by GC-MS and Evaluation of Their Antiproliferative and Antibacterial Activities

Zizyphus lotus L. is a perennial shrub particularly used in Algerian folk medicine, but little is known concerning the lipophilic compounds in the most frequently used parts, namely, root bark, pulp, leaves and seeds, which are associated with health benefits. In this vein, the lipophilic fractions of these morphological parts of Z. lotus from Morocco were studied by gas chromatography–mass spectrometry (GC–MS), and their antiproliferative and antimicrobial activities were evaluated. GC– MS analysis allowed the identification and quantification of 99 lipophilic compounds, including fatty acids, long-chain aliphatic alcohols, pentacyclic triterpenic compounds, sterols, monoglycerides, aromatic compounds and other minor components. Lipophilic extracts of pulp, leaves and seeds were revealed to be mainly composed of fatty acids, representing 54.3–88.6% of the total compounds detected. The leaves and seeds were particularly rich in unsaturated fatty acids, namely, (9Z,12Z)-octadeca-9,12-dienoic acid (2431 mg kg−1 of dry weight) and (9Z)-octadec-9-enoic acid (6255 mg kg−1 of dry weight). In contrast, root bark contained a high content of pentacyclic triterpenic compounds, particularly betulinic acid, accounting for 9838 mg kg−1 of dry weight. Root bark extract showed promising antiproliferative activity against a triple-negative breast cancer cell line, MDA-MB-231, with a half-maximal inhibitory concentration (IC50 ) = 4.23 ± 0.18 µg mL−1 of extract. Leaf extract displayed interesting antimicrobial activity against Escherichia coli, methicillin-sensitive Staphylococcus aureus and Staphylococcus epidermis, presenting minimum inhibitory concentration (MIC) values from 1024 to 2048 µg mL−1 of extract. Our results demonstrate that Zizyphus lotus L. is a source of promising bioactive components, which can be exploited as natural ingredients in pharmaceutical formulationspublishe

Expanding the Applicability of Poly(Ionic Liquids) in Solid Phase Microextraction: Pyrrolidinium Coatings

Crosslinked pyrrolidinium-based poly(ionic liquids) (Pyrr-PILs) were synthesized through a fast, simple, and solventless photopolymerization scheme, and tested as solid phase microextraction (SPME) sorbents. A series of Pyrr-PILs bearing three different alkyl side chain lengths with two, eight, and fourteen carbons was prepared, characterized, and homogeneously coated on a steel wire by using a very simple procedure. The resulting coatings showed a high thermal stability, with decomposition temperatures above 350 degrees C, excellent film stability, and lifetime of over 100 injections. The performance of these PIL-based SPME fibers was evaluated using a mixture of eleven organic compounds with different molar volumes and chemical functionalities (alcohols, ketones, and monoterpenes). The Pyrr-PIL fibers were obtained as dense film coatings, with 67 mu m thickness, with an overall sorption increase of 90% and 55% as compared to commercial fibers of Polyacrylate (85 mu m) (PA85) and Polydimethylsiloxane (7 mu m) (PDMS7) coatings, respectively. A urine sample doped with the sample mixture was used to study the matrix effect and establish relative recoveries, which ranged from 60.2% to 104.1%.David J. S. Patinha, and Liliana C. Tome are grateful to FCT (Fundacao para a Ciencia e a Tecnologia) for the PhD research grant SFRH/BD/97042/2013 and the Post-Doctoral research grant (SFRH/BPD/101793/2014), respectively. David J. S. Patinha also thanks the financial support from COST-Exil Project 1206. The NMR data was acquired at CERMAX (Centro de Ressonncia Magnetica Antnio Xavier) which is a member of the National NMR network. This work was partially supported by FCT through Research Unit GREEN-it " Bioresources for Sustainability" (UID/Multi/04551/2013) and the Associate Laboratory CICECO Aveiro Institute of materials (UID/CTM/50011/2013)