Browser Extension-based Interoperation Between OAuth and Information Card-based Systems

Whilst the growing number of identity management systems have the potential to reduce the threat of identity attacks, major deployment problems remain because of the lack of interoperability between such systems. In this paper we propose a simple scheme to provide client-based interoperation between OAuth and an Information Cardbased system such as CardSpace or Higgins. In this scheme, Information Card users are able to obtain an assertion token from an OAuthenabled system, the contents of which can be processed by an Information Card-enabled relying party. The scheme, based on a browser extension, is transparent to OAuth providers and to identity selectors, and only requires minor changes to the operation of an Information Card-enabled relying party. We specify its operation and also describe an implementation of a proof-of-concept prototype. Additionally, security and operational analyses are provided

Integrating OAuth with Information Card Systems

We propose a novel scheme to provide client-based interoperation between OAuth and an Information Card system such as CardSpace or Higgins. In this scheme, Information Card users are able to obtain a security token from an OAuth-enabled system, the contents of which can be processed by an Information Card-enabled relying party. The scheme, based on a browser extension, is transparent to OAuth providers and to identity selectors, and only requires minor changes to the operation of an Information Card-enabled relying party. We specify its operation and describe an implementation of a proof-of-concept prototype. Security and operational analyses are also provided

Using CardSpace as a Password-based Single Sign-on System

In this paper we propose a simple scheme that allows Card-Space to be used as a password-based single sign-on system, thereby both improving the usability and security of passwords as well as encouraging CardSpace adoption. We describe three related approaches to achieving password-based single sign-on using CardSpace. In each case users are able to store their credentials for a set of websites in a personal card, and use it to seamlessly single sign on to all these websites. The approaches do not require any changes to login servers or to the CardSpace identity selector and, in particular, they do not require websites to support CardSpace. We also describe three proof-of-concept prototypes and give usability, security and performance analyses

A Phonological Awareness Test in Arabic Language for Young Learners: Validation Study

A wide variety of tests measures phonemic and phonological awareness in different languages. There are very few tools of phonemic and phonological awareness in Arabic language. Such tools help to identify students’ weaknesses and strengths especially in early stages of their schooling for better instruction and intervention. Although Arabic phonetically maps between letters and sounds, it is not an easy language to read because of challenges inherent to the structure of the language itself. This paper explores a validation study of Arabic phonological awareness tests for kindergartners and first graders in Oman. Two different tests of phonological awareness and common skills were developed for two samples: kindergartners (n = 113) and first graders (n = 70). Results support the validity and reliability of the two tests and suggest that they can be used as diagnostic tools to identify children with low phonological awareness and help initiate appropriate reading intervention programs for them

Remdesivir and three other drugs for hospitalised patients with COVID-19: final results of the WHO Solidarity randomised trial and updated meta-analyses.

BACKGROUND World Health Organization expert groups recommended mortality trials of four repurposed antiviral drugs - remdesivir, hydroxychloroquine, lopinavir, and interferon beta-1a - in patients hospitalized with coronavirus disease 2019 (Covid-19). METHODS We randomly assigned inpatients with Covid-19 equally between one of the trial drug regimens that was locally available and open control (up to five options, four active and the local standard of care). The intention-to-treat primary analyses examined in-hospital mortality in the four pairwise comparisons of each trial drug and its control (drug available but patient assigned to the same care without that drug). Rate ratios for death were calculated with stratification according to age and status regarding mechanical ventilation at trial entry. RESULTS At 405 hospitals in 30 countries, 11,330 adults underwent randomization; 2750 were assigned to receive remdesivir, 954 to hydroxychloroquine, 1411 to lopinavir (without interferon), 2063 to interferon (including 651 to interferon plus lopinavir), and 4088 to no trial drug. Adherence was 94 to 96% midway through treatment, with 2 to 6% crossover. In total, 1253 deaths were reported (median day of death, day 8; interquartile range, 4 to 14). The Kaplan-Meier 28-day mortality was 11.8% (39.0% if the patient was already receiving ventilation at randomization and 9.5% otherwise). Death occurred in 301 of 2743 patients receiving remdesivir and in 303 of 2708 receiving its control (rate ratio, 0.95; 95% confidence interval [CI], 0.81 to 1.11; P = 0.50), in 104 of 947 patients receiving hydroxychloroquine and in 84 of 906 receiving its control (rate ratio, 1.19; 95% CI, 0.89 to 1.59; P = 0.23), in 148 of 1399 patients receiving lopinavir and in 146 of 1372 receiving its control (rate ratio, 1.00; 95% CI, 0.79 to 1.25; P = 0.97), and in 243 of 2050 patients receiving interferon and in 216 of 2050 receiving its control (rate ratio, 1.16; 95% CI, 0.96 to 1.39; P = 0.11). No drug definitely reduced mortality, overall or in any subgroup, or reduced initiation of ventilation or hospitalization duration. CONCLUSIONS These remdesivir, hydroxychloroquine, lopinavir, and interferon regimens had little or no effect on hospitalized patients with Covid-19, as indicated by overall mortality, initiation of ventilation, and duration of hospital stay. (Funded by the World Health Organization; ISRCTN Registry number, ISRCTN83971151; ClinicalTrials.gov number, NCT04315948.)

Client-based CardSpace-OpenID Interoperation

We propose a novel scheme to provide interoperability between two of the most widely discussed identity management systems, namely CardSpace and OpenID. In this scheme, CardSpace users are able to obtain an assertion token from an OpenID-enabled identity provider, the contents of which can be processed by a CardSpace-enabled relying party. The scheme, based on a browser extension, is transparent to OpenID providers and to the CardSpace identity selector, and only requires minor changes to the operation of the CardSpace relying party

The Effect of Salinity on Solamargine and Solasonine Contents of Solanum incanum Plants Grown in Oman

In addition to its traditional medicinal importance, Solanum incanum (thorn apple) is also a rich source of important cytotoxic glycoalkaloids such as solamargine and solasonine. The effect of salinity stress on solamargine and solasonine production by Solanum incanum plants grown in soil has been investigated. Salinity stress has been applied by adding NaCl to the soil, in concentrations: 0.0 (control), 75, 150, and 225 mM for 8 weeks. HPTLC method was used for analysis of solamargine and solasonine in leaves, stem and roots. A positive correlation was observed between 150 mM NaCl salinity and production of solamargine and solasonine in leaves. In roots, solamargine content was not affected by NaCl treatment, whereas solasonine content increased with a short-term salinity treatment. However, salinity seems to reduce the production of solamargine and solasonine in the roots of Solanum incanum. The possibility of using NaCl as an efficient and economical elicitor of glycoalkaloid production in Solanum incanum plants is rejected on the basis of the results obtained

Extending the Scope of CardSpace

The recently-proposed PassCard scheme enables CardSpace to be used as a password manager, thereby both improving the usability and security of passwords as well as encouraging CardSpace adoption. However, this scheme does not work with sites using HTTPS, seriously limiting its practicality. In this paper we extend PassCard to support sites using both HTTP and HTTPS. Usernames and passwords are stored in CardSpace personal cards, and these cards can be used to sign on transparently to corresponding websites. PassCard does not require any changes to login servers, default browser security settings or to the CardSpace identity selector; in particular, it does not require websites to support CardSpace. PassCard operates with both the CardSpace and the Higgins identity selectors without any modification. We describe how this new version of PassCard operates, and give security and usability analyses

Enhancing CardSpace Authentication Using a Mobile Device

Part 8: Authentication and Secret SharingInternational audienceIn this paper we propose a simple, novel scheme for using a mobile device to enhance CardSpace authentication. During the process of user authentication on a PC using CardSpace, a random and short-lived one-time password is sent to the user’s mobile device; this must then be entered into the PC by the user when prompted. The scheme does not require any changes to login servers, the CardSpace identity selector, or to the mobile device itself. We specify the scheme and give details of a proof-of-concept prototype. Security and operational analyses are also provided