ValueGuard: Protection of Native Applications against Data-Only Buffer Overflows

Code injection attacks that target the control-data of an application have been prevalent amongst exploit writers for over 20 years. Today however, these attacks are getting increasingly harder for attackers to successfully exploit due to numerous countermeasures that are deployed by modern operating systems. We believe that this fact will drive exploit writers away from classic control-data attacks and towards data-only attacks. In data-only attacks, the attacker changes key data structures that are used by the program’s logic and thus forces the control flow into existing parts of the program that would be otherwise unreachable, e.g. overflowing into a boolean variable that states whether the current user is an administrator or not and setting it to “true” thereby gaining access to the administrative functions of the program. In this paper we present ValueGuard, a canary-based defense mechanism to protect applications against data-only buffer overflow attacks. ValueGuard inserts canary values in front of all variables and verifies their integrity whenever these variables are used. In this way, if a buffer overflow has occurred that changed the contents of a variable, ValueGuard will detect it since the variable’s canary will have also been changed. The countermeasure itself can be used either as a testing tool for applications before their final deployment or it can be applied selectively to legacy or high-risk parts of programs that we want to protect at run-time, without incurring extra time-penalties to the rest of the applications.status: publishe

Spintronics: Fundamentals and applications

Spintronics, or spin electronics, involves the study of active control and manipulation of spin degrees of freedom in solid-state systems. This article reviews the current status of this subject, including both recent advances and well-established results. The primary focus is on the basic physical principles underlying the generation of carrier spin polarization, spin dynamics, and spin-polarized transport in semiconductors and metals. Spin transport differs from charge transport in that spin is a nonconserved quantity in solids due to spin-orbit and hyperfine coupling. The authors discuss in detail spin decoherence mechanisms in metals and semiconductors. Various theories of spin injection and spin-polarized transport are applied to hybrid structures relevant to spin-based devices and fundamental studies of materials properties. Experimental work is reviewed with the emphasis on projected applications, in which external electric and magnetic fields and illumination by light will be used to control spin and charge dynamics to create new functionalities not feasible or ineffective with conventional electronics.Comment: invited review, 36 figures, 900+ references; minor stylistic changes from the published versio

Semiconductor Spintronics

Spintronics refers commonly to phenomena in which the spin of electrons in a solid state environment plays the determining role. In a more narrow sense spintronics is an emerging research field of electronics: spintronics devices are based on a spin control of electronics, or on an electrical and optical control of spin or magnetism. This review presents selected themes of semiconductor spintronics, introducing important concepts in spin transport, spin injection, Silsbee-Johnson spin-charge coupling, and spindependent tunneling, as well as spin relaxation and spin dynamics. The most fundamental spin-dependent nteraction in nonmagnetic semiconductors is spin-orbit coupling. Depending on the crystal symmetries of the material, as well as on the structural properties of semiconductor based heterostructures, the spin-orbit coupling takes on different functional forms, giving a nice playground of effective spin-orbit Hamiltonians. The effective Hamiltonians for the most relevant classes of materials and heterostructures are derived here from realistic electronic band structure descriptions. Most semiconductor device systems are still theoretical concepts, waiting for experimental demonstrations. A review of selected proposed, and a few demonstrated devices is presented, with detailed description of two important classes: magnetic resonant tunnel structures and bipolar magnetic diodes and transistors. In most cases the presentation is of tutorial style, introducing the essential theoretical formalism at an accessible level, with case-study-like illustrations of actual experimental results, as well as with brief reviews of relevant recent achievements in the field.Comment: tutorial review; 342 pages, 132 figure

Perspectives of nurses' role in interprofessional pharmaceutical care across 14 European countries: A qualitative study in pharmacists, physicians and nurses.

OBJECTIVES: To understand healthcare professionals' experiences and perceptions of nurses' potential or ideal roles in pharmaceutical care (PC). DESIGN: Qualitative study conducted through semi-structured in-depth interviews. SETTING: Between December 2018 and October 2019, interviews were conducted with healthcare professionals of 14 European countries in four healthcare settings: hospitals, community care, mental health and long-term residential care. PARTICIPANTS: In each country, pharmacists, physicians and nurses in each of the four settings were interviewed. Participants were selected on the basis that they were key informants with broad knowledge and experience of PC. DATA COLLECTION AND ANALYSIS: All interviews were conducted face to face. Each country conducted an initial thematic analysis. Consensus was reached through a face-to-face discussion of all 14 national leads. RESULTS: 340 interviews were completed. Several tasks were described within four potential nursing responsibilities, that came up as the analysis themes, being: 1) monitoring therapeutic/adverse effects of medicines, 2) monitoring medicines adherence, 3) decision making on medicines, including prescribing 4) providing patient education/information. Nurses' autonomy varied across Europe, from none to limited to a few tasks and emergencies to a broad range of tasks and responsibilities. Intended level of autonomy depended on medicine types and level of education. Some changes are needed before nursing roles can be optimised and implemented in practice. Lack of time, shortage of nurses, absence of legal frameworks and limited education and knowledge are main threats to European nurses actualising their ideal role in PC. CONCLUSIONS: European nurses have an active role in PC. Respondents reported positive impacts on care quality and patient outcomes when nurses assumed PC responsibilities. Healthcare professionals expect nurses to report observations and assessments. This key patient information should be shared and addressed by the interprofessional team. The study evidences the need of a unique and consensus-based PC framework across Europe

Scalable, high performance ethernet forwarding with CuckooSwitch

Several emerging network trends and new architectural ideas are placing increasing demand on forwarding table sizes. From massive-scale datacenter networks running millions of virtual machines to flow-based software-defined networking, many intriguing design options require FIBs that can scale well beyond the thousands or tens of thousands possible using today’s commodity switching chips. This paper presents CUCKOOSWITCH, a software-based Ethernet switch design built around a memory-efficient, high-performance, and highly-concurrent hash table for compact and fast FIB lookup. We show that CUCKOOSWITCH can process 92.22 million minimum-sized packets per second on a commodity server equipped with eight 10 Gbps Ethernet interfaces while maintaining a forwarding table of one billion forwarding entries. This rate is the maximum packets per second achievable across the underlying hardware’s PCI buses