The State of Practice for Security Unit Testing: Towards Data Driven Strategies to Shift Security into Developer\u27s Automated Testing Workflows

The pressing need to “shift security left” in the software development lifecycle has motivated efforts to adapt the iterative and continuous process models used in practice today. Security unit testing is praised by practitioners and recommended by expert groups, usually in the context of DevSecOps and achieving “continuous security”. In addition to vulnerability testing and standards adherence, this technique can help developers verify that security controls are implemented correctly, i.e. functional security testing. Further, the means by which security unit testing can be integrated into developer workflows is unique from other standalone tools as it is an adaptation of practices and infrastructure developers are already familiar with. Yet, software engineering researchers have so far failed to include this technique in their empirical studies on secure development and little is known about the state of practice for security unit testing. This dissertation is motivated by the disconnect between promotion of security unit testing and the lack of empirical evidence on how it is and can be applied. The goal of this work was to address the disconnect towards identifying actionable strategies to promote wider adoption and mitigate observed challenges. Three mixed-method empirical studies were conducted wherein practitioner-authored unit test code, Q&A posts, and grey literature were analyzed through three lenses: Practices (what they do), Perspectives and Guidelines (what and how they think it should be done), and Pain Points (what challenges they face) to incorporate both technical and human factors of this phenomena. Accordingly, this work contributes novel and important insights into how developers write functional unit tests for at least nine security controls, including a taxonomy of 53 authentication unit test cases derived from real code and a detailed analysis of seven unique pain points that developers seek help with from peers on Q&A sites. Recommendations given herein for conducting and adopting security unit testing, including mitigating challenges and addressing gaps between available and needed support, are grounded in the guidelines and perspectives on the benefits, limitations, use cases, and integration strategies shared in grey literature authored by practitioners

Moving to restoration: How can service providers better help women in the “sex industry”?

Master of ScienceFamily Studies and Human ServicesSandra M. StithThe purpose of this thesis is to learn from human trafficking survivors about how service providers can better help female victims of human trafficking. The paper is guided by two theories, i.e., Attention Restoration Theory (Hartig, Evans, Jamner, Davis, & Galing, 2003) and The Holistic Process Theory of Healing (Ventegodt, Andersen, & Merrick, 2003). In this paper, I refer to the participants in my research as survivors and individuals who have been or currently are victims of human trafficking as victims. To utilize the common language used by the participants of this study, sex trafficking will be referred to as the “sex industry”. The purpose of the study was to gain the perspectives of women in the process of exiting from the sex industry to answer the overarching questions of how service providers can better help women who are on the path to restoration and recovery, as well as to help service providers better identify female victims and their needs. A combined approach of Braun and Clarke’s (2006) thematic analysis and Gilligan, Spencer, Weinberg and Bertsch’s (n.d.) Listening Guide was used to analyze the transcribed interviews for a better understanding of the narratives of the participants and the themes that emerged from their narratives

Thermochronology of upper crustal rocks in the Wood Hills, Nevada: Documenting exhumation in the U.S. Cordillera

The metamorphic core complexes of the Basin and Range Province record a long and complex geologic history that includes contraction and crustal shortening followed by extensional deformation and thinning. Many studies using a wide range of methods have attempted to uncover how regional extensional collapse of the crust initiated. Previous work on high temperature processes has documented older, Cretaceous to Eocene (~70 – 34 Ma) deformation, whereas studies of shallower crust (using low temperature thermochronology and basin analysis) highlight more recent, Miocene (~15 Ma) processes. In order to address a gap in the thermochronologic record across the Ruby Mountains – East Humboldt Range – Wood Hills metamorphic core complex in northeastern Nevada, we use zircon and apatite (U-Th)/He thermochronology within a well-understood structural framework from samples in the Wood Hills to document the cooling and exhumational history of the shallower parts of the core complex. New zircon and apatite (U-Th)/He dates from the Wood Hills record late Eocene to late Miocene cooling through a zircon He closure temperature of ~150 - 180 °C and an apatite He closure temperature of ~60 - 70 °C. These results are consistent with previous studies using 40Ar/39Ar and (U-Th)/He thermochronology that suggest that cooling related to extensional exhumation in the Wood Hills occurred during at least two cooling events: one at ~40 Ma and another beginning at ~20 Ma. Furthermore, apatite dates obtained from the northern Wood Hills suggest an exhumational cooling event continued until ~10 Ma, similar to apatite (U-Th)/He dates from throughout the complex. Date-eU correlations coupled with thermal modeling aids to support a multi-step exhumation path in the Wood Hills that has also been largely documented in other parts of the metamorphic core complex

An EGFR and AKT Signaling Pathway was Identified with Mediation Model in Osteosarcomas Clinical Study

Identification of correlation pattern and signal pathway among biomarkers in patients has become increasingly interesting for its potential values in diagnosis, treatment and prognosis. EGFR and p-AKT signaling in osteosarcoma (OS) patients were analyzed for its relationship with cancer cell proliferation maker, Ki-67, using causal procedures and statistical tests. A total of 69 patients were collected who present to Vanderbilt University Medical Center with newly diagnosed, previously untreated osteosarcomas during the clinical study period 1994 through 2003. Tissue microarrays were constructed for EGFR, p-AKT and Ki-67. The mediation model was constructed with structural equation model (SEM) for the causal analysis of the three biomarkers in osteosarcoma patients. The results suggested a mediating effect of p-AKT for the causal relationship between EGFR and Ki-67. The study also found significant associations between EGFR and Ki-67 (p = 0.002), EGFR and p-AKT (p = 0.027), and p-AKT and Ki-67 controlling EGFR (p = 0.004). After the impact of EGFR on Ki-67 was accounted for by p-AKT, the relation between EGFR and Ki-67 was no longer significant (p = 0.381). The mediating effect was confirmed with Sobel test (p < 0.001) and Goodman (I) test (p < 0.001). The study indicated that a mediation model could be an approach to exploring the correlation pattern of EGFR and AKT signal pathway for cancer cell proliferation in OS patients in clinical study

Modelo de gestión administrativo y financiero del Sindicato Unitario de Trabajadores Municipales de Santo Domingo, provincia Santo Domingo de los Tsáchilas

El presente trabajo de investigación tiene como objetivo principal elaborar un Modelo de Gestión Administrativo y Financiero al Sindicato Unitario de Trabajadores Municipales de Santo Domingo, Provincia Santo Domingo de los Tsáchilas, cantón Santo Domingo para optimizar los recursos financieros y mejorar la toma de decisiones. Para la investigación se consideró un diagnóstico inicial de la organización a través de una entrevista realizada al secretario general, encuestas tanto a socios como empleados del sindicato. Con los resultados obtenidos se identificó la falta de una filosofía organizacional y de políticas que contribuyan al desarrollo de la organización por lo cual se determinó la necesidad de implantar un modelo de gestión administrativo y financiero para el sindicato. Para la elaboración del modelo de gestión se inició con una planificación administrativa, misma que consta de cuatro fases fundamentales: diagnóstico de la organización, información básica del sindicato, filosofía organizacional y manual administrativo. La planificación financiera también se basa en cuatro fases que son: plan de cuentas, estados financieros, análisis de los estados y ratios financieros. Se concluye que el Modelo de Gestión Administrativo y Financiero ayudará al desarrollo del sindicato y mejorará la toma de decisiones de este, por lo expuesto se recomienda socializar e implementar la presente propuesta con los involucrados con el propósito de cumplir las estrategias creadas para el Sindicato Unitario de Trabajadores Municipales de Santo Domingo.The main objective of this research is to develop an Administrative and Financial Management Model for the Single Union of Municipal Workers of Santo Domingo, Santo Domingo de Los Tsáchilas Province, Santo Domingo canton to optimize financial resources and improve decision-making. The study started with an initial evaluation of the organization involving an interview with the general secretary and surveys for members and employees of the union. The findings reported a lack of organizational philosophy and policies contributing to the organization's development. This current situation determined the need to implement an administrative and financial management model for the union. When developing the management model, organizational planning based on four stages: the diagnosis of the organization, basic information of the union, corporate philosophy, and administrative manual were necessary. Financial planning also lies in four steps: chart of accounts, financial reports, analysis of statements and financial ratios. It is concluded that the Administrative and Financial Management Model will help the union's development and improve its decision-making; therefore, it is recommended to socialize and implement this proposal with those involved to comply with the strategies created for the Unitary Union of Workers. Municipal of Santo Domingo

Determinación del coeficiente de variación de la demanda diaria y horaria de agua potable de la ciudad de Cusco.

Esta investigación se sitúa en la Ciudad del Cusco y pretende identificar nuevos coeficientes variación de demanda horaria y diaria de agua potable que se ajuste con mayor eficiencia al recomendado en el Reglamento Nacional de Edificaciones (RNE), para ello éstos valores fueron calculados de acuerdo a los caudales de ingreso y salida, que son proporcionados en las diferentes líneas de cada sistema de abastecimiento de agua potable. Para determinar éstos coeficientes se tomaron los dos sistemas de abastecimiento más grandes de la Ciudad del Cusco los cuales abastecen a más del 80% de la demanda de la población, el sistema Piuray y el sistema Vilcanota, de éstos sistemas se tomaron los reservorios representativos. Se utilizaron los formatos manuales usados por SEDACUSCO en el cual se hace un registro horario de ingresos y salidas del caudal de cada reservorio. Posteriormente se ha tomado en cuenta el mes más representativo de cada estación para el cálculo anual de los caudales anuales totales. Con estos datos se evalúa la dotación de agua, mediante una formula simple establecida en el Reglamento Nacional de Edificaciones (RNE) siendo los coeficientes de variación de demanda diaria y horaria K1 y K2 las variables a calcular, de esta forma se obtuvo un valor real de consumo de acuerdo a los hábitos de la población. El resultado de esta evaluación fue un coeficiente de variación de la demanda diaria de agua potable (k1), de 1.236 con una diferencia de 4.92% de variación respecto al establecido por el RNE que es 1.3 y un coeficiente de variación de la demanda horaria de agua potable (k2) de 2.063 con una diferencia de 114.61% de variación con el establecido por el RNE que es 1.8. En conclusión, los valores de K1 y K2 varían respecto a los establecidos por el RNE.This research is situated at Cusco City and aims to identify new coefficients variation of hourly and daily demand for drinking water better real drinking water adjustment and that recommended by the National Building Regulations is not adequate, this value was calculated according to the flows of entry and exit, which are provided in different reservoirs of each system of drinking water. To determine these coefficients the two systems larger supply of the city of Cusco which supply more than 80% of the demand of the population Piuray and Vilcanota system, these systems took representative reservoirs and flows were measured consumption, they were used the manuals used by SEDACUSCO formats in which a timekeeping income and output flow of each reservoir is made. Subsequently took into account the most representative of each station for the annual calculation of total annual flows month. With these data the water supply is evaluated by a simple formula established in the National Building Regulations (RNE) where the coefficients of variation of daily and hourly K1 and K2 demand variables to calculate, thus real value was obtained consumption according to the habits of the population. The result of this evaluation was a coefficient of variation of the daily demand for drinking water (k1), 1.236 with a difference of 4.92% change compared with the provisions of the RNE is 1.3 and a coefficient of variation of hourly demand potable water (k2) of 2.063 with a difference of 114.61% variation with established by the RNE is 1.8 .To conclude, the values of K1 and K2 vary with respect to those established by the RNE.Tesi

Addressing a Lack of Education Surrounding Fentanyl Use and Recovery

Nursing Leadership Executive Summary: Addressing a Lack of Education Surrounding Fentanyl Use and Recovery Our project focused on assisting a nonprofit organization who exists to serve the most vulnerable of families in the Seattle area. They offer a number of programs including a mobile outreach team that seeks to bring resources to families, a program for families which provides the opportunity for new mothers to bond with their newborn, and another program which assists families with medically fragile children to find healthcare resources, and more. Our team was made up of six students from the Lydia Green Nursing Program at Seattle Pacific University who were enrolled in the Nursing Leadership in Community Engagement class. The aim of this course was to practically apply our leadership skills in the context of public health by providing resources to a local health agency to complement their current programs. This was done by collecting data on the target population and communicating with the agency to identify an issue that could be addressed through an evidence-based project. Upon our first meeting with the staff at the community agency, we identified the issue of deficient knowledge among the staff related to fentanyl use and recovery, as evidenced by relapse occurrence, unsafe handling of the drug, and self-report from the staff. Our team in collaboration with the agency decided to create an evidence-based resource for the staff that would detail overdose and Narcan use, education on fentanyl, and safe disposal of the needles, all displayed in a concise binder that the staff can continue to use for years to come. Background A King County Point-in-Time Count revealed that there were over 11,500 people experiencing homelessness, which was a five percent increase from the year prior (Constantine, 2020). Another qualitative study looking at addiction recovery of women in opioid use disorder described postpartum pain and anxiety as the primary reason for mothers to turn back to opioid substances (Rankin, 2022). These statistics informed us of the need for resources to address the issue of substance relapse in mothers. This agency was only a few years old at the time of this project and was in need of procedures and protocols to address health issues for their population, in addition to resources outside the agency. The staff of the community center were enthusiastic about the idea of educational resources for their employees. By educating the staff, our group empowered them to provide quality care to their clients. Activities with Rationale One of the primary resources that the community agency provides to their clients is their mobile outreach team, which strives to meet people at their place of residence to provide medical, financial, and educational support. At the time of this project, the agency was in dire need of educational resources for their outreach staff. The goal of our project was to provide access to evidence-based research through educational binders and badges for the staff. The first item we created was an educational pocket/badge card. The literature demonstrates pocket cards are effective tools for process improvement when a rapid response is needed. In one study, the use of a pocket card increased the use of narcan four-fold (Russel, et al., 2015). Because pocket cards are such an effective tool, our team created a pocket card for staff and clients around proper Narcan administration. The second item we created was an educational binder. Each section of the binder was focused on a different topic of interest that the staff had asked for more education on. The first tab in the educational binder focused on education surrounding fentanyl use. Our goal was to educate the staff on the public health crisis surrounding fentanyl use in Seattle by discussing common drugs that can be laced with fentanyl, addressing misconceptions of how someone overdoses from fentanyl, and what an overdose looks like (Centers for Disease Control and Prevention, 2022). A lot of our efforts also focused on naloxone (Narcan) education due to the services that the agency provides to their clients. The community center is frequently working with a population that utilizes substances, resulting in the need for their staff to be thoroughly educated and comfortable with the use of Narcan. The information in our binder covered what an overdose looks like by using the acronym “S.U.S.P.E.C.T.”, which stands for slack muscles, unresponsive, scratching, pupils constricted, emesis, and choking sounds (Illinois Department of Public Health, n.d.). Our education then shifted to proper use of naloxone, which outlined how to administer it in a safe way. Another resource that the agency had indicated a need for was detailed information regarding needle and sharps disposal. Upon our first meeting with the community center, the executive director mentioned the lack of information their clients have on proper disposal of sharps. The population that they serve often does not have access to a proper sharps bin, which creates the need for alternative options. Our education focused on creative ways to dispose of needles through the use of everyday objects, such as an old laundry detergent bottle (What to Do With Used Sharps in Washington, 2020). We also touched on the laws in Washington State that govern disposal of needles, and where the clients can dispose of their collected needles. The final resource we put together for the staff was information surrounding methadone and the role it has in preventing further opioid dependence. Our goal was to educate the staff on what methadone is, and the risks that come with using it. It is widely known in the literature that access to educational resources can improve work-flow, decision making, and outcomes. Outcomes The staff at the community center demonstrated the need for education surrounding the health issues that their clients face. Based on the needs assessment, we identified the nursing diagnosis to be knowledge deficit among the staff related to fentanyl use and recovery, as evidenced by relapse occurrence, unsafe handling of the drug, and self-report from the staff. Our goal was to equip their mobile outreach team and staff based out of the agency with information that would guide the interventions used for their clients, based on the evidence in the literature. Our binder of educational information was received very well by the staff. The badge resource we created was also very appreciated by the staff, and the director said it would be very useful for their mobile outreach team. The team verbalized understanding of the educational content. Pre and post outcomes were outside the scope of this project. Each week during the development of our project, our team liaison would communicate with the agency regarding the progress of our research and project. The outreach coordinator was enthusiastic about the resources we were providing them, and frequently thanked our team for the interventions we were providing the agency. By equipping the employees, we were able to provide tangible health and nursing knowledge for their clientele. Conclusion In conclusion, our interventions on behalf of the community agency were able to address their goals of educating their staff on problems relevant to the population they serve. Our team also met our goal of providing a resource to the agency based on the nursing process, which includes assessment, diagnosis, planning and outcomes, implementation, and evaluation. Based on the needs assessment, our nursing diagnosis was a knowledge deficit surrounding fentanyl use and recovery. We met this need by providing an evidence based pocket card and educational binder. Our project ultimately has the potential to make an impact on the community that the agency serves, and should continue to make a difference as the educational binder is used for years to come. In the future we recommend further education surrounding fentanyl use and recovery, along with education in other areas where the agency shows a knowledge deficit. References Center for Disease Control and Prevention. (2022). Fentanyl facts. Department of Health and Human Services. https://www.cdc.gov/stopoverdose/fentanyl/index.html Constantine, D. (2020). News. Executive News. https://kingcounty.gov/elected/executive/constantine/news/release/2020/July/01-homeless-count.aspx Illinois Department of Public Health. How to use naloxone and prevent overdose. (n.d.) State of Illinois. https://dph.illinois.gov/content/dam/soi/en/web/idph/files/images/naloxone-brochure-09052017.pdf Rankin, L., Mendoza, N. S., & Grisham, L. (2022). Unpacking perinatal experiences with opioid use disorder: Relapse risk implications. Clinical Social Work Journal. https://doi.org/10.1007/s10615-022-00847-x Russell, C. D., Young, I., Leung, V., & Morris, K. (2015). Healthcare Workers\u27 decision-making about transmission-based infection control precautions is improved by a guidance summary card. Journal of Hospital Infection, 90(3), 235–239. https://doi.org/10.1016/j.jhin.2014.12.025 What to Do with Used Sharps in Washington. Safe Needle Disposal. (2020, April 7). https://safeneedledisposal.org/states/washington

Demanda por trabajo en Chile : una estimacion econometrica.

68 p.El pausado ritmo de recuperación que evidenció el empleo tras la crisis asiática trajo consigo un aumento en la preocupación de autoridades y economistas. A raíz de esto, surgieron diversos estudios de demanda por trabajo en Chile, los cuales centraron su análisis en ver si las causas del desempleo respondían a un fenómeno cíclico o estructural. Esta investigación se centra en la estimación de un modelo de demanda por trabajo en Chile de largo plazo, observar el comportamiento de las variables explicativas de dicho modelo y finalmente en la determinación de la estabilidad estructural del mismo. La validez de los resultados alcanzados se sustenta en el tratamiento dado a las series bajo estudio, consistente en la aplicación de diversas pruebas que llevan a determinar la existencia de co integración entre las variables, lo que asegura una relación de largo plazo entre ellas. La estimación de la ecuación de largo plazo, cuyas variables explicativas son producto, costo de capital y salario real, muestra que la demanda por trabajo es más sensible a cambios en el producto. El corto plazo analizado mediante el mecanismo de corrección de errores, señala como significativas las variables producto, empleo rezagado y el residuo de la ecuación de largo plazo. Siendo la variación en el empleo rezagado la de mayor impacto sobre la demanda laboral. El análisis de estabilidad estructural, realizado mediante el test de pronóstico de Chow, arrojó como resultado evidencia en contra de la hipótesis de cambio estructural en la demanda por trabajo en Chile

Family-friendly backlash—Fact or fiction? The case of organizations\u27 on-site child care centers

Employer offerings of on-site child care benefits have grown tremendously in the past few decades; both beneficial and detrimental effects on worker attitudes and behaviors have been noted. Some research suggests that offering on-site child care benefits can cause resentment among childless workers and/or workers with children who do not use the center. In a field sample of 271 employees (mean age 34.5 yrs), current and past use of the on-site child care center, as well as anticipated future use of the on-site child care center, were related to more positive proximal reactions such as attitudes closely related to the on-site child care center, but not to more general attitudes or behaviors. Results indicate that any family-friendly backlash may be limited to proximal reactions. These findings are discussed in light of organizational justice theories