SLC26A9 as a Potential Modifier and Therapeutic Target in Cystic Fibrosis Lung Disease

SLC26A9 belongs to the solute carrier family 26 (SLC26), which comprises membrane proteins involved in ion transport mechanisms. On the basis of different preliminary findings, including the phenotype of SlC26A9-deficient mice and its possible role as a gene modifier of the human phenotype and treatment response, SLC26A9 has emerged as one of the most interesting alternative targets for the treatment of cystic fibrosis (CF). However, despite relevant clues, some open issues and controversies remain. The lack of specific pharmacological modulators, the elusive expression reported in the airways, and its complex relationships with CFTR and the CF phenotype prevent us from conclusively understanding the contribution of SLC26A9 in human lung physiology and its real potential as a therapeutic target in CF. In this review, we summarized the various studies dealing with SLC26A9 expression, molecular structure, and function as an anion channel or transporter; its interaction and functional relationships with CFTR; and its role as a gene modifier and tried to reconcile them in order to highlight the current understanding and the gap in knowledge regarding the contribution of SLC26A9 to human lung physiology and CF disease and treatment

Secrecy in Security Protocols as Non Interference

n/

Many-to-Many Information Flow Policies

Information flow techniques typically classify information according to suitable security levels and enforce policies that are based on binary relations between individual levels, e.g., stating that information is allowed to flow from one level to another. We argue that some information flow properties of interest naturally require coordination patterns that involve sets of security levels rather than individual levels: some secret information could be safely disclosed to a set of confidential channels of incomparable security levels, with individual leaks considered instead illegal; a group of competing agencies might agree to disclose their secrets, with individual disclosures being undesired, etc. Motivated by this we propose a simple language for expressing information flow policies where the usual admitted flow relation between individual security levels is replaced by a relation between sets of security levels, thus allowing to capture coordinated flows of information. The flow of information is expressed in terms of causal dependencies and the satisfaction of a policy is defined with respect to an event structure that is assumed to capture the causal structure of system computations. We suggest applications to secret exchange protocols, program security and security architectures, and discuss the relation to classic notions of information flow control

Timing attacks: symbolic framework and proof techniques

We propose a framework for timing attacks, based on (a variant of) the applied-pi calculus. Since many privacy properties, as well as strong secrecy and game-based security properties, are stated as process equivalences, we focus on (time) trace equivalence. We show that actually, considering timing attacks does not add any complexity: time trace equivalence can be reduced to length trace equivalence, where the attacker no longer has access to execution times but can still compare the length of messages. We therefore deduce from a previous decidability result for length equivalence that time trace equivalence is decidable for bounded processes and the standard cryptographic primitives. As an application, we study several protocols that aim for privacy. In particular, we (automatically) detect an existing timing attack against the biometric passport and new timing attacks against the Private Authentication protocol

Non Interference for the Analysis of Cryptographic Protocols

Many security properties of cryptographic protocols can be all seen as specific instances of a general property, we called Non Deducibility on Composition (NDC), that we proposed a few years ago for studying information flow properties in computer systems. The advantage of our unifying theory is that formal comparison among these properties is now easier and that the full generality of NDC has helped us in finding a few new attacks on cryptographic protocols

A Comparison of Three Authentication Properties

Authentication is a slippery security property that has been formally defined only recently; among the recent definitions, two rather interesting ones have been proposed for the spi-calculus by (Abadi and Gordon (in: Proc. CONCUR’97, Lecture Notes in Computer Science, Vol. 1243, Springer, Berlin, 1997, pp. 59–73; Inform. and Comput. 148(1) (1999) 1–70) and for CSP by Lowe (in: Proc. 10th Computer Security Foundation Workshop, IEEE Press, 1997, pp. 31–43). On the other hand, in a recent paper (in: Proc. World Congr. on Formal Methods (FM’99), Lecture Notes in Computer Science, Vol. 1708, Springer, Berlin, 1999, pp. 794–813), we have proved that many existing security properties can be seen uniformly as specific instances of a general scheme based on the idea of non-interference. The purpose of this paper is to show that, under reasonable assumptions, spi-authentication can be recast in this general framework as well, by showing that it is equivalent to the non-interference property called NDC of Focardi and Gorrieri (J. Comput. Security 3(1) (1994/1995) 5–33; IEEE Trans. Software Eng. 23(9) (199) 550–571). This allows for the comparison between such aproperty and the one based on CSP, which was already recast under the general scheme of Focardi and Martinelli (1999)