A Bayesian localised conditional auto-regressive model for estimating the health effects of air pollution

Estimation of the long-term health effects of air pollution is a challenging task, especially when modeling spatial small-area disease incidence data in an ecological study design. The challenge comes from the unobserved underlying spatial autocorrelation structure in these data, which is accounted for using random effects modeled by a globally smooth conditional autoregressive model. These smooth random effects confound the effects of air pollution, which are also globally smooth. To avoid this collinearity a Bayesian localized conditional autoregressive model is developed for the random effects. This localized model is flexible spatially, in the sense that it is not only able to model areas of spatial smoothness, but also it is able to capture step changes in the random effects surface. This methodological development allows us to improve the estimation performance of the covariate effects, compared to using traditional conditional auto-regressive models. These results are established using a simulation study, and are then illustrated with our motivating study on air pollution and respiratory ill health in Greater Glasgow, Scotland in 2011. The model shows substantial health effects of particulate matter air pollution and nitrogen dioxide, whose effects have been consistently attenuated by the currently available globally smooth models

On XACML\u27s adequacy to specify and to enforce HIPAA

In the medical sphere, personal and medical informa-tion is collected, stored, and transmitted for various pur-poses, such as, continuity of care, rapid formulationof diagnoses, and billing. Many of these operationsmust comply with federal regulations like the HealthInsurance Portability and Accountability Act (HIPAA).To this end, we need a specification language that canprecisely capture the requirements of HIPAA. We alsoneed an enforcement engine that can enforce the pri-vacy policies specified in the language. In the currentwork, we evaluate eXtensible Access Control MarkupLanguage (XACML) as a candidate specification lan-guage for HIPAA privacy rules. We evaluate XACMLbased on the set of features required to sufficiently ex-press HIPAA, proposed by a prior work. We also discusswhich of the features necessary for expressing HIPAAare missing in XACML. We then present high level de-signs of how to enhance XACM

Improving the Policy Specification for Practical Access Control Systems

Access control systems play a crucial role in protecting the security of information systems by ensuring that only authorized users are granted access to sensitive resources, and the protection is only as good as the access control policies. For enabling a security administrator to express her desired policy conveniently, it is paramount that a policy specification is expressive, comprehensible, and free of inconsistencies. In this dissertation, we study the policy specifications for three practical access control systems (i.e., obligation systems, firewalls, and Security-Enhanced Linux in Android) and improve their expressiveness, comprehensibility, and consistency. First, we improve the expressiveness of obligation policies for handling different types of obligations. We propose a language for specifying obligations as well as an architecture for handling access control policies with these obligations, by extending XACML (i.e., the de facto standard for specifying access control policies). We also implement our design into a prototype system named ExtXACML to handle various obligations. Second, we improve the comprehensibility of firewall policies enabling administrators to better understand and manage the policies. We introduce the tri-modularized design of firewall policies for elevating them from monolithic to modular. To support legacy firewall policies, we also define a five-step process and present algorithms for converting them into their modularized form. Finally, we improve the consistency of Security-Enhanced Linux in Android (SEAndroid) policies for reducing the attack surface in Android systems. We propose a systematic approach as well as a semiautomatic tool for uncovering three classes of policy misconfigurations. We also analyze SEAndroid policies from four Android versions and seven Android phone vendors, and in all of them we observe examples of potential policy misconfigurations

Improving the Policy Specification for Practical Access Control Systems

Access control systems play a crucial role in protecting the security of information systems by ensuring that only authorized users are granted access to sensitive resources, and the protection is only as good as the access control policies. For enabling a security administrator to express her desired policy conveniently, it is paramount that a policy specification is expressive, comprehensible, and free of inconsistencies. In this dissertation, we study the policy specifications for three practical access control systems (i.e., obligation systems, firewalls, and Security-Enhanced Linux in Android) and improve their expressiveness, comprehensibility, and consistency. First, we improve the expressiveness of obligation policies for handling different types of obligations. We propose a language for specifying obligations as well as an architecture for handling access control policies with these obligations, by extending XACML (i.e., the de facto standard for specifying access control policies). We also implement our design into a prototype system named ExtXACML to handle various obligations. Second, we improve the comprehensibility of firewall policies enabling administrators to better understand and manage the policies. We introduce the tri-modularized design of firewall policies for elevating them from monolithic to modular. To support legacy firewall policies, we also define a five-step process and present algorithms for converting them into their modularized form. Finally, we improve the consistency of Security-Enhanced Linux in Android (SEAndroid) policies for reducing the attack surface in Android systems. We propose a systematic approach as well as a semiautomatic tool for uncovering three classes of policy misconfigurations. We also analyze SEAndroid policies from four Android versions and seven Android phone vendors, and in all of them we observe examples of potential policy misconfigurations

Fragment-based discovery of a regulatory site in thioredoxin glutathione reductase acting as "doorstop" for NADPH entry

Members of the FAD/NAD-linked reductase family are recognized as crucial targets in drug development for cancers, inflammatory disorders, and infectious diseases. However, individual FAD/NAD reductases are difficult to inhibit in a selective manner with off target inhibition reducing usefulness of identified compounds. Thioredoxin glutathione reductase (TGR), a high molecular weight thioredoxin reductase-like enzyme, has emerged as a promising drug target for the treatment of schistosomiasis, a parasitosis afflicting more than 200 million people. Taking advantage of small molecules selected from a high-throughput screen and using X-ray crystallography, functional assays, and docking studies, we identify a critical secondary site of the enzyme. Compounds binding at this site interfere with well-known and conserved conformational changes associated with NADPH reduction, acting as a doorstop for cofactor entry. They selectivity inhibit TGR from Schistosoma mansoni and are active against parasites in culture. Since many members of the FAD/NAD-linked reductase family have similar catalytic mechanisms the unique mechanism of inhibition identified in this study for TGR broadly opens new routes to selectively inhibit homologous enzymes of central importance in numerous diseases

Multi-layer model simulation and data assimilation in the Serangoon Harbor of Singapore

In June of 2009, a sea trial was carried out around Singapore to study and monitor physical, biological and chemical oceanographic parameters. Temperature, salinity and velocities were collected from multiple vehicles. The extensive data set collected in the Serangoon Harbour provides an opportunity to study barotropic and baroclinic circulation in the harbour and to apply data assimilation methods in the estuarine area. In this study, a three-dimensional, primitive equation coastal ocean model (FVCOM) with a number of vertical layers is used to simulate barotropic and baroclinic flows and reconstruct the vertical velocity structures. The model results are validated with in situ ADCP observations to assess the realism of the model simulations. EnKF data assimilation method is successively implemented to assimilate all the available ADCP data, and thus correct for the model forecast deficiencies.Singapore. National Research FoundationSingapore-MIT AllianceSingapore-MIT Alliance. Center for Environmental Sensing and Monitorin

An Internet-wide Penetration Study on NAT Boxes via TCP/IP Side Channel

Network Address Translation (NAT) plays an essential role in shielding devices inside an internal local area network from direct malicious accesses from the public Internet. However, recent studies show the possibilities of penetrating NAT boxes in some specific circumstances. The penetrated NAT box can be exploited by attackers as a pivot to abuse the otherwise inaccessible internal network resources, leading to serious security consequences. In this paper, we aim to conduct an Internet-wide penetration testing on NAT boxes. The main difference between our study and the previous ones is that ours is based on the TCP/IP side channels. We explore the TCP/IP side channels in the research literature, and find that the shared-IPID side channel is the most suitable for NAT-penetration testing, as it satisfies the three requirements of our study: generality, ethics, and robustness. Based on this side channel, we develop an adaptive scanner that can accomplish the Internet-wide scanning in 5 days in a very non-aggressive manner. The evaluation shows that our scanner is effective in both the controlled network and the real network. Our measurement results reveal that more than 30,000 network middleboxes are potentially vulnerable to NAT penetration. They are distributed across 154 countries and 4,146 different organizations, showing that NAT-penetration poses a serious security threat

Measurement of Adhesion Energy of Electrospun Polymer Membranes Using a Shaft-loaded Blister Test

This study aims to examine the adhesion work of electrospun polymer nano- and micro-fibers. The adhesion energy at the interface of electrospun membrane and a rigid substrate is characterized by a shaft-loaded blister test (SLBT). By controlling the processing parameters, polyvinylidene fluoride (PVDF) fibrous membranes are prepared with fiber diameters ranging from 201 ± 86 nm to 2,724 ± 587 nm. The adhesion energy between electrospun membrane and rigid substrate increases from 8.1 ± 0.7 mJ/m2 to 258.8 ± 43.5 mJ/m2 by use of smaller fiber diameters. Adhesion energies between electrospun PVDF membranes and SiC substrates made of different grain sizes are evaluated. Fibrous membrane produces an adhesion energy as high as 420.1 ± 62.9 mJ/m2 in contact with SiC substrate with a 68 μm grit size. The SLBT methodology is extended to understand the adhesion energy between electrospun membranes. The increase in adhesion work is attributed to an increased area between fiber delaminated surfaces and surface asperities

Enterprise’s Strategies to Deal with Epidemic Crisis Based on Super-Dynamic Capability Theory

In this paper, the supply chain management risks arising from 2019-novel coronavirus (hereinafter referred to as “COVID-19”) outbreak was proposed, and they were further analyzed from three main aspects such as change in demand conditions of domestic customers, change in domestic supply market, impact on domestic logistics industry. Besides, multiple feasible strategies for coping with such epidemic situation were proposed for enterprises based on the super-dynamic capability theory. The research in this paper has powerful theoretical value and practical significance for the current development of enterprises, especially the reorganization of enterprises under the current epidemic crisis in China