A trace semantics for positive core XPath

We provide a novel trace semantics for positive core XPath that exposes all intermediate nodes visited by the query engine. This enables a detailed analysis of all information relevant to the query. We give two examples of such analyses in the form of access control policies. We translate positive core XPath into Linear Temporal Logic, showing that branching structures can be linearised effectively. The translation is proved correct. We use the SPIN model checker in a proof of concept implementation to resolve the queries, and to perform the access control. The performance of the implementation is shown to be competitive

Agassiz, Garman, Albatross, and the Collection of Deep-sea Fishes

The first of Alexander Agassiz’ voyages on the U.S. Fish Commission steamer Albatross in 1891 yielded significant scientific results. This paper reviews the background of the voyage, including the career path that led Agassiz to the back deck of the Albatross. We also give a brief account of the life and work of Samuel Garman. Garman wrote up the ichthyological material from this Albatross voyage in a magnificent book on deep-sea fishes published in 1899. This book was exceptional in its coverage, anatomical detail, and recognition of phylogenetically important morphology

Timed Analysis of Security Protocols

We propose a method for engineering security protocols that are aware of timing aspects. We study a simplified version of the well-known Needham Schroeder protocol and the complete Yahalom protocol, where timing information allows the study of different attack scenarios. We model check the protocols using UPPAAL. Further, a taxonomy is obtained by studying and categorising protocols from the well known Clark Jacob library and the Security Protocol Open Repository (SPORE) library. Finally, we present some new challenges and threats that arise when considering time in the analysis, by providing a novel protocol that uses time challenges and exposing a timing attack over an implementation of an existing security protocol

Adaptively Secure Computationally Efficient Searchable Symmetric Encryption

Searchable encryption is a technique that allows a client to store documents on a server in encrypted form. Stored documents can be retrieved selectively while revealing as little information as\ud possible to the server. In the symmetric searchable encryption domain, the storage and the retrieval are performed by the same client. Most conventional searchable encryption schemes suffer\ud from two disadvantages.\ud First, searching the stored documents takes time linear in the size of the database, and/or uses heavy arithmetic operations.\ud Secondly, the existing schemes do not consider adaptive attackers;\ud a search-query will reveal information even about documents stored\ud in the future. If they do consider this, it is at a significant\ud cost to updates.\ud In this paper we propose a novel symmetric searchable encryption\ud scheme that offers searching at constant time in the number of\ud unique keywords stored on the server. We present two variants of\ud the basic scheme which differ in the efficiency of search and\ud update. We show how each scheme could be used in a personal health\ud record system

Nonmonotonic Trust Management for P2P Applications

Community decisions about access control in virtual communities are non-monotonic in nature. This means that they cannot be expressed in current, monotonic trust management languages such as the family of Role Based Trust Management languages (RT). To solve this problem we propose RT-, which adds a restricted form of negation to the standard RT language, thus admitting a controlled form of non-monotonicity. The semantics of RT- is discussed and presented in terms of the well-founded semantics for Logic Programs. Finally we discuss how chain discovery can be accomplished for RT-.Comment: This paper appears in the proceedings of the 1st International Workshop on Security and Trust Management (STM 2005). To appear in ENTC

Security Attributes Based Digital Rights Management

Most real-life systems delegate responsibilities to different authorities. We apply this model to a digital rights management system, to achieve flexible security. In our model a hierarchy of authorities issues certificates that are linked by cryptographic means. This linkage establishes a chain of control, identity-attribute-rights, and allows flexible rights control over content. Typical security objectives, such as identification, authentication, authorization and access control can be realised. Content keys are personalised to detect illegal super distribution. We describe a working prototype, which we develop using standard techniques, such as standard certificates, XML and Java. We present experimental results to evaluate the scalability of the system. A formal analysis demonstrates that our design is able to detect a form of illegal super distribution

A programming and a modelling perspective on the evaluation of Java card implementations

Java Card Technology has provided a huge step forward in programming smart cards: from assembler to using a high level Object Oriented language. However, the authors have found some differences between the current Java Card version (2.1) and main stream Java that may restrict the benefits of using Java achievable in smartcard programming. In particular, efforts towards evaluating Java Card implementations at a high level of assurance may be hampered by the presence of these differences as well as by the complexity of the Java Card VM and API. The goal of the present paper is to detail the differences from a programming and a modelling point of view

Biochemistry of the erythrocyte Rh polypeptides: a review.

The clinically important Rh blood group system is complex, consisting of multiple distinct antigens. Despite clinical recognition for over 50 years, the Rh blood group antigens have remained poorly understood on a molecular level until the recent identification and characterization of the "Rh polypeptides," the core structural proteins of the Rh antigens. This group of erythrocyte membrane proteins of molecular weight 30,000-35,000 daltons was first recognized by employing Rh-specific antibodies to immunoprecipitate radiolabeled components of erythrocyte membranes. By using antibodies specific for the Rh D, c, and E antigens, a series of highly related non-identical proteins were immunoprecipitated, indicating that the Rh antigens are composed of multiple related proteins. The Rh polypeptides have been purified and characterized, and they were found to have several unusual biochemical characteristics. The Rh polypeptides penetrate the membrane bilayer; they are linked to the underlying membrane skeleton; they are covalently fatty acid acylated with palmitate. While the Rh antigenic reactivity is unique to human erythrocytes, the Rh polypeptides have been isolated from erythrocytes of diverse species and are thought to be fundamental components of all mammalian erythrocyte membranes. The functional role of the Rh polypeptides remains undefined, but a role in the organization of membrane phospholipid is suspected

Emotional Intelligence as a Moderator of Emotional and Behavioral Reactions to Job Insecurity

We present a model linking perceptions of job insecurity to emotional reactions and negative coping behaviors. Our model is based on the idea that emotional variables explain, in part, discrepant findings reported in previous research. In particular, we propose that emotional intelligence moderates employees' emotional reactions to job insecurity and their ability to cope with associated stress. In this respect, low emotional intelligence employees are more likely than high emotional intelligence employees to experience negative emotional reactions to job insecurity and to adopt negative coping strategies