242 research outputs found
Citizen Electronic Identities using TPM 2.0
Electronic Identification (eID) is becoming commonplace in several European
countries. eID is typically used to authenticate to government e-services, but
is also used for other services, such as public transit, e-banking, and
physical security access control. Typical eID tokens take the form of physical
smart cards, but successes in merging eID into phone operator SIM cards show
that eID tokens integrated into a personal device can offer better usability
compared to standalone tokens. At the same time, trusted hardware that enables
secure storage and isolated processing of sensitive data have become
commonplace both on PC platforms as well as mobile devices.
Some time ago, the Trusted Computing Group (TCG) released the version 2.0 of
the Trusted Platform Module (TPM) specification. We propose an eID architecture
based on the new, rich authorization model introduced in the TCGs TPM 2.0. The
goal of the design is to improve the overall security and usability compared to
traditional smart card-based solutions. We also provide, to the best our
knowledge, the first accessible description of the TPM 2.0 authorization model.Comment: This work is based on an earlier work: Citizen Electronic Identities
using TPM 2.0, to appear in the Proceedings of the 4th international workshop
on Trustworthy embedded devices, TrustED'14, November 3, 2014, Scottsdale,
Arizona, USA, http://dx.doi.org/10.1145/2666141.266614
C-FLAT: Control-FLow ATtestation for Embedded Systems Software
Remote attestation is a crucial security service particularly relevant to
increasingly popular IoT (and other embedded) devices. It allows a trusted
party (verifier) to learn the state of a remote, and potentially
malware-infected, device (prover). Most existing approaches are static in
nature and only check whether benign software is initially loaded on the
prover. However, they are vulnerable to run-time attacks that hijack the
application's control or data flow, e.g., via return-oriented programming or
data-oriented exploits. As a concrete step towards more comprehensive run-time
remote attestation, we present the design and implementation of Control- FLow
ATtestation (C-FLAT) that enables remote attestation of an application's
control-flow path, without requiring the source code. We describe a full
prototype implementation of C-FLAT on Raspberry Pi using its ARM TrustZone
hardware security extensions. We evaluate C-FLAT's performance using a
real-world embedded (cyber-physical) application, and demonstrate its efficacy
against control-flow hijacking attacks.Comment: Extended version of article to appear in CCS '16 Proceedings of the
23rd ACM Conference on Computer and Communications Securit
Exploring the Environmental Benefits of In-Process Isolation for Software Resilience
Memory-related errors remain an important cause of software vulnerabilities.
While mitigation techniques such as using memory-safe languages are promising
solutions, these do not address software resilience and availability. In this
paper, we propose a solution to build resilience against memory attacks into
software, which contributes to environmental sustainability and security
How old was she? The accuracy of assessing the age of adolescents' based on photos
Information on the degree to which individuals can make accurate estimations of someone's age can be of importance in different legal contexts, such as for example child sexual abuse cases in which the victim is an adolescent and asylum procedures. There is, however, a scarcity of studies concerning age estimations conducted with young target persons. Using facial photos of target persons aged 12-18 years, we investigated the effects of gender, age, and ethnicity of both targets (n = 240) and observers (n = 869) on the accuracy of age estimation. We also investigated the effects of targets' facial expressions (neutral or smiling), use of makeup, and photo quality. Participants overestimated the age of the adolescents by, on average, 3.51 years. Participants overestimated the age of young adolescent girls to a greater extent than that of younger boys. Men made larger overestimations than women. Participants also estimated smiling targets as being older than targets with neutral facial expression, and the age of girls with makeup to be older than girls without makeup. Because there was considerable variation in the accuracy of estimations, and overestimates were common, we conclude that the ability of individuals to estimate the age of adolescents is generally low. This might have important legal implications.Peer reviewe
Persistent collateral perfusion of abdominal aortic aneurysm after endovascular repair does not lead to progressive change in aneurysm diameter
AbstractPurpose: To differentiate between the phenomenon of collateral perfusion from a side branch versus graft-related endoleaks after endovascular repair of abdominal aortic aneurysms (AAA), with respect to aneurysm size and prognosis. Methods: We successfully treated 64 AAA patients with endovascular grafting. We followed all the patients postoperatively with spiral computed tomography at one, three, six and 12 months, and biannually thereafter. We measured aneurysm diameters preoperatively and postoperatively. We calculated preoperatively the relation of maximum aortic diameter (D) to the thrombus-free lumen diameter (L) expressed as an L/D ratio. Median follow-up was 15 months. Results: Sixteen patients had collateral perfusion during follow-up. We successfully treated two patients with embolization. One patient showed resolution of collateral perfusion after we stopped warfarin treatment. Two patients died of unrelated causes during follow-up. One patient was converted to surgical treatment, and two patients showed spontaneous resolution of their collateral perfusion. The group of patients with perfusion showed no statistically significant change of their aortic diameter on follow-up. The group of patients without perfusion showed a median decrease in aortic diameter of 8mm (p < 0.0001) at 18 months postoperatively. The group of patients with perfusion had significantly less thrombus in their aneurysm sac preoperatively than the group without perfusion, as expressed by the L/D ratio (mean L/D 0,61 versus 0,78, respectively; p = 0.0021.) Conclusion: There was no significant increase in aortic diameter on an average 18 months postoperatively despite persistent collateral perfusion. This may indicate a halted disease progression in the short term. Embolization of collateral vessels is associated with risk of paraplegia. We recommend a conservative approach with close observation if aneurysm diameter is stable. (J Vasc Surg 1998;28:242-9.
ENTRY-LEVEL SOLUTIONS FOR SMALL AND MEDIUM-SIZE ENTERPRISES IN SUPPLY CHAINS
The increasing need for customization, more efficient quality feedback, better supply chain coordination, etc. are all factors which demand for implementation of item-level tracking and tracing services across company borders. A platform enabling such operations has been developed under the acronym of TraSe
Inbreeding and pedigree analysis of the European red dairy cattle
Background Red dairy cattle breeds have an important role in the European dairy sector because of their functional characteristics and good health. Extensive pedigree information is available for these breeds and provides a unique opportunity to examine their population structure, such as effective population size, depth of the pedigree, and effective number of founders and ancestors, and inbreeding levels. Animals with the highest genetic contributions were identified. Pedigree data included 9,073,403 animals that were born between 1900 and 2019 from Denmark, Finland, Germany, Latvia, Lithuania, the Netherlands, Norway, Poland, and Sweden, and covered 32 breeds. The numerically largest breeds were Red Dairy Cattle and Meuse-Rhine-Yssel. Results The deepest average complete generation equivalent (9.39) was found for Red Dairy Cattle in 2017. Mean pedigree completeness ranged from 0.6 for Finncattle to 7.51 for Red Dairy Cattle. An effective population size of 166 animals was estimated for the total pedigree and ranged from 35 (Rotes Hohenvieh) to 226 (Red Dairy Cattle). Average generation intervals were between 5 and 7 years. The mean inbreeding coefficient for animals born between 1960 and 2018 was 1.5%, with the highest inbreeding coefficients observed for Traditional Angler (4.2%) and Rotes Hohenvieh (4.1%). The most influential animal was a Dutch Meuse-Rhine-Yssel bull born in 1960. The mean inbreeding level for animals born between 2016 and 2018 was 2% and highest for the Meuse-Rhine-Yssel (4.64%) and Rotes Hohenvieh breeds (3.80%). Conclusions We provide the first detailed analysis of the genetic diversity and inbreeding levels of the European red dairy cattle breeds. Rotes Hohenvieh and Traditional Angler have high inbreeding levels and are either close to or below the minimal recommended effective population size, thus it is necessary to implement tools to monitor the selection process in order to control inbreeding in these breeds. Red Dairy Cattle, Vorderwalder, Swedish Polled and Hinterwalder hold more genetic diversity. Regarding the Meuse-Rhine-Yssel breed, given its decreased population size, increased inbreeding and low effective population size, we recommend implementation of a breeding program to prevent further loss in its genetic diversity
- …