Trace parameters for Teichmuller space of genus 2 surfaces and mapping class group

We obtain a representation of the mapping class group of genus 2 surface in terms of a coordinate system of the Teichmuller space defined by trace functions

SEEdit: SELinux Security Policy Configuration System with Higher Level Language

Security policy for SELinux is usually created by customizing a sample policy called refpolicy. However, describing and verifying security policy configurations is difficult because in refpolicy, there are more than 100,000 lines of configurations, thousands of elements such as permissions, macros and labels. The memory footprint of refpolicy which is around 5MB, is also a problem for resource constrained devices. We propose a security policy configuration system SEEdit which facilitates creating security policy by a higher level language called SPDL and SPDL tools. SPDL reduces the number of permissions by integrated permissions and removes label configurations. SPDL tools generate security policy configurations from access logs and tool user’s knowledge about applications. Experimental results on an embedded system and a PC system show that practical security policies are created by SEEdit, i.e., describing configurations is semiautomated, created security policies are composed of less than 500 lines of configurations, 100 configuration elements, and thememory footprint in the embedded system is less than 500KB

SEEdit: SELinux Security Policy Configuration System with Higher Level Language

Security policy for SELinux is usually created by customizing a sample policy called refpolicy. However, describing and verifying security policy configurations is difficult because in refpolicy, there are more than 100,000 lines of configurations, thousands of elements such as permissions, macros and labels. The memory footprint of refpolicy which is around 5MB, is also a problem for resource constrained devices. We propose a security policy configuration system SEEdit which facilitates creating security policy by a higher level language called SPDL and SPDL tools. SPDL reduces the number of permissions by integrated permissions and removes label configurations. SPDL tools generate security policy configurations from access logs and tool user’s knowledge about applications. Experimental results on an embedded system and a PC system show that practical security policies are created by SEEdit, i.e., describing configurations is semiautomated, created security policies are composed of less than 500 lines of configurations, 100 configuration elements, and thememory footprint in the embedded system is less than 500KB

Networks with time structure from time series

We propose a method of constructing a network, in which its time structure is directly incorporated, based on a deterministic model from a time series. To construct such a network, we transform a linear model containing terms with different time delays into network topology. The terms in the model are translated into temporal nodes of the network. On each link connecting these nodes, we assign a positive real number representing the strength of relationship, or the "distance," between nodes specified by the parameters of the model. The method is demonstrated by a known system and applied to two actual time series.Comment: 15 pages, 5 figures, accepted to be published in Physica

Chemistry of Cu deposition by Cu(hfac)(tmvs) monitored by Li⁺ ion attachment mass spectrometry

Ion attachment mass spectrometry was used for continuous in situanalysis of coordinated products formed during copperchemical vapor deposition(CuCVD) by Cu(1,1,1,5,5,5-hexafluoroacetylacetonate)(vinyltrimethylsilane) [Cu(hfac)(tmvs)] in a simple tubular reactor. This study of the thermally labile Cu(hfac)(tmvs) demonstrated the utility of this method for detecting molecular ions of labile compounds. The results demonstrate the feasibility of monitoring the deposition chemistry of Cu(hfac)(tmvs) by generating Li⁺ adduct molecular ions by means of the Li⁺ ion attachment technique. The reaction pathways for CuCVD by Cu(hfac)(tmvs) were studied by analysis of the reaction products. H(hfac) and tmvs were identified as the main products when Cu(hfac)tmvs was heated at temperatures ranging from room temperature to 160°C in the reactor. The rate constant for Cu deposition, k (1/s), was determined to be 1.6×10⁶exp(−10.2kcal/molRt).This work was supported in part by The New Energy and Industrial Technology Development Organization NEDO under a fund for Fundamental Technology Research Facilitation Program

Additional kernel observer: privilege escalation attack prevention mechanism focusing on system call privilege changes

Cyberattacks, especially attacks that exploit operating system vulnerabilities, have been increasing in recent years. In particular, if administrator privileges are acquired by an attacker through a privilege escalation attack, the attacker can operate the entire system and cause serious damage. In this paper, we propose an additional kernel observer (AKO) that prevents privilege escalation attacks that exploit operating system vulnerabilities. We focus on the fact that a process privilege can be changed only by specific system calls. AKO monitors privilege information changes during system call processing. If AKO detects a privilege change after system call processing, whereby the invoked system call does not originally change the process privilege, AKO regards the change as a privilege escalation attack and applies countermeasures against it. AKO can therefore prevent privilege escalation attacks. Introducing the proposed method in advance can prevent this type of attack by changing any process privilege that was not originally changed in a system call, regardless of the vulnerability type. In this paper, we describe the design and implementation of AKO for Linux x86 64-bit. Moreover, we show that AKO can be expanded to prevent the falsification of various data in the kernel space. Then, we present an expansion example that prevents the invalidation of Security-Enhanced Linux. Finally, our evaluation results show that AKO is effective against privilege escalation attacks, while maintaining low overhead

<ORIGINAL>Quantification of Porphyromonas gingivalis by real time PCR : new primers targeting the rgpA and rgpB gene encoding RGP

We designed new primers for the quantification of Porphyromonas gingivalis by real time PCR. The new primer set targeted the rgpA and rgpB genes that encode arginine specific cysteine proteinase (Arggingipain or Rgp), one of the putative pathogenic factors of P. gingivalis. The PCR product obtained using our primers showed no by-products by melting curve analysis. The PCR product sequence showed no significant matches to other sequences by BLAST searching of genetic databases except for matches to P. gingivalis rgpA and rgpB sequence, and could not be amplified from template derived from other oral bacteria apart from P. gingivalis. Therefore, we concluded that our primers were specific for P. gingivalis rgpA and rgpB, and could be used to quantity from 10^3 to 10^7 P. gingivalis cells when applied to real time PCR