Content delivery over TLS: a cryptographic analysis of keyless SSL

The Transport Layer Security (TLS) protocol is designed to allow two parties, a client and a server, to communicate securely over an insecure network. However, when TLS connections are proxied through an intermediate middlebox, like a Content Delivery Network (CDN), the standard endto- end security guarantees of the protocol no longer apply. In this paper, we investigate the security guarantees provided by Keyless SSL, a CDN architecture currently deployed by CloudFlare that composes two TLS 1.2 handshakes to obtain a proxied TLS connection. We demonstrate new attacks that show that Keyless SSL does not meet its intended security goals. These attacks have been reported to CloudFlare and we are in the process of discussing fixes. We argue that proxied TLS handshakes require a new, stronger, 3-party security definition. We present 3(S)ACCEsecurity, a generalization of the 2-party ACCE security definition that has been used in several previous proofs for TLS. We modify Keyless SSL and prove that our modifications guarantee 3(S)ACCE-security, assuming ACCE-security for the individual TLS 1.2 connections. We also propose a new design for Keyless TLS 1.3 and prove that it achieves 3(S)ACCEsecurity, assuming that the TLS 1.3 handshake implements an authenticated 2-party key exchange. Notably, we show that secure proxying in Keyless TLS 1.3 is computationally lighter and requires simpler assumptions on the certificate infrastructure than our proposed fix for Keyless SSL. Our results indicate that proxied TLS architectures, as currently used by a number of CDNs, may be vulnerable to subtle attacks and deserve close attention

Academic Performance: A Function of Achievement Motivation Among Education Students of Cross River University of Technology, Calabar

The study examined the relationship between first year education students’ achievement motivation and their academic performance.  The design employed for the study was survey (expo-facto).  A total of seven hundred and fifty (750) out of one thousand three hundred and fifty two students (1352) students of the 2010/2011 academic session were randomly selected for the study.   To guide the study, two hypotheses were formulated on students’ academic achievement motivation and academic performance as well as students’ social achievement motivation and academic performance.  Relevant literature was reviewed to back up the study.  The instrument used for the study was tagged “Education Students’ Achievement Motivation Scale (ESAMS)” which was adapted from Cofer and Appley (1964) Achievement Imagery and Grandal and Grandal (1965) Modified Intellectual achievement Questionnaire (MIAQ).  The instrument consisted of two parts,   A and B.  Part A consisted of items on respondent’s Bio –data while Part B comprised of 15 items which elicited responses from students’ achievement motivation.  The results of the study after analysis of the hypotheses obtained data with “ANOVA” statistical analysis technique indicated that neither students’ academic achievement motivation nor students’ social achievement motivation had any significant influence on education students’ academic performance.   Based on these findings, some recommendations were made

The Romanian Grassland Database (RGD): historical background, current status and future perspectives

This report describes the Romanian Grassland Database (RGD), registered under EU-RO-008 in the Global Index of Vegetation-Plot Databases (GIVD). This collaborative initiative aims at collecting all available vegetation-plot data (relevés) of grasslands and other open habitats from the territory of Romania and providing them for science, nationally and internationally, e.g. via the European Vegetation Archive (EVA) and the global database “sPlot”. It mainly contains data from wet, mesic, dry, saline, alpine and rocky grasslands, but also some other vegetation types like heathlands, mires, ruderal, segetal, aquatic and cryptogam-dominated vegetation. The currently 21,685 relevés have mainly been digitised from literature sources (90%), while the rest comes from individual unpublished sources (10%). We report on the background and history of RGD, explain its “Data Property and Governance Rules” under which data are contributed and retrieved and outline how RGD can contribute to research in the fields of vegetation ecology, macroecology and conservation