1,489 research outputs found
Security Analysis of Role-based Access Control through Program Verification
We propose a novel scheme for proving administrative role-based access control (ARBAC) policies correct with respect to security properties using the powerful abstraction based tools available for program verification. Our scheme uses a combination of abstraction and reduction to program verification to perform security analysis. We convert ARBAC policies to imperative programs that simulate the policy abstractly, and then utilize further abstract-interpretation techniques from program analysis to analyze the programs in order to prove the policies secure. We argue that the aggressive set-abstractions and numerical-abstractions we use are natural and appropriate in the access control setting. We implement our scheme using a tool called VAC that translates ARBAC policies to imperative programs followed by an interval-based static analysis of the program, and show that we can effectively prove access control policies correct. The salient feature of our approach are the abstraction schemes we develop and the reduction of role-based access control security (which has nothing to do with programs) to program verification problems
Policy analysis for self-administrated role-based access control
Current techniques for security analysis of administrative role-based access control (ARBAC) policies restrict themselves to the separate administration assumption that essentially separates administrative roles from regular ones. The naive algorithm of tracking all users is all that is known for the security analysis of ARBAC policies without separate administration, and the state space explosion that this results in precludes building effective tools. In contrast, the separate administration assumption greatly simplifies the analysis since it makes it sufficient to track only one user at a time. However, separation limits the expressiveness of the models and restricts modeling distributed administrative control. In this paper, we undertake a fundamental study of analysis of ARBAC policies without the separate administration restriction, and show that analysis algorithms can be built that track only a bounded number of users, where the bound depends only on the number of administrative roles in the system. Using this fundamental insight paves the way for us to design an involved heuristic to further tame the state space explosion in practical systems. Our results are also very effective when applied on policies designed under the separate administration restriction. We implement our techniques and report on experiments conducted on several realistic case studies
Reachability under Contextual Locking
The pairwise reachability problem for a multi-threaded program asks, given
control locations in two threads, whether they can be simultaneously reached in
an execution of the program. The problem is important for static analysis and
is used to detect statements that are concurrently enabled. This problem is in
general undecidable even when data is abstracted and when the threads (with
recursion) synchronize only using a finite set of locks. Popular programming
paradigms that limit the lock usage patterns have been identified under which
the pairwise reachability problem becomes decidable. In this paper, we consider
a new natural programming paradigm, called contextual locking, which ties the
lock usage to calling patterns in each thread: we assume that locks are
released in the same context that they were acquired and that every lock
acquired by a thread in a procedure call is released before the procedure
returns. Our main result is that the pairwise reachability problem is
polynomial-time decidable for this new programming paradigm as well. The
problem becomes undecidable if the locks are reentrant; reentrant locking is a
\emph{recursive locking} mechanism which allows a thread in a multi-threaded
program to acquire the reentrant lock multiple times.Comment: A preliminary version appears in TACAS 201
Asynchronous Games over Tree Architectures
We consider the task of controlling in a distributed way a Zielonka
asynchronous automaton. Every process of a controller has access to its causal
past to determine the next set of actions it proposes to play. An action can be
played only if every process controlling this action proposes to play it. We
consider reachability objectives: every process should reach its set of final
states. We show that this control problem is decidable for tree architectures,
where every process can communicate with its parent, its children, and with the
environment. The complexity of our algorithm is l-fold exponential with l being
the height of the tree representing the architecture. We show that this is
unavoidable by showing that even for three processes the problem is
EXPTIME-complete, and that it is non-elementary in general
AGRICULTURAL AND FOREST LANDUSE CHANGES, AND THE ENVIRONMENTAL KUZNETS CURVE FOR DEFORESTATION: AN INTERTEMPORAL DYNAMIC EQUILIBRIUM
This study is an investigation of the process of land conversion from forest to agricultural production, and assessing the factors affecting the process. We also analyze the conditions that would ultimately lead to the EKC type of relationship between deforestation and societal income in an economy.Land Economics/Use,
THE ECOLOGY OF DISTURBANCES AND GLOBAL CHANGE IN THE MONTANE GRASSLANDS OF THE NILGIRIS, SOUTH INDIA
Biodiversity rich regions worldwide face threats from various global change agents. This research quantifies environmental influences on vegetation, and the impacts of exotic woody plant invasion and anthropogenic nitrogen (N) deposition in a global biodiversity hotspot. The study was conducted in the montane grasslands of the Nilgiris, Western Ghats, and outlines potential management options for this region. Specifically, I examined (1) the role of environmental factors in influencing native plant distribution and ecosystem properties, (2) the status and impact of exotic shrub (Scotch broom, henceforth broom) invasion, (3) the role of disturbances in the success of broom, (4) the role of fire in restoring invaded grasslands, and (5) the impacts of terrestrial N loading on the grassland ecosystem. I used experiments and surveys to assess these. Distributions of several key species were explained by a few complex environmental gradients. In invaded-grasslands, broom populations consisted mainly of intermediate size and age classes, with no clear indication of population decline. Invasion negatively impacted plant community structure and drastically changed composition, favoring shade-tolerant and weedy species. However, invasion did not greatly alter ecosystem function. Fire successfully eliminated mature broom stands, but resulted in a short-term increase in broom seedling recruitment. At the end of 18 months, the fire effects on uninvaded-grasslands were not apparent, but there was no conclusive evidence of the formerly invaded patches attaining the composition of uninvaded-grasslands following burning. N fertilization strongly influenced soil N dynamics, and shoot N concentrations, but effects on aboveground production were weak. Surprisingly, N enrichment had positive effects on diversity in the short-term. It is clear that these grasslands need immediate management intervention to forestall degradation from invasion. Fire could be used to eliminate mature broom stands and deplete persistent seedbanks, which will facilitate colonization by shade-intolerant grassland plants. Active restoration should be mindful of environmental preferences of framework species. Long-term studies of the impacts of N deposition in the context of disturbances will help determine realistic critical thresholds and utilize disturbances to buffer the potential adverse effects of increasing N loading
Cellular mechanisms responsible for development of sensitivity of the bovine corpus luteum to prostaglandin F2 alpha
Prostaglandin F2 alpha (PGF2alpha) brings about regression of the bovine corpus luteum (CL). This luteolytic property of PGF 2alpha is used in beef and dairy cattle to synchronize estrus. A limitation of this protocol is an insensitivity of the early CL to luteolytic actions of PGF2alpha. The mechanisms underlying this differential luteal sensitivity are poorly understood. Therefore the main objective of the current study is to understand the cellular mechanism of luteal insensitivity. The developing CL has a maximum number of PGF2alpha receptors; therefore differences in signaling events might be responsible for luteal insensitivity. Hence differential gene expression at two developmental stages of CL, days 4 (D-4) and 10 (D-10) post estrus, might account for differences in signal transduction pathways associated with luteal sensitivity. For example, differential expression of protein kinase C epsilon (PKCepsilon /PRKCE) and its ability to regulate PGF2alpha-stimulated rise in intracellular calcium concentration have been proposed to be part of luteal resistance mechanism. Therefore the current study investigates the: (1) physiological role of PRKCE in regulating the ability of PGF2alpha to inhibit progesterone synthesis, (2) role of PGF2alpha-stimulated rise in intracellular calcium in progesterone inhibitory actions of PGF2alpha, (3) differential expression of a large portion of the luteal transcriptome during its developmental transition from early to mature stage, and (4) role of differentially expressed CAMKK2 in acquisition of luteolytic sensitivity to PGF2alpha . Down-regulation of PRKCE significantly reduced the ability of PGF 2alpha to inhibit LH-stimulated progesterone accumulation. A pharmacological increase in intracellular calcium concentration [Ca2+] i significantly inhibited LH-stimulated progesterone accumulation irrespective of luteal developmental stage. More importantly, buffering the rise in [Ca 2+]i reduced the ability of PGF2alpha to inhibit progesterone accumulation. Microarray analysis identified 167 genes that were expressed differentially (p \u3c 0.05). These were categorized into genes involved in cell signaling (12%), steroidogenesis and metabolism (10.2%), protein degradation (5.3%), transcription regulation and DNA biosynthesis (18.5%), protein biosynthesis and modification (18.5%), extracellular matrix and cytoskeletal proteins (9.5%), antioxidant property (3%), miscellaneous (17%), and unknown functions (6%). In addition, the in vivo administration of PGF2alpha increased the expression of a guanine nucleotide binding protein (G protein), beta polypeptide 1 (GNB1) in D-4 CL and calcium/calmodulin dependent kinase kinase 2, beta (CAMKK2) in D-10 CL. Furthermore, large and small luteal steroidogenic cells, known to be targets for actions of PGF2alpha were demonstrated to be a cellular source for CAMKK2. More importantly, in vitro, a CAMKK2 inhibitor significantly reduced the ability of PGF2alpha to inhibit progesterone accumulation. In summary, a developmental increase in PRKCE expression combined with its ability to regulate [Ca2+]i and the availability of CAMKK2 to mediated the actions of rise in [Ca2+]i might be important components of the mechanism rendering the bovine CL sensitive to PGF2alpha
- …