The Security Lottery: Measuring Client-Side Web Security Inconsistencies

To mitigate a myriad of Web attacks, modern browsers support client-side security policies shipped through HTTP response headers. To enforce these defenses, the server needs to communicate them to the client, a seemingly straightforward process. However, users may access the same site in variegate ways, e.g., using different User-Agents, network access methods, or language settings. All these usage scenarios should enforce the same security policies, otherwise a security lottery would take place: depending on specific client characteristics, different levels of Web application security would be provided to users (inconsistencies). We formalize security guarantees provided through four popular mechanisms and apply this to measure the prevalence of inconsistencies in the security policies of top sites across different client characteristics. Based on our insights, we investigate the security implications of both deterministic and non-deterministic inconsistencies, and show how even prominent services are affected by them

Reelin expression in human prostate cancer: a marker of tumor aggressiveness based on correlation with grade.

Reelin is a glycoprotein that plays a critical role in the regulation of neuronal migration during brain development and, since reelin has a role in the control of cell migration, it might represents an important factor in cancer pathology. In this study, 66 surgical specimens of prostate cancer were analyzed for reelin expression by immunohistochemical method. The reelin expression was correlated with Gleason score and individual Gleason patterns. Reelin expression was found in 39% prostate cancers. Stromal tissues, normal epithelial cells and prostate intraepithelial neoplasia (PIN) of any grade around and distant from cancer were always negative for reelin. Reelin was found in malignant prostatic epithelial glands of 50% cases Gleason score 10, 52% Gleason score 9, 56% Gleason score 8, 18% Gleason score 7, while no sample of prostate cancers with Gleason score 6 showed reelin expression (P=0,005). As reelin staining is frequently found in high Gleason score prostate cancers, we explored whether reelin expression is influenced by single Gleason patterns

Supporting XML Security Models Using Relational Databases: A Vision

As the secure distribution and sharing of information over the World Wide Web becomes increasingly important, the needs for flexible and e#cient support of access control systems naturally arise. Since the eXtensible Markup Language (XML) is emerging as the format of the Internet era for storing and exchanging information, there have been, recently, many proposals to extend the XML model to incorporate security aspects. To the lesser or greater extent, however, such proposals neglect the fact that the data for XML documents will most likely reside in relational databases, and consequently do not utilize various security models proposed for and implemented in relational databases

Credit scoring via machine learning e prestito responsabile

Obiettivo di questo scritto è quello di valutare l’impatto dell’intelligenza artificiale sull’attività di credit scoring ai fini della valutazione di merito creditizio preordinata all’erogazione del credito. La questione che interessa, in particolare, è capire se e quando la valutazione sul merito di credito possa dirsi svolta in modo “corretto”, anche alla luce della normativa che regola il sistema bancario, qualora si ricorra all’IA per effettuare il credit scoring