Acesso remoto dinâmico e seguro a bases de dados com integração de políticas de acesso suave

The amount of data being created and shared has grown greatly in recent years, thanks in part to social media and the growth of smart devices. Managing the storage and processing of this data can give a competitive edge when used to create new services, to enhance targeted advertising, etc. To achieve this, the data must be accessed and processed. When applications that access this data are developed, tools such as Java Database Connectivity, ADO.NET and Hibernate are typically used. However, while these tools aim to bridge the gap between databases and the object-oriented programming paradigm, they focus only on the connectivity issue. This leads to increased development time as developers need to master the access policies to write correct queries. Moreover, when used in database applications within noncontrolled environments, other issues emerge such as database credentials theft; application authentication; authorization and auditing of large groups of new users seeking access to data, potentially with vague requirements; network eavesdropping for data and credential disclosure; impersonating database servers for data modification; application tampering for unrestricted database access and data disclosure; etc. Therefore, an architecture capable of addressing these issues is necessary to build a reliable set of access control solutions to expand and simplify the application scenarios of access control systems. The objective, then, is to secure the remote access to databases, since database applications may be used in hard-to-control environments and physical access to the host machines/network may not be always protected. Furthermore, the authorization process should dynamically grant the appropriate permissions to users that have not been explicitly authorized to handle large groups seeking access to data. This includes scenarios where the definition of the access requirements is difficult due to their vagueness, usually requiring a security expert to authorize each user individually. This is achieved by integrating and auditing soft access policies based on fuzzy set theory in the access control decision-making process. A proof-of-concept of this architecture is provided alongside a functional and performance assessment.A quantidade de dados criados e partilhados tem crescido nos últimos anos, em parte graças às redes sociais e à proliferação dos dispositivos inteligentes. A gestão do armazenamento e processamento destes dados pode fornecer uma vantagem competitiva quando usados para criar novos serviços, para melhorar a publicidade direcionada, etc. Para atingir este objetivo, os dados devem ser acedidos e processados. Quando as aplicações que acedem a estes dados são desenvolvidos, ferramentas como Java Database Connectivity, ADO.NET e Hibernate são normalmente utilizados. No entanto, embora estas ferramentas tenham como objetivo preencher a lacuna entre as bases de dados e o paradigma da programação orientada por objetos, elas concentram-se apenas na questão da conectividade. Isto aumenta o tempo de desenvolvimento, pois os programadores precisam dominar as políticas de acesso para escrever consultas corretas. Além disso, quando usado em aplicações de bases de dados em ambientes não controlados, surgem outros problemas, como roubo de credenciais da base de dados; autenticação de aplicações; autorização e auditoria de grandes grupos de novos utilizadores que procuram acesso aos dados, potencialmente com requisitos vagos; escuta da rede para obtenção de dados e credenciais; personificação de servidores de bases de dados para modificação de dados; manipulação de aplicações para acesso ilimitado à base de dados e divulgação de dados; etc. Uma arquitetura capaz de resolver esses problemas é necessária para construir um conjunto confiável de soluções de controlo de acesso, para expandir e simplificar os cenários de aplicação destes sistemas. O objetivo, então, é proteger o acesso remoto a bases de dados, uma vez que as aplicações de bases de dados podem ser usados em ambientes de difícil controlo e o acesso físico às máquinas/rede nem sempre está protegido. Adicionalmente, o processo de autorização deve conceder dinamicamente as permissões adequadas aos utilizadores que não foram explicitamente autorizados para suportar grupos grandes de utilizadores que procuram aceder aos dados. Isto inclui cenários em que a definição dos requisitos de acesso é difícil devido à sua imprecisão, geralmente exigindo um especialista em segurança para autorizar cada utilizador individualmente. Este objetivo é atingido no processo de decisão de controlo de acesso com a integração e auditaria das políticas de acesso suaves baseadas na teoria de conjuntos difusos. Uma prova de conceito desta arquitetura é fornecida em conjunto com uma avaliação funcional e de desempenho.Programa Doutoral em Informátic

The efficiency of AI: From the perspective of candidates that went through a recruitment and selection process with AI

The advancement of technology has helped organizations improve their areas of human resource management, as for example with the application of artificial intelligence in recruitment and selection. This study aims to examine the efficiency of online recruitment, using the perspective of candidates. It included 101 candidates, that answered a questionnaire using multiple scales to access the factors related to online recruitment, such as, the engagement, and bias that the candidates perceive. The candidates’ sociodemographic aspects, age, sex, education, were also measured. Aspects, such as, the job position they applied, and the area they entered in the organization were also assessed. It was found in the results, some correlations between the factors and online recruitment efficiency, and a mediation effect between the engagement in the relation between online recruitment bias and efficiency. With these results, it was highlighted that is important to improve the engagement of the candidates towards online recruitment, since it will diminish the effect of perceived bias and improve the efficiency of online recruitment.O avanço da tecnologia tem ajudado as organizações a melhorarem as suas áreas de gestão de recursos humanos, como por exemplo com a aplicação de inteligência artificial no recrutamento e seleção. Este estudo tem como objetivo estudar a eficiência do recrutamento online, utilizando a perspetiva dos candidatos. Foram incluídos 101 candidatos, que responderam a um questionário utilizando múltiplas escalas para examinar os fatores relacionados com o recrutamento online, como o empenho e o preconceito que os candidatos identificam. Foram medidos os aspetos sociodemográficos dos candidatos, idade, sexo, escolaridade. Também foram avaliados aspetos como o cargo a que se candidataram e a área em que integraram na organização. Foram encontradas nos resultados algumas correlações entre os fatores e a eficiência do recrutamento online, e um efeito de mediação entre o empenho na relação entre o preconceito e a eficiência do recrutamento online. Com estes resultados, destacou-se que é importante melhorar o empenho dos candidatos no recrutamento online, uma vez que diminuirá o efeito do preconceito identificado e melhora a eficiência do recrutamento online

Modelling Design Problems by Su-Field Method – Toward a Problem Solving Approach in Architectural Design Studio

AbstractThe design studio is the main central concern in architecture education. The modifications in architectural design studio are not accompanying today's fast-changing world. The TRIZ, developed by Altshuller is an organized method for problem solving. Su-Field analysis is one of the analytical tools of TRIZ. The aim of this study is to examine this method of the modelling design problems for architecture students in design studio. Three design problems were chosen and modeled with the design studio students. The results showed that accompanying systematic method with critique and collaborative methods increased the motivation of students in the design studio task

Drug-Induced Anaphylaxis: An Update on Epidemiology and Risk Factors

Drug hypersensitivity is one of the most frequent causes of anaphylaxis, particularly in adults and in hospitalized patients. Drug-induced anaphylaxis (DIA) is also associated with more severe outcomes than other anaphylaxis triggers, and drugs are responsible for the majority of deaths due to anaphylaxis. We here review the current knowledge on the incidence, prevalence, drugs involved, mortality, and mortality risk factors for DIA. The incidence of both anaphylaxis and DIA seems to be increasing worldwide. Antibiotics and analgesics are the most frequently reported triggers of DIA. However, the importance of other drug groups should be taken into account, especially in particular settings (e.g., peri-operative and oncology). The identification of risk factors, geographical variables, and drugs associated with higher risk for DIA may improve the outcomes of this entity.info:eu-repo/semantics/publishedVersio

Vector-borne pathogens found in carnivores in wild Namibia

Dissertação de Mestrado Integrado em Medicina VeterináriaThis dissertation aimed to identify and molecularly characterize vector-borne pathogens from several parasite families, all possessing stages found in peripheral blood, from a wide variety of free-ranging carnivores living in Namibia, in the southern part of Africa. Blood samples collected from 9 bat-eared foxes (Otocyon megalotis), 17 brown hyenas (Parahyaena brunnea), 19 spotted hyenas (Crocuta crocuta) and 85 cheetahs (Acinonyx jubatus) were screened by Polymerase Chain Reactions (PCRs) and tested for pathogens of the Onchocercidae family, the order Piroplasmida, bacteria from the Anaplasmataceae and the Rickettsiaceae families and, lastly, the Hepatozoidae family. The PCRs targeted both the ITS-2 and 12S, 18S, 16S, 18S and 18S rRNA genes respectively and were followed by nucleotide sequencing. In total, sampled animals showed a 43.1% rate of Onchocercidae infection, 67.7% of Piroplasmida, 60% of them were positive for Anaplasmataceae, 10% for Rickettsiaceae and Hepatozoidae were detected in 47.7% of them. Obtained filaroid sequences showed high homologies with both Acanthocheilonema reconditum and Acanthocheilonema dracunculoides and further phylogenetic analysis were performed in both brown and spotted hyenas, with the construction of a phylogenetic tree. Piroplasmida results were not studied any further. For Anaplasmataceae, subsequent sequencing results indicated high similarity with both Anaplasma phagocytophilum and Anaplasma platys and varied PCR protocols were conducted in order to differentiate between these organisms, but no conclusions were reached. The Rickettsiaceae found displayed high homologies with Rickettsia raoultii. And finally, the Hepatozoidae infection showed to be a mixed one with both Hepatozoon canis and Hepatozoon felis. These results are important not only on a conservation level for the infected host species, but are also relevant for domestic animals coexisting in the surrounding areas, as well as humans, especially since a few of the parasites found may have zoonotic potential. Future studies should focus on understanding vectors, transmission routes, infection dynamics and host specificity in order to better evaluate the possible danger these infections may withhold.RESUMO - Agentes patogénicos transmitidos por vetores presentes em carnívoros na Namíbia - Esta dissertação teve como principal objetivo identificar e caracterizar molecularmente agentes patogénicos transmitidos por vetores de várias famílias parasitárias, com o aspeto em comum de todas possuírem fases do desenvolvimento encontradas no sangue, de espécies variadas de carnívoros selvagens que habitam na Namíbia, no Sul de África. Foram testadas amostras sanguíneas de 9 raposas-orelhas-de-morcego (Otocyon megalotis), 17 hienas-castanhas (Parahyaena brunnea), 19 hienas-malhadas (Crocuta crocuta) e 85 chitas (Acinonyx jubatus) por PCR e analisadas para pesquisa de parasitas da família Onchocercidae, da ordem Piroplasmida, bactérias das famílias Anaplasmataceae e Rickettsiaceae e, finalmente, da família Hepatozoidae. Os PCRs foram direcionados aos genes do rRNA ITS-2 e 12S, 18S, 16S, 18S e 18S respetivamente e foram seguidos de sequenciação de nucleótidos. Na totalidade, os animais testados mostraram uma taxa de infeção de 43.1% por Onchocercidae, de 67.7% de Piroplasmida, 60% deles tiveram resultados positivos para Anaplasmataceae, 10% para Rickettsiaceae e Hepatozoidae foram detetados em 47.7% da população. As sequências obtidas de filarídeos, mostraram possuir elevadas homologias com Acanthocheilonema reconditum e Acanthocheilonema dracunculoides, e estudos filogenéticos mais intensivos foram realizados, nomeadamente uma árvore filogenética que inclui ambas as espécies de hienas. Os resultados relativos a Piroplasmida não foram aprofundados. Para as Anaplasmataceae, as sequenciações subsequentes indicaram elevada similaridade com Anaplasma phagocytophilum e Anaplasma platys e múltiplos protocolos de PCRs foram efetuados, com o intuito de diferenciar entre estas duas espécies, mas não foram retiradas quaisquer conclusões. As Rickettsiaceae presentes evidenciaram fortes semelhanças com Rickettsia raoultii. E finalmente, as infeções por Hepatozoidae mostraram ser uma infeção mista por ambos Hepatozoon canis e Hepatozoon felis. A importância destes resultados não se limita apenas à conservação das espécies animais em causa, mas são também relevantes em termos dos animais domésticos coabitantes na mesma região, assim como humanos, especialmente tendo em conta o possível potencial zoonótico de algumas espécies parasitárias. Estudos futuros devem ter como principais objetivos o estudo dos vetores respetivos, tipo de transmissão, dinâmica da infeção e especificidade parasitária, para melhor avaliar os possíveis perigos que podem advir da presença destes parasitas.N/

Distributed and typed role-based access control mechanisms driven by CRUD expressions

Business logics of relational databases applications are an important source of security violations, namely in respect to access control. The situation is particularly critical when access control policies are many and complex. In these cases, programmers of business logics can hardly master the established access control policies. Now we consider situations where business logics are built with tools such as JDBC and ODBC. These tools convey two sources of security threats: 1) the use of unauthorized Create, Read, Update and Delete (CRUD) expressions and also 2) the modification of data previously retrieved by Select statements. To overcome this security gap when Role-based access control policies are used, we propose an extension to the basic model in order to control the two sources of security threats. Finally, we present a software architectural model from which distributed and typed RBAC mechanisms are automatically built, this way relieving programmers from mastering any security schema. We demonstrate empirical evidence of the effectiveness of our proposal from a use case based on Java and JDBC

Role-based access control mechanisms: distributed, statically implemented and driven by CRUD expressions

Most of the security threats in relational database applications have their source in client-side systems when they issue requests formalized by Create, Read, Update and Delete (CRUD) expressions. If tools such as ODBC and JDBC are used to develop business logics, then there is another source of threats. In some situations the content of data sets retrieved by Select expressions can be modified and then committed into the host databases. These tools are agnostic regarding not only database schemas but also regarding the established access control policies. This situation can hardly be mastered by programmers of business logics in database applications with many and complex access control policies. To overcome this gap, we extend the basic Role-Based Access policy to support and supervise the two sources of security threats. This extension is then used to design the correspondent RBAC model. Finally, we present a software architectural model from which static RBAC mechanisms are automatically built, this way relieving programmers from mastering any schema. We demonstrate empirical evidence of the effectiveness of our proposal from a use case based on Java and JDBC

Deformation-Guided Unsupervised Non-Rigid Shape Matching

We present an unsupervised data-driven approach for non-rigid shape matching. Shape matching identifies correspondences between two shapes and is a fundamental step in many computer vision and graphics applications. Our approach is designed to be particularly robust when matching shapes digitized using 3D scanners that contain fine geometric detail and suffer from different types of noise including topological noise caused by the coalescence of spatially close surface regions. We build on two strategies. First, using a hierarchical patch based shape representation we match shapes consistently in a coarse to fine manner, allowing for robustness to noise. This multi-scale representation drastically reduces the dimensionality of the problem when matching at the coarsest scale, rendering unsupervised learning feasible. Second, we constrain this hierarchical matching to be reflected in 3D by fitting a patch-wise near-rigid deformation model. Using this constraint, we leverage spatial continuity at different scales to capture global shape properties, resulting in matchings that generalize well to data with different deformations and noise characteristics. Experiments demonstrate that our approach obtains significantly better results on raw 3D scans than state-of-the-art methods, while performing on-par on standard test scenarios

Oral squamous cell carcinoma: Review of prognostic and predictive factors

Oral squamous cell carcinoma has a remarkable incidence worldwide and a fairly onerous prognosis, encouraging further research on factors that might modify disease outcome. In this review article, the authors approach the factors that may exert influence on the prognosis and eventually guide the selection of patients for more aggressive therapies. Published scientific data was collected, selected, and grouped into 3 main clusters: patient-, tumor-, and treatment-related factors. Well established aspects are discussed, but also those less common or with only supposed usefulness. Disease staging, extracapsular dissemination, resection margin free of disease, and tumor thickness are factors with high influence on the prognosis. There has been an increasing interest in the study of tumor molecular factors, and some have been strongly correlated with the outcome, showing promising pathways for the future development of more effective prognosis systems and anticancer therapies.http://www.sciencedirect.com/science/article/B6WP1-4J0WTPM-3/1/71bafa4352dd7cfb29bd0c9c32f6991