Session Armor: Protection Against Session Hijacking using Per-Request Authentication

Modern life increasingly relies upon web applications to provide critical services and infrastructure. Activities of banking, shopping, socializing, entertainment, and even medical record keeping are now primarily conducted using the Internet as a medium and HTTP as a protocol. A critical requirement of these tools is the mechanism by which they authenticate users and prevent transaction replay. Despite more than 20 years of widespread deployment, the de-facto technique for accomplishing these goals is the use of a static session bearer token to authenticate all requests for the lifetime of a user session. In addition, the use of any method to prevent request replay is not in common practice. This thesis presents Session Armor, a protocol which builds upon existing techniques to provide cryptographically-strong per-request authentication with both time-based and optional absolute replay prevention. Session Armor is designed to perform well and to be easily deployed by web application developers. It acts as a layer on top of existing session tokens, so as not to require modification of application logic. In addition to Session Armor, two additional tools are presented, JackHammer, a cross-browser extension that allows developers to quickly discover session hijacking vulnerabilities in their web applications, and SessionJack, a tool for analyzing the security properties of session tokens found on the web. A formal specification of the Session Armor protocol is provided. An implementation of the protocol is included as a Python Django middleware and a Chrome browser extension. Performance data is provided with a comparison to previous methods. A formal validation of secrecy and correspondence properties is presented in the Dolev-Yao model.M.S., Computer Engineering -- Drexel University, 201

ICESat Observations of Topographic Change in the Northern Segment of the 2004 Sumatra-Andaman Islands Earthquake Rupture Zone

The Andaman Islands are located 120 km east of the Sunda trench in the northern quarter of the 1300 km long rupture zone of the 2004 Sumatra-Andaman Islands earthquake inferred from the distribution of aftershocks. Initial field reports indicate that several meters of uplift and up to a meter of submergence occurred on the western and eastern shorelines of the Andaman Islands, respectively, associated with the earthquake (Bilham, 2005). Satellite images also document uplift of western shoreline coral reef platforms above sea level. Body-wave (Ji, 2005; Yamamaka, 2005) and tide-gauge (Ortiz, 2005) slip inversions only resolve coseismic slip in the southern one-third to one-half of the rupture zone. The amount of coseismic slip in the Andaman Islands region is poorly constrained by these inversions. The Ice, Cloud, and land Elevation Satellite (ICESat), a part of the NASA Earth Observing System, is being used to document the spatial pattern of Andaman Islands vertical displacements in order to constrain models of slip distribution in the northern part of the rupture zone. ICESat carries the Geoscience Laser Altimeter System (GLAS) that obtains elevation measurements from 80 m diameter footprints spaced 175 m apart along profiles. For surfaces of low slope, single-footprint absolute elevation and horizontal accuracies of 10 cm and 6 m (1 sigma), respectively, referenced to the ITRF 2002 TOPEX/Poseidon ellipsoid are being obtained. Laser pulse backscatter waveforms enable separation of ground topography and overlying vegetation cover. During each 33-day observing period ICESat acquires three profiles crossing the Andaman Islands. A NNE-SSW oriented track consists of 1600 laser footprints along the western side of North, Middle, and South Andaman Islands and 240 laser footprints across the center of Great Andaman Island. Two NNW-SSE tracks consist of 440 footprints across Middle Andaman Island and 25 footprints across the west side of Sentinel Island. Cloud-free profiles were acquired in the fall of 2003 and 2004. During February-March, 2005 ICESat's precise pointing capability will be used to exactly repeat these three profiles, with a cross-track accuracy of better than 100 m, providing trench- parallel and -perpendicular observations of topographic change of the Andaman Islands that will compliment geodetic field surveys. The observed elevation changes will be compared to models of coseismic deformation associated with the mainshock and large aftershocks in the Andaman Islands region

Report of the panel on plate motion and deformation, section 2

Given here is a panel report on the goals and objectives, requirements and recommendations for the investigation of plate motion and deformation. The goals are to refine our knowledge of plate motions, study regional and local deformation, and contribute to the solution of important societal problems. The requirements include basic space-positioning measurements, the use of global and regional data sets obtained with space-based techniques, topographic and geoid data to help characterize the internal processes that shape the planet, gravity data to study the density structure at depth and help determine the driving mechanisms for plate tectonics, and satellite images to map lithology, structure and morphology. The most important recommendation of the panel is for the implementation of a world-wide space-geodetic fiducial network to provide a systematic and uniform measure of global strain

Modeling afterslip and aftershocks following the 1992 Landers earthquake

One way to probe the rheology of the lithosphere and fault zones is to analyze the temporal evolution of deformation following a large earthquake. In such a case, the lithosphere responds to a known stress change that can be assessed from earthquake slip models constrained from seismology and geodesy. Here, we model the postseismic response of a fault zone that is assumed to obey a rate-strengthening rheology, where the frictional stress varies as aσ ln(ε), ε being the deformation rate and aσ > 0 a rheological parameter. The model is simple enough that these parameters can be estimated by inversion of postseismic geodetic data. We apply this approach to the analysis of geodetic displacements following the M_w 7.3, 1992, Landers earthquake. The model adjusts well the measured displacements and implies aσ ≈ 0.47–0.53 MPa. In addition, we show that aftershocks and afterslip follow the same temporal evolution and that the spatiotemporal distribution of aftershocks is consistent with the idea that they are driven by reloading of the seismogenic zone resulting from frictional afterslip

Effects of Bedrock Lithology and Subglacial Till on the Motion of Ruth Glacier, Alaska, Deduced from Five Pulses from 1973-2012

A pulse is a type of unstable glacier flow intermediate between normal flow and surging. Using Landsat MSS, TM, and ETM+ imagery and feature tracking software, a time-series of mostly annual velocity maps from 1973 to 2012 was produced that reveals five pulses of Ruth Glacier, Alaska. Peaks in ice velocity were found in the 1981, 1989, 1997, 2003, and 2010; approximately every 7 years. During these peak years the ice velocity increased 300%, from approximately 40 m/yr to 160 m/yr, and occurred in an area of the glacier underlain by sedimentary bedrock. Based on the spatio-temporal behavior of Ruth Glacier during the pulse cycles, we suggest the pulses are due to enhanced basal motion via deformation of a subglacial till. The cyclical nature of the pulses is theorized to be due to a thin till, with low permeability, that causes incomplete drainage of the till between the pulses, followed by eventual recharge and dilation of the till. These findings suggest care is needed when attempting to correlate changes in regional climate with decadal-scale changes in velocity, because in some instances basal conditions may have a greater influence on ice dynamics than climate

Degradation of haloaromatic compounds

An ever increasing number of halogenated organic compounds has been produced by industry in the last few decades. These compounds are employed as biocides, for synthetic polymers, as solvents, and as synthetic intermediates. Production figures are often incomplete, and total production has frequently to be extrapolated from estimates for individual countries. Compounds of this type as a rule are highly persistent against biodegradation and belong, as "recalcitrant" chemicals, to the class of so-called xenobiotics. This term is used to characterise chemical substances which have no or limited structural analogy to natural compounds for which degradation pathways have evolved over billions of years. Xenobiotics frequently have some common features. e.g. high octanol/water partitioning coefficients and low water solubility which makes for a high accumulation ratio in the biosphere (bioaccumulation potential). Recalcitrant compounds therefore are found accumulated in mammals, especially in fat tissue, animal milk supplies and also in human milk. Highly sophisticated analytical techniques have been developed for the detection of organochlorines at the trace and ultratrace level