Security Vulnerabilities of the Cisco IOS Implementation of the MPLS Transport Profile

We are interested in the security of the MPLS Transport Profile (MPLS-TP), in the context of smart-grid communication networks. The security guidelines of the MPLS-TP standards are written in a complex and indirect way, which led us to pose as hypothesis that vendor solutions might not implement them satisfactorily. To test this hypothesis, we investigated the Cisco implementation of two MPLS-TP OAM (Operations, Administration, and Maintenance) protocols: bidirectional forwarding detection (BFD), used to detect failures in label-switched paths (LSPs) and protection state coordination (PSC), used to coordinate protection switching. Critical smart grid applications, such as protection and control, rely on the protection switching feature controlled by BFD and PSC. We did find security issues with this implementation. We implemented a testbed with eight nodes that run the MPLS-TP enabled Cisco IOS; we demonstrated that an attacker who has access to only one cable (for two attacks) or two cables (for one attack) is able to harm the network at several points (e.g., disabling both working and protection LSPs). This occurred in spite of us implementing the security guidelines that are available from Cisco for IOS and MPLS-TP. The attacks use forged BFD or PSC messages, which induce a label-edge router (LER) into believing false information about an LSP. In one attack, the LER disables the operational LSP; in another attack, the LER continues to believe that a physically destroyed LSP is up and running; in yet another attack, both operational and backup LSPs are brought down. Our findings suggest that the MPLS-TP standard should be more explicit when it comes to security. For example, to thwart the attacks revealed here, it should mandate either hop by hop authentication (such as MACSec) at every node, or an ad-hoc authentication mechanism for BFD and PSC

AI Governance and the Policymaking Process: Key Considerations for Reducing AI Risk

This essay argues that a new subfield of AI governance should be explored that examines the policy-making process and its implications for AI governance. A growing number of researchers have begun working on the question of how to mitigate the catastrophic risks of transformative artificial intelligence, including what policies states should adopt. However, this essay identifies a preceding, meta-level problem of how the space of possible policies is affected by the politics and administrative mechanisms of how those policies are created and implemented. This creates a new set of key considerations for the field of AI governance and should influence the action of future policymakers. This essay examines some of the theories of the policymaking process, how they compare to current work in AI governance, and their implications for the field at large and ends by identifying areas of future research

Trust Evaluation in the IoT Environment

Along with the many benefits of IoT, its heterogeneity brings a new challenge to establish a trustworthy environment among the objects due to the absence of proper enforcement mechanisms. Further, it can be observed that often these encounters are addressed only concerning the security and privacy matters involved. However, such common network security measures are not adequate to preserve the integrity of information and services exchanged over the internet. Hence, they remain vulnerable to threats ranging from the risks of data management at the cyber-physical layers, to the potential discrimination at the social layer. Therefore, trust in IoT can be considered as a key property to enforce trust among objects to guarantee trustworthy services. Typically, trust revolves around assurance and confidence that people, data, entities, information, or processes will function or behave in expected ways. However, trust enforcement in an artificial society like IoT is far more difficult, as the things do not have an inherited judgmental ability to assess risks and other influencing factors to evaluate trust as humans do. Hence, it is important to quantify the perception of trust such that it can be understood by the artificial agents. In computer science, trust is considered as a computational value depicted by a relationship between trustor and trustee, described in a specific context, measured by trust metrics, and evaluated by a mechanism. Several mechanisms about trust evaluation can be found in the literature. Among them, most of the work has deviated towards security and privacy issues instead of considering the universal meaning of trust and its dynamic nature. Furthermore, they lack a proper trust evaluation model and management platform that addresses all aspects of trust establishment. Hence, it is almost impossible to bring all these solutions to one place and develop a common platform that resolves end-to-end trust issues in a digital environment. Therefore, this thesis takes an attempt to fill these spaces through the following research work. First, this work proposes concrete definitions to formally identify trust as a computational concept and its characteristics. Next, a well-defined trust evaluation model is proposed to identify, evaluate and create trust relationships among objects for calculating trust. Then a trust management platform is presented identifying the major tasks of trust enforcement process including trust data collection, trust data management, trust information analysis, dissemination of trust information and trust information lifecycle management. Next, the thesis proposes several approaches to assess trust attributes and thereby the trust metrics of the above model for trust evaluation. Further, to minimize dependencies with human interactions in evaluating trust, an adaptive trust evaluation model is presented based on the machine learning techniques. From a standardization point of view, the scope of the current standards on network security and cybersecurity needs to be expanded to take trust issues into consideration. Hence, this thesis has provided several inputs towards standardization on trust, including a computational definition of trust, a trust evaluation model targeting both object and data trust, and platform to manage the trust evaluation process

Enneaegse sünnituse kliinilised ja võimalikud pärilikud põhjused

Enneaegne sünnitus on sündroom, mis puudutab umbes 5% kõikidest Eestis sündinud lastest ning kuni 18% lastest üle maailma. Enneaegne sünnitus mõjutab lisaks enneaegse lapse perekonnale kogu riigi majandust. Enneaegset sünnitust on varases staadiumis väga raske ette ennustada, lisaks jääb umbes pooltel juhtudel enneaegse sünnituse põhjus teadmata. Geneetilised uuringud võivad aga anda uusi teadmisi enneaegse sünnituse bioloogiliste radade kohta ning viia potentsiaalsete geneetiliste biomarkerite kasutamiseni. Enneaegse sünnituse riskiga seostatakse kirjanduse põhjal mitmeid polümorfisme, geenide üles- või allaregulatsiooni ning mitmeid mikroRNA-sid. Hoolimata enneaegse sünnitusega seotud geeniuuringute kiirest arengust ning arvukatest uuringutest, on ees veel suur töö, et toimuks kindlate enneaegset sünnitust ette ennustavate geneetiliste biomarkerite kasutuselevõtt

Isiksuse seadumuste seos religioossusega venelaste hulgas

Seminaritöös on uuritud isiksuse seadumuste seost religioossusega venelaste hulgas ja sugudel põhinevaid erinevusi. Töös uuriti üle 10.000 Vene Föderatsioonis elava noore inimese vastuseid nende seostele religiooniga. Lisaks sellele täitsid vastajad lühikese, 30-nest küsimusest koosneva isiksuse küsimustiku. Saadud tulemused kinnitavad avatuse ja meelekindluse seost religioossusega. Saab kindlalt väita, et religioon ja religioossus on väga laiaulatuslikud, seda saab täheldada nii naiste, kui ka meeste hulgas. Religioosse isiku puhul on täheldatav positiivne tendents ekstravertsusele, sotsiaalsusele, avatusele ja meelekindlusele. Religioossuse raames ilmnevad väiksed naiste-meeste erinevused. Samas on alati oluline meeles pidada valimist tulenevaid võimalikke prognoositavaid kaldeid. Käesoleva analüüsi alusküsitlustes on valimi moodustamisel naiste suur ülekaal. Konkreetse töö ja selle alusmaterjalide valguses väidan, et pigem eristavad erinevaid sugupooli elu argipäevased pisiasjad, mille märkamine on kaaslaste mõistmiseks oluline.http://tartu.ester.ee/record=b2647454~S1*es

What does it take for flexible learning to survive? A UK case study

Although there is evidence that Work Based Learning practices are expanding in universities worldwide, fully flexible programmes using a non-subject specific 'Shell programme' are often closed down. The paper is an attempt to identify non-pedagogic reasons why one such programme has been able to flourish over a twenty year time period. The implication is that those advocating such programmes should consider the broader organisational objectives of the host institution in order to achieve sustainability. this means ensuring programmes are financially sound, adapting to changing circumstances, cohesive team work and adherence to the maintenance of rigorous academic standards.Purpose: To identify potential reasons why an innovative Work based learning shell framework has succeeded in an adverse environment Design/methodology/approach: Case study Findings: Demand-led, flexible Work based learning programmes have to overcome a number of internal cultural and institutional barriers in order to succeed. Important requirements are likely to include effective leadership, financial viability, adherence to Quality Assurance, adaptability, entrepreneurialism and a cohesive community of practice incorporating these traits. Research limitations/implications: The conclusions are drawn from shared experience and are suggestive only as they are not readily susceptible to empirical verification. The authors accept that for some the conclusions appear speculative but they suggest that in order for innovative programmes to survive more is required than sound pedagogy. Practical implications: Although lessons may not be directly transferable, the paper draws attention to the importance of managerial, leadership and organisational factors necessary for innovative Work based learning programmes to survive and develop. Social implications: Originality/value: There is some literature on why some innovative higher education programmes and institutions have failed: there is little on why some programmes are successful

The political economy of high skills:Higher Education in knowledge-based labour markets

<p>A successful transition into the knowledge economy depends upon higher level skills, creating unprecedented pressure on university systems to provide labour markets with the skills needed. But what are the political economy dynamics underlying national patterns of high skill formation? The article proposes a framework to theorize the relationship between higher education systems and knowledge-based labour markets based on two dimensions: the type of knowledge economy predominant in a given country and the extent of inter-university competition. It is argued that the former explains what type of higher level skills will be sought by employers and cultivated by governments, while the latter helps us understanding why some higher education systems are more open to satisfying labour market demands compared to others. A set of diverse country case studies (Britain, Germany, South Korea and the Netherlands) is employed to illustrate the theory.</p

Is race still relevant? Student perceptions and experiences of racism in higher education

This paper explores the current views and experiences of university students toward issues of race and racism in England. A decade into the UK’s Equality Act (2010), we have witnessed a proliferation of support for minority rights and movements, especially from the younger generation, often praised as progressive and liberal. Yet, in UK higher education, there are growing evidence and concerns of racial and ethnic inequalities in the experiences and outcomes of minority ethnic students. Drawing on in-depth interviews with 42 undergraduates in Science, Technology, Engineering and Mathematics (STEM) degrees, we explore the nuances in racial perspectives as we highlight three contemporary student discourses of racism: the naïve, the bystander and the victim. Implications for policy and practice are suggested