Occupational screening

Medical screening of workers is one of the tools often used to assess suitability for work and to attempt to reduce worker ill-health. This article outlines the objectives of the screening process and the basic criteria to be followed in developing a quality programme. It describes the different types of medical examination used in this setting. Screening programmes should be related to hazards specific to the work place as well as to the physical and mental requirements of the job. The guiding principle in the prevention of occupational disease should always be the control of hazardous exposure to prevent harmful effects occurring rather than early detection of harmful effects after they have occurred. The importance of being aware of and abiding by these principles is particularly applicable in the local context.peer-reviewe

Managers’ attitudes to illicit drug testing in the workplace

The aim of this study was to collect data regarding managers’ views on the need to introduce drug testing at work and on the employment prospects of illicit drug users by means of a self administered questionnaire. A slight majority of managers (258, 56.5%) favoured the introduction of pre-employment drug testing with a smaller proportion (219, 47.9%) in favour of testing during employment. Practically none of the respondents (1.1%) was willing to employ a current illicit drug user and less than half (41.6%) were willing to employ a person with a past history of drug use. An increased willingness was noted among managers of younger age groups and in larger companies to employ past drug users. These results indicate that there is the possibility that work place drug testing may be used as a tool to discriminate against workers suffering from drug abuse rather than to offer opportunities for rehabilitation of the individual. The findings highlight the urgent need for the establishment of guidelines to be followed during drug testing in Malta by the appropriate statutory authority, since suitable legislation is absent.peer-reviewe

Novel attack resilience by fusing events related to objectives

Research in intrusion detection systems (IDS) is mainly restricted to the misuse and anomaly detection dichotomy, and therefore to their limitations. Web attack detectors are a case in point, where ones that perform misuse detection are prone to miss novel attacks, whilst those performing anomaly detection produce impractical amounts of daily false alerts. Detectors inspired from the workings of the human immune system (HIS) have proposed new effective detection approaches, however without tackling the issue of novel attack resilience separately from anomaly detection.peer-reviewe

Cloud and mobile security assurance : a memory forensics approach

Cloud computing nowadays constitutes a substantial portion of new enterprise IT spending. Whether signing up for applications deployed as a service, or outsourcing hosting concerns to third parties, cloud computing is taking us back to the days of the data center. Virtualization is a key enabler technology that enables consolidation of hardware utilization and provides the notion of elastic computing whereby hardware resources are allocated on demand. Mobile devices represent a natural fit to this change in the technology landscape, be it a means to compensate for their limited storage or a way to fully justify investment in cloud computing, thereby fueling the bring-your-own-device (BYOD) concept.peer-reviewe

Orthogeriatrics in Malta : a 3 year experience

The orthogeriatric service in Malta started in 2012 and expanded in 2014. From admission, the patient is offered a ward based hip fracture programme that includes orthogeriatric assessment, management and co-ordinated multidisciplinary review. 457 patients were seen by the orthogeriatric service when this study was done. Mean age was 83 and 69% of patients were female. The Nottingham Hip Fracture Score (NHFS) is a scoring system that reliably predicts 30-day and 1-year mortality for patients after hip fracture. It is made up of seven independent predictors of postoperative mortality that have been incorporated into a risk score. The score ranges from 0-10 and the mean score for this cohort was 5.1. There was a statistically significant correlation between age and high NHFS scores. 30 day mortality was 5.9% and 1 year mortality was 24.4%. Compared with the Nottingham data both 30 day and 1 year mortality were less for the orthogeriatric department in Malta. The orthogeriatric service in Malta achieved better results when comparing mortality with the UK. In the future expansion of data collected should be considered to better evaluate standards of care in the department.peer-reviewe

Challenges faced when forcing malware execution down hidden paths

Dynamic Malware Analysis involves the observation of a malware sample at runtime, usually inside a sandbox, whereby probes are used to detect different actions performed by the malware in order to categorize its behaviour. However, Dynamic Analysis is limited in that it can only observe a single run of the malware at a time, and there is no way of telling whether the run demonstrated the complete set of behaviours contained in the malware. Exploitation of this drawback is on the increase by malware authors as the presence of hidden and trigger-based behaviours has become more widespread.peer-reviewe

Presentation and management of diabetic ketoacidosis in adults in Malta

Aim: The aim of this audit was to assess adherence to local guideline in the management of Diabetic Ketoacidosis (DKA). Method: Patients admitted with DKA between April 2013 and March 2015 were identified and data was retrospectively collected from patients’ confidential files and Isoft®. Data collected included initial parameters recorded and biochemical investigations taken (initial and subsequent assessment of pH, HCO3-, blood glucose, potassium levels and urinary ketones), insulin regime started and intravenous fluid administered. Results: During the established time period 40 cases of DKA were identified in 18 patients. Median age was 33 years with a female preponderance of 60%. Six patients had newly diagnosed diabetes mellitus while 8 patients had more than one admission of DKA. All cases had capillary blood glucose monitoring (BGM) and/or venous random blood (plasma) glucose (RBG) checked and pH and HCO3- recorded on admission. 0.9% sodium chloride was the intravenous fluid started in all cases (as recommended by the guideline) and a median of 6.75L was prescribed during the first 24 hours. The median time spent on intravenous insulin infusion was 42.7 hours while the median time to pH >7.30, HCO3- >15mmol/L and negligible urinary ketones were 6.88, 12.83 and 34.5 hours respectively. Subcutaneous insulin was started at a median time of 48.21 hours from initiation of DKA protocol. Conclusion: This audit showed good adherence to local guideline. The great discrepancy between the time to pH >7.3 and the time to negligible urinary ketones highlights the need to introduce tools to measure systemic ketone production in the management of DKA with an update in the current local clinical practice guideline.peer-reviewe

Detecting web server take-over attacks through objective verification actions

Attacks targeting web servers pose a major security threat. Typically prone to a mix of infrastructure and application-level security vulnerabilities, they serve as the lowest hanging fruit for intruders wanting to gain unauthorized access to the entire host network. This is specifically the case for ‘server take- over’ attacks, whose immediate objective is to gain unauthorized remote access to the host server, for example through shell-spawning, backdooring or botnet joining.peer-reviewe

Using dynamic binary analysis for tracking pointer data

The examination and monitoring of binaries during runtime, referred to as dynamic binary analysis, is a widely adopted approach, especially in the field of security and software vulnerabilities. Fundamentally, it provides one with a means to understand and reason about binary executions. There are various applications of dynamic binary analysis, including vulnerability analysis, malware analysis, and Web security. One technique typically employed to perform dynamic analysis is taint analysis, which revolves around inspecting interesting information flows [3]. In this approach, taint marks are associated with values that are (1) introduced via defined sources and (2) propagated to other values to keep track of information flow. Marks may also be removed (untainted) once a defined sink has been reached. In addition, taint checking is also carried out in order to determine whether or not certain runtime behaviours of the program occur. The properties describing how taint analysis is performed, i.e taint introduction, propagation and checking, are specified by a set of rules referred to as a taint policy. One convenient way to define taint rules is in the form of operational semantics rules, as it avoids ambiguity issues. Rule 1 specifies the general form of a taint rule used in this paper. Given the current machine context of the program 4 and a statement, the rule specifies the end result, after the computation has been carried out.peer-reviewe

An enterprise integration project management framework

This paper is actually an adapted M.Sc. proposal. Work on this degree has only just start so there are no results to be presented. However, during the CSAW presentation further details will be given about research problems and how they will be solved.peer-reviewe