293 research outputs found

    On the design of forgiving biometric security systems

    Get PDF
    This work aims to highlight the fundamental issue surrounding biometric security systems: it's all very nice until a biometric is forged, but what do we do after that? Granted, biometric systems are by physical nature supposedly much harder to forge than other factors of authentication since biometrics on a human body are by right unique to the particular human person. Yet it is also due to this physical nature that makes it much more catastrophic when a forgery does occur, because it implies that this uniqueness has been forged as well, threatening the human individuality; and since crime has by convention relied on identifying suspects by biometric characteristics, loss of this biometric uniqueness has devastating consequences on the freedom and basic human rights of the victimized individual. This uniqueness forgery implication also raises the motivation on the adversary to forge since a successful forgery leads to much more impersonation situations when biometric systems are used i.e. physical presence at crime scenes, identi cation and access to security systems and premises, access to nancial accounts and hence the ability to use the victim's nances. Depending on the gains, a desperate highly motivated adversary may even resort to directly obtaining the victim's biometric parts by force e.g. severing the parts from the victim's body; this poses a risk and threat not just to the individual's uniqueness claim but also to personal safety and well being. One may then wonder if it is worth putting one's assets, property and safety into the hands of biometrics based systems when the consequences of biometric forgery far outweigh the consequences of system compromises when no biometrics are used

    A solid-phase extraction method for rapidly determining the adsorption coefficient of pharmaceuticals in sewage sludge

    Get PDF
    AbstractThe partitioning of pharmaceuticals in the environment can be assessed by measuring their adsorption coefficients (Kd) between aqueous and solid phases. Measuring this coefficient in sewage sludge gives an indication of their partitioning behaviour in a wastewater treatment plant and hence contributes to an understanding of their subsequent fate. The regulatory approved method for measuring Kd in sewage sludge is the US Environmental Protection Agency's Office of Prevention, Pesticides and Toxic Substances (OPPTS) guideline 835.1110, which is labour intensive and time consuming. We describe an alternative method for measuring the Kd of pharmaceuticals in sewage sludge using a modified solid-phase extraction (SPE) technique. SPE cartridges were packed at different sludge/PTFE ratios (0.4, 6.0, 24.0 and 40.0% w/w sludge) and eluted with phosphate buffer at pH 7.4. The approach was tested initially using three pharmaceuticals (clofibric acid, diclofenac and oxytetracycline) that covered a range of Kd values. Subsequently, the sorption behaviour of ten further pharmaceuticals with varying physico-chemical properties was evaluated. Results from the SPE method were comparable to those of the OPPTS test, with a correlation coefficient of 0.93 between the two approaches. SPE cartridges packed with sludge and PTFE were stable for up to one year; use within one month reduced variability in measurements (to a maximum of 0.6 log units). The SPE method is low-cost, easy to use and enables the rapid measurement of Kd values for a large number of chemicals. It can be used as an alternative to the more laborious full OPPTS test in environmental fate studies and risk assessments

    Augmented attack tree modeling of SQL injection attacks

    Get PDF
    The SQL injection attacks (SQLIAs) vulnerability is extremely widespread and poses a serious security threat to web applications with built-in access to databases. The SQLIA adversary intelligently exploits the SQL statement parsing operation by web servers via specially constructed SQL statements that subtly lead to non-explicit executions or modifications of corresponding database tables. In this paper, we present a formal and methodical way of modeling SQLIAs by way of augmented attack trees. This modeling explicitly captures the particular subtle incidents triggered by SQLIA adversaries and corresponding state transitions. To the best of our knowledge, this is the first known attack tree modelling of SQL injection attacks

    Targeting Cislunar Near Rectilinear Halo Orbits for Human Space Exploration

    Get PDF
    Part of the challenge of charting a human exploration space architecture is finding locations to stage missions to multiple destinations. To that end, a specific subset of Earth-Moon halo orbits, known as Near Rectilinear Halo Orbits (NRHOs) are evaluated. In this paper, a systematic process for generating full ephemeris based ballistic NRHOs is outlined, different size NRHOs are examined for their favorability to avoid eclipses, the performance requirements for missions to and from NRHOs are calculated, and disposal options are evaluated. Combined, these studies confirm the feasibility of cislunar NRHOs to enable human exploration in the cislunar proving ground

    Izlučivanje razumljivih logičkih pravila iz neuronskih mreža. Primjena TREPAN algoritma u bioinformatici i kemoinformatici

    Get PDF
    TREPAN is an algorithm for the extraction of comprehensible rules from trained neural networks. The method has been applied successfully to biological sequence (bioinformatics) problems. It has now been extended to handle chemoinformatics (QSAR) datasets. The method has been shown to have advantages over traditional symbolic rule induction methods such as C5. Results obtained for bioinformatics and chemoinformatics problems using the TREPAN algorithm are presented.TREPAN je algoritam za izlučivanje razumljivih pravila iz neuronskih mreža nakon provedenoga postupka učenja. Metoda je uspješno primjenjivana na probleme u bioinformatici, za analizu bioloških sekvencija. Primjena TREPAN metode sada se proširuje i na analizu skupova podataka u kemoinformatici (QSAR). Pokazano je da metoda ima prednosti u odnosu na uobičajene postupke koji se rabe za indukciju simboličkih pravila poput metode C5. Prikazani su rezultati koji su dobiveni u analizi bioinformatičkih i kemoinformatičkih problema s pomo}u algoritma TREPAN

    A study of elective genome sequencing and pharmacogenetic testing in an unselected population

    Get PDF
    BACKGROUND: Genome sequencing (GS) of individuals without a medical indication, known as elective GS, is now available at a number of centers around the United States. Here we report the results of elective GS and pharmacogenetic panel testing in 52 individuals at a private genomics clinic in Alabama. METHODS: Individuals seeking elective genomic testing and pharmacogenetic testing were recruited through a private genomics clinic in Huntsville, AL. Individuals underwent clinical genome sequencing with a separate pharmacogenetic testing panel. RESULTS: Six participants (11.5%) had pathogenic or likely pathogenic variants that may explain one or more aspects of their medical history. Ten participants (19%) had variants that altered the risk of disease in the future, including two individuals with clonal hematopoiesis of indeterminate potential. Forty-four participants (85%) were carriers of a recessive or X-linked disorder. All individuals with pharmacogenetic testing had variants that affected current and/or future medications. CONCLUSION: Our study highlights the importance of collecting detailed phenotype information to interpret results in elective GS

    Augmented attack tree modeling of SQL injection attacks

    Get PDF
    The SQL injection attacks (SQLIAs) vulnerability is extremely widespread and poses a serious security threat to web applications with built-in access to databases. The SQLIA adversary intelligently exploits the SQL statement parsing operation by web servers via specially constructed SQL statements that subtly lead to non-explicit executions or modifications of corresponding database tables. In this paper, we present a formal and methodical way of modeling SQLIAs by way of augmented attack trees. This modeling explicitly captures the particular subtle incidents triggered by SQLIA adversaries and corresponding state transitions. To the best of our knowledge, this is the first known attack tree modelling of SQL injection attacks
    corecore