Distributed Key Management for Secure Role Based Messaging

Secure Role Based Messaging (SRBM) augments messaging systems with role oriented communication in a secure manner. Role occupants can sign and decrypt messages on behalf of roles. This paper identifies the requirements of SRBM and recognises the need for: distributed key shares, fast membership revocation, mandatory security controls and detection of identity spoofing. A shared RSA scheme is constructed. RSA keys are shared and distributed to role occupants and role gate keepers. Role occupants and role gate keepers must cooperate together to use the key shares to sign and decrypt the messages. Role occupant signatures can be verified by an audit service. A SRBM system architecture is developed to show the security related performance of the proposed scheme, which also demonstrates the implementation of fast membership revocation, mandatory security control and prevention of spoofing. It is shown that the proposed scheme has successfully coupled distributed security with mandatory security controls to realize secure role based messaging

Deployment Models: Towards Eliminating Security Concerns From Cloud Computing

Cloud computing has become a popular choice as an alternative to investing new IT systems. When making decisions on adopting cloud computing related solutions, security has always been a major concern. This article summarizes security concerns in cloud computing and proposes five service deployment models to ease these concerns. The proposed models provide different security related features to address different requirements and scenarios and can serve as reference models for deployment

Reference deployment models for eliminating user concerns on cloud security

Cloud computing has become a hot topic both in research and in industry, and when making decisions on deploying/adopting cloud computing related solutions, security has always been a major concern. This article summarizes security related issues in cloud computing and proposes five service deployment models to address these issues. The proposed models provide different security related features to address different requirements and scenarios and can serve as reference models for deployment

KD_ConvNeXt: knowledge distillation-based image classification of lung tumor surgical specimen sections

Introduction: Lung cancer is currently among the most prevalent and lethal cancers in the world in terms of incidence and fatality rates. In clinical practice, identifying the specific subtypes of lung cancer is essential in diagnosing and treating lung lesions.Methods: This paper aims to collect histopathological section images of lung tumor surgical specimens to construct a clinical dataset for researching and addressing the classification problem of specific subtypes of lung tumors. Our method proposes a teacher-student network architecture based on a knowledge distillation mechanism for the specific subtype classification of lung tumor histopathological section images to assist clinical applications, namely KD_ConvNeXt. The proposed approach enables the student network (ConvNeXt) to extract knowledge from the intermediate feature layers of the teacher network (Swin Transformer), improving the feature extraction and fitting capabilities of ConvNeXt. Meanwhile, Swin Transformer provides soft labels containing information about the distribution of images in various categories, making the model focused more on the information carried by types with smaller sample sizes while training.Results: This work has designed many experiments on a clinical lung tumor image dataset, and the KD_ConvNeXt achieved a superior classification accuracy of 85.64% and an F1-score of 0.7717 compared with other advanced image classification method

Triple-L: Improving CPS Disk I/O Performance in a Virtualized NAS Environment

Network-attached storage (NAS) provides cyberphysical systems (CPS) with the scalable, efficient, and reliable backing storage, such as the mobile virtual desktop based on cloud infrastructure. Within this storage architecture, virtual machine (VM) instances running in the NAS client usually receive data from the complex physical world and then persist them in the neat cyberspace in the NAS server. In this paper, we propose Triple-L to improve VM disk I/O performance in the NAS architecture. According to the specific storage semantic, Triple-L decouples the VM image file into several subfiles at the host layer and then selectively moves them into the NAS clients. In such a way, a VM disk I/O request may be proceeded locally in the NAS client, instead of walking the external networking path repetitively between NAS server and client. We have implemented Triple-L in a Xen-based NAS system. An accessory solution for dealing with storage failure and VM live migration on Triple-L is also discussed and evaluated. The experimental result shows that our work can effectively improve the disk I/O performance of VMs. Meanwhile, it brings moderate overhead for VM live migration

Nucleosomes in gene regulation: theoretical approaches

This work reviews current theoretical approaches of biophysics and bioinformatics for the description of nucleosome arrangements in chromatin and transcription factor binding to nucleosomal organized DNA. The role of nucleosomes in gene regulation is discussed from molecular-mechanistic and biological point of view. In addition to classical problems of this field, actual questions of epigenetic regulation are discussed. The authors selected for discussion what seem to be the most interesting concepts and hypotheses. Mathematical approaches are described in a simplified language to attract attention to the most important directions of this field

On the Modeling of Bell-LaPadula Security Policies using RBAC

The Bell-LaPadula security model is a hybrid model that combines mandatory access controls and discretionary access controls. The Bell-LaPadula security model has been widely accepted in military environments for its capability to specify military style confidentiality policies. The role based access control (RBAC) model has attracted extensive research effort and has been acknowledged as a flexible and policy natural model. This paper investigates a way of modeling Bell-LaPadula security policies using the RBAC model. The capability of modeling Bell-LaPadula security policies using RBAC model means that applications that are implemented using the RBAC model can then be deployed in military environments and will meet their requirements for information confidentiality