A Design Methodology for MPEG-21 based Digital Policy Management Systems

C

Exploiting Input Sanitization for Regex Denial of Service

Web services use server-side input sanitization to guard against harmful input. Some web services publish their sanitization logic to make their client interface more usable, e.g., allowing clients to debug invalid requests locally. However, this usability practice poses a security risk. Specifically, services may share the regexes they use to sanitize input strings — and regex-based denial of service (ReDoS) is an emerging threat. Although prominent service outages caused by ReDoS have spurred interest in this topic, we know little about the degree to which live web services are vulnerable to ReDoS. In this paper, we conduct the first black-box study measuring the extent of ReDoS vulnerabilities in live web services. We apply the Consistent Sanitization Assumption: that client-side sanitization logic, including regexes, is consistent with the sanitization logic on the server-side. We identify a service’s regex-based input sanitization in its HTML forms or its API, find vulnerable regexes among these regexes, craft ReDoS probes, and pinpoint vulnerabilities. We analyzed the HTML forms of 1,000 services and the APIs of 475 services. Of these, 355 services publish regexes; 17 services publish unsafe regexes; and 6 services are vulnerable to ReDoS through their APIs (6 domains; 15 subdomains). Both Microsoft and Amazon Web Services patched their web services as a result of our disclosure. Since these vulnerabilities were from API specifications, not HTML forms, we proposed a ReDoS defense for a popular API validation library, and our patch has been merged. To summarize: in client-visible sanitization logic, some web services advertise ReDoS vulnerabilities in plain sight. Our results motivate short-term patches and long-term fundamental solutions

Telepsychology deployment during circuit breaker in Singapore: a comparative evaluation of treatment effectiveness

Background: The advent of the COVID 19 pandemic and the resulting necessity for physical distancing has resulted in massive and rapid changes in service delivery systems throughout the world. Within health care the delivery of psychological treatment has been similarly affected and this has resulted in widespread adoption of telepsychology models of practice. Telepsychology is the provision psychological services using telecommunications technologies. This presentation examines the possible impact of moving to telepsychology services for clients at a university Psychology Clinic during the Circuit Breaker period in Singapore. Clients who completed treatment at the Psychology Clinic before and after Circuir breaker were compared on three aspects of treatment effectiveness

The Role of Chain-of-Thought in Complex Vision-Language Reasoning Task

The study explores the effectiveness of the Chain-of-Thought approach, known for its proficiency in language tasks by breaking them down into sub-tasks and intermediate steps, in improving vision-language tasks that demand sophisticated perception and reasoning. We present the "Description then Decision" strategy, which is inspired by how humans process signals. This strategy significantly improves probing task performance by 50%, establishing the groundwork for future research on reasoning paradigms in complex vision-language tasks

Numerical studies of the fractional quantum Hall effect in systems with tunable interactions

The discovery of the fractional quantum Hall effect in GaAs-based semiconductor devices has lead to new advances in condensed matter physics, in particular the possibility for exotic, topological phases of matter that possess fractional, and even non-Abelian, statistics of quasiparticles. One of the main limitations of the experimental systems based on GaAs has been the lack of tunability of the effective interactions between two-dimensional electrons, which made it difficult to stabilize some of the more fragile states, or induce phase transitions in a controlled manner. Here we review the recent studies that have explored the effects of tunability of the interactions offered by alternative two-dimensional systems, characterized by non-trivial Berry phases and including graphene, bilayer graphene and topological insulators. The tunability in these systems is achieved via external fields that change the mass gap, or by screening via dielectric plate in the vicinity of the device. Our study points to a number of different ways to manipulate the effective interactions, and engineer phase transitions between quantum Hall liquids and compressible states in a controlled manner.Comment: 9 pages, 4 figures, updated references; review for the CCP2011 conference, to appear in "Journal of Physics: Conference Series

Quantum Hall Effects in Graphene-Based Two-Dimensional Electron Systems

In this article we review the quantum Hall physics of graphene based two-dimensional electron systems, with a special focus on recent experimental and theoretical developments. We explain why graphene and bilayer graphene can be viewed respectively as J=1 and J=2 chiral two-dimensional electron gases (C2DEGs), and why this property frames their quantum Hall physics. The current status of experimental and theoretical work on the role of electron-electron interactions is reviewed at length with an emphasis on unresolved issues in the field, including assessing the role of disorder in current experimental results. Special attention is given to the interesting low magnetic field limit and to the relationship between quantum Hall effects and the spontaneous anomalous Hall effects that might occur in bilayer graphene systems in the absence of a magnetic field

Systematic Three-Dimensional Coculture Rapidly Recapitulates Interactions between Human Neurons and Astrocytes

© 2017 The Authors Human astrocytes network with neurons in dynamic ways that are still poorly defined. Our ability to model this relationship is hampered by the lack of relevant and convenient tools to recapitulate this complex interaction. To address this barrier, we have devised efficient coculture systems utilizing 3D organoid-like spheres, termed asteroids, containing pre-differentiated human pluripotent stem cell (hPSC)-derived astrocytes (hAstros) combined with neurons generated from hPSC-derived neural stem cells (hNeurons) or directly induced via Neurogenin 2 overexpression (iNeurons). Our systematic methods rapidly produce structurally complex hAstros and synapses in high-density coculture with iNeurons in precise numbers, allowing for improved studies of neural circuit function, disease modeling, and drug screening. We conclude that these bioengineered neural circuit model systems are reliable and scalable tools to accurately study aspects of human astrocyte-neuron functional properties while being easily accessible for cell-type-specific manipulations and observations. In this article, Krencik and colleagues show that high-density cocultures of pre-differentiated human astrocytes with induced neurons, from pluripotent stem cells, elicit mature characteristics by 3–5 weeks. This provides a faster and more defined alternative method to organoid cultures for investigating human neural circuit function.This work has been supported by the Paul G. Allen Family Foundation Award, SFARI Award 345471, NIMH ( R01MH099595-01 ), That Man May See, NIH-NEI ( EY002162 ) Core Grant for Vision Research, and the Research to Prevent Blindness Unrestricted Grant