Social inequality in motorcycle helmet use: when a reduction in inequality is not necessarily good news

Background: We sought to examine changes in the magnitude of social inequality in motorcycle helmet use in Taiwan between 2001 and 2009. Methods: Using data from the 2001 and 2009 Taiwan National Health Interview Surveys, we calculated absolute (the slope index of inequality, SII) and relative (relative index of inequality, RII) measures of inequality in helmet use by three indicators of socioeconomic position. Results: The rate of motorcycle helmet use was 92% (14 801/16 100) in 2001 and decreased to 89% (15 748/17 948) in 2009. We noted a significant decrease in social inequality in helmet use in RII according to urbanisation level, a significant decrease in SII and RII according to income level, and a significant increase in SII according to education level. The reduction in RII according to urbanisation level was more prominent than that based on income level, from 1.73 (95% CI 1.63 to 1.84) in 2001 to 1.33 (95% CI 1.27 to 1.39) in 2009. The decline in helmet use was most prominent for motorcycle users who live in suburban areas, from 94% in 2001 to 88% in 2009. Conclusions: The significant reduction of social inequality in helmet use according to urbanisation level and income is not a public health success story. Rather, it is a warning sign of slackening law enforcement in Taiwan

Bacteremic pneumonia caused by Nocardia veterana in an HIV-infected patient

SummaryDisseminated Nocardia veterana infection has rarely been reported. We describe the first reported case of N. veterana bacteremic pneumonia in an HIV-infected patient. The isolate was confirmed by 16S rRNA sequencing analysis. The patient initially responded well to trimethoprim–sulfamethoxazole treatment (minimum inhibitory concentration 0.25μg/ml), but died of ventilator-associated pneumonia

Secure Adaptive Topology Control for Wireless Ad-Hoc Sensor Networks

This paper presents a secure decentralized clustering algorithm for wireless ad-hoc sensor networks. The algorithm operates without a centralized controller, operates asynchronously, and does not require that the location of the sensors be known a priori. Based on the cluster-based topology, secure hierarchical communication protocols and dynamic quarantine strategies are introduced to defend against spam attacks, since this type of attacks can exhaust the energy of sensor nodes and will shorten the lifetime of a sensor network drastically. By adjusting the threshold of infected percentage of the cluster coverage, our scheme can dynamically coordinate the proportion of the quarantine region and adaptively achieve the cluster control and the neighborhood control of attacks. Simulation results show that the proposed approach is feasible and cost effective for wireless sensor networks

Whether to report diabetes as the underlying cause-of-death? a survey of internists of different sub-specialties

<p>Abstract</p> <p>Background</p> <p>Cause-specific mortality is a commonly used endpoint of clinical trials or prospective studies. However, it is sometimes difficult for physician to determine the underlying-cause-of-death (UCD), especially for diabetic patients coexisted with cardiovascular diseases (CVD). The aim of this survey was to examine whether internists with different specialties have different opinions on the reporting of diabetes as the UCD.</p> <p>Methods</p> <p>A total of 549 physicians completed the questionnaire in Taiwan, which comprised seven hypothetical case scenarios, each indicating a different level of contribution of diabetes in initiating the chain of events leading to death.</p> <p>Results</p> <p>As a whole, endocrinologists were more likely than cardiologists and nephrologists to report diabetes as the UCD. The differences were more prominent when the diabetic patient had a coexisting CVD. In scenario 3 (a diabetic patient with hypertension who died from acute myocardial infarction), the percentage was 56% in endocrinologists, which was significantly higher than in cardiologists (42%) and nephrologists (41%). In scenario 4 (a diabetic patient with hypertension who died from cerebrovascular infarction), the percentage was 45% in endocrinologists, and only 31% in cardiologists and 36% in nephrologists.</p> <p>Conclusions</p> <p>Internists of different sub-specialties do have different opinions on the reporting of diabetes as the UCD, especially when the diabetic patient has a coexisting CVD.</p

A Secure and Energy-Efficient Scheme for Wireless Sensor Networks

Security and energy efficiency are important concerns in wireless sensor network (WSN) design. To save the power and extend the lifetime of WSNs, various media access control (MAC) protocols are proposed. The well-known security mechanisms usually awake the sensor nodes before these nodes are allowed to execute the security processes. However, the Denial-of-Sleep attacks can exhaust the energy of sensor nodes and shorten the lifetime of WSNs rapidly. Therefore, the existing designs of MAC protocol are insufficient to protect the WSNs from Denial-of-Sleep attack in MAC layer. Most conventional security solutions cannot be directly applied in the WSNs due to the limited power supply. The practical design is to simplify the authenticating process in order to enhance the performance of the MAC protocol in countering the power exhausting attacks. This thesis proposes a cross-layer design of secure scheme integrating the MAC protocol. The analyses show that the proposed scheme can counter the replay attack and forge attack in an energy-efficient way. The detailed analysis of energy distribution shows a reasonable decision rule of coordination between energy conservation and security requirements for WSNs.由於電力供應與運算能力的極端限制因素，省電節能與安全性是無線感測網路 (wireless sensor network, WSN) 應用設計上的重要考量因素；現有許多研究，已經針對電力消耗問題，運用「休眠」模式，提出各種不同的媒體存取控制 (media access control, MAC) 通訊協定設計，以求大幅降低無線感測器 (wireless sensor node) 的高負載作業時間，希望能夠有效達到節省電力消耗的目標，進而延長無線感測網路的有效工作時間。然而這些「休眠」模式設計卻難以抵擋「阻絕休眠」 (Denial-of-Sleep) 攻擊；此一攻擊採取「電力耗竭」(power exhausting) 方式，可以迫使無線感測網路之感測器快速消耗電力，並大幅縮短整體網路的有效工作時間；當設計者企圖應用傳統的安全機制進行防禦時，卻因為必須先喚醒線感測器才能執行安全運算，且多數傳統安全演算法運算太複雜，反而造成更大的電力消耗，因此傳統的安全機制並不適合直接套用在無線感測網路應用設計上。 本論文針對無線感測網路嚴格的電力供應與運算能力限制，整合不同網路層級，設計一套簡易且快速的有效安全機制，除了可以防禦「阻絕休眠」 (Denial-of-Sleep) 攻擊，也可以抵擋「重送」及「造假」攻擊，達到無線感測網路應用設計所需要的安全性需求；並且進一步從電力消耗的細部資料分析中，找出可行性的設計參考，協助無線感測網路應用的設計者在省電節能與安全性需求之間取得平衡。誌謝 ... i 摘要 ... ii Abstract ... iii Table of Contents ... iv List of Figures ... vii List of Tables ... x Chapter 1 Introduction ... 1 1.1 Sensor Network Design and Challenge ... 1 1.2 Security Dilemma of WSN Layer-2 Protocol Design ... 3 1.3 Contribution ... 4 Chapter 2 Background and Literature Review ... 7 2.1 Wireless Sensor Networks and Applications ... 7 2.2 Wireless Sensor Networks Protocol Stack ... 9 2.3 Duty-Cycle Based MAC Protocols ... 11 2.3.1 Taxonomy of Duty-Cycle Based MAC Protocols ... 12 2.3.2 Synchronous Schemes ... 14 2.3.3 Asynchronous Schemes ... 15 2.3.4 Preamble Sampling Technique ... 15 2.3.5 B-MAC Protocol ... 16 2.3.6 X-MAC Protocol ... 17 2.3.7 Low Power Probing and RI-MAC Protocol ... 19 2.4 Security of WSNs ... 20 2.4.1 Security Requirements of WSNs ... 20 2.4.2 Denial-of-Sleep Attack ... 21 2.4.3 Energy Analysis of Security Algorithms ... 25 2.4.4 Light-Weight Security Schemes for WSNs ... 28 Chapter 3 Proposed Scheme ... 30 3.1 The Secure Topology Formation Stage ... 30 3.1.1 Phase I: Anti-node Detection ... 31 3.1.2 Phase II: Cluster Formation ... 32 3.1.2.1 Cluster-head Selection ... 32 3.1.2.2 Gateway Selection ... 33 3.1.3 Phase III: Key Distribution ... 33 3.1.4 Phase IV: Key Renewal ... 34 3.2 Design Principles of TE2S ... 34 3.2.1 Tier-1: Session Key Agreement ... 36 3.2.1.1 Sender-Initiated Scheme ... 37 3.2.1.2 Receiver-Initiated Scheme ... 38 3.2.2 Tier-2: Data Transmission ... 40 Chapter 4 Security and Energy Analysis ... 42 4.1 Security Analysis ... 42 4.1.1 Mutual Authentication ... 42 4.1.2 Secure Token Replay Attack ... 42 4.1.3 Forge Attack ... 43 4.1.3.1 Fake Preamble/Beacon ACK Attack ... 43 4,1.3.2 'Garbage' Data Attack ... 43 4.1.4 Jamming Attack ... 44 4.2 Energy Analysis ... 44 4.2.1 Period of Sleep ... 48 4.2.2 Preamble Computing Step ... 48 4.2.3 Preamble Transmitting Step ... 48 4.2.4 Computing and Listening Steps ... 49 4.2.5 Sending and Receiving Steps ... 50 Chapter 5 Simulation and Results ... 51 5.1 Simulation Model ... 51 5.2 Overall Results ... 57 5.2.1 Energy Consumption ... 58 5.2.2 Packet and Throughput Performance ... 61 5.3 Normal Condition, No Attacks ... 67 5.4 Anti-node Attack Conditions ... 70 5.4.1 Jamming Attack ... 70 5.4.2 General Attacks ... 73 5.5 Distributions of Energy Consumption ... 76 Chapter 6 Conclusion ... 81 References ... 83 Publication List ... 8

A Secure Authentication Policy with Non-Repudiation Signature Scheme for Mobile Networks

本論文針對行動網路安全認證策略Dynamic Session Key Policy (DSKP) 作局部的改良，並加入一個之不可否認簽章機制。從Wi-Fi到Wi-Max的演進，無線網路WLAN可望成為未來行動網路的主流趨勢，在現有的無線網路標準中，其安全機制的主要問題，在於通訊雙方的密鑰傳輸與相互之間身份認證，DSKP應用一次性密碼原理來保護使用者的認證過程；在實務應用上，網路的安全性日益重要，對於網路連線的記帳、監測查核、記錄、追踨等功能也越來越重視，這些功能都需要藉助具有不可否認性的資料記録作為佐證，才能執行例如計費或非法連線追蹤等工作，但是使用密碼保護方式在先天上難以提供資料的不可否認性；針對這項不足，我們提出一種混合運用雜湊函數與傳統簽章技術的方法，並且藉助於簽章伺服器的運算能力，來提供不可否認性的機制，以達到傳統簽章技術的安全性而不增加行動用戶端的運算負擔。In this thesis, we propose a refined Dynamic Session Key Policy (DSKP) with non-repudiation signature scheme for mobile networks. From Wi-Fi to Wi-Max, the WLAN is a trend of mobile network in the near future. The main problems in the wireless network security standards are key distribution and mutual authentication between mobile station (MS) and access point (AP). Based on the one-time password system, the DSKP is proposed to protect users during an authentication process. To overall security of the network, the functions of accounting, auditing, logging, and tracking of connections to a network system are becoming increasingly important. In practice, the non-repudiation property is a very important evidence for accounting system or tracking to illegal connections. But theoretically the password-based system does not provide the non-repudiation property for connection evidence. The proposed non-repudiation signature scheme under the DSKP is a mixed method that uses one-way hash function and traditional digital signature technique. In mobile user environment, the computational cost is an important issue. The proposed DSKP with non-repudiation signature scheme involves a semi-trusted signature server achieving the same security services as those by a traditional digital signature scheme and lightening the computing load for mobile devices.Contents 1.Introduction 1 1.1 Occasion 1 1.2 The current wireless network security 2 1.3 Contributions 3 1.4 Organization of this thesis 4 2.Wireless LAN Security 5 2.1 IEEE 802.11 5 2.1.1 WEP 5 2.1.2 Shared key authentication 8 2.1.3 Key reuse 8 2.1.4 Linear checksum 9 2.1.5 Drawbacks of the shared key authentication 10 2.2 IEEE 802.1X 11 2.2.1 Port access control 12 2.2.2 The drawbacks of the 802.1X 14 2.3 IEEE 802.11i 14 2.3.1 Temporary Key Integrity Protocol (TKIP) 16 2.3.2 Counter mode with CBC-MAC Protocol (CCMP) 16 2.3.3 Security issues of 802.11i 17 2.3.3.1 Availability 17 2.3.3.2 Security Level Rollback Attack 17 3.Related Work 19 3.1 Secure authentication policy for wireless LAN 19 3.1.1 Dynamic Session Key Policy (DSKP) 19 3.1.2. Initialization phase of the DSKP 19 3.1.3. Transmission phase of the DSKP 21 3.1.4. Re-authentication phase of the DSKP 23 3.1.5 Security analysis 24 3.1.5.1 Cipher-suite negotiation 24 3.1.5.2 Initial vector 25 3.1.5.3 Key reuse 25 3.1.5.4 Dynamic re-key 26 3.1.5.5 ID confidentiality 26 3.1.5.6 Data confidentiality 27 3.1.5.7 Session hijack attack 27 3.1.5.8 Replay attack 27 3.1.5.9 Data integrity 28 3.1.5.10 Entity authentication 28 3.1.5.11 Re-authentication 28 3.2 Non-repudiation 29 3.2.1 Classes of non-repudiation services 30 3.2.2 Techniques of non-repudiation 30 3.2.2.1 Non-repudiation mechanisms using symmetric techniques 30 3.2.2.2 Non-repudiation mechanisms using asymmetric techniques 31 3.2.2.3 Comparison of non-repudiation mechanisms 31 3.3 Digital signature 31 3.4 Joint-signature 32 4.Dynamic Session Key Policy with Joint-Signature 36 4.1 Initialization phase 36 4.2 Transmission phase 41 4.3 Re-authentication phase 42 4.4 Security analysis 46 4.5 Dispute resolution 48 4.6 Performance analysis 48 4.6.1 Computation load 48 4.6.2 Communication load 49 5.Conclusions and Future Works 50 5.1 Conclusions 50 5.2 Some other issues 50 5.3 Future works 51 6.References 52 7.Notations 54 8.Glossaries 5