132 research outputs found
Analysing the Security of Google's implementation of OpenID Connect
Many millions of users routinely use their Google accounts to log in to
relying party (RP) websites supporting the Google OpenID Connect service.
OpenID Connect, a newly standardised single-sign-on protocol, builds an
identity layer on top of the OAuth 2.0 protocol, which has itself been widely
adopted to support identity management services. It adds identity management
functionality to the OAuth 2.0 system and allows an RP to obtain assurances
regarding the authenticity of an end user. A number of authors have analysed
the security of the OAuth 2.0 protocol, but whether OpenID Connect is secure in
practice remains an open question. We report on a large-scale practical study
of Google's implementation of OpenID Connect, involving forensic examination of
103 RP websites which support its use for sign-in. Our study reveals serious
vulnerabilities of a number of types, all of which allow an attacker to log in
to an RP website as a victim user. Further examination suggests that these
vulnerabilities are caused by a combination of Google's design of its OpenID
Connect service and RP developers making design decisions which sacrifice
security for simplicity of implementation. We also give practical
recommendations for both RPs and OPs to help improve the security of real world
OpenID Connect systems
Sextupole correction magnets for the Large Hadron Collider
About 2500 superconducting sextupole corrector magnets (MCS) are needed for the Large Hadron Collider (LHC) at CERN to compensate persistent current sextupole fields of the main dipoles. The MCS is a cold bore magnet with iron yoke. The coils are made from a NbTi conductor, which is cooled to 1.9 K. In the original CERN design 6 individual sub-coils, made from a monolithic composite conductor, are assembled and spliced together to form the sextupole. The coils are individually wound around precision-machined central islands and stabilized with matching saddle pieces at both ends. The Advanced Magnet Lab, Inc. (AML) has produced an alternative design, which gives improved performance and reliability at reduced manufacturing cost. In the AML design, the magnet consists of three splice-free sub-coils, which are placed with an automated winding process into pockets of prefabricated G-11 support cylinders. Any assembly process of sub-coils with potential misalignment is eliminated. The AML magnet uses a Kapton-wrapped mini-cable, which allows helium penetration into the vicinity of the conductor, increasing its cryogenic stability. Eliminating all internal splices from the magnet significantly reduces heat loads and the risk of magnet failure during operation. A tested prototype reached the critical current limit of the conductor in the first quench. (3 refs)
Shapes, contact angles, and line tensions of droplets on cylinders
Using an interface displacement model we calculate the shapes of
nanometer-size liquid droplets on homogeneous cylindrical surfaces. We
determine effective contact angles and line tensions, the latter defined as
excess free energies per unit length associated with the two contact lines at
the ends of the droplet. The dependences of these quantities on the cylinder
radius and on the volume of the droplets are analyzed.Comment: 26 pages, RevTeX, 10 Figure
Safety and immunogenicity of a chimpanzee adenovirus-vectored Ebola vaccine in healthy adults: a randomised, double-blind, placebo-controlled, dose-finding, phase 1/2a study.
BACKGROUND: The ongoing Ebola outbreak led to accelerated efforts to test vaccine candidates. On the basis of a request by WHO, we aimed to assess the safety and immunogenicity of the monovalent, recombinant, chimpanzee adenovirus type-3 vector-based Ebola Zaire vaccine (ChAd3-EBO-Z).
METHODS: We did this randomised, double-blind, placebo-controlled, dose-finding, phase 1/2a trial at the Centre Hospitalier Universitaire Vaudois, Lausanne, Switzerland. Participants (aged 18-65 years) were randomly assigned (2:2:1), via two computer-generated randomisation lists for individuals potentially deployed in endemic areas and those not deployed, to receive a single intramuscular dose of high-dose vaccine (5 × 10(10) viral particles), low-dose vaccine (2·5 × 10(10) viral particles), or placebo. Deployed participants were allocated to only the vaccine groups. Group allocation was concealed from non-deployed participants, investigators, and outcome assessors. The safety evaluation was not masked for potentially deployed participants, who were therefore not included in the safety analysis for comparison between the vaccine doses and placebo, but were pooled with the non-deployed group to compare immunogenicity. The main objectives were safety and immunogenicity of ChAd3-EBO-Z. We did analysis by intention to treat. This trial is registered with ClinicalTrials.gov, number NCT02289027.
FINDINGS: Between Oct 24, 2014, and June 22, 2015, we randomly assigned 120 participants, of whom 18 (15%) were potentially deployed and 102 (85%) were non-deployed, to receive high-dose vaccine (n=49), low-dose vaccine (n=51), or placebo (n=20). Participants were followed up for 6 months. No vaccine-related serious adverse events were reported. We recorded local adverse events in 30 (75%) of 40 participants in the high-dose group, 33 (79%) of 42 participants in the low-dose group, and five (25%) of 20 participants in the placebo group. Fatigue or malaise was the most common systemic adverse event, reported in 25 (62%) participants in the high-dose group, 25 (60%) participants in the low-dose group, and five (25%) participants in the placebo group, followed by headache, reported in 23 (57%), 25 (60%), and three (15%) participants, respectively. Fever occurred 24 h after injection in 12 (30%) participants in the high-dose group and 11 (26%) participants in the low-dose group versus one (5%) participant in the placebo group. Geometric mean concentrations of IgG antibodies against Ebola glycoprotein peaked on day 28 at 51 μg/mL (95% CI 41·1-63·3) in the high-dose group, 44·9 μg/mL (25·8-56·3) in the low-dose group, and 5·2 μg/mL (3·5-7·6) in the placebo group, with respective response rates of 96% (95% CI 85·7-99·5), 96% (86·5-99·5), and 5% (0·1-24·9). Geometric mean concentrations decreased by day 180 to 25·5 μg/mL (95% CI 20·6-31·5) in the high-dose group, 22·1 μg/mL (19·3-28·6) in the low-dose group, and 3·2 μg/mL (2·4-4·9) in the placebo group. 28 (57%) participants given high-dose vaccine and 31 (61%) participants given low-dose vaccine developed glycoprotein-specific CD4 cell responses, and 33 (67%) and 35 (69%), respectively, developed CD8 responses.
INTERPRETATION: ChAd3-EBO-Z was safe and well tolerated, although mild to moderate systemic adverse events were common. A single dose was immunogenic in almost all vaccine recipients. Antibody responses were still significantly present at 6 months. There was no significant difference between doses for safety and immunogenicity outcomes. This acceptable safety profile provides a reliable basis to proceed with phase 2 and phase 3 efficacy trials in Africa.
FUNDING: Swiss State Secretariat for Education, Research and Innovation (SERI), through the EU Horizon 2020 Research and Innovation Programme
Assessment of resolution and intercenter reproducibility of results of genotyping Staphylococcus aureus by pulsed-field gel electrophoresis of SmaI macrorestriction fragments: a multicenter study
Twenty well-characterized isolates of methicillin-resistant Staphylococcus
aureus were used to study the optimal resolution and interlaboratory
reproducibility of pulsed-field gel electrophoresis (PFGE) of DNA
macrorestriction fragments. Five identical isolates (one PFGE type), 5
isolates that produced related PFGE subtypes, and 10 isolates with unique
PFGE patterns were analyzed blindly in 12 different laboratories by
in-house protocols. In several laboratories a standardized PFGE protocol
with a commercial kit was applied successfully as well. Eight of the
centers correctly identified the genetic homogeneity of the identical
isolates by both the in-house and standard protocols. Four of 12
laboratories failed to produce interpretable data by the standardized
protocol, due to technical problems (primarily plug preparation). With the
five rel
Expenditure Reform in Industrialised Countries: A Case Study Approach
This study examines reforms of public expenditure in industrialised countries over the past two decades. We distinguish ambitious and timid reformers and analyse in detail reform experiences in eight case studies of ambitious reform episodes. We find that ambitious reform countries reduce spending on transfers, subsidies and public consumption while largely sparing education spending. Such expenditure retrenchment is also typically part of a comprehensive reform package that includes improvements in fiscal institutions as well as structural and other macroeconomic reforms. The study finds that ambitious expenditure retrenchment and reform coincides with large improvements in fiscal and economic growth indicators
A monovalent chimpanzee adenovirus Ebola vaccine boosted with MVA
BACKGROUND
The West African outbreak of Ebola virus disease that peaked in 2014 has caused more than 11,000 deaths. The development of an effective Ebola vaccine is a priority for control of a future outbreak.
METHODS
In this phase 1 study, we administered a single dose of the chimpanzee adenovirus 3 (ChAd3) vaccine encoding the surface glycoprotein of Zaire ebolavirus (ZEBOV) to 60 healthy adult volunteers in Oxford, United Kingdom. The vaccine was administered in three dose levels — 1×1010 viral particles, 2.5×1010 viral particles, and 5×1010 viral particles — with 20 participants in each group. We then assessed the effect of adding a booster dose of a modified vaccinia Ankara (MVA) strain, encoding the same Ebola virus glyco- protein, in 30 of the 60 participants and evaluated a reduced prime–boost interval in another 16 participants. We also compared antibody responses to inactivated whole Ebola virus virions and neutralizing antibody activity with those observed in phase 1 studies of a recombinant vesicular stomatitis virus–based vaccine expressing a ZEBOV glycoprotein (rVSV-ZEBOV) to determine relative potency and assess durability.
RESULTS
No safety concerns were identified at any of the dose levels studied. Four weeks after immunization with the ChAd3 vaccine, ZEBOV-specific antibody responses were similar to those induced by rVSV-ZEBOV vaccination, with a geometric mean titer of 752 and 921, respectively. ZEBOV neutralization activity was also similar with the two vaccines (geo- metric mean titer, 14.9 and 22.2, respectively). Boosting with the MVA vector increased virus-specific antibodies by a factor of 12 (geometric mean titer, 9007) and increased glycoprotein-specific CD8+ T cells by a factor of 5. Significant increases in neutralizing antibodies were seen after boosting in all 30 participants (geometric mean titer, 139; P<0.001). Virus-specific antibody responses in participants primed with ChAd3 remained positive 6 months after vaccination (geometric mean titer, 758) but were significantly higher in those who had received the MVA booster (geometric mean titer, 1750; P<0.001).
CONCLUSIONS
The ChAd3 vaccine boosted with MVA elicited B-cell and T-cell immune responses to ZEBOV that were superior to those induced by the ChAd3 vaccine alone. (Funded by the Wellcome Trust and others; ClinicalTrials.gov number, NCT02240875.
On the importance of long-term functional assessment after stroke to improve translation from bench to bedside
Despite extensive research efforts in the field of cerebral ischemia, numerous disappointments came from the translational step. Even if experimental studies showed a large number of promising drugs, most of them failed to be efficient in clinical trials. Based on these reports, factors that play a significant role in causing outcome differences between animal experiments and clinical trials have been identified; and latest works in the field have tried to discard them in order to improve the scope of the results. Nevertheless, efforts must be maintained, especially for long-term functional evaluations. As observed in clinical practice, animals display a large degree of spontaneous recovery after stroke. The neurological impairment, assessed by basic items, typically disappears during the firsts week following stroke in rodents. On the contrary, more demanding sensorimotor and cognitive tasks underline other deficits, which are usually long-lasting. Unfortunately, studies addressing such behavioral impairments are less abundant. Because the characterization of long-term functional recovery is critical for evaluating the efficacy of potential therapeutic agents in experimental strokes, behavioral tests that proved sensitive enough to detect long-term deficits are reported here. And since the ultimate goal of any stroke therapy is the restoration of normal function, an objective appraisal of the behavioral deficits should be done
- …