Privacy-enhanced credential services

The use of credential directories in PKI and authorization systems such as Shibboleth introduces a new privacy risk: an insider at the directory can learn much about otherwise protected interactions by observing who makes queries, and what they ask for. Recent advances in Practical Private Information Retrieval provide promising countermeasures. In this paper, we extend this technology to solve this new privacy problem, and present a design and preliminary prototype for a LDAP-based credential service that can prevent even an insider from learning anything more than the fact a query was made. Our preliminary performance analysis suggests that the complete prototype may be sufficiently robust for academic enterprise settings

Solitons and Almost-Intertwining Matrices

We define the set of almost-intertwining matrices to be all triples(X,Y,Z) of n x n matrices for which XZ=YX+T for some rank one matrix T. A surprisingly simple formula is given for tau-functions of the KP hierarchy in terms of such triples. The tau-functions produced in this way include the soliton and vanishing rational solutions. The induced dynamics of the eigenvalues of the matrix X are considered, leading in special cases to the Ruijsenaars-Schneider particle system

Birational aspects of the Geometry of Varieties of Sum of Powers

Varieties of Sums of Powers describe the additive decompositions of an homogeneous polynomial into powers of linear forms. Despite their long history, going back to Sylvester and Hilbert, few of them are known for special degrees and number of variables. In this paper we aim to understand a general birational behaviour of VSP, if any. To do this we birationally embed these varieties into Grassmannians and prove the rationality, unirationality or rational connectedness of many of those in arbitrary degrees and number of variables.Comment: 16 pages, corrected wrong attributio

An Armored Data Vault

We consider the problem of secure long-term archiving of network traffic, an instance of the problem of storing data securely. We approach the problem using secure hardware, which enables the enforcement of flexible access policy. The policy cannot be circumvented by anyone, even insiders, and so we are assured that access to the data is as originally intended. The policy can be expressed as any feasible computation, as it will be checked inside the secure hardware without possibility of interference. We discuss our design of a device to perform such network data archiving and have implemented a prototpe device. We discuss other possible application areas of the design

Finishing the euchromatic sequence of the human genome

The sequence of the human genome encodes the genetic instructions for human physiology, as well as rich information about human evolution. In 2001, the International Human Genome Sequencing Consortium reported a draft sequence of the euchromatic portion of the human genome. Since then, the international collaboration has worked to convert this draft into a genome sequence with high accuracy and nearly complete coverage. Here, we report the result of this finishing process. The current genome sequence (Build 35) contains 2.85 billion nucleotides interrupted by only 341 gaps. It covers ∼99% of the euchromatic genome and is accurate to an error rate of ∼1 event per 100,000 bases. Many of the remaining euchromatic gaps are associated with segmental duplications and will require focused work with new methods. The near-complete sequence, the first for a vertebrate, greatly improves the precision of biological analyses of the human genome including studies of gene number, birth and death. Notably, the human enome seems to encode only 20,000-25,000 protein-coding genes. The genome sequence reported here should serve as a firm foundation for biomedical research in the decades ahead

Prototyping an armored data vault: Rights management on Big Brother’s computer

Abstract. This paper reports our experimental work in using commercial secure coprocessors to control access to private data. In our initial project, we look at archived network traffic. We seek to protect the privacy rights of a large population of data producers by restricting computation on a central authority’s machine. The coprocessor approach provides more flexibility and assurance in specifying and enforcing access policy than purely cryptographic schemes. This work extends to other application domains, such as distributing and sharing academic research data.

Abstract

The use of credential directories in PKI and authorization systems such as Shibboleth introduces a new privacy risk: an insider at the directory can learn much about otherwise protected interactions by observing who makes queries, and what they ask for. Recent advances in Practical Private Information Retrieval provide promising countermeasures. In this paper, we extend this technology to solve this new privacy problem, and present a design and preliminary prototype for a LDAP-based credential service that can prevent even an insider from learning anything more than the fact a query was made. Our preliminary performance analysis suggests that the complete prototype may be sufficiently robust for academic enterprise settings

Microwave dielectric properties of the spinel composition Mg1+xTixAl2-2xO4

The objects of our research is magnesium aluminates (spinel), in which the electric charge of Al3+ cation is partially substituted with constitutive trivalent cation of Mg2+ and Ti 4+ in the system with the following composition: Mg1+xTixAl2-2xO4 with (x) varying from 0,1 to 0,6. X-ray diffraction data shows that within the above values of (x) the composition is a single phase spinel. The microwave basic parameters were measured as εr, tan δ and τf, respectively with the following values: εr = 6-12, tanδ = (1.5-3.5) x 10-4 at 10 GHz and Qf = 70 000 – 90 000, and τf from -50 to -70 ppm/deg