Hybrid cloud security certification

In this report, I introduce a hybrid approach for certifying security properties of cloud services that combines monitoring and testing data. This report argues about the need for hybrid certification and examines the basic characteristics of hybrid certification models. The certification of cloud service security has become a necessity due to the on-going concerns about cloud security and the need to increase cloud trustworthiness through rigorous assessments of security by trusted third parties. Unlike the certification of security in traditional software systems, which is based on static forms of security assessment (e.g., the Common Criteria model), the certification of cloud service security requires continuous assessment. This is because cloud services are provisioned through dynamic infrastructures operating under security controls and other configurations that may change dynamically introducing unforeseen vulnerabilities. Cloud service security can also be compromised because of attacks on co-tenant services. Recent work on cloud service certification applies dynamic forms of security assessment, notably dynamic testing or continuous monitoring. These overcome some of the limitations of traditional security certification and audits (e.g. they produce machine readable certificates incorporating dynamically collected evidence). However, there are cases where existing approaches cannot provide an adequate level of assurance. Testing, for instance, may be insufficient for transactional services, as it is normally performed through a special testing (as opposed to the operational) service interface. Monitoring-based certification may also be insufficient if there is conflicting or inconclusive evidence in monitoring data; such data may, for example, not cover all traces of system events that should be seen to assess a property. To overcome such problems, I am working on a hybrid approach for certifying cloud service security that can combine both monitoring and testing evidence. For that reason, I designed a new cloud certification approach supporting the automated and continuous certification of security properties of cloud services based on the combination of dynamically acquired testing and monitoring evidence that can deliver the high level of assurance and can overcome the limitations of assessments based on each of these types of evidence in isolation. My approach is based on the cloud certification framework of the CUMULUS EU FP7 project

Fusidic acid and clindamycin resistance in community-associated, methicillin-resistant Staphylococcus aureus infections in children of Central Greece

<p>Abstract</p> <p>Introduction</p> <p>In Greece, fusidic acid and clindamycin are commonly used for the empiric therapy of suspected staphylococcal infections.</p> <p>Methods</p> <p>The medical records of children examined at the outpatient clinics or admitted to the pediatric wards of the University General Hospital of Larissa, Central Greece, with community-associated staphylococcal infections from January 2003 to December 2009 were reviewed.</p> <p>Results</p> <p>Of 309 children (0-14 years old), 21 (6.8%) had invasive infections and 288 (93.2%) skin and soft tissue infections (SSTIs). Thirty-five patients were ≤30 days of age. The proportion of staphylococcal infections caused by a community-associated methicillin-resistant <it>Staphylococcus aureus </it>(CA-MRSA) isolate increased from 51.5% (69 of 134) in 2003-2006 to 63.4% (111 of 175) in 2007-2009 (<it>P </it>= 0.037). Among the CA-MRSA isolates, 88.9% were resistant to fusidic acid, 77.6% to tetracycline, and 21.1% to clindamycin. Clindamycin resistance increased from 0% (2003) to 31.2% (2009) among the CA-MRSA isolates (<it>P </it>= 0.011). Over the 7-year period, an increase in multidrug-resistant CA-MRSA isolates was observed (<it>P </it>= 0.004). One hundred and thirty-one (93.6%) of the 140 tested MRSA isolates were Panton-Valentine leukocidin-positive. Multilocus sequence typing of 72 CA-MRSA isolates revealed that they belonged to ST80 (n = 61), ST30 (n = 6), ST377 (n = 3), ST22 (n = 1), and ST152 (n = 1). Resistance to fusidic acid was observed in ST80 (58/61), ST30 (1/6), and ST22 (1/1) isolates.</p> <p>Conclusion</p> <p>In areas with high rate of infections caused by multidrug-resistant CA-MRSA isolates, predominantly belonging to the European ST80 clone, fusidic acid and clindamycin should be used cautiously as empiric therapy in patients with suspected severe staphylococcal infections.</p

The Evolution of an Ancient Coastal Lake (Lerna, Peloponnese, Greece)

Degradation of coastal environments is an issue that many areas in Europe are facing. In the present work, an ancient coastal lake wetland is investigated, the so-called Lake Lerna in NE Peloponnese, Greece. The area hosted early agricultural populations of modern Greece that started modifying their environment as early as the early–middle Neolithic. Two drill cores in the area of the ancient lake were analysed to establish the sedimentological succession and the depositional environments using sub-fossil assemblages (molluscs and ostracods). Three lithological and faunal units were recovered, the latter being confirmed by the statistical ordination method (non-metric multidimensional scaling). The usage of sub-fossil mollusc species for the first time in the region enriched the dataset and contributed significantly to the delimitation of the faunas. These consist of environments characterised by various levels of humidity (from stagnant waters to freshwater lake) and salinity, with ephemeral intrusions of salt water to the lake, documented by mollusc and ostracod populations. We conclude that the lake and its included fauna and flora were mostly affected by climatic fluctuations rather than human intervention in the area