A Calculus for Access Control in Distributed Systems

We study some of the concepts, protocols, and algorithms for access control in distributed systems, from a logical perspective. We account for how a principal may come to believe that another principal is making a request, either on his own or on someone else’s behalf. We also provide a logical language for access control lists and theories for deciding whether requests should be granted

Genetic Epidemiology of Glioblastoma Multiforme: Confirmatory and New Findings from Analyses of Human Leukocyte Antigen Alleles and Motifs

Human leukocyte antigen (HLA) class I genes mediate cytotoxic T-lymphocyte responses and natural killer cell function. In a previous study, several HLA-B and HLA-C alleles and haplotypes were positively or negatively associated with the occurrence and prognosis of glioblastoma multiforme (GBM).As an extension of the Upper Midwest Health Study, we have performed HLA genotyping for 149 GBM patients and 149 healthy control subjects from a non-metropolitan population consisting almost exclusively of European Americans. Conditional logistic regression models did not reproduce the association of HLA-B*07 or the B*07-Cw*07 haplotype with GBM. Nonetheless, HLA-A*32, which has previously been shown to predispose GBM patients to a favorable prognosis, was negatively associated with occurrence of GBM (odds ratio=0.41, p=0.04 by univariate analysis). Other alleles (A*29, A*30, A*31 and A*33) within the A19 serology group to which A*32 belongs showed inconsistent trends. Sequencing-based HLA-A genotyping established that A*3201 was the single A*32 allele underlying the observed association. Additional evaluation of HLA-A promoter and exon 1 sequences did not detect any unexpected single nucleotide polymorphisms that could suggest differential allelic expression. Further analyses restricted to female GBM cases and controls revealed a second association with a specific HLA-B sequence motif corresponding to Bw4-80Ile (odds ratio=2.71, p=0.02).HLA-A allelic product encoded by A*3201 is likely to be functionally important to GBM. The novel, sex-specific association will require further confirmation in other representative study populations

Plasmid pP62BP1 isolated from an Arctic Psychrobacter sp. strain carries two highly homologous type II restriction-modification systems and a putative organic sulfate metabolism operon

The complete nucleotide sequence of plasmid pP62BP1 (34,467 bp), isolated from Arctic Psychrobacter sp. DAB_AL62B, was determined and annotated. The conserved plasmid backbone is composed of several genetic modules, including a replication system (REP) with similarities to the REP region of the iteron-containing plasmid pPS10 of Pseudomonas syringae. The additional genetic load of pP62BP1 includes two highly related type II restriction-modification systems and a set of genes (slfRCHSL) encoding enzymes engaged in the metabolism of organic sulfates, plus a putative transcriptional regulator (SlfR) of the AraC family. The pP62BP1 slflocus has a compact and unique structure. It is predicted that the enzymes SlfC, SlfH, SlfS and SlfL carry out a chain of reactions leading to the transformation of alkyl sulfates into acyl-CoA, with dodecyl sulfate (SDS) as a possible starting substrate. Comparative analysis of the nucleotide sequences of pP62BP1 and other Psychrobacter spp. plasmids revealed their structural diversity. However, the presence of a few highly conserved DNA segments in pP62BP1, plasmid 1 of P. cryohalolentis K5 and pRWF-101 of Psychrobacter sp. PRwf-1 is indicative of recombinational shuffling of genetic information, and is evidence of lateral gene transfer in the Arctic environment

Designing a Global Name Service

A name service maps a name of an individual, organization or facility into a set of labeled properties, each of which is a string. It is the basis for resource location, mail addressing, and authentication in a distributed computing system. The global name service described here is meant to do this for billions of names distributed throughout the world. It addresses the problems of high availability, large size, continuing evolution, fault isolation and lack of global trust. The non-deterministic behavior of the service is specified rather precisely to allow a wide range of client and server implementations

Designing a Global Name Service

A name service maps a name of an individual, organization or facility into a set of labeled properties, each of which is a string. It is the basis for resource location, mail addressing, and authentication in a distributed computing system. The global name service described here is meant to do this for billions of names distributed throughout the world. It addresses the problems of high availability, large size, continuing evolution, fault isolation and lack of global trust. The non-deterministic behavior of the service is specified rather precisely to allow a wide range of client and server implementations

Computer Security

this report it is trusted to meet the security specifications. In some other context it might be trusted to control a shuttle launch or to retrieve all the 1988 court opinions dealing with civil rights. People concerned about security have tried to take over the word `trusted' to describe their concerns; they have had some success because security is the area Policies are often called `requirements'; sometimes the word `policy' is reserved for a broad statement and `requirement' is used for a more detailed one in which the most effort has been made to specify and build trustworthy systems. We will adopt this usage, while recognizing that in a broader context `trusted' may have many other meanings. Policies express a general intent. Of course, they can be more detailed than the very general ones given as examples above; for instance, here is a refinement of the first policy: Salary secrecy: Individual salary information shall only be disclosed to the employee, his superiors, and authorized personnel people. But whether general or specific, policies contain terms which are not precisely defined, so it isn't possible to reliably tell whether a system satisfies them. Furthermore, they specify the behavior of people and of the physical environment as well as the behavior of machines, so it isn't possible for a computer system alone to satisfy them. Technology for security addresses these problems by providing methods for: Integrating a computer system into a larger system, comprising people and a physical environment as well as computers, that meets its security policies. Giving a precise specification, called a security model, for the security-relevant behavior of the computer system. Building a system that meets the specifications out of components that provide and use s..