Self-Protecting Access Control: On Mitigating Privacy Violations with Fault Tolerance

Self-protecting access control mechanisms can be described as an approach to enforcing security in a manner that automatically protects against violations of access control rules. In this chapter, we present a comparative analysis of standard Cryptographic Access Control (CAC) schemes in relation to privacy enforcement on the Web. We postulate that to mitigate privacy violations, self-protecting CAC mechanisms need to be supported by fault-tolerance. As an example of how one might to do this, we present two solutions that are inspired by the autonomic computing paradigm1. Our solutions are centered on how CAC schemes can be extended to protect against privacy violations that might arise from key updates and collusion attacks

Efficient enforcement of dynamic cryptographic access control policies for outsourced data

Outsourcing of their data to third-party service providers is a cost-effective data management strategy for many organizations. Outsourcing, however, introduces new challenges with respect to ensuring the security and the privacy of the data. In addition to the need for standard access control policies, organizations must now be concerned with the privacy of their data and so hiding the data from the service provider is important. Simply encrypting the data before it is transmitted to the service provider is inefficient and vulnerable to security attacks when the access control policies change. Approaches based on two layers of encryption alleviate the privacy concern but still require re-encryption of the data when policies change. This paper presents a novel and efficient solution that employs two layers of encryption of the data and an encrypted data object containing the second access key. Changes to the access control policies are handled by re-encrypting the object containing the affected key, which is an efficient operation. The paper presents our key management approach, a security analysis of our approach, and an evaluation of the performance of a proof of concept implementation of our approach

Impact of COVID-19 on cardiovascular testing in the United States versus the rest of the world

Objectives: This study sought to quantify and compare the decline in volumes of cardiovascular procedures between the United States and non-US institutions during the early phase of the coronavirus disease-2019 (COVID-19) pandemic. Background: The COVID-19 pandemic has disrupted the care of many non-COVID-19 illnesses. Reductions in diagnostic cardiovascular testing around the world have led to concerns over the implications of reduced testing for cardiovascular disease (CVD) morbidity and mortality. Methods: Data were submitted to the INCAPS-COVID (International Atomic Energy Agency Non-Invasive Cardiology Protocols Study of COVID-19), a multinational registry comprising 909 institutions in 108 countries (including 155 facilities in 40 U.S. states), assessing the impact of the COVID-19 pandemic on volumes of diagnostic cardiovascular procedures. Data were obtained for April 2020 and compared with volumes of baseline procedures from March 2019. We compared laboratory characteristics, practices, and procedure volumes between U.S. and non-U.S. facilities and between U.S. geographic regions and identified factors associated with volume reduction in the United States. Results: Reductions in the volumes of procedures in the United States were similar to those in non-U.S. facilities (68% vs. 63%, respectively; p = 0.237), although U.S. facilities reported greater reductions in invasive coronary angiography (69% vs. 53%, respectively; p < 0.001). Significantly more U.S. facilities reported increased use of telehealth and patient screening measures than non-U.S. facilities, such as temperature checks, symptom screenings, and COVID-19 testing. Reductions in volumes of procedures differed between U.S. regions, with larger declines observed in the Northeast (76%) and Midwest (74%) than in the South (62%) and West (44%). Prevalence of COVID-19, staff redeployments, outpatient centers, and urban centers were associated with greater reductions in volume in U.S. facilities in a multivariable analysis. Conclusions: We observed marked reductions in U.S. cardiovascular testing in the early phase of the pandemic and significant variability between U.S. regions. The association between reductions of volumes and COVID-19 prevalence in the United States highlighted the need for proactive efforts to maintain access to cardiovascular testing in areas most affected by outbreaks of COVID-19 infection

Synthese und biologische Testung von Biarylalkylcarbonsäure-Derivaten und Dithiocarbamat-Derivaten als potentielle anthelmintische Wirkstoffe gegen Schistosoma mansoni

Vernachlässigte Tropenerkrankungen beschreiben eine Gruppe von Infektionskrankheiten, welche mehr als 1,5 Milliarden Menschen betreffen und für schätzungsweise 550.000 Todesfälle pro Jahr verantwortlich sind. Ein enormer Teil dieser Erkrankungen wird durch Helminthen ausgelöst, wobei die durch Schistosoma spp. ausgelöste Schistosomiasis den größten Teil darstellt. Mit Praziquantel und Oxamniquin, welches nur gegen S. mansoni wirksam ist, stehen nur zwei Wirkstoffe zur Bekämpfung der Schistosomiasis zur Verfügung. Beide Wirkstoffe werden seit Jahrzehnten teils exzessiv eingesetzt. Erste Anzeichen für eine Resistenzentwicklung wurden bereits beobachtet. Die Entwicklung neuer antischistosomaler Wirkstoffe ist daher dringend notwendig. Basierend auf einer initial getesteten Serie wurde die Substanzklasse der Biarylalkylcarbonsäure Derivate als antischistosomale Wirkstoffe etabliert. In einer ersten Optimierungsserie wurde der Einfluss des Substitutionsmusters des terminalen Phenyl Rings untersucht, wobei die Einführung eines Hydroxy Substituenten in Position 3 des terminalen Phenyl Rings einen Anstieg der Aktivität zur Folge hatte. Neue phänotypische Effekte konnten beobachtet werden. In der zweiten Optimierungsserie wurde die Carbonsäure funktionalisiert. Die entsprechenden Carbonsäureamide zeigten eine gesteigerte antischistosomale Aktivität. Abschließend wurden die besten Substituenten jeder Serie miteinander kombiniert. Bis zu Konzentrationen von 25 µM kam es neben dem Auftreten mehrerer phänotypischer Effekte zu einem starken Anstieg der antischistosomalen Aktivität mit letalen Effekten. Die besten Derivate der Verbindungsklasse zeigen bis zu einer Konzentration von 10 µM eine deutliche antischistosomale Wirkung und weisen ein günstiges zytotoxisches Profil auf. Basierend auf der Grundstruktur des Disulfirams wurde die Substanzklasse der Dithiocarbamat Derivate als antischistosomale Wirkstoffe etabliert. Zunächst wurden Derivate mit veränderten Substituenten am Schwefel des Dithiocarbamats dargestellt. Dabei zeigte sich, dass vor allem die Einführung elektronenarmer, substituierter Benzylreste am Schwefel des Dithiocarbamats einen deutlichen Anstieg der antischistosomalen Aktivität zur Folge hatte. Es wurden insgesamt 73 Derivate dargestellt und in vitro getestet. Dabei wurden sieben Substituenten gefunden, deren Einführung eine Wirksamkeit bei einer Konzentration von 10 µM zur Folge hatte. Drei der besten sieben Derivate waren zudem bei 5 µM wirksam und somit der Wirksamkeit von Praziquantel ebenbürtig, wobei neuartige Phänotypen beobachtet wurden. Im Anschluss daran wurde der Einfluss des Substituenten am Stickstoff des Dithiocarbamats überprüft. Weitere 45 Derivate wurden dargestellt und in vitro getestet. Durch die Einführung eines (substituierten) Piperazin Strukturelements konnten neue Substitutionsmuster gefunden werden, deren Einführung ebenfalls einen Anstieg der antischistosomalen Aktivität zur Folge hatte. 49 kombinatorischen Derivate mit den jeweils sieben wirksamsten Substituenten am Schwefel beziehungsweise am Stickstoff des Dithiocarbamats wurden im Anschluss dargestellt und in vitro getestet. Sechs der 49 Verbindungen sind bei einer Konzentration von 5 µM aktiv und somit in vitro genauso wirksam wie Praziquantel. Ein Derivat zeigt auch bei einer Konzentration von 1 µM eine sehr gute antischistosomale Aktivität und ist somit um den Faktor 5 wirksamer als Praziquantel. In einer abschließenden Optimierungsserie wurden die antischistosomale Aktivität sowie das zytotoxische Profil der Substanzklasse der Dithiocarbamate weiter verbessert. Vor allem die Piperazinsulfonamid Derivate zeigen eine sehr gute antischistosomale Aktivität mit vielversprechenden Phänotypen. Zudem zeichnen die aufgetretenen letalen Effekte bei niedrigen mikromolaren Konzentrationen diese Substanzgruppe aus. Zwei der Sulfonamid Derivate sind ebenfalls um den Faktor 5 wirksamer als Praziquantel. Aus den über 300 dargestellten Dithiocarbamat Derivaten gingen 35 Verbindungen hervor, die bei einer Konzentration von 5 µM oder niedriger gut bis sehr gut wirksam waren und eine teils deutlich verbesserte antischistosomale Aktivität zeigten. Am Ende dieser Arbeit stellt eine Verbindung (Schl32329) das beste Derivat dieser Verbindungsklasse dar. Das Derivat zeigte bis zu einer Konzentration von 1 µM eine sehr gute antischistosomale Aktivität mit multiplen Phänotypen sowie einem letalen Effekt nach 72 Stunden. Zudem zeigte die Verbindung in beiden Zelllinien bei der höchsten gemessenen Konzentration von 100 µM keine zytotoxischen Effekte und weist damit einen Selektivitätsindex ≥ 100 auf. Die multiplen Effekte der Verbindungen lassen darauf schließen, dass eine Wirkung auf verschiedene Zielstrukturen anzunehmen ist. Zudem können beide Verbindungsklassen noch umfassend modifiziert werden, um weitere potentielle Wirkstoff Kandidaten für die Bekämpfung der Schistosomiasis bereit zu stellen

Adaptive Cryptographic Access Control

Cryptographic access control (CAC) is an approach to securing data by encrypting it with a key, so that only the users in possession of the correct key are able to decrypt the data and/or perform further encryptions. Applications of cryptographic access control will benefit companies, governments and the military where structured access to information is essential. The purpose of this book is to highlight the need for adaptability in cryptographic access control schemes that are geared for dynamic environments, such as the Internet. Adaptive Cryptographic Access Control presents the challenges of designing hierarchical cryptographic key management algorithms to implement Adaptive Access Control in dynamic environments and suggest solutions that will overcome these challenges. Adaptive Cryptographic Access Control is a cutting-edge book focusing specifically on this topic in relation to security and cryptographic access control. Both the theoretical and practical aspects and approaches of cryptographic access control are introduced in this book. Case studies and examples are provided throughout this book. This book is designed for a professional audience composed of researchers, technicians and government/military employees working in the Information Security industry. Advanced-level students concentrating on computer science for Information Security and Cryptography will also find this book useful as a reference or secondary text book

Enhancing Identity Trust in Cryptographic Key Management Systems for Dynamic Environments

Cryptographic key management (CKM) schemes can be used to support identity management (IM) systems where linking users securely to data objects is important. CKM schemes enforce data security by encrypting data granting access only to authorized users and security compromises are prevented by updating any keys that are held by users from whom access rights have been revoked. Handling key updates efficiently and providing security against collusion attacks is challenging in dynamic environments like the Internet where manual Security management increases the likelihood of delayed responses. Delay increases the system’s vulnerability to security attacks and the potential of the system’s violating its service level agreements. Adaptive CKM has emerged as a possibility of addressing this problem but needs to be designed in a way that justifies the cost/benefit tradeoff. In this paper, we show that the key update and collusion avoidance problems are NP-complete and need heuristic algorithms to prevent performance degradations in comparison to standard CKM schemes. As an example of the benefits of a good heuristic, we present a collusion detection and resolution algorithm whose running time is polynomial in the number of keys. The algorithm operates by mapping the generated key set onto a key graph whose independent set is computed. In the key graph, the vertices represent the keys and the edges the probability that their endpoints can be combined to provoke a collusion attack. Collusion possibilities are resolved by applying a heuristic that resets the probability to zero. The performance of our algorithm is analyzed in comparison to the Akl and Taylor scheme that is secure against collusion attack, and the experimental results indicate that collusion prevention can be done dynamically without affecting performance

Context-aware preference search for outdoor activity platforms

Complex application domains like outdoor activity platforms demand a powerful search interface that can adapt to personal user preferences and to changing contexts like weather conditions. Today most platforms offer a search technology known as Faceted Search, also named Parametric Search, where a user iteratively adapts his/her search parameters by a tedious and time-consuming trial-and-error process until the quality and quantity of the query results somehow corresponds to his/her expectations. This process gets even more cumbersome in mobile environments. Here we present a sophisticated approach called Preference Search, which we have prototypically implemented in a commercial outdoor activity platform. Preference Search replaces lengthy user sessions by one single user request. Technically, this request is automatically compiled into one single Preference SQL query, which efficiently retrieves those items that best match the user's expectations within the current context. A benchmark was applied to Faceted Search as well as Preference Search. The evaluation of the benchmark indicates that Preference Search substantially improves the user's search satisfaction in comparison to Faceted Search

(Université Libre de Bruxelles) Jury Members:

Thèse de doctorat présentée en vue de l’obtention du titre de Docteur en sciences économiques et de gestion Année Académique 2011/201

Preorganization: a powerful tool in intermolecular halogen bonding in solution

Preorganization is a powerful tool in supramolecular chemistry which has been utilized successfully in intra‐ and intermolecular halogen bonding. In previous work, we had developed a bidentate bis(iodobenzimidazolium)‐based halogen bond donor which featured a central trifluoromethyl substituent. This compound showed a markedly increased catalytic activity compared to unsubstituted bis(iodoimidazolium)‐based Lewis acids, which could be explained either by electronic effects (the electron withdrawal by the fluorinated substituent) or by preorganization (the hindered rotation of the halogen bonding moieties). Herein, we systematically investigate the origin of this increased Lewis acidity via a comparison of the two types of compounds and their respective derivatives with or without the central trifluoromethyl group. Calorimetric measurements of halide complexations indicated that preorganization is the main reason for the higher halogen bonding strength. The performance of the catalysts in a series of benchmark reactions corroborates this finding