Protecting applications using trusted execution environments

While cloud computing has been broadly adopted, companies that deal with sensitive data are still reluctant to do so due to privacy concerns or legal restrictions. Vulnerabilities in complex cloud infrastructures, resource sharing among tenants, and malicious insiders pose a real threat to the confidentiality and integrity of sensitive customer data. In recent years trusted execution environments (TEEs), hardware-enforced isolated regions that can protect code and data from the rest of the system, have become available as part of commodity CPUs. However, designing applications for the execution within TEEs requires careful consideration of the elevated threats that come with running in a fully untrusted environment. Interaction with the environment should be minimised, but some cooperation with the untrusted host is required, e.g. for disk and network I/O, via a host interface. Implementing this interface while maintaining the security of sensitive application code and data is a fundamental challenge. This thesis addresses this challenge and discusses how TEEs can be leveraged to secure existing applications efficiently and effectively in untrusted environments. We explore this in the context of three systems that deal with the protection of TEE applications and their host interfaces: SGX-LKL is a library operating system that can run full unmodified applications within TEEs with a minimal general-purpose host interface. By providing broad system support inside the TEE, the reliance on the untrusted host can be reduced to a minimal set of low-level operations that cannot be performed inside the enclave. SGX-LKL provides transparent protection of the host interface and for both disk and network I/O. Glamdring is a framework for the semi-automated partitioning of TEE applications into an untrusted and a trusted compartment. Based on source-level annotations, it uses either dynamic or static code analysis to identify sensitive parts of an application. Taking into account the objectives of a small TCB size and low host interface complexity, it defines an application-specific host interface and generates partitioned application code. EnclaveDB is a secure database using Intel SGX based on a partitioned in-memory database engine. The core of EnclaveDB is its logging and recovery protocol for transaction durability. For this, it relies on the database log managed and persisted by the untrusted database server. EnclaveDB protects against advanced host interface attacks and ensures the confidentiality, integrity, and freshness of sensitive data.Open Acces

Radiographic detection of defects in friction stir welding on aluminum alloy AMg5M

In order to reveal weld defects specific to friction stir welding we undertook radiographic inspection of AMg5M aluminum alloy welded joints. Weld defects in the form of voids have been revealed in the weld obtained under the non-optimal rotation and feed rate. Both shape and size of these defects have been confirmed by examining metallographically successive sections prepared in the weld plane as well as in the plane transversal to the tool feed direction. Linear defects have been also found in the sections that are not seen in the radiographic images. Both the preferable localization and origination of the defects have been analyzed

Predictors of quality of care in mental health supported accommodation services in England: a multiple regression modelling study.

BACKGROUND: Specialist mental health supported accommodation services are a key component to a graduated level of care from hospital to independently living in the community for people with complex, longer term mental health problems. However, they come at a high cost and there has been a lack of research on the quality of these services. The QuEST (Quality and Effectiveness of Supported tenancies) study, a five-year programme of research funded by the National Institute for Health Research, aimed to address this. It included the development of the first standardised quality assessment tool for supported accommodation services, the QuIRC-SA (Quality Indicator for Rehabilitative Care - Supported Accommodation). Using data collected from the QuIRC-SA, we aimed to identify potential service characteristics that were associated with quality of care. METHODS: Data collected from QuIRC-SAs with 150 individual services in England (28 residential care, 87 supported housing and 35 floating outreach) from four different sources were analysed using multiple regression modelling to investigate associations between service characteristics (local authority area index score, total beds/spaces, staffing intensity, percentage of male service users and service user ability) and areas of quality of care (Living Environment, Therapeutic Environment, Treatments and Interventions, Self-Management and Autonomy, Social Interface, Human Rights and Recovery Based Practice). RESULTS: The local authority area in which the service is located, the service size (number of beds/places) and the usual expected length of stay were each negatively associated with up to six of the seven QuIRC-SA domains. Staffing intensity was positively associated with two domains (Therapeutic Environment and Treatments and Interventions) and negatively associated with one (Human Rights). The percentage of male service users was positively associated with one domain (Treatments and Interventions) and service user ability was not associated with any of the domains. CONCLUSIONS: This study identified service characteristics associated with quality of care in specialist mental health supported accommodation services that can be used in the design and specification of services

A research programme to evaluate DBT-PTSD, a modular treatment approach for Complex PTSD after childhood abuse

Background: Posttraumatic stress disorder (PTSD) after childhood abuse (CA) is often related to severe co-occurring psychopathology, such as symptoms of borderline personality disorder (BPD). The ICD-11 has included Complex PTSD as a new diagnosis, which is defined by PTSD symptoms plus disturbances in emotion regulation, self-concept, and interpersonal relationships. Unfortunately, the empirical database on psychosocial treatments for survivors of CA is quite limited. Furthermore, the few existing studies often have either excluded subjects with self-harm behaviour and suicidal ideation — which is common behaviour in subjects suffering from Complex PTSD. Thus, researchers are still trying to identify efficacious treatment programmes for this group of patients. We have designed DBT-PTSD to meet the specific needs of patients with Complex PTSD. The treatment programme is based on the rules and principles of dialectical behavioural therapy (DBT), and adds interventions derived from cognitive behavioural therapy, acceptance and commitment therapy and compassion-focused therapy. DBT-PTSD can be provided as a comprehensive residential programme or as an outpatient programme. The effects of the residential programme were evaluated in a randomised controlled trial. Data revealed significant reduction of posttraumatic symptoms, with large between-group effect sizes when compared to a treatment-as-usual wait list condition (Cohen’s d = 1.5). The first aim of this project on hand is to evaluate the efficacy of the outpatient DBT-PTSD programme. The second aim is to identify the major therapeutic variables mediating treatment efficacy. The third aim is to study neural mechanisms and treatment sensitivity of two frequent sequelae of PTSD after CA: intrusions and dissociation. Methods: To address these questions, we include female patients who experienced CA and who fulfil DSM-5 criteria for PTSD plus borderline features, including criteria for severe emotion dysregulation. The study is funded by the German Federal Ministry of Education and Research, and started in 2014. Participants are randomised to outpatient psychotherapy with either DBT-PTSD or Cognitive Processing Therapy. Formal power analysis revealed a minimum of 180 patients to be recruited. The primary outcome is the change on the Clinician-Administered PTSD Scale for DSM-5. Discussion: The expected results will be a major step forward in establishing empirically supported psychological treatments for survivors of CA suffering from Complex PTSD. Trial registration: German Clinical Trials Register, registration number DRKS00005578, date of registration 19 December 2013

Overcoming Barriers to Skills Training in Borderline Personality Disorder: A Qualitative Interview Study

Despite evidence suggesting that skills training is an important mechanism of change in dialectical behaviour therapy, little research exploring facilitators and barriers to this process has been conducted. The study aimed to explore clients’ experiences of barriers to dialectical behaviour therapy skills training and how they felt they overcame these barriers, and to compare experiences between treatment completers and dropouts. In-depth qualitative interviews were conducted with 40 clients with borderline personality disorder who had attended a dialectical behaviour therapy programme. A thematic analysis of participants’ reported experiences found that key barriers to learning the skills were anxiety during the skills groups and difficulty understanding the material. Key barriers to using the skills were overwhelming emotions which left participants feeling unable or unwilling to use them. Key ways in which participants reported overcoming barriers to skills training were by sustaining their commitment to attending therapy and practising the skills, personalising the way they used them, and practising them so often that they became an integral part of their behavioural repertoire. Participants also highlighted a number of key ways in which they were supported with their skills training by other skills group members, the group therapists, their individual therapist, friends and family. Treatment dropouts were more likely than completers to describe anxiety during the skills groups as a barrier to learning, and were less likely to report overcoming barriers to skills training via the key processes outlined above. The findings of this qualitative study require replication, but could be used to generate hypotheses for testing in further research on barriers to skills training, how these relate to dropout, and how they can be overcome. The paper outlines several such suggestions for further research

Comparative and functional genomics provide insights into the pathogenicity of dermatophytic fungi

ABSTRACT: BACKGROUND: Millions of humans and animals suffer from superficial infections caused by a group of highly specialized filamentous fungi, the dermatophytes, which exclusively infect keratinized host structures. To provide broad insights into the molecular basis of the pathogenicity-associated traits, we report the first genome sequences of two closely phylogenetically related dermatophytes, Arthroderma benhamiae and Trichophyton verrucosum, both of which induce highly inflammatory infections in humans. RESULTS: 97% of the 22.5 megabase genome sequences of A. benhamiae and T. verrucosum are unambiguously alignable and collinear. To unravel dermatophyte-specific virulence-associated traits, we compared sets of potentially pathogenicity-associated proteins, such as secreted proteases and enzymes involved in secondary metabolite production, with those of closely related onygenales (Coccidioides species) and the mould Aspergillus fumigatus. The comparisons revealed expansion of several gene families in dermatophytes and disclosed the peculiarities of the dermatophyte secondary metabolite gene sets. Secretion of proteases and other hydrolytic enzymes by A. benhamiae was proven experimentally by a global secretome analysis during keratin degradation. Molecular insights into the interaction of A. benhamiae with human keratinocytes were obtained for the first time by global transcriptome profiling. Given that A. benhamiae is able to undergo mating, a detailed comparison of the genomes further unraveled the genetic basis of sexual reproduction in this species. CONCLUSIONS: Our results enlighten the genetic basis of fundamental and putatively virulence-related traits of dermatophytes, advancing future research on these medically important pathogens

Four-Day-Old Human Neonates Look Longer at Non-Biological Motions of a Single Point-of-Light

BACKGROUND: Biological motions, that is, the movements of humans and other vertebrates, are characterized by dynamic regularities that reflect the structure and the control schemes of the musculo-skeletal system. Early studies on the development of the visual perception of biological motion showed that infants after three months of age distinguished between biological and non-biological locomotion. METHODOLOGY/PRINCIPAL FINDINGS: Using single point-light motions that varied with respect to the “two-third-power law” of motion generation and perception, we observed that four-day-old human neonates looked longer at non-biological motions than at biological motions when these were simultaneously presented in a standard preferential looking paradigm. CONCLUSION/SIGNIFICANCE: This result can be interpreted within the “violation of expectation” framework and can indicate that neonates' motion perception — like adults'—is attuned to biological kinematics

Psychosocial interventions for post-traumatic stress disorder in refugees and asylum seekers resettled in high-income countries: Systematic review and meta-analysis

Internal funding from the University of Veron