Preventing unauthorized data flows

Trojan Horse attacks can lead to unauthorized data flows and can cause either a confidentiality violation or an integrity violation. Existing solutions to address this problem employ analysis techniques that keep track of all subject accesses to objects, and hence can be expensive. In this paper we show that for an unauthorized flow to exist in an access control matrix, a flow of length one must exist. Thus, to eliminate unauthorized flows, it is sufficient to remove all one-step flows, thereby avoiding the need for expensive transitive closure computations. This new insight allows us to develop an efficient methodology to identify and prevent all unauthorized flows leading to confidentiality and integrity violations. We develop separate solutions for two different environments that occur in real life, and experimentally validate the efficiency and restrictiveness of the proposed approaches using real data sets. © IFIP International Federation for Information Processing 2017

On the Security of Delegation in Access Control Systems

Abstract. Delegation is a mechanism that allows a user A to act on another user B’s behalf by making B’s access rights available to A. It is well recognized as an important mechanism to provide resiliency and flexibility in access control systems, and has gained popularity in the research community. However, most existing literature focuses on modeling and managing delegations. Little work has been done on understanding the impact of delegation on the security of existing access control systems. In particular, no formal notion of security with respect to delegation has been proposed. Many existing access control systems are designed without having delegation in mind. Simply incorporating a delegation module into those systems may cause security breaches. This paper focuses on the security aspect of delegation in access control systems. We first give examples on how colluding users may abuse the delegation sup-port of access control systems to circumvent security policies, such as separation of duty. As a major contribution, we propose a formal notion of security with respect to delegation in access control systems. After that, we discuss potential mechanisms to enforce security. In particular, we design a novel source-based en-forcement mechanism for workflow authorization systems so as to achieve both security and efficiency.

A Mathematical model for Astrocytes mediated LTP at Single Hippocampal Synapses

Many contemporary studies have shown that astrocytes play a significant role in modulating both short and long form of synaptic plasticity. There are very few experimental models which elucidate the role of astrocyte over Long-term Potentiation (LTP). Recently, Perea & Araque (2007) demonstrated a role of astrocytes in induction of LTP at single hippocampal synapses. They suggested a purely pre-synaptic basis for induction of this N-methyl-D- Aspartate (NMDA) Receptor-independent LTP. Also, the mechanisms underlying this pre-synaptic induction were not investigated. Here, in this article, we propose a mathematical model for astrocyte modulated LTP which successfully emulates the experimental findings of Perea & Araque (2007). Our study suggests the role of retrograde messengers, possibly Nitric Oxide (NO), for this pre-synaptically modulated LTP.Comment: 51 pages, 15 figures, Journal of Computational Neuroscience (to appear

Dynamic Authorisation Policies for Event-based Task Delegation

International audienceTask delegation presents one of the business process security leitmotifs. It denes a mechanism that bridges the gap between both workfow and access control systems. There are two important issues relating to delegation, namely allowing task delegation to complete, and having a secure delegation within a workfow. Delegation completion and authorisation enforcement are specied under specic constraints. Constraints are dened from the delegation context implying the presence of a xed set of delegation events to control the delegation execution. In this paper, we aim to reason about delegation events to specify delegation policies dynamically. To that end, we present an event-based task delegation model to monitor the delegation process. We then identify relevant events for authorisation enforcement to specify delegation policies. Moreover, we propose a technique that automates delegation policies using event calculus to control the delegation execution and increase the compliance of all delegation changes in the global policy

Responsible, safe, and effective prescription of opioids for chronic non-cancer pain: American society of interventional pain physicians (ASIPP) guidelines

Background: Opioid use, abuse, and adverse consequences, including death, have escalated at an alarming rate since the 1990s. In an attempt to control opioid abuse, numerous regulations and guidelines for responsible opioid prescribing have been developed by various organizations. However, the US opioid epidemic is continuing and drug dose deaths tripled during 1999 to 2015. Recent data show a continuing increase in deaths due to natural and semisynthetic opioids, a decline in methadone deaths, and an explosive increase in the rates of deaths involving other opioids, specifically heroin and illicit synthetic fentanyl. Contrary to scientific evidence of efficacy and negative recommendations, a significant proportion of physicians and patients (92%) believe that opioids reduce pain and a smaller proportion (57%) report better quality of life. In preparation of the current guidelines, we have focused on the means to reduce the abuse and diversion of opioids without jeopardizing access for those patients suffering from non-cancer pain who have an appropriate medical indication for opioid use. Objectives: To provide guidance for the prescription of opioids for the management of chronic non-cancer pain, to develop a consistent philosophy among the many diverse groups with an interest in opioid use as to how appropriately prescribe opioids, to improve the treatment of chronic non-cancer pain and to reduce the likelihood of drug abuse and diversion. These guidelines are intended to provide a systematic and standardized approach to this complex and difficult arena of practice, while recognizing that every clinical situation is unique. Methods: The methodology utilized included the development of objectives and key questions. The methodology also utilized trustworthy standards, appropriate disclosures of conflicts of interest, as well as a panel of experts from various specialties and groups. The literature pertaining to opioid use, abuse, effectiveness, and adverse consequences was reviewed, with a best evidence synthesis of the available literature, and utilized grading for recommendation as described by the Agency for Healthcare Research and Quality (AHRQ)

RNA activation of haploinsufficient Foxg1 gene in murine neocortex

More than one hundred distinct gene hemizygosities are specifically linked to epilepsy, mental retardation, autism, schizophrenia and neuro-degeneration. Radical repair of these gene deficits via genome engineering is hardly feasible. The same applies to therapeutic stimulation of the spared allele by artificial transactivators. Small activating RNAs (saRNAs) offer an alternative, appealing approach. As a proof-of-principle, here we tested this approach on the Rett syndrome-linked, haploinsufficient, Foxg1 brain patterning gene. We selected a set of artificial small activating RNAs (saRNAs) upregulating it in neocortical precursors and their derivatives. Expression of these effectors achieved a robust biological outcome. saRNA-driven activation (RNAa) was limited to neural cells which normally express Foxg1 and did not hide endogenous gene tuning. saRNAs recognized target chromatin through a ncRNA stemming from it. Gene upregulation required Ago1 and was associated to RNApolII enrichment throughout the Foxg1 locus. Finally, saRNA delivery to murine neonatal brain replicated Foxg1-RNAa in vivo