1,122 research outputs found
Security-Policy Analysis with eXtended Unix Tools
During our fieldwork with real-world organizations---including those in Public Key Infrastructure (PKI), network configuration management, and the electrical power grid---we repeatedly noticed that security policies and related security artifacts are hard to manage. We observed three core limitations of security policy analysis that contribute to this difficulty. First, there is a gap between policy languages and the tools available to practitioners. Traditional Unix text-processing tools are useful, but practitioners cannot use these tools to operate on the high-level languages in which security policies are expressed and implemented. Second, practitioners cannot process policy at multiple levels of abstraction but they need this capability because many high-level languages encode hierarchical object models. Finally, practitioners need feedback to be able to measure how security policies and policy artifacts that implement those policies change over time. We designed and built our eXtended Unix tools (XUTools) to address these limitations of security policy analysis. First, our XUTools operate upon context-free languages so that they can operate upon the hierarchical object models of high-level policy languages. Second, our XUTools operate on parse trees so that practitioners can process and analyze texts at multiple levels of abstraction. Finally, our XUTools enable new computational experiments on multi-versioned structured texts and our tools allow practitioners to measure security policies and how they change over time. Just as programmers use high-level languages to program more efficiently, so can practitioners use these tools to analyze texts relative to a high-level language. Throughout the historical transmission of text, people have identified meaningful substrings of text and categorized them into groups such as sentences, pages, lines, function blocks, and books to name a few. Our research interprets these useful structures as different context-free languages by which we can analyze text. XUTools are already in demand by practitioners in a variety of domains and articles on our research have been featured in various news outlets that include ComputerWorld, CIO Magazine, Communications of the ACM, and Slashdot
Applying Domain Knowledge from Structured Citation Formats to Text and Data Mining: Examples Using the CITE Architecture
Domain knowledge expressed in structured citation formats can be exploited in data mining. We propose four structural properties of canonically cited texts, then look at to two classic problems in the study of the scholia, or ancient scholarly commentary, found in the manuscripts of the Iliad. We cluster citations of scholia to analyze their distribution in different manuscripts; this leads to a revised view of how the manuscripts\u27 scribes drew on their source material. Correlated frequencies of named entities suggest that one group of manuscripts had access to material more closely based on the work of the greatest Hellenistic editor of Homer, Aristarchus of Samothrace
BGrep and BDiff: UNIX Tools for High-Level Languages
The rise in high-level languages for system administrators requires us to rethink traditional UNIX tools designed for these older data formats. We propose new block-oriented tools, bgrep and bdiff, operating on syntactic blocks of code rather than the line, the traditional information container of UNIX. Transcending the line number allows us to introduce longitudinal diff, a mode of bdiff that lets us track changes across arbitrary blocks of code. We present a detailed implementation roadmap and evaluation framework for the full version of this paper. In addition we demonstrate how the design of our tools already addresses several real-wold problems faced by network administrators to maintain security policy
Beyond SELinux: the Case for Behavior-Based Policy and Trust Languages
Despite the availability of powerful mechanisms for security policy and access control, real-world information security practitioners---both developers and security officers---still find themselves in need of something more. We believe that this is the case because available policy languages do not provide clear and intelligible ways to allow developers to communicate their knowledge and expectations of trustworthy behaviors and actual application requirements to IT administrators. We work to address this policy engineering gap by shifting the focus of policy language design to this communication via behavior-based policies and their motivating scenarios
An Actor-Centric, Asset-Based Monitor Deployment Model for Cloud Computing
Effective monitoring is essential for the security of cloud systems. Although many monitoring tools exist in the cloud domain, there is little guidance on how to deploy monitors to make the most of collected monitor data and increase the likelihood of detecting breaches of security. We introduce an actor-centric, asset-based monitor deployment model for the cloud that enables practitioners to reason about monitor deployment in terms of the security of the cloud assets that they own. We define an actor model that consolidates several roles in the literature to three roles that are motivated by security. We then develop an architectural model that identifies the assets that can be owned by each of those actors, and use it to drive an asset-based cloud threat model. Using our threat model, we claim that a cloud practitioner can reason about monitor deployment to more efficiently deploy monitors and increase its chances of detecting intrusions. We demonstrate the utility of our model with a cloud scenario based on Netflixâs use of Amazon Web Services.Air Force Research Laboratory & Air Force Office of Scientific Research/FA8750-11-2-0084Ope
Visualization of membrane loss during the shrinkage of giant vesicles under electropulsation
We study the effect of permeabilizing electric fields applied to two
different types of giant unilamellar vesicles, the first formed from EggPC
lipids and the second formed from DOPC lipids. Experiments on vesicles of both
lipid types show a decrease in vesicle radius which is interpreted as being due
to lipid loss during the permeabilization process. We show that the decrease in
size can be qualitatively explained as a loss of lipid area which is
proportional to the area of the vesicle which is permeabilized. Three possible
mechanisms responsible for lipid loss were directly observed: pore formation,
vesicle formation and tubule formation.Comment: Final published versio
The Link Between the Hidden Broad Line Region and the Accretion Rate in Seyfert 2 Galaxies
In the past few years more and more pieces of evidence have been presented
for a revision of the widely accepted Unified Model of Active Galactic Nuclei.
A model based solely on orientation cannot explain all the observed
phenomenology. In the following, we will present evidence that accretion rate
is also a key parameter for the presence of Hidden Broad Line Regions in
Seyfert 2 galaxies. Our sample consists of 21 sources with polarized Hidden
Broad Lines and 18 sources without Hidden Broad Lines. We use stellar velocity
dispersions from several studies on the CaII and Mg b triplets in Seyfert 2
galaxies, to estimate the mass of the central black holes via the
Mbh-{\sigma}\ast relation. The ratio between the bolometric luminosity, derived
from the intrinsic (i.e. unabsorbed) X-ray luminosity, and the Eddington
luminosity is a measure of the rate at which matter accretes onto the central
supermassive black hole. A separation between Compton-thin HBLR and non-HBLR
sources is clear, both in accretion rate (log Lbol/LEdd = -1.9) and in
luminosity (log Lbol = 43.90). When, properly luminosity-corrected,
Compton-thick sources are included, the separation between HBLR and non-HBLR is
less sharp but no HBLR source falls below the Eddington ratio threshold. We
speculate that non-HBLR Compton-thick sources with accretion rate higher than
the threshold, do possess a BLR, but something, probably related to their heavy
absorption, is preventing us from observing it even in polarized light. Our
results for Compton-thin sources support theoretical expectations. In a model
presented by Nicastro (2000), the presence of broad emission lines is
intrinsically connected with disk instabilities occuring in proximity of a
transition radius, which is a function of the accretion rate, becoming smaller
than the innermost stable orbit for very low accretion rates and therefore
luminosities.Comment: 23 pages, 4 figure
The archival discovery of a strong Lyman- and [CII] emitter at z = 7.677
We report the archival discovery of Lyman- emission from the bright
ultraviolet galaxy Y002 at , spectroscopically confirmed by its
ionized carbon [CII] 158m emission line. The Ly line is spatially
associated with the rest-frame UV stellar emission (~-22, 2x
brighter than ) and it appears offset from the peak of the
extended [CII] emission at the current ~1" spatial resolution. We derive an
estimate of the unobscured SFR(UV)= yr and set an
upper limit of SFR(IR) yr from the far-infrared wavelength
range, which globally place Y002 on the SFR(UV+IR)-L([CII]) correlation
observed at lower redshifts. In terms of velocity, the peak of the Ly
emission is redshifted by (Ly)~500 km s from the
systemic redshift set by [CII] and a high-velocity tail extends to up to ~1000
km s. The velocity offset is up to ~3.5x higher than the average
estimate for similarly UV-bright emitters at z~6-7, which might suggest that we
are witnessing the merging of two clumps. A combination of strong outflows and
the possible presence of an extended ionized bubble surrounding Y002 would
likely facilitate the escape of copious Ly light, as indicated by the
large equivalent width EW(Ly)= \r{A}. Assuming that [CII]
traces the neutral hydrogen, we estimate a HI gas fraction of for Y002 as a system and speculate that patches of high
HI column densities could contribute to explain the observed spatial offsets
between Ly and [CII] emitting regions. The low dust content, implied by
the non-detection of the far-infrared continuum emission at rest-frame ~160
m, would be sufficient to absorb any potential Ly photons produced
within the [CII] clump as a result of large HI column densities.Comment: 10 pages, 4 figures. Accepted for publication in The Astrophysical
Journal Letter
- âŠ