Insider threats: the major challenge to security risk management

Security risk management is by definition, a subjective and complex exercise and it takes time to perform properly. Human resources are fundamental assets for any organization, and as any other asset, they have inherent vulnerabilities that need to be handled, i.e. managed and assessed. However, the nature that characterize the human behavior and the organizational environment where they develop their work turn these task extremely difficult, hard to accomplish and prone to errors. Assuming security as a cost, organizations are usually focused on the efficiency of the security mechanisms implemented that enable them to protect against external attacks, disregarding the insider risks, which are much more difficult to assess. All these demands an interdisciplinary approach in order to combine technical solutions with psychology approaches in order to understand the organizational staff and detect any changes in their behaviors and characteristics. This paper intends to discuss some methodological challenges to evaluate the insider threats and its impacts, and integrate them in a security risk framework, that was defined according to the security standard ISO/IEC_JTC1, to support the security risk management process.

Design of a case-based reasoner for information security in military organizations

Information security is concerned with the protection of information, which can be stored, processed or transmitted within critical information systems of the organizations, against loss of confidentiality, integrity or availability. Protection measures to prevent these problems result through the implementation of controls at several dimensions: technical, administrative or physical. A vital objective for military organizations is to ensure superiority in contexts of information warfare and competitive intelligence. Therefore, the problem of information security in military organizations has been a topic of intensive work at both national and transnational levels, and extensive conceptual and standardization work is being produced. A current effort is therefore to develop automated decision support systems to assist military decision makers, at different levels in the command chain, to provide suitable control measures that can effectively deal with potential attacks and, at the same time, prevent, detect and contain vulnerabilities targeted at their information systems. The concept and processes of the Case-Based Reasoning (CBR) methodology outstandingly resembles classical military processes and doctrine, in particular the analysis of “lessons learned” and definition of “modes of action”. Therefore, the present paper addresses the modeling and design of a CBR system with two key objectives: to support an effective response in context of information security for military organizations; to allow for scenario planning and analysis for training and auditing processes.

Improvement of in silico strain engineering methods in Saccharomyces cerevisiae

PhD thesis in Bioengineering

Benefits from energy related building renovation beyond costs, energy and emissions

The relevance of the building sector in the global energy use as well as in the global carbon emissions, both in the developed and developing countries, makes the improvement of the overall energy performance of existing buildings an important part of the actions to mitigate climate changes. Regardless of this potential for energy and emissions saving, large scale building renovation has been found hard to trigger, mainly because present standards are mainly focused on new buildings, not responding effectively to the numerous technical, functional and economic constraints of the existing ones. One of the common problems in the assessment of building renovation scenarios is that only energy savings and costs are normally considered, despite the fact that it has been long recognized that investment on energy efficiency and low carbon technologies yield several benefits beyond the value of saved energy which can be as important as the energy cost savings process. Based on the analysis of significant literature and several case studies, the relevance of co-benefits achieved in the renovation process is highlighted. These benefits can be felt at the building level by the owner or user (like increased user comfort, fewer problems with building physics, improved aesthetics) and should therefore be considered in the definition of the renovation measures, but also at the level of the society as a whole (like health effects, job creation, energy security, impact on climate change), and from this perspective, policy makers must be aware of the possible crossed impacts among different areas of the society for the development of public policies.

Narrative innovations predict symptom improvement: Studying innovative moments in narrative therapy of depression

Objective:Innovative moments (IMs) are moments in the therapeutic dialog that constitute exceptions toward the client's problems. These narrative markers of meaning transformation are associated with change in different models of therapy and diverse diagnoses. Our goal is to test if IMs precede symptoms change, or, on the contrary, are a mere consequence of symptomatic 15 change. Method: For this purpose, IMs and symptomatology (Outcome Questionnaire-10.2) were assessed at every session in a sample of 10 cases of narrative therapy for depression. Hierarchical linear modeling was conducted to explore whether (i) IMs in a given session predict patients' symptoms in the following session and/or (ii) symptoms in a given session predict IMs in the next session. Results: Results suggested that IMs are better predictors of symptoms than the reverse. Conclusions: These results are discussed considering the contribution of meanings and narrative processes' changes to symptomatic improvement.

Biotechnological approaches for yield improvement of anticancer alkaloids in the plant Catharanthus roseus

Dissertação de mestrado em Biologia Molecular, Biotecnologia e Bioempreendedorismo em Plantas

Estudo comparativo entre indicadores de desempenho da JCI e do Contrato Programa Cirurgia Segura

Dissertação de mestrado em Engenharia e Gestão da Qualidade

ADSNARK: Nearly practical and privacy-preserving proofs on authenticated data

We study the problem of privacy-preserving proofs on authenticated data, where a party receives data from a trusted source and is requested to prove computations over the data to third parties in a correct and private way, i.e., the third party learns no information on the data but is still assured that the claimed proof is valid. Our work particularly focuses on the challenging requirement that the third party should be able to verify the validity with respect to the specific data authenticated by the source — even without having access to that source. This problem is motivated by various scenarios emerging from several application areas such as wearable computing, smart metering, or general business-to-business interactions. Furthermore, these applications also demand any meaningful solution to satisfy additional properties related to usability and scalability. In this paper, we formalize the above three-party model, discuss concrete application scenarios, and then we design, build, and evaluate ADSNARK, a nearly practical system for proving arbitrary computations over authenticated data in a privacy-preserving manner. ADSNARK improves significantly over state-of-the-art solutions for this model. For instance, compared to corresponding solutions based on Pinocchio (Oakland’13), ADSNARK achieves up to 25× improvement in proof-computation time and a 20× reduction in prover storage space.

Citric acid production by Y. lipolytica W29 from crude glycerol: strain improvement by mutagenesis

[Excerpt] Citric acid, an important and versatile organic acid extensively used in several industries, is originally produced by Aspergillus niger in submerged fermentation from molasses [1]. However, Yarrowia lipolytica have been studied and demonstrate a great potential as citric acid producer from several carbon sources [1–5] including crude glycerol, a low cost byproduct from the biodiesel industry [6]. The simultaneous production of the isomer isocitric acid is the major problem in using this yeast in the citric acid production. (...)

Psychological approach to endometriosis: Women's pain experience and quality of life improvement

Endometriosis is a chronic condition affecting 10 to15% of women in childbearing age. Understanding the impact of this disease on women’s well-being is still a challenge, namely to intervene. Pain is the most current and troublesome symptom. Although medical treatments for pain relief are effective, recurrence rate remains significant, calling for a better understanding and development of new approaches for pain management. A group Cognitive Behavioral Therapy (CBT) for management of associated co-morbidities is suggested, paying special attention to Chronic Pelvic Pain (CPP). CBT design can be grounded on information collected from focus groups and a one-group exploratory trial. Evaluation of therapy effectiveness is possible to be performed by comparing group CBT to Usual Care (UC) and Support Group (SG) in a randomized controlled trial. Research in this area could represent an important step in providing a solution to the management of endometriosis and, to the best of our knowledge, the first national psychological approach for its understanding and treatment.