BP-XACML: An authorisation policy language for business processes

XACML has become the defacto standard for enterprise- wide, policy-based access control. It is a structured, extensible language that can express and enforce complex access control policies. There have been several efforts to extend XACML to support specific authorisation models, such as the OASIS RBAC profile to support Role Based Access Control. A number of proposals for authorisation models that support business processes and workflow systems have also appeared in the literature. However, there is no published work describing an extension to allow XACML to be used as a policy language with these models. This paper analyses the specific requirements of a policy language to express and enforce business process authorisation policies. It then introduces BP-XACML, a new profile that extends the RBAC profile for XACML so it can support business process authorisation policies. In particular, BP-XACML supports the notion of tasks, and constraints at the level of a task instance, which are important requirements in enforcing business process authorisation policies.

Formal modelling and analysis of DNP3 secure authentication

Supervisory Control and Data Acquisition (SCADA) systems are one of the key foundations of smart grids. The Distributed Network Protocol version 3 (DNP3) is a standard SCADA protocol designed to facilitate communications in substations and smart grid nodes. The protocol is embedded with a security mechanism called Secure Authentication (DNP3-SA). This mechanism ensures that end-to-end communication security is provided in substations. This paper presents a formal model for the behavioural analysis of DNP3-SA using Coloured Petri Nets (CPN). Our DNP3-SA CPN model is capable of testing and verifying various attack scenarios: modification, replay and spoofing, combined complex attack and mitigation strategies. Using the model has revealed a previously unidentified flaw in the DNP3-SA protocol that can be exploited by an attacker that has access to the network interconnecting DNP3 devices. An attacker can launch a successful attack on an outstation without possessing the pre-shared keys by replaying a previously authenticated command with arbitrary parameters. We propose an update to the DNP3-SA protocol that removes the flaw and prevents such attacks. The update is validated and verified using our CPN model proving the effectiveness of the model and importance of the formal protocol analysis.

Modelling ciphersuite and version negotiation in the TLS protocol

Real-world cryptographic protocols such as the widely used Transport Layer Security (TLS) protocol support many different combinations of cryptographic algorithms (called ciphersuites) and simultaneously support different versions. Recent advances in provable security have shown that most modern TLS ciphersuites are secure authenticated and confidential channel establishment (ACCE) protocols, but these analyses generally focus on single ciphersuites in isolation. In this paper we extend the ACCE model to cover protocols with many different sub-protocols, capturing both multiple ciphersuites and multiple versions, and define a security notion for secure negotiation of the optimal sub-protocol. We give a generic theorem that shows how secure negotiation follows, with some additional conditions, from the authentication property of secure ACCE protocols. Using this framework, we analyse the security of ciphersuite and three variants of version negotiation in TLS, including a recently proposed mechanism for detecting fallback attacks.

Impulsivity-related cognition in alcohol dependence: Is it moderated by DRD2/ANKK1 gene status and executive dysfunction?

Perceived impaired control over alcohol use is a key cognitive construct in alcohol dependence that has been related prospectively to treatment outcome and may mediate the risk for problem drinking conveyed by impulsivity in non-dependent drinkers. The aim of the current study was to investigate whether perceived impaired control may mediate the association between impulsivity-related measures (derived from the Short-form Eysenck Personality Questionnaire-Revised) and alcohol-dependence severity in alcohol-dependent drinkers. Furthermore, the extent to which this hypothesized relationship was moderated by genetic risk (Taq1A polymorphism in the DRD2/ANKK1 gene cluster) and verbal fluency as an indicator of executive cognitive ability (Controlled Oral Word Association Test) was also examined. A sample of 143 alcohol-dependent inpatients provided an extensive clinical history of their alcohol use, gave 10ml of blood for DNA analysis, and completed self-report measures relating to impulsivity, impaired control and severity of dependence. As hypothesized, perceived impaired control (partially) mediated the association between impulsivity-related measures and alcohol-dependence severity. This relationship was not moderated by the DRD2/ANKK1 polymorphism or verbal fluency. These results suggest that, in alcohol dependence, perceived impaired control is a cognitive mediator of impulsivity-related constructs that may be unaffected by DRD2/ANKK1 and neurocognitive processes underlying the retrieval of verbal information

Security issues for future intelligent transport systems

Cooperative Intelligent Transportation Systems (C-ITS) allow in-vehicle systems, and ultimately the driver, to enhance their awareness of their surroundings by enabling communication between vehicles and road infrastructure. C-ITS are widely considered as the next major step in driving assistance systems, aiming at increasing safety, comfort and mobility for drivers. However, any communicating systems are subjected to security threats. A key component for providing secure communications at a large scale is a Public Key Infrastructure (PKI). Due to the safety-critical nature of Vehicle-to-Vehicle (V2V) communications, a C-ITS PKI has functional, performance and scalability requirements that differ from traditional non-automotive environments. This paper identifies and defines the key functional and security requirements for C-ITS PKI systems and analyses proposed C-ITS PKI standards against these requirements. In particular, the proposed US and European C-ITS PKI systems are identified as being too complex and not scalable. The paper also highlights various privacy, security and scalability concerns that should be considered for a secure C-ITS PKI solution in the Australian transport landscape.

Reduction in arterial wall strain with aggressive lipid-lowering therapy in patients with carotid artery disease

Background: Inflammation and biomechanical factors have been associated with the development of vulnerable atherosclerotic plaques. Lipid-lowering therapy has been shown to be effective in stabilizing them by reducing plaque inflammation. Its effect on arterial wall strain, however, remains unknown. The aim of the present study was to investigate the role of high- and low-dose lipid-lowering therapy using an HMG-CoA reductase inhibitor, atorvastatin, on arterial wall strain. Methods and Results: Forty patients with carotid stenosis >40% were successfully followed up during the Atorvastatin Therapy: Effects on Reduction Of Macrophage Activity (ATHEROMA; ISRCTN64894118) Trial. All patients had plaque inflammation as shown by intraplaque accumulation of ultrasmall super paramagnetic particles of iron oxide on magnetic resonance imaging at baseline. Structural analysis was performed and change of strain was compared between high- and low-dose statin at 0 and 12 weeks. There was no significant difference in strain between the 2 groups at baseline (P=0.6). At 12 weeks, the maximum strain was significantly lower in the 80-mg group than in the 10-mg group (0.085±0.033 vs. 0.169±0.084; P=0.001). A significant reduction (26%) of maximum strain was observed in the 80-mg group at 12 weeks (0.018±0.02; P=0.01). Conclusions: Aggressive lipid-lowering therapy is associated with a significant reduction in arterial wall strain. The reduction in biomechanical strain may be associated with reductions in plaque inflammatory burden.

A large-scale analysis of genetic variants within putative miRNA binding sites in prostate cancer

Prostate cancer is the second most common malignancy among men worldwide. Genome-wide association studies have identified 100 risk variants for prostate cancer, which can explain approximately 33% of the familial risk of the disease. We hypothesized that a comprehensive analysis of genetic variations found within the 3' untranslated region of genes predicted to affect miRNA binding (miRSNP) can identify additional prostate cancer risk variants. We investigated the association between 2,169 miRSNPs and prostate cancer risk in a large-scale analysis of 22,301 cases and 22,320 controls of European ancestry from 23 participating studies. Twenty-two miRSNPs were associated (P<2.3×10(-5)) with risk of prostate cancer, 10 of which were within 7 genes previously not mapped by GWAS studies. Further, using miRNA mimics and reporter gene assays, we showed that miR-3162-5p has specific affinity for the KLK3 rs1058205 miRSNP T-allele, whereas miR-370 has greater affinity for the VAMP8 rs1010 miRSNP A-allele, validating their functional role. SIGNIFICANCE Findings from this large association study suggest that a focus on miRSNPs, including functional evaluation, can identify candidate risk loci below currently accepted statistical levels of genome-wide significance. Studies of miRNAs and their interactions with SNPs could provide further insights into the mechanisms of prostate cancer risk.

DNP3 network scanning and reconnaissance for critical infrastructure

The Distributed Network Protocol v3.0 (DNP3) is one of the most widely used protocols to control national infrastructure. The move from point-to-point serial connections to Ethernet-based network architectures, allowing for large and complex critical infrastructure networks. However, networks and con- figurations change, thus auditing tools are needed to aid in critical infrastructure network discovery. In this paper we present a series of intrusive techniques used for reconnaissance on DNP3 critical infrastructure. Our algorithms will discover DNP3 outstation slaves along with their DNP3 addresses, their corresponding master, and class object configurations. To validate our presented DNP3 reconnaissance algorithms and demonstrate it’s practicality, we present an implementation of a software tool using a DNP3 plug-in for Scapy. Our implementation validates the utility of our DNP3 reconnaissance technique. Our presented techniques will be useful for penetration testing, vulnerability assessments and DNP3 network discovery.

Automated feature engineering for HTTP tunnel detection

Generating discriminative input features is a key requirement for achieving highly accurate classifiers. The process of generating features from raw data is known as feature engineering and it can take significant manual effort. In this paper we propose automated feature engineering to derive a suite of additional features from a given set of basic features with the aim of both improving classifier accuracy through discriminative features, and to assist data scientists through automation. Our implementation is specific to HTTP computer network traffic. To measure the effectiveness of our proposal, we compare the performance of a supervised machine learning classifier built with automated feature engineering versus one using human-guided features. The classifier addresses a problem in computer network security, namely the detection of HTTP tunnels. We use Bro to process network traffic into base features and then apply automated feature engineering to calculate a larger set of derived features. The derived features are calculated without favour to any base feature and include entropy, length and N-grams for all string features, and counts and averages over time for all numeric features. Feature selection is then used to find the most relevant subset of these features. Testing showed that both classifiers achieved a detection rate above 99.93% at a false positive rate below 0.01%. For our datasets, we conclude that automated feature engineering can provide the advantages of increasing classifier development speed and reducing development technical difficulties through the removal of manual feature engineering. These are achieved while also maintaining classification accuracy.

A survey and analysis of the GNSS spoofing threat and countermeasures

Detection and prevention of global network satellite system (GNSS) “spoofing” attacks, or the broadcast of false global navigation satellite system services, has recently attracted much research interest. This survey aims to fill three gaps in the literature: first, to assess in detail the exact nature of threat scenarios posed by spoofing against the most commonly cited targets; second, to investigate the many practical impediments, often underplayed, to carrying out GNSS spoofing attacks in the field; and third, to survey and assess the effectiveness of a wide range of proposed defences against GNSS spoofing. Our conclusion lists promising areas of future research.

Revocation and update of trust in autonomous delay tolerant networks

A Delay Tolerant Network (DTN) is a dynamic, fragmented, and ephemeral network formed by a large number of highly mobile nodes. DTNs are ephemeral networks with highly mobile autonomous nodes. This requires distributed and self-organised approaches to trust management. Revocation and replacement of security credentials under adversarial influence by preserving the trust on the entity is still an open problem. Existing methods are mostly limited to detection and removal of malicious nodes. This paper makes use of the mobility property to provide a distributed, self-organising, and scalable revocation and replacement scheme. The proposed scheme effectively utilises the Leverage of Common Friends (LCF) trust system concepts to revoke compromised security credentials, replace them with new ones, whilst preserving the trust on them. The level of achieved entity confidence is thereby preserved. Security and performance of the proposed scheme is evaluated using an experimental data set in comparison with other schemes based around the LCF concept. Our extensive experimental results show that the proposed scheme distributes replacement credentials up to 35% faster and spreads spoofed credentials of strong collaborating adversaries up to 50% slower without causing any significant increase on the communication and storage overheads, when compared to other LCF based schemes.

Tumour islet Foxp3+ T-cell infiltration predicts poor outcome in nonsmall cell lung cancer

The impact of host immunity on outcome in nonsmall cell lung cancer (NSCLC) is controversial. We examined the relationship between lymphoid infiltration patterns in NSCLC and prognosis. Tumour- and stroma-infiltrating CD3+, CD8+ and forkhead box P3 (Foxp3)+ T-lymphocytes were identified using immunohistochemistry and a novel image analysis algorithm to assess total, cytotoxic and regulatory T-lymphocyte counts, respectively, in 196 NSCLC cases. The median cell count was selected as a cut-point to define patient subgroups and the ratio of the corresponding tumour islet:stroma (TI/S) counts was determined. There was a positive association between overall survival and increased CD8+ TI/S ratio (hazard ratio (HR) for death 0.44, p<0.001) but an inverse relationship between Foxp3+ TI/S ratio and overall survival (HR 4.86, p<0.001). Patients with high CD8+ islet (HR 0.48, p<0.001) and Foxp3+ stromal (HR 0.23, p<0.001) counts had better survival, whereas high CD3+ and CD8+ stromal counts and high Foxp3+ islet infiltration conferred a worse survival (HR 1.55, 2.19 and 3.14, respectively). By multivariate analysis, a high CD8+ TI/S ratio conferred an improved survival (HR 0.48, p=0.002) but a high Foxp3+ TI/S ratio was associated with worse survival (HR 3.91, p<0.001). Microlocalisation of infiltrating T-lymphocytes is a powerful predictor of outcome in resected NSCLC.