A randomised controlled clinical trial and gait analysis of fixed- and mobile-bearing total knee replacements with a five-year follow-up.

This study compared the outcome of total knee replacement (TKR) in adult patients with fixed- and mobile-bearing prostheses during the first post-operative year and at five years' follow-up, using gait parameters as a new objective measure. This double-blind randomised controlled clinical trial included 55 patients with mobile-bearing (n = 26) and fixed-bearing (n = 29) prostheses of the same design, evaluated pre-operatively and post-operatively at six weeks, three months, six months, one year and five years. Each participant undertook two walking trials of 30 m and completed the EuroQol questionnaire, Western Ontario and McMaster Universities osteoarthritis index, Knee Society score, and visual analogue scales for pain and stiffness. Gait analysis was performed using five miniature angular rate sensors mounted on the trunk (sacrum), each thigh and calf. The study population was divided into two groups according to age (≤ 70 years versus > 70 years). Improvements in most gait parameters at five years' follow-up were greater for fixed-bearing TKRs in older patients (> 70 years), and greater for mobile-bearing TKRs in younger patients (≤ 70 years). These findings should be confirmed by an extended age controlled study, as the ideal choice of prosthesis might depend on the age of the patient at the time of surgery.

An assurance-based model to holistically assess the information security posture

EXECUTIVE SUMMARY : Evaluating Information Security Posture within an organization is becoming a very complex task. Currently, the evaluation and assessment of Information Security are commonly performed using frameworks, methodologies and standards which often consider the various aspects of security independently. Unfortunately this is ineffective because it does not take into consideration the necessity of having a global and systemic multidimensional approach to Information Security evaluation. At the same time the overall security level is globally considered to be only as strong as its weakest link. This thesis proposes a model aiming to holistically assess all dimensions of security in order to minimize the likelihood that a given threat will exploit the weakest link. A formalized structure taking into account all security elements is presented; this is based on a methodological evaluation framework in which Information Security is evaluated from a global perspective. This dissertation is divided into three parts. Part One: Information Security Evaluation issues consists of four chapters. Chapter 1 is an introduction to the purpose of this research purpose and the Model that will be proposed. In this chapter we raise some questions with respect to "traditional evaluation methods" as well as identifying the principal elements to be addressed in this direction. Then we introduce the baseline attributes of our model and set out the expected result of evaluations according to our model. Chapter 2 is focused on the definition of Information Security to be used as a reference point for our evaluation model. The inherent concepts of the contents of a holistic and baseline Information Security Program are defined. Based on this, the most common roots-of-trust in Information Security are identified. Chapter 3 focuses on an analysis of the difference and the relationship between the concepts of Information Risk and Security Management. Comparing these two concepts allows us to identify the most relevant elements to be included within our evaluation model, while clearing situating these two notions within a defined framework is of the utmost importance for the results that will be obtained from the evaluation process. Chapter 4 sets out our evaluation model and the way it addresses issues relating to the evaluation of Information Security. Within this Chapter the underlying concepts of assurance and trust are discussed. Based on these two concepts, the structure of the model is developed in order to provide an assurance related platform as well as three evaluation attributes: "assurance structure", "quality issues", and "requirements achievement". Issues relating to each of these evaluation attributes are analysed with reference to sources such as methodologies, standards and published research papers. Then the operation of the model is discussed. Assurance levels, quality levels and maturity levels are defined in order to perform the evaluation according to the model. Part Two: Implementation of the Information Security Assurance Assessment Model (ISAAM) according to the Information Security Domains consists of four chapters. This is the section where our evaluation model is put into a welldefined context with respect to the four pre-defined Information Security dimensions: the Organizational dimension, Functional dimension, Human dimension, and Legal dimension. Each Information Security dimension is discussed in a separate chapter. For each dimension, the following two-phase evaluation path is followed. The first phase concerns the identification of the elements which will constitute the basis of the evaluation: ? Identification of the key elements within the dimension; ? Identification of the Focus Areas for each dimension, consisting of the security issues identified for each dimension; ? Identification of the Specific Factors for each dimension, consisting of the security measures or control addressing the security issues identified for each dimension. The second phase concerns the evaluation of each Information Security dimension by: ? The implementation of the evaluation model, based on the elements identified for each dimension within the first phase, by identifying the security tasks, processes, procedures, and actions that should have been performed by the organization to reach the desired level of protection; ? The maturity model for each dimension as a basis for reliance on security. For each dimension we propose a generic maturity model that could be used by every organization in order to define its own security requirements. Part three of this dissertation contains the Final Remarks, Supporting Resources and Annexes. With reference to the objectives of our thesis, the Final Remarks briefly analyse whether these objectives were achieved and suggest directions for future related research. Supporting resources comprise the bibliographic resources that were used to elaborate and justify our approach. Annexes include all the relevant topics identified within the literature to illustrate certain aspects of our approach. Our Information Security evaluation model is based on and integrates different Information Security best practices, standards, methodologies and research expertise which can be combined in order to define an reliable categorization of Information Security. After the definition of terms and requirements, an evaluation process should be performed in order to obtain evidence that the Information Security within the organization in question is adequately managed. We have specifically integrated into our model the most useful elements of these sources of information in order to provide a generic model able to be implemented in all kinds of organizations. The value added by our evaluation model is that it is easy to implement and operate and answers concrete needs in terms of reliance upon an efficient and dynamic evaluation tool through a coherent evaluation system. On that basis, our model could be implemented internally within organizations, allowing them to govern better their Information Security. RÉSUMÉ : Contexte général de la thèse L'évaluation de la sécurité en général, et plus particulièrement, celle de la sécurité de l'information, est devenue pour les organisations non seulement une mission cruciale à réaliser, mais aussi de plus en plus complexe. A l'heure actuelle, cette évaluation se base principalement sur des méthodologies, des bonnes pratiques, des normes ou des standards qui appréhendent séparément les différents aspects qui composent la sécurité de l'information. Nous pensons que cette manière d'évaluer la sécurité est inefficiente, car elle ne tient pas compte de l'interaction des différentes dimensions et composantes de la sécurité entre elles, bien qu'il soit admis depuis longtemps que le niveau de sécurité globale d'une organisation est toujours celui du maillon le plus faible de la chaîne sécuritaire. Nous avons identifié le besoin d'une approche globale, intégrée, systémique et multidimensionnelle de l'évaluation de la sécurité de l'information. En effet, et c'est le point de départ de notre thèse, nous démontrons que seule une prise en compte globale de la sécurité permettra de répondre aux exigences de sécurité optimale ainsi qu'aux besoins de protection spécifiques d'une organisation. Ainsi, notre thèse propose un nouveau paradigme d'évaluation de la sécurité afin de satisfaire aux besoins d'efficacité et d'efficience d'une organisation donnée. Nous proposons alors un modèle qui vise à évaluer d'une manière holistique toutes les dimensions de la sécurité, afin de minimiser la probabilité qu'une menace potentielle puisse exploiter des vulnérabilités et engendrer des dommages directs ou indirects. Ce modèle se base sur une structure formalisée qui prend en compte tous les éléments d'un système ou programme de sécurité. Ainsi, nous proposons un cadre méthodologique d'évaluation qui considère la sécurité de l'information à partir d'une perspective globale. Structure de la thèse et thèmes abordés Notre document est structuré en trois parties. La première intitulée : « La problématique de l'évaluation de la sécurité de l'information » est composée de quatre chapitres. Le chapitre 1 introduit l'objet de la recherche ainsi que les concepts de base du modèle d'évaluation proposé. La maniéré traditionnelle de l'évaluation de la sécurité fait l'objet d'une analyse critique pour identifier les éléments principaux et invariants à prendre en compte dans notre approche holistique. Les éléments de base de notre modèle d'évaluation ainsi que son fonctionnement attendu sont ensuite présentés pour pouvoir tracer les résultats attendus de ce modèle. Le chapitre 2 se focalise sur la définition de la notion de Sécurité de l'Information. Il ne s'agit pas d'une redéfinition de la notion de la sécurité, mais d'une mise en perspectives des dimensions, critères, indicateurs à utiliser comme base de référence, afin de déterminer l'objet de l'évaluation qui sera utilisé tout au long de notre travail. Les concepts inhérents de ce qui constitue le caractère holistique de la sécurité ainsi que les éléments constitutifs d'un niveau de référence de sécurité sont définis en conséquence. Ceci permet d'identifier ceux que nous avons dénommés « les racines de confiance ». Le chapitre 3 présente et analyse la différence et les relations qui existent entre les processus de la Gestion des Risques et de la Gestion de la Sécurité, afin d'identifier les éléments constitutifs du cadre de protection à inclure dans notre modèle d'évaluation. Le chapitre 4 est consacré à la présentation de notre modèle d'évaluation Information Security Assurance Assessment Model (ISAAM) et la manière dont il répond aux exigences de l'évaluation telle que nous les avons préalablement présentées. Dans ce chapitre les concepts sous-jacents relatifs aux notions d'assurance et de confiance sont analysés. En se basant sur ces deux concepts, la structure du modèle d'évaluation est développée pour obtenir une plateforme qui offre un certain niveau de garantie en s'appuyant sur trois attributs d'évaluation, à savoir : « la structure de confiance », « la qualité du processus », et « la réalisation des exigences et des objectifs ». Les problématiques liées à chacun de ces attributs d'évaluation sont analysées en se basant sur l'état de l'art de la recherche et de la littérature, sur les différentes méthodes existantes ainsi que sur les normes et les standards les plus courants dans le domaine de la sécurité. Sur cette base, trois différents niveaux d'évaluation sont construits, à savoir : le niveau d'assurance, le niveau de qualité et le niveau de maturité qui constituent la base de l'évaluation de l'état global de la sécurité d'une organisation. La deuxième partie: « L'application du Modèle d'évaluation de l'assurance de la sécurité de l'information par domaine de sécurité » est elle aussi composée de quatre chapitres. Le modèle d'évaluation déjà construit et analysé est, dans cette partie, mis dans un contexte spécifique selon les quatre dimensions prédéfinies de sécurité qui sont: la dimension Organisationnelle, la dimension Fonctionnelle, la dimension Humaine, et la dimension Légale. Chacune de ces dimensions et son évaluation spécifique fait l'objet d'un chapitre distinct. Pour chacune des dimensions, une évaluation en deux phases est construite comme suit. La première phase concerne l'identification des éléments qui constituent la base de l'évaluation: ? Identification des éléments clés de l'évaluation ; ? Identification des « Focus Area » pour chaque dimension qui représentent les problématiques se trouvant dans la dimension ; ? Identification des « Specific Factors » pour chaque Focus Area qui représentent les mesures de sécurité et de contrôle qui contribuent à résoudre ou à diminuer les impacts des risques. La deuxième phase concerne l'évaluation de chaque dimension précédemment présentées. Elle est constituée d'une part, de l'implémentation du modèle général d'évaluation à la dimension concernée en : ? Se basant sur les éléments spécifiés lors de la première phase ; ? Identifiant les taches sécuritaires spécifiques, les processus, les procédures qui auraient dû être effectués pour atteindre le niveau de protection souhaité. D'autre part, l'évaluation de chaque dimension est complétée par la proposition d'un modèle de maturité spécifique à chaque dimension, qui est à considérer comme une base de référence pour le niveau global de sécurité. Pour chaque dimension nous proposons un modèle de maturité générique qui peut être utilisé par chaque organisation, afin de spécifier ses propres exigences en matière de sécurité. Cela constitue une innovation dans le domaine de l'évaluation, que nous justifions pour chaque dimension et dont nous mettons systématiquement en avant la plus value apportée. La troisième partie de notre document est relative à la validation globale de notre proposition et contient en guise de conclusion, une mise en perspective critique de notre travail et des remarques finales. Cette dernière partie est complétée par une bibliographie et des annexes. Notre modèle d'évaluation de la sécurité intègre et se base sur de nombreuses sources d'expertise, telles que les bonnes pratiques, les normes, les standards, les méthodes et l'expertise de la recherche scientifique du domaine. Notre proposition constructive répond à un véritable problème non encore résolu, auquel doivent faire face toutes les organisations, indépendamment de la taille et du profil. Cela permettrait à ces dernières de spécifier leurs exigences particulières en matière du niveau de sécurité à satisfaire, d'instancier un processus d'évaluation spécifique à leurs besoins afin qu'elles puissent s'assurer que leur sécurité de l'information soit gérée d'une manière appropriée, offrant ainsi un certain niveau de confiance dans le degré de protection fourni. Nous avons intégré dans notre modèle le meilleur du savoir faire, de l'expérience et de l'expertise disponible actuellement au niveau international, dans le but de fournir un modèle d'évaluation simple, générique et applicable à un grand nombre d'organisations publiques ou privées. La valeur ajoutée de notre modèle d'évaluation réside précisément dans le fait qu'il est suffisamment générique et facile à implémenter tout en apportant des réponses sur les besoins concrets des organisations. Ainsi notre proposition constitue un outil d'évaluation fiable, efficient et dynamique découlant d'une approche d'évaluation cohérente. De ce fait, notre système d'évaluation peut être implémenté à l'interne par l'entreprise elle-même, sans recourir à des ressources supplémentaires et lui donne également ainsi la possibilité de mieux gouverner sa sécurité de l'information.

Ultra high performance supercritical fluid chromatography coupled with tandem mass spectrometry for screening of doping agents. I: Investigation of mobile phase and MS conditions.

The conditions for the analysis of selected doping substances by UHPSFC-MS/MS were optimized to ensure suitable peak shapes and maximized MS responses. A representative mixture of 31 acidic and basic doping agents was analyzed, in both ESI+ and ESI- modes. The best compromise for all compounds in terms of MS sensitivity and chromatographic performance was obtained when adding 2% water and 10mM ammonium formate in the CO2/MeOH mobile phase. Beside mobile phase, the nature of the make-up solvent added for interfacing UHPSFC with MS was also evaluated. Ethanol was found to be the best candidate as it was able to compensate for the negative effect of 2% water addition in ESI- mode and provided a suitable MS response for all doping agents. Sensitivity of the optimized UHPSFC-MS/MS method was finally assessed and compared to the results obtained in conventional UHPLC-MS/MS. Sensitivity was improved by 5-100-fold in UHPSFC-MS/MS vs. UHPLC-MS/MS for 56% of compounds, while only one compound (bumetanide) offered a significantly higher MS response (4-fold) under UHPLC-MS/MS conditions. In the second paper of this series, the optimal conditions for UHPSFC-MS/MS analysis will be employed to screen >100 doping agents in urine matrix and results will be compared to those obtained by conventional UHPLC-MS/MS.

Gender and Security Sector Reform: Gendering Differently?

Recent efforts to implement gender mainstreaming in the field of security sector reform have resulted in an international policy discourse on gender and security sector reform (GSSR). Critics have challenged GSSR for its focus on 'adding women' and its failure to be transformative. This article contests this assessment, demonstrating that GSSR is not only about 'adding women', but also, importantly, about 'gendering men differently' and has important albeit problematic transformative implications. Drawing on poststructuralist and postcolonial feminist theory, I propose a critical reading of GSSR policy discourse in order to analyse its built-in logics, tensions and implications. I argue that this discourse establishes a powerful 'grid of intelligibility' that draws on gendered and racialized dualisms to normalize certain forms of subjectivity while rendering invisible and marginalizing others, and contributing to reproduce certain forms of normativity and hierarchy. Revealing such processes of discursive in/exclusion and marginalized subjectivities can serve as a starting point to challenge and transform GSSR practice and identify sites of contestation.

The micro-architecture estimation by TBS discriminate women with and without osteoporotic fracture independently of age, BMI and BMD: The Osteo-Mobile Vaud cohort study.

Introduction: « Osteo-Mobile Vaud » is a mobile osteoporosis (OP) screening program. The women > 60 years living in the region Vaud will be offered OP screening with new equipment installed in a bus. The main goal is to evaluate the fracture risk with the combination of clinical risk factors (CRF) and informations extracted by a single DXA: bone mineral density (BMD), vertebral fracture assessment (VFA), and micro-architecture (MA) evaluation. MA is yet evaluable in daily practice by the Trabecular Bone Score (TBS) measure. TBS is a novel grey-level texture measurement reflecting bone MA based on the use of experimental variograms of 2D projection images. TBS is very simple to obtain, by reanalyzing a lumbar DXA-scan. TBS has proven to have diagnosis and prognosis value, partially independent of CRF and BMD. A 55-years follow- up is planned. Method: The Osteo-Mobile Vaud cohort (1500 women, > 60 years, living in the region Vaud) started in July 2010. CRF for OP, lumbar spine and hip BMD, VFA by DXA and MA evaluation by TBS are recorded. Preliminary results are reported. Results: In July 31th, we evaluated 510 women: mean age 67 years, BMI 26 kg/m². 72 women had one or more fragility fractures, 39 had vertebral fracture (VFx) grade 2/3. TBS decreases with age (-0.005 / year, p<0.001), and with BMI (-0.011 per kg/m², p<0.001). Correlation between BMD and site matched TBS is low (r=0.4, p<0.001). For the lowest T-score BMD, odds ratio (OR, 95% CI) for VFx grade 2/3 and clinical OP Fx are 1.8 (1.1-2.9) and 2.3 (1.5-3.4). For TBS, age-, BMI- and BMD adjusted ORs (per SD decrease) for VFx grade 2/3 and clinical OP Fx are 1.9 (1.2-3.0) and 1.8 (1.2-2.7). The TBS added value was independent of lumbar spine BMD or the lowest T-score (femoral neck, total hip or lumbar spine). Conclusion: As in the already published studies, these preliminary results confirm the partial independence between BMD and TBS. More importantly, a combination of TBS and BMD may increase significantly the identification of women with prevalent OP Fx. For the first time we are able to have complementary information about fracture (VFA), density (BMD), and micro-architecture (TBS) from a simple, low ionizing radiation and cheap device: DXA. The value of such informations in a screening program will be evaluated.

Extension des prestations de type "équipe mobile" aux foyers socio-éducatifs: projet pilote dans le canton de Vaud [Extension of mobile team services to socio-educational home: pilot project in the Vaud canton].

L'objectif principal de ce projet d'extension des prestations, de type Antenne d'intervention dans le milieu pour enfants et adolescents (AIMEA) aux foyers socio-éducatifs pour l'ensemble du canton de Vaud, vise à décloisonner les champs socio-éducatifs et pédopsychiatriques. 64 patients ont fait l'objet d'une évaluation au cours de la phase pilote (après une année de fonctionnement). De plus, une enquête de satisfaction a été effectuée soit à la fin du suivi, soit à la fin de la phase pilote de ce projet (au 31.12.2012). Cette expérience très positive, relevée par une grande majorité des acteurs impliqués dans la prise en charge socio-éducative et pédopsychiatrique des mineurs, suscite un désir d'extension des prestations de type équipe mobile à d'autres structures ou à d'autres types de situations. The main objective of this project about mobile team service extension to the socio-educational home of the whole Vaud canton targets to decompartmentalize the socio-educational and youth-psychiatry domains. 64 patient were assessed during this pilot phase (after one-year functioning). In addition, a satisfaction survey was done either at the end of the follow up or at the end of the pilot phase of the project (31.12.2012). This experience was very positive as highlighted by the vast majority of the person involved in the socio-educational and youth-psychiatric domains taking care of youth. A desire of extension of mobile team service to other institutional structure or other situations was expressed.

The role of community and population ecology in applying mycorrhizal fungi for improved food security.

The global human population is expected to reach ∼9 billion by 2050. Feeding this many people represents a major challenge requiring global crop yield increases of up to 100%. Microbial symbionts of plants such as arbuscular mycorrhizal fungi (AMF) represent a huge, but unrealized resource for improving yields of globally important crops, especially in the tropics. We argue that the application of AMF in agriculture is too simplistic and ignores basic ecological principals. To achieve this challenge, a community and population ecology approach can contribute greatly. First, ecologists could significantly improve our understanding of the determinants of the survival of introduced AMF, the role of adaptability and intraspecific diversity of AMF and whether inoculation has a direct or indirect effect on plant production. Second, we call for extensive metagenomics as well as population genomics studies that are crucial to assess the environmental impact that introduction of non-local AMF may have on native AMF communities and populations. Finally, we plead for an ecologically sound use of AMF in efforts to increase food security at a global scale in a sustainable manner.

Privacy as a Tradeoff: Introducing the Notion of Privacy Calculus for Context-Aware Mobile Applications

Evidences collected from smartphones users show a growing desire of personalization offered by services for mobile devices. However, the need to accurately identify users' contexts has important implications for user's privacy and it increases the amount of trust, which users are requested to have in the service providers. In this paper, we introduce a model that describes the role of personalization and control in users' assessment of cost and benefits associated to the disclosure of private information. We present an instantiation of such model, a context-aware application for smartphones based on the Android operating system, in which users' private information are protected. Focus group interviews were conducted to examine users' privacy concerns before and after having used our application. Obtained results confirm the utility of our artifact and provide support to our theoretical model, which extends previous literature on privacy calculus and user's acceptance of context-aware technology.

Privacy-friendly Business Models for Location-Based Mobile Services

This paper presents a theoretical model to analyze the privacy issues around location based mobile business models. We report the results of an exploratory field experiment in Switzerland that assessed the factors driving user payoff in mobile business. We found that (1) the personal data disclosed has a negative effect on user payoff; (2) the amount of personalization available has a direct and positive effect, as well as a moderating effect on user payoff; (3) the amount of control over user's personal data has a direct and positive effect, as well as a moderating effect on user payoff. The results suggest that privacy protection could be the main value proposition in the B2C mobile market. From our theoretical model we derive a set of guidelines to design a privacy-friendly business model pattern for third-party services. We discuss four examples to show the mobile platform can play a key role in the implementation of these new business models.