An assurance-based model to holistically assess the information security posture

EXECUTIVE SUMMARY : Evaluating Information Security Posture within an organization is becoming a very complex task. Currently, the evaluation and assessment of Information Security are commonly performed using frameworks, methodologies and standards which often consider the various aspects of security independently. Unfortunately this is ineffective because it does not take into consideration the necessity of having a global and systemic multidimensional approach to Information Security evaluation. At the same time the overall security level is globally considered to be only as strong as its weakest link. This thesis proposes a model aiming to holistically assess all dimensions of security in order to minimize the likelihood that a given threat will exploit the weakest link. A formalized structure taking into account all security elements is presented; this is based on a methodological evaluation framework in which Information Security is evaluated from a global perspective. This dissertation is divided into three parts. Part One: Information Security Evaluation issues consists of four chapters. Chapter 1 is an introduction to the purpose of this research purpose and the Model that will be proposed. In this chapter we raise some questions with respect to "traditional evaluation methods" as well as identifying the principal elements to be addressed in this direction. Then we introduce the baseline attributes of our model and set out the expected result of evaluations according to our model. Chapter 2 is focused on the definition of Information Security to be used as a reference point for our evaluation model. The inherent concepts of the contents of a holistic and baseline Information Security Program are defined. Based on this, the most common roots-of-trust in Information Security are identified. Chapter 3 focuses on an analysis of the difference and the relationship between the concepts of Information Risk and Security Management. Comparing these two concepts allows us to identify the most relevant elements to be included within our evaluation model, while clearing situating these two notions within a defined framework is of the utmost importance for the results that will be obtained from the evaluation process. Chapter 4 sets out our evaluation model and the way it addresses issues relating to the evaluation of Information Security. Within this Chapter the underlying concepts of assurance and trust are discussed. Based on these two concepts, the structure of the model is developed in order to provide an assurance related platform as well as three evaluation attributes: "assurance structure", "quality issues", and "requirements achievement". Issues relating to each of these evaluation attributes are analysed with reference to sources such as methodologies, standards and published research papers. Then the operation of the model is discussed. Assurance levels, quality levels and maturity levels are defined in order to perform the evaluation according to the model. Part Two: Implementation of the Information Security Assurance Assessment Model (ISAAM) according to the Information Security Domains consists of four chapters. This is the section where our evaluation model is put into a welldefined context with respect to the four pre-defined Information Security dimensions: the Organizational dimension, Functional dimension, Human dimension, and Legal dimension. Each Information Security dimension is discussed in a separate chapter. For each dimension, the following two-phase evaluation path is followed. The first phase concerns the identification of the elements which will constitute the basis of the evaluation: ? Identification of the key elements within the dimension; ? Identification of the Focus Areas for each dimension, consisting of the security issues identified for each dimension; ? Identification of the Specific Factors for each dimension, consisting of the security measures or control addressing the security issues identified for each dimension. The second phase concerns the evaluation of each Information Security dimension by: ? The implementation of the evaluation model, based on the elements identified for each dimension within the first phase, by identifying the security tasks, processes, procedures, and actions that should have been performed by the organization to reach the desired level of protection; ? The maturity model for each dimension as a basis for reliance on security. For each dimension we propose a generic maturity model that could be used by every organization in order to define its own security requirements. Part three of this dissertation contains the Final Remarks, Supporting Resources and Annexes. With reference to the objectives of our thesis, the Final Remarks briefly analyse whether these objectives were achieved and suggest directions for future related research. Supporting resources comprise the bibliographic resources that were used to elaborate and justify our approach. Annexes include all the relevant topics identified within the literature to illustrate certain aspects of our approach. Our Information Security evaluation model is based on and integrates different Information Security best practices, standards, methodologies and research expertise which can be combined in order to define an reliable categorization of Information Security. After the definition of terms and requirements, an evaluation process should be performed in order to obtain evidence that the Information Security within the organization in question is adequately managed. We have specifically integrated into our model the most useful elements of these sources of information in order to provide a generic model able to be implemented in all kinds of organizations. The value added by our evaluation model is that it is easy to implement and operate and answers concrete needs in terms of reliance upon an efficient and dynamic evaluation tool through a coherent evaluation system. On that basis, our model could be implemented internally within organizations, allowing them to govern better their Information Security. RÉSUMÉ : Contexte général de la thèse L'évaluation de la sécurité en général, et plus particulièrement, celle de la sécurité de l'information, est devenue pour les organisations non seulement une mission cruciale à réaliser, mais aussi de plus en plus complexe. A l'heure actuelle, cette évaluation se base principalement sur des méthodologies, des bonnes pratiques, des normes ou des standards qui appréhendent séparément les différents aspects qui composent la sécurité de l'information. Nous pensons que cette manière d'évaluer la sécurité est inefficiente, car elle ne tient pas compte de l'interaction des différentes dimensions et composantes de la sécurité entre elles, bien qu'il soit admis depuis longtemps que le niveau de sécurité globale d'une organisation est toujours celui du maillon le plus faible de la chaîne sécuritaire. Nous avons identifié le besoin d'une approche globale, intégrée, systémique et multidimensionnelle de l'évaluation de la sécurité de l'information. En effet, et c'est le point de départ de notre thèse, nous démontrons que seule une prise en compte globale de la sécurité permettra de répondre aux exigences de sécurité optimale ainsi qu'aux besoins de protection spécifiques d'une organisation. Ainsi, notre thèse propose un nouveau paradigme d'évaluation de la sécurité afin de satisfaire aux besoins d'efficacité et d'efficience d'une organisation donnée. Nous proposons alors un modèle qui vise à évaluer d'une manière holistique toutes les dimensions de la sécurité, afin de minimiser la probabilité qu'une menace potentielle puisse exploiter des vulnérabilités et engendrer des dommages directs ou indirects. Ce modèle se base sur une structure formalisée qui prend en compte tous les éléments d'un système ou programme de sécurité. Ainsi, nous proposons un cadre méthodologique d'évaluation qui considère la sécurité de l'information à partir d'une perspective globale. Structure de la thèse et thèmes abordés Notre document est structuré en trois parties. La première intitulée : « La problématique de l'évaluation de la sécurité de l'information » est composée de quatre chapitres. Le chapitre 1 introduit l'objet de la recherche ainsi que les concepts de base du modèle d'évaluation proposé. La maniéré traditionnelle de l'évaluation de la sécurité fait l'objet d'une analyse critique pour identifier les éléments principaux et invariants à prendre en compte dans notre approche holistique. Les éléments de base de notre modèle d'évaluation ainsi que son fonctionnement attendu sont ensuite présentés pour pouvoir tracer les résultats attendus de ce modèle. Le chapitre 2 se focalise sur la définition de la notion de Sécurité de l'Information. Il ne s'agit pas d'une redéfinition de la notion de la sécurité, mais d'une mise en perspectives des dimensions, critères, indicateurs à utiliser comme base de référence, afin de déterminer l'objet de l'évaluation qui sera utilisé tout au long de notre travail. Les concepts inhérents de ce qui constitue le caractère holistique de la sécurité ainsi que les éléments constitutifs d'un niveau de référence de sécurité sont définis en conséquence. Ceci permet d'identifier ceux que nous avons dénommés « les racines de confiance ». Le chapitre 3 présente et analyse la différence et les relations qui existent entre les processus de la Gestion des Risques et de la Gestion de la Sécurité, afin d'identifier les éléments constitutifs du cadre de protection à inclure dans notre modèle d'évaluation. Le chapitre 4 est consacré à la présentation de notre modèle d'évaluation Information Security Assurance Assessment Model (ISAAM) et la manière dont il répond aux exigences de l'évaluation telle que nous les avons préalablement présentées. Dans ce chapitre les concepts sous-jacents relatifs aux notions d'assurance et de confiance sont analysés. En se basant sur ces deux concepts, la structure du modèle d'évaluation est développée pour obtenir une plateforme qui offre un certain niveau de garantie en s'appuyant sur trois attributs d'évaluation, à savoir : « la structure de confiance », « la qualité du processus », et « la réalisation des exigences et des objectifs ». Les problématiques liées à chacun de ces attributs d'évaluation sont analysées en se basant sur l'état de l'art de la recherche et de la littérature, sur les différentes méthodes existantes ainsi que sur les normes et les standards les plus courants dans le domaine de la sécurité. Sur cette base, trois différents niveaux d'évaluation sont construits, à savoir : le niveau d'assurance, le niveau de qualité et le niveau de maturité qui constituent la base de l'évaluation de l'état global de la sécurité d'une organisation. La deuxième partie: « L'application du Modèle d'évaluation de l'assurance de la sécurité de l'information par domaine de sécurité » est elle aussi composée de quatre chapitres. Le modèle d'évaluation déjà construit et analysé est, dans cette partie, mis dans un contexte spécifique selon les quatre dimensions prédéfinies de sécurité qui sont: la dimension Organisationnelle, la dimension Fonctionnelle, la dimension Humaine, et la dimension Légale. Chacune de ces dimensions et son évaluation spécifique fait l'objet d'un chapitre distinct. Pour chacune des dimensions, une évaluation en deux phases est construite comme suit. La première phase concerne l'identification des éléments qui constituent la base de l'évaluation: ? Identification des éléments clés de l'évaluation ; ? Identification des « Focus Area » pour chaque dimension qui représentent les problématiques se trouvant dans la dimension ; ? Identification des « Specific Factors » pour chaque Focus Area qui représentent les mesures de sécurité et de contrôle qui contribuent à résoudre ou à diminuer les impacts des risques. La deuxième phase concerne l'évaluation de chaque dimension précédemment présentées. Elle est constituée d'une part, de l'implémentation du modèle général d'évaluation à la dimension concernée en : ? Se basant sur les éléments spécifiés lors de la première phase ; ? Identifiant les taches sécuritaires spécifiques, les processus, les procédures qui auraient dû être effectués pour atteindre le niveau de protection souhaité. D'autre part, l'évaluation de chaque dimension est complétée par la proposition d'un modèle de maturité spécifique à chaque dimension, qui est à considérer comme une base de référence pour le niveau global de sécurité. Pour chaque dimension nous proposons un modèle de maturité générique qui peut être utilisé par chaque organisation, afin de spécifier ses propres exigences en matière de sécurité. Cela constitue une innovation dans le domaine de l'évaluation, que nous justifions pour chaque dimension et dont nous mettons systématiquement en avant la plus value apportée. La troisième partie de notre document est relative à la validation globale de notre proposition et contient en guise de conclusion, une mise en perspective critique de notre travail et des remarques finales. Cette dernière partie est complétée par une bibliographie et des annexes. Notre modèle d'évaluation de la sécurité intègre et se base sur de nombreuses sources d'expertise, telles que les bonnes pratiques, les normes, les standards, les méthodes et l'expertise de la recherche scientifique du domaine. Notre proposition constructive répond à un véritable problème non encore résolu, auquel doivent faire face toutes les organisations, indépendamment de la taille et du profil. Cela permettrait à ces dernières de spécifier leurs exigences particulières en matière du niveau de sécurité à satisfaire, d'instancier un processus d'évaluation spécifique à leurs besoins afin qu'elles puissent s'assurer que leur sécurité de l'information soit gérée d'une manière appropriée, offrant ainsi un certain niveau de confiance dans le degré de protection fourni. Nous avons intégré dans notre modèle le meilleur du savoir faire, de l'expérience et de l'expertise disponible actuellement au niveau international, dans le but de fournir un modèle d'évaluation simple, générique et applicable à un grand nombre d'organisations publiques ou privées. La valeur ajoutée de notre modèle d'évaluation réside précisément dans le fait qu'il est suffisamment générique et facile à implémenter tout en apportant des réponses sur les besoins concrets des organisations. Ainsi notre proposition constitue un outil d'évaluation fiable, efficient et dynamique découlant d'une approche d'évaluation cohérente. De ce fait, notre système d'évaluation peut être implémenté à l'interne par l'entreprise elle-même, sans recourir à des ressources supplémentaires et lui donne également ainsi la possibilité de mieux gouverner sa sécurité de l'information.

Fructose and metabolic diseases: new findings, new questions.

There has been much concern regarding the role of dietary fructose in the development of metabolic diseases. This concern arises from the continuous increase in fructose (and total added caloric sweeteners consumption) in recent decades, and from the increased use of high-fructose corn syrup (HFCS) as a sweetener. A large body of evidence shows that a high-fructose diet leads to the development of obesity, diabetes, and dyslipidemia in rodents. In humans, fructose has long been known to increase plasma triglyceride concentrations. In addition, when ingested in large amounts as part of a hypercaloric diet, it can cause hepatic insulin resistance, increased total and visceral fat mass, and accumulation of ectopic fat in the liver and skeletal muscle. These early effects may be instrumental in causing, in the long run, the development of the metabolic syndrome. There is however only limited evidence that fructose per se, when consumed in moderate amounts, has deleterious effects. Several effects of a high-fructose diet in humans can be observed with high-fat or high-glucose diets as well, suggesting that an excess caloric intake may be the main factor involved in the development of the metabolic syndrome. The major source of fructose in our diet is with sweetened beverages (and with other products in which caloric sweeteners have been added). The progressive replacement of sucrose by HFCS is however unlikely to be directly involved in the epidemy of metabolic disease, because HFCS appears to have basically the same metabolic effects as sucrose. Consumption of sweetened beverages is however clearly associated with excess calorie intake, and an increased risk of diabetes and cardiovascular diseases through an increase in body weight. This has led to the recommendation to limit the daily intake of sugar calories.

Plasminogen activator inhibitor 1 and plasminogen activator inhibitor 2 in various disease states.

The association of increased PA-inhibitor (PAI) activity and of PAI-1 and PAI-2 antigen levels with different pathological conditions was studied in a collective of over 300 patients. PAI-1 and PAI-2 levels were measured by specific radioimmunoassays. A good correlation was observed of PAI activity with PAI-1 antigen (r = 0.718; p less than 0.0001) but not with PAI-2 (r = 0.070; n.s.). Both in the controls and in the patients, PAI activity and PAI-1 antigen showed an extremely large range of values. PAI activity ranged from 0.5 to 68 U/ml and PAI-1 antigen from 6 to 600 ng/ml. Increased PAI activity and PAI-1 antigen was observed in patients with malignant tumors, cardiovascular or thromboembolic disease, in the postoperative phase, with hepatic insufficiency, after trauma and after extracorporeal circulation. The large spectrum of disease states with increased PAI activity and PAI-1 antigen reinforces previous suggestions that PAI-1 is an acute phase reactant. After extracorporeal circulation, PAI activity and PAI-1 concentrations strongly increased within one hour, remained elevated for at least one week and returned to preoperation values within 7 days. PAI-2 values ranged from below detection limit (15 ng/ml), observed in half of the plasmas, to 485 ng/ml in a pregnant woman. High values of PAI-2 were only observed in pregnancy.

Thermogenesis in obese women: effect of fructose vs. glucose added to a meal.

To assess the effect of a fructose meal on resting energy expenditure (EE), indirect calorimetry was used in 23 women (10 lean and 13 obese) for 30 min before and 6 h after the ingestion of a mixed meal containing 20% protein, 33% fat, and either 75 g glucose or 75 g fructose as carbohydrate source (47%). Expressed as a percentage of the energy content of the meal, the thermogenic response to the fructose meal was significantly greater (10.2 +/- 0.5%) than that of the glucose meal (8.4 +/- 0.4%, P less than 0.01). This difference was still apparent when the lean and obese women were considered separately. The mean respiratory quotient during the 6-h postprandial period was significantly greater (P less than 0.01) for the fructose (0.85 +/- 0.01) than for the glucose meal (0.83 +/- 0.01) in the combined subjects. In addition, cumulative carbohydrate oxidation was significantly greater after the fructose than after the glucose meal (51.1 +/- 2.3 vs. 40.9 +/- 2.0 g/6 h, respectively, P less than 0.01). Only small changes were observed in postprandial plasma levels of glucose and insulin after the fructose meal, but the plasma levels of lactate increased more with fructose than with the glucose meal. These results suggest that there might be some advantages (higher thermogenesis and carbohydrate oxidations) in using fructose as part of the carbohydrate source in diet of people with obesity and/or insulin resistance.

Predicting human resting-state functional connectivity from structural connectivity

In the cerebral cortex, the activity levels of neuronal populations are continuously fluctuating. When neuronal activity, as measured using functional MRI (fMRI), is temporally coherent across 2 populations, those populations are said to be functionally connected. Functional connectivity has previously been shown to correlate with structural (anatomical) connectivity patterns at an aggregate level. In the present study we investigate, with the aid of computational modeling, whether systems-level properties of functional networks-including their spatial statistics and their persistence across time-can be accounted for by properties of the underlying anatomical network. We measured resting state functional connectivity (using fMRI) and structural connectivity (using diffusion spectrum imaging tractography) in the same individuals at high resolution. Structural connectivity then provided the couplings for a model of macroscopic cortical dynamics. In both model and data, we observed (i) that strong functional connections commonly exist between regions with no direct structural connection, rendering the inference of structural connectivity from functional connectivity impractical; (ii) that indirect connections and interregional distance accounted for some of the variance in functional connectivity that was unexplained by direct structural connectivity; and (iii) that resting-state functional connectivity exhibits variability within and across both scanning sessions and model runs. These empirical and modeling results demonstrate that although resting state functional connectivity is variable and is frequently present between regions without direct structural linkage, its strength, persistence, and spatial statistics are nevertheless constrained by the large-scale anatomical structure of the human cerebral cortex.

The use of telomerase activity for the detection of prostatic cancer cells after prostatic massage.

PURPOSE: Prostate cancer is the most commonly diagnosed cancer in the United States. The diagnosis or followup of prostate cancer in men older than 50 years is based on digital rectal examination, measurement of the free-to-total prostatic specific antigen ratio and transrectal ultrasound assisted needle biopsy of the prostate. We developed and evaluated a noninvasive method for diagnosing prostate cancer based on the measurement of telomerase activity after prostatic massage in fresh voided urine or after urethral washing. MATERIALS AND METHODS: We obtained 36 specimens of cells after prostatic massage in the fresh voided urine of 16 patients who subsequently underwent radical prostatectomy and after urethral washing in 20 who underwent prostate needle biopsies. Ethylenediaminetetraacetic acid was immediately added to the collected urine or washing to a final concentration of 20 mM. After protein extraction by CHAPS buffer each specimen was tested for telomerase activity in a 2-step modified telomeric repeat amplification protocol assay. The 2 prostate cancer cell lines PC-3 and LNCaP with high telomerase activity were used as a positive control. RESULTS: Telomerase activity was detected in 14 of 24 samples with known prostate cancer (sensitivity 58%). In contrast, no telomerase activity was found in the 12 cases without histological evidence of prostate tumor (specificity 100%). Eight of 9 poorly differentiated cancers expressed telomerase activity (89%), while only 6 of 15 well and moderately differentiated cancers showed telomerase activity (40%). CONCLUSIONS: Our data illustrate that telomerase activity may be detected in voided urine or washing after prostatic massage in patients with prostate cancer. Sensitivity was higher for poorly differentiated tumors. This approach is not currently available for detecting prostate cancer in clinical practice. However, these results are promising and further studies are ongoing.

Structured sparsity for spatially coherent fibre orientation estimation in diffusion MRI.

We propose a novel formulation to solve the problem of intra-voxel reconstruction of the fibre orientation distribution function (FOD) in each voxel of the white matter of the brain from diffusion MRI data. The majority of the state-of-the-art methods in the field perform the reconstruction on a voxel-by-voxel level, promoting sparsity of the orientation distribution. Recent methods have proposed a global denoising of the diffusion data using spatial information prior to reconstruction, while others promote spatial regularisation through an additional empirical prior on the diffusion image at each q-space point. Our approach reconciles voxelwise sparsity and spatial regularisation and defines a spatially structured FOD sparsity prior, where the structure originates from the spatial coherence of the fibre orientation between neighbour voxels. The method is shown, through both simulated and real data, to enable accurate FOD reconstruction from a much lower number of q-space samples than the state of the art, typically 15 samples, even for quite adverse noise conditions.

Transcranial Magnetic Stimulation Combined with EEG Reveals Covert States of Elevated Excitability in the Human Epileptic Brain.

BACKGROUND: Transcranial magnetic stimulation combined with electroencephalogram (TMS-EEG) can be used to explore the dynamical state of neuronal networks. In patients with epilepsy, TMS can induce epileptiform discharges (EDs) with a stochastic occurrence despite constant stimulation parameters. This observation raises the possibility that the pre-stimulation period contains multiple covert states of brain excitability some of which are associated with the generation of EDs. OBJECTIVE: To investigate whether the interictal period contains "high excitability" states that upon brain stimulation produce EDs and can be differentiated from "low excitability" states producing normal appearing TMS-EEG responses. METHODS: In a cohort of 25 patients with Genetic Generalized Epilepsies (GGE) we identified two subjects characterized by the intermittent development of TMS-induced EDs. The high-excitability in the pre-stimulation period was assessed using multiple measures of univariate time series analysis. Measures providing optimal discrimination were identified by feature selection techniques. The "high excitability" states emerged in multiple loci (indicating diffuse cortical hyperexcitability) and were clearly differentiated on the basis of 14 measures from "low excitability" states (accuracy = 0.7). CONCLUSION: In GGE, the interictal period contains multiple, quasi-stable covert states of excitability a class of which is associated with the generation of TMS-induced EDs. The relevance of these findings to theoretical models of ictogenesis is discussed.

Image Resilience after Multiple Crises : The Case of Switzerland in the United States

In der heutigen Welt sind die Reputation und das Image eines Landes als wichtige Faktoren für den wirtschaftlichen und politischen Erfolg angesehen. Jedoch ist die Pflege der Marke eines Landes komplex und führt zu zwei Positionen, die sich potentiell widersprechen: Einerseits kann ein positives Erscheinungsbild eines Landes durch aktive Massnahmen gefördert werden. Andererseits ist es schwierig, das Bild eines Landes abzugrenzen und es ist mit Klischees behaftet. Dieser Beitrag analysiert die Auswirkungen von zwei grösseren Krisen auf das Image der Schweiz in den Vereinigten Staaten: die Krise um die nachrichtenlosen Vermögen aus der Zeit des 2. Weltkriegs im Jahr 2000 sowie die Krise um die UBS und das Bankgeheimnis im Jahr 2009. Die Studie zeigt, dass das Erscheinungsbild der Schweiz unberührt blieb, obwohl ein beachtlicher Teil der Bevölkerung und der Meinungsführer von beiden Krisen wusste. Dies stützt die Hypothese, dass das Image eines Landes eine hohe Beständigkeit aufweist. In today's world, country's reputation and image have become key issues, widely believed to be success factors both economically and politically. Nevertheless, managing a country's brand is complex and leads to two positions that are potentially contradictory: On the one hand, a country's image can be influenced either by promotional activities. On the other hand, a country's image is a construct that is very difficult to delimit and is highly stereotyped. This contribution study the impact of two major crises on the image of Switzerland in the United States: the unclaimed wartime deposits crisis in 2000 and the UBS and banking secrecy crisis in 2009. It shows that despite the fact that a substantial proportion of the public and of opinion leaders was aware of both crises, the image of Switzerland was unaffected, which tends to support the hypothesis of strong stability of a country's image.

Added value of acute multimodal CT-based imaging (MCTI) : a comprehensive analysis

Introduction: MCTI is used to assess acute ischemic stroke (AIS) patients.We postulated that use of MCTI improves patient outcome regardingindependence and mortality.Methods: From the ASTRAL registry, all patients with an AIS and a non-contrast-CT (NCCT), angio-CT (CTA) or perfusion-CT (CTP) within24 h from onset were included. Demographic, clinical, biological, radio-logical, and follow-up caracteristics were collected. Significant predictorsof MCTI use were fitted in a multivariate analysis. Patients undergoingCTA or CTA&CTP were compared with NCCT patients with regards tofavourable outcome (mRS ≤ 2) at 3 months, 12 months mortality, strokemechanism, short-term renal function, use of ancillary diagnostic tests,duration of hospitalization and 12 months stroke recurrence.

Extracellular Subunit Interactions Control Transitions between Functional States of Acid-sensing Ion Channel 1a.

Acid-sensing ion channels (ASICs) are neuronal, voltage-independent Na(+) channels that are transiently activated by extracellular acidification. They are involved in pain sensation, the expression of fear, and in neurodegeneration after ischemic stroke. Our study investigates the role of extracellular subunit interactions in ASIC1a function. We identified two regions involved in critical intersubunit interactions. First, formation of an engineered disulfide bond between the palm and thumb domains leads to partial channel closure. Second, linking Glu-235 of a finger loop to either one of two different residues of the knuckle of a neighboring subunit opens the channel at physiological pH or disrupts its activity. This suggests that one finger-knuckle disulfide bond (E235C/K393C) sets the channel in an open state, whereas the other (E235C/Y389C) switches the channel to a non-conducting state. Voltage-clamp fluorometry experiments indicate that both the finger loop and the knuckle move away from the β-ball residue Trp-233 during acidification and subsequent desensitization. Together, these observations reveal that ASIC1a opening is accompanied by a distance increase between adjacent thumb and palm domains as well as a movement of Glu-235 relative to the knuckle helix. Our study identifies subunit interactions in the extracellular loop and shows that dynamic changes of these interactions are critical for normal ASIC function.