User and Machine Authentication and Authorization Infrastructure for Distributed Wireless Sensor Network Testbeds

The intention of an authentication and authorization infrastructure (AAI) is to simplify and unify access to different web resources. With a single login, a user can access web applications at multiple organizations. The Shibboleth authentication and authorization infrastructure is a standards-based, open source software package for web single sign-on (SSO) across or within organizational boundaries. It allows service providers to make fine-grained authorization decisions for individual access of protected online resources. The Shibboleth system is a widely used AAI, but only supports protection of browser-based web resources. We have implemented a Shibboleth AAI extension to protect web services using Simple Object Access Protocol (SOAP). Besides user authentication for browser-based web resources, this extension also provides user and machine authentication for web service-based resources. Although implemented for a Shibboleth AAI, the architecture can be easily adapted to other AAIs.

Authentication and Authorisation Mechanisms in support of Secure Access to WMN Resources

Over the past several years, a number of design approaches in wireless mesh networks have been introduced to support the deployment of wireless mesh networks (WMNs). We introduce a novel wireless mesh architecture that supports authentication and authorisation functionalities, giving the possibility of a seamless WMN integration into the home's organization authentication and authorisation infrastructure. First, we introduce a novel authentication and authorisation mechanism for wireless mesh nodes. The mechanism is designed upon an existing federated access control approach, i.e. the AAI infrastructure that is using just the credentials at the user's home organization in a federation. Second, we demonstrate how authentication and authorisation for end users is implemented by using an existing web-based captive portal approach. Finally, we observe the difference between the two and explain in detail the process flow of authorized access to network resources in wireless mesh networks. The goal of our wireless mesh architecture is to enable easy broadband network access to researchers at remote locations, giving them additional advantage of a secure access to their measurements, irrespective of their location. It also provides an important basis for the real-life deployment of wireless mesh networks for the support of environmental research.

A systematic review of medical interventions for oral submucous fibrosis and future research opportunities

Oral Diseases (2011) 17 (Suppl. 1), 42-57 Oral submucous fibrosis (OSF) is a chronic, insidious disease caused by areca nut use, and is associated with both significant morbidity (including pain and reduced oral opening) and an increased risk for malignancy. This systematic review explored and updated the current medical (i.e., non-surgical) interventions available for the management of OSF. Of the 27 published medical interventions, there were four randomized controlled trials. The overall quality of these randomized controlled studies was assessed using the GRADE approach and significant limitations that challenged the conclusions were found. However, this review was valuable in terms of identifying opportunities to provide recommendations for future research, in terms of the populations to research, the types of interventions needed, the types of outcomes to be measured, the study designs needed, and the infrastructure required to conduct studies. The next step is to initiate a pathway for a low-cost research plan leading to the development of a brief protocol for future clinical trials in this field, with an emphasis on conducting studies in regions of the world where OSF is prevalent.

Individual Video Training iVT and Annotating Academic Videos AAV: two complementing technologies

Individual Video Training iVT and Annotating Academic Videos AAV: two complementing technologies 1. Recording communication skills training sessions and reviewing them by oneself, with peers, and with tutors has become standard in medical education. Increasing numbers of students paired with restrictions of financial and human resources create a big obstacle to this important teaching method. 2. Everybody who wants to increase efficiency and effectiveness of communication training can get new ideas from our technical solution. 3. Our goal was to increase the effectiveness of communication skills training by supporting self, peer and tutor assessment over the Internet. Two technologies of SWITCH, the national foundation to support IT solutions for Swiss universities, came handy for our project. The first is the authentication and authorization infrastructure providing all Swiss students with a nationwide single login. The second is SWITCHcast which allows automated recording, upload and publication of videos in the Internet. Students start the recording system by entering their single login. This automatically links the video with their password. Within a few hours, they find their video password protected on the Internet. They now can give access to peers and tutors. Additionally, an annotation interface was developed. This software has free text as well as checklist annotations capabilities. Tutors as well as students can create checklists. Tutor’s checklists are not editable by students. Annotations are linked to tracks. Tracks can be private or public. Public means visible to all who have access to the video. Annotation data can be exported for statistical evaluation. 4. The system was well received by students and tutors. Big numbers of videos were processed simultaneously without any problems. 5. iVT http://www.switch.ch/aaa/projects/detail/UNIBE.7 AAV http://www.switch.ch/aaa/projects/detail/ETHZ.9

Academic cooperation to foster research and advocacy competences in the occupied Palestinian territory (West Bank)

Palestinians living in the West Bank, a territory occupied by the State of Israel according to International Law, face deprived access to land and a limited ability to move freely which pertains to the presence of Israeli settlements and other infrastructure (closures, restricted or forbidden roads, etc.). This confinement has significant impacts on their economic and social livelihoods, and it is even worsening with the on-going construction of a 709 km long Barrier which mainly runs inside the West Bank. With regard to this situation, there is a clear need to strengthen the capacity of civil society and its representatives to apply sound research processes as a basis for improved advocacy for Palestinian human rights. Monitoring processes and tools are needed to assess the impacts of the Palestinians’ confinement, particularly in relation to the Barrier’s construction. Reliable data has also to be collected, managed, and above all, shared. These challenges have been addressed within the Academic Cooperation Palestine Project (ACPP) that brings together academic partners from the occupied Palestinian territory (oPt) West Bank (WB), and Switzerland as well as other international academic institutions and Palestinian governmental and non-governmental agencies. ACPP started in early 2011 and is designed as a large cooperation networking platform involving researchers, students, public servants and experts from the oPt WB. A large set of actions have already been developed during the first year of the project, including courses, training, and research actions. First relevant results and impacts of the different actions are presented in this paper. Taken as a whole, the project produces valuable results for all partners: useful advocacy material for the Palestinian partners, and a unique “real-scale laboratory” where investigations are jointly conducted to develop novel confinement and change indicators.

Individual Video Training iVT - Development of a National Infrastructure for Video-Supported Learning

Introduction: Video‐Supported Learning is particularly effective when it comes to skills and behaviors. Video registration of patient‐physician interviews, class room instruction or practical skills allow it to learners themselves, their peers, and their tutors to assess the quality of the learner's performance, to give specific feedback, and to make suggestions for improvement. Methods: In Switzerland, four pedagogical universities and two medical faculties joined to initiate the development of a national infrastructure for Video Supported Learning. The goal was to have a system that is simple to use, has most steps automated, provides the videos over the Internet, and has a sophisticated access control. Together with SWITCH, the national IT‐Support‐Organisation for Swiss Universities, the program iVT (Individual Video Training) was developed by integrating two preexisting technologies. The first technology is SWITCHcast, a podcast system. With SWITCHcast, videos are automatically uploaded to a server as soon as the registration is over. There the videos are processed and converted to different formats. The second technology is the national Single Logon System AAI (Authentification and Authorization Infrastructure) that enables iVT to link each video with the corresponding learner. The learner starts the registration with his Single Logon. Thus, the video can unambiguously be assigned. Via his institution's Learning Management System (LMS), the learner can access his video and give access to his video to peers and tutors. Results: iVT is now used at all involved institutions. The system works flawlessly. In Bern, we use iVT for the communications skills training in the forth and sixth year. Since students meet with patient actors alone, iVT is also used to certify attendance. Students are encouraged to watch the videos of the interview and the feedback of the patient actor. The offer to discuss a video with a tutor was not used by the students. Discussion: We plan to expand the use of iVT by making peer assessment compulsory. To support this, annotation capabilities are currently added to iVT. We also want to use iVT in training of practical skills, again for self as well as for peer assessment.  At present, we use iVT for quality control of patient actor's performance.

Drought coping and adaptation strategies: Understanding adaptations to climate change in agro-pastoral livestock production in Makueni district, Kenya

Using drought as a lens, this article analyses how agro-pastoralists in Makueni district, Kenya adapt their livestock production to climate variability and change. Data were collected from a longitudinal survey of 127 agro-pastoral households. Approximately one-third of the households have inadequate feeds, and livestock diseases are major challenges during non-drought and drought periods. Agro-pastoralists’ responses to drought are reactive and mainly involve intensifying exploitation of resources and the commons. Proactive responses such as improving production resources are few. Poverty, limited responses to market dynamics and inadequate skills constrain adaptations. Many agro-pastoralists’ attachment to livestock deters livestock divestment, favouring disadvantageous sales that result in declining incomes. To improve adaptive capacity, interventions should expose agro-pastoralists to other forms of savings, incorporate agro-pastoralists as agents of change by building their capacity to provide extension services, and maintain infrastructure. Securing livestock mobility, pasture production and access is crucial under the variable social-ecological conditions.

Negotiating an Energy Deal under TTIP: Drivers and Impediments to U.S. Shale Exports to Europe

The problem of global security of energy supply is growing in importance. TTIP negotiations represent an opportunity to improve energy security in Europe and negotiate a legal framework for bilateral trade in energy, which could serve as a model for future negotiations at a multilateral level. This paper explores some of the thorniest legal, geopolitical, and economic issues that need to be taken up by TTIP negotiators for the promotion of a secure and sustainable trade in energy between the United States and European Union. It gives an account of the most recent developments in the TTIP negotiations on energy and examines the link between a possible legal framework for energy trade under TTIP and other energy-related regional and international fora. The paper critically assesses the negotiating positions of the European Union and the United States in light of their reciprocal energy profiles and needs. It offers an overview of the critical items most likely to be on top of the TTIP agenda on energy based on a comparative analysis of energy provisions in E.U. and U.S. legislation and in light of the both parties’ interests. Finally, it discusses the main driving forces and inhibiting factors capable of facilitating or rather impeding a successful conclusion of an energy trade deal between the United States and the European Union.

Minimally invasive postmortem telebiopsy

For the past 10 years, medical imaging techniques have been increasingly applied to forensic investigations. To obtain histological and toxicological information, tissue and liquid samples are required. In this article, we describe the development of a low-cost, secure, and reliable approach for a telematic add-on for remotely planning biopsies on the Virtobot robotic system. Data sets are encrypted and submitted over the Internet. A plugin for the OsiriX medical image viewer allows for remote planning of needle trajectories that are used for needle placement. The application of teleradiological methods to image-guided biopsy in the forensic setting has the potential to reduce costs and, in conjunction with a mobile computer tomographic scanner, allows for tissue sampling in a mass casualty situation involving nuclear, biological, or chemical agents, in a manner that minimizes the risk to involved staff.

Microsurgical treatment of perimedullary spinal arteriovenous fistulas

Objective: Perimedullary arteriovenous fistulas (PMAVF) are exceptional spinal vascular malformations and their best therapeutic management remains controversial. Here the authors present their experience with PMAVF to characterize the clinical, neuroimaging and treatment data of patients operated on PMAVF and to analyse both incidence of complications and resurgery in the microsurgical therapy of PMAVF. Method: Fifteen patients (13 men, 2 women, mean age 51 years) with PMAVF identified by selective spinal angiography were microsurgically treated at our institution between 1992 and 2006. The presenting symptoms (duration 3 months to 5 years) were consistent with progressive myelopathy (13) or included isolated pain syndrome (2). Lumbar PMAVF location (6) was predominant followed by the sacral (5) and thoracic (4) site including 6 PMAVF of the filum terminale and 2 PMAVF associated with a glomerular AVM and dural arteriovenous fistula, respectively. Microsurgical PMAVF obliteration and postoperative angiography were routinely performed. All patients were available for follow-up evaluation within 6 months postoperatively. Results: Surgery with complete (12) or almost complete (3) PMAVF occlusion resulted in neurological improvement (10) or stabilization (1), 4 patients deteriorated postoperatively. Whereas no complications occured, a second operation because of residual or recanalized PMAVF was indicated in one case each. Two associated dual spinal vascular malformations could be observed and subsequently obliterated. Conclusions: Microsurgical occlusion of PMAVF appears to be a secure and adequate therapeutic option that prevents progressive neurological deterioration and results in good outcome in the majority of patients. Complications associated with surgery, recurrences and reoperations are infrequent. Therefore, in the authors experience microsurgery is the preferred therapy to treat PMAVF. Despite the rarity of PMAVF the possibility of the coincidence of associated second vascular malformations should be considered.

Individual Video Training - Entwicklung einer nationalen Infrastruktur für Video-unterstütztes Lernen

Video-basiertes Lernen ist besonders effektiv, wo es um Fertigkeiten und Verhalten geht. Videoaufzeichnungen von Gesprächen, Unterrichtssituationen oder der Durchführung praktischer Tätigkeiten wie dem Nähen einer Wunde erlauben es den Ausführenden, ihren Peers und ihren Tutoren, die Qualität der Leistung zu beurteilen und Anregungen zur Verbesserung zu formulieren. Wissend um den grossen didaktischen Wert von Videoaufzeichnungen haben sich vier Pädagogische Hochschulen (Zürich, Freiburg, Thurgau, Luzern) und zwei Medizinische Fakultäten (Bern, Lausanne) zusammen getan, um eine nationale Infrastruktur für Video-unterstütztes Lernen anzustossen. Ziel was es, ein System zu entwickeln, das einfach zu bedienen ist, bei dem viele Arbeitsschritte automatisiert sind und das die Videos im Internet bereit stellt. Zusammen mit SWITCH, der nationalen IT-Support-Organisation der Schweizer Hochschulen, wurde basierend auf den vorbestehenden Technologien AAI und SWITCHcast das Programm iVT (Individual Video Training) entwickelt. Die Integration des nationalen Single Logon System AAI (Authentification and Authorization Infrastructure) erlaubt es, die Videos mit dem jeweiligen User eindeutig zu verknüpfen, so dass die Videos nur für diesen User im Internet zugänglich sind. Mit dem Podcast-System SWITCHcast können Videos automatisch ins Internet hochgeladen und bereit gestellt werden. Es wurden je ein Plugin für die Learning Management Systeme ILIAS (PH Zürich, Uni Bern) und Moodle (Uni Lausanne) entwickelt. Dank dieser Plugins werden die Videos in den jeweiligen LMS verfügbar gemacht. Der Einsatz von iVT ist beim Kommunikationstraining unserer Medizinstudierenden in Bern inzwischen Standard. Das Login gilt gleichzeitig als Beleg für das Testat. Studierende, die keine Videoaufzeichnung wünschen, können diese nach dem Login stoppen. Bis anhin ist das Betrachten der Videos freiwillig. Szenarios mit Peer Feedback sind geplant. Eine entsprechende Erweiterung des Systems um gegenseitige Annotationsmöglichkeiten besteht bereits und wird fortlaufend weiterentwickelt.

Service level agreements-driven management of distributed applications in cloud computing environments

Advancements in cloud computing have enabled the proliferation of distributed applications, which require management and control of multiple services. However, without an efficient mechanism for scaling services in response to changing workload conditions, such as number of connected users, application performance might suffer, leading to violations of Service Level Agreements (SLA) and possible inefficient use of hardware resources. Combining dynamic application requirements with the increased use of virtualised computing resources creates a challenging resource Management context for application and cloud-infrastructure owners. In such complex environments, business entities use SLAs as a means for specifying quantitative and qualitative requirements of services. There are several challenges in running distributed enterprise applications in cloud environments, ranging from the instantiation of service VMs in the correct order using an adequate quantity of computing resources, to adapting the number of running services in response to varying external loads, such as number of users. The application owner is interested in finding the optimum amount of computing and network resources to use for ensuring that the performance requirements of all her/his applications are met. She/he is also interested in appropriately scaling the distributed services so that application performance guarantees are maintained even under dynamic workload conditions. Similarly, the infrastructure Providers are interested in optimally provisioning the virtual resources onto the available physical infrastructure so that her/his operational costs are minimized, while maximizing the performance of tenants’ applications. Motivated by the complexities associated with the management and scaling of distributed applications, while satisfying multiple objectives (related to both consumers and providers of cloud resources), this thesis proposes a cloud resource management platform able to dynamically provision and coordinate the various lifecycle actions on both virtual and physical cloud resources using semantically enriched SLAs. The system focuses on dynamic sizing (scaling) of virtual infrastructures composed of virtual machines (VM) bounded application services. We describe several algorithms for adapting the number of VMs allocated to the distributed application in response to changing workload conditions, based on SLA-defined performance guarantees. We also present a framework for dynamic composition of scaling rules for distributed service, which used benchmark-generated application Monitoring traces. We show how these scaling rules can be combined and included into semantic SLAs for controlling allocation of services. We also provide a detailed description of the multi-objective infrastructure resource allocation problem and various approaches to satisfying this problem. We present a resource management system based on a genetic algorithm, which performs allocation of virtual resources, while considering the optimization of multiple criteria. We prove that our approach significantly outperforms reactive VM-scaling algorithms as well as heuristic-based VM-allocation approaches.