Implementation of porous silicon technology for a fluidic flow-through optical sensor for pH measurements

This work presents an innovative integration of sensing and nano-scaled fluidic actuation in the combination of pH sensitive optical dye immobilization with the electro-osmotic phenomena in polar solvents like water for flow-through pH measurements. These flow-through measurements are performed in a flow-through sensing device (FTSD) configuration that is designed and fabricated at MTU. A relatively novel and interesting material, through-wafer mesoporous silica substrates with pore diameters of 20 -200 nm and pore depths of 500 µm are fabricated and implemented for electro-osmotic pumping and flow-through fluorescence sensing for the first time. Performance characteristics of macroporous silicon (> 500 µm) implemented for electro-osmotic pumping include, a very large flow effciency of 19.8 µLmin-1V-1 cm-2 and maximum pressure effciency of 86.6 Pa/V in comparison to mesoporous silica membranes with 2.8 µLmin-1V-1cm-2 flow effciency and a 92 Pa/V pressure effciency. The electrical current (I) of the EOP system for 60 V applied voltage utilizing macroporous silicon membranes is 1.02 x 10-6A with a power consumption of 61.74 x 10-6 watts. Optical measurements on mesoporous silica are performed spectroscopically from 300 nm to 1000 nm using ellipsometry, which includes, angularly resolved transmission and angularly resolved reflection measurements that extend into the infrared regime. Refractive index (n) values for oxidized and un-oxidized mesoporous silicon sample at 1000 nm are found to be 1.36 and 1.66. Fluorescence results and characterization confirm the successful pH measurement from ratiometric techniques. The sensitivity measured for fluorescein in buffer solution is 0.51 a.u./pH compared to sensitivity of ~ 0.2 a.u./pH in the case of fluorescein in porous silica template. Porous silica membranes are efficient templates for immobilization of optical dyes and represent a promising method to increase sensitivity for small variations in chemical properties. The FTSD represents a device topology suitable for application to long term monitoring of lakes and reservoirs. Unique and important contributions from this work include fabrication of a through-wafer mesoporous silica membrane that has been thoroughly characterized optically using ellipsometry. Mesoporous silica membranes are tested as a porous media in an electro-osmotic pump for generating high pressure capacities due to the nanometer pore sizes of the porous media. Further, dye immobilized mesoporous silica membranes along with macroporous silicon substrates are implemented for continuous pH measurements using fluorescence changes in a flow-through sensing device configuration. This novel integration and demonstration is completely based on silicon and implemented for the first time and can lead to miniaturized flow-through sensing systems based on MEMS technologies.

A FIREWALL MODEL OF FILE SYSTEM SECURITY

File system security is fundamental to the security of UNIX and Linux systems since in these systems almost everything is in the form of a file. To protect the system files and other sensitive user files from unauthorized accesses, certain security schemes are chosen and used by different organizations in their computer systems. A file system security model provides a formal description of a protection system. Each security model is associated with specified security policies which focus on one or more of the security principles: confidentiality, integrity and availability. The security policy is not only about “who” can access an object, but also about “how” a subject can access an object. To enforce the security policies, each access request is checked against the specified policies to decide whether it is allowed or rejected. The current protection schemes in UNIX/Linux systems focus on the access control. Besides the basic access control scheme of the system itself, which includes permission bits, setuid and seteuid mechanism and the root, there are other protection models, such as Capabilities, Domain Type Enforcement (DTE) and Role-Based Access Control (RBAC), supported and used in certain organizations. These models protect the confidentiality of the data directly. The integrity of the data is protected indirectly by only allowing trusted users to operate on the objects. The access control decisions of these models depend on either the identity of the user or the attributes of the process the user can execute, and the attributes of the objects. Adoption of these sophisticated models has been slow; this is likely due to the enormous complexity of specifying controls over a large file system and the need for system administrators to learn a new paradigm for file protection. We propose a new security model: file system firewall. It is an adoption of the familiar network firewall protection model, used to control the data that flows between networked computers, toward file system protection. This model can support decisions of access control based on any system generated attributes about the access requests, e.g., time of day. The access control decisions are not on one entity, such as the account in traditional discretionary access control or the domain name in DTE. In file system firewall, the access decisions are made upon situations on multiple entities. A situation is programmable with predicates on the attributes of subject, object and the system. File system firewall specifies the appropriate actions on these situations. We implemented the prototype of file system firewall on SUSE Linux. Preliminary results of performance tests on the prototype indicate that the runtime overhead is acceptable. We compared file system firewall with TE in SELinux to show that firewall model can accommodate many other access control models. Finally, we show the ease of use of firewall model. When firewall system is restricted to specified part of the system, all the other resources are not affected. This enables a relatively smooth adoption. This fact and that it is a familiar model to system administrators will facilitate adoption and correct use. The user study we conducted on traditional UNIX access control, SELinux and file system firewall confirmed that. The beginner users found it easier to use and faster to learn then traditional UNIX access control scheme and SELinux.