Revisiting the Security of the ALRED Design and Two of Its Variants: Marvin and LetterSoup

The ALRED construction is a lightweight strategy for constructing message authentication algorithms from an underlying iterated block cipher. Even though this construction's original analyses show that it is secure against some attacks, the absence of formal security proofs in a strong security model still brings uncertainty on its robustness. In this paper, aiming to give a better understanding of the security level provided by different authentication algorithms based on this design strategy, we formally analyze two ALRED variants-the MARVIN message authentication code and the LETTERSOUP authenticated-encryption scheme,-bounding their security as a function of the attacker's resources and of the underlying cipher's characteristics.

A rigorous approach to facilitate and guarantee the correctness of the genetic testing management in human genome information systems

Abstract Background Recent medical and biological technology advances have stimulated the development of new testing systems that have been providing huge, varied amounts of molecular and clinical data. Growing data volumes pose significant challenges for information processing systems in research centers. Additionally, the routines of genomics laboratory are typically characterized by high parallelism in testing and constant procedure changes. Results This paper describes a formal approach to address this challenge through the implementation of a genetic testing management system applied to human genome laboratory. We introduced the Human Genome Research Center Information System (CEGH) in Brazil, a system that is able to support constant changes in human genome testing and can provide patients updated results based on the most recent and validated genetic knowledge. Our approach uses a common repository for process planning to ensure reusability, specification, instantiation, monitoring, and execution of processes, which are defined using a relational database and rigorous control flow specifications based on process algebra (ACP). The main difference between our approach and related works is that we were able to join two important aspects: 1) process scalability achieved through relational database implementation, and 2) correctness of processes using process algebra. Furthermore, the software allows end users to define genetic testing without requiring any knowledge about business process notation or process algebra. Conclusions This paper presents the CEGH information system that is a Laboratory Information Management System (LIMS) based on a formal framework to support genetic testing management for Mendelian disorder studies. We have proved the feasibility and showed usability benefits of a rigorous approach that is able to specify, validate, and perform genetic testing using easy end user interfaces.

Dalla città alla casa, dalla casa alla città: la mutevole ricerca di un Piano per il ben-essere urbano

La ricerca si propone di definire le linee guida per la stesura di un Piano che si occupi di qualità della vita e di benessere. Il richiamo alla qualità e al benessere è positivamente innovativo, in quanto impone agli organi decisionali di sintonizzarsi con la soggettività attiva dei cittadini e, contemporaneamente, rende evidente la necessità di un approccio più ampio e trasversale al tema della città e di una più stretta relazione dei tecnici/esperti con i responsabili degli organismi politicoamministrativi. La ricerca vuole indagare i limiti dell’urbanistica moderna di fronte alla complessità di bisogni e di nuove necessità espresse dalle popolazioni urbane contemporanee. La domanda dei servizi è notevolmente cambiata rispetto a quella degli anni Sessanta, oltre che sul piano quantitativo anche e soprattutto sul piano qualitativo, a causa degli intervenuti cambiamenti sociali che hanno trasformato la città moderna non solo dal punto di vista strutturale ma anche dal punto di vista culturale: l’intermittenza della cittadinanza, per cui le città sono sempre più vissute e godute da cittadini del mondo (turisti e/o visitatori, temporaneamente presenti) e da cittadini diffusi (suburbani, provinciali, metropolitani); la radicale trasformazione della struttura familiare, per cui la famiglia-tipo costituita da una coppia con figli, solido riferimento per l’economia e la politica, è oggi minoritaria; l’irregolarità e flessibilità dei calendari, delle agende e dei ritmi di vita della popolazione attiva; la mobilità sociale, per cui gli individui hanno traiettorie di vita e pratiche quotidiane meno determinate dalle loro origini sociali di quanto avveniva nel passato; l’elevazione del livello di istruzione e quindi l’incremento della domanda di cultura; la crescita della popolazione anziana e la forte individualizzazione sociale hanno generato una domanda di città espressa dalla gente estremamente variegata ed eterogenea, frammentata e volatile, e per alcuni aspetti assolutamente nuova. Accanto a vecchie e consolidate richieste – la città efficiente, funzionale, produttiva, accessibile a tutti – sorgono nuove domande, ideali e bisogni che hanno come oggetto la bellezza, la varietà, la fruibilità, la sicurezza, la capacità di stupire e divertire, la sostenibilità, la ricerca di nuove identità, domande che esprimono il desiderio di vivere e di godere la città, di stare bene in città, domande che non possono essere più soddisfatte attraverso un’idea di welfare semplicemente basata sull’istruzione, la sanità, il sistema pensionistico e l’assistenza sociale. La città moderna ovvero l’idea moderna della città, organizzata solo sui concetti di ordine, regolarità, pulizia, uguaglianza e buon governo, è stata consegnata alla storia passata trasformandosi ora in qualcosa di assai diverso che facciamo fatica a rappresentare, a descrivere, a raccontare. La città contemporanea può essere rappresentata in molteplici modi, sia dal punto di vista urbanistico che dal punto di vista sociale: nella letteratura recente è evidente la difficoltà di definire e di racchiudere entro limiti certi l’oggetto “città” e la mancanza di un convincimento forte nell’interpretazione delle trasformazioni politiche, economiche e sociali che hanno investito la società e il mondo nel secolo scorso. La città contemporanea, al di là degli ambiti amministrativi, delle espansioni territoriali e degli assetti urbanistici, delle infrastrutture, della tecnologia, del funzionalismo e dei mercati globali, è anche luogo delle relazioni umane, rappresentazione dei rapporti tra gli individui e dello spazio urbano in cui queste relazioni si muovono. La città è sia concentrazione fisica di persone e di edifici, ma anche varietà di usi e di gruppi, densità di rapporti sociali; è il luogo in cui avvengono i processi di coesione o di esclusione sociale, luogo delle norme culturali che regolano i comportamenti, dell’identità che si esprime materialmente e simbolicamente nello spazio pubblico della vita cittadina. Per studiare la città contemporanea è necessario utilizzare un approccio nuovo, fatto di contaminazioni e saperi trasversali forniti da altre discipline, come la sociologia e le scienze umane, che pure contribuiscono a costruire l’immagine comunemente percepita della città e del territorio, del paesaggio e dell’ambiente. La rappresentazione del sociale urbano varia in base all’idea di cosa è, in un dato momento storico e in un dato contesto, una situazione di benessere delle persone. L’urbanistica moderna mirava al massimo benessere del singolo e della collettività e a modellarsi sulle “effettive necessità delle persone”: nei vecchi manuali di urbanistica compare come appendice al piano regolatore il “Piano dei servizi”, che comprende i servizi distribuiti sul territorio circostante, una sorta di “piano regolatore sociale”, per evitare quartieri separati per fasce di popolazione o per classi. Nella città contemporanea la globalizzazione, le nuove forme di marginalizzazione e di esclusione, l’avvento della cosiddetta “new economy”, la ridefinizione della base produttiva e del mercato del lavoro urbani sono espressione di una complessità sociale che può essere definita sulla base delle transazioni e gli scambi simbolici piuttosto che sui processi di industrializzazione e di modernizzazione verso cui era orientata la città storica, definita moderna. Tutto ciò costituisce quel complesso di questioni che attualmente viene definito “nuovo welfare”, in contrapposizione a quello essenzialmente basato sull’istruzione, sulla sanità, sul sistema pensionistico e sull’assistenza sociale. La ricerca ha quindi analizzato gli strumenti tradizionali della pianificazione e programmazione territoriale, nella loro dimensione operativa e istituzionale: la destinazione principale di tali strumenti consiste nella classificazione e nella sistemazione dei servizi e dei contenitori urbanistici. E’ chiaro, tuttavia, che per poter rispondere alla molteplice complessità di domande, bisogni e desideri espressi dalla società contemporanea le dotazioni effettive per “fare città” devono necessariamente superare i concetti di “standard” e di “zonizzazione”, che risultano essere troppo rigidi e quindi incapaci di adattarsi all’evoluzione di una domanda crescente di qualità e di servizi e allo stesso tempo inadeguati nella gestione del rapporto tra lo spazio domestico e lo spazio collettivo. In questo senso è rilevante il rapporto tra le tipologie abitative e la morfologia urbana e quindi anche l’ambiente intorno alla casa, che stabilisce il rapporto “dalla casa alla città”, perché è in questa dualità che si definisce il rapporto tra spazi privati e spazi pubblici e si contestualizzano i temi della strada, dei negozi, dei luoghi di incontro, degli accessi. Dopo la convergenza dalla scala urbana alla scala edilizia si passa quindi dalla scala edilizia a quella urbana, dal momento che il criterio del benessere attraversa le diverse scale dello spazio abitabile. Non solo, nei sistemi territoriali in cui si è raggiunto un benessere diffuso ed un alto livello di sviluppo economico è emersa la consapevolezza che il concetto stesso di benessere sia non più legato esclusivamente alla capacità di reddito collettiva e/o individuale: oggi la qualità della vita si misura in termini di qualità ambientale e sociale. Ecco dunque la necessità di uno strumento di conoscenza della città contemporanea, da allegare al Piano, in cui vengano definiti i criteri da osservare nella progettazione dello spazio urbano al fine di determinare la qualità e il benessere dell’ambiente costruito, inteso come benessere generalizzato, nel suo significato di “qualità dello star bene”. E’ evidente che per raggiungere tale livello di qualità e benessere è necessario provvedere al soddisfacimento da una parte degli aspetti macroscopici del funzionamento sociale e del tenore di vita attraverso gli indicatori di reddito, occupazione, povertà, criminalità, abitazione, istruzione, etc.; dall’altra dei bisogni primari, elementari e di base, e di quelli secondari, culturali e quindi mutevoli, trapassando dal welfare state allo star bene o well being personale, alla wellness in senso olistico, tutte espressioni di un desiderio di bellezza mentale e fisica e di un nuovo rapporto del corpo con l’ambiente, quindi manifestazione concreta di un’esigenza di ben-essere individuale e collettivo. Ed è questa esigenza, nuova e difficile, che crea la diffusa sensazione dell’inizio di una nuova stagione urbana, molto più di quanto facciano pensare le stesse modifiche fisiche della città.

Gender and identity classification for a naive and evolving system

[EN]This paper does not propose a new technique for face representationorclassification. Insteadtheworkdescribed here investigates the evolution of an automatic system which, based on a currently common framework, and starting from an empty memory, modifies its classifiers according to experience. In the experiments we reproduce up to a certain extent the process of successive meetings. The results achieved, even when the number of different individuals is still reduced compared to off-line classifiers, are promising.

A Design Methodology for Computer Security Testing

The field of "computer security" is often considered something in between Art and Science. This is partly due to the lack of widely agreed and standardized methodologies to evaluate the degree of the security of a system. This dissertation intends to contribute to this area by investigating the most common security testing strategies applied nowadays and by proposing an enhanced methodology that may be effectively applied to different threat scenarios with the same degree of effectiveness. Security testing methodologies are the first step towards standardized security evaluation processes and understanding of how the security threats evolve over time. This dissertation analyzes some of the most used identifying differences and commonalities, useful to compare them and assess their quality. The dissertation then proposes a new enhanced methodology built by keeping the best of every analyzed methodology. The designed methodology is tested over different systems with very effective results, which is the main evidence that it could really be applied in practical cases. Most of the dissertation discusses and proves how the presented testing methodology could be applied to such different systems and even to evade security measures by inverting goals and scopes. Real cases are often hard to find in methodology' documents, in contrary this dissertation wants to show real and practical cases offering technical details about how to apply it. Electronic voting systems are the first field test considered, and Pvote and Scantegrity are the two tested electronic voting systems. The usability and effectiveness of the designed methodology for electronic voting systems is proved thanks to this field cases analysis. Furthermore reputation and anti virus engines have also be analyzed with similar results. The dissertation concludes by presenting some general guidelines to build a coordination-based approach of electronic voting systems to improve the security without decreasing the system modularity.

An Innovation System Perspective on Adaptation Strategies to Climate Variability and Water Management in India

Government policies play a critical role in influencing market conditions, institutions and overall agricultural productivity. The thesis therefore looks into the history of agriculture development in India. Taking a political economy perspective, the historical account looks at significant institutional and technological innovations carried out in pre- independent and post independent India. It further focuses on the Green Revolution in Asia, as forty years after; the agricultural community still faces the task of addressing recurrent issue of food security amidst emerging challenges, such as climate change. It examines the Green Revolution that took place in India during the late 1960s and 70s in a historical perspective, identifying two factors of institutional change and political leadership. Climate change in agriculture development has become a major concern to farmers, researchers and policy makers alike. However, there is little knowledge on the farmers’ perception to climate change and to the extent they coincide with actual climatic data. Using a qualitative approach,it looks into the perceptions of the farmers in four villages in the states of Maharashtra and Andhra Pradesh. While exploring the adaptation strategies, the chapter looks into the dynamics of who can afford a particular technology and who cannot and what leads to a particular adaptation decision thus determining the adaptive capacity in water management. The final section looks into the devolution of authority for natural resource management to local user groups through the Water Users’ Associations as an important approach to overcome the long-standing challenges of centralized state bureaucracies in India. It addresses the knowledge gap of why some local user groups are able to overcome governance challenges such as elite capture, while others-that work under the design principles developed by Elinor Ostrom. It draws conclusions on how local leadership, can be promoted to facilitate participatory irrigation management.

Analisi e riprogettazione del processo di ict risk management: un caso applicativo in Telecom Italia

Questo lavoro di tesi muove da tematiche relative alla sicurezza IT e risulta dagli otto mesi di lavoro all’interno della funzione Technical Security di Telecom Italia Information Technology. Il compito primario di questa unità di business è ridurre il rischio informatico dei sistemi di Telecom Italia per mezzo dell’attuazione del processo di ICT Risk Management, che coinvolge l’intera organizzazione ed è stato oggetto di una riprogettazione nel corso del 2012. Per estendere tale processo a tutti i sistemi informatici, nello specifico a quelli caratterizzati da non conformità, all’inizio del 2013 è stato avviato il Programma Strutturato di Sicurezza, un aggregato di quattro progetti dalla durata triennale particolarmente articolato e complesso. La pianificazione di tale Programma ha visto coinvolto, tra gli altri, il team di cui ho fatto parte, che ha collaborato con Telecom Italia assolvendo alcune delle funzioni di supporto tipiche dei Project Management Office (PMO).

Identity dynamics and the emergence of new organizational arrangements: A multi-level study

Organizational and institutional scholars have advocated the need to examine how processes originating at an individual level can change organizations or even create new organizational arrangements able to affect institutional dynamics (Chreim et al., 2007; Powell & Colyvas, 2008; Smets et al., 2012). Conversely, research on identity work has mainly investigated the different ways individuals can modify the boundaries of their work in actual occupations, thus paying particular attention to ‘internal’ self-crafting (e.g. Wrzesniewski & Dutton, 2001). Drawing from literatures on possible and alternative self and on positive organizational scholarship (e.g., Obodaru, 2012; Roberts & Dutton, 2009), my argument is that individuals’ identity work can go well beyond the boundaries of internal self-crafting to the creation of new organizational arrangements. In this contribution I analyze, through multiple case studies, healthcare professionals who spontaneously participated in the creation of new organizational arrangements, namely health structures called Community Hospitals. The contribution develops this form of identity work by building a grounded model. My findings disclose the process that leads from the search for the enactment of different self-concepts to positive identities, through the creation of a new organizational arrangement. I contend that this is a particularly complex form of collective identity work because it requires, to be successful, concerted actions of several internal, external and institutional actors, and it also requires balanced tensions that – at the same time - enable individuals’ aspirations and organizational equilibrium. I name this process organizational collective crafting. Moreover I inquire the role of context in supporting the triggering power of those unrealized selves. I contribute to the comprehension of the consequences of self-comparisons, organizational identity variance, and positive identity. The study bears important insights on how identity work originating from individuals can influence organizational outcomes and larger social systems.

Building Peace and/or Gender Equality. Changing Attitudes around Peace, Development and Security in International Cooperation in Rwanda.

The times following international or civil conflicts but also violent revolutions often come with unequal share of the peace dividend for men and women. Delusions for women who gained freedom of movement and of roles during conflict but had to step back during reconstruction and peace have been recorded in all regions of the world. The emergence of peacebuilding as a modality for the international community to ensure peace and security has slowly incorporated gender sensitivity at the level of legal and policy instruments. Focusing on Rwanda, a country that has obtained significant gender advancement in the years after the genocide while also obtaining to not relapse into conflict, this research explores to what extent the international community has contributed to this transformation. From a review of evaluations, findings are that many of the interventions did not purse gender equality, and overall the majority understood gender and designed actions is a quite superficial way which would hardly account for the significative advancement in combating gender discrimination that the Government, for its inner political will, is conducting. Then, after a critique from a feminist standpoint to the concept of human security, departing from the assumption (sustained by the Governemnt of Rwanda as well) that domestic violence is a variable influencing level of security relevant at the national level, a review of available secondary data on GBV is conducted an trends over the years analysed. The emerging trends signal a steep increase in prevalence of GBV and in domestic violence in particular. Although no conclusive interpretation can be formulated on these data, there are elements suggesting the increase might be due to augmented reporting. The research concludes outlining possible further research pathways to better understand the link in Rwanda between the changing gender norms and the GBV.

Identity Changes and Consumer Behavior. How Becoming Parents Changes Our Consumption Choices

This research aims at investigating the impact of the identity change on consumption. An identity change is defined as the acquisition of a new identity after a life change event. For instance after the birth of the first child the new identity as parent is acquired and a woman can define herself as a mother. Despite marketing research recognizes that individuals’ identity is unstable and susceptible to change, the investigation of the identity change is still in its infancy. Furthermore, marketing research did not investigate the contextual effect of the new as well as the old identity on individuals’ reaction toward identity-marketing. In order words, whether people show a more favorable reaction toward product related to their new or their old identities after an identity change is still unclear. In order to answer this question, five studies are conducted. Results show that when the new identity substitutes the old one, people show a more positive reaction toward new-identity related products, while when the new identity is added to the old ones, people show a more positive reaction toward old-identity related products. This is the case also when the new identity accounts for high levels of identification (study three) and when the old identity is squeezed by the new one (studies four and five). A new concept, the identity strain, is then introduced and discussed.

SMARTDIAB: a communication and information technology approach for the intelligent monitoring, management and follow-up of type 1 diabetes patients

SMARTDIAB is a platform designed to support the monitoring, management, and treatment of patients with type 1 diabetes mellitus (T1DM), by combining state-of-the-art approaches in the fields of database (DB) technologies, communications, simulation algorithms, and data mining. SMARTDIAB consists mainly of two units: 1) the patient unit (PU); and 2) the patient management unit (PMU), which communicate with each other for data exchange. The PMU can be accessed by the PU through the internet using devices, such as PCs/laptops with direct internet access or mobile phones via a Wi-Fi/General Packet Radio Service access network. The PU consists of an insulin pump for subcutaneous insulin infusion to the patient and a continuous glucose measurement system. The aforementioned devices running a user-friendly application gather patient's related information and transmit it to the PMU. The PMU consists of a diabetes data management system (DDMS), a decision support system (DSS) that provides risk assessment for long-term diabetes complications, and an insulin infusion advisory system (IIAS), which reside on a Web server. The DDMS can be accessed from both medical personnel and patients, with appropriate security access rights and front-end interfaces. The DDMS, apart from being used for data storage/retrieval, provides also advanced tools for the intelligent processing of the patient's data, supporting the physician in decision making, regarding the patient's treatment. The IIAS is used to close the loop between the insulin pump and the continuous glucose monitoring system, by providing the pump with the appropriate insulin infusion rate in order to keep the patient's glucose levels within predefined limits. The pilot version of the SMARTDIAB has already been implemented, while the platform's evaluation in clinical environment is being in progress.

Fragile logo watermarking for public authentication

A new fragile logo watermarking scheme is proposed for public authentication and integrity verification of images. The security of the proposed block-wise scheme relies on a public encryption algorithm and a hash function. The encoding and decoding methods can provide public detection capabilities even in the absence of the image indices and the original logos. Furthermore, the detector automatically authenticates input images and extracts possible multiple logos and image indices, which can be used not only to localise tampered regions, but also to identify the original source of images used to generate counterfeit images. Results are reported to illustrate the effectiveness of the proposed method.

'Security Here is Not Safe': Violence, Punishment, & Space in the Contemporary U.S. Penitentiary

The US penitentiary at Lewisburg, Pennsylvania, was retrofitted in 2008 to offer the country’s first federal Special Management Unit (SMU) program of its kind. This model SMU is designed for federal inmates from around the country identified as the most intractably troublesome, and features double-celling of inmates in tiny spaces, in 23-hour or 24-hour a day lockdown, requiring them to pass through a two-year program of readjustment. These spatial tactics, and the philosophy of punishment underlying them, contrast with the modern reform ideals upon which the prison was designed and built in 1932. The SMU represents the latest punitive phase in American penology, one that neither simply eliminates men as in the premodern spectacle, nor creates the docile, rehabilitated bodies of the modern panopticon; rather, it is a late-modern structure that produces only fear, terror, violence, and death. This SMU represents the latest of the late-modern prisons, similar to other supermax facilities in the US but offering its own unique system of punishment as well. While the prison exists within the system of American law and jurisprudence, it also manifests features of Agamben’s lawless, camp-like space that emerges during a state of exception, exempt from outside scrutiny with inmate treatment typically beyond the scope of the law.

"Security Here is Not Safe": Violence, Punishment, and Space in the Contemporary US Penitentiary

The US penitentiary at Lewisburg, Pennsylvania, was retrofitted in 2008 to offer the country's first federal Special Management Unit (SMU) program of its kind. This model SMU is designed for federal inmates from around the country identified as the most intractably troublesome, and features double-celling of inmates in tiny spaces, in 23-hour or 24-hour a day lockdown, requiring them to pass through a two-year program of readjustment. These spatial tactics, and the philosophy of punishment underlying them, contrast with the modern reform ideals upon which the prison was designed and built in 1932. The SMU represents the latest punitive phase in American penology, one that neither simply eliminates men as in the premodern spectacle, nor creates the docile, rehabilitated bodies of the modern panopticon; rather, it is a late-modern structure that produces only fear, terror, violence, and death. This SMU represents the latest of the late-modern prisons, similar to other supermax facilities in the US but offering its own unique system of punishment as well. While the prison exists within the system of American law and jurisprudence, it also manifests features of Agamben's lawless, camp-like space that emerges during a state of exception, exempt from outside scrutiny with inmate treatment typically beyond the scope of the law

[A million football fans in a city of 120,000 inhabitants--a nightmare for emergency medicine and disaster management? Euro 2008 and the "Orange wonder of Berne"]

The 2008 European Football Championship 2008 (Euro 08) is the largest sporting event ever organized in Switzerland. One million visitors came to the city of Berne during the event and the local airport in Bern/Belp registered 261 extra flights. For each football game there were 33,000 fans in the stadium and 100,000 fans in the public viewing zones.The ambulance corps and the Department of Emergency Medicine (ED) at Inselspital, University Hospital Berne, were responsible for basic medical care and emergency medical management. Injuries and illnesses were analyzed by a standardized score (NACA score). The preparation strategy as well as costs and patient numbers are presented in detail.A total of 30 additional ambulance vehicles were used, 4,723 additional working days (one-third medical professionals) were accumulated, 662 ambulance calls were registered and 240 persons needed medical care (62% Swiss, 28% Dutch and 10% other nationalities). Among those needing treatment 51 were treated in 1 of the 4 city hospitals. No injuries with NACA grades VI and VII occurred (NACA I: 4, NACA II: 17, NACA III: 16, NACA IV: 10 and NACA V: 4 patients). The city of Berne compensated the Inselspital Bern with a total of 112,603 Euros for extra medical care costs. The largest amount was spent on security measures (50,300 Euros) and medical staff (medical doctors 22,600 Euros, nurses 29,000 Euros). Because of the poor weather and the exemplary behavior of the fans, the course of events was rather peaceful.