An aspect-oriented methodology for designing secure applications

We propose a methodology, based on aspect-oriented modeling (AOM), for incorporating security mechanisms in an application. The functionality of the application is described using the primary model and the attacks are specified using aspects. The attack aspect is composed with the primary model to obtain the misuse model. The misuse model describes how much the application can be compromised. If the results are unacceptable, then some security mechanism must be incorporated into the application. The security mechanism, modeled as security aspect, is composed with the primary model to obtain the security-treated model. The security-treated model is analyzed to give assurance that it is resilient to the attack.     

Eliciting security requirements and tracing them to design: an integration of Common Criteria, heuristics, and UMLsec

Building secure systems is difficult for many reasons. This paper deals with two of the main challenges: (i) the lack of security expertise in development teams and (ii) the inadequacy of existing methodologies to support developers who are not security experts. The security standard ISO 14508 Common Criteria (CC) together with secure design techniques such as UMLsec can provide the security expertise, knowledge, and guidelines that are needed. However, security expertise and guidelines are not stated explicitly in the CC. They are rather phrased in security domain terminology and difficult to understand for developers. This means that some general security and secure design expertise are required to fully take advantage of the CC and UMLsec. In addition, there is the problem of tracing security requirements and objectives into solution design, which is needed for proof of requirements fulfilment. This paper describes a security requirements engineering methodology called SecReq. SecReq combines three techniques: the CC, the heuristic requirements editor HeRA, and UMLsec. SecReq makes systematic use of the security engineering knowledge contained in the CC and UMLsec, as well as security-related heuristics in the HeRA tool. The integrated SecReq method supports early detection of security-related issues (HeRA), their systematic refinement guided by the CC, and the ability to trace security requirements into UML design models. A feedback loop helps reusing experience within SecReq and turns the approach into an iterative process for the secure system life-cycle, also in the presence of system evolution.     

Urban-rural variation in cancer incidence in Denmark 1943-1987

Urban and rural cancer incidence in Denmark in 1943-1987 was analysed. A consistent urban excess was found for all sites combined for individuals of each sex, irrespective of age at diagnosis. The capital:rural incidence ratio was 1.42 for men and 1.25 for women, and these ratios were not affected to any great extent using another definition of urban areas. Urban:rural ratios were highest for cancers of the respiratory, urinary and upper digestive tracts. The differences cannot be explained by tobacco and alcohol consumption alone. Other risk factors linked to urbanisation may contribute importantly to the "urban factor", and analytical studies of data at an individual level are required to establish their relative importance. Our findings contradict the generally accepted view that there is no urban-rural difference in cancer incidence in the relatively small, homogeneous population of Denmark.     

POETS: Process-oriented event-driven transaction systems

We present a high-level enterprise system architecture that closely models the domain ontology of resource and information flows in enterprises. It is:Process-orientedformal, user-definable specifications for the expected exchange of resources (money, goods, and services), notably contracts, are represented explicitly in the system state to reflect expectations on future events;Event-drivenevents denote relevant information about real-world transactions, specifically the transfer of resources and information between economic agents, to which the system reacts by matching against its portfolio of running processes/contracts in real time;Declarativeuser defined reporting functions can be formulated as declarative functions on the system state, including the representations of residual contractual obligations.We introduce the architecture and demonstrate how analyses of the standard reporting requirements for companies—the income statement and the balance sheet—can be used to drive the design of events that need registering for such reporting purposes. We then illustrate how the multi-party obligations in trade contracts (sale, purchase), including pricing and VAT payments, can be represented as formal contract expressions that can be subjected to analysis.To the best of our knowledge this is the first architecture for enterprise resource accounting that demonstrably maps high-level process and information requirements directly to executable specifications.     

The bacterial flora of fresh and chill-stored pork: analysis by cloning and sequencing of 16S rRNA genes

The composition of the initial bacterial flora of pork and the development of the flora after storage at +4 degrees C for 4 days were analysed by amplification, cloning and sequencing of 16S rDNA. A total of 122 clones were obtained, with lengths of > or =400 nucleotides and > or =95% similarity to database sequences. Nineteen clones were similar to sequences in database not assigned to any genera. Fourteen different genera were represented in clones from fresh meat, with 36.5% of the clones most resembling Acinetobacter and 17.3% resembling Staphylococcus and Macrococcus. After storage, the clones were composed of six different genera, with 44.3% resembling Pseudomonas, 17.1% resembling Aeromonas and only 14.3% resembling Acinetobacter. This study shows that the overall pattern of the initial and chill-stored pork flora, as shown by a molecular approach, was in agreement with results obtained in previous studies using traditional cultivation methods.     

4‐Alkylated Silver–N‐Heterocyclic Carbene (NHC) Complexes with Cytotoxic Effects in Leukemia Cells

Computational chemistry has shown that backbone‐alkylated imidazoles ought to be efficient ligands for transition metal catalysts with improved carbene‐to‐metal donation. In this work, such alkylated imidazoles were synthesized and complexed with silver(I) by means of an eight/nine‐step synthetic pathway we devised to access a new class of biologically active silver complexes. The synthesis involves selective iodination of the imidazole backbone, followed by Sonogashira coupling to replace the backbone iodine. The installed alkyne moiety is then subjected to reductive hydrogenation with Pearlman’s catalyst. The imidazole N1 atom is arylated by the palladium‐catalyzed Buchwald N‐arylation method. The imidazole N3 position was then methylated with methyl iodine, whereupon the synthesis was terminated by complexation of the imidazolium salt with silver(I) oxide. The synthetic pathway provided an overall yield of ≈20 %. The resulting complexes were tested in vitro against HL60 and MOLM‐13 leukemic cells, two human‐derived cell lines that model acute myeloid leukemia. The most active compounds exhibiting low IC₅₀ values of 14 and 27 μM , against HL60 and MOLM‐13 cells, respectively. The imidazole side chain was found to be essential for high cytotoxicity, as the imidazole complex bearing a C₇ side chain at the 4‐position was four‐ to sixfold more potent than the corresponding imidazole elaborated with a methyl group.