YSO jets in the Galactic Plane from UWISH2: I - MHO catalogue for Serpens and Aquila

Jets and outflows from Young Stellar Objects (YSOs) are important signposts of currently ongoing star formation. In order to study these objects we are conducting an unbiased survey along the Galactic Plane in the 1-0S(1) emission line of molecular hydrogen at 2.122mu using the UK Infrared Telescope. In this paper we are focusing on a 33 square degree sized region in Serpens and Aquila (18deg < l < 30deg; -1.5deg < b < +1.5deg). We trace 131 jets and outflows from YSOs, which results in a 15 fold increase in the total number of known Molecular Hydrogen Outflows. Compared to this, the total integrated 1-0S(1) flux of all objects just about doubles, since the known objects occupy the bright end of the flux distribution. Our completeness limit is 3*10^-18Wm^-2 with 70% of the objects having fluxes of less than 10^-17Wm^-2. Generally, the flows are associated with Giant Molecular Cloud complexes and have a scale height of 25-30pc with respect to the Galactic Plane. We are able to assign potential source candidates to about half the objects. Typically, the flows are clustered in groups of 3-5 objects, within a radius of 5pc. These groups are separated on average by about half a degree, and 2/3rd of the entire survey area is devoid of outflows. We find a large range of apparent outflow lengths from 4arcsec to 130arcsec. If we assume a distance of 3kpc, only 10% of all outflows are of parsec scale. There is a 2.6sigma over abundance of flow position angles roughly perpendicular to the Galactic Plane.Comment: 13pages, 1table (Appendix B not included), 6figures, accepted for publication by MNRAS, a version with higher resolution figures can be found at http://astro.kent.ac.uk/~df

Design and Implementation of Virtual Private Services

Large scale distributed applications such as electronic commerce and online marketplaces combine network access with multiple storage and computational elements. The distributed responsibility for resource control creates new security and privacy issues, which are exacerbated by the complexity of the operating environment. In order to handle policies at multiple locations, the usual tools available (firewalls and compartmented file storage) get to be used in ways that are clumsy and prone to failure. We propose a new approach, virtual private services. Our approach relies on two functional divisions. First, we split policy specification and policy enforcement, providing local autonomy within the constraints of the global security policy. Second, we create virtual security domains, each with its own security policy. Every domain has an associated set of privileges and permissions restricting it to the resources it needs to use and the services it must perform. Virtual private services ensure security and privacy policies are adhered to through coordinated policy enforcement points. We describe our architecture and a prototype implementation, and present a preliminary performance evaluation confirming that our overhead of policy enforcement using is small

Discrete Choice, Social Interaction, and Policy in Encryption Technology Adoption

We introduce a model for examining the factors that lead to the adoption of new encryption technologies. Building on the work of Brock and Durlauf, the model describes how agents make choices, in the presence of social interaction, between competing technologies given their relative cost, functionality, and usability. We apply the model to examples about the adoption of encryption in communication (email and messaging) and storage technologies (self-encrypting drives) and also consider our model’s predictions for the evolution of technology adoption over time

Health outcomes during the 2008 financial crisis in Europe: systematic literature review

OBJECTIVE:  To systematically identify, critically appraise, and synthesise empirical studies about the impact of the 2008 financial crisis in Europe on health outcomes. DESIGN:  Systematic literature review. DATA SOURCES:  Structural searches of key databases, healthcare journals, and organisation based websites. REVIEW METHODS:  Empirical studies reporting on the impact of the financial crisis on health outcomes in Europe, published from January 2008 to December 2015, were included. All selected studies were assessed for risk of bias. Owing to the heterogeneity of studies in terms of study design and analysis and the use of overlapping datasets across studies, studies were analysed thematically per outcome, and the evidence was synthesised on different health outcomes without formal meta-analysis. RESULTS:  41 studies met the inclusion criteria, and focused on suicide, mental health, self rated health, mortality, and other health outcomes. Of those studies, 30 (73%) were deemed to be at high risk of bias, nine (22%) at moderate risk of bias, and only two (5%) at low risk of bias, limiting the conclusions that can be drawn. Although there were differences across countries and groups, there was some indication that suicides increased and mental health deteriorated during the crisis. The crisis did not seem to reverse the trend of decreasing overall mortality. Evidence on self rated health and other indicators was mixed. CONCLUSIONS:  Most published studies on the impact of financial crisis on health in Europe had a substantial risk of bias; therefore, results need to be cautiously interpreted. Overall, the financial crisis in Europe seemed to have had heterogeneous effects on health outcomes, with the evidence being most consistent for suicides and mental health. There is a need for better empirical studies, especially those focused on identifying mechanisms that can mitigate the adverse effects of the crisis

gore: Routing-Assisted Defense Against DDoS Attacks

We present gore, a routing-assisted defense architecture against distributed denial of service (DDoS) attacks that provides guaranteed levels of access to a network under attack. Our approach uses routing to redirect all traffic destined to a customer under attack to strategically-located gore proxies, where servers filter out attack traffic and forward authorized traffic toward its intended destination. Our architecture can be deployed incrementally by individual ISPs, does not require any collaboration between ISPs, and requires no modifications to either server- or client- software. Clients can be authorized through a web interface that screens legitimate users from outsiders or automated zombies. Authenticated clients are granted limited-time access to the network under attack. The gore architecture allows ISPs to offer DDoS defenses as a value-added service, providing necessary incentives for the deployment of such defenses. We constructed a PC-based testbed to evaluate the performance and scalability of gore. Our preliminary results show that gore is a viable approach, as its impact on the filtered traffic is minimal, in terms of both end-to-end latency and effective throughput. Furthermore, gore can easily be scaled up as needed to support larger numbers of clients and customers using inexpensive commodity PCs

Virtual Private Services: Coordinated Policy Enforcement for Distributed Applications

Large scale distributed applications combine network access with multiple storage and computational elements. The distributed responsibility for resource control creates new security issues, caused by the complexity of the operating environment. In particular, policies at multiple layers and locations force conventional mechanisms such as firewalls and compartmented file storage into roles where they are clumsy and failure-prone. Our approach relies on two functional divisions. First, we split policy specification and policy enforcement, providing local autonomy within the constraints of the global security policy. Second, we create virtual security domains each with its own security policy. Every domain has an associated set of privileges and permissions restricting it to the resources it needs to use and the services it must perform. Virtual private services ensure security and privacy policies are adhered to through coordinated policy enforcement points

Laboratory Mouse Models for the Human Genome-Wide Associations

The agnostic screening performed by genome-wide association studies (GWAS) has uncovered associations for previously unsuspected genes. Knowledge about the functional role of these genes is crucial and laboratory mouse models can provide such information. Here, we describe a systematic juxtaposition of human GWAS-discovered loci versus mouse models in order to appreciate the availability of mouse models data, to gain biological insights for the role of these genes and to explore the extent of concordance between these two lines of evidence. We perused publicly available data (NHGRI database for human associations and Mouse Genome Informatics database for mouse models) and employed two alternative approaches for cross-species comparisons, phenotype- and gene-centric. A total of 293 single gene-phenotype human associations (262 unique genes and 69 unique phenotypes) were evaluated. In the phenotype-centric approach, we identified all mouse models and related ortholog genes for the 51 human phenotypes with a comparable phenotype in mice. A total of 27 ortholog genes were found to be associated with the same phenotype in humans and mice, a concordance that was significantly larger than expected by chance (p<0.001). In the gene-centric approach, we were able to locate at least 1 knockout model for 60% of the 262 genes. The knockouts for 35% of these orthologs displayed pre- or post-natal lethality. For the remaining non-lethal orthologs, the same organ system was involved in mice and humans in 71% of the cases (p<0.001). Our project highlights the wealth of available information from mouse models for human GWAS, catalogues extensive information on plausible physiologic implications for many genes, provides hypothesis-generating findings for additional GWAS analyses and documents that the concordance between human and mouse genetic association is larger than expected by chance and can be informative

On the Use of Stream Control Transmission Protocol (SCTP) with IPsec

This document describes functional requirements for IPsec (RFC 2401) and Internet Key Exchange (IKE) (RFC 2409) to facilitate their use in securing SCTP (RFC 2960) traffic

Decentralized Access Control in Distributed File Systems

The Internet enables global sharing of data across organizational boundaries. Distributed file systems facilitate data sharing in the form of remote file access. However, traditional access control mechanisms used in distributed file systems are intended for machines under common administrative control, and rely on maintaining a centralized database of user identities. They fail to scale to a large user base distributed across multiple organizations. We provide a survey of decentralized access control mechanisms in distributed file systems intended for large scale, in both administrative domains and users. We identify essential properties of such access control mechanisms. We analyze both popular production and experimental distributed file systems in the context of our survey