The Experts below are selected from a list of 123633 Experts worldwide ranked by ideXlab platform
Timothy S Zwier - One of the best experts on this subject based on the ideXlab platform.
-
plant sunscreens in the uv b ultraviolet spectroscopy of jet cooled sinapoyl malate sinapic acid and sinapate ester derivatives
Journal of the American Chemical Society, 2014Co-Authors: Jacob C Dean, Ryoji Kusaka, Patrick Walsh, Florent Allais, Timothy S ZwierAbstract:Ultraviolet spectroscopy of sinapoyl malate, an essential UV-B screening agent in plants, was carried out in the cold, Isolated Environment of a supersonic expansion to explore its intrinsic UV spectral properties in detail. Despite these conditions, sinapoyl malate displays anomalous spectral broadening extending well over 1000 cm–1 in the UV-B region, presenting the tantalizing prospect that nature’s selection of UV-B sunscreen is based in part on the inherent quantum mechanical features of its excited states. Jet-cooling provides an ideal setting in which to explore this topic, where complications from intermolecular interactions are eliminated. In order to better understand the structural causes of this behavior, the UV spectroscopy of a series of sinapate esters was undertaken and compared with ab initio calculations, starting with the simplest sinapate chromophore sinapic acid, and building up the ester side chain to sinapoyl malate. This “deconstruction” approach provided insight into the active me...
Priyadarsi Nanda - One of the best experts on this subject based on the ideXlab platform.
-
sandfox secure sandboxed and Isolated Environment for firefox browser
Security of Information and Networks, 2015Co-Authors: Anil Saini, Manoj Singh Gaur, Vijay Laxmi, Priyadarsi NandaAbstract:Browser functionalities can be widely extended by browser extensions. One of the key features that makes browser extensions so powerful is that they run with "high" privileges. As a consequence, a vulnerable or malicious extension might expose browser, and operating system (OS) resources to possible attacks such as privilege escalation, information stealing, and session hijacking. The resources are referred as browser as well as OS components accessed through browser extension such as accessing information on the web application, executing arbitrary processes, and even access files from a host file system. This paper presents sandFOX (secure sandbox and iso- lated Environment), a client-side browser policies for constructing sandbox Environment. sandFOX allows the browser extension to express fine-grained OS specific security policies that are enforced at runtime. In particular, our proposed policies provide the protection to OS resources (e.g., host file system, network and processes) from the browser attacks. We use Security-Enhanced Linux (SELinux) to tune OS and build a sandbox that helps in reducing potential damage from attacks on the OS resources. To show the practicality of sandFOX in a range of settings, we compute the effectiveness of sandFOX for various browser attacks on OS resources. We also show that sandFOX enabled browser experiences low overhead on loading pages and utilizes negligible memory when running with sandbox Environment.
-
SIN - sandFOX: secure sandboxed and Isolated Environment for firefox browser
Proceedings of the 8th International Conference on Security of Information and Networks - SIN '15, 2015Co-Authors: Anil Saini, Manoj Singh Gaur, Vijay Laxmi, Priyadarsi NandaAbstract:Browser functionalities can be widely extended by browser extensions. One of the key features that makes browser extensions so powerful is that they run with "high" privileges. As a consequence, a vulnerable or malicious extension might expose browser, and operating system (OS) resources to possible attacks such as privilege escalation, information stealing, and session hijacking. The resources are referred as browser as well as OS components accessed through browser extension such as accessing information on the web application, executing arbitrary processes, and even access files from a host file system. This paper presents sandFOX (secure sandbox and iso- lated Environment), a client-side browser policies for constructing sandbox Environment. sandFOX allows the browser extension to express fine-grained OS specific security policies that are enforced at runtime. In particular, our proposed policies provide the protection to OS resources (e.g., host file system, network and processes) from the browser attacks. We use Security-Enhanced Linux (SELinux) to tune OS and build a sandbox that helps in reducing potential damage from attacks on the OS resources. To show the practicality of sandFOX in a range of settings, we compute the effectiveness of sandFOX for various browser attacks on OS resources. We also show that sandFOX enabled browser experiences low overhead on loading pages and utilizes negligible memory when running with sandbox Environment.
Jacob C Dean - One of the best experts on this subject based on the ideXlab platform.
-
plant sunscreens in the uv b ultraviolet spectroscopy of jet cooled sinapoyl malate sinapic acid and sinapate ester derivatives
Journal of the American Chemical Society, 2014Co-Authors: Jacob C Dean, Ryoji Kusaka, Patrick Walsh, Florent Allais, Timothy S ZwierAbstract:Ultraviolet spectroscopy of sinapoyl malate, an essential UV-B screening agent in plants, was carried out in the cold, Isolated Environment of a supersonic expansion to explore its intrinsic UV spectral properties in detail. Despite these conditions, sinapoyl malate displays anomalous spectral broadening extending well over 1000 cm–1 in the UV-B region, presenting the tantalizing prospect that nature’s selection of UV-B sunscreen is based in part on the inherent quantum mechanical features of its excited states. Jet-cooling provides an ideal setting in which to explore this topic, where complications from intermolecular interactions are eliminated. In order to better understand the structural causes of this behavior, the UV spectroscopy of a series of sinapate esters was undertaken and compared with ab initio calculations, starting with the simplest sinapate chromophore sinapic acid, and building up the ester side chain to sinapoyl malate. This “deconstruction” approach provided insight into the active me...
Xiaolan Zhang - One of the best experts on this subject based on the ideXlab platform.
-
sice a hardware level strongly Isolated computing Environment for x86 multi core platforms
Computer and Communications Security, 2011Co-Authors: Ahmed M. Azab, Peng Ning, Xiaolan ZhangAbstract:SICE is a novel framework to provide hardware-level isolation and protection for sensitive workloads running on x86 platforms in compute clouds. Unlike existing isolation techniques, SICE does not rely on any software component in the host Environment (i.e., an OS or a hypervisor). Instead, the security of the Isolated Environments is guaranteed by a trusted computing base that only includes the hardware, the BIOS, and the System Management Mode (SMM). SICE provides fast context switching to and from an Isolated Environment, allowing Isolated workloads to time-share the physical platform with untrusted workloads. Moreover, SICE supports a large range (up to 4GB) of Isolated memory. Finally, the most unique feature of SICE is the use of multicore processors to allow the Isolated Environments to run concurrently and yet securely beside the untrusted host. We have implemented a SICE prototype using an AMD x86 hardware platform. Our experiments show that SICE performs fast context switching (67 microseconds) to and from the Isolated Environment and that it imposes a reasonable overhead (3% on all but one benchmark) on the operation of an Isolated Linux virtual machine. Our prototype demonstrates that, subject to a careful security review of the BIOS software and the SMM hardware implementation, current hardware architecture already provides abstractions that can support building strong isolation mechanisms using a very small SMM software foundation of about 300 lines of code.
-
ACM Conference on Computer and Communications Security - SICE: a hardware-level strongly Isolated computing Environment for x86 multi-core platforms
Proceedings of the 18th ACM conference on Computer and communications security - CCS '11, 2011Co-Authors: Ahmed M. Azab, Peng Ning, Xiaolan ZhangAbstract:SICE is a novel framework to provide hardware-level isolation and protection for sensitive workloads running on x86 platforms in compute clouds. Unlike existing isolation techniques, SICE does not rely on any software component in the host Environment (i.e., an OS or a hypervisor). Instead, the security of the Isolated Environments is guaranteed by a trusted computing base that only includes the hardware, the BIOS, and the System Management Mode (SMM). SICE provides fast context switching to and from an Isolated Environment, allowing Isolated workloads to time-share the physical platform with untrusted workloads. Moreover, SICE supports a large range (up to 4GB) of Isolated memory. Finally, the most unique feature of SICE is the use of multicore processors to allow the Isolated Environments to run concurrently and yet securely beside the untrusted host. We have implemented a SICE prototype using an AMD x86 hardware platform. Our experiments show that SICE performs fast context switching (67 microseconds) to and from the Isolated Environment and that it imposes a reasonable overhead (3% on all but one benchmark) on the operation of an Isolated Linux virtual machine. Our prototype demonstrates that, subject to a careful security review of the BIOS software and the SMM hardware implementation, current hardware architecture already provides abstractions that can support building strong isolation mechanisms using a very small SMM software foundation of about 300 lines of code.
Felix C Freiling - One of the best experts on this subject based on the ideXlab platform.
-
adsandbox sandboxing javascript to fight malicious websites
ACM Symposium on Applied Computing, 2010Co-Authors: Andreas Dewald, Thorsten Holz, Felix C FreilingAbstract:We present ADSandbox, an analysis system for malicious websites that focusses on detecting attacks through JavaScript. Since, in contrast to Java, JavaScript does not have any built-in sandbox concept, the idea is to execute any embedded JavaScript within an Isolated Environment and log every critical action. Using heuristics on these logs, ADSandbox decides whether the site is malicious or not. In contrast to previous work, this approach combines generality with usability, since the system is executed directly on the client running the web browser before the web page is displayed. We show that we can achieve false positive rates close to 0% and false negative rates below 15% with a performance overhead of only a few seconds, what is a bit high for real time application, but supposes a great potential for future versions of our tool.
