The SSL man-in-the-middle attack uses forged SSL certificates to intercept encrypted connections between clients and servers. However, due to a lack of reliable indicators, it is still unclear how commonplace these attacks occur in the wild. In this work, we have designed and implemented a method

involve hundreds of processes that must be able to acquire resources dynamically and communicate e#ciently. This paper analyzes the unique security requirements of large-scale distributed (grid) computing and develops a security policy and a corresponding security architecture. An implementation

be adapted into powerful attacks agacks sensor networks, introduce two classes of novel attacks agacks sensor networks----sinkholes and HELLO floods, and analyze the security of all the major sensor networkrouting protocols. We describe crippling attacks against all of them and sug@(5 countermeasures

An ad hoc network is a group of wireless mobile computers (or nodes), in which individual nodes cooperate by forwarding packets for each other to allow nodes to communicate beyond direct wireless transmission range. Prior research in ad hoc networking has generally studied the routing problem in a non-adversarial setting, assuming a trusted environment. In this paper, we present attacks against routing in ad hoc networks, and we present the design and performance evaluation of a new secure on-demand ad hoc network routing protocol, called Ariadne. Ariadne prevents attackers or compromised nodes from tampering with uncompromised routes consisting of uncompromised nodes, and also prevents a large number of types of Denial-of-Service attacks. In addition, Ariadne is efficient, using only highly efficient symmetric cryptographic primitives.

Two kinds of contemporary developments in cryptography are examined. Widening applications of teleprocessing have given rise to a need for new types of cryptographic systems, which minimize the need for secure key distribution channels and supply the equivalent of a written signature. This paper suggests ways to solve these currently open problems. It also discusses how the theories of communication and computation are beginning to provide the tools to solve cryptographic problems of long standing.

Current standard security practices do not provide substantial assurance that the end-to-end behavior of a computing system satisfies important security policies such as confidentiality. An end-to-end confidentiality policy might assert that secret input data cannot be inferred by an attacker through the attacker's observations of system output; this policy regulates information flow.

The rising abuse of computers and increasing threat to personal privacy through data banks have stimulated much interest m the techmcal safeguards for data. There are four kinds of safeguards, each related to but distract from the others. Access controls regulate which users may enter the system and subsequently whmh data sets an active user may read or wrote. Flow controls regulate the dissemination of values among the data sets accessible to a user. Inference controls protect statistical databases by preventing questioners from deducing confidential information by posing carefully designed sequences of statistical queries and correlating the responses. Statlstmal data banks are much less secure than most people beheve. Data encryption attempts to prevent unauthorized disclosure of confidential information in transit or m storage. This paper describes the general nature of controls of each type, the kinds of problems they can and cannot solve, and their inherent limitations and weaknesses. The paper is intended for a general audience with little background in the area.

Factors that affect he probability of genetic transformation f Escherichia coli by plasmids have been evaluated. A set of conditions is described under which about one in every 400 plasmid molecules produces a transformed cell. These conditions include cell growth in medium containing elevated levels of Mg 2+. and incubation of the cells at 0 ~ in a solution of Mn 2+, ("a 2+, Rb + or K +, dimethyl sulfoxide, dithiothreitol, and hexamine cobalt (III). Transibrmation efficiency declines linearly with increasing plasmid size. Relaxed and supercoiled plasmids transfol'm with similar probabilities. Non-transforming DNAs compete consistent with mass. No significant variation is observed between competing DNAs of difi~rent source, complexity, length or form. Competition with both transforming and non-transforming plasmids indicates that each cell is capable of taking up many DNA molecules, and that the establishment of a transformation event is neither helped nor hindered significantly by the presence of multiple plasmids. 1. Introduct ion Both gram-posit ive and gram-negative bacteria can take up and stably establish

"Grid" computing has emerged as an important new field, distinguished from conventional distributed computing by its focus on large-scale resource sharing, innovative applications, and, in some cases, high-performance orientation. In this article, we define this new field. First, we review the "Grid problem," which we define as flexible, secure, coordinated resource sharing among dynamic collections of individuals, institutions, and resources---what we refer to as virtual organizations. In such settings, we encounter unique authentication, authorization, resource access, resource discovery, and other challenges. It is this class of problem that is addressed by Grid technologies. Next, we present an extensible and open Grid architecture,inwhich protocols, services, application programming interfaces, and software development kits are categorized according to their roles in enabling resource sharing. We describe requirements that we believe any such mechanisms must satisfy and we discuss the importance of defining a compact set of intergrid protocols to enable interoperability among different Grid systems. Finally, we discuss how Grid technologies relate to other contemporary technologies, including enterprise integration, application service provider, storage service provider, and peer-to-peer computing. We maintain that Grid concepts and technologies complement and have much to contribute to these other approaches.

This is a field report of a three-week experience in Japan, centered on art education in their cultural and social contexts. Beginning with this overarching focus, the themes and patterns that structure this report were emergent, rising from the experience. Those supporting themes are: being in Japan and in Mino city (setting a context); the culture of handmade Washi paper; the qualities of the Washi paper festival; craft as a way of teaching, being and learning; children and their art at school and through the festival, and the importance of ritual. This report is written in a personal narrative style as suggested in contemporary feminist and transactive ethnographic literature. Key Words：cross-cultural art education, feminist, transactive ethnography, Japanese art education Report from Japan: Art,