The Color Line and Georgia History Textbooks: A Content Analysis

Mitchell, Michele D

01 August 2013

The purpose of this research is to define racialized textbook bias, conduct a content analysis of Georgia history textbooks, and answer the following question: how is race framed in contemporary Georgia history textbooks? A content analysis of nine Georgia history textbooks was completed for grades two and eight. A Du Boisian theoretical framing of race prejudice as the macro-social condition of the micro-social process of race was an integral component of the content analysis. The findings revealed the existence of racialized textbook bias in the form of marginalization, compartmentalization, and omission suggesting the continuation of White supremacy and Black oppression in the process of education in Georgia public schools.

Racialized

Textbook

Bias

Omission

Compartmentalization

Marginalization

On Improving the Security of Virtualized Systems through Unikernelized Driver Domain and Virtual Machine Monitor Compartmentalization and Specialization

Mehrab, A. K. M. Fazla

31 March 2023

Virtualization is the backbone of cloud infrastructures. Its core subsystems include hypervisors and virtual machine monitors (VMMs). They ensure the isolation and security of co-existent virtual machines (VMs) running on the same physical machine. Traditionally, driver domains -- isolated VMs in a hypervisor such as Xen that run device drivers -- use general-purpose full-featured OSs (e.g., Linux), which has a large attack surface, evident by the increasing number of their common vulnerabilities and exposures (CVEs). We argue for using the unikernel operating system (OS) model for driver domains. In this model, a single application is statically compiled together with the minimum necessary kernel code and libraries to produce a single address-space image, reducing code size by as much as one order of magnitude, which yields security benefits. We develop a driver domain OS, called Kite, using NetBSD OS's rumprun unikernel. Since rumprun is directly based on NetBSD's code, it allows us to leverage NetBSD's large collection of device drivers, including highly specialized ones such as Amazon ENA. Kite's design overcomes several significant challenges including Xen's limited para-virtualization (PV) I/O support in rumprun, lack of Xen backend drivers which prevents rumprun from being used as a driver domain OS, and NetBSD's lack of support for running driver domains in Xen. We instantiate Kite for the two most widely used I/O devices, storage and network, by designing and implementing the storage backend and network backend drivers. Our evaluations reveal that Kite achieves competitive performance to a Linux-based driver domain while using 10x fewer system calls, mitigates a set of CVEs, and retains all the benefits of unikernels including a reduced number of return-oriented programming (ROP) gadgets and advanced gadget-related metrics. General-purpose VMMs include a large number of components that may not be used in many VM configurations, resulting in a large attack surface. In addition, they lack intra-VMM isolation, which degrades security: vulnerabilities in one VMM component can be exploited to compromise other components or that of the host OS and other VMs (by privilege escalation). To mitigate these security challenges, we develop principles for VMM compartmentalization and specialization. We construct a prototype, called Redwood, embodying those principles. Redwood is built by extending Cloud Hypervisor and compartmentalizes thirteen critical components (i.e., virtual I/O devices) using Intel MPK, a hardware primitive available in Intel CPUs. Redwood has fifteen fine-grained modules, each representing a single feature, which increases its configurability and flexibility. Our evaluations reveal that Redwood is as performant as the baseline Cloud Hypervisor, has a 50% smaller VMM image size and 50% fewer ROP gadgets, and is resilient to an array of CVEs. I/O acceleration architectures, such as Data Plane Development Kit (DPDK) enhance VM performance by moving the data plane from the VMM to a separate userspace application. Since the VMM must share its VMs' sensitive information with accelerated applications, it can potentially degrade security. The dissertation's final contribution is the compartmentalization of a VM's sensitive data within an accelerated application using the Intel MPK hardware primitive. Our evaluations reveal that the technique does not cause any degradation in I/O performance and mitigates potential attacks and a class of CVEs. / Doctor of Philosophy / Instead of using software on a local device like a laptop or a mobile phone, consumers can access the same services from a remote high-end computer through high-speed Internet. This paradigm shift in computing is enabled by a remote computing infrastructure known as the "cloud,'' wherein networked server computers are deployed to execute third-party applications, often untrusted. Multiple applications are consolidated on the same server to save computer resources, but this can compromise security: a malicious application can steal co-existent applications' sensitive data. To enable resource consolidation and mitigate security attacks, applications are executed using a virtual machine (VM) -- an abstract machine that runs its own operating system (OS). Multiple VMs run on a single physical machine using two software systems: hypervisor and virtual machine monitor (VMM). They ensure that VMs are spatially isolated from each other, localizing security attacks. This dissertation focuses on enhancing the security of hypervisors and VMMs. The hypervisor and VMM have multiple responsibilities toward supporting the OS running on the physical computer and VMs. The OS runs software called device drivers, which communicate with input-output (I/O) hardware such as network and storage devices. Device drivers, usually written by third-party and I/O device manufacturers, are highly vulnerable to security attacks. To mitigate such attacks, device drivers are often run inside special VMs, called driver domains. State-of-the-art driver domains use a general-purpose full-featured OS such as Linux, which has a large code base (in the tens of millions of lines of code) and thus, a large attack surface. To address this security challenge, the dissertation proposes using lightweight, single-purpose VMs called unikernels, as driver domain OSs. Their code size is smaller than that of full-featured OSs by as much as one order of magnitude, which yields security benefits. We design and develop a unikernel-based driver domain, called Kite, for network and storage I/O devices. Kite uses NetBSD OS's rumprun unikernel for creating a driver domain OS. Using rumprun unikernel as a driver domain OS requires overcoming many technical challenges including a lack of support in a popular hypervisor such as Xen for performing I/O operations and communicating with rumprun, among others. Kite's design overcomes these challenges. Our empirical studies reveal that Kite is ten times less likely to be affected by future attacks and ten times faster to start than existing solutions for driver domains. At the same time, Kite domains match the performance of state-of-the-art driver domain OSs such as Linux. The hypervisor and VMM are responsible for creating VMs and providing resources such as memory, processing power, and hardware device access. Existing VMMs are designed to be versatile. Thus, they include a large number of components that may not be used in many VM configurations, resulting in a large attack surface. In addition, VMM components are not well spatially separated from each other. Thus, vulnerabilities in one component can be exploited to compromise other components. To address these security challenges, the dissertation proposes a set of principles for i) customizing a VMM for each VM's needs, instead of using one VMM for all VMs, and ii) strongly isolating VMM components from each other. We realize these principles in a prototype implementation called Redwood. Redwood is highly configurable and separates critical I/O components from each other using a hardware primitive. Our evaluations reveal that Redwood significantly reduces the VMM's size and VMM's vulnerabilities while maintaining performance. To enhance VM performance, I/O acceleration software is often used that eliminates communication overheads in the VMM. To do so, the VMM must share VMs' sensitive information with accelerated applications, which can potentially degrade security. The dissertation's final contribution is a technique that strongly isolates and limits access to sensitive information in the application using a hardware primitive. Our evaluations reveal that the technique improves security by localizing attacks without sacrificing performance.

Operating Systems

Unikernels

Virtualization

Hypervisors

VMM

Compartmentalization

The compartmentalization and biomarker analysis of the spivey-grabs-basil field, south-central Kansas

Evans, Drew W.

January 1900

Master of Science / Department of Geology / Matthew W. Totten / The Spivey-Grabs-Basil oil field is a highly developed field in south-central Kansas, having large variability in its production and in the Pineville Tripolite facies. The Pineville Tripolite is the primary producing formation of this field having major isopach variations, possibly influencing production. The hypothesis that the field is highly compartmentalized is from the varied production, isopach and structure of the field. This study investigated the Pineville Tripolite facies in the Spivey-Grabs-Basil Oil Field, with the Basil area the predominant focus, and its possible compartmentalization by looking at the gas chromatograms and their biomarker signatures. This field has had several studies investigating the geophysical attributes, depositional setting and large-scale compartmentalization. Post depositional sea-level changes and possibly syntectonics exposed the Reeds Spring to a sub-aerial environment where meteoric alteration created immense porosity and the Pineville Tripolite facies. Geochemical data shows evidence that this section of the field is sourced from both a marine shale and carbonate source at peak oil maturity, deposited in an anoxic environment. Biodegradation appears very slight, with most alterations transpiring in the alkane ranges only, leaving all other susceptible hydrocarbons unaltered. Compartments within the field are harder to identify when comparing geological data to oil data. Isopach data shows altered thickness of the Pineville Tripolite from well to well, as do Pineville structure values. The isopach and structural data point to possible areas for compartments, but it is from oil geochemical data that compartments become more visible. API gravities and GOR show motley values, but do indicate two significant areas of segregation. The deepest, most southern end of the study showed lighter gravity oils than the middle, suggesting possible fill and spill between the two. However, biomarker abundance indicates three possible compartments. The southern compartment has many more biomarker volumes than do the middle compartment, both divided by a reservoir pinch-out. The third most northeastern well has high biomarker abundance, but shows no geological separators from the other wells. Production from this field may be improved by investigating the biomarkers to allocate these compartments and possible barriers close to wells.

Compartmentalization

Biomarkers

Geology

Geochemistry

Geochemistry (0996)

Geology (0372)

Morphogenèse de compartiments membranaires : formation de l'autophagosome chez les plantes / Morphogenesis of membranar compartments : autophagosome formation in plants

Le bars, Romain

18 December 2013

L'autophagie est un processus permettant la dégradation de constituants cytosoliques dans un compartiment lytique, par leur séquestration au sein d'une vésicule à double membrane : l'autophagosome. L'autophagie est, avec la voie ubiquitine-protéasome, l'une des deux grandes voies de dégradation présente de manière fortement conservée chez les cellules eucaryotes. Présente à un niveau basal, elle peut être stimulée afin de permettre la remobilisation de ressources cellulaires, ou d'assurer des fonctions cytoprotectrices et de détoxification. La formation d'autophagosomes traduit alors la capacité du système endomembranaire à s'adapter aux besoins cellulaires. Cependant, la mécanique membranaire et moléculaire de ce phénomène reste mal comprise. L'objectif de ce travail de thèse était de mieux comprendre la formation de ce compartiment dans la cellule végétale. Pour cela, nous avons tout d'abord mis au point les conditions propices à l'étude de l'autophagie dans la racine d’Arabidopsis thaliana, puis nous avons entrepris l'identification de marqueurs des étapes de formation de l'autophagosome. L'étude par imagerie en temps réel et 3D de la protéine ATG5, impliquée dans l’expansion membranaire, nous a permis de mettre en évidence son recrutement transitoire sur un domaine particulier de l'autophagosome en formation, son ouverture. De plus, l'étude de différents acteurs du système endomembranaire, nous a permis de mettre en évidence et de caractériser l'implication du réticulum endoplasmique et de ATG9, pour aboutir à un modèle de la formation de l'autophagosome chez les plantes. / Autophagy is a catabolic process targeting cytosolic compounds to the lytic compartment after sequestration within a double membrane bound vesicle: the autophagosome. Along with the ubiquitin-proteasome pathway, autophagy is one of the main catabolic processes conserved among eukaryotic cells. Present at a basal level, it can be stimulated to allow: remobilization of cell resources, cytoprotective functions, and detoxification. Autophagosome formation demonstrates the capacity of the endomembrane system to adapt dynamically to the cell's environment. However, the membrane and molecular processes involved are still poorly understood. This work aimed to advance understanding of autophagosome formation in plant cells. First of all, we set up suitable conditions for the study of autophagy in the Arabidopsis root, then we identified markers of the autophagosome formation steps. Live and 3D imaging of the ATG5 protein, involved in membrane expansion, demonstrated its transient recruitment to a specific domain of the forming autophagosome, its aperture. Furthermore, studying different actors of the endomembrane system has allowed us to implicate the endoplasmic reticulum and ATG9, and to establish a model for autophagosome formation in plants.

Autophagosome

Autophagie

Compartimentation cellulaire

Autophagosome

Autophagy

Cell compartmentalization

Characterizing The Role And Regulation Of Glycogen Metabolism In Dendritic Cell Immune Responses

Thwe, Phyu Myat

01 January 2018

Dendritic cells (DCs) are the most potent professional antigen presenting cells (pAPCs) of the immune system and play a fundamental role in coordinating innate and adaptive immune responses. Through the expression of a wide array of pattern recognition receptors (PRRs), such as toll-like receptors (TLRs), DCs recognize a variety of microbial pathogens and infectious stimuli. Stimulation of DCs through TLR ligation results in a rapid series of activation-associated events, termed "maturation," which include the upregulation of surface co-stimulatory molecule expression, inflammatory cytokine secretion, and stimulation of naïve T cells via antigen presentation by MHC molecules. Activation of DCs through TLRs is coupled with an increased metabolic demand fulfilled by a rapid change in DC glucose metabolism and characterized by increased aerobic glycolysis rates. TLR-driven glycolytic reprogramming plays an essential role in generating building blocks required for high level protein synthesis associated with maturation. Although glucose imported from extracellular environments has been broadly considered as the major driver of glycolytic metabolism in immune cells, the contributions of intracellular glucose stores to these processes are not well-defined. The role of intracellular stores of glucose, in the form of glycogen, is widely appreciated in non-immune systems. However, very little is known about the implication of glycogen metabolism in DC immune responses. This work unveils the role and potential regulatory mechanisms of glycogen metabolism in support of DC effector function. The first part of this work primarily focuses on our characterization of the role of glycogen metabolism in early DC activation responses; while in the last chapter, we describe a potential regulatory mechanism of DC glycogen metabolism by activation-associated nitric oxide (NO) production. In this work, we tested the overarching hypothesis that DC-intrinsic glycogen metabolism supports the early glycolytic reprogramming required for effector responses and that nitric oxide can regulate this metabolism. We demonstrate that DCs possess the enzymes required for glycogen metabolic machinery and that glycogen metabolism supports DC immune effector response, particularly during early activation and in nutrient-limited environments. More importantly, we uncover a very intriguing metabolic phenomenon, in which DCs engage in the differential metabolic pathways driven by carbons derived distinctively from glycogen and free glucose. Our studies present the fundamental role and regulatory mechanisms of DC-intrinsic glycogen metabolism and underline the differential utilization of glycogen and glucose metabolism to support their effector responses. Overall, this work adds to a growing field of immuno-metabolism an improved understanding of an intricate layer of metabolic mechanisms that immune cells undertake in response to immune stimuli.

Compartmentalization

Dendritic cells

Glycogen

Glycogen shunt

Metabolism

Immunology and Infectious Disease

Compartmentalized phosphodiesterase 4D isoforms expression, targeting and localization in vascular myocytes

Truong, Tammy

14 March 2014

During the development of atherosclerosis, contractile vascular smooth muscle cells (VSMCs) change to cells capable of migrating and proliferating to mediate repair, where the responses may be adaptive or mal-adaptive in effect. Cyclic adenosine monophosphate (cAMP)-elevating agents have been shown to inhibit migration of VSMC. cAMP activity within the cell is known to be ubiquitous and dynamic, requiring control through signal termination mechanisms for cellular homeostasis. Phosphodiesterase (PDE) enzymes are central to this critical regulatory process catalyzing the hydrolysis of cAMP. A great deal of insight into the role of PDEs in defining compartmentalization of cAMP signaling has arisen predominately from recent studies on the cAMP-specific PDE4 family. Compartmentalization of PDE4 is mediated by their unique N-terminal domains, which have been proposed to provide the “postcodes/zipcodes” for cellular localization. PDE4D isoforms vary widely, yet their conservation over evolutionary time suggests important non-redundant roles in distinct cellular processes. To study the potential role of individual PDE4D isoforms we seek to utilize the unique N-terminal targeting domains that are proposed to be responsible for their protein-protein interactions and site-directed localization. Herein, we report on the expression, targeting and localization of five “long” PDE4D isoforms and the impact on cell morphology of certain amino-terminal domains of individual PDE4D constructs expressing green fluorescent protein (NT-PDE4D/GFP) in human aortic smooth muscle cells (HASMCs). Through the development of engineered NT-PDE4D/GFP expression plasmids, we were able to study the cell biological impacts associated with the overexpression of individual PDE4D amino-terminal variants in HASMCs. We show that NT-PDE4D5/GFP and NT-PDE4D7/GFP expressing cells exhibited an elongated cell morphology, where this effect was much more marked in NT-PDE4D7/GFP expressing cells, exhibiting multiple leading edge structures and highly elongated “tails”. We identify a potential role for PDE4D7 targeting in the regulation of cell polarity and migration. Our results suggest the novel idea that PDE4D7, rather than the four other long PDE4D isoforms (PDE4D3, PDE4D5, PDE4D8, or PDE4D9), represents the dominant PDE4D variant involved in controlling cAMP-mediated effects on cell tail retraction dynamics. / Thesis (Master, Pathology & Molecular Medicine) -- Queen's University, 2014-03-13 13:00:31.684 / Video I: Time-lapse video of GFP-expressing cell migration in HASMC. GFP expressing cells did not differ in cell migration or morphology compared to non-injected control cells. HASMCs were microinjected with GFP construct. Representative images of micoinjected GFP cells were taken 24 h post-injection overnight at 30min intervals using a Zeiss Axiovert S100 microscope and processed as described in Materials & Methods. (10X) / Video II: Time-lapse video of NT-PDE4D7/GFP-expressing cell migration in HASMC. NT-PDE4D7/GFP expressing cells exhibit elongated tail and decrease in cell migration compared to non-injected control cells. HASMCs were microinjected with NT-PDE4D7/GFP construct. Particle tracking of NT-PDE4D7 cells showed cleaving and full detachment of elongated tail. Representative images of micoinjected NT-PDE4D7 cells were taken 24 h post-injection overnight at 30min intervals using a Zeiss Axiovert S100 microscope and processed as described in Materials & Methods. (10X)

cell migration

vascular smooth muscle cell

cAMP

compartmentalization

phosphodiesterase 4D

Improving Desktop System Security Using Compartmentalization

January 2018

abstract: Compartmentalizing access to content, be it websites accessed in a browser or documents and applications accessed outside the browser, is an established method for protecting information integrity [12, 19, 21, 60]. Compartmentalization solutions change the user experience, introduce performance overhead and provide varying degrees of security. Striking a balance between usability and security is not an easy task. If the usability aspects are neglected or sacrificed in favor of more security, the resulting solution would have a hard time being adopted by end-users. The usability is affected by factors including (1) the generality of the solution in supporting various applications, (2) the type of changes required, (3) the performance overhead introduced by the solution, and (4) how much the user experience is preserved. The security is affected by factors including (1) the attack surface of the compartmentalization mechanism, and (2) the security decisions offloaded to the user. This dissertation evaluates existing solutions based on the above factors and presents two novel compartmentalization solutions that are arguably more practical than their existing counterparts. The first solution, called FlexICon, is an attractive alternative in the design space of compartmentalization solutions on the desktop. FlexICon allows for the creation of a large number of containers with small memory footprint and low disk overhead. This is achieved by using lightweight virtualization based on Linux namespaces. FlexICon uses two mechanisms to reduce user mistakes: 1) a trusted file dialog for selecting files for opening and launching it in the appropriate containers, and 2) a secure URL redirection mechanism that detects the user’s intent and opens the URL in the proper container. FlexICon also provides a language to specify the access constraints that should be enforced by various containers. The second solution called Auto-FBI, deals with web-based attacks by creating multiple instances of the browser and providing mechanisms for switching between the browser instances. The prototype implementation for Firefox and Chrome uses system call interposition to control the browser’s network access. Auto-FBI can be ported to other platforms easily due to simple design and the ubiquity of system call interposition methods on all major desktop platforms. / Dissertation/Thesis / Doctoral Dissertation Computer Science 2018

Computer science

browser security

compartmentalization

network security

software security

virtualization

Relationship Between Fault Zone Architecture and Groundwater Compartmentalization in the East Tintic Mining District, Utah

Hamaker, Sandra Myrtle Conrad

16 November 2005

The Eureka Lilly fault zone provides an impermeable barrier for groundwater flow in the East Tintic mining district. The fault zone separates two distinct groundwaters that have different temperatures, compositions, and potentiometric surfaces. The damage zone of the fault is an extensive network of interconnected open fractures and fault intersections that provide conduits for groundwater flow in otherwise impermeable units. The fault core breccia has been re-cemented and mineralized, which eliminates porosity in the rock by creating a thick impermeable zone, which has compartmentalized groundwaters across the fault zone. The compartmentalization of groundwater shows that fault zone variability (from strain partitioning and multiple deformation episodes) make traditional basin flow concepts inaccurate and difficult to apply in this area.

fault zone

compartmentalization

East Tintic

Geology

Hydrology

groundwater

fracture

Geology

RESERVOIR ANALYSIS OF THE CLINTON INTERVAL IN STARK AND SUMMIT COUNTIES, OHIO

Wytovich, Dominick Andrew

24 June 2010

No description available.

Energy

Geology

Geophysics

Clinton

Isopach

Isolith

Stark

Summit

Reservoir Compartmentalization

A Novel Methodology to Probe the Structural and Functional Correlates of Synaptic Plasticity

Laura Andrea Roa Gonzalez (12873056)

15 June 2022

<p>Dendritic spines are mushroom-shaped appendages on the dendritic branches of neurons. They are invaluable to the function of the brain as they form the major site for excitatory signal transmission in the mammalian brain. These ubiquitous structures have several invaluable and unique characteristics – namely that their morphological and functional characteristics are activity-dependent and undergo remodeling as the spine experiences stimulation. This activity-dependent regulation then in turn modulates the excitatory postsynaptic potential that propagates into the adjacent parent dendrite, and which ultimately reaches the somatic compartment. The mediation of this modulatory effect on the postsynaptic signal by dendritic spines renders them invaluable to the brain’s ability to change neuronal circuits as it learns. The relationship between the structural and functional change in dendritic spines as plasticity is induced remains poorly understood; while efforts have been made to examine the morphology of dendritic spines during plasticity as well as the change to receptor insertion on the postsynaptic density, a comprehensive methodology to interrogate the concomitant changes to several aspects of dendritic spine structure and function as plasticity occurs has not been established. In this study, such a methodology was developed in order to facilitate future study of how a dendritic spine’s diffusional neck resistance, head volume, calcium-sensitive channels (on the postsynaptic density), and excitatory postsynaptic potential amplitude change concurrently as the spine undergoes activity-dependent regulation. This activity-dependent regulation also occurs in groups of spines called “clusters” <em>in vivo</em>, and the structural and functional dynamics of spines as these groups are formed also remains unknown. In order to to facilitate future <em>in vivo</em> studies on how clustered dendritic spines may change dynamically in both structure and function, a methodology for surgically accessing and recording calcium-based activity from the primary auditory cortex was developed, as the frequency-specific tuning of dendritic spines in this cortical area forms a compelling environment in which to study the relationship between spine form and function. </p>

Central nervous system

dendritic spines

FRAP

calcium imaging

electrical compartmentalization

biochemical compartmentalization

calcium channel variance

EPSP

primary auditory cortex