Disruption of type III secretion in Salmonella enterica serovar Typhimurium by external gui

韩美娟1，2 1. 河北北方学院药学院，2. 河北北方学院附属第一医院药学部，【摘要】铜绿假单胞菌或获得性耐药。

究PA分泌系统毒力因子的致病机制对预防和治疗其引起的感染具有重要意义。

【关键词】铜绿假单胞菌；【中图分类号】Research Progress on the Secretion System and Virulence Factors of Pseudomonas Aeruginosa外膜中的促胰液素复合物组成。

其中促胰液素所包含的结构已知的膜嵌入C 端结构域和模块化的周质N 端结构域，又与聚集底物和连接内膜配置有关。

其独特的结构组成有利于PA 将结构化的效应蛋白经细胞周表1 I 型分泌系统分泌的毒力因子毒力因子分类活性功能AprA 碱性蛋白酶［3］胞外酶锌依赖性金属蛋白酶破坏已形成的嗜中性粒细胞加重宿主感染；切割宿主免疫补体C2和C3；降解细胞因子干扰素（INF ）-λ和肿瘤坏死因子（TNF ）- αHasAp ［4］ 铁卟啉化合物血红素获得蛋白获取建立感染的必需营养素-铁；血红素的获取和代谢对慢性和急性感染至关重要AprX 碱性胞外酶锌依赖性金属尚不明确蛋白酶［5］蛋白酶表2 Ⅱ型分泌系统分泌的毒力因子T2SS 亚型毒力因子分类活性功能Xcp 系统LasA 弹性蛋白酶（金属蛋白酶）［9］胞外酶β-裂解金属肽酶/丝氨酸蛋白酶切割甘氨酸-甘氨酸肽键；分解宿主细胞表面蛋白多糖，影响信号转导；增强LasB 弹性蛋白酶的裂解活性LasB 弹性蛋白酶［10］胞外酶M4热熔素肽酶家族/锌依赖性金属蛋白酶对宿主防御系统具有强降解性（例如表面活性蛋白a 和D 、补体和粘蛋白）；降解宿主细胞组织蛋白（例如弹性蛋白和胶原蛋白）；阻碍体内离子转运并损伤天然免疫系统，还可能释放利于细菌存活的营养素，在初始发病阶段发挥重要作用PlcH ［11］胞外酶溶血性磷脂酶C 降解磷脂酰胆碱或鞘磷脂，破坏真核细胞结构，为细菌生长提供营养PlcN ［12］胞外酶非溶血性磷脂酶C 降解磷脂酰丝氨酸和磷脂酰胆碱产生磷酸酯PlcB ［13］胞外酶磷脂酰乙醇胺-磷脂酶C水解磷脂酰胆碱和磷脂酰乙醇胺；破坏宿主细胞外膜和遗传物质完整性CbpD 几丁质结合蛋白［14］胞内酶裂解性多糖单加氧酶为细菌在血液中存活提供条件，其催化活性对毒力有实质贡献；影响先天免疫和后天免疫外毒素A （ToxA ）［15］胞外酶ADP -核糖基转移酶参与宿主蛋白合成，突出细胞毒性作用；破坏宿主固有免疫和获得性免疫；损伤细胞组织PrpL［16］胞外酶赖氨酸特异性内肽酶（蛋白酶Ⅳ）降解纤溶酶原免疫球蛋白和补体成分；抑制成纤细胞、角质形成细胞和内皮细胞的生成；切割白细胞介素（IL -22），破坏先天防御屏障LipA ［17］ 胞外酶三酰基甘油酰水解酶通过静电作用与细菌外膜基质中的多糖海藻酸盐相互作用，促进生物膜的形成LipC［18］胞外酶脂肪酶促进细胞聚集，影响细菌生物膜的遗传特性，直接或间接的影响黏液性生物膜的形成；可能还与细菌游动以及鼠李糖脂的形成有关PhoA ［19］ 胞外酶碱性磷酸酶去除核苷酸、蛋白质以及生物碱中的磷酸基团；在碱性条件下发挥出更强的作用PaAP ［20］胞外酶氨肽酶满足细菌利用蛋白质作为营养供应的需求；与细菌外膜囊泡形成有关；影响细菌生物膜的形成绿脓素（PCN ）［21］次级代谢产物，三环吩嗪氧化-还原活性两性离子具有肠道吸收、血浆蛋白结合潜力和跨生物膜通透性；重要的氧化还原性毒力因子；诱导中性粒细胞凋亡，破坏免疫调节功能，增加细胞毒性Hxc 系统LapA 磷酸结合蛋白［22］胞外酶碱性磷酸酶在细菌生物膜的形成中至关重要Txc 系统CbpE ［23］膜蛋白甲壳素结合蛋白与CbpD 具有部分同源性；与细菌的发育、黏附和信号转导有关；可当作碳源质分泌到宿主细胞的外环境，进而导致一系列的细胞损伤［7］。

S ECURITY E NGINEERING WITH P ATTERNSMarkus Schumacher1and Utz Roedig2Darmstadt University of TechnologyDepartment of Computer Science1IT Transfer Office(ITO)markus.schumacher@ito.tu-darmstadt.de2Industrial Process and System Communications(KOM)utz.roedig@kom.tu-darmstadt.de6th March2002AbstractConducting digital business requires secure network and application architectures.The recently increasing occurrence of severe attacks has shown,however,that we will still need quite some time and effort to reachsecurity standards of IT systems alike the standard already usual in otherfields.At present,there is a huge gapbetween theory and the code of practice.Whereas scientists work on formal approaches for the specification andverification of security requirements,practitioners have to meet the users’requirements.The Pattern Communityrecognized this problem,too.Patterns literally capture the experience from experts in a structured way.Thusnovices can benefit from know-how and skills of experts.Hence,we propose to apply the pattern approach to thesecurity problem.We show that recent security approaches are not sufficient and describe how Security Patternscontribute to the overall process of security engineering.A Security Pattern System provides linkage betweenSecurity Patterns.Thus dependencies between specific security problems can be considered in a comprehensiveway.1IntroductionConducting digital business requires secure network and application architectures.The result of a well-engineered security system must be an architecture that ensures specific security aspects such as privacy,confidentiality, integrity and availability.The occurrence of the Love Letter virus or the Distributed Denial-of-Service attacks against famous web sites in the beginning of2000has shown,however,that we will still need quite some time and effort to reach security standards of IT systems alike the standard already usual in otherfields.The following examples show that we obviously do not learn from past security incidents and that we make the same mistakes over and over again:1.Virus Attacks.In March1999,the Melissa macro virus within a Microsoft Word document having beendistributed via the email program Microsoft Outlook,caused severe damage(about80million dollars).The reason was that Microsoft Word was able to(mis)use the e-mail interface of Microsoft Outlook.In March2000,the Love Letter virus caused a damage of10billion dollars.This virus used almost the same methods as thefirst one,i.e.the e-mail functions of Microsoft Outlook could be used to spread all around the world.2.Virtual Private Networks(VPN).The specification of the Point to Point tunneling Protocol(PPTP)isconsidered to be secure.During the implementation for the Windows NT platform some basic mistakes have been made though[SM98].The establishment of an encrypted link requires a shared secret between both VPN endpoints.Unfortunately,the chosen shared secret based on the Windows password scheme, which is known to be breakable and insecure.As a consequence,the overall implementation of PPTP was insecure.A very important issue is a more comprehensive view of security since security obeys the rule that a chain is as weak as its weakest link.At present,there is a huge gap between theory and the code of practice.Scientists develop formal approaches for the specification and verification of security requirements of IT-systems.The prac-titioners follow specific methodologies in order to meet the users’requirements such as performance,usability, and reliability.Unfortunately,security is merely treated as add-on.Furthermore,today’s software engineering practices don’t consider security sufficiently.The Pattern Community is aware of this problem,too.Patterns are a concept to solve recurring design prob-lems in a literary form.As written in[Cop97]”each pattern is a relationship between a certain context,a certain system of forces which occurs repeatedly in that context,and a certain spatial configuration which allows these forces to resolve themselves.”Patterns capture the experience from experts in a structured way.Thus novices can benefit from know-how and skills of people who have put more effort into understanding contexts,forces,and solutions than novices have done or want to do.As there is a visible deficit in security engineering,we propose to apply the pattern approach to the security problem.A Security Pattern System provides linkage between various Security Patterns.Thus dependencies between specific security problems can be considered in a comprehensive way.As shown in this paper Security Patterns have several advantages:•Novices can act as security experts.•Security experts can identify,name and discuss both problems and solutions more efficiently.•Problems are solved in a structured way.•Dependencies of components can be identified and considered appropriately.The remainder of this paper is organized as follows:in Section2we describe basic reasons for the problems in thefield of IT-security.In Section3we compare some well-known methodological approaches for establishing security.We have a look at the benefits and drawbacks of each concept.In Section4the concept of security patterns is introduced.We redefine a template for security patterns,present some basic definitions and the related work.In Section5we envision the possibilities of security engineering with patterns.In order to underline this we show the benefits of this approach with a real world scenario.Finally,a summary of the contribution of this document and an outlook into the future work is given in Section6.Appendix A contains the pattern system we used in this document.2Security and the Human FactorThe main reason for the existing problems is that security engineering is no technical problem in thefirst place. Security is always implemented by humans on request of humans.Thus the human factor influences IT-security in significant ways:•Security engineering by non security experts.With the exception of cryptography,the science of IT security is quite new and covers multiple disciplines such as operating systems,computer networks and software engineering.It is very difficult to make IT-systems secure as there are many different components and mechanisms involved.In addition,trust relationships change frequently,which makes an analysis of all security requirements very hard.One cannot assume that the average system developer or architect isa skilled security expert,too.We should notice that in most cases security engineering is done by non-security experts.For example,the developer of an IT-system has to implement the necessary security features to some extent as an add-on.In most cases the developer is an expert regarding the system’s functionality,but not regarding its security.•Structured problem solution.When people try tofind a solution for a problem,they often follow an ad-hoc approach.The impact on elements aside the adopted solution are overseen in most cases[Dor97].A good example is the handling of system passwords:a system administrator wants to prevent that theusers chose weak passwords.Thus he configures the system to enforce strong passwords,i.e.a user cannot enter passwords that don’t meet certain criteria(password must not be contained in a dictionary).This solution is straight forward.Unfortunately,the administrator doesn’t realize that nobody can remember strong passwords any longer.As a consequence,users might start to write their passwords on a slip of paper that could be found under their keyboard,or even worse,pinned on their monitor.•Scope dependencies and completeness.IT-security is a very complex area with manifold dependencies.Even if all dependencies are identified,it might be difficult to consider all of them appropriately.A Web server serves as a good example:the administrator canfigure out whether the Web server software is secure or not.But probably he cannot decide whether the combination of Web server,operating system and hardware components is secure.The overall system is too complex to be considered as a whole.Often, the developer or administrator of a specific component doesn’t even want to worry about security outside his area of responsibility,e.g.the Webmaster only cares about his Web server.Security engineering making sense should be possible without knowledge of the whole security scope and all its dependencies.•Time dependencies.IT-Security is also time-dependent.A system that is considered to be secure today may be insecure tomorrow.Statements about the system’s security are only valid with time references.For instance,the strength of cryptographic algorithms typically is founded on difficult mathematical problems.If a geniusfinds a solution for such a problem,security suddenly disappears.Security engineering could be done more efficiently if people get support with handling the aspects described above.This support should comprise appropriate methods and tools.3Methodologies for Security EngineeringIn recent years a number of security methodologies have been developed to assist organizations in establishing and maintaining security.These methods differ regarding their structure,granularity,flexibility,usability,costs, or whether they are formal or informal.In this section we outline the characteristics of some well known methods. Then we describe how the aspects stated in the previous Section are addressed.3.1Security PolicySecurity activities usually begin with the development of a security policy.In general policies describe the use of an institution’s information.At a system level,the security policy enumerates objects and assets as well as threats targeted on them.Furthermore,the security-level envisaged is described[CZ95].Subsequently this security policy is applied to IT-systems.In practice,the security policy is a simple informal text document.Regarding the problems stated in Section2,an informal security policy has several serious drawbacks:it does not help to recognize dependencies between various aspects,it contains a monolithic and linear description of problems and solutions,interferences of different sections are not obvious.Furthermore,real-world security policies never reflect the actual security situation and are always out-dated,as many parameters(e.g.requirements or attacks)change frequently.Besides,the person writing the document has to know a lot about security,as no aspect of security should be missed.3.2Evaluation CriteriaThe evaluation of the security of IT-systems is very important for military,intelligence and more and more public organizations.Thus a variety of evaluation criteria and security guideline documents have been developed by various governments in cooperation with some large organizations.Prominent examples are the Trusted Computer System Evaluation Criteria(also known as“Orange Book”)and the Common Criteria.All criteria define different levels at which IT-systems can be evaluated and compared.The levels represent different sets of functionality and an increasing level of assurance.The primary goal is to prove that the system fulfills certain requirements regarding its protection mechanisms and that the correctness of the implementation meets a certain assurance level.However,evaluation criteria have the following drawbacks:they focus on individual targets of evaluation (TOE).Therefore dependencies to other IT-systems and components could be missed easily.Besides,the evalu-ation of IT-systems according to any criteria is a costly and time-consuming task.Thus it is difficult to keep the evaluation results of a TOE up-to-date.Furthermore,it is difficult for the layman to perform such evaluations as the process very complex and requires a lot of background knowledge.3.3Tree RepresentationsSeveral approaches with symbolic tree representations have been developed.Typically they are often based on AND/OR trees that allow some basic calculations if values are assigned to the nodes such as the cost of an attack. The values can be propagated up the tree to the root.Another result could be which attack would be the most likely one,if the values possible and impossible are assigned to the tree nodes.There are Fault Trees(determine system failures that could stop the functionality of a system,see[KM94]),Threat Trees(identify threats to a system,see[Amo94])and Attack Trees(identify possible attacks to a system,see[Sch99]).As the tree approaches cover only single aspects,they can only be a part of an overall security methodology. Tree approaches are a good way to identify threats,faults,or attacks in a systematic way.On the other hand the process of creating any of these trees still requires a lot of security know-how.If you are a novice in thefield of security,it is very likely that you will forget some aspects but as written in[Sch00]“creating(attack)trees requires a certain mindset and takes practice”and“you’ll get better with time”.As a sufficient coverage of all considered aspects(e.g.attacks or threats)is desired,something like a(e.g.public)tree repository is needed. Furthermore,periodical reviews have to defined in order to keep the trees up-to-date.3.4Formal MethodsSecurity is a current hot topic in the formal methods community.Typically formal methods are applied to proto-cols for authentication,fair exchange,electronic commerce,and electronic auctions.Policies in a formal way and especially authorization policies are used in the area of management of dis-tributed systems.There exists different languages[DDLS01]to describe policies in a formal way and also mechanisms to check consistency and conflicts[SX01].Typically formal methods are applied only to specific problem areas such as smart-cards or cryptographic rger systems cannot be handled with formal methods due to increased complexity and dependencies. They deliver important contributions to thefield of security.But the layman cannot be expected to have the required mathematical background.The verification of a system can be only as good as the assumptions that have been postulated.Thus the biggest challenges of the formal method community will always be to improve the specification capabilities.This could be a difficult task as systems become more and more complex.Other exercises will be to push the integration of formal methods into the overall process of engineering,to obtain tool support,and to cope with partial specifications.3.5Semi-formal ApproachesData-,function-and object-oriented modeling methods are counted among the semi-formal approaches.They are characterized through different graphical elements but also linguistic elements.An example of data modeling techniques is Entity Relationship Modeling(ERM),for object-oriented modeling the Unified Modeling Language (UML).The usage of UML class diagrams offer the possibility to describe a role,his characteristics and relations between roles.Statecharts can be used to describe the behavior of elements or roles.Activity graphs,sequence diagrams,and collaboration diagrams are used to describe the cooperation of the different elements of the whole system.Condensed,regarding to the aspects from Section2,semi-formal approaches,especially UML,offer a struc-tured way to describe systems and possibilities to show dependencies between elements.The disadvantage of these methods is that an automated validation isn’t possible.However,UML can be made more formal by writing constraints in Object Constraint Language(OCL)as part of the model.The advantages of these methods espe-cially of UML over the formal methods are that they are human-readable,depict and useful for non-modeling experts also.4Security PatternsPatterns are a hot topic in the software community.They describe recurring solutions to common problems in a given context and system of forces[Ale79].Meanwhile patterns can be found in many problem domains,e.g. Human Computer Interaction(HCI)or Teaching and Learning.In this section we define some basic terms and concepts of security patterns.Furthermore,we present the related work.4.1Template for Security PatternsPatterns are a literary format for capturing insights and experience of expert designers and communicating it to novices.Both the definitions of a security pattern and a security pattern system that are presented below are based on the descriptions that are given in[BMR+96].We show what additional aspects are necessary to make a pattern to a security pattern.Definition1(Security Pattern)A security pattern describes a particular recurring security problem that arises in specific contexts and presents a well-proven generic scheme for its solution.The more information a pattern has,the more important structure becomes[Vli96].Structure leads to uni-formity of patterns.Thus people can compare them easily and search for information in a systematic way.Less structure means more informal text,which might befine for casual reading but unacceptable for comparison and reference purposes.Introducing the key elements of security patterns we follow the Mandatory Elements Present pattern[MD96].We make use of the terminology given in the Common Criteria[CC99].•Name:Certainly security patterns aren’t different to“normal”patterns with regard to their name.The name of the pattern becomes a part of the vocabulary of the community.It should be easy to remember and refer to.A good name should be evocative and give an image what the pattern might be about.•Context(and Related Patterns):Based on a scenario the context of the security pattern is illustrated.The general conditions under which the problem does occur and which forces do emerge are described.It is useful to list context setting security patterns,too.As some countermeasures may introduce other vulnerabilities,additional security patterns should be considered in the related patterns section,too.The same is valid for problems that are solved partly or couldn’t be considered within the given security pattern.That way a pattern hierarchy will be formed.•Problem:The Problem statement defines the problem that will be solved by the security pattern.The major aspects of the problem are elaborated by the viewpoint of the Forces to be solved.In thefield of security a problem occurs whenever a system component is protected in an insufficient way against abuse.Generally spoken we have to deal with generic Threats i.e.a potential for the violation of security.A threat is a possible danger that exploit Vulnerabilities.A typical threat action is an Attack that lead to security violations such as disclosure,deception,disruption and usurpation.Thus we propose to use Attack Trees (see section3.3)in order to identify attacks in a systematic way.Other Forces could be trade-offs between security and other aspects such as usability and performance,too.The perception of threats is determined by certain Security Objectives that may be written down as Security Policy Statements.•Solution:This section describes the Solution of the Problem.Appropriate solutions are determined by the Context of the pattern.Countermeasures have to be applied in order to reduce the Risk.For each Threat/Attack there should be at least one countermeasure.It is useful to warn from pitfalls(how does this pattern become an Anti-Pattern)and refer to variants of the pattern.There are also some optional elements that can be applied if they improve the comprehension of a security pattern.The Aliases section lists other names by which this security pattern might be known.Certain diagrams can be used to illustrate Structure of and Interactions between the participants of a security pattern.Security has impacts on many other requirements such as performance and usability.Thus it could be helpful to enlist the Consequences of the application of an security pattern.The benefits and drawbacks of a security pattern can be discussed.In order to illustrate the application of the pattern,concrete Examples could be provided[MD96]. Useful are code or configuration samples as well as some sketches.Analogies to real-world scenarios are also suitable such as the Running Example of a military base that were used in[YB97].As we have already denoted, security is always hard to proof.In fact it’s much more easier to show that something went wrong.We can use a Counterexamples section in order to show how the Security pattern can be applied in the wrong way,i.e.it becomes an Anti-Security pattern.Analogous to[BMR+96]we prefer the notion of a security pattern system.A security pattern doesn’t exist in isolation,there are many interactions with other security patterns.The security pattern system describes the relationships and the linkage between individual security patterns.Thus dependencies between specific security problems can be considered in a comprehensive way.As thefield of security is very broad,we cannot speak of a pattern language,that implies the complete coverage of every aspect of the problem rmally a security pattern system can be defined as follows:Definition2(Security Pattern System)A security pattern system is a collection of security patterns,together with guidelines for their implementation,combination and practical use in security engineering.A formal model of a pattern system,that is independent of a problem domain,has been introduced in[Bor00]. In[Sch01a]we applied a slightly modified version of this model.It turned out that it is sufficient to refer only to mandatory elements of patterns[MD96].These elements allows to represent pattern systems as directed acyclic graphs and to perform basic reasoning,e.g.if a cycle occurs there must be something wrong with the process of abstraction.Many pattern practitioners think that formal approaches should not be applied to patterns [BMR+96].Formal models are,however,especially required in thefield of security to proof that certain security requirements are met.In5.2we describe what we expect from the usage of a formal model in the context of security patterns.As a security pattern system covers only certain aspects of security,it should meet at least the following requirements[BMR+96]:it should comprise a sufficient base of security patterns;all its security patterns should be described uniformly;the relationships between security patterns have to be exposed;it must support the security engineering process;its own evolution must be supported.4.2Related WorkWe are aware of the following contributions which focus on security related patterns.An up-to-date list of patterns related to security can be found at[Sch01b].In order to reflect the evolution of security patterns they are presented in chronological order.•Application Security.In[YB97]a framework to build secure applications is introduced.In order to take advantage of the security of underlying systems,an interface for a Secure Access Layer is described.The Single Access Point restricts the entries into the application.The Check Point allows to make appropriate decisions when dealing with security breaches.In order to achieve access control,Roles that grant or deny rights are assigned to groups of users.A Session allows to distribute global user information such as the user’s identity.Eventually two patterns that deal with human computer interface(HCI)aspects are provided.According to their Role the user’s possibilities are restricted with a Limited View of legal options or they are given a Full View With Errors,when their privileges are not sufficient to perform certain actions.Although the secure access layer is introduced the linkage to low-level security services such as cryptog-raphy isn’t stated explicitly.•Cryptographic Software.Cryptography is the classic area of IT-security.In[BRD98]a set of nine pat-terns for building cryptographic software components is introduced.The focus is on the traditional aspects of security,i.e.confidentiality,integrity,authentication and non-repudiation.The Information Secrecy pattern describes how to keep messages secret from an attacker(confidentiality).The Message Integrity pattern shows how to prevent that an attacker modifies or replaces messages without the sharing of cryp-tographic keys.The Sender Authentication pattern illustrates how messages can be authenticated with the usage of cryptographic keys.The Signature pattern describes how it can be prevented that communicating parties cannot repudiate a message(non-repudiation).Based on this four generic cryptographic patterns, the remaining ones are derived,such as Secrecy with Integrity and Secrecy with Sender Authentication.Together they form a Generic Object-Oriented Cryptographic Architecture(GOOCA).•The Authenticator Pattern.The work presented in[BDdVF99]describes a single Pattern that“performs authentication of a requesting process before deciding access to distributed objects.”With respect to secu-rity the authors identified relationships to patterns for authorization as introduced in[FH97]and[NG98]•Authorization Patterns.Several contributions deal with authorization.In[HLF00]the security func-tions of authentication,access control and datafiltering in a distributed environment are combined in a framework.This framework consists of the following patterns:Data Filter[FF99],Bodyguard[NG98], RPC Client[HF99]and Authenticator[BDdVF99].These patterns and a security model structure build the Object Filter and Access Control Framework.In[Fer00]some authorization patterns are discussed,namely Authorization Rules and Role-Based Access Control.The clue is that metadata constraints are used to define authorization.Furthermore,architectural levels(based on the Layer pattern[BMR+96])are defined whereas each level has its own security mech-anism and security enforcement.The combination of a layered architecture that includes a metalevel and patterns are a promising approach for a security pattern system.Picking up this work,a pattern language for security models is given in[FP01].There are patterns for established security models:the Authorization pattern(access matrix),Role-Based Access Control pattern and Multilevel Security Pattern(Bell-LaPadula).It is suggested how these abstract patterns can be applied to all levels of the layered architecture.The work on security patterns has evolved over the past years.Today a mixture of single patterns,frameworks and pattern languages is available.The following topics are,however,left for future work:•As written in[MM97],a sense of scale is missing from most software design patterns.Especially in thefield of security it is very important to have several levels of abstraction and different views on IT-systems.It is left for future work to identify a suitable classification scheme for security patterns.Good starting points are the pattern categories that are introduced in[BMR+96]:architectural patterns,design patterns and idioms.Other promising work is the Layer model described in[Fer00]and the OM-AM framework introduced in[San00].Such approaches help to“put things in perspective and to emphasize the encompassing nature of security[FP01].•The application of security patterns at other layers has to be considered.For example the Check Point pattern[YB97]does also apply at the system and distribution layer:firewalls are in fact check points.•Besides,the pattern approach can be applied to many other security concepts such as cryptographic keys, protocols(e.g.SSL)and algorithms(such as hashes,signatures,and encryption)that could be included ina security pattern system(mining and refactoring of security patterns).•All security patterns have certain commonalities,or“junction points”where they could be grouped to-gether,to form“the”pattern language(or as we prefer to say pattern system)for the security domain.In future we should think about suitable junction points and concepts for merging security patterns should be developed.The layer approach given in[Fer00]and[FP01]provides a good starting point in this direction.5Security Engineering with PatternsIn this Section we explain why security patterns are a suitable approach for security engineering.Then we envision the possibilities of tool supported security engineering with patterns.We introduce our latest activities in this area,too.Then we discuss the benefits of this approach with the aid of a real world scenario in the area of secure networks.The patterns used in this Section can be found in Appendix A.Finally we discuss research topics that aren’t covered in a satisfactory way.5.1Patterns and IT SecuritySecurity patterns are a suitable approach for security engineering.As shown in the following all important aspects that were given in the problem statement in Section2can be covered:•Security engineering by non security experts.Security patterns capture the know-how and skills of security experts.Thus Security Patterns enable novices to act as security experts.Experts use the security patterns as a common and powerful vocab-ulary in order to deal with security problems and solutions.The members of a security pattern community can identify,name and discuss both problems and solutions more efficiently.The systematic analysis of known security breaches will reveal bad practices(anti-patterns).Based on this,refactored solutions can be developed and published as best practice security patterns.•Structured problem solution.Security patterns prevent ad-hoc problem solutions,as they help tofind proven solutions in a systematic and structured way.As security patterns are linked to related security patterns,the impact of certain decisions becomes evident.Side-effects and alternative solutions can be identified easily.•Scope dependencies and scope completeness.。

The Four Stages of Bee GrowthThe life cycle of a bee is a fascinating journey that unfolds through four distinct stages: egg, larva, pupa, and adult. Each phase contributes to the development of a fully functional bee, essential for the survival and prosperity of the hive.The journey begins with the egg stage, the first and most fundamental phase of bee growth. The queen bee, the reproductive heart of the colony, is responsible for laying these eggs. She selects a cell within the honeycomb, a hexagonal structure built by the worker bees, as the perfect incubator for the next generation. The eggs are tiny, yet they carry the genetic blueprint for the future bees. Once laid, the eggs are incubated by the surrounding worker bees, who maintain a constant temperature within the hive to ensure optimal conditions for growth.After about three days, the eggs hatch into larvae, the second stage of bee development. These larvae are tiny, white, and worm-like, completely dependent on the worker bees for nourishment. The larvae are fed a diet of royal jelly, a nutrient-rich secretion produced by the glands of worker bees. This diet is crucial for the larvae's growth and development, particularly for those destined to become queens, as theyrequire a higher concentration of royal jelly to reach their full potential.As the larvae grow and molt several times, they enter the pupal stage, a transitional phase between larva and adult. During this time, the larva undergoes profound physical changes, transforming from a legless grub into a recognizable bee. The pupal stage lasts for approximately eight to ten days, during which the bee's eyes, antennae, legs, and wings develop. This is a critical period, as any disruption to the pupal chamber or changes in environmental conditions can fatally impact the developing bee.Finally, the bee emerges from the pupal case as a fully formed adult. This emergence, known as eclosion, marks the beginning of the bee's adult life. Depending on its caste, the bee will assume different roles within the hive. Worker bees, the most numerous caste, are responsible for a wide range of tasks, including foraging for food, caring for the young, and maintaining the hive. Queen bees are the reproductive queens of the colony, while drone bees, the male members of the hive, are primarily involved in mating with queens.Each bee, regardless of its role, contributes to the overall health and success of the hive. The intricate dance theyperform to communicate the location of food sources, their tireless efforts to gather nectar and pollen, and their dedication to the care of the young are all essential components of the hive's survival.The four stages of bee growth are not only fascinating in their complexity but also serve as a testament to the resilience and adaptability of these remarkable creatures. From the delicate egg to the fully functional adult bee, each phase represents a crucial step in the continuation of the bee species. The hive, a bustling metropolis of activity and cooperation, is a testament to the power of collective effort and the beauty of nature's design.Moreover, the bee's lifecycle offers valuable insights into the natural world and the interconnectedness of all life. Bees play a crucial role in pollination, a process that is essential for the reproduction of many plant species and, ultimately, the maintenance of our ecosystems. Their decline, due to factors such as habitat loss, pesticide use, and climate change, has sparked global concern over the impact on biodiversity and agricultural productivity.Understanding the stages of bee growth, therefore, not only enhances our appreciation for these insects but alsohighlights the importance of protecting them and their habitats. As we learn more about the intricate lives of bees, we gain a deeper understanding of the natural world and our role in preserving it for future generations.In conclusion, the four stages of bee growth represent a remarkable journey from the minuteness of the egg to the vibrancy of the adult bee. Each phase is essential for the development of a healthy and functional bee, crucial for the survival and prosperity of the hive. By understanding and respecting the lifecycle of bees, we can better appreciate their role in nature and work towards safeguarding their future.。

Unit 11. constituent (components): component part 成分2. conceive (conceptualize): To form or hold an idea: 构想出：构想出或持有一种想法3. synthesis (making a complex whole by combining ideas): The combining of separate elements or substances to form a coherent whole. 综合：把分别的元素或物质连接成连贯的一个整体4.evolve (develop): To develop or achieve gradually: 使发展：逐渐发展或完成5. venom (poison): A poisonous secretion 毒液：一种诸如蛇、蜘蛛等动物的有毒的分泌物6.matriculation (admission): to be formally admitted to study at a university or college 入学7.proprietary (with the exclusive legal right)：专有的8.highlight (emphasize)：underline 使…显得重要；强调Unit 21.ill-bred (badly behaved): rude or behaving badly,没教养的2.break down (destroy): 损坏3.conceited (self-important): Holding or characterized by an unduly high opinion of oneself; vain. 自负的4.malicious (hateful): very unkind and cruel 充满憎恨;有恶意的pliment (praise): An expression of praise, admiration, or congratulation. 恭维：赞美6.opponent (rival): One that competes 竞争对手7.be entitled to (be worthy of配得上): have the right to do [entitle 有资格]8.alight (get off): To come down and settle, as after flight: 下来9.seniority (high standing through long service)：资历深的人, 年资高的人.Unit 31.scramble (hasty movement)：move quickly 快速移动hasty 急速的2.expertise (knowledge)：Skill or knowledge in a particular area. 专门知识3.disruption (disturbance)：a situation in which something is prevented from continuing in its usual way 扰乱4.renaissance (revival)：A rebirth or revival. 复苏;复兴5.assumption (supposition)：Something taken for granted or accepted as true without proof; 假定，假设6.dexterity (skill of the hand)：Skill and grace in physical movement, especially in the use of the hands; adroitness. 灵巧，敏捷：体育运动熟练或动作优雅，尤指手的使用；灵活7.manipulate (handle with skill)：To operate or control by skilled use of the hands; 通过用手的技巧来操纵或控制8.sleight (skill)：Skillfulness in the use of the hands or body 技巧9.autism (self-absorption)：Abnormal introversion and egocentricity; acceptance of fantasy rather than reality. 孤独症,自我中心主义.10.g et to grip with (cope with): to begin to understand and deal with sth difficult 开始理解并着手处理难题Unit 41.hypothetical (theoretical): based on a situation that is not real, but that might happen 假定的2.put a premium on (encourage): 奖励，鼓励，重视3.demography (scientists in the field of vital [生命的] and social statistics): 人口统计学4.primal (fundamental): Of first importance; 最重要的；主要的5.nascent (burgeoning): Coming into existence; emerging: 开始形成的；出现的/出芽6.prognosis (prediction): A prediction of the probable course and outcome of a disease. 预测：判病7.scalded (burnt): 烫伤的8.convulse (shook violently)：To shake or agitate violently 使…强烈地震动或狂躁不安9.undeterred (not discouraged)：not discouraged 未受挫折的[un 否定+deter 阻止v. + [r] ed =undeterred 未被阻止的] 10.p erforate (penetrate)：To pierce, punch, or bore a hole or holes in; 刺穿11.u nflappable [flap恐慌] (composed)：having the ability to stay calm and not become upset, even in difficult situations 镇定的12.i ncur (invite)：To become liable or subject to as a result of one's actions; bring upon oneself: 招惹Unit 51. phenomenal (extraordinary)：outstanding: 非凡的；杰出的2. unveil (uncovered)：To remove a veil or covering from. 把面纱或覆盖物从…上拿下3. wane (decline)：To decrease gradually in size, amount, intensity, or degree. 衰退4. confide (tell confidentially)：To tell (something) in confidence. 吐露：告知秘密的（事物）5. repel (defeat)：To ward off or keep away; drive back: 击退：击退或赶回；驱除6. give away (reveal)：disclose 揭露泄露7. macabre (frightful)：Suggesting the horror of death and decay; gruesome: 恐怖的，阴森的8. chart (map)：To make a map of 绘制…的图表9. mesmerized (fascinated)：To spellbind; enthrall: 迷人的10. succumb (die from)：由于……死亡11. autopsy (examination of a dead body)：尸体解剖12.piece together (assemble)：To bring together；拼凑Unit 61.awry (wrong)：Away from the correct course; amiss偏差地，错误地2.overblow (exaggerated)：Done to excess; overdone:做过头的；过分的3.churn out (produce in large amounts)：大量生产4.dearth (shortage)：A scarce supply; a lack. 不足；缺乏5.reprimand (reproach)：To reprove severely, especially in a formal or official way；严厉训斥，尤指以正式的或官方的形式6.be attributed to (be due to) :归因于7.fatal (deadly)：Causing or capable of causing death；致命的：引起死亡的8.vendor (seller)：someone who sells things, especially on the street 街边摊贩9.voluntary (unforced)：Arising from or acting on one's own free will；自愿的10.s ubmit (send)：give sth (to sb/sth) 递交11.o versight (supervision)：Watchful care or management; 照管，监督12.c ounsel (advise)：to advise someone. 建议Unit 71.avarice (greed)：Immoderate desire for wealth; cupidity. 贪婪2.memoir (records of one`s life and experiences)：An account of the personal experiences of an author. 自传3.anecdote (short narratives concerning interesting events) : 轶事，趣闻：4.register (records of names or events): A formal or official recording of items, names, actions or events 正式记录，官方登记5.whisk away (going lightly and quickly)：轻,迅速地走6.poach (hunt illegally)：非法捕猎7.agog (eager)：Full of keen anticipation or excitement;渴望的8.on the sly (sneakily)：in a manner intended to avoid notice；秘密地9.lust (desired passionately)：An overwhelming desire or craving: 强烈的欲望10.on the track (close upon) :步入正轨，接近11.croon (sing in a low, soothing sound)：To hum or sing softly or soothingly 轻柔地哼，轻柔地唱12.wizard (magician): One who practices magic; a sorcerer or magician. 巫师：从事妖术的人；魔术师Unit 81. specified (stated exactly): To state explicitly, exactly or in detail: 明确说明或详明指明2. panorama (vista): An unbroken view of an entire surrounding area; 全景3. buoyant (cheerful)：Lighthearted; gay 轻松的，轻快的4. impairment (loss)：the fact that a part of your body is unable to do something fully 缺陷5. incredulous (dubious)：Skeptical; disbelieving；dubious 怀疑的；不相信的6.convolution (twisting)：a fold or twist in something which has many of them 盘旋结构7. pageant (spectacle)：a series of historical events that are interesting 壮观8. chronic (constant)：Of long duration; continuing:长期的；持续的Unit 91.tangible (perceptible)：Discernible by the touch; palpable；可感知的2.on the same plane (on the same level)在同一水平上3.sporadically (occasionally)：happening fairly often, but not regularly 偶然地4.paradoxical (self-contradictory)：a statement that seems impossible because it contains two opposing ideas that are both true；自相矛盾的5.in a position (well-grounded) : fully trained in an activity or skill; 精通的6.localize (locate)：To make local 使……具有地方性7.live (act out) : To practice in one's life 实行8.inhibition (restraint)：The act of inhibiting or the state of being inhibited；禁止9.primordial (primeval)：Being or happening first in sequence of time; original; 原始的10.i ntrigue (fascinate) : To arouse the interest or curiosity; 激起…的兴趣或好奇心11.s ynthesize (combine) : To combine so as to form a new, complex product: 综合Unit 101.agonize over (suffered painfully because of sth) : 为……所煎熬2.tied up (busy): not available 忙碌的3.meekly (gently and uncomplainingly) : very quietly and gently and unwilling to argue with people 温顺的4.give sb a black eye (beat sb very hard) : 揍某人一顿5.stark (bare) : blunt 生硬的：不加掩饰的6.plain (clear) : Free from obstructions; open; 清晰的，清楚的：毫无阻碍的7.to the letter (exactly) : 严格地不择不扣地8.zest (eagerness): Flavor or interest; piquancy; 兴趣：爱好或兴趣；刺激9.follow through (carry out exactly to the end)：坚持到底10.stall (delay) : to deliberately delay because you are not ready to do something, answer questions 拖延11.e xasperating (irritate): extremely annoying or irritating 使人恼怒的12.m ediocre (not very good)：Moderate to inferior in quality; ordinary; average 普通的：质量中等偏下的Unit 111.stricken (sorrowful): very badly affected by trouble, illness, unhappiness; 受打击的2.plod (trudge)：To move or walk heavily or laboriously; 沉重缓慢地行走arre (strange): very unusual or strange; odd 古怪的4.attire (clothes): Clothing or array; apparel. 服装，衣着5.evoke (produce): to produce a strong feeling or memory in someone 使人产生6.novice (inexperienced)：someone who has no experience ina skill, subject, or activity；beginner 新手7.demeanor (behavior)：The way in which a person behaves 举止，行为8.adroit (skillful)：Dexterous; deft; 熟练的；灵巧的9.spontaneous (unpremeditated): Happening or arising without apparent external cause; self-generated. 自然产生的，未计划的10.u pstage (overshadow)：to do something that takes people's attention away from someone else who is more important; 分散注意力；使……显得不重要11.g auge (estimate): To evaluate or judge; estimate 评估，判断12.d isconcerting (embarrassing): making you feel slightly confused, embarrassed, or worried 窘迫的13.b lank (expressionless): Lacking expression; expressionless; 茫然的，没有表情的Unit 121.wind (end): to bring an activity, meeting and so on to an end 结束2.bicker (quarrel)：to argue, quarrel especially about something very unimportant 发生口角3.malleable (easily train): Capable of being shaped or formed; easily trained or changed可锻炼的4.provoke (stir up)：To stir to action or feeling.煽动：激起行动或感情5.quest (pursuit): The act or an instance of seeking or pursuing something 追求6.trait (characteristics): A distinguishing feature, as of a person's character; quality 特征7.scrap (throw away): To discard as worthless; junk; 废弃：因为无用而丢掉；抛弃8.pool (collect): to combine and collect your money, ideas, skills etc. 聚集9.screen (examine): To examine (a job applicant, for example) systematically in order to determine suitability. 检查：系统地测试10.a ppraisal (evaluation): a statement or opinion judging the worth, value, or condition of something; 评价11.s trand (part): one of the parts of a story, idea, plan etc. 部分12.r emediate (make up for): To deal with a problem or make a bad situation better; 弥补13.b oost (increase): To increase; raise 增加；拔高Unit 131.warrant (justify): To provide adequate grounds for; 证明…正当：为…提供充足根据2.altruistically (in an unselfish way): showing concern for the happiness and welfare of other people rather than for yourself; selflessly 无私地3.inhibit (hold back): To hold back; restrain 抑制；限制4.groom (cleaning the fur and skin for): If an animal grooms itself or another animal, it cleans its own fur and skin or that of the other animal 把皮毛弄干净5.intriguing (interesting): very interesting because it is strange, mysterious, or unexpected 有趣的6.convention (generally accepted practice): General agreement on or acceptance of certain practices or attitudes: 惯例，习俗7.presumably (probably): say that you think something is probably true 可能，大概8.alleviate (ease): To make (pain, for example) more bearable; 减轻9.entwine (entangled): To twist around or together; entangle 缠绕：缠在周围或一起10.v alor (personal courage): Courage and boldness, as in battle; bravery. 勇气；胆量Unit 141.irrelevant (not related): Unrelated to the matter at hand. 不相干的，离题的2.succinct (concisely): clearly expressed in a few words; concise 简明扼要的3.mediocrity (commonplaceness): The state or quality of being mediocre; 平庸，平凡4.amateurish (not professional): Characteristic of an amateur; 业余的;非专业的5.abdicate (resignation): to give up the position；resign 辞职6.conversely (on the other hand): used when one situation is the opposite of another 相反地，另一方面7.effulgent (bright): Shining brilliantly; resplendent; bright 耀眼的；光彩照人的8.depravity (degradation): Moral corruption or degradation. 堕落：道德败坏9.salvation (deliverance): Preservation or deliverance from destruction, difficulty, or evil. 救助；解救10.o bdurate (obstinate): very determined not to change your beliefs, actions, or feelings, in a way that seems unreasonable; stubborn 固执的，顽固的11.i mmutable (permanent)：Not subject or susceptible to change; 永恒的：不可改变的Unit 151.wince (shrink): To shrink or start involuntarily, as in pain or distress; flinch. 畏缩，退缩2.savor (flavor): The taste or smell of something; 味道3.exertion (energetic use): the energetic use, especially a strenuous effort. 发挥，全力以赴的努力4.pronounced (conspicuous): Strongly marked; distinct; conspicuous 明显的：有很强烈的特征的5.sediment (settlings): Material that settles to the bottom of a liquid; lees. 沉淀物6.crevice (cleft): A narrow crack or opening; a fissure or cleft. 裂隙,裂缝7.remorseless (ruthless): Having no compassion or pity; merciless; 无情的，残忍的8.ravenous (gluttonous)：Extremely hungry; voracious;极饿的9.bellicose (pugnacious): Warlike in manner or temperament; belligerent 好战的10.e vict (force out): eject 武力驱逐；逐出11.g ermane (relate): an idea, remark etc that is germane to something is related to it in an important and suitable way; relevant 相关联的12.a ppall (shock): to make someone feel very shocked and upset; dismay 使……惊骇，震惊13.。

Maingot腹部手术学（第12版）_第29章肠梗阻---目录第五篇小肠和结肠┈┈┈┈┈┈383第十七章肠梗阻┈┈┈┈┈┈385第一节定义一、机械性肠梗阻二、功能性肠梗阻三、术后早期（机械性）肠梗阻第二节流行病学┈┈┈┈┈┈386第三节病理生理学┈┈┈┈┈┈387一、扩张、吸收和分泌二、肠道蠕动功能三、循环改变┈┈┈┈┈┈388四、菌群移位第四节病因学┈┈┈┈┈┈388一、粘连┈┈┈┈┈┈388二、疝┈┈┈┈┈┈389三、恶性肠梗阻┈┈┈┈┈┈390四、肉芽肿性疾病和克罗恩病五、肠套叠六、肠扭转七、其他病因┈┈┈┈┈┈390第五节诊断┈┈┈┈┈┈392一、病史与体格检查二、实验室检查三、影像学表现（一）立位腹平片┈┈┈┈┈┈393（二）对比剂检查┈┈┈┈┈┈394（三）CT检查┈┈┈┈┈┈395（四）超声检查┈┈┈┈┈┈395（五）MRE（磁共振肠动描记）检查（六）视频胶囊内镜检查四、缺血检测第六节治疗┈┈┈┈┈┈1275一、小肠梗阻┈┈┈┈┈┈1275（一）非手术治疗┈┈┈┈┈┈1276（二）何时中转手术治疗┈┈┈┈┈┈1278（三）手术治疗┈┈┈┈┈┈1279（四）旁路与切除决择┈┈┈┈┈┈1280（四）复发性小肠梗阻（五）粘连预防（六）术后早期小肠梗阻（七）放射性肠病（八）癌肿以及恶性肠梗阻二、大肠梗阻┈┈┈┈┈┈400三、肠麻痹┈┈┈┈┈┈401四、急性结肠假性便阻┈┈┈┈┈┈403 参考文献┈┈┈┈┈┈404第五篇小肠和结肠第十七章肠梗阻Hippocrates, the father of medicine, recognized, described, and treated bowel obstruction many years ago.医学之父希波克拉底在很多年以前就认识、阐述和治疗了肠梗阻。

Praxagoras appears to have performed the earliest recorded operation for bowel obstruction circa 350 BC when he relieved the obstruction of a bowel segment by creating a decompressive, diverting enterocutaneous fistula. 有记载的最早的治疗肠梗阻的手术是由Praxagoras 在公元前350 年完成的，他通过建立一个有趣的、减压的肠外瘘来缓解肠段的梗阻。