Reactively secure signature schemes

Protocols for problems like Byzantine agreement, clock synchronization, or contract signing often use digital signatures as the only cryptographic operation. Proofs of such protocols are frequently based on an idealizing “black-box” model of signatures. We show that the standard cryptographic security definition for digital signatures is not sufficient to ensure that such proofs are still valid if the idealized signatures are implemented with real, provably secure signatures. We propose a definition of signature security suitable for general reactive, asynchronous environments, called reactively secure signature schemes, and prove that, for signature schemes where signing just depends on a counter as state, the standard security definition implies our definition. We further propose an idealization of digital signatures that can be used in a reactive and composable fashion, and we show that reactively secure signature schemes constitute a secure implementation of our idealization.     

基于双线性映射的前向安全签名方案研究

首先,我们证明了基于双线性映射的SOK签名方案的安全性,结合文献[1]构造了一个前向安全签名方案,然后提出了一个新型的前向安全数字签名方案,并进行了安全性的分析和效率的比较。     

图书馆数字资源和网络安全问题及对策

对于图书馆来说,数字资源和网络安全是非常重要的一个问题,所以一定要采取正确对策和有效措施来对其进行安全管理.本文分析了图书馆资源网络安全的现状,并对如何加强图书馆资源网络安全提出自己的一些建议.     

Usability study of digital libraries: ACM, IEEE-CS, NCSTRL, NDLTD

If digital libraries are to be used effectively, their user interfaces should be tested and enhanced. We observed 48 participants as they worked with the following digital libraries: ACM, IEEE-CS, NCSTRL, and NDLTD. We discuss how the features of these digital libraries influence the subjects’ efforts to perform search and retrieval tasks. Data analysis indicates that the IEEE-CS digital library was rated the best overall and NDLTD had the best search time. We present user recommendations and propose a taxonomy of features that we believe are essential for the design of future digital libraries. Noteworthy is the observation that users’ judgements on the importance of different features varied widely between the beginning and end of their test sessions. Received: 15 December 1997 / Revised: June 1999     

Secure D-CAS system for digital contents downloading services

The digital contents market is growing rapidly and we can retrieve digital contents through various multimedia devices including portable hand-held devices, smart phones, and home devices. On the other side, many digital contents without the consent of copyright holders are shared on the Internet. Those copyright infringement problems undermine authoring needs of the digital contents manufacturers and also wither the development of digital contents market. We are sure that we need secure distribution mechanisms for the digital contents supply chain in order to revitalize contents services and markets more and more. Many research projects to limit contents utilization onto legitimate users and to provide secure contents protection and download are in progress. In this paper, we propose a secure D-CAS system (SDCAS) which provides security enhancement to various digital contents downloading services.     

数字水印技术

数字水印是近年来新兴的一种信息安全技术，已成为当前国际学术界的一个研究热点，本文介绍了数字水印的定义，分析了几种典型算法，并提出了评价数字水印算法的评估标准和攻击方法，最后，对未来数字水印的重点发方向做了展望。     

DOLPHIN: Digital Online Library Providing Human-Like InteractiveNavigation

In a digital library environment, we propose a novel support concept that is like a reference service in real libraries. Based on the concept, we have developed a prototype, called DOLPHIN, using a frame based knowledge base to support reference services in a digital library. DOLPHIN can guide the user to the appropriate service     

A document comparison scheme for secure duplicate detection

The ever-growing volumes of textual information from various sources have fostered the development of digital libraries, making digital content readily accessible but also easy for malicious users to plagiarize, thus giving rise to security problems. In this paper, we introduce a duplicate detection scheme that is able to determine, with a particularly high accuracy, the degree to which one document is similar to another. Our pairwise document comparison scheme detects the resemblance between the content of documents by considering document chunks, representing contexts of words selected from the text. The resulting duplicate detection technique presents a good level of security in the protection of intellectual property while improving the availability of the data stored in the digital library and the correctness of the search results. Finally, the paper addresses efficiency and scalability issues by introducing new data reduction techniques.     

基于证书实现多媒体会议安全身份认证的方案

多媒体会议系统的安全性是其运行成功与否的关键因素之一。文章基于数字证书,利用公开密钥加密和数字签名等技术,提出了一种在多媒体会议系统中对与会人员的信息保密传输和身份认证的方案,并给出了具体的实现,成功解决了多媒体会议系统中一个安全管理的问题,实践证明该方案是行之有效的。     

Towards a digital library theory: a formal digital library ontology

Digital libraries (DLs) have eluded definitional consensus and lack agreement on common theories and frameworks. This makes comparison of DLs extremely difficult, promotes ad-hoc development, and impedes interoperability. In this paper we propose a formal ontology for DLs that defines the fundamental concepts, relationships, and axiomatic rules that govern the DL domain, therefore providing a frame of reference for the discussion of essential concepts of DL design and construction. The ontology is an axiomatic, formal treatment of DLs, which distinguishes it from other approaches that informally define a number of architectural variants. The process of construction of the ontology was guided by 5S, a formal framework for digital libraries. To test its expressibility we have used the ontology to create a taxonomy of DL services and to reason about issues of reusability, extensibility, and composability. Some practical applications of the ontology are also described including: the definition of a digital library services taxonomy, the proposal of a modeling language for digital libraries, and the specification of quality metrics to evaluate digital libraries. We also demonstrate how to use the ontology to formally describe DL architectures and to prove some properties about them, thus helping to further validate the ontology.     

数字校园数据加密研究与实现

网络的复杂性与数据的特殊性使得数据在传输和存储过程中有可能因偶然和恶意的原因而遭受破坏、更改或泄露,从而对教学秩序造成严重损害。为了使数字校园的信息安全得到保障,将数据加密技术运用于数字校园信息系统,同时,为数据安全提出一套完整的安全设计方案,解决了数据信息在传输和存储过程中的安全问题。     

一种改进的ElGamal数字签名方案

数字签名在现代信息安全中发挥着不可替代的作用,ElGamal数字签名是一种重要的离散对数数字签名方案,但是原始ElGamal签名方案存在不少安全和效率方面的问题。提出一种新型ElGamal数字签名方案,证明其能抵挡一种新型的伪造攻击和同态攻击,并对其安全性和复杂度进行了分析与说明。     

试谈我国数字图书馆建设

概述了数字图书馆建设中取得的成绩,并论述了数字图书馆在发展中遇到的问题,最后提出了解决数字图书馆发展中的问题。     

一种基于数字证书的无线局域网认证机制初探

无线局域网使用公共电磁波作传输介质,这在为用户带来便捷的同时也为其网络安全问题带来新的挑战。主要的解决方法有用户身份认证和数据加密传输。本文尝试提出一种新的基于数字证书的无线局域网认证机制。同时探讨了该机制的优缺点。该机制利用证书作为认证用户的手段．通过认证服务器AS实现对supplicant和AP的双向认证,并借用盲签名的思想在supplicant和AP之间生成和分配用于会话加密的共享密钥。     

基于区块链的数字作品交易系统的研究

随着5G时代的来临,互联网应用在人类社会的方方面面已根深蒂固,而人们所拥有的数字作品也越来越多。为了解决传统的数字作品管理与交易系统存在信任依赖度高、透明度低、维护成本较高,无法完全保障数字作品的安全、无法确保著作人自身的利益等问题,通过对比特币电子现金系统的特点以及区块链技术的发展进行研究与总结,提出了一种利用区块链技术的去中心化、共识机制和链式存储等特点的方法,同时使用基于深度学习的自动定价模型,设计出一种基于区块链的数字作品自动定价与交易系统。实验结果证明,通过该系统能够在保护数字作品安全的同时,解决恶意交易、损害著作人利益等问题;可以实现用户之间的直接交易,保证数字作品完全由著作人自治。     

数字图书馆中数据对象的描述和检索

数字图书馆中最基本的元素是数据对象，对数据对象的描述、存贮和检索构成了数字图书馆的基本功能。该文首先介绍了一个数字图书馆结构框架，并以此为基础提出了数字图书馆中基本元素数据对象的描述方法和目前正在制定中的标准，然后给出了一个基于层次化树状结构的数据对象检索方法。     

基于可信计算的P2P信任模型

P2P网络的安全需求中,信任关系的建立是重点也是难点。传统的信任评估模型,采用适当的信任评估手段,能够在一定程度上削弱单纯欺骗、不作为、诽谤和联合作弊的安全威胁,但却不能有效地抵御Pseudospoofing和Pseudostheft攻击。在本文中,我们将可信计算组织推出的可信计算技术引入P2P网络,提出了一种有效的P2P网络实体数字身份的创建和管理策略。新的信任模型在信任评估过程中贯穿着平台认证,很好地解决了P2P网络的安全问题。     

机器可读旅行文档的安全分析

新一代通关检测系统使用了生物特征认证技术。而合有生物特征信息的机器可读旅行文档（Mrtds）的安全是一个极为重要的问题。本文中我们首先分析了对Mrtds中机器可读区数据的潜在威胁。然后总结了由国际民航组织（ICAO）推荐的系统安全方案，也就是基于公钥体系的数字签名。基于这些内容，我们把Mrtds的认证过程看作是被保护数据，相应的hash值和数字签名以及持有者共四个环节之间的连接。对于用于每个连接中的技术，也就是公钥体系，数字签名和生物认证技术，我们提出了一些附加的要求和安全特征。结果，改进的系统加固了每个连接，从而获得了更高的系统安全性。     

SemWebDL: A privacy-preserving Semantic Web infrastructure for digital libraries

Recent advances in digital libraries have been closely intertwined with advances in Internet technologies. With the advent of the Web, digital libraries have been able to reach constituencies previously unanticipated. Because of the wide deployability of Web-accessible digital libraries, the potential for privacy violations has also grown tremendously. The much touted Semantic Web, with its agent, service, and ontology technologies, is slated to take the Web to another qualitative level in advances. Unfortunately, these advances may also open doors for privacy violations in ways never seen before. We propose a Semantic Web infrastructure, called SemWebDL, that enables the dynamic composition of disparate and autonomous digital libraries while preserving user privacy. In the proposed infrastructure, users will be able to pose more qualitative queries that may require the ad hoc collaboration of multiple digital libraries. In addition to the Semantic Web-based infrastructure, the quality of the response would rest on extraneous information in the form of a profile. We introduce the concept of communities to enable subject-based cooperation and search speedup. Further, digital libraries heterogeneity and autonomy are transcended by a layered Web-service-based infrastructure. Semantic Web-based digital library providers would advertise to Web services, which in turn are organized in communities accessed by users. For the purpose of privacy preservation, we devise a three-tier privacy model consisting of user privacy, Web service privacy, and digital library privacy that offers autonomy of perspectives for privacy definition and violation. We propose an approach that seamlessly interoperates with potentially conflicting privacy definitions and policies at the different levels of the Semantic Web-based infrastructure. A key aspect in the approach is the use of reputations for outsourcing Web services. A Web service reputation is associated with its behavior with regard to privacy preservation. We developed a technique that uses attribute ontologies and information flow difference to collect, evaluate, and disseminate the reputation of Web services.     

Determining the antecedents of digital security practices in the general public dimension

Our increased reliance on digital information and our expansive use of the Internet for a steadily rising number of tasks requires that more emphasis be placed on digital information security. The importance of securing digital information is apparent but the success in persuading individual users to adopt and utilize tools to improve security has been arguably more difficult. In this study, we propose a number of factors that may influence individual security practices. These constructs are developed by adapting existing theory from information security and privacy research to examine information security behaviors in the general public dimension. The influence of these factors on perceived need and actual behavior is then examined. The resulting model is shown to fit well and support is found for many of the proposed relationships. The determination of the antecedents of individual digital security practices may provide useful insight to tailoring programs for adoption and utilization of security tools by individuals in the general public dimension.