一种Web服务器安全机制的实现方法

针对Web网站点的入侵事件不断发生,现有的防火墙、IDS等设备都不能有效防止入侵者篡改网站中的网页、盗取重要信息等攻击,提出了Web服务器安全较完备机制,从核心层保证Web站点中的网页不会被黑客篡改,恶意代码在系统中不会肆意发作。该机制重构了操作系统核心层权限访问控制模型,对操作系统文件、注册表、进程和网络等资源采用白名单规则,并采用多机制相结合的方式提高Web服务器的抗攻击能力。     

iGuard网页防篡改系统为政府网站保驾

针对近年来各国政府和门户网站的篡改性攻击有增无减的情况，上海天存信息技术有限公司研发生产了iGuard网页防篡改系统，目前已成为国内领先和成熟的网页防篡改软件。iGuard网页防篡改系统以国家863项目先进技术为基础，使用严密的Web服务器核心内嵌技术，使得每一网页在被阅读前都进行水印检测，从而确保网站所有被阅读的网页都不被篡改。     

基于反向代理技术的Web防火墙

工作于应用层的代理防火墙可以针对应用协议对网络传输的内容进行监测分析。对Web服务系统流程以及HTTP协议进行分析,在Web服务器和客户端之间加入代理防火墙,防火墙获取服务器与客户端之间传输的数据,并对数据内容进行检查过滤,防止了非法内容的传输,并通过文件水印技术检测用户请求的文件是否被篡改,如果文件被篡改则将数据丢弃,再通过保存的原始文件将被篡改的文件恢复,保证用户访问到的都是正确的文件。     

基于本地快照和Rsync算法的Web文件保护

针对网页被篡改后的访问保护和快速恢复问题,以分布式网页防篡改系统的备份恢复为背景,提出一种基于本地快照和Rsync同步的Web文件保护方法.当Web页面被篡改时,Web服务器通过快照技术将原Web页面的映像发送给用户浏览,使得系统完好无损,进一步调用Rsync算法从备份服务器上同步Web文件,从而实现恢复.实验结果表明,该方法可保护被篡改页面不被访问,具备较好的快速恢复性能.     

捷普网络脆弱性智能评估系统

Web的开放性广受大家的欢迎,与此同时,Web系统将面临着形形色色入侵攻击的威胁,针对Web应用安全漏洞的攻击也在逐渐成为主流的攻击方式。利用网站操作系统的漏洞和Web服务程序的SQL注入漏洞等,黑客能够得到Web服务器的控制权限,从而轻易篡改网页内容或者窃取重要内部数据,甚至在网页中植入恶意代码（俗称“网页挂马”）,使得更多网站访问者受到侵害。     

一种分布式网站安全防护系统

为了及时、高效地阻止黑客对网页文件的篡改,并对被篡改的页面文件进行及时修复还原,提出了一种分布式"过滤驱动技术+事件触发技术+核心内嵌技术"架构的网站安全防护系统。事件触发技术负责自动实时监测,若有网页被篡改,通过过滤驱动技术和核心内嵌技术立即删除被篡改网页,停止Web服务。与传统的网页防篡改产品相比,系统可以对网页的非法篡改做出更为敏捷快速的反应,对系统资源占用更少。同时兼容其他安全产品,形成深度防护体系,最大限度地保障受保护网站的安全。     

基于环结构技术的Web防篡改系统研究

传统的Web防篡改系统安装于受保护服务器中,无自身安全保护措施。为减少网站页面被篡改,确保Web页面的完整性和防篡改系统自身的安全,借鉴令牌环工作原理,在已有防篡改技术的基础上提出环形网页防篡改模型,模型中引入了三线程和轮询环双重保护技术,解决了防篡改系统自身的安全问题。详细描述了系统的设计方法、工作机制及实现过程。实验证明,该系统能有效自御,在网站安全性得到保障的同时不影响服务器的工作效率。     

Web页面防篡改及防重放机制

为避免Web页面被篡改或重放而导致的网站服务中止或形象损毁等严重后果，提出了一种内嵌于Web服务器的实时的防篡改及防重放机制，并给出了其实现方法。该机制可以有效防范页面被恶意篡改，还可以防范黑客重放木马脚本程序，提高了系统的安全性和可靠性。     

WindowsXP中配置Web服务器和Web数据库的方法

我们虽然可以通过申请虚拟主机等方法建立自己的网站，但如果能将自己的普通台式计算机配置成Web服务器、构建自己的网站，无疑会更加灵活和方便，这种利用普通计算机配置Web服务器的方法免去了上传网页的麻烦，极大地方便了对网页的维护和更新，也无需支出额外的费用。要将普通计算机配置成Web服务器，通常可以采用的方法是下载、运行一些免费的Web服务器程序，如“天雁Web服务器”、“宽带Web服务器”等免费程序，不过这类服务器程序的功能相对比较简，只能提供一般的网页浏览服务，本文将要介绍的是利用WindowsXPProfessional中提供…     

基于Jetty的网页防篡改技术的设计和实现

本文提出并实现了架设在符合J2EE标准的Web服务器上的网页防篡改系统,该系统主要采用Java语言开发和实现,能够对目前各种主流操作系统平台上的网页内容进行实时监控,发现网页被篡改时能及时恢复并报警,有效的保护目标网站的安全。     

Only connect: teaching, technology and telesis

Abstract This paper describes an approach to the design of interactive multimedia materials being developed in a European Community project. The developmental process is seen as a dialogue between technologists and teachers. This dialogue is often problematic because of the differences in training, experience and culture between them. Conditions needed for fruitful dialogue are described and the generic model for learning design used in the project is explained.     

European Community policy and the market

Abstract This paper starts with some reflections on the policy considerations and priorities which are shaping European Commission (EC) research programmes. Then it attempts to position the current projects which seek to capitalise on information and communications technologies for learning in relation to these priorities and the apparent realities of the marketplace. It concludes that while there are grounds to be optimistic about the contribution EC programmes can make to the efficiency and standard of education and training, they are still too technology driven.     

一种自适应子融合集成多分类器方法

融合集成方法已经广泛应用在模式识别领域,然而一些基分类器实时性能稳定性较差,导致多分类器融合性能差,针对上述问题本文提出了一种新的基于多分类器的子融合集成分类器系统。该方法考虑在度量层融合层次之上通过对各类基多分类器进行动态选择,票数最多的类别作为融合系统中对特征向量识别的类别,构成一种新的自适应子融合集成分类器方法。实验表明,该方法比传统的分类器以及分类融合方法识别准确率明显更高,具有更好的鲁棒性。     

煤矿井下安全监控分站的设计及其仿真实现

为了设计一种具有低成本、低功耗、易操作、功能强且可靠性高的煤矿井下安全分站,针对煤矿安全生产实际,文章提出了采用MCS-51系列单片机为核心、具有CAN总线通信接口的煤矿井下安全监控分站的设计方案;首先给出煤矿井下安全监控分站的整体构架设计,然后着重阐述模拟量输入信号处理系统的设计过程,最后说明单片机最小系统及其键盘、显示、报警、通信等各个组成部分的设计;为验证设计方案的可行性与有效性,使用Proteus软件对设计内容进行仿真验证,设计的煤矿井下安全监控分站具有瓦斯、温度等模拟量参数超标报警功能和电机开停、风门开闭等开关量指示功能;仿真结果表明:设计的煤矿井下安全监控分站具有一定的实际应用价值.     

Avoiding semantic and temporal gaps in developing software intensive systems

Development of software intensive systems (systems) in practice involves a series of self-contained phases for the lifecycle of a system. Semantic and temporal gaps, which occur among phases and among developer disciplines within and across phases, hinder the ongoing development of a system because of the interdependencies among phases and among disciplines. Such gaps are magnified among systems that are developed at different times by different development teams, which may limit reuse of artifacts of systems development and interoperability among the systems. This article discusses such gaps and a systems development process for avoiding them.     

Designing economic np control charts: A programmed simulation approach

This paper presents control charts models and the necessary simulation software for the location of economic values of the control parameters. The simulation program is written in FORTRAN, requires only 10K of main storage, and can run on most mini and micro computers. Two models are presented - one describes the process when it is operating at full capacity and the other when the process is operating under capacity. The models allow the product quality to deteriorate to a further level before an existing out-of-control state is detected, and they can also be used in situations where no prior knowledge exists of the out-of-control causes and the resulting proportion defectives.     

The development of robot art

Going through a few examples of robot artists who are recognized worldwide, we try to analyze the deepest meaning of what is called “robot art” and the related art field definition. We also try to highlight its well-marked borders, such as kinetic sculptures, kinetic art, cyber art, and cyberpunk. A brief excursion into the importance of the context, the message, and its semiotics is also provided, case by case, together with a few hints on the history of this discipline in the light of an artistic perspective. Therefore, the aim of this article is to try to summarize the main characteristics that might classify robot art as a unique and innovative discipline, and to track down some of the principles by which a robotic artifact can or cannot be considered an art piece in terms of social, cultural, and strictly artistic interest. This work was presented in part at the 13th International Symposium on Artificial Life and Robotics, Oita, Japan, January 31–February 2, 2008     

Explanation and prediction: an architecture for default and abductive reasoning

Although there are many arguments that logic is an appropriate tool for artificial intelligence, there has been a perceived problem with the monotonicity of classical logic. This paper elaborates on the idea that reasoning should be viewed as theory formation where logic tells us the consequences of our assumptions. The two activities of predicting what is expected to be true and explaining observations are considered in a simple theory formation framework. Properties of each activity are discussed, along with a number of proposals as to what should be predicted or accepted as reasonable explanations. An architecture is proposed to combine explanation and prediction into one coherent framework. Algorithms used to implement the system as well as examples from a running implementation are given.     

View-based model-driven architecture for enhancing maintainability of data access services

In modern service-oriented architectures, database access is done by a special type of services, the so-called data access services (DAS). Though, particularly in data-intensive applications, using and developing DAS are very common today, the link between the DAS and their implementation, e.g. a layer of data access objects (DAOs) encapsulating the database queries, still is not sufficiently elaborated, yet. As a result, as the number of DAS grows, finding the desired DAS for reuse and/or associated documentation can become an impossible task. In this paper we focus on bridging this gap between the DAS and their implementation by presenting a view-based, model-driven data access architecture (VMDA) managing models of the DAS, DAOs and database queries in a queryable manner. Our models support tailored views of different stakeholders and are scalable with all types of DAS implementations. In this paper we show that our view-based and model driven architecture approach can enhance software development productivity and maintainability by improving DAS documentation. Moreover, our VMDA opens a wide range of applications such as evaluating DAS usage for DAS performance optimization. Furthermore, we provide tool support and illustrate the applicability of our VMDA in a large-scale case study. Finally, we quantitatively prove that our approach performs with acceptable response times.     

A pragmatic multi-method investigation of discrepant technological events: Coping,attributions, and ‘accidental’ learning

Discrepant technological events or situations that entail a problem, a misunderstanding or a difficulty with the Information Technology (IT) being employed, are common in the workplace, and can lead to frustration and avoidance behaviors. Little is known, however, about how individuals cope with these events. This paper examines these events by using a multi-method pragmatic approach informed by coping theory. The results of two studies – a critical incident study and an experiment – serve to build and test, respectively, a theoretical model that posits that individuals use a variety of strategies when dealing with these events: they experience negative emotions, make external attributions, and adopt engagement coping strategies directed at solving the event, eventually switching to a disengagement coping strategy when they feel they have no control over the situation. Furthermore, users’ efforts may result in ‘accidental’ learning as they try to overcome the discrepant IT events through engagement coping. The paper ends with a discussion of the results in light of existing literature, future opportunities for research, and implications for practice.