由装饰图案中安全感的体现引发的思考

本文从"安全感"的视角,通过阐述传统装饰图案寓意和现代装饰图案审美内涵,探索人们对安全感需求的重要性,呼吁设计师关注消费者的心理需求并重视安全感设计。     

The price of security in wireless sensor networks

With the increased application of wireless sensor networks (WSNs) to military, commercial, and home environments, securing the data in the network has become a critical issue. Several security mechanisms, such as TinySec, have been introduced to address the need for security in WSNs. The cost of security, however, still mostly remains an unknown variable. To provide a better understanding of this cost we have studied three aspects of WSNs security: encryption algorithms, modes of operation for block ciphers, and message authentication algorithms. We have measured and compared their memory and energy consumption on both MicaZ and TelosB sensor motes. The results of our experiments provide insight into the suitability of different security algorithms for use in WSN environments and could be used by WSN designers to construct the security architecture of their systems in a way that both satisfies the requirements of the application and reasonably uses the constrained sensor resources.     

Java对象迁移中的安全问题

Java技术之所以适用于网络,就是因为它有完备的、涉及到其结构中的安全模式,但是在实际运行过程中,还需要设计者利用一些技巧来完善它的安全性。对Java对象动态迁移中存在的安全问题进行了分析,提出利用RSA加密与数字签名算法保护Java对象中秘密信息的方案,有效地解决了密钥分配问题,实现了Java对象的安全迁移,确保了Java对象迁移过程中秘密信息的隐秘性、完整性和可认证性。     

J2EE平台下社保综合系统的设计与实现

根据社保行业的特点和实际需求，提出一种基于J2EE平台的C/S/S结构社保系统模型。系统设计过程中引入组件化和工作流的思想，使用Business Delegate, Session Facade等多种J2EE设计模式。为了规范系统调用层次和搭建系统服务，构建了企业级框架。应用解决EJB调用瓶颈的优化策略，提供安全服务和日志服务。     

Hardware Security in the Dark

The increasing transistor count on a single chip provides an unprecedented amount of resources for chip designers. Unfortunately, the power consumed by each transistor does not shrink similarly, decreasing the amount of transistors that can be on simultaneously. This utilization wall leaves a growing percentage of transistors dark, or powered-off, as the chip cannot (a) provide the necessary current or (b) maintain a low operating temperature. To account for dark silicon, the computer architecture community has begun taking advantage of the wealth of available transistors to design efficient, time-sharing systems, often through specialized architectures. Meanwhile, security is quickly becoming a first-tier design constraint, increasing the need for hardware security mechanisms, in order to maintain high levels of availability and to detect and protect from intrusion. As we move into the many-core environment, many of these security mechanisms will need to be integrated on-chip. In a chip-multiprocessor environment, security will be necessary as multiple programs or users are sharing resources, thus facilitating attacks. In both a single-user and multiple-user environment, designers can build specialized hardware to provide support for security functions, such as authenticity, cryptography, and intrusion detection. In this paper, we survey current hardware security trends and provide insight on how future chip designs can leverage dark silicon for more secure designs. We provide preliminary designs and discuss future challenges and opportunities in dark silicon security. The merging of hardware security and dark silicon will facilitate efficient, fast, and secure designs.     

Secure Sharing of Tuple Spaces in Ad Hoc Settings

Security is emerging as a growing concern throughout the distributed computing community. Typical solutions entail specialized infrastructure support for authentication, encryption and access control. Mobile applications executing over ad hoc wireless networks present designers with a rather distinct set of security requirements. A totally open setting and limited resources call for lightweight and highly decentralized security solutions. In this paper we propose an approach that relies on extending an existing coordination middleware for mobility (Lime). The need to continue to offer a very simple model of coordination that assures rapid software development led to limiting extensions solely to password protected tuple spaces and per tuple access control. Password distribution and security are relegated to the application realm. Host level security is ensured by the middleware design and relies on standard support provided by the Java system. Secure interactions among agents across hosts are accomplished by careful exploitation of the interceptor pattern and the use of standard encryption. The paper explains the design strategy used to add security support in Lime and its implications for the development of mobile applications over ad hoc networks.     

Design validation: comparing theoretical and empirical results ofdesign error modeling

To use simulation for design verification, designers need a confidence measure for a given set of simulation patterns, specifically for cases in which only a subset of the possible patterns is used. The authors derive a measure of design verification coverage based on the number of design errors detected in a theoretical analysis of a circuit. To verify the theoretical analysis, they simulate errors and compare the results     

移动智能代理系统中主机的安全性研究

移动智能代理系统提供了一个新的计算方式,程序以软件代理的形式出现,它能在一台主机上停止它的执行,通过移动到另一台主机上来恢复执行。随着移动软件混合性的增加,也伴随着对安全的威胁,该文论述了agent主机面临的安全问题,同时提出了对agent主机的保护方法。     

Auditory display design—An investigation of a design pattern approach

We present the evaluation of a methodological design framework that supports expert and novice designers in creating auditory artefacts in human–technology interaction. We first motivate the development of our framework by analysing available guidance and the current practice in the field. Subsequently, we recapitulate on the design of the framework—paco, pattern design in the context space—and present its key concepts and methods. The evaluation of paco aimed to investigate how useful this framework is in a real-world environment. It was conducted in two phases: experts in auditory display design first captured successful designs through paco and created a body of design patterns. These patterns were subsequently used in a controlled experiment with novice designers who were given a design task that forced them to use audio. The results demonstrate that paco has facilitated the transfer of design knowledge and good practice from experts to novices through design patterns. The context space, a key concept in paco, improves the contextual awareness of designers and provides an organising principle for problems, patterns and artefacts. We close by reflecting on the results and discussing future lines of research.     

WISDOM: A website design method based on reusing design and software solutions

ContextWebsites are increasingly important for advertising and announcing information and they have become virtual business operations support tools. Thus, website designers have to take an increasing number of criteria (cost, delay, quality, security, maintenance) into account during design process to satisfy the needs.ObjectiveThe objective of this paper was to present our WISDOM method that: guides the designer through the website design process, proposes design solutions based on already existing solutions for online website design, facilitates the choice of software components to implement specific services, and speeds up website construction.MethodThe originality of our method is that it links the design process to formalized experience and a software component characterization that allows both functional and non-functional aspects to be considered.ResultsThis method relies on the state-of-the-art strengths in the website design process, modeling dimensions, Model-Driven Engineering and the patterns approach. We propose an implementation of our method as a dedicated website which helps website design and provides a website analysis catalog and a software component analysis catalog.ConclusionOur analysis of the method’s use highlights that formalizing the steps of the design process helps designers, especially novice designers, to design a website; our analysis of the tool’s use highlights its efficiency for rapid website development and its use of the “website family” concept. The results are so very encouraging for both method and tool; both facilitate website design by reusing existing solutions and components.     

唯有源头活水来——传统图案在网络符号设计中的再创造

人们透过视觉符号来表达自己民族的文化内涵,同时,也通过对传统文化的学习,了解在社会语境中网络信息符号所传达的含义。传统图案是整合了符号形式(signifier)与符号的意义(signified)两者之间的潜在力量。信息设计应该如何通过网络整合,有效地进行视觉传达是设计师们日益关注的焦点。懂得如何在网络符号中融合传统图案元素,注入新时的代需求,才能将中国传统图案赋予新的生命。本文的研究将从传统图案中包含的符号性来挖掘和思考。     

非易失性内存安全技术综述

大数据应用对内存容量的需求越来越大，而在大数据应用中，以动态随机存储器为内存介质的传统存储器所凸显出来的问题也越来越严重。计算机设计者们开始考虑用非易失性内存去替代传统的动态随机存储器内存。非易失性内存作为非易失的存储介质，不需要动态刷新，因此不会引起大量的能量消耗；此外，非易失性内存的读性能与动态随机存储器相近，且非易失性内存单个存储单元的容量具有较强的可扩展性。但将非易失性内存作为内存集成到现有的计算机系统中，需要解决其安全性问题。传统的动态随机存储器作为内存介质掉电后数据会自动丢失，即数据不会在存储介质中驻留较长时间，而当非易失性内存作为非易失性存储介质时，数据可以保留相对较久的时间。若攻击者获得了非易失性内存存储器的访问权，扫描存储内容，便可以获取内存中的数据，这一安全性问题被定义为数据的“恢复漏洞”。因此，在基于非易失性内存模组的数据中心环境中，如何充分有效地利用非易失性内存，并保证其安全性，成为迫切需要解决的问题。该文从非易失性内存的安全层面出发，对近年来的研究热点及进展进行介绍。首先，该文总结了非易失性内存所面临的主要安全问题，如数据窃取、完整性破坏、数据一致性与崩溃恢复，以及由加解密和完整性保护技术引入而导致的系统性能下降等问题。然后，针对上述各问题，对组合计数器模式加密技术、完整性保护技术扩展的默克尔树、数据一致性与崩溃恢复技术，以及相关优化方案作了详细介绍。最后，对全文进行了总结，并对非易失性内存未来需要进一步关注的问题进行了展望。     

Evaluation of the Pattern-based method for Secure Development (PbSD): A controlled experiment

ContextSecurity in general, and database protection from unauthorized access in particular, are crucial for organizations. Although it has been long accepted that the important system requirements should be considered from the early stages of the development process, non-functional requirements such as security tend to get neglected or dealt with only at later stages of the development process.ObjectiveWe present an empirical study conducted to evaluate a Pattern-based method for Secure Development – PbSD – that aims to help developers, in particular database designers, to design database schemata that comply with the organizational security policies regarding authorization, from the early stages of development. The method provides a complete framework to guide, enforce and verify the correct implementation of security policies within a system design, and eventually generate a database schema from that design.MethodThe PbSD method was evaluated in comparison with a popular existing method that directly specifies the security requirements in SQL and Oracle’s VPD. The two methods were compared with respect to the quality of the created access control specifications, the time it takes to complete the specification, and the perceived quality of the methods.ResultsWe found that the quality of the access control specifications using the PbSD method for secure development were better with respect to privileges granted in the table, column and row granularity levels. Moreover, subjects who used the PbSD method completed the specification task in less time compared to subjects who used SQL. Finally, the subjects perceived the PbSD method clearer and more easy to use.ConclusionThe pattern-based method for secure development can enhance the quality of security specification of databases, and decrease the software development time and cost. The results of the experiment may also indicate that the use of patterns in general has similar benefits; yet this requires further examinations.     

The integration of ergonomics into design—A review

Abstract

This paper examines the role of ergonomics in product and systems design. Market requirements as well as legislation have increased the use of ergonomics in design. This has increased the demands upon both ergonomists and designers. The ergonomist must learn to participate in the product development team. In return the design team must find the time and resources necessary for the inclusion of ergonomics in the development programme. This paper discusses the different roles played by the ergonomist in each stage of product and systems design. The need to give designers, engineers and management a fundamental education in ergonomics is highlighted as is the need for the ergonomist to consider the financial consequences of his work.     

Theoretical examination of the effects of anxiety and electronic performance monitoring on behavioural biometric security systems

Computerised biometric systems are automated methods of verifying or recognising the identity of a user on the basis of some physiological characteristic, like a fingerprint or some aspects of behaviour such as keystroke patterns. Behaviourally based biometric systems include signature, speaker and keystroke verification. The investigation of psychological factors which might impact on the efficiency of a behavioural biometric computer security monitoring system has to our knowledge not been conducted. Of particular concern in the present paper are the potential effects of state anxiety on individual's physiological and performance responses. It is suggested that in a behaviourally based biometric computer security monitoring system, state anxiety may have sufficient effects to alter typical physiological and performance responses, resulting in an increased risk of security challenges, interruption of work-flow and resultant poor performance. It is also proposed that behaviourally based biometric systems may have the potential to be used as electronic performance monitoring systems, and typical responses to such systems need to be examined when developing and implementing any behaviourally based biometric security system.     

模式驱动的系统安全性设计的验证

随着万维网和移动计算技术的广泛应用,系统安全性得到了越来越多的关注,使用安全模式对系统安全解决方案进行设计并验证是提升系统安全性的一种有效途径。现有方法根据系统安全需求选择适用的安全模式,在此基础上将模式组合为系统的安全解决方案,并通过模型检测方法验证其安全性。但是,这些方法往往将方案看作整体进行验证,忽略了内部安全模式的组合细节,难以在包含大量模式的复杂系统中定位缺陷。提出一种模式驱动的系统安全性设计的验证方法,首先使用代数规约语言SOFIA描述安全模式及其组合,以构建系统安全解决方案的形式化模型;然后将SOFIA规约转换为Alloy规约后,使用模型检测工具验证模式组合的正确性和系统的安全性。案例研究表明,该方法能够有效地验证系统安全解决方案的正确性。     

Overview of IEEE 802.16 security

When creating the new wireless communication standard IEEE 802.16, designers attempted to reuse a security scheme designed for wired media. The authors review the standard, enumerate its flaws, and outline changes that could defend it against threats.     

What users want in e-commerce design: effects of age,education and income

Preferences for certain characteristics of an online shopping experience may be related to demographic data. This paper discusses the characteristics of that experience, demographic data and preferences by demographic group. The results of an online survey of 488 individuals in the United States indicate that respondents are generally satisfied with their online shopping experiences, with security, information quality and information quantity ranking first in importance overall. The sensory impact of a site ranked last overall of the seven characteristics measured. Preferences for these characteristics in e-commerce sites were differentiated by age, education and income. The sensory impact of sites became less important as respondents increased in age, income or education. As the income of respondents increased, the importance of the reputation of the vendor rose. Web site designers may incorporate these findings into the design of e-commerce sites in an attempt to increase the shopping satisfaction of their users. Results from the customer relationship management portion of the survey suggest that current push technologies and site personalization are not an effective means of achieving user satisfaction.     

What users want in e-commerce design: effects of age,education and income

Preferences for certain characteristics of an online shopping experience may be related to demographic data. This paper discusses the characteristics of that experience, demographic data and preferences by demographic group. The results of an online survey of 488 individuals in the United States indicate that respondents are generally satisfied with their online shopping experiences, with security, information quality and information quantity ranking first in importance overall. The sensory impact of a site ranked last overall of the seven characteristics measured. Preferences for these characteristics in e-commerce sites were differentiated by age, education and income. The sensory impact of sites became less important as respondents increased in age, income or education. As the income of respondents increased, the importance of the reputation of the vendor rose. Web site designers may incorporate these findings into the design of e-commerce sites in an attempt to increase the shopping satisfaction of their users. Results from the customer relationship management portion of the survey suggest that current push technologies and site personalization are not an effective means of achieving user satisfaction.     

基于电子政务内网的信息安全防范体系的研究

随着互联网络的推广,各种网络应用系统得到了广泛的应用,政府机关使用电子政务内网系统关系到我国政治、经济、民生等方面的正常运行,其安全性和重要性不言而喻。本文首先分析了电子政务内网系统的设计,描述其系统框架和系统功能;其次分析了PPDR安全模型和当前电子政务系统所受到的主要威胁,在此基础上设计了信息安全防范体系,并对整个防范体系进行了详细的描述。本文对于网络管理人员和系统设计人员都有着积极的作用。