电力行业移动应用安全体系关键技术研究

我国互联网信息中心相关统计数据显示目前我国的手机网民数量占整体网民数量的90%以上,移动通信技术的普及极大的促进了移动终端设备及其应用的发展,移动互联网技术已经渗透到我们生活的方方面面。在这种背景下,智能电网建设已经给成为历史发展的必然,我国十三五规划也明确提出电力行业要加大信息化建设工作。文章对电力行业移动应用情况进行了研究,分析电力行业移动应用存在的主要安全风险,如移动终端设备安全风险、移动APP安全风险、网络层安全接入风险和服务端安全风险。本文认为电力企业可以通过代码审计、渗透测试、安全配置核查和病毒木马查杀等方式来加强对移动应用安全的测试,从而提高电力行业移动应用的安全性。     

智能电网中的移动应用安全技术研究

当前智能电网的建设愈加朝向数字化、自动化的目标前进,根据电网建设的计划逐步开展,文章首先分析了智能电网的几种移动应用服务,其中包含应用安全服务层、移动应用服务层、可信移动设备管理层和基础安全层.本文最后针对智能电网采用移动应用的安全保障问题进行了探讨,深入分析了智能电网中的移动应用安全技术有关问题,旨为有关部门的工作开展提供参考.     

安全隔离技术在电力信息网络安全防护中的应用

对于电力企业而言,信息的安全十分重要,如果没有很好的保证电力信息安全,就很容导致电力企业自身建设中安全、数据的丢失,这会极大的阻碍电力企业的发展,因此,电力企业相关的管理人员要重视信息的安全防护.安全隔离技术是一个十分彻底、安全的网络安全技术,并且已经成为了信息保护系统中的重要措施,本文主要对电力信息网的安全现状进行分析,并对安全隔离技术在电力信息网络安全防护中的应用情况进行分析.     

电力企业信息网络安全风险分析与管控措施研究

目前,在我国社会用电负荷快速增长、信息网络技术快速发展的形势下,电力企业更加重视信息网络技术在电力企业的应用情况和信息网络安全情况。因此,文章基于电力企业信息网络安全的目标,分析目前电力企业信息网络安全风险,并针对这些安全风险提出相应的风险管控措施,以供参考。     

电力企业移动信息化实施方案

分析了电力企业移动信息化发展趋势,提出了“企业级移动平台+移动应用”的企业级移动信息化实施方案,包括总体技术路线和总体架构、企业级统一移动互联应用支撑平台设计、基于移动平台的移动应用建设方案和移动信息化实施的安全设计,该方案已经在国家电网公司成功应用.     

基于对Android安全体系的分析

随着Android系统在众多智能手机与平板电脑等移动设备中的流行,该系统凸显出了越来越多的安全问题,解决这些问题成为Android系统继续发展过程中不可忽视的一部分。Android系统在市场中占据着重要的地位,其开源系统的特性和自身设计过程中存在的安全问题为许多恶意软件的攻击提供了开口。文章从Android系统的架构与开发到其安全机制的设计等方面分析了如何加强系统的安全体系,如何抵抗恶意软件的破坏,针对Android系统目前的安全现状,提出了相应的安全措施。     

移动Agent技术在电子商务安全中的应用研究

文章通过分析电子商务模式和移动Agent技术的特点,研究了不可靠环境下基于移动Agent协作式电子商务的安全性问题,论述了安全电子商务模式的技术特点和安全风险,并分析了主要的解决方案。应用结果表明,从不可靠主机环境和移动Agent本身两方面出发,综合使用多种安全技术措施可以较好地实现基于移动Agent的安全电子商务。     

移动支付安全性分析及技术保障研究

文章通过对移动支付相关概念及分类介绍,分析了国内外移动支付现状,提出了移动支付中的安全问题,并提出几种移动支付安全的技术保障。     

移动数据的安全威胁和解决方案研究

文章展示不同的移动数据可能在现实生活中发生的安全威胁,并提供了消除它们的解决方案。移动数据是分布式系统的一个特殊类。由于移动数据应用的分布式特性和移动设备的硬件约束对于安全是个挑战。文章涉及的安全主题包含4个方面,包括:移动硬件设备的安全性、移动设备上的操作系统的安全性、移动数据的安全性和移动网络的安全性。文章确定在移动数据上有一系列安全漏洞,并尝试运用适当的技术,以减少对移动数据安全方面的影响。对于移动硬件设备,文章将讨论影响移动数据的安全性的可能的解决方案,主要分为移动硬件设备、移动操作系统和移动网络的安全问题。最后,对于更多的安全,文章提供了可应用于分布式数据的全面解决方案。     

一种基于TPM技术增强嵌入式平台安全性的方法

文章分析了传统的安全操作系统在用于安全网关设备的嵌入式平台自身安全防护时的局限性,分析并结合可信计算技术,提出了基于TPM技术构建完整的信任链,增强嵌入式平台自身安全性、可信度的一种方法,并说明了该技术在实际应用中的意义.     

Highly Secure Mobile Devices Assisted with Trusted Cloud Computing Environments

Mobile devices have been widespread and become very popular with connectivity to the Internet, and a lot of desktop PC applications are now aggressively ported to them. Unfortunately, mobile devices are often vulnerable to malicious attacks due to their common usage and connectivity to the Internet. Therefore, the demands on the development of mobile security systems increase in accordance with advances in mobile computing. However, it is very hard to run a security program on a mobile device all of the time due the device's limited computational power and battery life. To overcome these problems, we propose a novel mobile security scheme that migrates heavy computations on mobile devices to cloud servers. An efficient data transmission scheme for reducing data traffic between devices and servers over networks is introduced. We have evaluated the proposed scheme with a mobile device in a cloud environment, whereby it achieved a maximum speedup of 13.4 compared to a traditional algorithm.     

Secure and Efficient Mutual Authentication Scheme for NFC Mobile Devices

As the technology of mobile devices spreads fast, the price of mobile devices is getting cheaper. Most of the people have mobile devices, and these devices have the technology of near field communication (NFC). With the long time development and research, the mobile devices use NFC technology on the payment and authentication applications, and replace the smartcard, the access control card, and the credit card by using the card emulation mode. It helps the development of NFC applications. In recent years, more and more users begin using NFC technology on mobile payment and authentication. Many researches have proposed the related NFC authentication protocols, but their schemes are still lack of some security properties and functions, which are necessary for NFC authentication protocols. In this paper, we propose a secure and efficient NFC authentication scheme between two NFC devices by the help of the authentication server that provides mutual authentication.     

移动设备的安全性研究

智能移动设备不断接近传统计算环境的性能和可扩展性.但这些新的功能和应用使移动设备成为攻击者和恶意软件的攻击目标.本文分析了移动设备所面临的安全挑战,深入研究了移动设备的安全模型.     

SCADA系统安全通信面临的挑战及未来发展趋势

近年来,监控与数据采集（SCADA）系统的安全性问题引起了极大关注,为此,一些研究机构提出了很多安全机制,国际标准化组织也发布了多个SCADA系统安全标准。主要阐述SCADA安全通信所面临的技术挑战及应对措施,主要从密钥管理、入侵检测、智能设备的研发以及系统替换等方面进行概述;重点关注SCADA网络安全倡议中所提出的安全协议;以及未来能量栅格包括SCADA网络中嵌入式系统设备的安全功能和通信功能的实现问题。     

A software protection framework for mobile devices

The software protection technology is the main component of modern software security technology. Generally, confusion and encryption methods are using in software protection technology to provide traditional desktop applications. But applications based on mobile devices are also faces with threats such as piracy and tampering. The security problem in existing applications for mobile devices will do far more harm to users than traditional virus, but there is no effective software protection security framework for them. A software application framework for mobile devices is proposed in this paper, and the white box decryption algorithm involved is improved. And it is analyzed in this paper the performance and security of the framework proposed, the operational efficiency of the improved encryption algorithm is verified.     

The Study and Perspective of Mobile Agent Security

Security is an important issue for the widespread deployment of applications based on software agent technology. It is generally agreed that without the proper countermeasures in place, use of agent-based applications will be severely impeded. So many projects have focused on the security issues of mobile agent and many mechanisms have been proposed to solve the security problem. This paper discusses the security issues and the countermeasures. Then it points out some directions for the research of the mobile agent security.     

Adaptive and Flexible Smartphone Power Modeling

Mobile devices have become the main interaction mean between users and the surrounding environment. An indirect measure of this trend is the increasing amount of security threats against mobile devices, which in turn created a demand for protection tools. Protection tools, unfortunately, add an additional burden for the smartphone’s battery power, which is a precious resource. This observation motivates the need for smarter (security) applications, designed and capable of running within adaptive energy goals. Although this problem affects other areas, in the security area this research direction is referred to as “green security”. In general, a fundamental need to the researches toward creating energy-aware applications, consist in having appropriate power models that capture the full dynamic of devices and users. This is not an easy task because of the highly dynamic environment and usage habits. In practice, this goal requires easy mechanisms to measure the power consumption and approaches to create accurate models. The existing approaches that tackle this problem are either not accurate or not applicable in practice due to their limiting requirements. We propose MPower, a power-sensing platform and adaptive power modeling platform for Android mobile devices. The MPower approach creates an adequate and precise knowledge base of the power “behavior” of several different devices and users, which allows us to create better device-centric power models that considers the main hardware components and how they contributed to the overall power consumption. In this paper we consolidate our perspective work on MPower by providing the implementation details and evaluation on 278 users and about 22.5 million power-related data. Also, we explain how MPower is useful in those scenarios where low-power, unobtrusive, accurate power modeling is necessary (e.g., green security applications).     

我国移动电子商务面临的安全及对策研究

近几年,随着无线网络技术的发展,移动电子商务成为无线网络应用的必然趋势。但由于网络本身的开放性,使得移动电子商务面临着各种各样的安全威胁,其安全问题已成为核心焦点被提到了极其重要的位置。本文通过对我国移动电子商务发展现状进行描述,探讨了制约移动电子商务安全发展的相关安全问题。在此基础上进一步从核心技术、立法和专业人员培训需求等层面提出了相应的安全对策。     

An efficient authentication system of smart device using multi factors in mobile cloud service architecture

Mobile cloud computing environments have overcome the performance limitation of mobile devices and provide use environments not restricted by places. However, user information protection mechanisms are required because of both the security vulnerability of mobile devices and the security vulnerability of cloud computing. In this paper, a multifactor mobile device authentication system is proposed to provide safety, efficiency, and user convenience for mobile device use in cloud service architectures. This system improves security by reinforcing the user authentication required before using cloud computing services. Furthermore, to reinforce user convenience, the system proposed increases the strength of authentication keys by establishing multiple factors for authentication. For efficient entries in mobile device use environments, this system combines mobile device identification number entries, basic ID/password type authentication methods, and the authentication of diverse user bio‐information. This system also enhances authentication efficiency by processing the authentication factors of a user's authentication attempt in a lump instead of one by one in the cloud computing service environment. These authentication factors can be continuously added, and this authentication system provides authentication efficiency even when authentication factors are added. The main contribution is to improve high security level by through authentication of mobile devices with multifactors simultaneously and to use the mobile cloud service architecture for its efficient processing with respect to execution time of it. Copyright © 2013 John Wiley & Sons, Ltd.