白盒可追踪的属性签名方案

基于属性的签名协议具有匿名性,且私钥不与用户身份绑定,恶意用户可能利用此性质出售私钥而逃过追究。为此,提出可追踪性属性签名方案,使得系统能够通过泄露的私钥破解匿名性并追踪用户身份。给出具有白盒可追踪性的基于属性数字签名协议的密码学原型。通过将Boneh-Boyen签名算法有机嵌入到用户私钥中,实现白盒可追踪性。分析结果表明,该方案具有可证明安全的不可伪造性和完美隐私性,其时间复杂度与目前最优的可追踪属性签名方案仅相差一个常数。     

一种基于电子代金券E-Token的电子支付协议

将电子代金券的思想引入基于帐号的支付协议中,采用混合加密体制和数字签名技术,提出了一种新的电子支付协议.协议模拟现金代金券的模式,在保证安全性的基础上实现了代金券的可验证性、可传递性、原子性和匿名性,降低了电子商务交易的瓶颈,简化了交易过程.     

基于椭圆曲线的离线公平可分电子现金系统

基于椭圆曲线离散对数问题和Brands的受限盲签名技术,提出了一个基于椭圆曲线的离线公平可分电子现金多统.系统具有匿名性,能有效保护消费者的隐私,在必要时可撤销匿名性以打击犯罪,交易过程的公平性通过引入可信第三方实现,防止交易中的某一方受到欺诈,但可信任的第三方只在注册阶段和出现争议时才在线.引入可兑币实现电子现金的可分性,可用于多次精确支竹.该电子现金还具有防止超额支付,重复花费的特点.分析表明,方案是安全的、高效的.     

用VB实现软件包的有效注册方案

本文介绍了一种用VB实现用户注册，防止非法用户的任意复制使用以及合法用户可在不同的多台计算机上使用的方法，方法如下：每次安装新系统或移植旧系统时要求注册，系统产生不同的九位随机数，通过一定的算法进行加密，得到注册码，用户无法避开注册环节，只有合法用户才能取得注册码，完成注册从而使用系统。     

基于可信第三方的可撤销匿名性的公平可分电子现金系统

第一次提出了一个实用的基于可信第三方的可分离线电子现金系统,该系统具有匿名性,以保护消费者的隐私;其匿名性是可撤销的,在必要的时候可以打击犯罪,以得到政府的使用许可;支付过程是公平的,防止某一交易方在交易中蒙受损失;电子现金是可分的,可以像现实货币一样按需要精确分割,用于精确支付。借鉴转换数字签名的思想,引入可信任的第三方,实现了交易过程的公平性和在必要时撤销匿名性,但只有在注册阶段、产生争议及撤销匿名性的时候才会涉及可信任的第三方。这种电子现金当然还可杜绝重复花费、防止超额支付及防伪。在支付协议中,该系     

基于扩展混沌映射的远程医疗信息系统认证方案

针对远程医疗信息系统（TMIS）的实时应用场景,提出了一种安全高效的基于扩展混沌映射的切比雪夫多服务器认证协议。该方案使用随机数和注册中心的私钥为用户/应用服务器的身份加密,有效地支持用户和应用服务器的撤销和重新注册。同时,还利用“模糊验证因子”技术避免离线密码猜测攻击,利用“honeywords”技术有效避免在线密码猜测攻击。该方案在公共信道上传输的与用户身份相关的信息均使用随机数或随机数的计算结果进行加密,因此可以为用户提供强匿名性。通过BAN逻辑证明该协议可以实现用户和服务器的安全相互认证;同时,使用非正式安全证明该协议可以抵抗多种已知攻击。     

一种基于椭圆曲线公平的离线电子支付方案

提出一种基于椭圆曲线的离线电子支付方案, 对S.Brands提出的利用Smart卡的电子支付系统进行了改进,提出了一种可撤销用户匿名性的支付系统。它能有效地保护用户的隐私,又能在银行的协助下,一个可信第三方(委托人)可撤销用户的匿名性,因此可有效地防止钱的伪造、贪污、洗黑钱和敲诈勒索等犯罪活动。由于该方案基于椭圆曲线离散对数加密体制,使其更适于Smart卡和具有更高的加密强度。     

一种新型的匿名公平电子商务协议*

针对电子商务中客户、商家和第三方的信任问题,在Brands离线电子货币方案基础上,借鉴盲解密思想,设计了一种简单、有效的匿名公平电子商务协议。协议引入了一个离线半可信第三方,以保证交易双方公平交换。但交易过程中,STTP得不到任何对交易双方有价值的信息。该协议通过客户和商家签发CEM证书,将订单、商品和支付证据紧密绑定在一起,使交易双方不可否认。分析和实验表明,该协议满足安全性、客户匿名性、可追究性、公平性和原子性,并具有很高效率,对大数据商品的交易也具有很好的适用性。     

一种改进的基于OpenID机制的网络实名制方案设计

越来越多不规范的网络行为给互联网的监管带来前所未有的挑战,网络行为的匿名性需求与网络监管的可追踪性需求形成了越来越明显的矛盾.为了解决对网络用户进行有效监管的问题,设计一种改进的基于OpenID机制的用户网络实名制方案,实现了分布式模式下用户发帖行为的监控,通过由Gateway Proxy执行认证功能,提高了系统的整体安全性能.基于证书机制,构造了Web Server与Gateway Proxy之间的认证交互流程,避免了OpenID规范中Web Server站点与OpenID服务器之间的中间人攻击和注册服务器欺骗攻击.通过本机制,保障了用户访问Internet的匿名性和可追溯性,实现了对网络中用户发帖行为可控,发帖事件可查的管理目标,对网络实名制的构建具有较大参考价值.     

基于ASP＋Access编程实现Serv-U用户帐号的远程管理

本文通过对Serv—U用户帐号配置文件及用户密码加密原理作了深入分析研究，使用ASP＋Access编程将完整的Serv—U数据项存储于Access数据库，建立Access ODBC与Serv—U的连接，实现了远程在线注册用户帐号、修改密码、主目录创建、空间分配、权限设置等功能。     

Call for Papers The 6^th International Conference on Grid and Cooperative Computing

Recent years have seen rapid advances in various grid-related technologies, middleware, and applications. The GCC conference has become one of the largest scientific events worldwide in grid and cooperative computing. The 6th international conference on grid and cooperative computing (GCC2007) Sponsored by China Computer Federation (CCF),Institute of Computing Technology, Chinese Academy of Sciences (ICT) and Xinjiang University ,and in Cooperation with IEEE Computer Soceity ,is to be held from August 16 to 18, 2007 in Urumchi, Xinjiang, China.     

煤矿井下安全监控分站的设计及其仿真实现

为了设计一种具有低成本、低功耗、易操作、功能强且可靠性高的煤矿井下安全分站,针对煤矿安全生产实际,文章提出了采用MCS-51系列单片机为核心、具有CAN总线通信接口的煤矿井下安全监控分站的设计方案;首先给出煤矿井下安全监控分站的整体构架设计,然后着重阐述模拟量输入信号处理系统的设计过程,最后说明单片机最小系统及其键盘、显示、报警、通信等各个组成部分的设计;为验证设计方案的可行性与有效性,使用Proteus软件对设计内容进行仿真验证,设计的煤矿井下安全监控分站具有瓦斯、温度等模拟量参数超标报警功能和电机开停、风门开闭等开关量指示功能;仿真结果表明:设计的煤矿井下安全监控分站具有一定的实际应用价值.     

法律信息库系统

本文分析了法律数据库的结构和特点，介绍了采用面向对象设计方法和超文本数据库技术开发和实现法律信息库系统将作为重要网络资源之一为不同用户进行法律咨询服务。     

View-based model-driven architecture for enhancing maintainability of data access services

In modern service-oriented architectures, database access is done by a special type of services, the so-called data access services (DAS). Though, particularly in data-intensive applications, using and developing DAS are very common today, the link between the DAS and their implementation, e.g. a layer of data access objects (DAOs) encapsulating the database queries, still is not sufficiently elaborated, yet. As a result, as the number of DAS grows, finding the desired DAS for reuse and/or associated documentation can become an impossible task. In this paper we focus on bridging this gap between the DAS and their implementation by presenting a view-based, model-driven data access architecture (VMDA) managing models of the DAS, DAOs and database queries in a queryable manner. Our models support tailored views of different stakeholders and are scalable with all types of DAS implementations. In this paper we show that our view-based and model driven architecture approach can enhance software development productivity and maintainability by improving DAS documentation. Moreover, our VMDA opens a wide range of applications such as evaluating DAS usage for DAS performance optimization. Furthermore, we provide tool support and illustrate the applicability of our VMDA in a large-scale case study. Finally, we quantitatively prove that our approach performs with acceptable response times.     

International Journal of Automation and Computing Table of Contents

正~~     

Information for authors

正SCIENCE CHINA Information Sciences(Sci China Inf Sci),cosponsored by the Chinese Academy of Sciences and the National Natural Science Foundation of China,and published by Science China Press,is committed to publishing highquality,original results of both basic and applied research in all areas of information sciences,including computer science and technology;systems science,control science and engineering(published in Issues with odd numbers);information and communication engineering;electronic science and technology(published in Issues with even numbers).Sci China Inf Sci is published monthly in both print and electronic forms.It is indexed by Academic OneFile,Astrophysics Data System(ADS),CSA,Cabells,Current Contents/Engineering,Computing and Technology,DBLP,Digital Mathematics Registry,Earthquake Engineering Abstracts,Engineering Index,Engineered Materials Abstracts,Gale,Google,INSPEC,Journal Citation Reports/Science Edition,Mathematical Reviews,OCLC,ProQuest,SCOPUS,Science Citation Index Expanded,Summon by Serial Solutions,VINITI,Zentralblatt MATH.     

Erratum to: Fast global kernel fuzzy c-means clustering algorithm for consonant/vowel segmentation of speech signal

正Erratum to:J Zhejiang Univ-Sci C(ComputElectron)2014 15(7):551-563doi:10.1631/jzus.C1300320The original version of this article unfortunately contained mistakes.Algorithm 6 should be as follows:Algorithm 6 FGKFCM-F clustering Input:(1)X={x_1,x_2,…,x_N},,x_iR~d,i=1,2,…,N,the dataset;(2)C,1C≤N,the number of clusters;(3)ε0,the stopping criterion;     

Journal of Zhejiang University-SCIENCE C (Computers & Electronics) Total contents

正~~     

A pragmatic multi-method investigation of discrepant technological events: Coping,attributions, and ‘accidental’ learning

Discrepant technological events or situations that entail a problem, a misunderstanding or a difficulty with the Information Technology (IT) being employed, are common in the workplace, and can lead to frustration and avoidance behaviors. Little is known, however, about how individuals cope with these events. This paper examines these events by using a multi-method pragmatic approach informed by coping theory. The results of two studies – a critical incident study and an experiment – serve to build and test, respectively, a theoretical model that posits that individuals use a variety of strategies when dealing with these events: they experience negative emotions, make external attributions, and adopt engagement coping strategies directed at solving the event, eventually switching to a disengagement coping strategy when they feel they have no control over the situation. Furthermore, users’ efforts may result in ‘accidental’ learning as they try to overcome the discrepant IT events through engagement coping. The paper ends with a discussion of the results in light of existing literature, future opportunities for research, and implications for practice.