首页 | 本学科首页   官方微博 | 高级检索  
相似文献
 共查询到20条相似文献,搜索用时 62 毫秒
1.
电子商务安全协议的逻辑验证   总被引:6,自引:0,他引:6  
作者在以前所做的工作中,已对电子商务安全(secure electronic transactions,简称SET)中抽取的片段进行了证明,也对SET中可能存在的问题进行了初步探讨.该文在此基础上,对SET的整个业务流程进行了严格的逻辑验证,通过形式化逻辑方法的验证,发现了SET协议中存在的一些问题,并对如何解决这些问题进行了初步的探讨.  相似文献   

2.
基于实例化空间逻辑理论,使用知识推理方法,在SPV(Security Protocol Verifier)下对完整SET证书申请协议的秘密性、认证性等安全性质进行了完全自动化证明,并对协议进行了改进.SPV调用工业级SAT求解器,能够高效验证安全协议是否满足CAPSL(Common Authentication Protocol Specification Language)协议规范及单层、多层认知规范.应用一个逻辑或工具对协议进行验证首先必须对该协议进行简化,而SET协议作为当前最复杂的工业级协议,其原始文档有上千页,因此简化过程相当困难,相关研究较少,已有的一些简化模型也不够完整.因此,文章针对SET证书申请协议,给出了比以往更贴近原协议的简化模型,并详细阐述了该模型在SPV下的形式化描述及验证过程、验证结果,分析了由于协议不满足某些认知规范所带来的安全隐患,从而对协议进行改进,最后证明了改进后协议的有效性.该工作也充分说明了SPV足以处理复杂的工业级协议.  相似文献   

3.
安全协议本质上是分布式并发程序,可以描述为多个子进程的并发合成系统.将安全协议对应的并发合成系统抽象为一组逻辑规则,能够对安全协议无穷会话的交叠运行进行验证.本文首先给出了将安全协议基于进程代数的形式描述转化成为一组逻辑规则的方法,并提出了基于逻辑规则分类的高效逻辑程序消解算法,对安全协议认证性和保密性进行验证.  相似文献   

4.
通过对原SET(Secure Electronic Transaction)协议的安全标准进行分析,指出SET协议在网上支付应用中存在的流程问题和密码技术的安全隐患.针对这些缺陷和不足,给出了SET协议的改进方案,改进后的SET协议通过引进第三方支付平台和增加的加密对整个数据传输的过程进行了重组,同时,增加的部分环节的加密技术改进了数据传输过程中的部分消息源认证问题.  相似文献   

5.
作为电子商务的重要组成部分,基于Internet的电子交易受到了广泛的关注。SET交易过程十分复杂,在完成一次SET协议交易过程中,需验证电子证书9次,验证数字签名6次,传递证书7次,进行签名5次,4次对称加密和非对称加密。本文选取SET协议的核心部分:购买请求、支付认证和获得付款3个子协议过程作为研究分析对象,针对不同数额的交易进行分级,针对小额的交易过程进行协议的优化,对SET进行SPIN模型检测,并根据分析模拟与验证的结果对SET进行改进。  相似文献   

6.
SET协议分析及改进的方案   总被引:3,自引:0,他引:3  
SET(SecureElectronicTransaction,安全电子交易协议)是由Visa和MasterCard公司于1997年5月联合开发的在互联网上进行在线交易时保证信用卡支付安全的一个开放协议。文章对该协议进行分析,指出了SET协议存在的不足,并且在此基础之上对原有的协议流程进行了改进,使SET协议在提高机密性、完整性、不可否认性的同时实现交易的公平性原则。  相似文献   

7.
吴国栋  李旸 《微机发展》2007,17(5):111-113
电子支付的安全性是电子商务的核心与瓶颈,直接关系到网上电子商务活动能否顺利进行.在对安全电子支付协议(SET)进行分析的基础上,提出了利用多证书与多数字签名对SET协议在实际应用中进一步完善的方法,对提高网上电子交易的安全性具有一定意义.  相似文献   

8.
SPVT:一个有效的安全协议验证工具   总被引:12,自引:0,他引:12  
描述了基于Objective Caml开发的一个安全协议验证工具SPVT(security protocol verifying tool).在SPVT中,以扩展附加项的类(演算作为安全协议描述语言,以扩展附加项的Horn逻辑规则描述协议攻击者的Dolev-Yao模型,通过一组抽象规则将安全协议的类(演算模型转换为逻辑程序模型,基于安全协议逻辑程序的不动点计算验证安全性质,从安全协议逻辑程序的不动点计算和安全性质的验证过程中构造不满足安全性质的安全协议反例.以简化的Needham-Schroeder公钥认证协议为例,描述了使用SPVT自动验证安全协议的过程,表明了SPVT用于安全协议验证的有效性.  相似文献   

9.
针对安全协议一阶逻辑模型不能够给出易于理解的攻击序列的问题,对安全协议一阶逻辑模型进行扩展,对逻辑推理中的规则及合一化操作进行分类,给出操作置换规则,在此基础上开发能对攻击进行重构的协议验证原型系统。通过具体的应用例子对其秘密性进行形式化验证,结果表明系统能给出易于理解的攻击序列。  相似文献   

10.
安全电子交易SET(Secure Electronic Transaction)协议通过制定标准和采用各种加密算法和身份认证来解决阻碍电子商务发展的许多安全问题.首先对SET协议注册阶段和购买阶段过程进行抽象,给出其形式化模型及模型描述.发现由于SET本身的缺陷可能导致的入侵者的攻击,以及该攻击对购买阶段中商家和持卡人造成的安全威胁,对协议的改进提供了有益的参考.  相似文献   

11.
Abstract This paper describes an approach to the design of interactive multimedia materials being developed in a European Community project. The developmental process is seen as a dialogue between technologists and teachers. This dialogue is often problematic because of the differences in training, experience and culture between them. Conditions needed for fruitful dialogue are described and the generic model for learning design used in the project is explained.  相似文献   

12.
European Community policy and the market   总被引:1,自引:0,他引:1  
Abstract This paper starts with some reflections on the policy considerations and priorities which are shaping European Commission (EC) research programmes. Then it attempts to position the current projects which seek to capitalise on information and communications technologies for learning in relation to these priorities and the apparent realities of the marketplace. It concludes that while there are grounds to be optimistic about the contribution EC programmes can make to the efficiency and standard of education and training, they are still too technology driven.  相似文献   

13.
融合集成方法已经广泛应用在模式识别领域,然而一些基分类器实时性能稳定性较差,导致多分类器融合性能差,针对上述问题本文提出了一种新的基于多分类器的子融合集成分类器系统。该方法考虑在度量层融合层次之上通过对各类基多分类器进行动态选择,票数最多的类别作为融合系统中对特征向量识别的类别,构成一种新的自适应子融合集成分类器方法。实验表明,该方法比传统的分类器以及分类融合方法识别准确率明显更高,具有更好的鲁棒性。  相似文献   

14.
Development of software intensive systems (systems) in practice involves a series of self-contained phases for the lifecycle of a system. Semantic and temporal gaps, which occur among phases and among developer disciplines within and across phases, hinder the ongoing development of a system because of the interdependencies among phases and among disciplines. Such gaps are magnified among systems that are developed at different times by different development teams, which may limit reuse of artifacts of systems development and interoperability among the systems. This article discusses such gaps and a systems development process for avoiding them.  相似文献   

15.
This paper presents control charts models and the necessary simulation software for the location of economic values of the control parameters. The simulation program is written in FORTRAN, requires only 10K of main storage, and can run on most mini and micro computers. Two models are presented - one describes the process when it is operating at full capacity and the other when the process is operating under capacity. The models allow the product quality to deteriorate to a further level before an existing out-of-control state is detected, and they can also be used in situations where no prior knowledge exists of the out-of-control causes and the resulting proportion defectives.  相似文献   

16.
Going through a few examples of robot artists who are recognized worldwide, we try to analyze the deepest meaning of what is called “robot art” and the related art field definition. We also try to highlight its well-marked borders, such as kinetic sculptures, kinetic art, cyber art, and cyberpunk. A brief excursion into the importance of the context, the message, and its semiotics is also provided, case by case, together with a few hints on the history of this discipline in the light of an artistic perspective. Therefore, the aim of this article is to try to summarize the main characteristics that might classify robot art as a unique and innovative discipline, and to track down some of the principles by which a robotic artifact can or cannot be considered an art piece in terms of social, cultural, and strictly artistic interest. This work was presented in part at the 13th International Symposium on Artificial Life and Robotics, Oita, Japan, January 31–February 2, 2008  相似文献   

17.
《计算机科学》2007,34(4):148-148
Recent years have seen rapid advances in various grid-related technologies, middleware, and applications. The GCC conference has become one of the largest scientific events worldwide in grid and cooperative computing. The 6th international conference on grid and cooperative computing (GCC2007) Sponsored by China Computer Federation (CCF),Institute of Computing Technology, Chinese Academy of Sciences (ICT) and Xinjiang University ,and in Cooperation with IEEE Computer Soceity ,is to be held from August 16 to 18, 2007 in Urumchi, Xinjiang, China.  相似文献   

18.
为了设计一种具有低成本、低功耗、易操作、功能强且可靠性高的煤矿井下安全分站,针对煤矿安全生产实际,文章提出了采用MCS-51系列单片机为核心、具有CAN总线通信接口的煤矿井下安全监控分站的设计方案;首先给出煤矿井下安全监控分站的整体构架设计,然后着重阐述模拟量输入信号处理系统的设计过程,最后说明单片机最小系统及其键盘、显示、报警、通信等各个组成部分的设计;为验证设计方案的可行性与有效性,使用Proteus软件对设计内容进行仿真验证,设计的煤矿井下安全监控分站具有瓦斯、温度等模拟量参数超标报警功能和电机开停、风门开闭等开关量指示功能;仿真结果表明:设计的煤矿井下安全监控分站具有一定的实际应用价值.  相似文献   

19.
蒙古语言是中国蒙古族使用的通用语言,由于蒙古文区别于其他文字的书写方式和其自身变形机制等特点,在很多通用的文字处理引擎中都不被支持。在嵌入式产品开发与应用领域中Linux加QTE已经成为流行方式。该文给出了一种在QTE环境上实现基于标准Unicode的蒙古文点阵显示和变形算法, 并自定义了支持蒙古文的QTE组件,扩展了QTE功能,为在Linux加QTE方式的嵌入式体系结构中处理蒙古文提供了一种解决方法。  相似文献   

20.
Although there are many arguments that logic is an appropriate tool for artificial intelligence, there has been a perceived problem with the monotonicity of classical logic. This paper elaborates on the idea that reasoning should be viewed as theory formation where logic tells us the consequences of our assumptions. The two activities of predicting what is expected to be true and explaining observations are considered in a simple theory formation framework. Properties of each activity are discussed, along with a number of proposals as to what should be predicted or accepted as reasonable explanations. An architecture is proposed to combine explanation and prediction into one coherent framework. Algorithms used to implement the system as well as examples from a running implementation are given.  相似文献   

设为首页 | 免责声明 | 关于勤云 | 加入收藏

Copyright©北京勤云科技发展有限公司  京ICP备09084417号