The Office Demon: Minos

Office documents (Microsoft Office and LibreOffice) has become a standard for transmitting information. They are used daily by many users. It should however be remembered that this type of documents are much more than inert files. They may contain an executable part who is called macro. Macros are present since the creation of these Office suites to automate some actions. It is possible to divert the initial use of macros to make it a true infection vector of systems. Since 2007 and the case of the attack on the German chancellery, the number of attacks via this type of documents continues to grow. The ability to access high-level programming languages and interact with the target system, greatly increases the risk of attacks. Changing the security of these Office suites is easy, leaving the door open for malicious attacks without the user noticing. In this paper, we present one tool that is a proof of concept. It is intended for the prevention of the user. It aims to give demonstrations of risks associated with Office documents. It is able to change the security of Office suites and infect documents directly with a macro. It also includes a USB mode of infection, to retrieve all documents from a USB stick and then infect all Office documents. It is possible with Minos, to control and modify the security of versions 2003, 2007 and 2010 of Microsoft Office and versions 3.4 and 3.5 of LibreOffice. Similarly it is possible to infect documents Word, Excel, Powerpoint of Microsoft Office and their counterparts in LibreOffice. If a file already contains macros, you can either delete the macro and replace it by your macro or include your macro next to the other macros. The data presented in this report are technical and operational. We have worked in environments with restricted rights showing that it is possible to make powerful attacks by infecting Office documents.     

Access应用系统开发研究

Microsoft Access是一款出色的数据库管理工具和最佳的桌面数据库开发系统,本文从MS Office组件适用场合、数据库设计、界面与报表设计、VBA与宏的使用、安全性方面以及多用户应用系统开发策略等方面,论述了在进行Access应用系统实现过程中如何最大程度地发挥Access软件功能,高效地开发Access应用系统。     

A modified exhaustive search on a password system using SHA-1

In this paper, we show a method of exhaustive search on a password system that uses SHA-1 iteratively. Our method uses both the technique shown in Steube [16] and a technique for computing repetitions of SHA-1. Combining these two techniques reduces the total number of operations. We also show how to apply our method to MS Office (Microsoft Office) 2007/2010.     

将Word文档自动转换成PDF格式的编程实现

在日常工作中,人们普遍使用微软Word编辑器制作文本文档,而PDF格式文档以其平台独立性和安全性等特点备受文档管理和发布者青睐。本文介绍Word文档到PDF文档转换的手工操作方法,同时详细论述编制转换组件,建立不同应用环境下的应用程序的过程,实现MS Word格式文档向PDF格式文档的自动、批量转换。     

A hybrid class- and prototype-based object model to support language-neutral structural intercession

ContextDynamic languages have turned out to be suitable for developing specific applications where runtime adaptability is an important issue. Although .Net and Java platforms have gradually incorporated features to improve their support of dynamic languages, they do not provide intercession for every object or class. This limitation is mainly caused by the rigid class-based object model these platforms implement, in contrast to the flexible prototype-based model used by most dynamic languages.ObjectiveOur approach is to provide intercession for any object or class by defining a hybrid class- and prototype-based object model that efficiently incorporates structural intercession into the object model implemented by the widespread .Net and Java platforms.MethodIn a previous work, we developed and evaluated an extension of a shared-source implementation of the .Net platform. In this work, we define the formal semantics of the proposed reflective model, and modify the existing implementation to include the hybrid model. Finally, we assess its runtime performance and memory consumption, comparing it to existing approaches.ResultsOur platform shows a competitive runtime performance compared to 9 widespread systems. On average, it performs 73% and 61% better than the second fastest system for short- and long-running applications, respectively. Besides, it is the JIT-compiler approach that consumes less average memory. The proposed approach of including a hybrid object-model into the virtual machine involves a 444% performance improvement (and 65% less memory consumption) compared to the existing alternative of creating an extra software layer (the DLR). When none of the new features are used, our platform requires 12% more execution time and 13% more memory than the original .Net implementation.ConclusionOur proposed hybrid class- and prototype-based object model supports structural intercession for any object or class. It can be included in existing JIT-compiler class-based platforms to support common dynamic languages, providing competitive runtime performance and low memory consumption.     

Development of Secure XML Data Warehouses with QVT

ContextData warehouses are systems which integrate heterogeneous sources to support the decision making process. Data from the Web is becoming increasingly more important as sources for these systems, which has motivated the extensive use of XML to facilitate data and metadata interchange among heterogeneous data sources from the Web and the data warehouse. However, the business information that data warehouses manage is highly sensitive and must, therefore, be carefully protected. Security is thus a key issue in the design of data warehouses, regardless of the implementation technology. It is important to note that the idiosyncrasy of the unstructured and semi-structured data requires particular security rules that have been specifically tailored to these systems in order to permit their particularities to be captured correctly. Unfortunately, although security issues have been considered in the development of traditional data warehouses, current research lacks approaches with which to consider security when the target platform is based on XML technology.ObjectiveWe shall focus on defining transformations to obtain a secure XML Schema from the conceptual multidimensional model of a data warehouse.MethodWe have first defined the rationale behind the transformation rules and how they have been developed in natural language, and we have then established them clearly and formally by using the QVT language. Finally, in order to validate our proposal we have carried out a case study.ResultsWe have proposed an approach for the model driven development of Secure XML Data Warehouses, defining a set of QVT transformation rules.ConclusionThe main benefit of our proposal is that it is possible to model security requirements together with the conceptual model of the data warehouse during the early stages of a project, and automatically obtain the corresponding implementation for XML.     

基于Azure的云安全研究

随着云计算的进一步推进和发展,云计算面临的安全问题变得越来越突出,特别是在云计算带来的诸多利益下,如何满足用户在云计算环境下对用户数据的机密性、完整性等相关性能的需求,已成为云计算安全的首要难题。文中以微软Azure平台为基础,从云安全分析人手,针对WindowsAzure云安全进行分析研究。在Azure架构下,探讨Azure云安全解决方案,分别从IaaS、PaaS、SaaS三个角度对微软Azure云平台安全方案给出应对措施,为进一步对微软Azure云平台进行更深层次的测评分析提供技术支持。     

引用Microsoft Word 对象的技术及实现

介绍了Microsoft Word对象模型，以及在VB应用程序中如何引用构成Word的对象，通过运用Office提供的对象、功能和服务，进行“电子备课系统”的开发。     

基于C#快速生成word报告

在进行信息系统的开发过程中,在word文档中特定位置填入从数据库中读取的数据资料来自动生成word文档报告,已成为办公自动化系统的重要组成部分。分析了传统word对象模型生成海量表格数据速度慢的弊端,结合微软Office Word2003对XML的支持特性,通过Word文档和XML文档的相互转换,提出利用StringTemplate将DataTable的数据转换成特定格式的xml字符串,实现海量表格数据的快速导出。     

融合背景权重直方图的目标跟踪

目的 考虑到融合校正背景权重直方图(CBWH)的Mean Shift(MS)目标跟踪算法只有CBWH更新而缺少目标模板更新,以及在目标遮挡时鲁棒性欠佳的不足.方法 结合卡尔曼滤波器(KF)在目标状态预测和参数更新方面的可靠性,将两层KF框架融入融合CBWH的MS.第1层KF框架为目标位置预测层,通过KF噪声与巴氏系数之间的关系,实现跟踪结果的自适应调整,减少遮挡对跟踪结果的影响;第2层KF框架为目标模板更新层,通过KF对目标模板中的每个非零元素进行滤波,实现目标模板与CBWH的同步更新,减少目标特征变化对跟踪结果的影响.结果 在背景干扰、遮挡以及特征变化等条件下进行实验,得到本文算法、融合CBWH的MS和传统MS的平均跟踪误差分别为5.43、19.2和51.43,显示本文算法的跟踪精度最高.同时本文算法也具有良好的实时性.结论 本文算法在融合CBWH的MS基础上,加入两层KF框架,解决了原算法缺少目标模板更新和在目标遮挡时鲁棒性欠佳的不足,最后实验验证了本文算法的有效性.     

Windows 2000 security: A postmortem analysis

Introduction

After initially releasing Windows 2000 (W2K) in February 2000, Microsoft touted it as a secure operating system, one that was far improved over its predecessor, Windows NT(WNT). Yet even before Microsoft released W2K the software giant announced that it would release Service Pack 1 (SP1) for this operating system. The information security community immediately wondered whether the claims about the much improved security in W2K were true; many events and findings since then have reinforced this doubt. After a reign of three years as Microsoft's flagship operating system, last year Microsoft rolled out its newest server operating system, Windows Server 2003 (WS2003), signaling the end of an era for the W2K operating system. Windows XP (WXP) had already supplanted W2K Professional as the newest workstation operating system several years before. This is not to say that nobody uses W2K any more—to the contrary. But as W2K continues to increasingly take a proverbial back seat to newer Microsoft operating systems, now is a good time to take a retroactive look at W2K from a security viewpoint. Was it a success from a security perspective? What were its major failings and why? This paper addresses these issues.     

用VC#编程实现语音合成

语音合成技术是一门应用十分广泛的技术,用于将给定的文本数据转换为语音信号输出.简要介绍了微软语音合成引擎(Microsoft speech synthesis engine)和微软语音对象库(Microsoft speech object library)的运行机制,探讨了在Visual C#平台上,使用微软语音合成引擎和微软语音对象库实现语音合成的编程方法,并设计了具体的示例对这种编程方法进行了演示.     

Information Security: A Defensive Battle

Abstract

Medium to large networks usually comprise different types of security components. To establish an efficient security architecture, an engineer must fully understand the major role of each security component, its comparative advantage, and natural position. Although this article does not mention every type of the existing and emerging security product, it is possible to apply the battlefield analogies to virtually every type of security solution to simplify the complicated architecture of today's data networks. The basic security platform comprises a layered approach and an efficient way to synchronize security products at different layers of the network.     

基于.NET的MS Office自动阅卷系统的功能与实现

传统Office考试的人工阅卷效率低、工作量大、易出错,通过对Microsoft Office文档的结构、内容、特点进行深入分析,利用.Net开发环境调用Office COM组件,操作Office内部文档对象,实现了MS Office自动阅卷的功能。     

使用Qt/C++编程操作Microsoft Office软件的应用

Microsoft office系列软件在日常工作中应用广泛。我单位在工程项目中大量使用Office软件进行数据处理及交换,对这些原始数据采取适当的方法分析挖掘,可以极大地缩短设计与试验周期、降低成本。由于项目产生的临时数据常以不同格式存放在各种办公软件中,且数量巨大,所以需要一个可以控制Office系列办公软件的程序来完成原始信息的收集及输出。给出了通过使用基于C++的Qt框架并结合COM、ODBC技术获取、处理数据,并输出至数据库或XML文档的实现方法。     

RC4流密码与微软Office文档安全分析

根据微软官方文档、OpenOffice文档及wvWare实现等完全公开的信息,对RC4流密码及其在微软Office系列中的实现进行分析,认为Office97-2003所默认使用的40bit加密方式较不安全,通过结合Rainbow预计算攻击方法,证实其脆弱性。通过研究,建议不使用默认的“Office97／2000兼容”40bit加密,而采用更安全的“Microsoft Enhanced Cryptographic Provider”128bit加密,或者使用压缩软件进行二次加密,从而进一步提高安全性。     

The Task-Based Interface: Not Your Father's Desktop

Two projects that have developed task-based interfaces that could revolutionize the traditional files-and-folder GUI approach to desktop computing. Mylyn, an open source model for the Eclipse platform, has impressed developers who have tested the prototype. SmartDesktop offers knowledge workers a different way to use Microsoft Office and Outlook.     

对SQL Server数据库的安全和管理策略探讨

自微软公司推出SQL Server关系数据库管理系统以来,其在越来越多的电子商务网站和企业信息平台中得以广泛使用。然而与之相关的信息安全问题也日益凸现和受到用户的密切关注。因此,为了保护SQL Server数据库避免来自各种途径的安全威胁,保障信息的安全,本文对其安全机制、安全策略和保障其安全的管理策略进行了探讨,提出了相应的解决措施和办法,以供参考。     

SOAP cleans up interoperability problems on the Web

The Simple Object Access Protocol (SOAP) simplifies information exchange across a variety of platforms because it is not tied to any specific object model. SOAP offers interoperability across a wide variety of platforms. It enables interoperability by providing a generalized specification for invoking methods on objects and components using standard hypertext transfer protocol (HTTP) calls and Extensible Markup Language (XML) data formats. SOAP is not tied to a specific object model, so a client written in Microsoft Visual Basic, for example, could use SOAP to access a method in a Common Object Request Broker Architecture (CORBA) object running on a Unix platform