一种改进的基于循环块相关的脆弱水印认证算法

针对一种基于循环块相关的脆弱水印认证算法不能有效抵抗伪认证攻击的安全缺陷,分析并提出了相应的改进算法。首先利用Logestic混沌映射生成基于图像块特征的水印信息;然后采用改进的基于循环块相关的嵌入策略,将图像块水印信息分为两部分并分别嵌入块自身和相关块的最低有效位平面（LSB）;最后对各图像块的LSB进行混沌置乱。实验结果表明,该算法不仅能很好地抵抗伪认证攻击,且具有块独立算法的篡改定位精度,能很好地实现图像认证功能。     

基于可信计算的动态组件属性认证协议

远程认证是可信计算平台的一种重要功能,二进制方法和基于属性证书的认证是其两种认证方法。属性认证能隐藏平台软件和硬件的配置信息,是静态的,不能动态验证现在正在运行的平台的实时信息。结合这两种方法的优点,提出了一种基于动态组件属性的认证协议,将二进制认证、属性认证和组件认证结合到该协议中。对协议进行了详细的说明和安全性分析,实验结果表明,该认证方法是有效的、保密的和可行的。     

GC-BES:一种新的基于嵌入集的图分类方法

已提出很多图分类方法。这些方法在挖掘频繁子图时,只考虑了子图的结构信息,没有考虑子图的嵌入信息。实际上,有些频繁子图挖掘算法在计算子图的支持度时,可以获得嵌入信息。在L-CCAM子图编码的基础上,提出了一种基于嵌入集的图分类方法。该方法采用基于类别信息的特征子图选择策略,充分利用嵌入集,在频繁子图挖掘过程中直接选择特征子图。通过实验表明,该方法是有效的、可行的。     

面向无线传感网数据认证的可逆信息隐藏方案

目前已有的用于无线传感网络数据认证的可逆信息隐藏方案存在水印信息不能完全嵌入等问题。提出了一种改进的可逆信息隐藏方案。该方案采用同步点和长度控制阈值来动态划分生成分组,并依据嵌入认证信息量及嵌入策略来确定载体分组。根据无线传感网络认证的数据类型,设计了新的数据项预测方法及预测误差扩展公式。基于预测误差扩展的可逆信息隐藏算法完成认证信息的嵌入和提取。实验结果和分析表明同已有可逆信息隐藏方案及传统认证方案相比,提出方案在水印嵌入、分组划分等方面具有更好的性能。     

Bootloader硬件保护电路设计

对当前Bootloader使用的软硬件保护方法进行研究.针对软件保护在程序运行异常时可靠性下降、传统硬件保护成本较高的情况,深入分析Bootloader实现机制和Flash擦除、烧写流程.根据数字电路逻辑设计原理,利用门级电路设计了一种新型的Bootloader硬件保护电路.与软件保护相比,在增加少量设计成本的情况下,可以极大地提高系统的安全性.与传统硬件保护相比,可以有效降低成本、提高可靠性.经验证,该电路基本可以杜绝Bootloader被误改写的缺点.     

基于直方图对的无损数据隐藏在指纹图像中的应用

指纹识别技术是最早的通过计算机实现的身份识别手段,在今天也是应用最为广泛的生物特征识别技术,但是该识别技术仅针对指纹图像本身.研究了在确保指纹图像不变的情况下隐藏信息,从而来提高识别的正确率.主要讲述了指纹图像(JPEG)的无损数据隐藏,采用的方法是直方图对,该方法的核心是构造直方图对从而嵌入信息.实验结果表明,该方法对指纹图像的纹理特征破坏小,嵌入后的图像的视觉失真也较小,图像质量较高,几乎不影响指纹图像的识别,同时可以把嵌入的信息和指纹识别结合起来从而提高身份认证的效率.     

基于数字水印与指纹识别的网络双重身份认证

本文提出了一种网络双重身份认证的新模型.该模型从数字水印和指纹识别技术相结合的角度,利用数字水印的隐藏性和指纹识别的唯一性,融入两个物理认证因素：一个是用户的ID和口令信息,另一个是用户的指纹特征信息,从而对用户进行双重身份认证,大大增强了网络身份认证的可靠性和安全性,是一种强身份认证方案.本文还阐述了基于奇异值分解的数字水印算法,通过仿真实验检验了该算法的性能;另外,还对指纹识别的过程和嵌入的水印信息量进行了分析.     

应用于JPEG XR的半脆弱数字水印技术

对JPEG XR的编解码过程、频率结构和码流结构进行分析和研究,提出一种半脆弱数字水印技术实现图像的鲁棒性认证和内容认证.提取频率模式码流的DC系数和低通系数构造基于图像的二值数字水印,置乱后嵌入到JPEG XR解码后的图像对应像素的Y分量的最低有效位中,然后再对含有水印的图像进行JPEG XR编码实现水印嵌入.对基于图像的二值信息和嵌入在图像的二值水印信息比较实现篡改定位.通过篡改定位实验及压缩、噪声、剪切等常见攻击方式实验,结果表明该半脆弱数字水印具有较好的鲁棒性和内容认证能力.     

自嵌入空域易损水印技术

提出了一种新颖的自嵌入易损水印技术用于图像的完整性认证．提出引入基于图像的不确定性来克服其他算法中存在的安全缺陷．通过结合图像特征及相机密钥来产生基于图像的密钥来实现这一目的．相机密钥的惟一性解决了密钥的管理问题．算法把图像本身的信息作为水印嵌入，认证时可直接进行而不需要其他的水印参照信息．给出了性能分析，表明当嵌入的信息量较大时可以得到较高的篡改检测概率．分析了可能的攻击方式并给出了相应的攻击概率和检测概率．实验结果表明该算法是有效的．     

基于压缩域水印的AVS视频认证*

为了提高压缩域视频水印的安全性,提出一种基于压缩域的AVS视频认证水印新算法。它从视频空间的三维特性出发,利用I帧分块能量关系、GOP结构信息、帧结构信息等构造特征码。在嵌入算法上,将特征码同时嵌入到中频DCT系数和运动矢量中,在认证端将重建特征值和提取的双水印进行比较。仿真实验结果表明,该算法具有较好的窜改认证能力。     

软件保护的分析与思考

该文在分析了以往的软件加密方法和对比研究之后,得出将软硬件结合进行软件保护的方案,于是提出了基于硬盘序列号进行软件加密保护的研究。将软硬件加密技术结合使用,硬件方面通过对比分析得出要使用硬盘序列号进行加密依据,基于计算机硬盘序列号具有唯一性特点,可以更好的实现一码一机制,并且在软件加密技术上进一步改进,使用对称加密算法与非对称加密算法结合,让软件的保护强度进一步提高。     

计算机控制系统的可靠性技术研究

计算机控制系统的可靠性是涉及到它是否能在工业市场上广泛应用的在着大量的干扰,常常导致系统不能正常工作,因此可靠性设计越来越得到人们的重视.分析了计算机控制系统中干扰的来源,并且从硬件和软件两方面给出了提高控制系统可靠性的具体对策:硬件的选择元器件、冗余技术、电源干扰的抑制、电场和磁场干扰的抑制、接地技术及通道上的抗干扰措施;软件的软件工程方法、软件固化及自诊断技术.     

基于物联网的分拣机器人故障检测系统设计

目前研究的分拣机器人故障检测系统检测准确性较低,导致检测结果误差较大、实时性较差;为此,基于物联网设计一种新的分拣机器人故障检测系统;选用滑轮式机器人载体设定分拣机器人,硬件部分采用Zigbee压力传感器采集机器人故障信息,利用XBEE模块负责数据传输,协调分拣中控机接收各个传感器采集的信息,通过STMP3550芯片实现控制器设计;通过信息标定、信息采集、特征提取、故障识别实现软件工作流程,应用非极大值最大类间方差法来筛选出最优的高低阈值解,得到连续但含有假边缘的故障信息图像边缘;将提取到的图像特征向量映射到类型空间之中,确定故障原因,完成故障识别;实验结果表明,所设计分拣机器人故障检测系统在6次检验中都准确地检测出故障原因,故障检测耗时平均值为3.27 min,能够有效提高检测准确性,加强检测结果的实时性.     

Providing secure mobile access to information servers with temporary certificates

This paper presents a solution that compatibilizes user mobility and secure access to information servers by means of X.509 certificates with a short validity period. The common approach to compatibilizing user mobility and secure access is based on removable tokens that hold cryptographic information. The use of these techniques restricts user mobility in several ways. Firstly, when specific hardware is required, it must be available in any computer the user may employ to connect from. Secondly, using software that must be added to well-known client programs means that the user must circumscribe to those hosts where the software is installed or install it on his/her own. The solution we present here does not impose any constraints on hardware and, since it is based on the thin client paradigm, software requirements are minimal. The application of X.509 certificates permits the use of (de facto) standard software for accessing the information. Furthermore, since the system uses short term certificates it does not necessitate the user eliminating any traces left behind in the client program after its use. Finally, the token (actually, a diskette) can be used with practically any computer, as it contains all the software and data needed for user authentication, and is based on a thin client written in an architecture-neutral language like Java. The requirements on the computer the user is connecting from are minimal: having a floppy drive and a Java virtual machine. An implementation of the framework described here is in use to provide authorized access to internal servers at CICA.     

Systematic reliability analysis of a class of application-specific embedded software framework

Dramatic advances in computer and communication technologies have made it economically feasible to extend the use of embedded computer systems to more and more critical applications. At the same time, these embedded computer systems are becoming more complex and distributed. As the bulk of the complex application-specific logic of these systems is realized by software, the need for certifying software systems has grown substantially. While relatively mature techniques exist for certifying hardware systems, methods of rigorously certifying software systems are still being actively researched. Possible certification methods for embedded software systems range from formal verification to statistical testing. These methods have different strengths and weaknesses and can be used to complement each other. One potentially useful approach is to decompose the specification into distinct aspects that can be independently certified using the method that is most effective for it. Even though substantial-research has been carried out to reduce the complexity of the software system through decomposition, one major hurdle is the need to certify the overall system on the basis of the aspect properties. One way to address this issue is to focus on architectures in which the aspects are relatively independent of each other. However, complex embedded systems are typically comprised of multiple architectures. We present an alternative approach based on the use of application-oriented-frameworks for implementing embedded systems. We show that it is possible to design such frameworks for embedded applications and derive expressions for determining the system reliability from the reliabilities of the framework and the aspects. The method is illustrated using a distributed multimedia collaboration system.     

计算机电磁信息泄露分层防护策略的研究

计算机系统工作时所发射的电磁波,有可能造成信息泄漏,会严重威胁到信息安全.本文首先以电磁学和天线理论为基础分析了电磁信息泄漏的机理,然后针对电磁信息泄露的过程提出了以“防辐射泄漏”、“防电磁截获”、“防电磁复现”的三层防护模型.最后从硬件防护以及软件防护两个方面,详细论述了计算机电磁信息泄露三层防护模型的具体实现手段.     

显示器电磁木马的Soft-TEMPEST技术研究

显示器电磁木马是通过控制计算机屏幕电磁辐射达到窃取信息目的的一种新型木马。当前的主流防护思想是用软件防护代替较为成熟但造价昂贵的硬件防护机制,然而目前软防护思想大多侧重于理论方法的探索,在实现机制上相对比较复杂。针对显示器电磁木马的工作特点提出了Soft-TEMPEST防护机制,设计了显示器电磁木马的ADFA（API Detection and Frequency Analysis）检测方法。该方法通过API函数序列的周期性挖掘分析,结合对屏幕像素信息的傅里叶变换及频谱分析,达到检测出木马进程的目的。测试结果表明,该方法能够成功检测出多种显示器电磁木马,而且原理简单,方便投入使用。     

计算机网络的安全防护与发展

计算机网络安全指的是计算机在交流信息和传输数据中的安全性问题,包括计算机的软件系统保护、硬件系统保护与网络信息交流运行的安全性,分析了存在的一些问题,并针对性地提出一些网络技术安全防护的策略。     

Data bases of accommodative aids for computer users with disabilities

Computers offer an almost limitless range of opportunities for persons with nearly any type and degree of disability. Standard computer configurations, however, can be difficult to access for users with disabilities. Six of the major data bases that describe adaptive computer hardware and software for users with disabilities are reviewed. The most appropriate data base to use depends not only on the type of aid desired but also on the means of access available to the individual, the frequency of use of the data base, and the price of the data base information. None of the data bases reviewed contains the detailed information needed when choosing devices compatible with the user's physical skills and task needs. Consequently, a less-than-systematic approach is currently taken when choosing accommodative aids. An integrated approach combining a capability assessment, a comprehensive needs analysis based on the tasks to be performed, a more detailed data base describing hardware and software, and usability testing is recommended for selecting the appropriate accommodative aid for computer users with disabilities.     

Computer use in Korean schools: Instruction and administration

Computer use in education is now commonly practiced and becoming increasingly important in educational endeavors. The success of school computer education depends on how schools implement computers. However, little up-to-date information is available on the use of computers in Korean schools. The purpose of this research was to investigate the present status of computer use for instruction and administration in Korean schools. To serve this purpose, a survey was conducted in December 1994. Overall, Korean schools have a relatively large amount of hardware and software due to strong governmental support. However, while the quantity of hardware and software abounds, problems exist in hardware function, software distribution, teacher training, and school policy on computer education. Data collected in these initial stages of educational computer use in Korea will be useful to guide the Ministry of Education's policy towards computer education.