使能未来工厂的5G能力综述

5G系统将移动通信服务从移动电话、移动宽带和大规模机器通信扩展到新的应用领域，即所谓对通信服务有特殊要求的垂直领域。对使能未来工厂的5G能力进行了全面的分析总结，包括弹性网络架构、灵活频谱、超可靠低时延通信、时间敏感网络、安全和定位，而弹性网络架构又包括对网络切片、非公共网络、5G局域网和边缘计算的支持。希望从广度到深度，对相关的理论及技术应用做透彻、全面的梳理，对其挑战做清晰的总结，从而为相关研究和工程技术人员提供借鉴。     

基于概率法的电力系统安全分析

为应对电力系统安全分析中的停机问题，基于概率法的方式，将常用的确定停机计算与加入了概率法的概率停机进行比较，研究了二者的区别与其在长期投资方向的不同。在进行电力系统停机分析时，通常会分别从确定停机与概率停机的角度出发，对其应急状态下的潮流进行计算。但前者的方法可能导致极低概率的停机事件被忽略，进而影响长期的资金投资。通过加入概率法的计算，使得对单个停机事件的判定由其具体的频率来确定，增加了系统运行的稳定性。     

Understanding the asymmetric perceptions of smartphone security from security feature perspective: A comparative study

Smartphones are being used and relied on by people more than ever before. The open connectivity brings with it great convenience and leads to a variety of risks that cannot be overlooked. Smartphone vendors, security policy designers, and security application providers have put a variety of practical efforts to secure smartphones, and researchers have conducted extensive research on threat sources, security techniques, and user security behaviors. Regrettably, smartphone users do not pay enough attention to mobile security, making many efforts futile. This study identifies this gap between technology affordance and user requirements, and attempts to investigate the asymmetric perceptions toward security features between developers and users, between users and users, as well as between different security features. These asymmetric perceptions include perceptions of quality, perceptions of importance, and perceptions of satisfaction. After scoping the range of smartphone security features, this study conducts an improved Kano-based method and exhaustively analyzes the 245 collected samples using correspondence analysis and importance satisfaction analysis. The 14 security features of the smartphone are divided into four Kano quality types and the perceived quality differences between developers and users are compared. Correspondence analysis is utilized to capture the relationship between the perceived importance of security features across different groups of respondents, and results of importance-satisfaction analysis provide the basis for the developmental path and resource reallocation strategy of security features. This article offers new insights for researchers as well as practitioners of smartphone security.     

Secure lightweight password authenticated key exchange for heterogeneous wireless sensor networks

Several three-party password authenticated key exchange (3-PAKE) protocols have recently been proposed for heterogeneous wireless sensor networks (HWSN). These are efficient and designed to address security concerns in ad-hoc sensor network applications for a global Internet of Things framework, where a user may request access to sensitive information collected by resource-constrained sensors in clusters managed by gateway nodes. In this paper we first analyze three recently proposed 3-PAKE protocols and discuss their vulnerabilities. Then, based on Radio Frequency Identification technologies we propose a novel 3-PAKE protocol for HWSN applications, with two extensions for additional security features, that is provably secure, efficient and flexible.     

基于密钥共享的分层混合认证模型

随着信息时代的迅速发展,云计算数据访问安全已经成为了用户最关心的问题。身份认证技术是确保参与者在开放的网络环境中实现安全通信的一种重要手段,如何利用身份认证技术为云环境安全保驾护航,成为学者研究的热点。文中通过公钥基础设施(Public Key Infrastructure,PKI)颁发CA证书以在不同云服务间建立信任,将多个采用身份密码体制(Identity-Based Encryption,IBE)的云联合起来；采用分层身份加密体系,引入共享密钥技术,通过选取成环结构,提出一种PKI-IBE混合认证模型方案,并对方案的安全性进行分析,从理论上证明了云环境下PKI-IBE(Public Key Infrastructure-Identity-Based Encryption)同层成环模型提供服务的可行性。同时文中设计了一种基于该模型的签密技术,通过公私密钥对实现云内认证以及跨云认证。安全性理论证明与性能分析表明,该方案在计算量稍增加的前提下,保证了足够的安全性,更加满足云环境下的用户分属不同云域的认证以及用户安全访问的需求,有效解决了云环境中数据访问的安全问题。     

Low complexity quantum private queries protocol

Private information retrieval(PIR) is an important privacy protection issue of secure multi-party computation, but the PIR protocols based on classical cryptography are vulnerable because of new technologies,such as quantum computing and cloud computing. The quantum private queries(QPQ) protocols available, however, has a high complexity and is inefficient in the face of large database. This paper, based on the QKD technology which is mature now, proposes a novel QPQ protocol utilizing the key dilution and auxiliary parameter. Only N quits are required to be sent in the quantum channel to generate the raw key, then the straight k bits in the raw key are added bitwise to dilute the raw key, and a final key is consequently obtained to encrypt the database. By flexible adjusting of auxiliary parameters θ and k, privacy is secured and the query success ratio is improved. Feasibility and performance analyses indicate that the protocol has a high success ratio in first-trial query and is easy to implement, and that the communication complexity of O(N) is achieved.     

电信运营商信息安全管控架构及集中策略研究

本文对运营商信息安全集中管控架构演进和信息安全管控策略面临的问题进行了深入分析，提出了信息安全集中管控架构的演进方向建议及对信息安全监控策略工作优化的若干意见。     

新发展阶段中国水资源安全保障战略对策

进入新发展阶段，中国水资源安全保障需要以“节水优先、空间均衡、系统治理、两手发力”治水思路为指导，厘清问题、研判趋势、优化对策，支撑新阶段水利高质量发展。本文在全面分析我国水资源安全保障存在的突出问题与面临形势基础上，阐述了新发展阶段中国水资源安全保障的基本思路与战略路径，从保证资源安全、构建国家水网、强化供水保障、建设美丽河湖、改善水环境质量等方面提出了战略对策和需要进一步回答的重大问题，以期为完善新发展阶段中国水资源安全保障战略，全面提高国家水资源安全保障能力提供有力支撑。     

基于区块链技术的公益时间银行系统

在现有的时间银行系统中，时间币的发行功能和结算功能完全集中到一个中心节点上。这种极度中心化的功能结构，不仅存在容易发生中心节点单点失效、数据容易被篡改等信息安全问题，还存在着时间币的发行和流通缺乏透明度以及时间币的结算依赖中心化的结算机构等问题。针对这些问题，提出了一种基于区块链技术的解决方法。首先，将时间币的发行功能和结算功能从中心节点上分离出来；然后，利用具有分布式去中心化、集体维护和不可篡改等特性的区块链技术，将分离出来的发行功能逐步去中心化，将分离出来的结算功能去中心化，形成公益时间链（PWTB）；最终，PWTB利用区块链技术以去中心化的方式将时间银行系统由单个节点维护账本变成由集体维护一个分布式的共享账本，使时间币的发行和流通公开透明，时间币的结算不依赖某个中心化的节点。安全分析表明所设计的PWTB能够实现安全的信息传输与存储，以及数据的共享。     

网络安全威胁因素及其常见网络安全技术分析

社会经济的快速发展促进了科学技术水平的显著提升，社会生产生活各个领域当中对计算机网络的应用程度不断提升，当前，网络已经成为了人们日常生活与工作的重要组成部分。为此，加强对网络安全等因素影响研究就显得格外重要。网络环境关系着用户的使用质量，更加影响人们的工作效率，加强对网络安全技术的研究时解决相关问题的核心内容。本文针对网络安全威胁因素以及常见的网络安全技术进行了简要分析。