An Object-Oriented Transaction Model

In object-oriented database systems(OOBSs),the traditional transaction models are no longer suitable because of the difference between the object-oriented data model(OODM)and the conventional data models(e.g.relational data model).In this paper,transction models for advanced database applications are reviewed and their shortcomings are analyzed.Exchangeability of operations is proposed instead of commuativity and recoverability for using more semantics in transaction management.As a result,an object-oriented transaction model(in short,OOTM)is presented.It is not modeled for some special application,but directly based on object-oriented paradigms.A transaction is regarded as an interpretation of a metho.Each transaction(even subtransactions)keeps relative ACID(Atomicity,Consistency,Isolation,Durability)properties,therefore the special problems appearing in OOBSs such as“long transactions”,“visibility of inconsistent database state”can be solved.     

Secure Multi-Party Computation without Agreement

It has recently been shown that authenticated Byzantine agreement, in which more than a third of the parties are corrupted, cannot be securely realized under concurrent or parallel (stateless) composition. This result puts into question any usage of authenticated Byzantine agreement in a setting where many executions take place. In particular, this is true for the whole body of work of secure multi-party protocols in the case that a third or more of the parties are corrupted. This is because these protocols strongly rely on the extensive use of a broadcast channel, which is in turn realized using authenticated Byzantine agreement. We remark that it was accepted folklore that the use of a broadcast channel (or authenticated Byzantine agreement) is actually essential for achieving meaningful secure multi-party computation whenever a third or more of the parties are corrupted. In this paper we show that this folklore is false. We present a mild relaxation of the definition of secure computation allowing abort. Our new definition captures all the central security issues of secure computation, including privacy, correctness and independence of inputs. However, the novelty of the definition is in decoupling the issue of agreement from these issues. We then show that this relaxation suffices for achieving secure computation in a point-to-point network. That is, we show that secure multi-party computation for this definition can be achieved for any number of corrupted parties and without a broadcast channel (or trusted pre-processing phase as required for running authenticated Byzantine agreement). Furthermore, this is achieved by just replacing the broadcast channel in known protocols with a very simple and efficient echo-broadcast protocol. An important corollary of our result is the ability to obtain multi-party protocols that remain secure under composition, without assuming a broadcast channel.     

隐私保护的分布式决策树分类算法的研究*

针对分布式决策树构造过程中的隐私保护问题,引入安全多方计算方法设计了可以保护隐私的分布式C4.5决策树分类算法。该算法适用于数据集垂直分布和水平分布两种情况,同时提出了一种新的隐私保护程度的度量方法。实验结果证明设计的隐私保护分布式决策树分类算法不仅很好地保护了原始数据不泄露,同时保持了较高的分类精度。     

基于安全多方计算的车载网隐私保护机制

为了解决当前车载网隐私保护机制的安全性和效率问题,基于安全多方计算理论和匿名认证协议,提出了一种新的车载网节点隐私保护方案.该方案利用线性方程组的求解理论,采用安全高效的茫然传输机制,避开了传统的计算复杂的公钥密码算法.对方案的安全性和效率分析的结果表明,新方案不仅能够解决车载网中发送者隐私、接收者隐私、匿名性、共谋攻击、重放攻击等多种安全问题,而且认证效率也得到了有效提高,在计算性能受限的物联网环境中,具有理论和应用价值.     

基于线性码上无可信第三方的多秘密共享方案

为了避免秘密共享方案中第三方的不诚实行为造成的威胁,利用Massey线性码上的秘密共享体制,提出了一个无可信第三方的多秘密共享方案。该方案的重构算法满足加法同态性,其中每个参与方既是参与者也是分发者。同时方案实现了非门限结构上的无分发者的秘密共享,适用于更广泛的存取结构。证明了方案的正确性和安全性,并通过效率分析表明该方案只需较小的存储空间。此外,基于方案中重构算法的同态性给出了一种设计安全多方计算协议的方法。     

基于多方排序协议的安全电子投票方案

与传统投票相比较, 电子投票拥有许多优势, 也存在重要的安全问题. 电子投票的全隐私性是评估投票方案安全的重要指标, 它是指对投票者的隐私保护和候选者的隐私保护, 特别是落选者的得票数的保护. 利用可验证秘密共享的思想提出了一个安全多方排序协议, 并将它运用到电子投票中, 设计了一个新的安全的电子投票协议, 本协议具有全隐私性.     

XML联合签名

首先分析了目前Web服务架构中XML多方通信业务链的典型应用,并建立了相应的研究模型.基于此模型,提出了联合签名加密技术,以解决传统签名技术在此类应用中存在的重复签名、信息关联不严格等问题.同时,分析了通过现有XML签名规范实现该技术的局限性,进而提出了新的XML联合签名实现方案.最后给出了XML联合签名的语法定义.     

基于ECC可公开验证的多方秘密共享方案

通过结合椭圆曲线密码(ECC)和可公开验证秘密共享(PVSS),提出一种新的多方秘密共享方案.该方案不需要参与者之间存在秘密通道,通信在公共信道上进行,且认证过程是非交互的,除了能够有效防止管理者和参与者欺骗以外,还能够忍受管理者攻击,具有更好的安全性、鲁棒性和高效性.     

t-Private and t-secure Auctions

In most of the auction systems the values of bids are known to the auctioneer. This allows him to manipulate the outcome of the auction. Hence, one might be interested in hiding these values. Some cryptographically secure protocols for electronic auctions have been presented in the last decade. Our work extends these protocols in several ways. On the basis of garbled circuits, i.e., encrypted circuits, we present protocols for sealed-bid auctions that fulfill the following requirements: 1) protocols are information-theoretically t-private for honest but curious parties; 2) the number of bits that can be learned by malicious adversaries is bounded by the output length of the auction; 3) the computational requirements for participating parties are very low: only random bit choices and bitwise computation of the XOR-function are necessary. Note that one can distinguish between the protocol that generates a garbled circuit for an auction and the protocol to evaluate the auction. In this paper we address both problems. We will present a t-private protocol for the construction of a garbled circuit that reaches the lower bound of 2t 1 parties, and a more randomness effcient protocol for (t 1)2 parties. Finally, we address the problem of bid changes in an auction.     

基于多数法的分布式并发控制的实现及改善

对分布式事务采用多副本并发控制的多数法,实现了一个多层分布式数据库应用系统的模型设计;引入了协调对象并使用COM＋技术,在实现分布式事务执行无阻塞、数据正确恢复的前提下,对模型进行了改善,提高了数据库模型执行的效率。