动态协作对等组中一种新的组密钥协商协议

动态协作对等组自身的特征使其安全机制面临着严峻的挑战。密钥协商机制则是构建安全的动态协作对等组的核心技术。提出了一种两方Weil对密钥协商协议(A-WGKA2),可以通过较少的步骤同时实现节点之间的密钥协商和认证。该协议具备如下性质：前向安全性;抵抗未知密钥共享;部分密钥泄露的安全性;抵抗密钥控制;抵抗使用泄露的密钥进行假冒攻击。在A-WGKA2协议的基础上,进一步提出了一个新的适用于动态协作对等组的组密钥协商协议(A-WGKAn)。该协议在具有较低的计算和通信开销的同时,实现了节点之间的相互认证,适用于动态协作对等组。     

可认证的无证书密钥协商协议

无证书公钥密码体制能有效地克服基于身份密码体制中密钥托管的限制,结合基于身份密码体制和可认证密钥协商的优点,提出了一个新的可认证无证书密钥协商协议。经过分析,该协议不仅满足一般密钥协商的安全特性,而且与已有的密钥协商相比,具有更少的对数运算。     

基于WS-Agreement的资源预留与QoS监控框架

目前还没有遵循OGSA/WSRF规范的网格服务中间件能够很好地支持基于QoS协商的网格资源管理,因此重点研究了如何设计一个执行服务级协定（SLA）的框架,能够在网格中协商资源预留和任务执行期间对所在资源的QoS监控。首先通过定义资源预留的XML Schema,使得资源请求者和提供者基于WS-Agreement能够协商包含关于资源预留的协定;然后遵循WSRF及WS-*规范设计和开发出一组Web服务用于构建一个基于WS-Agreement的资源预留与QoS监控框架（RMF）,并将其集成到Globus资源管理模型中;最后通过理论分析和模拟实验评估了RMF的综合性能。     

一种新的组密钥管理算法

在对组密钥管理算法进行全面研究的基础上,提出了一种新的用于安全组播的组密钥管理算法。本算法将集中式密钥分配算法与分布式密钥协商算法相结合,吸取了集中式密钥分配算法的可扩展性的优点,同时克服了其单点失效的问题,将密钥分配思想用于密钥协商算法中,产生了一种底层基于密钥链而上层组织为三叉密钥树的密钥分发算法。本算法可以代替密钥协商算法应用于所有成员关系对等且不存在可信第三方的组播组中,并克服了分布式密钥协商算法中的大计算延时问题,适用于成员关系变化频繁的大型组播组,具有较高的可扩展性。     

基于双线性对的可认证密钥协商协议

针对Smart等人提出的密钥协商方案存在主密钥托管单点失效安全问题,提出两个新的可认证双线性对密钥协商协议：一个通过向可信第三方获取对方注册的公钥,及实体唯一持有的私钥,实现身份认证和密钥协商;另外直接给出一个无第三方的简单密钥协商方案,先利用椭圆曲线上的数乘实现节点安全认证,再通过双线性对生成会话密钥。最后分析两个协议均满足基本的密钥协商安全属性,并给出协议性能的综合分析。     

基于MAGE多Agent服务组合系统设计

随着Web服务及相关技术的快速发展,单个Web服务往往不能实现用户的目标,这就需要对Web服务进行组合,以实现增值的服务。设计了一种基于MAGE多Agent服务组合系统,给出了系统中应该存在的各组件,并详细给出了各Agent之间的交互协议。在情景演算组合方法的基础上扩展了基于情景演算的规划agent。该系统具有良好的可扩展性和灵活性,并且不需要集中的服务注册中心。     

A post quantum secure construction of an authentication protocol for satellite communication

Satellite's communication system is used to communicate under significant distance and circumstances where the other communication systems are not comfortable. Since all the data are exchanged over a public channel, so the security of the data is an essential component for the communicating parties. Both key exchange and authentication are two cryptographic tools to establish a secure communication between two parties. Currently, various kinds of authentication protocols are available to establish a secure network, but all of them depend on number–theoretical (discrete logarithm problem/factorization assumption) hard assumptions. Due to Shor's and Grover's computing algorithm number theoretic assumptions are breakable by quantum computers. Although Kumar and Garg have proposed a quantum attack-resistant protocol for satellite communication, it cannot resist stolen smart card attack. We have analyzed that how Kumar and Garg is vulnerable to the stolen smart card attack using differential power analysis attack described in He et al and Chen and Chen. We have also analyzed the modified version of signal leakage attack and sometimes called improved signal leakage attack on Kumar and Garg's protocol. We have tried to construct a secure and efficient authentication protocol for satellites communication that is secure against quantum computing. This is more efficient as it requires only three messages of exchange. This paper includes security proof and performance of the proposed authentication and key agreement protocol.     

Scheduling with agreements: new results

In this paper, the problem of scheduling with agreements (SWA) is considered. In scheduling, this consists of a set of jobs non-preemptively on identical machines subject to constraints that only some specific jobs can be scheduled concurrently on different machines. These constraints are given by an agreement graph and the aim is to minimise the makespan. In the case of two machines we extend two NP-hardness results of SWA with processing times at most three that hold for bipartite agreement graphs to more general agreement graphs. Complexity results of SWA are established in the case of split and complement of bipartite graphs. We also present some approximation results for SWA.     

The renaming problem in shared memory systems: An introduction

Exploring the power of shared memory communication objects and models, and the limits of distributed computability are among the most exciting research areas of distributed computing. In that spirit, this paper focuses on a problem that has received considerable interest since its introduction in 1987, namely the renaming problem. It was the first non-trivial problem known to be solvable in an asynchronous distributed system despite process failures. Many algorithms for renaming and variants of renaming have been proposed, and sophisticated lower bounds have been proved, that have been a source of new ideas of general interest to distributed computing. It has consequently acquired a paradigm status in distributed fault-tolerant computing.In the renaming problem, processes start with unique initial names taken from a large name space, then deciding new names such that no two processes decide the same new name and the new names are from a name space that is as small as possible.This paper presents an introduction to the renaming problem in shared memory systems, for non-expert readers. It describes both algorithms and lower bounds. Also, it discusses strong connections relating renaming and other important distributed problems such as set agreement and symmetry breaking.     

全矿井综合自动化系统服务级别协议的探究

针对目前全矿井综合自动化系统服务级别混乱和服务周期长的问题,提出采用服务级别协议的方式来分类分级管理售中和售后服务的方案,从安装调试类服务、系统推广类服务、定制升级类服务、技术支持服务和日常运营服务5个方面详细介绍了服务级别协议的分类管理及内容。服务级别协议将IT服务管理的思想贯彻到了全矿井综合自动化系统的合同签订及实施过程中,对合同的实施周期、项目的验收和合同回款都将起到显著的作用。