基于一种云计算数据保护的多级加密算法的应用研究

云计算是分布式计算技术的一种,其最基本的概念是透过网络将庞大的计算处理程序自动分拆成无数个较小的子程序,再交由多部服务器所组成的庞大系统经搜寻、计算分析之后将处理结果回传给用户。云计算中的数据泄漏已经成为云计算的巨大威胁,据不完全统计数据,仅在2019年1年,大约有超40亿条信息被泄露。这些信息涵盖科技、医疗、政府、金融、教育、制造等十几个领域数百个行业,数据泄露已经成为云计算中数据安全的巨大威胁。主要提出了一种多级加密算法,能更好地保护云计算中的数据,并能以极小的成本在云计算中得到应用。     

一种大型复杂构件加工新模式及新装备探讨

大型复杂构件是航空航天、能源、船舶等领域装备的核心结构件，此类构件通常具有尺寸大、形状复杂、刚性弱等特点。传统“分体离线加工-在线检测”模式存在工艺不稳定、过程复杂、柔性差、周期长等问题，以龙门式多轴数控机床加工为代表的“包容式”加工模式，难以适应大型复杂构件的高效高质量加工制造需求。提出一种基于移动式和吸附式机器人的多机协同原位加工新模式，通过多机器人系统自主寻位、精确定位加工与加工质量原位检测，实现大型复杂构件多安装面并行铣削、制孔与打磨等作业。多机器人系统包括移动式混联机器人、吸附式并联机器人、移动式串联铣削机器人、移动式双臂加工机器人和移动式打磨机器人。构建多机协同原位加工模式，需要揭示多机器人协同原位加工行为与大型弱刚性结构件质量控制的交互机理，面临着本体、测量、工艺和集成四个方面的挑战，需要设计高灵活、高刚度的移动式和吸附式加工机器人，解决移动机器人自主准确寻位和超大结构件原位高精检测难题，攻克加工变形误差在线补偿和振动抑制技术，通过集成实现多机协同高效高精加工，为大型复杂构件的高效高质量制造提供创新技术及装备，并实现此类构件制造核心技术及装备自主可控。     

基于深度学习的安全缺陷报告预测方法实证研究

软件安全问题的发生在大多数情况下会造成非常严重的后果，及早发现安全问题，是预防安全事故的关键手段之一.安全缺陷报告预测可以辅助开发人员及早发现被测软件中潜藏的安全缺陷，从而尽早得以修复.然而，由于安全缺陷在实际项目中的数量较少，而且特征复杂（即安全缺陷类型繁多，不同类型安全缺陷特征差异性较大），这使得手工提取特征相对困难，并随后造成传统机器学习分类算法在安全缺陷报告预测性能方面存在一定的瓶颈.针对该问题，提出基于深度学习的安全缺陷报告预测方法，采用深度文本挖掘模型TextCNN和TextRNN构建安全缺陷报告预测模型；针对安全缺陷报告文本特征，使用skip-grams方式构建词嵌入矩阵，并借助注意力机制对TextRNN模型进行优化.所构建的模型在5个不同规模的安全缺陷报告数据集上展开了大规模实证研究，实证结果表明：深度学习模型在80%的实验案例中都要优于传统机器学习分类算法，性能指标F1-score平均可提升0.258，在最好的情况下甚至可以提升0.535.除此之外，针对安全缺陷报告数据集存在的类不均衡问题，对不同采样方法进行了实证研究，并对结果进行了分析.     

Sensei: Enforcing secure coding guidelines in the integrated development environment

We discuss the potential benefits, requirements, and implementation challenges of a security-by-design approach in which an integrated development environment plugin assists software developers to write code that complies with secure coding guidelines. We discuss how such a plugin can enable a company's policy-setting security experts and developers to pass their knowledge on to each other more efficiently, and to let developers more effectively put that knowledge into practice. This is achieved by letting the team members develop customized rule sets that formalize coding guidelines and by letting the plugin check the compliance of code being written to those rule sets in real time, similar to an as-you-type spell checker. Upon detected violations, the plugin suggests options to quickly fix them and offers additional information for the developer. We share our experience with proof-of-concept designs and implementations rolled out in multiple companies, and present some future research and development directions.     

增强现实中基于位置安全性的LBS位置隐私保护方法

为了解决基于位置的服务(LBS)和增强现实(AR)技术快速发展带来的用户位置隐私泄露的隐患,分析了现有的位置隐私保护方法的优缺点,提出基于位置安全性的位置隐私保护方法。将区域安全度和伪装区域引入该方法中,将提示某区域是否需要保护这一度量标准定义为区域安全度,非安全区域(即需要给予保护的区域)的区域安全度设置为1,安全区域(即不需要保护的区域)设置为0,通过扩大区域安全度和识别等级来计算位置安全度。实验结果表明,该方法与未引入位置安全性的方法相比降低了平均定位误差,提高了平均安全性,从而有效地保护了用户的位置隐私,提高了LBS的服务质量。     

Interventions for long-term software security: Creating a lightweight program of assurance techniques for developers

Though some software development teams are highly effective at delivering security, others either do not care or do not have access to security experts to teach them how. Unfortunately, these latter teams are still responsible for the security of the systems they build: systems that are ever more important to ever more people. We propose that a series of lightweight interventions, six hours of facilitated workshops delivered over three months, can improve a team's motivation to consider security and awareness of assurance techniques, changing its security culture even when no security experts are involved. The interventions were developed after an Appreciative Inquiry and Grounded Theory survey of security professionals to find out what approaches work best. We tested the interventions in a participatory action research field study where we delivered the workshops to three software development organizations and evaluated their effectiveness through interviews beforehand, immediately afterwards, and after twelve months. We found that the interventions can be effective with teams with limited or no security experience and that improvement is long-lasting. This approach and the learning points arising from the work here have the potential to be applied in many development teams, improving the security of software worldwide.     

PMU based voltage security assessment of power systems exploiting principal component analysis and decision trees

The need for feature selection and dimension reduction is felt as a fundamental step in security assessment of large power systems in which the number of features representing the state of power grids dramatically increases. These large amounts of attributes are not proper to be used for computational intelligence (CI) techniques as inputs, because it may lead to a time consuming procedure with insufficient results and they are not suitable for on-line purposes and updates.This paper proposes a combined method for an online voltage security assessment in which the dimension of the token data from phasor measurement units (PMUs) is reduced by principal component analysis (PCA). Then, the features with different stability indices are put into several categories and feature selection is done by correlation analysis in each category. These selected features are then given to decision trees (DTs) for classification and security assessment of power systems.The method is applied to 39-bus test system and a part of Iran power grid. It is seen from the results that the DTs with reduced data have simpler splitting rules, better performance in saving time, reasonable DT error and they are more suitable for constant updates.     

Secure and reliable data communication in developing regions and rural areas

Nowadays, despite the ever increasing need of people for staying “connected” at any time and everywhere, in many areas of the world data connection is extremely expensive or even absent. The Global System for Mobile Communication (GSM) network virtually covers all the populated areas of the world and on average, the entire world population have a handheld device capable of accessing at least the GSM services. Therefore, it makes sense to consider the Short Message Service (SMS) as the most popular wireless data service for such devices. In this work, we exploit the SMS as mechanism for data transfer, especially in scenarios where there is no other network coverage than GSM, such as in rural areas and developing regions. In particular, we propose a framework, based on the SMS as transport facility, which enables secure end-to-end data communication in a ubiquitous and pervasive manner. Moreover, we investigated how, by using compression techniques, the overall processing and transmission efforts needed for secure data communication can be effectively reduced, with the obvious consequences also in terms of energy consumption on the involved devices. Finally, we successfully tested the effectiveness of the proposed framework within the context of a proof of concept implementation.     

基于三维胞元空间的MA双向并行路由算法

针对传统移动代理(MA)在监测无线传感器网络(WSNs)的感兴趣信息时产生的延迟较大和能耗较多问题,提出了基于三维胞元空间的MA双向并行(3D-BPMA)路由算法.3D-BPMA将MA与传统的客户/服务器(c/S)模式相结合,在胞元内利用C/S模式搜集信息,在单层胞元系统和路由器与路由器之间采用MA双向并行的策略进行传输.仿真结果表明:3D-BPMA与LCF,DSG-MIP算法相比减少了平均响应时间和网络平均能耗,提高了MA发送率.     

REST API技术及在移动通信网络管理中的应用

介绍了目前最炙手可热的REST架构风格，该风格顺应Web2.0的兴起，完美的匹配了云计算时代来临的可扩展要求，在各种应用场景中都得到了充分的表现。根据其技术特点，分析了该风格的API在移动通信网络管理中的应用，从网管系统内部、网管系统之间以及网管系统与上层APP应用之间等多方面对是否适用于REST风格以及如何在合适的位置使用REST API进行了分析。