Commitment-based device-pairing protocol with synchronized drawings and comparison metrics

This article presents a new method for pairing devices securely. The commitment-based authentication uses a fuzzy secret that the devices only know approximately. Its novel feature is time-based opening of commitments in a single round. We also introduce a new source for the fuzzy secret: synchronized drawing with two fingers of the same hand on two touch screens or surfaces. The drawings are encoded as strings and compared with an edit-distance metric. A prototype implementation of this surprisingly simple and natural pairing mechanism shows that it accurately differentiates between true positives and man-in-the-middle attackers.     

土木工程施工课程线上平台教学实践

土木工程施工课程作为土木工程及工程管理专业的学科基础课和核心专业课程,在疫情防控期间"停课不停教""停课不停学"的要求下,通过线上平台进行授课。由于土木工程施工课程内容庞杂、综合性强、实践性强,且章节之间关联性较弱,探究既能使学生快速适应,又能保证教学质量的在线教学方法至关重要。以华南某高校土木工程施工课程为例,基于中国大学MOOC、建筑云课、腾讯课堂、QQ群等线上平台讲授教学内容,并运用问卷调查对课程线上教学效果进行评价。结果表明,线上教学为学生提供了丰富灵活的学习方式,显著提高了学生的自主学习能力,扩大了学生的知识面,达到了较好的学习效果。     

Usability of a cloud-based collaborative learning framework to improve learners’ experience

Computer-Supported Collaborative Learning (CSCL) is concerned with how Information and Communication Technology (ICT) might facilitate learning in groups which can be co-located or distributed over a network of computers such as Internet. CSCL supports effective learning by means of communication of ideas and information among learners, collaborative access of essential documents, and feedback from instructors and peers on learning activities. As the cloud technologies are increasingly becoming popular and collaborative learning is evolving, new directions for development of collaborative learning tools deployed on cloud are proposed. Development of such learning tools requires access to substantial data stored in the cloud. Ensuring efficient access to such data is hindered by the high latencies of wide-area networks underlying the cloud infrastructures. To improve learners’ experience by accelerating data access, important files can be replicated so a group of learners can access data from nearby locations. Since a cloud environment is highly dynamic, resource availability, network latency, and learner requests may change. In this paper, we present the advantages of collaborative learning and focus on the importance of data replication in the design of such a dynamic cloud-based system that a collaborative learning portal uses. To this end, we introduce a highly distributed replication technique that determines optimal data locations to improve access performance by minimizing replication overhead (access and update). The problem is formulated using dynamic programming. Experimental results demonstrate the usefulness of the proposed collaborative learning system used by institutions in geographically distributed locations.     

Controlled elements for designing ciphers suitable to efficient VLSI implementation

This work considers the problem of increasing the performance of the ciphers based on Data-Dependent (DD) operations (DDO) for VLSI implementations. New minimum size primitives are proposed to design DDOs. Using advanced DDOs instead of DD permutations (DDP) in the DDP-based iterative ciphers Cobra-H64 and Cobra-H128 the number of rounds has been significantly reduced yielding enhancement of the “performance per cost” value and retaining security at the level of indistinguishability from a random transformation. To obtain further enhancement of this parameter a new crypto-scheme based on the advanced DDOs is proposed. The FPGA implementation of the proposed crypto-scheme achieves higher throughput value and minimizes the allocated resources than the conventional designs. Design of the DDO boxes of different orders is considered and their ASIC implementation is estimated.     

最新MDAC中的安全特征

本文描述数据访问组件MDAC(Microsoft Data Access Components)的结构与编程接口,分析了MDAC缓冲区溢出安全漏洞的原因,最后阐述了最新MDAC2.8的安全特征.     

即时通讯软件的安全性分析

在互联网服务中,即时通讯已成为了最流行的服务模式之一,人们对即时通讯的依赖程度也与日俱增。但是, 频频出现的病毒和黑客攻击使广大用户深受其害,即时通讯的安全问题也日益严峻。为了从根本上解决问题,本文对即时通讯软件的架构和协议进行了深入分析,目的是找出漏洞根源,给开发者和使用者提供防止漏洞的依据。     

Balancing User Priorities for Sustainability versus Security

In these times of global change, many facility emphases are competing for limited resources. Competing factors include, but are not limited to, sustainable design or green buildings; security, hardening or force protection; accessibility; historic preservation; aesthetics; and functionality. Yet, unlimited resources are seldom, if ever, available to fulfill all of these competing requirements in private or public construction. The Georgia Institute of Technology designed a decision matrix to allow owners and planners to balance these competing requirements on a project-by-project basis and to document the rationale.     

井站安全培训之问题与对策

目前采气井站的安全教育培训工作取得了一定成绩,但也存在不少问题。针对这些问题,提出了3点对策建议:制定长期系统的安全培训计划;建立教育培训信息反馈机制;培训方法不断改进与创新。     

基于状态空间法的加密器设计研究

本文基于控制理论中的状态空间方法,提出了一种设计加密器和解密器的方法.加密器没计为—个非线性能观系统,这种加密器在同等的安全强度情况下,较之传统的移位寄存器式加密器没计容易,计算复杂度低,加解密速度快,结构灵活,易于实现.本文还讨论了提高这种加密器性能的基本途径,并举了几个说明性例子说明这种加密器及其设计方法的可行性.     

竹坑水库大坝安全鉴定分析

在竹坑水库大坝安全鉴定中,认真分析了该工程存在的主要问题,并针对大坝的结构稳定和渗流稳定作了详细的分析论证.