粒子群属性聚类的位置隐私保护

针对基于位置服务中连续查询情况下，用户自身属性信息很容易被攻击者获取，并通过关联获得用户位置隐私的情况，提出了一种利用粒子群聚类加速相似属性用户寻找，并由相似属性匿名实现用户位置泛化的隐私保护方法。该方法利用位置隐私保护中常用的可信中心服务器，通过对发送到中心服务器中的查询信息进行粒子群属性聚类，在聚类的过程中加速相似属性用户的寻找过程，由相似属性用户完成位置泛化，以此实现位置隐私保护。实验结果证明，这种基于粒子群属性聚类的隐私保护方法具有高于同类算法的隐私保护能力，以及更快的计算处理速度。     

新一代意大利建筑师解读兼评阿克雅建筑师事务所的实践

今天,活跃在国际建筑舞台上的建筑师是 50来岁的一代人,与现代主义建筑大师们相比较,这一代建筑师具有更为特殊的位置。因为他们知道如何糅合不同的建筑创作模式,创造出体现设计者独立个性的做法,善于处理历史文化与当前现实的关系,适宜的合作规模和在建筑作品中巧妙地不事张扬。可是,意大利50来岁的建筑师却不知道处理这样一种恰如其分的平衡,例如如何体现设计者建筑语言的肯定性、在合作过程中如何认识自身的位置,以及面对当今复杂的施工要求如何保证建筑作品在实施过程中不失去个性,正是因为这些问题的处理不当,致使在国际建筑舞台上缺少他们的身影。今天,可以肯定的倒是30-40来岁的意大利建筑师,阿克雅建筑师事务所就是其中的一员。他们能够娴熟地运用国际流行的建筑语言,并且不局限在某种作者定式和个人魅力,致力于把纯粹的学术研究与建筑实践结合在一起。这一代意大利建筑师表现出来的特点是把每一次设计作为一次积极展示他们个人特点的机会,表现出强烈的希望设计作品付诸实施的愿望,以及作品中展现出扎实的结构专业能力。     

Impact of anonymity on roles of personal and group identities in online communities

Extant research on the control of anonymous human behavior is inconclusive because of its focus on partial aspects of the self-concept. Multiple self-concepts are usually effective in any given situation. Hence, a holistic approach is preferred over a fragmented picture of the self. We investigate anonymous online communities to determine whether multiple self-concepts concurrently control human behavior.Data were collected from 1453 users through a web-based survey. The results showed that multiple self-concepts concurrently influenced argument quality through group norm conformity, whereas private-self directly influenced argument quality. Furthermore, online anonymity decreased the influence of group identity, contrary to existing assertions.     

An Improved User Authentication and Key Agreement Scheme Providing User Anonymity

When accessing remote services over public networks, a user authentication mechanism is required because these activities are executed in an insecure communication environment. Recently, Wang et al. proposed an authentication and key agreement scheme preserving the privacy of secret keys and providing user anonymity. Later, Chang et al. indicated that their scheme suffers from two security flaws. First, it cannot resist DoS (denial-of-service) attack because the indicators for the next session are not consistent. Second, the user password may be modified by a malicious attacker because no authentication mechanism is applied before the user password is updated. To eliminate the security flaws and preserve the advantages of Wang et al.'s scheme, we propose an improvement in this paper.     

Lightweight and provably secure user authentication with anonymity for the global mobility network

Seamless roaming in the global mobility network (GLOMONET) is highly desirable for mobile users, although their proper authentication is challenging. This is because not only are wireless networks susceptible to attacks, but also mobile terminals have limited computational power. Recently, some authentication schemes with anonymity for the GLOMONET have been proposed. This paper shows some security weaknesses in those schemes. Furthermore, a lightweight and provably secure user authentication scheme with anonymity for the GLOMONET is proposed. It uses only symmetric cryptographic and hash operation primitives for secure authentication. Besides, it takes only four message exchanges among the user, foreign agent and home agent. We also demonstrate that this protocol enjoys important security attributes including prevention of various attacks, single registration, user anonymity, user friendly, no password/verifier table, and use of one‐time session key between mobile user and foreign agent. The security properties of the proposed protocol are formally validated by a model checking tool called AVISPA. Furthermore, as one of the new features in our protocol, it can defend smart card security breaches. Copyright © 2010 John Wiley & Sons, Ltd.     

Cryptanalysis of Hsiang‐Shih's authentication scheme for multi‐server architecture

From user point of view, password‐based remote user authentication technique is one of the most convenient and easy‐to‐use mechanisms to provide necessary security on system access. As the number of computer crimes in modern cyberspace has increased dramatically, the robustness of password‐based authentication schemes has been investigated by industries and organizations in recent years. In this paper, a well‐designed password‐based authentication protocol for multi‐server communication environment, introduced by Hsiang and Shih, is evaluated. Our security analysis indicates that their scheme is insecure against session key disclosure, server spoofing attack, and replay attack and behavior denial. Copyright © 2010 John Wiley & Sons, Ltd.     

基于Voronoi图预划分的LBS位置隐私保护方法

为了解决服务器面临大量用户请求时匿名效率下降的问题,分别提出适用于静态用户和动态用户的协作匿名方法。首先基于Voronoi图划分全局区域,再由中心服务器组织本区域内用户实现协作匿名,由于服务器无需为每个用户单独构造匿名区,降低了服务端的负担;针对查询过程中用户提供真实位置信息带来位置隐私泄露的问题,提出了逆向增量近邻查询算法。用户以固定锚点代替真实位置,向位置服务器逐步获取兴趣点候选集并计算出想要的结果,避免位置隐私直接泄漏的同时获取精准查询结果。该算法同时解决了锚点与用户过近而带来的位置隐私被推断问题。实验表明本方法在有效保护用户位置隐私的同时,具有良好的工作效率。     

An efficient and DoS-resistant user authentication scheme for two-tiered wireless sensor networks

Wireless sensor networks (WSNs) are vulnerable to security attacks due to their deployment and resource constraints.Considering that most large-scale WSNs follow a two-tiered architecture,we propose an...     

匿名通信综述

匿名通信是网络与通信领域的热门课题。首先描述了匿名通信的起源,并从匿名属性、对手能力和网络类型三个方面对匿名通信的基本框架进行了阐述。然后阐述了匿名通信的研究现状,并对若干具有代表性的匿名通信系统进行了简要描述,匿名通信系统包括Anonymizer、Tor、Mixminion、Crowds和Tarzan。最后提出了匿名通信发展面临的挑战,包括匿名通信系统的用户体验、中继节点的信誉评价体系和匿名通信系统的滥用行为。