基于密钥共享的分层混合认证模型

随着信息时代的迅速发展,云计算数据访问安全已经成为了用户最关心的问题。身份认证技术是确保参与者在开放的网络环境中实现安全通信的一种重要手段,如何利用身份认证技术为云环境安全保驾护航,成为学者研究的热点。文中通过公钥基础设施(Public Key Infrastructure,PKI)颁发CA证书以在不同云服务间建立信任,将多个采用身份密码体制(Identity-Based Encryption,IBE)的云联合起来；采用分层身份加密体系,引入共享密钥技术,通过选取成环结构,提出一种PKI-IBE混合认证模型方案,并对方案的安全性进行分析,从理论上证明了云环境下PKI-IBE(Public Key Infrastructure-Identity-Based Encryption)同层成环模型提供服务的可行性。同时文中设计了一种基于该模型的签密技术,通过公私密钥对实现云内认证以及跨云认证。安全性理论证明与性能分析表明,该方案在计算量稍增加的前提下,保证了足够的安全性,更加满足云环境下的用户分属不同云域的认证以及用户安全访问的需求,有效解决了云环境中数据访问的安全问题。     

基于哈希链的软件定义网络路径安全

针对软件定义网络中，控制器无法保证下发的网络策略能够在转发设备上得到正确执行的安全问题，提出一种新的转发路径监控安全方案。首先以控制器的全局视图能力为基础，设计了基于OpenFlow协议的路径凭据交互处理机制；然后采用哈希链和消息验证码作为生成和处理转发路径凭据信息的关键技术；最后在此基础上，对Ryu控制器和Open vSwitch开源交换机进行深度优化，添加相应处理流程，建立轻量级的路径安全机制。测试结果表明，该机制能够有效保证数据转发路径安全，吞吐量消耗比SDN数据层可信转发方案（SDNsec）降低20%以上，更适用于路径复杂的网络环境，但时延和CPU使用率的浮动超过15%，有待进一步优化。     

A Privacy-Preserving Attribute-Based Reputation System in Online Social Networks

Online social networks (OSNs) have revolutionarily changed the way people connect with each other. One of the main factors that help achieve this success is reputation systems that enable OSN users to ...     

适用于无线体域网的动态口令认证协议

无线体域网中传输的是与生命高度相关的敏感数据，身份认证是信息安全保护的第一道防线。现有的基于人体生物信息的身份认证方案存在信息难提取、偶然性大和误差性大的问题，基于传统密码学的认证方案需较大计算资源和能量消耗，并不适用于无线体域网环境。为此，在动态口令和非对称加密机制基础上，提出一种适用于无线体域网的动态口令双向认证轻量协议，并对其进行形式化分析。通过理论证明、SVO逻辑推理及SPIN模型检测得出：该协议满足双向认证，且能够抵御重放攻击、伪装攻击、拒绝服务器攻击和口令离线攻击，具有较高安全性。     

Micro‐morphological,environmental and phytochemical investigation of herbal medicines by using LM and SEM: A quality control tool

The use of quality control tool for authentication of Jadwar (Delphinium denudatum Wall. ex Hook.f. & Thomson), a folk herbal drug used for the treatment of different ailments, was studied. People face problems of adulteration for this drug at global, regional, national and local levels. Two different plant species are commercially marketed in the Indo‐Pak Subcontinent under the same trade name of Jadwar. One is D. denudatum Wall. ex Hook.f. & Thomson and the other is Aconitum heterophyllum Wall. ex Royle. To focus on this problem, a marketable available drug sample of Jadwar was authenticated by using basic microscopy tools (LM) and advanced chemo‐taxonomic markers. Authentication, quality and standardization of this drug was achieved using morphology, organoleptography, UV and IR analyses, scanning electron microscopy of pollen and anatomical investigations. The techniques used for authentication marked the clear difference between the studied plants. Microscopic studies, chemotaxonomic investigation and other techniques used in this project provided the basis for the authentication of this species.     

Development of highly photoluminescent electrospun nanofibers for dual-mode secure authentication

The photochromic phenomenon has been recently used as a fascinating technology in the development of highly efficient anti-counterfeiting materials with dual-mode security encoding of concurrent photochromism and fluorescence emission. Herein, we successfully developed lanthanide-doped aluminate nanoparticles (LAN)/polystyrene (PS) electrospun nanofibers as novel secure authentication films. Different ratios of lanthanide-doped aluminate nanoparticles were mixed with polystyrene-based copolymer solutions in N,N-dimethylformamide (DMF) and subjected to electrospinning to afford photochromic and fluorescent nanofibers. The generated electrospun nanofibers demonstrated a narrow diameter distribution, a smooth surface and well-defined morphological properties. The produced smart nanofibers were applied onto cellulose paper sheets to demonstrate a dual-mode secure strategy with a simple and rapid authentication. LAN was prepared in the nano-scale for better dispersion in PS, which guarantee the formation of transparent films. LAN was studied by transmission electron microscope (TEM) and X-ray diffraction (XRD). LAN displayed diameters of 5–12 nm. On the other hand, the fibrous diameters of LAN-PS samples were studied by scanning electron microscopy (SEM) to indicate diameters of 200–300 nm. The induced security marking was invisible (363 nm) under visible daylight turning into visible green (520 nm) color under ultraviolet irradiation demonstrating a bathochromic shift. Both excitation and emission displayed high intensities. The security marking was fully reversible under ultraviolet/visible irradiation cycles without fatigue. Those advantageous properties could be attributed to the high surface area of the chromogenic nanofibrous films to result in high absorption of light leading to strong optical dual-mode photo-responsiveness. The generated LAN-PS hybrid films showed improved hydrophobic properties with increasing LAN. The nanofibers showed transparency, stretchability and flexibility. The present strategy can be reported as an efficient technology to develop many anti-counterfeiting products toward a better market with social and economic values to avoid fake products.     

论我国环境污染损害鉴定评估推进的困境与发展建议

近年来,环境污染问题日益引起公众的高度关注。环境污染导致的人身、财产及环境资源损害问题日益显现,环境污染损害评估结论作为环境污染事件损害的量化结果,已经成为处理环境问题以及司法解决涉及环境案件的技术依据或定案根据。文章在阐述我国环境污染损害鉴定评估进展的基础上,分析了鉴定评估目前面临的问题:立法和方法研究滞后于现实需求、环境污染损害鉴定评估管理体系亟待完善、损害赔偿修复机制尚未建立,并对上述问题基础提出了相应的改进建议。     

无线办公网络安全分析及防护

主要讨论了"无线"自身特点造成的信号不稳定、用户安全认证方式及接入控制等方面的问题,详细分析了影响信号传输的因素,对常用认证加密技术进行对比分析,针对无线办公网络设计、实施中所面临最普遍的无线信号可用性、可靠性、加密方式以及用户认证方式等无线安全问题给出建议,具有实际意义。     

无线传感器网络中广播通信的安全协议设计

摘 要：广播通信安全是无线传感器网络设计中的重要问题。本文首先分析了无线传感器网络中广播通信的特点、所需要解决的关键安全问题和以及安全协议设计原则,随后提出了基于公钥算法的全局广播通信安全协议和基于单向密钥链的局部广播通信安全协议,较好地实现了广播通信的可靠性认证、完整性和时效性。同时从性能分析看,本文方案只为传感节点引入了少量的通信负荷、能量消耗和存储空间。