网络信息安全技术综述

阐述了网络信息安全的三个组成方面,具体分析了在实际应用中的网络安全技术手段,探讨了国内外研究开发网络信息安全技术的现状、发展趋势及我们所应着重采取的策略.     

EMAP: An efficient mutual authentication protocol for passive RFID tags

Radio frequency identification (RFID) system is a contactless automatic identification system, which uses small and low cost RFID tags. The primary problem of current security and privacy preserving schemes is that, in order to identify only one single tag, these schemes require a linear computational complexity on the server side. We propose an efficient mutual authentication protocol for passive RFID tags that provides confidentiality, untraceability, mutual authentication, and efficiency. The proposed protocol shifts the heavy burden of asymmetric encryption and decryption operations on the more powerful server side and only leaves lightweight hash operation on tag side. It is also efficient in terms of time complexity, space complexity, and communication cost, which are very important for practical large-scale RFID applications.     

基于互联网视域对军队政治工作的几点思考

互联网的广泛应用给军队开展政治工作带来了机遇与挑战,文章从思想政治教育、军事宣传工作和安全保密工作三个方面,从内容与形式两个维度对互联网环境下开展政治工作的创新进行了深入探讨,提出了顺势而为开展思想政治教育,充分利用互联网手段开展军事宣传工作和趋利避害做好安全保密工作的思路和方法。     

无线局域网安全保密管控技术研究

随着网络的发展和无线Wi Fi业务的应用不断普及,无线局域网安全保密性能得到了广泛的重视。本文对无线局域网的安全体系进行分析,研究无线局域网安全保密管控方案,通过性能测试证明本文所设计的无线局域网安全保密管控方案的可行性。     

基于虚拟化架构的USB访问控制研究

虚拟化架构下的多个虚拟机共享同一个硬件平台,这会给USB外部设备的使用带来安全隐患。当虚拟机用户将USB存储设备连接到平台时,设备可能被没有使用权限的虚拟机访问,造成设备中重要隐私数据失泄密。本文基于虚拟化架构平台提出了一种USB设备安全访问机制,通过身份认证技术,阻止非授权虚拟机使用USB设备,保证USB设备中数据的机密性。     

一种云存储环境下保障数据机密性的方法

为保证用户数据的机密性,业界普遍将数据加密后存储在云端。提出了一种云存储系统中保障数据机密性的方法,其特点有:(1)加解密系统部署于云存储服务器的前端,在客户端和云存储服务器之间对用户数据进行加解密;(2)对用户数据的加解密是实时进行的,在数据上传的传输过程中进行加密,在数据下载的传输过程中进行解密;(3)加解密系统对用户端和云服务器端是透明的。当前广泛使用的基于HTTP协议传输的云存储系统如Amazon S3、OpenStack Swift等可以直接使用该方法。测试结果表明:本方法在不降低数据传输吞吐率的基础上,能有效卸载云存储系统的数据加解密负担。     

Protecting Business Secrets in an EDI/CALS Environment

ABSTRACT

Communicating with confidential data requires special attention in a mobile agents environment, especially when the other hosts must be prevented from eavesdropping on the communication. We propose a communication model for secured communication between the agents belonging to publishers and consumers data. Confidentiality is ensured using our on-the-fly encryption-decryption sequence using ElGamal system to directly convert the message or plaintext into one that is encrypted directly with the public key of consumer. The scheme ensures that the data possessed by the agents is secured at all times when it is executing at any untrusted host. Our minimal implementation of the model with Aglets agent platform gives the first faithful picture of the happenings in the model. Finally, we also explain how the homomorphic property of ElGamal scheme can be integrated with our model for a Web-based application such as voting involving multiple agents.     

Proof-of-Improved-Participation: A New Consensus Protocol for Blockchain Technology

The Internet of Things (IoT) is converting today’s physical world into a complex and sophisticated network of connected devices on an enormous scale. The existing malicious node detection mechanism in traditional approaches lacks in transparency, availability, or traceability of the detection phase. To overcome these concerns, we provide a decentralized technique using blockchain technology. Despite the fact that blockchain technology is applicable to create that type of models, existing harmony set of instructions are susceptible to do violence to such as DoS and Sybil, making blockchain systems unfeasible. Here, a new Proof-of-Improved-Participation (PoIP) harmony instruction was suggested that benefits the participation rules to select honest peers for mining while limiting malicious peers. Under an evaluation the PoIP outperforms the Proof-of-Work (PoW) instructions are demonstrated, Proof of Stake (PoS) instructions in terms of energy consumption, accuracy, and bandwidth. To compare the three consensus protocols with respect to efficiency, we build a lightweight mining model and find that PoIP consensus has greater efficiency than PoW and PoS. PoIP has 25% lower attack risk than existing consensus. As a consequence, our suggested methodology can provide the needed security with minimal attack risk and high accuracy, according to the analysis results. As a result, suggested consensus is more efficient than existing methods in terms of block generation time. Hence we suggest that suggested consensus is very suitable for IoT-based applications especially in healthcare.     

GIF图像选择加密算法及其性能研究

针对GIF图像的编码特点,提出退化和保密2种模式下的图像选择加密算法。对于退化模式,采用子集内置乱索引的方法实现对图像退化的可视度控制,对于保密模式,通过加密较少数据实现对整个图像的保护。分析结果表明,该算法在满足GIF图像安全性和格式兼容性要求的同时,使其压缩率保持不变。     

数据库服务——安全与隐私保护

主要从数据的机密性、数据的完整性、数据的完备性、查询隐私保护以及访问控制策略这5 个关键技 术,综述国际上在数据库服务——安全与隐私保护方面的研究进展.数据的机密性主要从基于加密和基于数据分布 展开分析;数据的完整性和完备性主要从基于签名、基于挑战-响应和基于概率的方法展开分析;查询隐私保护和访 问控制策略主要从目前存在的问题展开分析.最后展望了数据库服务——安全与隐私保护领域未来的研究方向、存 在的问题及面临的挑战.