A performance driven methodology for cancelable face templates generation

In this paper, we propose a performance driven methodology for cancelable face templates generation. This is to address the issue of satisfying both the security and performance requirements at the same time. Essentially, the methodology consists of two transformations namely, an efficient feature extraction transformation and an error minimizing template transformation. The first transformation is achieved via a modified sparse random projection which extracts and transforms essential face features into cancelable templates. The second transformation is realized through a direct objective formulation to minimize the system's total error rate. In order to facilitate convergence of the resulted minimization search, a modified sigmoid is proposed for an error counting step function approximation. Using two publicly available face databases, we empirically show an improved verification performance in terms of the equal error rate while hiding the face identity simultaneously.     

Generating cancelable palmprint templates via coupled nonlinear dynamic filters and multiple orientation palmcodes

A novel scheme for generating cancelable palmprint templates is proposed in this paper. Firstly, a chaotic high speed stream cipher is implemented based on coupled nonlinear dynamic filters (CNDF), in which the CNDF are constructed to have flows inverse to each other. Secondly, renewable and privacy preserving palmprint templates are generated using the CNDF chaotic stream cipher with multiple orientation palmprint features obtained from a bank of Gabor filters and encoded in a phase-coding scheme. Compared with the standard palmprint templates, the cancelable templates have greater ability to discriminate palmprints from different hands by increasing the inter-class divergence of different palms more effectively, while maintaining the intra-class distance among palmprints of the same hands. Lastly, the matching stage is performed directly on the cancelable/encryption domain in parallel to accelerate matching and to protect user’s privacy. Several fusion rules are investigated for the matching scores of different directional PalmCodes to obtain the final matching score. Compared with Max, Min, Median and Product fusion rules, the Sum rule can greatly accelerate the speed and improve the performance Experimental results on the Hong Kong PolyU Palmprint Database verify that the proposed cancelable templates can achieve very high performance and security levels with a very strong ability to reissue palmprint templates. The proposed method can also be implemented at high speed, which satisfies the needs of real-time applications.     

PalmHashing: a novel approach for cancelable biometrics

We propose a novel cancelable biometric approach, known as PalmHashing, to solve the non-revocable biometric issue. The proposed method hashes palmprint templates with a set of pseudo-random keys to obtain a unique code called palmhash. The palmhash code can be stored in portable devices such tokens and smartcards for verification. Multiple sets of palmhash codes can be maintained in multiple applications. Thus the privacy and security of the applications can be greatly enhanced. When compromised, revocation can also be achieved via direct replacement of a new set of palmhash code. In addition, PalmHashing offers several advantages over contemporary biometric approaches such as clear separation of the genuine-imposter populations and zero EER occurrences. In this paper, we outline the implementation details of this method and also highlight its potentials in security-critical applications.     

浅析信息安全中的等级保护与分级保护

为了保证涉密网络中的信息安全,国家保密法要求对涉密信息实施等级保护与分级保护.本文分别介绍信息安全中的等级保护和分级保护体系,探讨分级保护与等级保护的关系.     

计算机网络信息安全及防护策略研究

现如今,信息技术的发展已经达到了日新月异的程度,越来越多的人开始接触并使用计算机。计算机网络的信息安全也因此开始被人们所关注和重视。本文将试着通过对计算机网络信息造成安全隐患的因素做一个具体的分析,并深入研究计算机网络信息安全的防护策略。     

关于内部网络信息安全防护措施的探讨

随着互联网技术的不断发展,企事业单位内部网络建设取得了一定的成绩,工作质量及效率得到了空前提高,与此同时,也发现了诸多安全问题。目前,加强内部网络信息安全防护已经成为人们关注的焦点。本文将针对内部网络信息安全防护措施展开探讨,旨在促进网络安全领域的进一步发展。     

计算机网络信息安全及防护策略研究

随着因特网技术和计算机技术的快速发展,计算机网络信息安全及其防护已经越来越受到民众的重视和关注。文章主要针对计算机网络信息安全进行了深入的分析,并且针对计算机网络信息安全存在的问题提出了一些防护策略。     

计算机网络信息安全及防护策略探讨

互联网是生活中密不可分的部分,网络交易,网上银行,单位和企业的电子档案库等,都要求网络信息安全可靠。但是目前网络存在的安全隐患不计其数,黑客攻击层出不穷,如何采取有效手段保护网络安全是一个重要话题。本文介绍了网络信息安全的概念,分析了网络安全的缺陷,并对安全防护提出了几点建议。     

浅谈企业内部信息网络安全防护体系建设

随着网络技术的迅速发展,使网络在企业中的使用程度越来越高.网络技术安全也直接影响到企业的内部信息安全,网络技术越先进对企业信息安全影响越大,因此,建立完善的企业内部信息网络安全防护体系具有重要意义,本文就企业内部信息网络安全防护体系的建立的相关知识进行论述,并以广西某企业内部信息网络安全防护体系建设为实例进行分析.     

计算机网络信息安全及其防护策略的研究简

网络信息安全问题关乎一个国家的安全、社会的稳定,并且随着全球信息化步伐的加快越来越重要。网络信息安全面临的主要威胁有：固有的安全漏洞、黑客（Hack）的恶意攻击、网络自身的管理缺陷、恶意网站设置的陷阱、用户操作失误以及网络内部人员的不良行为造成的安全问题。确保网络信息安全需要采取的对策有：信息加密、为计算机安装防病毒软件和防火墙、升级操作系统补丁、安装入侵检测系统、隐藏IP地址、更换管理员账户和不要随意回复陌生邮件。     

Protection from reconnaissance for establishing information security systems

ABSTRACT

The paper presents a generalized method for improving security of information systems based on protection of the systems from reconnaissance by adversaries. Attacks carried out by exploiting almost all vulnerabilities require particular information about the architecture and operating algorithms of an information system. Obstructions to obtain that information also complicates carrying out attacks. Reconnaissance-protection methods can be utilized for establishing such systems (continuous change of attack surface). Practical implementation of the techniques demonstrated their high efficiency in reducing the risk of information resources to be cracked or compromised.     

The information security digital divide between information security managers and users

Empirical findings from surveys and in-depth interviews with information security managers and users indicate that a digital divide exists between these groups in terms of their views on and experience of information security practices. Information security professionals mainly regard users as an information security threat, whereas users believe themselves that they are an untapped resource for security work. The limited interaction between users and information security managers results in a lack of understanding for the other's point of view. These divergent views on and interpretations of information security mean that managers tend to base their practical method on unrealistic assumptions, resulting in management approaches that are poorly aligned with the dynamics of the users' working day.     

一种新型云平台信息整体安全保护体系

随着生产力水平的提高和科学技术的进步,云计算服务得到迅速的发展。各供应商顺应云计算服务的大潮,相继推出了功能迥异且种类繁多的与云计算有关的各类先进服务系统,给人们生活方式和工作等方面带来变革的同时,也为云平台信息安全埋下了隐患。本文从整体保护的角度,对云平台信息安全的整体保护技术进行了研究,并提出整体保护技术方案,旨在提升云平台信息安全的水平。     

Value conflicts for information security management

A business’s information is one of its most important assets, making the protection of information a strategic issue. In this paper, we investigate the tension between information security policies and information security practice through longitudinal case studies at two health care facilities. The management of information security is traditionally informed by a control-based compliance model, which assumes that human behavior needs to be controlled and regulated. We propose a different theoretical model: the value-based compliance model, assuming that multiple forms of rationality are employed in organizational actions at one time, causing potential value conflicts. This has strong strategic implications for the management of information security. We believe health care situations can be better managed using the assumptions of a value-based compliance model.     

新形势下网络个人信息安全及保护策略研究

信息时代的网络给人们带来便利的同时,.也带来很多问题.尤其是个人信息安全受到严重的威胁.本文首先对计算机网络个人信息的安全问题进行分析,找出个人信息安全问题,并针对性的提出个人信息保护策略,以期让网络个人信息得到最大限度的保护.     

A baseline security policy for distributed healthcare information systems

In this paper, the need for identifying and analyzing the generic security characteristics of a healthcare information system is, first, demonstrated. The analysis of these characteristics is based upon a decision-support roadmap. The results from this profiling work are then analyzed in the light of the fact that more than 1000 accidental deaths happened due to computer system failures. As a result of this analysis, a set of recommendations is drawn up, leading to the development of a baseline security policy for healthcare institutions. Such a policy should be flexible enough to reflect the local needs, expectations and user requirements, as well as strict enough to comply with international recommendations. An example of such a baseline policy is then provided. The policy refers to a given security culture and has been based upon an abstract approach to the security needs of a healthcare institution.     

浅析企业信息安全风险与对策

当前越来越多的企业已经把信息安全看做影响业务发展的核心因素之一,信息安全管理已经成为企业管理的重点。本文对当前企业信息安全风险的现状展开了探讨,并就信息安全政策,安全管理手段等方面进行了剖析,为企业做好、做强信息安全管理体系给出了一些通用性的标准,对企业构建信息安全管理体系,消除信息安全隐患,避免信息安全事件造成的损失,确保信息系统安全、稳定运行具有探索意义。     

信息网络安全及防护策略浅谈简

随着网络的迅速发展和信息化进程的深入,信息资源得到了最大程度的利用和共享,但不可否认的是紧随信息化发展而来的网络安全问题日益突出。本文对信息网络常面临的安全问题进行了列举和原因分析,并有针对性地提出了信息网络安全的几点防护策略。     

Returns to information security investment: The effect of alternative information security breach functions on optimal investment and sensitivity to vulnerability

Four kinds of marginal returns to security investment to protect an information set are decrease, first increase and then decrease (logistic function), increase, and constancy. Gordon, L. A. and Loeb, M. (ACM Trans. Inf. Syst. Secur., 5:438–457, 2002). find for decreasing marginal returns that a firm invests maximum 37% (1 / e) of the expected loss from a security breach, and that protecting moderately rather than extremely vulnerable information sets may be optimal. This article presents classes of all four kinds where the optimal investment is no longer capped at 1 / e. First, investment in information security activities for the logistic function is zero for low vulnerabilities, jumps in a limited “bang-bang” manner to a positive level for intermediate vulnerabilities, and thereafter increases concavely in absolute terms. Second, we present an alternative class with decreasing marginal returns where the investment increases convexly in the vulnerability until a bound is reached, investing most heavily to protect the extremely vulnerable information sets. For the third and fourth kinds the optimal investment is of an all-out “bang-bang” nature, that is, zero for low vulnerabilities, and jumping to maximum investment for intermediate vulnerabilities.

计算机网络信息安全及其防护策略的研究

随着我国经济的快速发展,网络已经成为了一种全新的生活方式。计算机的普及使得网络延伸至社会经济活动的每个角落。互联网在推动经济发展的同时,也在遭受着不断的攻击,网络信息安全形势日益严峻。网络安全问题已经成为制约经济发展和影响社会稳定的不安因素,采取有效的策略和手段,对于保证我国互联网快速有序的发展,具有重要地促进作用。