基于量子CSS纠错码的量子公钥密码和消息认证

该文利用量子CSS纠错码的构造方法和一般线性码的译码是一个NPC问题建立了一个量子公钥密码体制。其特点是以经典信息作为密钥来加密量子消息,安全性建立在NPC问题量子图灵机(QTM)不可解基础之上。利用此公钥密码体制,该文还给出了一个基于量子CSS纠错码的消息认证方案,并证明了其安全性。     

Cascade ciphers: The importance of being first

The security of cascade ciphers, in which by definition the keys of the component ciphers are independent, is considered. It is shown by a counterexample that the intuitive result, formally stated and proved in the literature, that a cascade is at least as strong as the strongest component cipher, requires the uninterestingly restrictive assumption that the enemy cannot exploit information about the plaintext statistics. It is proved, for very general notions of breaking a cipher and of problem difficulty, that a cascade is at least as difficult to break as the first component cipher. A consequence of this result is that if the ciphers commute, then a cascade is at least as difficult to break as the most-difficult-to-break component cipher, i.e., the intuition that a cryptographic chain is at least as strong as its strongest link is then provably correct. It is noted that additive stream ciphers do commute, and this fact is used to suggest a strategy for designing secure practical ciphers. Other applications in cryptology are given of the arguments used to prove the cascade cipher result. The results of this paper were presented in part at the 1990 IEEE Symposium on Information Theory, January 14–19, 1990, San Diego, California.     

基于消息认证函数的云端数据完整性检测方案

针对云计算中数据完整性问题,该文提出了一个新的交互式完整性检测方案。该方案通过构造一个I型完善Cartesian消息认证函数及其等效函数,在同步存储数据验证值的前提下,利用等效函数判定云端应答的消息认证值来检测完整性。分析结果表明,该方案在大数分解的困难性假设下能正确检测完整性,并且运行时仅需用户端常量的计算量、存储占用量和网络通信量,相比较现有方案,具有明显效率优势。     

The Short Message Service: Standards,infrastructure and innovation

The Short Message Service (SMS) is a teleservice developed by the Global System for Mobile Communication in the mid-1980s for second-generation mobile networks. SMS is made up of standards, protocols and infrastructure that make text messaging the most popular data service on mobile networks. The teleservice has been used in all subsequent generations of mobile telephony. This article discusses the development of the SMS teleservice standards (GSM 03.40), how it has influenced mobile telephony infrastructure, and how it remains a lasting communication innovation today. It historicizes text messaging standards and their technical realization by describing the network architecture and elements required for SMS transmission. This article illustrates how SMS standards and infrastructure represent a significant innovation to mobile telephony in the late twentieth century.     

基于QC-MDPC码的可证明安全RFID双向认证协议

目前射频识别(RFID)系统安全问题日益严重,为了保护RFID系统中无线信道部分的信息交互安全,用准循环中密度奇偶校验码构造Niederreiter型公钥密码体制,基于这种加密模型提出一种RFID双向安全认证协议。利用规约技术证明该协议安全性,将攻击困难规约到线性码的译码困难问题。通过与其他RFID认证协议对比,在交互量、计算量和存储量等性能方面该协议也适用于资源有限且高效率的RFID系统。     

基于Windows的虚拟专用网安全机制的设计和实现

介绍了已经实现的一个基于IPSec协议的虚拟专用网。它已经成功地嵌入到当前流行的Windows操作系统中。本文主要讨论了虚拟专用网的需求，系统的体系结构，系统的功能及其采用的关键技术，其中系统的安全机制的设计与实现是本文重点。     

构建“端管云”联动的物联网安全防护系统

本文首先分析了物联网当前的安全现状,从端管云三个方面梳理了存在的主要安全风险.随后提出了"端管云"联动的物联网安全防护系统,解决设备及应用的安全接入、身份认证、安全通道、密钥管理及数据保护,解决设备硬件、固件的检测及加固,解决异常或恶意行为告警与处置,并通过闭环的运营体系保证物联网系统的安全.     

An efficient lightweight authentication scheme for human-centered industrial Internet of Things

Internet of Things (IoT) specifies a transparent and coherent integration of assorted and composite nodes. Unification of these nodes with large resources and servers has brought advancement in technology for industrial and government services. The industrial IoT (IIoT), with smart nodes, enhance the development and manufacturing of industrial process, which is on demand now. However, the security concern is substantial, and it is required to control to perform prosperous assimilation of IIoT. Authentication of these smart nodes and establishing mutual trust among them is essential to keep vulnerabilities and potential risks out. Hence, this paper presents an efficient lightweight secure authentication protocol from the perspective of human-centered IIoT. This proposed scheme assumes a registration center which simply generates public and secret information for a node when it initially joins the network. Once registration is done, the registration center is not needed anymore, and advanced processes like mutual authentication, secure key exchange, and communications are independently done by nodes involved. Furthermore, we show that this scheme can reduce exponential computations and computational overhead and resolves various possible attacks.     

移动运营商用户运营之痛——移动互联时代用户运营核心能力分析

文中分别介绍了移动运营商在通信网环境下的用户运营核心能力和互联网企业在移动互联网环境下用户运营体系的核心能力,总结出真实身份、安全交易环境、支付的三大用户运营核心能力。通过对两种用户运营核心能力的对比,指出移动运营商在移动互联网时代丧失了通信网时代建立的核心能力,推荐移动运营商建立基于公钥基础设施的用户运营核心能力符合移动互联网特征,赢得与互联网企业的用户运营能力的竞争。     

Spam: One Pozzled Problem for E-Commerce

E-commerce has advantages of low bargaining cost, full field service, and convenient. Its development forms and promotes the key factor of the global economic growth, and the security problem of e-commerce becomes more and more important thereupon. It is the subject of a great meaning to structure the safe, convenient e-commerce running environment. The task of anti-spam is a concrete content among them. This paper discusses the source and danger of spam, and the precautionary and radical cure measures of spam are put forwarded, and the technologies of the anti-spam are discussed especially.     

Spam: One Puzzled Problem for E-Commerce

E-commerce has advantages of low bargaining cost, full field service, and convenient. Its development forms and promotes the key factor of the global economic growth, and the security problem of e-commerce becomes more and more important thereupon. It is the subject of a great meaning to structure the safe, convenient e-commerce running environment. The task of anti-spam is a concrete content among them. This paper discusses the source and danger of spam, and the precautionary and radical cure measures of spam are put forwarded, and the technologies of the anti-spam are discussed especially.     

Spam:One Puzzled Problem for E-Commerce

E-commerce has advantages of low bargaining cost, full field service, and convenient. Its development forms and promotes the key factor of the global economic growth, and the security problem of e-commerce becomes more and more important thereupon. It is the subject of a great meaning to structure the safe, convenient e-commerce running environment. The task of anti-spam is a concrete content among them. This paper discusses the source and danger of spam, and the precautionary and radical cure measures of spam are put forwarded, and the technologies of the anti-spam are discussed especially.     

MR2RP: The Multi-Rate and Multi-Range Routing Protocol for IEEE 802.11 Ad Hoc Wireless Networks

This paper discusses the issue of routing packets over an IEEE 802.11 ad hoc wireless network with multiple data rates (1/2/5.5/11 Mb/s). With the characteristics of modulation schemes, the data rate of wireless network is inversely proportional with the transmission distance. The conventional shortest path of minimum-hops approach will be no longer suitable for the contemporary multi-rate/multi-range wireless networks (MR²WN). In this paper, we will propose an efficient delay-oriented multi-rate/multi-range routing protocol (MR²RP) for MR²WN to maximize the channel utilization as well as to minimize the network transfer delay from source to destination. By analyzing the medium access delay of the IEEE 802.11 medium access control (MAC) protocol, the proposed MR²RP is capable of predicting the transfer delay of a routing path and finding the best one, which has the minimum transfer delay from source to destination. The proposed MR²RP may choose a longer path but with less contention competitors and buffer queuing delay. Simulation results show that MR²RP performs the load balancing and fast routing very well, and its call blocking probability is obviously lower than that of conventional minimum-hops approach with fixed transmission rate.An erratum to this article can be found at     

Coding for the gaussian channel: The promise of weighted-output decoding

We introduce the concept of weighted-output decoding, which enables us to perform many successive decodings without information loss. The design of a coding system for the additive white Gaussian channel can thus be viewed as a means for combining many simple codes. We illustrate this concept by the example of parity-check codes which are combined according to Elias' iterated product. Examination of the performance thus obtained leads us to criticize the conventional minimal distance criterion and to propose as a criterion a proximity measure of the weight distribution of the code with respect to the binomial one. According to this point of view, the iterated product of parity-check codes appears as a means of decimation of the set of n-tuples.     

基于属性的物联网感知层访问控制方案

物联网感知层包含大量环境数据与个人信息。因此,对这些数据的访问做出严格界定对于物联网信息安全与隐私保护至关重要。文中在传统访问控制模型的基础上,引入属性概念,提出了一种基于属性的访问控制方案。在这一方案中,通过对用户的主体属性、被访问资源的客体属性、访问请求的权限属性以及该请求发生时的环境属性进行判定,决定是否给与主体访问权限。基于属性的访问控制方案具有灵活性强、控制相对简单、拓展性强等特点,能够满足动态的大规模环境,有利于解决物联网感知层访问控制问题。     

SYN‐Guard: An effective counter for SYN flooding attack in software‐defined networking

In software‐defined networking (SDN), TCP SYN flooding attack is considered as one of the most effective attacks to perform control plane and target server saturation. In this attack, an attacker generates a large number of malicious SYN requests, and because of the absence of the forwarding rules, the data plane switches have to forward these SYN messages to the controller. This excessive forwarding causes congestion over the communication channel between a data plane and control plane, and it also exhausts computational resources at both the planes. In this paper, we propose a novel countermeasure called SYN‐Guard to detect and prevent SYN flooding in SDN networks. We fully implement SYN‐Guard on the SDN controller to validate the incoming TCP connection requests. The controller installs forwarding rules for the SYN requests that successfully clear the validation test of SYN‐Guard. The host of the fake SYN request is detected, and SYN‐Guard prevents it from sending any further SYN requests to the data plane switch. The performance evaluation done using the simulation results shows that SYN‐Guard exhibits low side effect for genuine TCP requests, and when compared with standard SDN and state‐of‐art proposals, it reduces the average response time up to 21% during an ongoing SYN flooding attack.     

Time to forge ahead: The Internet of Things for healthcare

Situated at the intersection of technology and medicine, the Internet of Things (IoT) holds the promise of addressing some of healthcare's most pressing challenges, from medical error, to chronic drug shortages, to overburdened hospital systems, to dealing with the COVID-19 pandemic. However, despite considerable recent technological advances, the pace of successful implementation of promising IoT healthcare initiatives has been slow. To inspire more productive collaboration, we present here a simple—but surprisingly underrated—problem-oriented approach to developing healthcare technologies. To further assist in this effort, we reviewed the various commercial, regulatory, social/cultural, and technological factors in the development of the IoT. We propose that fog computing—a technological paradigm wherein the burden of computing is shifted from a centralized cloud server closer to the data source—offers the greatest promise for building a robust and scalable healthcare IoT ecosystem. To this end, we explore the key enabling technologies that underpin the fog architecture, from the sensing layer all the way up to the cloud. It is our hope that ongoing advances in sensing, communications, cryptography, storage, machine learning, and artificial intelligence will be leveraged in meaningful ways to generate unprecedented medical intelligence and thus drive improvements in the health of many people.     

Information and Arena: The Dual Function of the News Media for Political Elites

How do individual politicians use the news media to reach their political goals? This study addresses the question by proposing an actor‐centered, functional approach. We distinguish 2 essential functions (and subfunctions) the mass media have for political elites. The media are a source of information; politicians depend on it for pure information and they can profit from the momentum generated by media information. The media also are an arena elites need access to in order to promote themselves and their issues. These 2 functions offer certain politicians a structural advantage over others and, hence, are relevant for the power struggle among political elites. A systematic functional account enables comparisons of the role of the media across politicians and political systems.     

Quality of Service in Mobile and Wireless Networks: The Need for Proactive and Adaptive Applications

Although there are already many fixed networked computers around the world, we will see several orders of magnitude more wireless and mobile devices connected to the Internet. Each car, truck, aircraft, but also many people will carry a plethora of different devices for communication. However, all mobile and wireless systems have in common that the quality of their connectivity may change rapidly over time. Still, users want to get the best quality possible or the quality they pay for respectively. In this paper we describe the implementation of adaptive and proactive applications that are supported by our architecture. The user can express his or her preference by simply clicking on a Q(uality)-button; the process of adaptation is performed without any user interaction. Feedback loops connecting applications, operating system, and network system realize the adaptation. We show how our architecture supports traditional adaptive applications and demonstrate the benefits of proactive applications in wireless and mobile environments.     

The influence of online product presentation videos on persuasion and purchase channel preference: The role of imagery fluency and need for touch

The lack of physical contact between products and consumer represents a key characteristic of online environments that can influence consumer’s purchase behavior. In an effort to offer a close experience with the product, websites usually present vivid information in order to convince consumers about the goodness of their products. Vivid information is likely to prompt different aspects of the purchase process, like reduced feelings of uncertainty or a higher need for physical information. The goal of this research is twofold: first, we analyze how the presence and type of vivid information, in the form of product presentation videos (PPVs), affects consumers’ attitudes and purchase intentions toward the product. Furthermore, we examine how the perceived ease of imagining the product evoked by vivid information mediates these effects. Second, we propose that individual differences, related to the consumer’s need of touching products, determine the impact of vivid information on the preferences toward the purchase channel (online or offline). The results of an experiment, which manipulated the presence and the style of PPVs, support the importance of vivid information in order to favor consumers’ attitudes and purchase intentions, as well as to influence the relative preference for the purchase channel. Additionally, message and consumer characteristics are found as important factors that affect these relationships.