Exact analytical solutions for some popular benchmark problems in topology optimization II: three-sided polygonal supports

In an earlier paper (Rozvany, Struct Optim 15:42–48, 1998), the second author summarized known analytical solutions for some popular benchmark problems in topology optimization. In this, and in some subsequent papers, further exact optimal topologies are derived for least-weight, stress-controlled trusses, with load and support conditions that are frequently used in benchmark examples for numerical methods in topology optimization.     

On the Planar Piecewise Quadratic 1-Center Problem

In this paper we introduce a minimax model unifying several classes of single facility planar center location problems. We assume that the transportation costs of the demand points to the serving facility are convex functions {Q _i }, i=1,…,n, of the planar distance used. Moreover, these functions, when properly transformed, give rise to piecewise quadratic functions of the coordinates of the facility location. In the continuous case, using results on LP-type models by Clarkson (J. ACM 42:488–499, 1995), Matoušek et al. (Algorithmica 16:498–516, 1996), and the derandomization technique in Chazelle and Matoušek (J. Algorithms 21:579–597, 1996), we claim that the model is solvable deterministically in linear time. We also show that in the separable case, one can get a direct O(nlog n) deterministic algorithm, based on Dyer (Proceedings of the 8th ACM Symposium on Computational Geometry, 1992), to find an optimal solution. In the discrete case, where the location of the center (server) is restricted to some prespecified finite set, we introduce deterministic subquadratic algorithms based on the general parametric approach of Megiddo (J. ACM 30:852–865, 1983), and on properties of upper envelopes of collections of quadratic arcs. We apply our methods to solve and improve the complexity of a number of other location problems in the literature, and solve some new models in linear or subquadratic time complexity.     

一种新的DDoS攻击预警方法

DDoS攻击的研究是网络安全研究领域的一个研究热点。预测DDoS攻击发生的概率,对于早期防御和响应DDoS攻击具有重要意义。提出了一种基于概率有限状态自动机的DDoS攻击预警模型,给出了一种计算攻击成功概率和攻击期望威胁度的方法。实验表明,方法能有效地计算出DDoS攻击成功概率和期望威胁度,实现早期防御。     

A threat–response multi-criteria funding model for homeland security grant programs

The Department of Homeland Security (DHS) provides funding to 50 states, the District of Columbia, and seven US territories through a consolidated program called the Homeland Security Grant Program (HSGP). There has been much controversy about the lack of structure in HSGP and the method it employs to allocate funds to the states and territories. Slice is a threat–response multi‐criteria decision model that systematically evaluates the threats and responses of securing the states and territories. The Analytic Hierarchy Process (AHP) and probability elicitation methods are used to capture the objective and subjective judgments used in Slice. The probability calibration and entropy methods are used along with the utility theory to obtain a composite weighted score for each state and territory. These weighted scores are combined with the population scores in a structured framework to determine the amount of funding for the states and territories.     

基于APDR信息系统安全防护体系模型的分级防护策略研究

本文在提出APDR信息系统安全防护体系模型的基础上,对信息系统中信息价值级别及其可能面临的最大威胁强度进行了划分,并针对相应的安全防护强度等级和安全防护技术等级制定出了相应的安全防护策略,这对信息系统进行安全防护体系设计具有非常重要的意义。     

On the completeness of an identifiability algorithm for semi-Markovian models

This paper addresses the problem of identifying causal effects from nonexperimental data in a causal Bayesian network, i.e., a directed acyclic graph that represents causal relationships. The identifiability question asks whether it is possible to compute the probability of some set of (effect) variables given intervention on another set of (intervention) variables, in the presence of non-observable (i.e., hidden or latent) variables. It is well known that the answer to the question depends on the structure of the causal Bayesian network, the set of observable variables, the set of effect variables, and the set of intervention variables. Sound algorithms for identifiability have been proposed, but no complete algorithm is known. We show that the identify algorithm that Tian and Pearl defined for semi-Markovian models (Tian and Pearl 2002, 2002, 2003), an important special case of causal Bayesian networks, is both sound and complete. We believe that this result will prove useful to solve the identifiability question for general causal Bayesian networks.      

Probabilistic model checking for the quantification of DoS security threats

Secure authentication features of communication and electronic commerce protocols involve computationally expensive and memory intensive cryptographic operations that have the potential to be turned into denial-of-service (DoS) exploits. Recent proposals attempt to improve DoS resistance by implementing a trade-off between the resources required for the potential victim(s) with the resources used by a prospective attacker. Such improvements have been proposed for the Internet Key Exchange (IKE), the Just Fast Keying (JFK) key agreement protocol and the Secure Sockets Layer (SSL/TLS) protocol. In present article, we introduce probabilistic model checking as an efficient tool-assisted approach for systematically quantifying DoS security threats. We model a security protocol with a fixed network topology using probabilistic specifications for the protocol participants. We attach into the protocol model, a probabilistic attacker model which performs DoS related actions with assigned cost values. The costs for the protocol participants and the attacker reflect the level of some resource expenditure (memory, processing capacity or communication bandwidth) for the associated actions. From the developed model we obtain a Discrete Time Markov Chain (DTMC) via property preserving discrete-time semantics. The DTMC model is verified using the PRISM model checker that produces probabilistic estimates for the analyzed DoS threat. In this way, it is possible to evaluate the level of resource expenditure for the attacker, beyond which the likelihood of widespread attack is reduced and subsequently to compare alternative design considerations for optimal resistance to the analyzed DoS threat. Our approach is validated through the analysis of the Host Identity Protocol (HIP). The HIP base-exchange is seen as a cryptographic key-exchange protocol with special features related to DoS protection. We analyze a serious DoS threat, for which we provide probabilistic estimates, as well as results for the associated attacker and participants' costs.     

A Flexible Markov Chain Approach for Multivariate Credit Ratings

Modeling the dependence of credit ratings is an important issue for portfolio credit risk analysis. Multivariate Markov chain models are a feasible mathematical tool for modeling the dependence of credit ratings. Here we develop a flexible multivariate Markov chain model for modeling the dependence of credit ratings. The proposed model provides a parsimonious way to capture both the cross-sectional and temporal associations among ratings of individual entities. The number of model parameters is of the magnitude O(sm ² + s ² m), where m is the number of ratings categories and s is the number of entities in a credit portfolio. The proposed model is also easy to implement. The estimation method is formulated as a set of s linear programming problems and the estimation algorithm can be implemented easily in a Microsoft EXCEL worksheet, see Ching et al. Int J Math Educ Sci Eng 35:921–932 (2004). We illustrate the practical implementation of the proposed model using real ratings data. We evaluate risk measures, such as Value at Risk and Expected Shortfall, for a credit portfolio using the proposed model and compare the risk measures with those arising from Ching et al. IMRPreprintSeries (2007), Siu et al. Quant Finance 5:543–556 (2005).     

Information security – Professional perceptions of knowledge-sharing intention under self-efficacy,trust, reciprocity,and shared-language

Knowledge sharing is an important component of knowledge management systems. Security knowledge sharing substantially reduces risk and investment in information security. Despite the importance of information security, little research based on knowledge sharing has focused on the security profession. Therefore, this study analyses key factors, containing attitude, self-efficacy, trust, norm of reciprocity, and shared language, in respect of the information security workers intention to share knowledge. Information security professionals in virtual communities, including the Information Security Professional Association (ISPA), Information Systems Security Association (ISSA), Society of Information Risk Analysts (SIRA), and LinkedIn security groups, were surveyed to test the proposed research model. Confirmatory factor analysis (CFA) and the structural equation modelling (SEM) technique were used to analyse the data and evaluate the research model. The results showed that the research model fit the data well and the structural model suggests a strong relationship between attitude, trust, and norms of reciprocity to knowledge sharing intention. Hypotheses regarding the influence of self-efficacy and reciprocity, to knowledge sharing attitude were upheld. Shared language did not influence either the attitude or intention to share knowledge.     

效用理论在信息安全投资优化中的应用

为了解决组织预算过程中信息安全投资最优的问题,建立了安全投资与风险控制的关系模型,对安全投资的有效性进行了研究,提出了降低事件发生概率有效性及缓解损失有效性的新概念.采用效用理论作为组织财富、风险损失和安全投资的描述模型,指数效用函数作为组织投资收益的描述模型.分析了安全投资的边界,使用求偏导数取极值的方法对投资效用函数进行了研究,并求得最小投资的解.应用实例表明,基于效用的风险度量方法是科学的,损失效应越大的安全事件需要更大的安全投资.     

NONLINEAR DISCRETE-TIME RISK-SENSITIVE OPTIMAL CONTROL

This paper is devoted to the study of the connections among risk-sensitive stochastic optimal control, dynamic game optimal control, risk-neutral stochastic optimal control and deterministic optimal control in a nonlinear, discrete-t ime context with complete state information. The analysis worked out sheds light on the profound links among these control strategies, which remain hidden in the linear context. In particular, it is shown that, under suitable parameterizations, risk-sensi tive control can be regarded as a control methodology which combines features of both stochastic risk-neutral control and deterministic dynamic game control.     

Contiguous Search Problem in Sierpiński Graphs

In this paper we consider the problem of capturing an intruder in a particular fractal graph, the Sierpiński graph SG _n . The problem consists of having a team of mobile software agents that collaborate in order to capture the intruder. The intruder is a mobile entity that escapes from the team of agents, moving arbitrarily fast inside the network, i.e., traversing any number of contiguous nodes as long as no other agent resides on them. The agents move asynchronously and they know the network topology they are in is a Sierpiński graph SG _n . We first derive lower bounds on the minimum number of agents, number of moves and time steps required to capture the intruder. We then consider some variations of the model based on the capabilities of the agents: visibility, where the agents can “see” the state of their neighbors and thus can move autonomously; locality, where the agents can only access local information and thus their moves have to be coordinated by a leader. For each model, we design a capturing strategy and we make some observations. One of our goals is to continue a previous study on what is the impact of visibility on complexity: in this topology we are able to reach an optimal bound on the number of agents required by both cleaning strategies. However, the strategy in the visibility model is fully distributed, whereas the other strategy requires a leader. Moreover, the second strategy requires a higher number of moves and time steps. A preliminary version of this paper has been presented at the 4th International Conference on Fun with Algorithms (FUN’07) 17.     

An Automatic Correction of Ma’s Thinning Algorithm Based on <Emphasis Type="Italic">P</Emphasis>-simple Points

The notion of P-simple points was introduced by Bertrand to conceive parallel thinning algorithms. In ‘A 3D fully parallel thinning algorithm for generating medial faces’ (Pattern Recogn. Lett. 16:83–87, 1995), Ma proposed an algorithm for which there are objects whose topology is not preserved. In this paper, we propose a new application of P-simple points: to automatically correct Ma’s algorithm.     

Profit-maximizing firm investments in customer information security

When a customer interacts with a firm, extensive personal information often is gathered without the individual's knowledge. Significant risks are associated with handling this kind of information. Providing protection may reduce the risk of the loss and misuse of private information, but it imposes some costs on both the firm and its customers. Nevertheless, customer information security breaches still may occur. They have several distinguishing characteristics: (1) typically it is hard to quantify monetary damages related to them; (2) customer information security breaches may be caused by intentional attacks, as well as through unintentional organizational and customer behaviors; and (3) the frequency of such incidents typically is low, although they can be very costly when they occur. As a result, predictive models and explanatory statistical analysis using historical data have not been effective. We present a profit optimization model for customer information security investments. Our approach is based on value-at-risk methods and operational risk modeling from financial economics. The main results of this work are that we: (1) provide guidance on the trade-offs between risk and return in customer information security investments; (2) define the range of efficient investments in technology-supported risk indemnification for sellers; (3) model how to handle government-dictated levels of investment versus self-regulation of investments in technology; and (4) characterize customer information security investment levels when the firm is able to pass some of its costs on to consumers. We illustrate our theoretical findings with empirical data from the Open Security Foundation, as a means of grounding our analysis and offering the reader intuition for the managerial interpretation of our theory and main results. The results show that we can narrow the decision set for solution providers and policy-makers based on the estimable risks and losses associated with customer information security. We also discuss the application of our approach in practice.     

A note on the alternating group network

The class of alternating group networks was introduced in the late 1990’s as an alternative to the alternating group graphs as interconnection networks. Recently, additional properties for the alternating group networks have been published. In particular, Zhou et al., J. Supercomput (2009), doi:, was published very recently in this journal. We show that this so-called new interconnection topology is in fact isomorphic to the (n,n−2)-star, a member of the well-known (n,k)-stars, 1≤k≤n−1, a class of popular networks proposed earlier for which a large amount of work have already been done. Specifically, the problem in Zhou et al., J. Supercomput (2009), doi:, was addressed in Lin and Duh, Inf. Sci. 178(3), 788–801, 2008, when k = n−2.     

一种图像隐蔽通信的安全模型

安全性是图像隐蔽通信应用的前提条件。基于香农信息熵和相对熵的安全约束条件还存在不足,隐藏信息不能抵抗利用图像相关性的密写分析。深入分析了图像相邻像素的相关性,给出了基于像素相关的广义信息熵、相对熵和概率分布。提出了广义信息度量的信息隐藏模型,该模型满足隐藏信息的不可检测性,适应于图像隐蔽通信。给出了安全约束条件和信息隐藏方法,并进行了验证实验,给出了实验数据。实验结果表明,该安全模型具有理论和实用价值。     

基于国家信息安全风险评估指南的量化模型研究

以2005年颁布的国标草案《信息安全风险评估指南》为主要指导,并参考NISTSP800—30的管理控制思想、评估方法以及威胁发生可能性的计算方法,给出了一个具有可操作性的信息安全风险评估量化模型。     

基于国家信息安全风险评估指南的量化模型研究

以2005年颁布的国标草案《信息安全风险评估指南》为主要指导,并参考NIST SP800-30的管理控制思想、评估方法以及威胁发生可能性的计算方法,给出了一个具有可操作性的信息安全风险评估量化模型。     

信息系统内部威胁检测技术研究

针对企业信息系统中日益严重的内部威胁行为,特别是冒名登录、越权操作等行为,基于用户行为分析的技术,采用主客体混合的分层安全模型,建立了一种新的信息系统内部威胁检测框架.通过比较用户异常行为及主客体权限发现恶意内部威胁行为.应用正则表达式与混合加密算法保证检测准确性和日志安全性.从身份认证、访问控制、操作审计和行为阈值技术四个方面进行安全检测,对关键技术给出了详细介绍.实验证明该检测框架防止了内部人员破坏数据并提供响应和干预能力,提高了信息系统安全性.最后,展望了内部威胁检测技术发展趋势.     

专用SoC安全控制架构的研究与设计

针对专用SoC芯片的安全问题,在描述芯片威胁模型与部署模型的基础上,规划了芯片资源的安全等级,设计了芯片的工作状态及状态转移之间的约束条件和实现机制,给出了芯片运行时的安全工作流程。对芯片的安全性分析表明,所设计的芯片系统能够满足机密性、完整性和可信性的应用要求。