一种面向局域网的多级安全模型

为保证局域网环境下共享信息的机密性,提出一种基于BLP模型的局域网多级安全模型MLS-LAN。引入密级标定部件,标定动态信息资源的安全级别,利用接入认证部件和访问控制部件,定义接入认证、信息共享和通信关系控制等规则,由此实现多级信息资源的安全共享。理论分析结果表明,该模型可以对信息共享实施可靠的访问控制,提高了局域网信息共享的安全性。     

协作环境中基于场所的访问控制模型

授权模型是协作环境中不可缺少的关键部件,为协作系统提供合适的授权机制很具挑战性.直接应用于协作系统的传统访问控制模型对多用户之间的协作支持不够,一些协作相关的访问控制必须在应用层上实现;针对特定协作应用背景的访问控制模型,仅适用于特定应用背景的协作系统,不能满足协作环境中更广泛的安全性需求;而现有的协作环境中通用的访问控制模型授权约束比较单一,不能满足协作环境中对授权的灵活性要求.针对这些问题,以Locale-BAC模型为基础提出协作环境中基于场所的访问控制模型,对角色、权限、场所等主要模型部件进行重新定义,实现全局访问控制和协作小组内部自主访问控制相结合的灵活的分层授权机制.     

一个改进的细粒度XML文档强制访问控制模型

XML应用的不断扩展带来了XML安全的需求.目前关于XML安全性的研究主要集中于自主访问控制、基于角色的访问控制和视图技术,而对于强制访问控制的研究较少.提出一个改进的XML文档的强制访问控制模型.模型建立了XML文档的多级安全完整性性质.为避免结构约束与完整性约束可能产生隐通道,模型提出"滞后删除"策略.对XQuery和XUpdate的主要操作进行语义描述,并对模型的安全性进行分析.     

基于角色的空间信息强制访问控制模型研究

针对军事领域中地理空间数据具有更高的敏感性、机密性的特点,对传统的基于角色的访问控制和强制访问控制结合后进行空间扩展,提出了一种基于角色的空间信息强制访问控制模型(Spatial Vector Data Role-Based Mandatory Access Control, SV_RBMAC),在RBMAC模型的形式化描述和安全性定理基础上提出了此模型运用在空间矢量数据的操作模式,满足军事环境中重要信息系统的访问控制需求,在实现细粒度访问控制的同时,保障了空间数据的安全性。经实际原型系统试验证明,具有较高的实用性。     

应用区块链的数据访问控制与共享模型

数据已成为企业的重要资产.如何在企业内部对数据的访问权限进行有效控制、在企业之间安全共享数据一直是一个挑战.区块链中的分布式账本可以从某些方面解决上述问题,但是区块链所应用的非对称加密机制仅可进行一对一的安全传输,并不满足企业内部复杂的访问控制要求.提出一种应用区块链的数据访问控制与共享模型,利用属性基加密对企业数据进行访问控制与共享,达到细粒度访问控制和安全共享的目的.通过对比分析,该模型在安全性和性能上较好地解决了企业内部访问权限难控制、企业之间数据难共享的问题.     

关于主机监控子系统的强制访问控制研究

本文在研究Bell-Lapadula模型和Biba模型的基础上,结合二者的优点,提出了既满足信息保密性和又满足信息完整性的强制访问控制模型。编写了Windows过滤驱动程序,可主动拦截用户进程对文件的操作。加载自主设计的强制访问控制模块,实现了对Windows系统下文件资源的强制访问控制,并可通过入侵检测机制发现非法入侵者的来源。     

基于强制访问控制的主机监控子系统研究

本文在研究Bell-Lapadula模型和Biba模型的基础上,结合二者的优点,提出了既满足信息保密性和又满足信息完整性的强制访问控制模型。编写了Windows过滤驱动程序,可主动拦截用户进程对文件的操作。加载自主设计的强制访问控制模块,实现了对Windows系统下文件资源的强制访问控制,并可通过入侵检测机制发现非法入侵者的来源。实验结果表明,原型系统可有效地对Windows文件系统实施强制访问控制保护,能够主动阻断入侵者的非法操作。     

面向电子文档的协作式访问控制模型

在各种攻击日益严重的情况下,电子文档保护技术越来越重要.提出了一种协作式的访问控制模型,在该模型中保留了用户自主访问控制能力,同时利用强制访问控制将用户的自主能力限制在安全级别允许的范围.从生成、分发、读、写、复制/粘贴、打印6种操作角度全面控制泄露途径,可以防御针对电子文档的内部泄露,特洛伊木马和间接泄露等安全威胁.利用提出的模型和方法,在 Window 环境下实现了对 Word 文档的保护.     

基于Linux的强制访问控制研究

本文围绕安全操作系统中强制访问控制部分的理论和研究,自行构建了Linux系统的强制访问控制机制。该机制支持BLP修改模型的多级安全策略,其构建参考了GFAC和LSM等访问控制模型。内容包括总体设计思路、安全策略和安全信息的形式化、关键函数的实现等。     

基于时间约束和上下文的访问控制模型研究

随着网络应用的普及,分布式环境中的访问控制受到越来越多的关注.Web服务作为一种新型的分布式计算模式,其动态、开放、异构的特点决定其需要更加灵活、细粒度的动态授权机制.目前的访问控制模型越来越不能满足面向服务计算环境的安全需求.提出了一个基于时间约束和上下文的动态访问控制模型TCDAC.该模型对基于角色的访问控制进行扩展,引入时间约束和上下文的概念,使访问控制的授权与时间有关,并能根据上下文信息动态地做出访问控制决定,提高了访问控制的安全性,满足了面向服务系统访问控制对动态性的需求.     

European Community policy and the market

Abstract This paper starts with some reflections on the policy considerations and priorities which are shaping European Commission (EC) research programmes. Then it attempts to position the current projects which seek to capitalise on information and communications technologies for learning in relation to these priorities and the apparent realities of the marketplace. It concludes that while there are grounds to be optimistic about the contribution EC programmes can make to the efficiency and standard of education and training, they are still too technology driven.     

一种自适应子融合集成多分类器方法

融合集成方法已经广泛应用在模式识别领域,然而一些基分类器实时性能稳定性较差,导致多分类器融合性能差,针对上述问题本文提出了一种新的基于多分类器的子融合集成分类器系统。该方法考虑在度量层融合层次之上通过对各类基多分类器进行动态选择,票数最多的类别作为融合系统中对特征向量识别的类别,构成一种新的自适应子融合集成分类器方法。实验表明,该方法比传统的分类器以及分类融合方法识别准确率明显更高,具有更好的鲁棒性。     

Explanation and prediction: an architecture for default and abductive reasoning

Although there are many arguments that logic is an appropriate tool for artificial intelligence, there has been a perceived problem with the monotonicity of classical logic. This paper elaborates on the idea that reasoning should be viewed as theory formation where logic tells us the consequences of our assumptions. The two activities of predicting what is expected to be true and explaining observations are considered in a simple theory formation framework. Properties of each activity are discussed, along with a number of proposals as to what should be predicted or accepted as reasonable explanations. An architecture is proposed to combine explanation and prediction into one coherent framework. Algorithms used to implement the system as well as examples from a running implementation are given.     

Three Process Perspectives: Organizations, Teams, and People

This paper provides the author's personal views and perspectives on software process improvement. Starting with his first work on technology assessment in IBM over 20 years ago, Watts Humphrey describes the process improvement work he has been directly involved in. This includes the development of the early process assessment methods, the original design of the CMM, and the introduction of the Personal Software Process (PSP)^SM and Team Software Process (TSP){^SM}. In addition to describing the original motivation for this work, the author also reviews many of the problems he and his associates encountered and why they solved them the way they did. He also comments on the outstanding issues and likely directions for future work. Finally, this work has built on the experiences and contributions of many people. Mr. Humphrey only describes work that he was personally involved in and he names many of the key contributors. However, so many people have been involved in this work that a full list of the important participants would be impractical.     

基于复小波噪声方差显著修正的SAR图像去噪

提出了一种基于复小波域统计建模与噪声方差估计显著性修正相结合的合成孔径雷达(Synthetic Aperture Radar,SAR)图像斑点噪声滤波方法。该方法首先通过对数变换将乘性噪声模型转化为加性噪声模型,然后对变换后的图像进行双树复小波变换(Dualtree Complex Wavelet Transform,DCWT),并对复数小波系数的统计分布进行建模。在此先验分布的基础上,通过运用贝叶斯估计方法从含噪系数中恢复原始系数,达到滤除噪声的目的。实验结果表明该方法在去除噪声的同时保留了图像的细节信息,取得了很好的降噪效果。     

How do children do mathematics with LOGO?

Abstract  This paper considers some results of a study designed to investigate the kinds of mathematical activity undertaken by children (aged between 8 and 11) as they learned to program in LOGO. A model of learning modes is proposed, which attempts to describe the ways in which children used and acquired understanding of the programming/mathematical concepts involved. The remainder of the paper is concerned with discussing the validity and limitations of the model, and its implications for further research and curriculum development.     

Editorial: Special issue on recent advances in hybrid control theory and applications

正The demands of a rapidly advancing technology for faster and more accurate controllers have always had a strong influence on the progress of automatic control theory.In recent years control problems have been arising with increasing frequency in widely different areas,which cannot be addressed using conventional control techniques.The principal reason for this is the fact that a highly competitive economy is forcing systems to operate in regimes where     

Information for Authors

正Aim The Journals of Zhejiang University-SCIENCE(A/B/C)areedited by the international board of distinguished Chinese andforeign scientists,and are aimed to present the latest devel-opments and achievements in scientific research in China andoverseas to the world’s scientific circles,especially to stimulateand promote academic exchange between Chinese and for-eign scientists everywhere.     

Enhancing a leaf radiative transfer model to estimate concentrations and in vivo specific absorption coefficients of total carotenoids and chlorophylls a and b from single-needle reflectance and transmittance

The relative concentrations of different pigments within a leaf have significant physiological and spectral consequences. Photosynthesis, light use efficiency, mass and energy exchange, and stress response are dependent on relationships among an ensemble of pigments. This ensemble also determines the visible characteristics of a leaf, which can be measured remotely and used to quantify leaf biochemistry and structure. But current remote sensing approaches are limited in their ability to resolve individual pigments. This paper focuses on the incorporation of three pigments—chlorophyll a, chlorophyll b, and total carotenoids—into the LIBERTY leaf radiative transfer model to better understand relationships between leaf biochemical, biophysical, and spectral properties.Pinus ponderosa and Pinus jeffreyi needles were collected from three sites in the California Sierra Nevada. Hemispheric single-leaf visible reflectance and transmittance and concentrations of chlorophylls a and b and total carotenoids of fresh needles were measured. These data were input to the enhanced LIBERTY model to estimate optical and biochemical properties of pine needles. The enhanced model successfully estimated reflectance (RMSE = 0.0255, BIAS = 0.00477, RMS%E = 16.7%), had variable success estimating transmittance (RMSE = 0.0442, BIAS = 0.0294, RMS%E = 181%), and generated very good estimates of carotenoid concentrations (RMSE = 2.48 µg/cm², BIAS = 0.143 µg/cm², RMS%E = 20.4%), good estimates of chlorophyll a concentrations (RMSE = 10.7 µg/cm², BIAS = − 0.992 µg/cm², RMS%E = 21.1%), and fair estimates of chlorophyll b concentrations (RMSE = 7.49 µg/cm², BIAS = − 2.12 µg/cm², RMS%E = 43.7%). Overall root mean squared errors of reflectance, transmittance, and pigment concentration estimates were lower for the three-pigment model than for the single-pigment model. The algorithm to estimate three in vivo specific absorption coefficients is robust, although estimated values are distorted by inconsistencies in model biophysics. The capacity to invert the model from single-leaf reflectance and transmittance was added to the model so it could be coupled with vegetation canopy models to estimate canopy biochemistry from remotely sensed data.     

Mr. Twinn’s bombes

This article discusses the history and design of the special versions of the bombe key-finding machines used by Britain’s Government Code & Cypher School (GC&CS) during World War II to attack the Enigma traffic of the Abwehr (the German military intelligence service). These special bombes were based on the design of their more numerous counterparts used against the traffic of the German armed services, but differed from them in important ways that highlight the adaptability of the British bombe design, and the power and flexibility of the diagonal board. Also discussed are the changes in the Abwehr indicating system that drove the development of these machines, the ingenious ways in which they were used, and some related developments involving the bombes used by the U.S. Navy’s cryptanalytic unit (OP-20-G).