Oracle 10g撤销段研究

撤销段为oralce10g新引入的一个管理回滚数据的机制，相对于早期版本的回滚段，撤销段无论是在功能、实现机制还是管理方式上都有了很大的改变。该文通过导出撤销段头、跟踪相关撤销段数据字典等方法，深入分析了在单实例环境下的Oracle10g事务及撤销段的内部工作机制，以及撤销段的管理方法。最终来达到优化配置管理撤销段的目的，并且提出了一个预估撤销表空间大小的算法。     

自修复数据库系统日志机制研究

选择性恢复使得一个自修复数据库系统在受到恶意攻击后,只需撤销历史中受到恶意事务感染的那部分操作,无需回滚整段历史,但要求日志机制支持对事务间依赖关系的追踪及前像数据的长期保存。通过分析传统日志机制的不足以及现有原型系统实现方法存在的问题,提出了一种新的日志结构。该日志包含事务依赖信息,并以前像表代替传统日志机制中的回滚段。给出了基于该日志结构的数据库恢复方法,并在时间和空间开销方面对本方法与其它方法进行了分析和比较。     

解决ORA-25151:如何在Oracle的表空间中建立回

滚段 在管理Oracle数据库时,有经验的DBA会告诉你:最好将回滚段单独存放在一个专门的表空间中,以避免存储空间中碎片的产生。但是,当你做如下实验: 第一步:建立一个表空间准备作为回滚段专用表空间。SQL>CREATE TABLESPACE rbs_space DATAFILE d:\rbs_space SIZE 5M; 第二步:在表空间中建立回滚段SQL>CREATE ROLLBACK SEGMENT rbs05 TABLESPACE     

Oracle8i回滚段的配置

回滚段的类型、功能及工作原理。重点讲述了配置和动态调整回滚段的方法。     

基于回滚段的oracle错误恢复技术研究

在ORALCE数据管理中,常发生错误的修改更新数据或错误删除数据等误操作,这些错误可采用闪回技术进行恢复,本文对闪回技术中基于回滚段的错误恢复技术进行研究,并结合实例说明了各种恢复方法的不同之处。     

基于重复数据删除的连续数据保护系统的快速回滚

基于重复数据删除的连续数据保护系统可以实现时间点连续的数据保护,可以将数据回滚到任意的时刻,并且能够很好地降低存储开销,是一种理想的数据备份方式,而如何实现系统的快速回滚严重影响整个系统的性能.根据基于重复数据删除的连续数据保护系统的特点,系统实现了2种数据的快速回滚方法,并且通过cache对其中一种方法进行了加速.实验显示,2种回滚方式均能很好地实现数据回滚,并且cache起到了很好的加速效果.针对不同的回滚需求,灵活地选用不同的回滚方式,能够快速有效地实现数据回滚.     

Oracle数据库回滚段的故障分析与性能优化

回滚段是Oracle数据库的重要组成部分,数据库的性能与回滚段息息相关。本文将针对数据库回滚段常见的故障进行系统的分析,结合实例提出相应的解决方案,并对数据库回滚段的改善与优化进行了探讨。     

SQL3保存点和部分回滚的设计和实现

随着数据库管理系统的发展,SQL标准也日渐完备,在即将推出的SQL3中,明确了保存点和部分回滚的概念。OSCAR作为一个支持SQL标准的对象关系数据库管理系统,提供了保存点和部分回滚的灵活有效的实现机制。     

密文策略属性加密中的撤销控制方案

在云环境下使用数据共享功能时，由于云环境的复杂性，需要对数据进行安全保护和访问控制，这就要求使用加密机制。基于密文策略属性的加密（CP-ABE）是当前广泛使用的加密机制，它可以根据用户的属性来设置访问权限，任何具有合格访问权限的用户都可以访问数据。然而云是一个动态环境，有时可能只允许具有访问权限用户中的一部分用户访问数据，这就需要用户权限的撤销机制。然而，在CP-ABE中，访问权撤销或用户撤销是一个冗长且代价高昂的事件。所提出方案根据对CP-ABE流程的改进，在原密文中嵌入了可灵活控制的用户个人秘密，使得用户权限撤销时既不要求使用新访问策略的用户撤销数据，也不要求对数据进行重新加密，大幅减少撤销时的计算成本。与知名CP-ABE撤销方案对比，所提出方案的计算成本更低且具有良好的安全性。     

Oracle10g数据库系统性能优化与调整

Oracle数据库是当前应用最广泛的大型数据库,随着数据库数据量的增大、并发用户数量增多,系统常常出现吞吐量降低,响应时间变长的性能问题,如何有效优化、调整数据库性能,避免系统瓶颈,是保证Oracle数据库高效运行的基础。该文试从分析影响Oracle数据库系统性能的因素入手,重点介绍了Oracle10g数据库系统优化策略,包括内存区调整与优化、磁盘I/O优化、磁盘碎片、回滚段设置、CPU性能调整以及SQL语句优化等,通过对这些优化策略的介绍,期望能使Oracle10g数据库系统获得最优性能。     

一种多步流程回退方法的研究与实现

回退是工作流管理系统的一个重要功能,传统的回退方法大多是单步的、逐级的、禁止跨and合并或跨and分支的,不能很好地满足企业业务流程的多变性及复杂性。基于此,通过改进回退规则和回退算法,运用改进后的规则和算法对shark引擎进行二次开发,实现一个支持流程多步回退的应用模型。实验证明,改进后的引擎较好地解决了工作流流程的多步回退问题,保证回退时数据的一致性和流程死锁的规避。     

Attribute-based data access control in mobile cloud computing: Taxonomy and open issues

With the thriving growth of the cloud computing, the security and privacy concerns of outsourcing data have been increasing dramatically. However, because of delegating the management of data to an untrusted cloud server in data outsourcing process, the data access control has been recognized as a challenging issue in cloud storage systems. One of the preeminent technologies to control data access in cloud computing is Attribute-based Encryption (ABE) as a cryptographic primitive, which establishes the decryption ability on the basis of a user’s attributes. This paper provides a comprehensive survey on attribute-based access control schemes and compares each scheme’s functionality and characteristic. We also present a thematic taxonomy of attribute-based approaches based on significant parameters, such as access control mode, architecture, revocation mode, revocation method, revocation issue, and revocation controller. The paper reviews the state-of-the-art ABE methods and categorizes them into three main classes, such as centralized, decentralized, and hierarchal, based on their architectures. We also analyzed the different ABE techniques to ascertain the advantages and disadvantages, the significance and requirements, and identifies the research gaps. Finally, the paper presents open issues and challenges for further investigations.     

On the distribution and revocation of cryptographic keys in sensor networks

Key management has two important aspects: key distribution, which describes how to disseminate secret information to the principals so that secure communications can be initiated, and key revocation, which describes how to remove secrets that may have been compromised. Key management in sensor networks face constraints of large scale, lack of a priori information about deployment topology, and limitations of sensor node hardware. While key distribution has been studied extensively in recent works, the problem of key and node revocation in sensor networks has received relatively little attention. Yet, revocation protocols that function correctly in the presence of active adversaries pretending to be legitimate protocol participants via compromised sensor nodes are essential. In their absence, an adversary could take control of the sensor network's operation by using compromised nodes which retain their network connectivity for extended periods of time. In this paper, we present an overview of key-distribution methods in sensor networks and their salient features to provide context for understanding key and node revocation. Then, we define basic properties that distributed sensor-node revocation protocols must satisfy and present a protocol for distributed node revocation that satisfies these properties under general assumptions and a standard attacker model.     

Oracle 10g中闪回查询的应用

简述了oracle10g中闪回查询的类型,通过列举实例说明了闪回版本查询和闪回事物查询的应用。闪回查询是最基本的闪回功能,直接利用回滚段中的旧数据构造某一刻的一致性数据版本。由于该查询只适合单个表数据恢复,所以对事务中相关的多表数据恢复不适合,无法确保相关数据的参照完整性。     

Privacy-preserving revocation checking

Digital certificates signed by trusted certification authorities (CAs) are used for multiple purposes, most commonly for secure binding of public keys to names and other attributes of their owners. Although a certificate usually includes an expiration time, it is not uncommon that a certificate needs to be revoked prematurely. For this reason, whenever a client (user or program) needs to assert the validity of another party’s certificate, it performs a certificate revocation check. There are several revocation techniques varying in both the operational model and underlying data structures. One common feature is that a client typically contacts some third party (whether trusted, untrusted or semi-trusted) and obtains some evidence of either revocation or validity (non-revocation) for the certificate in question. While useful, revocation checking can leak sensitive information. In particular, third parties of dubious trustworthiness can discover the identity of the party performing the revocation check, as well as the target of the check. The former can be easily remedied with techniques such as onion routing or anonymous web browsing. Whereas, hiding the target of the query is not obvious. This paper focuses on the privacy in revocation checking, explores the loss of privacy in current revocation checking techniques and proposes simple and efficient privacy-preserving techniques for two well-known revocation methods. Portions of this paper appeared in [30,32].     

基于抽取的高考作文生成

机器人自动写作是人工智能和自然语言处理领域重要的研究方向,然而传统的自动写作方法主要针对体育新闻、天气预报等较短的段落级文本进行研究,并没有对篇章级文本自动生成技术进行深入地建模.针对这一问题,我们着重研究面向高考作文的篇章级文本生成任务.具体而言我们提出了一种基于抽取式的高考作文生成模型,即先进行抽取再利用深度学习排序方法进行段落内部的文本组合生成.通过实际专家评测,我们所生成的作文能够达到北京高考二类卷平均分数,具有一定的实际应用价值.     

Generic user revocation systems for attribute-based encryption in cloud storage

Cloud-based storage is a service model for businesses and individual users that involves paid or free storage resources. This service model enables on-demand storage capacity and management to users anywhere via the Internet. Because most cloud storage is provided by third-party service providers, the trust required for the cloud storage providers and the shared multi-tenant environment present special challenges for data protection and access control. Attribute-based encryption (ABE) not only protects data secrecy, but also has ciphertexts or decryption keys associated with fine-grained access policies that are automatically enforced during the decryption process. This enforcement puts data access under control at each data item level. However, ABE schemes have practical limitations on dynamic user revocation. In this paper, we propose two generic user revocation systems for ABE with user privacy protection, user revocation via ciphertext re-encryption (UR-CRE) and user revocation via cloud storage providers (UR-CSP), which work with any type of ABE scheme to dynamically revoke users.     

高效可撤销的共享数据云存储审计

共享数据的云存储审计是指对群用户共享的云数据的完整性进行审计. 由于在共享数据云存储审计中, 用户可能因各种原因加入和离开用户群, 因此这种方案通常支持群用户撤销. 在大多数现存的共享数据云审计方案中, 用户撤销的计算开销与用户群要上传的文件块总数成线性关系, 造成很大的计算和通信代价, 如何减少用户撤销产生的计算和通...     

基于多授权中心的CP-ABE属性撤销方案

直接将密文属性基加密（CP-ABE）运用于云环境中，将造成云访问控制的安全和计算开销问题。为此，提出一种支持多授权中心的属性撤销方案（RMCP-ABE），通过采用逻辑二叉树和每属性代理重加密等方法，保证了属性撤销过程中的安全性，属性撤销的即时性、灵活性和细粒度，降低了数据属主的计算开销。方案引入了多授权中心模型，避免授权中心被攻破或者合谋的威胁，并提高了运行效率。安全性和实验分析表明，该算法安全性与传统CP-ABE算法一致，同时与其他属性撤销方案相比开销更低。