远程视频监控系统的安全可靠性研究

针对传统远程视频监控系统在安全可靠性上存在的隐患提出了多种有效的安全可靠性技术.首先从数据传输、数据存储和数据访问3个方面详细介绍了网络环境下数据的安全可靠性技术;然后给出了系统设计上的几点改进方案,以提高整个系统的性能.通过文章中的技术方案,远程视频监控系统中视频图像的高效传输能够较好地得以实现.     

一个改进的主从结构表安全数据模型

到目前为止,大量的文献已经提出了许多用以实现多级安全数据库系统的安全模型,不同的模型有不同的优点。本文针对原有主从结构表安全模型容易产生语义模糊性和操作不完备性等问题,提出了一个能够消除语义模糊性和操作不完备性的新的主从结构表模型。该模型增加了基元组和数据继承的概念,重新定义了多实例完整性和参照完整性,将PUPDATE操作和数据继承完整性引入该模型,大大增强了系统的安全性和非二义性。     

Automated data provenance capture in spreadsheets,with case studies

One of the most important tasks in eScience is capturing the provenance of data. While scientists frequently use off-the-shelf analysis tools to process and manipulate data, current provenance techniques such as those based on scientific workflows are typically not able to trace internal data manipulations that occur within these tools. In this paper, we focus on one such off-the-shelf tool, MS Excel, which is used by many scientists; specifically, we propose InSituTrac, an automated in situ provenance approach for spreadsheet data in Excel. Our framework captures data provenance unobtrusively in the background, allows for user annotations, provides undo/redo functionality at various levels of granularity, presents the captured provenance in an accessible format, and visualizes captured provenance to support analysis of the provenance log. We highlight several motivating use case scenarios which show how provenance queries can be answered by our approach. Finally, case studies with an atmospheric science research group and a fisheries research group suggest that the automated provenance approach is both efficient and useful to scientists.     

云存储系统中数据完整性验证协议

在云存储网络环境中,数据的安全性和完整性是用户最关心的问题之一。综合考虑云存储网络环境中的安全需求,设计了云存储数据完整性验证(CS-DIV)协议。客户端把数据文件和校验标签上传到云存储服务器后随机抽查,服务器返回验证证据并由客户端判断文件的完整性。协议可以有效地验证云存储数据的完整性,并抵抗恶意服务器欺骗和恶意客户端攻击,从而提高整个云存储系统的可靠性和稳定性。仿真实验数据表明,所提协议以较低的存储、通信及时间开销实现了数据的完整性保护。     

基于云计算的数据安全风险及防范策略探讨

云计算依托计算机网络系统,目前已经成为人们生活的重要部分,随着网络化、虚拟化生活的加速发展,诸如Google、Microsoft、Apple、Amazon、IBM等互联网IT和手机、网络运营商巨头开始重新定位企业发展的战略核心.云计算作为IT商业计算模型,它将计算任务分布在各种类型的广域网络和局域网络组成计算机网络系统,使用户能够借助网络按需获取计算力、存储空间和信息服务.云计算的用户通过PC、手机以及其他终端连接到网络使用云资源;随着云计算的广泛应用,云计算的环境安全环境、数据安全成为突出问题,如何保障云计算的安全成为当前急需解决的问题.本文介绍了云计算相关概念,以及对云计算数据安全风险进行分析,并提出了防范策略.     

出版业编辑系统中的数据安全

在编辑业务系统中,存在着作者交稿、签定合同、编排校印装等各种人为和客观因素甚至源自气候状况的制约,要对稿件中的数据信息进行分类与聚合,求同存异,使所做的工作尽量符合作者创作的原意,同时遵循出版要求,规范名词术语的用法,兼顾读者的理解力与接受程度。图书应是经得起时间考验的作品,需要策划编辑、责任编辑、版式设计和装帧设计、排校印等各个环节的工作人员共同努力,使知识的传播过程更加顺畅。     

西藏高校数字图书馆数据安全现状分析及防护策略

数据安全是图书馆开展各项数字化服务前提和保证,本文通过分析目前西藏高校图书馆数据安全的现状及存在的问题,结合西藏各高校图书馆实际,提出了数据安全的防护策略,希望为西藏高校图书馆数据安全建设抛砖引玉。     

金融科技中数据安全的挑战与对策

金融科技为金融业带来机遇的同时带来了新的挑战,金融业务数字化、网络化、智能化引发的数据爆发式增长,对数据安全治理提出了更高的要求。因此,在对金融科技发展现状及其金融数据安全分析的基础上,针对金融数据特点,提出了金融数据安全“果壳”模型：其内部是确保数据保密性、完整性、可用性的安全目标;外部是可能存在的数据被泄露、篡改、破坏等各种威胁;中间是各种应对策略,包括访问策略、防控策略、检测或感知策略等。以此模型为基础,对金融科技中的数据安全治理提出了相关建议和对策。     

基于Markov模型的系统安全性和可靠性分析

建立了二乘二取二系统状态转换的Markov模型,研究了失效率、维修系数、故障检测覆盖率等参数对二乘二取二系统的安全性、可靠性和可用性的影响,证明分布式二乘二取二系统具有更高的可靠性、安全性。     

Application of security reference architecture to Big Data ecosystems in an industrial scenario

Big Data environments are typically very complex ecosystems; this means that implementing them is complicated. One possible technique with which to address this complexity is the use of abstraction. Reference architecture (RA) can be useful for an improved understanding of the main components of Big Data. Herein, we propose a security RA that includes the management of security concerns and provides the main elements of a Big Data ecosystem. Application of this architecture to real-world scenarios facilitates its refinement and improves its usefulness. In this article, we present a case study of a real-world Big Data ecosystem implemented in a banking environment. This ecosystem was developed by everis, an NTT company with which we collaborated for this study. To conduct this validation case study, a map was established between the elements of the Big Data ecosystem implemented and our proposal. Consequently, a series of valuable lessons that can improve both our architecture and the security of the Big Data environment were obtained. These include recommendations for a set of best practices such as the use of security patterns.     

Model‐based security testing: a taxonomy and systematic classification

Model‐based security testing relies on models to test whether a software system meets its security requirements. It is an active research field of high relevance for industrial applications, with many approaches and notable results published in recent years. This article provides a taxonomy for model‐based security testing approaches. It comprises filter criteria (i.e. model of system security, security model of the environment and explicit test selection criteria) as well as evidence criteria (i.e. maturity of evaluated system, evidence measures and evidence level). The taxonomy is based on a comprehensive analysis of existing classification schemes for model‐based testing and security testing. To demonstrate its adequacy, 119 publications on model‐based security testing are systematically extracted from the five most relevant digital libraries by three researchers and classified according to the defined filter and evidence criteria. On the basis of the classified publications, the article provides an overview of the state of the art in model‐based security testing and discusses promising research directions with regard to security properties, coverage criteria and the feasibility and return on investment of model‐based security testing. Copyright © 2015 John Wiley & Sons, Ltd.     

易用的操作系统安全模型的设计和实现

提出并实现了一种应用于PC操作系统的安全模型USPM,在保证足够安全性同时具有兼容性好、无需专门配置即可使用的特点。模型使系统能够在被黑客攻击成功的情况下保证机密文件不丢失、关键文件完整性不被破坏。USPM模型通过限制那些与远程系统进行数据交换的进程的活动来保证系统的安全性,同时通过设置一些例外规则部分的允许特定进程的访问活动来提高系统的易用性,达到在安全性和易用性间的平衡。测试表明,USPM具有较好的安全性,较低的开销和很好的易用性、兼容性。     

大数据背景下海洋数据管理的挑战与对策

空天地底海洋立体观测技术的飞速发展催生了呈指数级增长的多精度、多频度、大覆盖、多模态的海洋数据。然而,目前的研究主要集中于通用大数据,针对海洋数据的专门研究仍处于起步阶段。海洋数据的时空性、多源多类性、海量性、敏感性等特性为其管理带来了新的挑战。阐述了海洋数据的特点和海洋数据管理的基本架构,探讨了海洋数据在数据存储、数据质量、数据安全等环节面临的挑战,分析了相应的对策,为海洋科学与工程技术的研究提供了重要的参考与依据。     

Tuning small analytics on Big Data: Data partitioning and secondary indexes in the Hadoop ecosystem

In the recent years the problems of using generic storage (i.e., relational) techniques for very specific applications have been detected and outlined and, as a consequence, some alternatives to Relational DBMSs (e.g., HBase) have bloomed. Most of these alternatives sit on the cloud and benefit from cloud computing, which is nowadays a reality that helps us to save money by eliminating the hardware as well as software fixed costs and just pay per use. On top of this, specific querying frameworks to exploit the brute force in the cloud (e.g., MapReduce) have also been devised. The question arising next tries to clear out if this (rather naive) exploitation of the cloud is an alternative to tuning DBMSs or it still makes sense to consider other options when retrieving data from these settings.In this paper, we study the feasibility of solving OLAP queries with Hadoop (the Apache project implementing MapReduce) while benefiting from secondary indexes and partitioning in HBase. Our main contribution is the comparison of different access plans and the definition of criteria (i.e., cost estimation) to choose among them in terms of consumed resources (namely CPU, bandwidth and I/O).     

移动多Sink传感器网络数据查询和收集技术研究现状

在MMS(Mobile Multi-Sink)型传感器网络中,多个移动的Sink节点会随时随地查询和收集数据,因此如何有效解决数据的查询和收集是MMS型传感器网络最基本和具有挑战性的工作.首先根据无线传感器网络的结构将其类型进行划分,之后给出数据查询和收集协议的评价原则,在此基础之上综述了当前的具有典型特点的数据查询和收集协议,并按照已给的原则进行评价.最后给出若干需要解决的问题,为MMS型传感器网络的协议设计提供参考.     

Data security and confidentiality in Europe

The European Economic Community study covers the problems raised by new information systems of the 1980s and 1990s. The main findings demonstrate that the spreading use of computers with versatile networking facilities has led to the obsolescence of some of the established control systems. The logical security provided by operating systems and basic software is generally inadequate. The study stresses the need for better data protection in public systems as well as in the private sector. It also stresses the need for wider and more efficient use of available means for the physical protection of computer centers and media.     

多级安全数据库保密性和数据完整性研究

保密性、完整性和可用性是多级安全数据库必须具备的三要素,然而完整性和保密性的要求往往不一致,现有的多级安全系统一般采用牺牲数据完整性和可用性的方法来获得较高的保密性。该文通过对传统安全模型进行改造,使之具有较高的保密性、数据完整性和可用性。     

From Big to Smart Data: Iterative ensemble filter for noise filtering in Big Data classification

The quality of the data is directly related to the quality of the models drawn from that data. For that reason, many research is devoted to improve the quality of the data and to amend errors that it may contain. One of the most common problems is the presence of noise in classification tasks, where noise refers to the incorrect labeling of training instances. This problem is very disruptive, as it changes the decision boundaries of the problem. Big Data problems pose a new challenge in terms of quality data due to the massive and unsupervised accumulation of data. This Big Data scenario also brings new problems to classic data preprocessing algorithms, as they are not prepared for working with such amounts of data, and these algorithms are key to move from Big to Smart Data. In this paper, an iterative ensemble filter for removing noisy instances in Big Data scenarios is proposed. Experiments carried out in six Big Data datasets have shown that our noise filter outperforms the current state-of-the-art noise filter in Big Data domains. It has also proved to be an effective solution for transforming raw Big Data into Smart Data.     

区块链在数据完整性保护领域的研究与应用进展

数据作为一种现代信息社会不可或缺的新兴资源,从产生伊始就面临着被各方篡改的风险.遭到篡改的数据在可用性与真实性方面都会大打折扣.而区块链因其不可篡改、去中心化、防止单点故障的特性天然契合数据完整性保护的要求.首先,简述了区块链技术背景与数据保护的核心要求;其次,按照区块链类型将现有区块链数据完整性保护成果进行分类和介绍...     

Developing future human-centered smart cities: Critical analysis of smart city security,Data management,and Ethical challenges

As the globally increasing population drives rapid urbanization in various parts of the world, there is a great need to deliberate on the future of the cities worth living. In particular, as modern smart cities embrace more and more data-driven artificial intelligence services, it is worth remembering that (1) technology can facilitate prosperity, wellbeing, urban livability, or social justice, but only when it has the right analog complements (such as well-thought out policies, mature institutions, responsible governance); and (2) the ultimate objective of these smart cities is to facilitate and enhance human welfare and social flourishing. Researchers have shown that various technological business models and features can in fact contribute to social problems such as extremism, polarization, misinformation, and Internet addiction. In the light of these observations, addressing the philosophical and ethical questions involved in ensuring the security, safety, and interpretability of such AI algorithms that will form the technological bedrock of future cities assumes paramount importance. Globally there are calls for technology to be made more humane and human-centered. In this paper, we analyze and explore key challenges including security, robustness, interpretability, and ethical (data and algorithmic) challenges to a successful deployment of AI in human-centric applications, with a particular emphasis on the convergence of these concepts/challenges. We provide a detailed review of existing literature on these key challenges and analyze how one of these challenges may lead to others or help in solving other challenges. The paper also advises on the current limitations, pitfalls, and future directions of research in these domains, and how it can fill the current gaps and lead to better solutions. We believe such rigorous analysis will provide a baseline for future research in the domain.