共查询到20条相似文献,搜索用时 46 毫秒
1.
《Computer》2008,41(3):59-65
Overall, transport layer security with session-aware user authentication offers a promising approach to solving man-in-the-middle attack problems by leveraging the legacy authentication mechanisms and systems that the general public has become accustomed to using. 相似文献
2.
基于SSL协议的SET协议模拟实现 总被引:4,自引:0,他引:4
安全问题是关系到电子商务服务是否能够广泛开展的重要因素。一个安全电子支付系统需要特殊的安全机制。目前,在电子商务中使用的安全协议主要有两种,即SSL协议和SET协议。SSL协议是免费的,但是它有重大缺陷。SET协议要安全许多,然而却非常昂贵,且现有的实现缺乏灵活性。SSL协议的实现版本openssl里附带有一个非常完备的加密函数库和一整套的使用和管理CA数字证书的方法。主要讨论如何在SSL协议的基础上利用openssl开发包和组件技术来实现SET协议功能,并提高SET协议使用的灵活性。 相似文献
3.
宁晓希 《自动化与仪器仪表》2011,(3):123-125
随着经济全球化的进程,企业为了提高工作效率和竞争能力,远程访问、移动办公,已经成了各种社会组织的普遍需要。SSLVPN因其配置方便、与操作系统无关、支持设备广泛等优势,成为备受人们关注的一种新型安全访问方式。本文对SSLVPN的概念、基本原理、模式、安全技术进行了深入研究,探讨了SSLVPN系统中的安全性。 相似文献
4.
针对SSL协议中握手协议的工作过程,详细描述了如何使用椭圆曲线密码算法对SSL协议做算法扩展,实现了椭圆曲线密码算法库以及ECDSA、ECDH密钥交换算法,对SSL握手协议使用的X.509格式的证书进行了ECDSA算法扩展,并在OpenSSL0.9.7d的版本上作了性能测试. 相似文献
5.
SSL协议的基本设计目标是为两个通信实体之间提供数据的保密性和完整性。由于在SSL握手协议中最耗费计算资源和造成客户端与服务器端计算不平衡的步骤是服务器端解密运算,提出了客户端平衡的密钥交换算法,用来加速SSL会话的初始化和承担服务器端的解密的预运算。对算法中的同时对多个客户的请求进行解密的粒度的估计策略进行了阐述。模拟实验表明所提出的方案是有效的。 相似文献
6.
基于批量化密钥重分配的SSL握手协议* 总被引:1,自引:0,他引:1
SSL(安全套接层)握手协议利用公开密钥体制(RSA)保护通信实体之间传输信息的机密性和完整性,其存在信息处理速度过慢的缺点,基于batch RSA的SSL握手协议能较好地解决这一问题,但当服务器收到大量客户端请求或遭受DoS攻击时,易导致服务器性能下降。为此,提出一种基于批量化密钥重分配 (batch key redistribution)的改进协议。协议将密钥分解成两个密钥序列分支,并将一个密钥序列分支发送至客户端,由客户端来部分解密,以减少服务器的计算开销,从而克服服务器性能下降的问题。分析和实验结果表明,协议能很好地保证信息传输的安全,且有效提高了信息处理的速度。 相似文献
7.
SSL协议的扩展Rubin逻辑形式化分析 总被引:2,自引:0,他引:2
SSL协议是一个用于因特网上进行保密通信的实用安全协议,由于它的复杂性,很多形式化分析方法都不适合分析它[1].而适用于分析非单调密码协议的Rubin逻辑,不同于大多数采用"知识"和"信念"的逻辑分析发现安全缺陷的逻辑分析方法,它完整地分析协议过程中的出现所有"动作",不但能清晰地看到SSL协议的不足,还可指出进一步完善SSL协议的方法. 相似文献
8.
《IT Professional》2002,4(4):47-52
As enterprises conduct more and more of their business activities online, the need for security becomes more crucial. Organizations must implement protocols to address a variety of security-related tasks. An e-business would want to allow an easy access to its site but still provide data security and authentication for e-commerce transactions. For this level of need, one security protocol SSL, the secure sockets layer, has been widely implemented and is now the de facto standard for providing secure e-commerce. 相似文献
9.
Modern search engines record user interactions and use them to improve search quality. In particular, user click-through has been successfully used to improve clickthrough rate (CTR), Web search ranking, and query recommendations and suggestions. Although click-through logs can provide implicit feedback of users’ click preferences, deriving accurate absolute relevance judgments is difficult because of the existence of click noises and behavior biases. Previous studies showed that user clicking behaviors are biased toward many aspects such as “position” (user’s attention decreases from top to bottom) and “trust” (Web site reputations will affect user’s judgment). To address these problems, researchers have proposed several behavior models (usually referred to as click models) to describe users? practical browsing behaviors and to obtain an unbiased estimation of result relevance. In this study, we review recent efforts to construct click models for better search ranking and propose a novel convolutional neural network architecture for building click models. Compared to traditional click models, our model not only considers user behavior assumptions as input signals but also uses the content and context information of search engine result pages. In addition, our model uses parameters from traditional click models to restrict the meaning of some outputs in our model’s hidden layer. Experimental results show that the proposed model can achieve considerable improvement over state-of-the-art click models based on the evaluation metric of click perplexity. 相似文献
10.
《Information Security Technical Report》1998,2(4):73-77
The Society for Worldwide Interbank Financial Telecommunication (S.W.I.F.T.) provides financial processing and communication services of the highest quality and integrity. Its network and value-added services enable customers to reduce costs, raise productivity and control risks. Security is one of the key benefits that S.W.I.F.T. offers to customers, and the User Security Enhancement (USE) programme is a major part of the company's security strategy. 相似文献
11.
由于网络支付是制约电子商务向深度和广度发展的瓶颈,在介绍网络支付系统框架的一般结构及银行卡的网络支付模式之后,提出基于安全套接层(Secure Socket Layer,SSL)和安全电子交易(Secure Electronic Transaction,SET)协议的网络支付系统,并对其支付流程和安全性进行阐述与讨论. 相似文献
12.
《Computer Networks》2007,51(3):751-766
The Portal Security Transaction Protocol (PSTP) is a new signature technology that adds signature semantics to one-time password technology. PSTP was developed to secure transactions in the financial services industry; however, PSTP may be applicable to signatures in other spaces. PSTP technology provides high signature strength of mechanism without requiring asymmetric key pairs deployed to client machines. PSTP provides cryptographic after-the-fact evidence of a transaction event in a secured log. 相似文献
13.
在微博搜索领域,单纯依赖于粉丝数量的搜索排名使刷粉行为有了可乘之机,通过将用户看作网页,将用户间的“关注”关系看作网页间的链接关系,使PageRank关于网页等级的基本思想融入到微博用户搜索,并引入一个状态转移矩阵和一个自动迭代的MapReduce工作流将计算过程并行化,进而提出一种基于MapReduce的微博用户搜索排名算法。在Hadoop平台上对该算法进行了实验分析,结果表明,该算法避免了用户排名单纯与其粉丝数量相关,使那些更具“重要性”的用户在搜索结果中的排名获得提升,提高了搜索结果的相关性和质量。 相似文献
14.
This paper summarizes BC Hydro's experience in applying neural networks to dynamic security contingency screening and ranking. The idea is to use the information on the prevailing operating condition and directly provide contingency screening and ranking using a trained neural network. To train the two neural networks for the large scale systems of BC Hydro and Hydro Quebec, in total 1691 detailed transient stability simulation were conducted, 1158 for BC Hydro system and 533 for the Hydro Quebec system. The simulation program was equipped with the energy margin calculation module (second kick) to measure the energy margin in each run. The first set of results showed poor performance for the neural networks in assessing the dynamic security. However a number of corrective measures improved the results significantly. These corrective measures included: 1) the effectiveness of output; 2) the number of outputs; 3) the type of features (static versus dynamic); 4) the number of features; 5) system partitioning; and 6) the ratio of training samples to features. The final results obtained using the large scale systems of BC Hydro and Hydro Quebec demonstrates a good potential for neural network in dynamic security assessment contingency screening and ranking. 相似文献
15.
16.
17.
Security of wireless mobile systems continues to be a hot topic; now generating its own conferences and platforms, such as the recent 2nd IEE Secure Mobile Communications held by the IEE on 23 September 2004. The general discussion on security in wireless systems takes place in technical fora, and while this is a totally valid discussion, it sometimes seems to be taking place in isolation. From the user perspective the wireless system usually forms part of a larger, interconnected system. This paper raises the question, “What about the user?” and offers some views on the user requirements on this most important part of system design where people are one end of the chain which involves wireless and other systems. 相似文献
18.
在分析了几种现有的典型RFID安全协议的特点和缺陷的基础上,提出了一种轻量级的RFID安全协议,该协议将一次性密码本与询问一应答机制相结合,实现了安全高效的读取访问控制,最后建立该协议的理想化模型,利用BAN逻辑对该协议进行了形式化分析,在理论上证明其安全性. 相似文献
19.
近年来,网络空间安全成为信息安全中的热门领域之一,随着复杂网络的研究日渐深入,网络空间安全与复杂网络的结合也变得日益密切。网络的整体安全性依赖于网络中具体节点的安全性,因此,对网络节点的安全重要程度进行有效排序变得极为关键,良好的排序方法应当将越重要的节点排在越靠前的位置。本文从网络的拓扑结构入手,研究了网络节点的局部关键性,在传统基础上考虑了相邻节点及次相邻节点的拓扑结构影响。同时,由于传统方法很少引入动态因素,因此本文引入了网络节点实时流量向量,算法既包含网络拓扑结构,又使用了不同时刻的节点流量,采用了静态与动态相结合的方式。实验结果表明,在破坏排序结果前top-n个节点时,与传统方法相比,本文算法在排序结果上具有更好的效果。 相似文献
20.
在开放的网格环境中,用户行为的动态性和不确定性,使得现有的基于证书的静态用户管理难以及时地将用户的恶意行为进行标识并对用户后续行为进行控制。针对该问题,提出一种基于信任约束的用户安全管理方法。该方法基于对用户信任计算的结果,根据用户信任等级的变化,建立用户信任黑名单和白名单;并基于用户信任等级与资产价值之间的关系,建立一种信任策略。实验结果表明,该方法建立的用户信任黑名单、白名单和信任策略,作为访问控制机制的一种动态信任约束,加强了对系统授权的约束,使得用户能够获得的访问能力与其历史行为相关联,加强了对用户行为的控制,提高系统安全。 相似文献