Providing flexible access control to an information flow control model

Protecting privacy within an application is essential. Many information flow control models have been developed for that protection. We developed an information flow control model based on role-based access control (RBAC) for object-oriented systems, which is called OORBAC (object-oriented role-based access control). According to the experiences of using OORBAC, we found that a model allowing every secure information flow and blocking every non-secure flow is too restricted. We propose that the following flexible access control features should be offered: (a) non-secure but harmless information flows should be allowed and (b) secure but harmful information flows should be blocked. According to our survey, no existing model offers the above control. We thus revised OORBAC to offer the control. The revised OORBAC have been implemented and evaluated. This paper presents flexible access control in the revised OORBAC and the evaluation result.     

Tools for distributed application management

The issues of managing distributed applications are discussed, and a set of tools, the meta system, that solves some longstanding problems is presented. The Meta model of a distributed application is described. To make the discussion concrete, it is shown how NuMon, a seismological analysis system for monitoring compliance with nuclear test-ban treaties is managed within the Meta framework. The three steps entailed in using Meta are described. First the programmer instruments the application and its environment with sensors and actuators. The programmer then describes the application structure using the object-oriented data modeling facilities of the authors' high-level control language, Lomita. Finally, the programmer writes a control program referencing the data model. Meta's performance and real-time behavior are examined     

Modelling of uncertain systems with application to robust process control

A method for black-box identification of uncertain systems is presented. The method identifies a nominal model and an uncertainty model set, consisting of unfalsified uncertainty models. Minimisation of a Chebyshev criterion leads to computationally favourable linear programming problems and allows the possibility to include a priori information in the form of linear constraints without making the computations more complex. Using data compression via correlation computations solves the computation problem associated with identifying unfalsified uncertainty models. The application of set-valued uncertainty models to robust process control is illustrated in a simulation study of robust model predictive control of a distillation column.     

Android隐式信息流检测的本体模型

针对传统的信息泄漏检测技术无法有效检测Android应用中存在的隐式信息泄露的问题,提出了一种将控制结构本体模型与语义网规则语言（SWRL）推理规则相结合的Android隐式信息流（ⅡF）推理方法。首先,对控制结构中能够产生隐式信息流的关键要素进行分析和建模,建立控制结构本体模型;其次,通过分析隐式信息泄露的主要原因,给出基于严格控制依赖（SCD）隐式信息流的判定规则并将其转换为SWRL推理规则;最后,将添加的控制结构本体实例与推理规则共同导入到推理引擎Jess中进行推理。实验结果表明：所提方法能够推理出多种不同性质的SCD隐式流,公开样本集的测试准确率达到83.3%,且推理耗时在分支数有限时处于合理区间。所提模型方法可有效辅助传统信息泄露检测提升其准确率。     

基于AOP技术的通用线程监控平台的研究与实现

在传统的OOP编程中,由于需求空间是N维而实现空间是一维的,导致了软件开发中横切关注点的代码纠缠问题,严重影响了软件的质量.作为OOP的补充,AOP很好地解决了横切关注点带来的问题,提供了核心关注点和横切关注点互相分离的解决方案.本文从具体工程中开发线程监控这一需求所暴露的问题出发,提出了为什么需要AOP编程;然后着重讨论如何通过AOP技术解决这一问题,提出并实现了基于AOP技术的通用线程监控平台.该平台可以在不手工改变系统源代码的情况下通过工具植入系统内部,实现对运行线程信息的监视、对指定线程运行速度的变换和对整个系统运行行为的控制.     

Constraint maintenance in engineering design system: An active object-oriented approach

This paper proposes a framework of engineering constraint maintenance using an active object-oriented database and solves a problem encountered when implementing the framework. The framework is proposed for the information-driven CIM system that integrates engineering constraints as well as its data. It resolves problems of the existing application-oriented constraint maintenance in which constraints are scattered in heterogeneous applications. It is possible due to the integrated management of constraints on a database using triggers, that is, on an “active” database. Existing active object-oriented databases, however, cannot properly support certain constraints that are specified on a set of classes. Those are the cases where the constraints must be maintained in the forward direction along a class composition hierarchy as well as in the backward direction. We call these kinds of problems “backward propagation problems” and investigate several approaches to resolve them using currently available techniques. Based on an approach which uses virtual classes, a new constructor, called CONSTRAINT^CCH is proposed to support the backward propagation. Advantages of the proposed framework and the constructor for the backward propagation are demonstrated on a design constraint management that supports a control panel design.     

基于角色的访问控制模型及其面向对象的建模

访问控制是信息安全的一个研究方向，基于角色的访问控制(RBAC)是目前理论研究和应用研究比较广泛的一种模型。详细介绍了RBAC96模型家族的特征和它所遵循的安全准则，并引入面向对象的思想，采用统一建模语言(UML)对RBAC96进行了静态和动态建模，这样就缩短了理论模型和实际系统开发之间的差距，有助于信息系统安全的面向对象的分析与设计。     

文档敏感信息控制模型DSI-CON研究与分析

为解决在当前信息系统和网络环境日趋复杂的情况下,敏感信息泄露途径多样、隐蔽性高的问题,提出文档敏感信息控制模型DSI-CON。首先在安全属性基础上建立敏感信息泄露威胁模型,分析了其泄露的主要方式,得出安全需求;然后基于使用控制模型提出DSI-CON,并对其进行形式化描述,同时针对安全需求制定了一系列安全策略,对模型安全性进行了研究分析;最后以教研室为例对模型举例应用,设计了模型部署方案。分析表明,DSI-CON能很大程度降低敏感信息泄露风险,对敏感信息起到保护作用。     

Automatically Partitioning Threads for Multithreaded Architectures

There is an enormous amount of parallelism exposed to fine-grain multithreaded architectures to cover latencies. It is a demanding task for a multithreading programmer to manage such a degree of parallelism by hand. To use multithreaded architectures efficiently it is essential to have compiler support for automatically partitioning programs into threads. This paper solves a fundamental problem in compiling for multithreaded architectures, automatically partitioning a program into threads. The focus of such partitioning is to overlap the remote communication latency and minimize the total execution time. We first formulate the partitioning problem based on a multithreaded execution cost model. Then, we prove such a formulation is NP-hard. Therefore, we propose two heuristic thread-partitioning methods to solve this problem in practice. The advanced partitioning algorithm is a novel extension of list scheduling, and it takes advantage of the cost model to generate near-optimum partitioning results. The remote-path-based partitioning algorithm is a simplified version of the advanced one but it is easy for compiler implementation. The two partitioning algorithms were implemented respectively in a thread partitioning testbed and a research EARTH-C compiler. The experimental results show that both partitioning algorithms are effective to generate efficient threaded code, and code generated by the compiler is comparable to hand-written code.     

Signals,timers, and continuations for multithreaded user‐level protocols

Precise timing and asynchronous I/O are appealing features for many applications. Unix kernels provide such features on a per‐process basis, using signals to communicate asynchronous events to applications. Per‐process signals and timers are grossly inadequate for complex multithreaded applications that require per‐thread signals and timers that operate at finer granularity. To respond to this need, we present a scheme that integrates asynchronous (Unix) signals with user‐level threads, using the ARIADNE system as a platform. This is done with a view towards support for portable, multithreaded, and multiprotocol distributed applications, namely the CLAM (connectionless, lightweight, and multiway) communications library. In the same context, we propose the use of continuations as an efficient mechanism for reducing thread context‐switching and busy‐wait overheads in multithreaded protocols. Our proposal for integrating timers and signal‐handling mechanisms not only solves problems related to race conditions, but also offers an efficient and flexible interface for timing and signalling threads. Copyright © 2006 John Wiley & Sons, Ltd.     

基于UML的实验设备管理信息系统的分析和设计

该系统通过实现网上记录设备的详细信息及其维修、购买和报废的相关数据等功能,解决高校实验设备信息不能进行网上管理．而只能靠手工对设备信息进行维护的不便。系统的开发采用面向对象思想方法,并基于UML对该系统进行建模分析。     

Protecting bursty applications against traffic aggressiveness

Aggressive use of networks, in particular the Internet, either by malicious or innocent users, threatens the service availability and quality of polite applications. Common queueing mechanisms which supposedly solve the problem, are shown in this work to be ineffective for bursty applications, including Web applications. This can be exploited by malicious users to conduct a new kind of Denial of Service attacks.We propose a new traffic control mechanism called Aggressiveness Protective Queuing (APQ) which is based on attributing importance weights to the users and which solves this problem by dynamically decreasing the weight of the aggressive users. The actual weight used for a flow is a dynamically varying parameter reflecting the past bandwidth usage of the flow. We show that under heavy load (deterministic model), APQ significantly restricts the amount of traffic an aggressive user can send and bounds it, at most, to twice the amount of traffic sent by a polite (regular) user. Simulation results demonstrate the effectiveness of APQ under a stochastic environment.     

一种柔性Web展现框架模型

在Web2．0时代,越来越多的网站采用了动态脚本的方式和用户进行交互,大量客户端脚本的应用,造成了代码的可适应性、可维护性、可扩展性较差,无法兼容各种主流浏览器,页面之间的跳转仍然较多,资源的加载没有规则等问题,影响了应用性能和用户体验．提出了一种柔性Web展现框架模型FWF,构造了符合AJAX＋MVC模式的框架模型,定义了组件模型并通过策略适配器的驱动及事件机制,较好解决了软件适应性问题;对UI组件进行面向对象的封装,实现模型（Model）、视图（Ⅵew）和控制（Controller）的合理分层,并通过内置的资源加载规则,缩短资源加载时间,从而提升用户应用体验,通过OSGI框架的模块扩展机制实现了Web组件的可扩展．此外,通过原型实例实验证明了框架的柔性和性能．     

基于区块链和属性基加密的个人隐私数据保护方案

针对用户使用第三方应用提供的服务时所带来的隐私泄露问题,提出一种基于属性基加密和区块链的个人隐私数据保护方案.方案利用区块链来保存个人隐私数据的哈希值和第三方应用的属性集,而真正的隐私信息利用属性基算法加密后保存在分布式哈希表中.本方案实现了个人数据的一对多的安全传输和数据的细粒度访问控制;针对用户在不同时期的需求动态变化的特点,提出了一种新的属性基加密方案,用户可以随时撤销第三方应用的访问权限,并且不需要可信第三方.对整个方案进行了仿真实验,验证了方案的可行性和实用性.     

Java与C/C++的结合

JNI是JDK提供的本地编程接口,它允许Java代码操作其他语言编写的应用程序和库,但调用本地方法的同时也带来了安全问题.CORBA是一个分布式的、面向对象的应用架构规范,它允许对象在异构的、分布式的环境中透明传输,从而也能实现Java与C/C＋ ＋的互操作.本文比较了JNI和CORBA两种方法的优缺点,并将CORBA应用在一个J2EE架构下的项目中,解决了项目中Java与C/C＋ ＋的交互问题.     

Concurrency control generation for dynamic threads using discrete-event systems

The application of Discrete-Event Systems (DES) theory to the problem of guaranteeably enforcing concurrency constraints in multithreaded applications has been studied under certain assumptions, namely, the assumption of a static pool of pre-existing instantiated threads, whose creation and termination are not modeled. This work presents an extension of this case to handle dynamically instantiated and terminated threads using a Petri net formalism and an online limited-lookahead state-space search technique.     

Interleaved Prefetching

We consider the problem of interleaving sequences of positive and negative numbers in order to maximize the minimum, over all prefixes p of the interleaved sequence, of the sum of the numbers in p . A simple and efficient offline solution is given. We also consider an online version of the problem. Under a cost model suitable for the prefetching application that motivates the problem, a strongly competitive online algorithm is given. These problems abstract two practical problems of scheduling data prefetches in a multiprogrammed or multithreaded computing environment.     

Development of reusable software for business information systems

One of the problems in developing business information systems is, that existing applications and products are compounded of project-specific and and common components, which are not separable and therefore commonly not reusable. A strategy to treat this problem by strict use of the object-oriented paradigm in developing new applications and the state of a corresponding joint project of Siemens Nixdorf (Munich) and Siemens Austria are presented.     

支持时间无关激活的分布对象中间件异步模型

时间无关的异步激活方式对于大规模分布式应用、移动应用和企业应用集成都具有重要意义．目前的分布对象中间件虽然支持回调和轮询两种异步机制，但是都不支持时间无关的异步激活方式．针对这一问题，本文基于国防科学技术大学计算机学院在分布对象中间件Starbus平台异步模型方面的研究成果，提出了一种新的异步模型RAAM(Router Agent based Asynchronous Model)，该模型能够支持消息的异步传递和时间无关的激活方式，同时对消息的服务质量提供了很好的支持．在自主研发的分布计算平台Starbus异步子系统中实现了RAAM模型，并与相关工作进行了比较．     

Adaptation and learning in control of voluntary movement by the central nervous system

In order to control voluntary movements, the central nervous system must solve the following three computational problems at different levels: (1) the determination of a desired trajectory in visual coordinates; (2) the transformation of its coordinates into body coordinates; and (3) the generation of motor command. Concerning these problems, relevant experimental observations obtained in the field of neuroscience are briefly reviewed. On the basis of physiological information and previous models, we propose computational theories and a neural network model which account for these three problems. (1) A minimum torque-change model which predicts a wide range of trajectories in human multi-joint arm movements is proposed as a computational model for trajectory formation. (2) An iterative learning scheme is presented as an algorithm which solves the coordinate transformation and the control problem simultaneously. This algorithm can be regarded as a Newton-like method in function spaces. (3) A neural network model for generation of motor command is proposed. This model contains internal neural models of the motor system and its inverse system. The inverse-dynamics model is acquired by heterosynaptic plasticity using a feedback motor command (torque) as an error signal. The hierarchical arrangement of these neural networks and their global control are discussed. Their applications to robotics are also discussed.