Computer networking at the National Computing Centre

The National Computing Centre installed a microcomputer-based local area network in 1981. The paper reviews the operation of this network since its implementation. The configuration of the network and the facilities it provides are described. The justification for such a network is examined, and the objectives of the installation are listed. The criteria on which the network was chosen are discussed, and implementation, training and support are described. The applications of the network are examined, along with user reaction, the impact on work and the benefits achieved. Problems and limitations of the network are also discussed.     

How to modify a microcomputer operating system for added security

An office in which microcomputers are used can be made more secure by removing some of the “dangerous” utilities of the operating system. It does not take an expert to make these changes. This article includes the eight simple steps needed to modify either PC-DOS or MS-DOS.     

试述网络自动化系统中的安全技术

网络自动化系统的建设为当今的工作带来了诸如资源共享、信息发布、相互交流等诸多方便,大大提高了工作效率。同时,由于网络传输信息的广泛性,使很多人承受着来自外部网络安全问题带来的种种威胁。网络是一把双刃剑,能带来很多好处,但同时也带来很多的危险,例如:人们在分享网上的资料的同时,会留下自己个人信息,而有很多的犯罪人员就是根据人们在使用网络时留下的信息进行犯罪。但是网络自动化系统又有很多的安全技术,带给人们很多的便利,使人们的生活变得更加的便利、高效率、安全。     

局域网网络安全防护工作剖析

TCP/IP协议的开放性创造了互联网高速发展,同时因其固有的安全缺陷为用户带来了越来越多的安全问题。本文从目前国内外存在的网络安全问题出发,详细介绍了局域网络安全现状和存在的安全问题,提出了较为科学的安全防护措施。     

基于网络安全联动的重庆广电集团办公局域网络的构建

一个安全、高效、稳定运行的信息化管理系统,能保障重庆广电集团办公局域网络的高效安全运行.本文对网络安全联动方案进行了介绍,并介绍了基于此方案的重庆广电集团办公局域网络的设计实现.     

Recognition of thin, flat microelectromechanical structures for automation of the assembly process

Visual recognition of microelectromechanical parts is necessary for automation of the assembly process. The visual recognition system that we have developed is based partly on neural networks and partly on digital image-processing techniques. The system takes grey-level microscope images and produces recognition code as the output as well as information about micropart position. The recognition procedure is not sensitive to micropart position. This is ensured by preprocessing based on calculation of the image moment properties. For the recognition, a supervised feedforward neural network is utilized. A combination of standard backpropagation and resilient propagation is chosen for learning the network. The performance of the system is tested on recognition of the parts of a microvalve system. The results are satisfactory with respect to recognition accuracy and recognition time.     

Integrated office systems over LANs — a performance study

In this paper, an integrated office system environment is modelled and studied. Composed of multi-media workstations, printer servers, database servers, electronic mail servers etc., the office information system (OIS) is interconnected by a LAN. The performance of three selected networks namely Appletalk, Starlan and Ethernet, in handling the typical office system applications, is evaluated. The study applies discrete-event computer simulation, using the QNAP2 simulation software. Results comparing the performance and utilization of the three networks are presented and some useful conclusions obtained.     

Design of secure operating systems with high security levels

Numerous Internet security incidents have shown that support from secure operating systems is paramount to fighting threats posed by modern computing environments. Based on the requirements of the relevant national and international standards and criteria, in combination with our experience in the design and development of the ANSHENG v4.0 secure operating system with high security level (hereafter simply referred to as ANSHENG OS), this paper addresses the following key issues in the design of secure operating systems with high security levels: se- curity architecture, security policy models, and covert channel analysis. The design principles of security architecture and three basic security models: confidentiality, integrity, and privilege control models are discussed, respectively. Three novel security models and new security architecture are proposed. The prominent features of these proposals, as well as their applications to the ANSHENG OS, are elaborated. Cover channel analysis (CCA) is a well-known hard problem in the design of secure operating systems with high security levels since to date it lacks a sound theoretical basis and systematic analysis approach. In order to resolve the fundamental difficulties of CCA, we have set up a sound theoretical basis for completeness of covert channel identification and have proposed a unified framework for covert channel identification and an efficient backward tracking search method. The successful application of our new proposals to the ANSHENG OS has shown that it can help ease and speedup the entire CCA process.     

码分多址(CDMA)对数字蜂窝系统和个人蜂窝网应用的介绍

本文简要介绍美国QUALCOMM公司开发的CDMA数字蜂窝系统,包括基本概念、优点、系统设计以及向CDMA的过渡。     

浅谈无线局域网网络安全及其防范对策

随着各移动公司本地无线局域网(WLAN)的建成开通必将面临着其网络安全问题,该文通过对WLAN的原理、常见安全威胁进行总结,提出WLAN安全的解决方法。     

试谈无线网络通信技术及其应用

从无线个域网、无线局域网、无线城域网和无线广域网这4种无线网络通信技术入手,从技术角度对比了它们的优劣势及应用的范围。     

Data security and confidentiality in Europe

The European Economic Community study covers the problems raised by new information systems of the 1980s and 1990s. The main findings demonstrate that the spreading use of computers with versatile networking facilities has led to the obsolescence of some of the established control systems. The logical security provided by operating systems and basic software is generally inadequate. The study stresses the need for better data protection in public systems as well as in the private sector. It also stresses the need for wider and more efficient use of available means for the physical protection of computer centers and media.     

An asymmetrical architecture for special-purpose LANs

Several LAN applications require the connection of many low-cost devices. An asymmetrical architecture is described that provides the required services as well as a simple and low-cost tool to access them, thus avoiding expensive network interface units. This approach is described with respect to the OSI RM symmetry, taking care that the symmetric and asymmetric architectures can coexist when required. Furthermore, a straight-forward implementation of the gateway to the OSI environment is allowed.     

基于安全机制的文件共享和传输的优化设计

分析了现有的文件共享和传输的相关技术,针对存在的某些安全隐患进行了相应的优化设计。在文件共享部分,通过采用基于XML的间接文件共享方式,即只公开共享信息,而非直接挂载共享文件,避免了因共享路径产生的安全漏洞;在文件传输部分加入了多重安全机制,保证了文件传输的安全性。分析表明,本设计在不影响文件共享传输效率的情况下,使得局域网内文件共享和传输更加安全可靠。     

Buffer analysis of an integrated voice and data terminal

Current research activities in computer networks tend to emphasize the integration of services such as voice and data by designing networks that take into account the performance requirements of these services. In some cases, however, design and implementation of a totally new network may not be feasible. An alternative approach in such cases would be to integrate the services at the terminal level. Such an integrated terminal could also be widely used in future office automation systems. The performance of such an integrated terminal is assessed with the assumption that the terminal is connected to a voiceband channel. The analysis indicates the performance limits on the application imposed by the buffer size at the terminal and the large fluctuation of delay performance for data traffic. A window-type flow control for data traffic is also considered. By appropriately choosing the buffers in the terminal and window size, both voice and data traffic service requirements can be met.     

A hybrid intrusion detection system design for computer network security

Intrusions detection systems (IDSs) are systems that try to detect attacks as they occur or after the attacks took place. IDSs collect network traffic information from some point on the network or computer system and then use this information to secure the network. Intrusion detection systems can be misuse-detection or anomaly detection based. Misuse-detection based IDSs can only detect known attacks whereas anomaly detection based IDSs can also detect new attacks by using heuristic methods. In this paper we propose a hybrid IDS by combining the two approaches in one system. The hybrid IDS is obtained by combining packet header anomaly detection (PHAD) and network traffic anomaly detection (NETAD) which are anomaly-based IDSs with the misuse-based IDS Snort which is an open-source project.The hybrid IDS obtained is evaluated using the MIT Lincoln Laboratories network traffic data (IDEVAL) as a testbed. Evaluation compares the number of attacks detected by misuse-based IDS on its own, with the hybrid IDS obtained combining anomaly-based and misuse-based IDSs and shows that the hybrid IDS is a more powerful system.     

Transparent LANs and LANs as OSI subnetworks

The characteristics of two classes of local area network — transparent LANs and LANs as OSI subnetworks — are discussed. The integration of LANs into existing communications systems is also considered.     

Dreams,nightmares and reality

This is a phenomenological survey of the history of computer-controlled manufacturing systems over the last thirty years. First, came the dreams of the imminent push-botton factory, controlled by a central computer. Then, the nightmare experiences of the first pioneers, contending simultaneously with inadequate hardware, software, skill, funding, receptivity and their own underestimation of the extra dimension of unprecedented interdisciplinary complexity. Finally today's realities: the possibilities opened up by distributed multi-processor systems, by local area networks and by advanced systems synthesis techniques, the limitations imposed by investment, education, employment and environmental considerations.     

Layered distributed operating system

The improved efficiency of microelectronics and the development of digital transmission systems have allowed experimentation with distributed computing architectures. The requirements of a distributed operating system are outlined, and the principles and architecture used in the system are explained. A method is described of managing the system directories, and an analysis is given of the results obtained.     

LANs in an ISDN: consistency with the OSI Reference Model

When LANs are connected to an ISDN, different problems arise, especially when attempting to comply with the OSI Reference Model of the ISO. Different solutions to these problems are proposed with their specific advantages and drawbacks. The choice between these different proposals will depend on the effort a user is prepared to make. The paper emphasizes the introduction of a subsection of the network layer: the internet layer.