Cryptographic Versus Trust-based Methods for MANET Routing Security

Mobile Ad-hoc Networks (MANETs) allow wireless nodes to form a network without requiring a fixed infrastructure. Early routing protocols for MANETs failed to take security issues into account. Subsequent proposals used strong cryptographic methods to secure the routing information. In the process, however, these protocols created new avenues for denial of service (DoS). Consequently, the trade-off between security strength and DoS vulnerability has emerged as an area requiring further investigation. It is believed that different trust methods can be used to develop protocols at various levels in this trade-off. To gain a handle on this exchange, real world testing that evaluates the cost of existing proposals is necessary. Without this, future protocol design is mere speculation. In this paper, we give the first comparison of SAODV and TAODV, two MANET routing protocols, which address routing security through cryptographic and trust-based means respectively. We provide performance comparisons on actual resource-limited hardware. Finally, we discuss design decisions for future routing protocols.     

信息系统中的数据安全保护方法分析

随着信息技术的不断发展,信息系统在多个领域中得到了较为广泛的应用,如何保障信息系统中的数据安全值得重视。基于此,笔者首先分析了信息系统的特点及信息系统的应用现状,其次分析了保护信息系统中数据安全的重要性,最后对信息系统中的数据安全保护方法进行了分析,并介绍了目前较为常用的保护数据安全的方法及措施。     

网络信息安全中密码算法的应用研究

当今是科技信息时代,计算机网络技术已渗透到社会的方方面面,成为推动现代文明进程的重要因素。但随之产生的网络安全问题也日益显现,强调了网络安全技术的不断更新与构建。本文对数据加密技术进行了综述,并着重阐述了两种典型加密算法,旨在强化对密码算法的认识,为今后相关领域的研究提供一定的参考资料。     

Application Security Models for Mobile Agent Systems

Mobile agents are a distributed computing paradigm based on mobile autonomous programs. Mobile applications must balance security requirements with available security mechanisms in order to meet application level security goals. We introduce a trust framework to reason about application security requirements, trust expression, and agent protection mechanisms. We develop application security models that capture initial trust relationships and consider their use for mobile agent security.     

Comparison of MCMC Methods for Estimating Stochastic Volatility Models

This article investigates performances of MCMC methods to estimate stochastic volatility models on simulated and real data. There are two efficient MCMC methods to generate latent volatilities from their full conditional distribution. One is the mixture sampler and the other is the multi-move sampler. There is another efficient method for latent volatilities and all parameters called the integration sampler, which is based on the mixture sampler. This article proposes an alternative method based on the multi-move sampler and finds evidence that it is the best method among them.JEL classification C22     

Methods and Models for Decision-Making in Systems Engineering for Creating (Developing) Distributed Organizational Information and Control Systems

Journal of Computer and Systems Sciences International - This article considers the development and systematization of methods and models for decision-making in systems engineering for creating...     

信息系统性能测试方法初探

信息系统的性能已经成为衡量企业信息系统建设水平的一个重要指标。目前不少企业在系统上线前进行性能测试,但由于缺少一套科学的测试流程和方法,企业投入的人力物力很多,但实际效果却不甚理想。本文主要介绍性能测试标准流程,该流程已在浙江电力企业实施,具有良好的实用价值。     

Conceptual Models and Architectures for Advanced Information Systems

This paper addresses several issues related to the use of conceptual modeling to support service-oriented, advanced information systems. It shows how conceptual modeling of information resources can be used to integrate information obtained from multiple data sources, including both internal and external data. The notion of an intelligent thesaurus is presented and a meta-model of the thesaurus is developed. It is then used to create a three-layer architecture consisting of the actual data source schemas, a wrapped object-oriented abstraction of the schemas expressed in terms of the thesaurus primitives, and an integrated version which serves as the federation schema. The sharing of information among constituents is also addressed, and a special export schema—the export data/knowledge/task schema—is proposed that ties together the objects, their constraints, and their usage rules. Knowledge sharing among constituents during cooperative query processing is accomplished using data/knowledge packets.     

一个估算信息系统安全投资的实用公式

目前人们对信息安全问题的认识和关注正在逐步提高，用于保护信息系统安全的投资行为也变得主动。如何确定恰当的投资额度，以取得安全收益和安全投资之间的平衡成为一个问题。本文从经验和实际出发，对这个问题提出了自己的看法，并提供了一个简单实用的估算公式。     

加密模式与密码协议的安全性

密码协议的设计和安全性分析是困难的,在密码协议中总是以所使用的密码算法是安全的为前提,但是人们却忽略了密码算法的加密模式对密码协议安全性的影响。论文针对一个改进的Needham-Schroeder协议,假设其使用了分组密码的CBC加密模式,我们通过使用一条旧信息的明密文对来修改当前会话中的信息,从而成功地欺骗用户双方,并分别与他们建立了一个会话密钥,对该协议进行了成功的攻击。结果说明密码算法的加密模式对密码协议的安全性有着巨大的影响。Schroederauthenticationprotocol125     

浅谈信息系统网络安全防范

信息系统在当今社会得到了非常广泛的应用,但是它的安全问题不容忽视,本文以信息系统网络安全为主题展开了深入的探讨分析。     

信息系统安全探讨

通过对信息系统安全的现状和模型的分析,提出作为用户使用信息系统时的要注意的安全问题,提高安全意识,从而避免不必要的损失.     

Using Hidden Markov Models in Estimating the Parameters of Hierarchical Systems

Cybernetics and Systems Analysis - The method of parametric estimation for hierarchical stochastic models under incomplete observations is considered. The method is based on the features of the...     

基于信息安全理论和模型的安全需求分析

本文在论述了上述信息安全理论和模型之后,阐述了如何运用信息安全理论和模型进行安全需求分析,从而得出一个层次清晰、定位准确、关系明了的安全需求集。这种方法可以避免安全需求分析时容易产生的盲目性和片面性,能够全面和综合地把握整体安全需求,有助于选择适度和足够的安全措施,防止设计上的安全漏洞,以保证整体安全。     

对电力企业系统中对信息安全探讨

随着社会科学技术的不断发展,越来越多的计算机信息技术和网络技术运用到电力发展的行业中,因此电力企业的安全发展问题得到了社会各界的广泛关注,要想在一定程度上保证电力系统安全有效的运行,就需要不断加强电力系统的信息安全防护工作。     

密码杂凑函数及其安全性分析

文章提出了针对密码杂凑函数及其安全性进行研究的重要意义,列举了单向杂凑函数、MD5、SHA-1等技术原理进行了技术分析,并从攻击手段入手,分析了密码杂凑函数的安全性,提出对SHA-1与MD-5的＂破解＂应客观看待的观点。     

企业内部信息系统安全浅析

随着企业的发展，企业内部的信息化要求越来越高，信息系统安全逐渐受到重视。本文从网络安全、病毒防护、主机系统安全三方面对信息系统的安全进行分析，并对实现技术进行了探讨。     

企业内部信息系统安全浅析

随着企业的发展,企业内部的信息化要求越来越高,信息系统安全逐渐受到重视。本文从网络安全、病毒防护、主机系统安全三方面对信息系统的安全进行分析,并对实现技术进行了探讨。