用户身份认证技术在计算机信息安全中的应用

用户身份认证是安全的第一道大门,是各种安全措施可以发挥作用的前提。在计算机信息安全领域中,身份认证是一门重要课程。通过概述信息用户身份认证技术在学校数字校园网络中的应用,阐述了身份认证系统的设计目标,提出了身份认证系统要能以多种方式加以运用,然后对基于PHP的互联网身份认证系统的原理及实现进行了分析,对动态口令用户身份验证流程进行了研究。最后,对依托图片动态验证码实现身份认证和应用MD5算法实现身份验证方法进行了举例分析。     

Anonymity effects in computer-mediated communication in the case of minority influence

In an experimental study, we analyzed in-group minority social influence within the context of computer-mediated communication (CMC) based on the perspective of the social identity model of deindividuation effects (SIDE). This model hypothesizes that in a group context, in which social identity is salient, anonymity will facilitate influence among the group members. Using a software application, we simulated the creation of a virtual group and the setting of a computer-mediated communication. The interaction between the members of the group centers on the issue of North African immigration. The results show that the influence of an in-group minority (radical pro-immigration) causes changes of opinion, as demonstrated in the two groups participating in the experimental test (anonymous and identifiable users). However, the differences in such changes between the identifiable and the anonymous groups are not statistically significant, whereas for two dependent variables from the opinion questionnaire, (i.e., “strong” anti-immigration and pro-immigration), they are significant when these two groups are compared to the control group. Therefore, the postulates of the SIDE model are only partially confirmed. We offer some explanations for the results obtained, and outline different aspects involved in the process of social influence via CMC.     

An adaptive extension library for improving collective communication operations

In this paper, we present an adaptive extension library that combines the advantage of using a portable MPI library with the ability to optimize the performance of specific collective communication operations. The extension library is built on top of MPI and can be used with any MPI library. Using the extension library, performance improvements can be achieved by an orthogonal organization of the processors in 2D or 3D meshes and by decomposing the collective communication operations into several consecutive phases of MPI communication. Additional point‐to‐point‐based algorithms are also provided. The extension library works in two steps, an a priori configuration phase detecting possible improvements for implementing collective communication for the MPI library used and an execution phase selecting a better implementation during execution time. This allows an adaptation of the performance of MPI programs to a specific execution platform and communication situation. The experimental evaluation shows that significant performance improvements can be obtained for different MPI libraries by using the library extension for collective MPI communication operations in isolation as well as in the context of application programs. Copyright © 2007 John Wiley & Sons, Ltd.     

Enacting language games: the development of a sense of ‘we‐ness’ in online forums

A sense of ‘we‐ness’– enacted through collective identity and culture – is both crucial in online, remote contexts, and particularly difficult to develop in such settings. Using Wittgenstein's concept of language games, we examine how participants of two online forums construct collective identity and culture through their discursive practices. We suggest a strong performative interpretation of the notion of language games, i.e. members of a community produce a sense of we‐ness through their participation in the language game while also defining their expected behaviours and actions. We illustrate how the notion of language games offers an approach for researching and analysing the emergence of collective identity and culture in online forums.     

On the Design and Prototype Implementation of a Multimodal Situation Aware System

In this paper we describe the design concepts and prototype implementation of a situation aware ubiquitous computing system using multiple modalities such as National Marine Electronics Association (NMEA) data from global positioning system (GPS) receivers, text, speech, environmental audio, and handwriting inputs. While most mobile and communication devices know where and who they are, by accessing context information primarily in the form of location, time stamps, and user identity, the concept of sharing of this information in a reliable and intelligent fashion is crucial in many scenarios. A framework which takes the concept of context aware computing to the level of situation aware computing by intelligent information exchange between context aware devices is designed and implemented in this work. Four sensual modes of contextual information like text, speech, environmental audio, and handwriting are augmented to conventional contextual information sources like location from GPS, user identity based on IP addresses (IPA), and time stamps. Each device derives its context not necessarily using the same criteria or parameters but by employing selective fusion and fission of multiple modalities. The processing of each individual modality takes place at the client device followed by the summarization of context as a text file. Exchange of dynamic context information between devices is enabled in real time to create multimodal situation aware devices. A central repository of all user context profiles is also created to enable self-learning devices in the future. Based on the results of simulated situations and real field deployments it is shown that the use of multiple modalities like speech, environmental audio, and handwriting inputs along with conventional modalities can create devices with enhanced situational awareness.      

一种基于票据的单点登录协议设计与实现

随着企业信息化建设的发展,企业信息应用系统的种类、数量越来越多,建立统一的身份认证管理机制,用户只需向身份认证中心提供一次身份信息,便可安全、平滑地访问不同应用系统,即实现单点登录,成为企业信息化建设的重要内容。根据当前企业信息应用系统已具有大量历史遗留帐号的实际情况,本文给出了一种基于票据的单点登录协议,对传统的基于票据的单点登录协议必须依赖全局统一用户身份标识的局限性进行改进,通过该协议能够简单、安全地实现对具有大量历史遗留帐号的应用系统的单点登录集成。     

Examining technology, structure and identity during an Enterprise System implementation

Abstract.  This paper presents a longitudinal study of an Enterprise System (ES) implementation by critically examining the discursive context in which an ES implementation unfolds. The findings show that users strongly supported the ES in the earlier stage of implementation when the technology was an imaginary phenomenon. However, in later stages, when the technology is in use, user support was not consistent. In this phase, the ES produces loss of control and an inability to function as an arbiter of fairness (in allocating resources associated with the system), thereby directly challenging existing professional identities and roles. These outcomes, in turn, generate acts of resistance on the part of workers. Users reach inside the technology and reshape it by devising creative workarounds that produce a sense of reskilling to counter the deskilling produced by the loss of control and power. The analysis also shows that an ES is a complex social phenomenon that is intricately linked to and complicit in shaping organizational structure and identity. In particular, this study shows how technology, structure and identity are in a mutually constitutive relationship.     

基于指纹的5G通信说话人身份追踪方案

随着5G通信技术的广泛普及和应用,5G通信系统的安全受到广泛关注.针对5G电话语音通信中模仿、假冒或否认说话人身份进行欺骗而难以追踪说话人身份的问题,文章提出一种面向5G远程通信的电话语音说话人身份追踪方案.在语音接入前通过智能手机获取说话人的生物指纹作为身份信息,在语音通话中,采用数字水印技术将代表说话人身份的生物指...     

Software architecture knowledge for intelligent light maintenance

The maintenance management plays an important role in the monitoring of business activities. It ensures a certain level of services in industrial systems by improving the ability to function in accordance with prescribed procedures. This has a decisive impact on the performance of these systems in terms of operational efficiency, reliability and associated intervention costs. To support the maintenance processes of a wide range of industrial services, a knowledge-based component is useful to perform the intelligent monitoring. In this context we propose a generic model for supporting and generating industrial lights maintenance processes. The modeled intelligent approach involves information structuring and knowledge sharing in the industrial setting and the implementation of specialized maintenance management software in the target information system. As a first step we defined computerized procedures from the conceptual structure of industrial data to ensure their interoperability and effective use of information and communication technologies in the software dedicated to the management of maintenance (E-candela). The second step is the implementation of this software architecture with specification of business rules, especially by organizing taxonomical information of the lighting systems, and applying intelligence-based operations and analysis to capitalize knowledge from maintenance experiences. Finally, the third step is the deployment of the software with contextual adaptation of the user interface to allow the management of operations, editions of the balance sheets and real-time location obtained through geolocation data. In practice, these computational intelligence-based modes of reasoning involve an engineering framework that facilitates the continuous improvement of a comprehensive maintenance regime.     

Towards an interpretative integrative framework to conceptualise social processes in large information systems implementations

This paper develops a new interpretative framework to study large information systems implementations. This framework is used to make explicit the various links between the implementation process, the wider organisation and external context. This framework is applied to a substantive case to integrate relevant organisational levels and distinct activity domains, as well as the interconnections between those levels and domains through time. More specifically, the paper extends a previous substantive case analysis with an interpretivist conceptualisation and theory triangulation in order to uncover the deeper structure and meanings embedded in a major information systems (IS) implementation process. The research scope of the IS implementation ranged from initial project formulation, to system development and management training, managing support from key stakeholders, and marginal system use. The substantive case, which has been published elsewhere [33], is based on a national information systems initiative to support the decentralisation and modernisation of management functions in health districts of the Ministry of Public Health in Ecuador. A key objective of this paper is to build a process theory of IS implementation, situated within the context of the substantive case study.     

Identity and role—A qualitative case study of cooperative scenario building

In this study, we argue that users participating in the design process will form the participation as a function of their professional role, but also as a function of their identity more or less independent from their role. In order to get the full potential of cooperative design the user identity in general and in this case their attitudes towards technology in particular should be incorporated into the design process. This case study consists of participatory design sessions with two different organizations, in the context of a media production tool development project. Facilitator skills, and workshop interventions to balance attitudes and to take them into account in design are discussed. Furthermore, we argue that attitudes will affect a subsequent implementation of a technical system, and that knowledge about stakeholder identity can be useful for further design activities and for planning system implementation.     

Trust,empathy, social identity,and contribution of knowledge within patient online communities

People are increasingly utilising patient online communities (POC) to seek useful health information and empathetic support. Success of POC is reliant upon the willingness of members to contribute useful information and knowledge. Few studies have examined the influence of interpersonal bonds between members on members’ contribution of information and knowledge within the context of POC. We investigated how trust, social identity, and empathy influence members’ willingness to contribute knowledge to POC. Results indicated that trust and social identity within POC positively influenced the development of empathy. Empathy in turn exerted a positive influence on willingness to contribute personal knowledge and experience. Social identity also directly influenced members’ willingness to contribute knowledge. The findings highlight the importance of trust, empathy, and a sense of group cohesiveness within online health settings in motivating members to contribute knowledge and support to other participants in POC.     

商品交易系统中间件的设计与实现

论文设计了一个中间件,该中间件由通信进程、交易进程、认证和授权服务进程组成;详细介绍了该中间件的通信过程及安全策略;在此基础上,开发了运用该中间件的实际系统。     

一种面向车联网通信的条件隐私保护认证协议

车联网可有效提高交通的效率和安全性,但通信过程中存在的隐私泄露问题严重阻碍了其应用落地。提出一种面向车联网V2X通信的条件隐私保护认证协议。针对现有协议大多仅支持车辆认证的局限性,基于用户身份和车辆身份信息生成车与用户绑定的生物密钥,使协议支持单车多用户或单用户多车认证。在保护用户和车辆身份的条件下完成对消息发送方的身份认证,并在特定情况下追溯车辆和用户的真实身份,从而实现对车辆和用户的条件隐私保护。同时,在协议中添加批量验证功能以提高验证效率。形式化的安全性分析和性能评估结果表明,该协议是安全且高效的。     

基于区块链和密码累加器的自我主权身份认证方案

针对现有基于区块链的身份认证方案中存在的认证流程复杂、需要多次区块链操作、链上数据不够精简、身份暴露后无法再次隐藏的问题,提出了一种基于区块链和密码累加器的自我主权认证方案。利用密码累加器成员验证高效性的特点,精简区块链数据存储,降低链上数据交互频率,提高系统性能和可扩展性;同时,提出了一种身份数据二次隐藏的方法,能够再次隐藏已披露的用户数据,进一步提高系统的安全性。经与现有身份认证方案进行对比分析和实验验证,表明该方案具有较低的存储、通信与计算成本和较高的可扩展性和安全性。     

Tuning collective communication for Partitioned Global Address Space programming models

Partitioned Global Address Space (PGAS) languages offer programmers the convenience of a shared memory programming style combined with locality control necessary to run on large-scale distributed memory systems. Even within a PGAS language programmers often need to perform global communication operations such as broadcasts or reductions, which are best performed as collective operations in which a group of threads work together to perform the operation. In this paper we consider the problem of implementing collective communication within PGAS languages and explore some of the design trade-offs in both the interface and implementation. In particular, PGAS collectives have semantic issues that are different than in send-receive style message passing programs, and different implementation approaches that take advantage of the one-sided communication style in these languages. We present an implementation framework for PGAS collectives as part of the GASNet communication layer, which supports shared memory, distributed memory and hybrids. The framework supports a broad set of algorithms for each collective, over which the implementation may be automatically tuned. Finally, we demonstrate the benefit of optimized GASNet collectives using application benchmarks written in UPC, and demonstrate that the GASNet collectives can deliver scalable performance on a variety of state-of-the-art parallel machines including a Cray XT4, an IBM BlueGene/P, and a Sun Constellation system with InfiniBand interconnect.     

Sociomaterial actors in the assimilation gap: a case study of web service, management and IT-assimilation

This paper investigates the conditions for the assimilation of information systems (IS) and information technology (IT) in organizations and the influence of various actors in the organization and eBusiness context. To do so it draws on the literature on assimilation gap, sociomateriality and infrastructure together with a study of implementation and use of information and communication technology in and among organizations in a Swedish region. There were substantial investments in web infrastructure made on a regional level and the focus of this study is how the investments were transformed and assimilated in practices, relations and communication. Based on the empirical data from the case study, the paper extends the assimilation process into interplay among actors in organizations contexts. It describes organizations’ strategies for coping with their needs for information and the actors in these processes. Two categories of actors are identified, sensemaking and sensegiving actors, as most important in assimilation of IS/IT in organizations. A sociomaterial perspective gives guidance and a better understanding of the assimilation process in terms of knowledge and interpretative frames, and how assimilation involves identity construction and negotiations among sensemaking and sensegiving actors. The contribution of this paper is a better understanding of the context of assimilation and adaptation of IT in organizations’ business processes, and steps to be taken to improve readiness.     

5G网络下的无证书身份隐藏签密方案

为解决5G网络下的用户身份信息泄露及隐私保护问题,提出一种无证书身份隐藏签密方案。运用密码学哈希函数将签密者的身份信息与其公钥进行绑定并生成用户部分私钥,以防止用户公钥替换攻击。在解签密阶段,输入信息中不包含签密者的身份信息,而是将其作为输出信息进行验证,从而实现签密者身份信息的隐藏。实验结果表明,在随机预言模型下,该方案的安全性规约于计算判定性Diffie-Hellman问题,且具有较高的通信效率与较低的计算开销。     

ARM平台基于改进视觉密码认证系统的设计与实现

合法用户的身份认证在信息安全中起着非常重要的作用,以静态口令为基础的传统认证方式正面临多种安全隐患。基于视觉密码技术的原理和特点,从使用安全性方面提出改进算法,实现了一套完整的一次一密身份口令认证方案,使得认证过程更加安全可靠。系统采用双因素认证方式,将指纹识别技术和视觉密码技术相结合,进一步提高安全性,并最终在AM3517实验平台上实现。实测表明,该系统操作简单、认证过程安全可靠、易扩展、使用成本低,具有广阔的应用前景。