针对纵向加密装置的网络安全威胁分析

纵向加密装置是电力二次系统网络安全的重要保证,针对纵向加密装置的攻击直接影响电力调度数据网的稳定运行。文章阐述了纵向加密装置的主要性能指标,着重围绕针对其可用性的威胁展开分析,并将此类威胁定义为拒绝服务威胁,进一步给出拒绝服务攻击的两种类型及其特征。基于纵向加密装置拒绝服务攻击的特点,给出了有针对性的防御措施。     

Using provenance to debug changing ontologies

On the Semantic Web ontologies evolve and are managed in a distributed setting, e.g. in biomedical databases. Changes are contributed by multiple persons or organizations at various points in time. Often, changes differ by certainty or trustworthiness. When judging changes of automatically inferred knowledge and when debugging such evolving ontologies, the provenance of axioms (e.g. agent, trust degree and modification time) needs to be taken into account. Providing and reasoning with rich provenance data for expressive ontology languages, however, is a non-trivial task.In this paper we propose a formalization of provenance, which allows for the computation of provenance for inferences and inconsistencies. It allows us to answer questions such as “When has this inconsistency been introduced and who is responsible for this change?” as well as “Can I trust this inference?”.We propose a black box algorithm for reasoning with provenance, which is based on general pinpointing, and an optimization, which enables the use of provenance for debugging in real time even for very large and expressive ontologies, such as used in biomedical portals.     

IKARUS-Onto: a methodology to develop fuzzy ontologies from crisp ones

Fuzzy Ontologies comprise a relatively new knowledge representation paradigm that is being increasingly applied in application scenarios in which the treatment and utilization of vague or imprecise knowledge are important. However, the majority of research in the area has mostly focused on the development of conceptual formalisms for representing (and reasoning with) fuzzy ontologies, while the methodological issues entailed within the development process of such an ontology have been so far neglected. With that in mind, we present in this paper IKARUS-Onto, a comprehensive methodology for developing fuzzy ontologies from existing crisp ones that significantly enhances the effectiveness of the fuzzy ontology development process and the quality, in terms of accuracy, shareability and reusability, of the process’s output.     

Using extended web technologies to develop Bluetooth multi-platform mobile applications for interact with smart things

Nowadays the classic web paradigms are being subjected to changes; every day millions of users around the world use their Smartphones to access web applications from anywhere. The World Wide Web it is one of the biggest repositories of information in the world, and that information is stored in internet servers and repositories, but today in the real world there are many other information sources such as electronic devices with communication capabilities: smart appliances and sensor networks. The Smartphones are equipped with communication hardware elements like the Bluetooth module, which allows the Smartphone to exchange information with nearby electronic devices. Every day more and more mobile applications are being developed for native platforms that use Bluetooth’s communication module to send and receive information from different sources. Native mobile applications use the specific platform’s APIs to manage the Bluetooth communication actions (send and receive information, search for devices, etc.), however, web applications do not have technical capabilities to manage the Smartphone’s Bluetooth communication module and thereof cannot use that kind of information. The main objective of this research work is to design a novel framework that allows classic web applications to use information from nearby electronic devices. The proposed framework must be easy to use and able to be integrated with common web technologies. Developers can use this framework to include new information sources and data exchange procedures in an easy way. The new type of information can be merged with the web to develop or improve algorithms and web applications.     

Using security robustness analysis for early-stage validation of functional security requirements

Security is nowadays an indispensable requirement in software systems. Traditional software engineering processes focus primarily on business requirements, leaving security as an afterthought to be addressed via generic “patched-on” defensive mechanisms. This approach is insufficient, and software systems need to have security functionality engineered within in a similar fashion as ordinary business functional requirements. Functional security requirements need to be elicited, analyzed, specified and validated at the early stages of the development life cycle. If the functional security requirements were not properly validated, then there is a risk of developing a system that is insecure, deeming it unusable. Acceptance testing is an effective technique to validate requirements. However, an ad hoc approach to develop acceptance tests will suffer the omission of important tests. This paper presents a systematic approach to develop executable acceptance tests that is specifically geared for model-based secure software engineering processes. The approach utilizes early-stage artifacts, namely misuse case and domain models, and robustness diagrams. The feasibility of the proposed approach is demonstrated by applying it to a real-world system. The results show that a comprehensive set of security acceptance tests can be developed based upon misuse case models for early-stage validation of functional security requirements.     

Oracle数据库安全问题探析与应对策略

在计算机的普及下,Oracle数据库也成为了当前各领域管理中的重要方法,其能够有效推动各领域更加快捷的管理和资源的整理,但安全问题使得各领域在Oracle数据库使用中,经常出现文件资源被窃取、破坏等情况,故为了提高Oracle数据库的安全性,本文基于Oracle数据库对其安全问题进行了探讨,并提出了相对的应对策略.     

WFB服务安全问题分析及防范策略研究

认识WEB服务的安全漏洞、欺骗的基本原理，了解WEBN务欺骗的常用方法及手段，掌握常用的安全防范措施，对广大网络用户而言，具有积极和现实的应用价值。     

一种基于威胁分析的信息安全风险评估方法

在信息安全领域中,信息风险评估是风险管理和控制的核心组成部分,是建立信息系统安全体系的基础和前提。分析了信息安全风险评估的标准及流程,提出一种基于威胁分析的量化风险评估方法ISSREM。该方法采用多属性决策理论,计算信息系统相对威胁程度,有利于评估者进行比较和选择,通过对威胁频率的灵敏度分析,使评估结果更具客观性和准确性。给出ISSREM的计算模型及用该方法进行风险评估的主要步骤,并结合实例对该定量评估方法进行分析,验证了该方法的合理性与有效性。     

XML and WML integration: An analysis and strategies for implementation to meet mobile commerce challenges

The market for providing mobile content for wireless devices is currently growing at a phenomenal rate. Competition to provide this content is being waged upon the technologies that support wireless communications to display rich media content for those wireless devices. The integration of XML and WML technologies would provide the necessary functions and capabilities to deliver this dynamic content to WAP enabled cellular phones. This article first gives an overview of XML and WML technologies and then explores the rationales for the integration of the two by examining the driving forces, justifying the use of the two to provide mobile content, and analyzing two associated integration aspects. The study further presents three strategies for XML and WML integration with three case studies of vendors' applications, and addresses the roles of integration facilitators. Finally, future implications and market considerations are discussed. The intention of this study is to analyze the current mobile market, and show how using XML and WML technologies can enable businesses to provide mobile content to cellular phone users.     

Using Chaos Theory based workload analysis to perform Dynamic Frequency Scaling on MPSoCs

Embedded systems sometimes experience transient overloads due to workload bursts. Such systems have to be designed to take timely reactions at the occurrences of unexpected situations. The development of smart techniques that focus the available computing power on these urgent events and at the same time, slow down the processing frequency during inactive periods could be the key for preserving energy. In the context of this study, we present a Dynamic Frequency Scaling technique based on the workload trend of a dynamic wireless application. The system can adjust the operation frequency by analyzing the workload fluctuations without degrading the final performance or violating any deadlines. In this direction, we employ an abstract model of workload analysis that combines mathematical tools from the Chaos Theory field, allowing the dynamic handling of data streams with complex behavior. To evaluate the efficiency of the proposed approach we applied it using a real application workload on a cycle-accurate Network-on-Chip simulation framework. The simulation results showed that the proposed technique could achieve remarkable improvements at the final power consumption, between 17.5% and 37.8%, depending on the system constraints.     

Lightweight security for mobile commerce transactions

This paper describes a lightweight security mechanism for protecting electronic transactions conducted over the mobile platform. In a typical mobile computing environment, one or more of the transacting parties are based on some wireless handheld devices. Electronic transactions conducted over the mobile platform are gaining popularity and it is widely accepted that mobile computing is a natural extension of the wired Internet computing world. However, security over the mobile platform is more critical due to the open nature of wireless networks. Furthermore, security is more difficult to implement on the mobile platform because of the resource limitation of mobile handheld devices. Therefore, security mechanisms for protecting traditional computer communications need to be revisited so as to ensure that electronic transactions involving mobile devices can be secured and implemented in an effective manner. This research is part of our effort in designing security infrastructure for electronic commerce systems, which extend from the wired to the wireless Internet. A lightweight mechanism was designed to meet the security needs in face of the resource constraints. The proposed mechanism is proven to be practical in real deployment environment.     

Problem-oriented simulations to develop and improve higher-order thinking strategies

The purpose of this article is to present an empirically based instructional method to improve higher-order thinking strategies. The method employs computer-managed simulations that present contextually meaningful problem situations that require students to prepare solution proposals. The simulation assesses the proposal and offers the students the consequences of their decisions while also iteratively updating the situational conditions. This type of simulation, unlike conventional simulations which are used for acquisition of knowledge, is problem-oriented, requiring the students to fully employ their knowledge base by generating solutions to domain-specific problems. Thus, the focus of problem-oriented simulations is to improve student cognitive abilities employed in the service of recall, problem solving, and creativity.     

基于攻防博弈模型的层次化网络安全评估探析

攻防博弈模型在网络安全评估中的应用,可以帮助系统管理员及时发现网络中潜在的网络威胁和存在的安全隐患,而系统管理员可以根据不同的安全需求进行最优防御策略的选择和实施,从而大大降低不安全事件发生的可能性,进一步达到网络安全防护的目的。