共查询到20条相似文献,搜索用时 687 毫秒
1.
为了解决我国信息安全产品测评认证领域存在的重复检测、重复收费、实验室低水平重复建设等问题,《国家信息化领导小组关于加强信息安全保障工作的意见》(中办发〔2003〕27号)提出了"推进认证认可工作,规范和加强信息安全产品测评认证"的要求。近年来,在国家认监委的积极努力与各部门的大力配合下,我国信息安全认证认可工作取得了显著进步,其基础性作用正在逐步得到发挥。但同时,认证认可事业发展也面临一系列挑战,需要在"十二五"时期予以重点关注。 相似文献
2.
我国信息系统安全风险评估的研究是近几年才开始的。随着信息系统等级保护工作的逐步开展,目前工作主要集中在组织架构和业务体系的建立,如建立了国家信息安全测评认证中心、北京信息安全测评认证中心等评估认证体系,相应的标准体系和技术体系还处于研究阶段。但电子政务、电子 相似文献
3.
信息安全等级保护是加强我国信息安全保障建设中的一项基础性工作。目前,我国已经对信息安全等级保护工作有了一定的理论探索和实践,在国家主管机关的大力推动下,等级保护将在制度与政策层面继续获得较大的进展。信息安全等级保护涉及到了信息系统的整个生命周期,对信息系统安全的认证和认可在其中占据着重要的地位。因此,如何在我国开展信息系统安全的认证和认可,是信息安全等级保护工作中的一项关键任务。 相似文献
4.
我国信息系统安全风险评估的研究是近几年才开始的。随着信息系统等级保护工作的逐步歼展,目前工作主要集中在组织架构和业务体系的建立,如建立了国家信息安全测评认证中心.北京信息安全测评认证中心等评估认证体系,相应的标准体系和技术体系还处于研究阶段。但电子政务、电子商务的蓬勃发展,信息系统风险评估领域和以该领域为基础和前提的信息系统安全工程,在我国已经得到政府、军队、企业、科研机构的高度重视,因此具有广阔的研究空间。 相似文献
5.
前不久,国内领先的独立第三方支付企业快钱顺利通过测试评估,快钱支付清算系统获得“信息系统安全认证证书”,成为国内首家获得“支付清算系统安全认证”的独立第三方电子支付企业。据悉,这项评估由中国信息安全产品测评认证中心完成,是我国正式确立的信息安全测评认证,这也成为快钱在网上支付安全领域获得的又一项资格证明。 相似文献
6.
7.
质量控制、进度控制、信息安全控制和成本控制是信息系统工程监理中通常要解决的问题,不过在应用软件开发中出现的知识产权保护问题也越来越受到重视,并列入了北京信息安全测评中心组织编著的《信息系统工程监理》一书中五大IT监理目标之一。北京信息安全测评中心是北京市信息办授权的目前唯一一家对北京信息系统工程监理企业进行资质认证的机构,该中心于4月3日透露,目前北京市获得甲级资质认证的IT监理 相似文献
8.
在信息技术迅猛飞跃的今天.信息安全是国家安全的重要内容之一。信息安全的测评认证和等级保护日益受到世界各国的重视,对信息安全产品、信息系统、信息安全服务等进行分级测评认证已成为保障国家信息安全的必然趋势。 相似文献
9.
《网络安全技术与应用》2002,(4):59
新年伊始,北京中通华信信息安全技术有限公司的“DN201网络安全套件2002版”产品通过了公安部计算机信息系统安全产品质量监督检验中心的测评认证,于2002年1月18日获得了公安部计算机信息系统安全专用产品《销售许可证》。 相似文献
10.
《计算机应用与软件》2014,(7)
通过对FDCC在美国成功的案例与现有信息系统等级保护和风险评估的测评指标分析,建立广东电网公司的安全配置检查规范模型。并基于该模型,借鉴SCAP协议的设计思路设计了各种类型安全配置检查枚举库。给出安全配置测评自动化工具的系统架构、模块组成和界面设计,工具的成功研制对提升信息系统等级保护测评结果的科学性、准确性都起到了非常大的促进作用,同时加快了测评的进度,提升了工作效率。 相似文献
11.
Michael Meier 《The VLDB Journal The International Journal on Very Large Data Bases》2014,23(3):495-516
Semantic query optimization is the process of finding equivalent rewritings of an input query given constraints that hold in a database instance. In this paper, we report about a Chase & Backchase (C&B) algorithm strategy that generalizes and improves on well-known methods in the field. The implementation of our approach, the Pegasussystem, outperforms existing C&B systems an average by two orders of magnitude. This gain in performance is due to a combination of novel methods that lower the complexity in practical situations significantly. 相似文献
12.
This paper describes an active catheter with flexible polyimide-based integrated CMOS interface circuits for communication and control (C&C IC) to be used for applications in biomedicine. The active catheter has a multilink structure. Distributed micro shape memory alloy (SMA) coils are utilized as actuators for multidegree of freedom movement. The C&C IC's, which are incorporated on the links, require three common lead wires to address all the links and control the selected SMA actuators in the active catheter. An MOS transistor with large channel width is used for switching the SMA actuator. To reduce the system size and simplify the assembly work, the C&C circuit and three lead wires are fabricated on the same substrate using CMOS-compatible polyimide-based process. The outer diameter of the fabricated active catheter is approximately 2.0 mm. The fabricated active catheter has a four-link structure and six degrees of freedom of movement per one link. A simple bending model of one unit is presented and compared with the experiments. The fabricated C&C IC measures 1.0 mm×3.35 mm×0.2 mm. The link addressing and the actuator switching functions of the fabricated chip were confirmed. The minimum access time for addressing and actuating a single unit was 6.4 μs. The active catheter was actuated by the fabricated C&C IC chip with flexible interconnect leads in response to the C&C signals from the outside controller 相似文献
13.
Bayesian estimation is a major and robust estimator for many advanced statistical models. Being able to incorporate prior knowledge in statistical inference, Bayesian methods have been successfully applied in many different fields such as business, computer science, economics, epidemiology, genetics, imaging, and political science. However, due to its high computational complexity, Bayesian estimation has been deemed difficult, if not impractical, for large-scale databases, stream data, data warehouses, and data in the cloud. In this paper, we propose a novel compression and aggregation schemes (C&A) that enables distributed, parallel, or incremental computation of Bayesian estimates. Assuming partitioning of a large dataset, the C&A scheme compresses each partition into a synopsis and aggregates the synopsis into an overall Bayesian estimate without accessing the raw data. Such a C&A scheme can find applications in OLAP for data cubes, stream data mining, and cloud computing. It saves tremendous computing time since it processes each partition only once, enabling fast incremental update, and allows parallel processing. We prove that the compression is asymptotically lossless in the sense that the aggregated estimator deviates from the true model by an error that is bounded and approaches to zero when the data size increases. The results show that the proposed C&A scheme can make feasible OLAP of Bayesian estimates in a data cube. Further, it supports real-time Bayesian analysis of stream data, which can only be scanned once and cannot be permanently retained. Experimental results validate our theoretical analysis and demonstrate that our method can dramatically save time and space costs with almost no degradation of the modeling accuracy. 相似文献
14.
15.
Decentralized decision-making requires the interaction of various local decision-makers in order to arrive at a global decision. Limited sensing capabilities at each local site can create ambiguities in a decision-making process at each local site. We argue that such ambiguities are of differing gradations. We propose a framework for decentralized decision-making (applied to decentralized control in particular) that allows computation of such ambiguity gradations and utilizes their knowledge in arriving at a global decision. Each local decision is tagged with a certain grade or level of ambiguity, with zero being the minimum ambiguity level. A global decision is taken to be the same as a ldquowinningrdquo local decision, i.e., one having the minimum level of ambiguity. The computation of an ambiguity level for a local decision requires an assessment of the self-ambiguities as well as the ambiguities of the others, and an inference based upon such knowledge. For the existence of a decentralized supervisor, so that for each controllable event the ambiguity levels of all winning disablement or enablement decisions are bounded by some number N (such a supervisor is termed N-inferring), the notion of N-inference observability is introduced. We show that the conjunctive-and-permissive (C&P) V disjunctive-and-antipermissive (D&A) co-observability is the same as the zero-inference observability, whereas the conditional C&P V D&A co-observability is the same as the unity-inference observability. We also present examples of higher order inference-observable languages. Our framework does not require the existence of any a priori partition of the controllable events into permissive/antipermissive sets, nor does it require a global control computation based on conjunction/disjunction of local decisions, exhibiting that our ambiguity-based approach is more efficient. 相似文献
16.
Peer-to-peer (P2P) botnets outperform the traditional Internet relay chat (IRC) botnets in evading detection and they have become a prevailing type of threat to the Internet nowadays.Current methods for detecting P2P botnets,such as similarity analysis of network behavior and machine-learning based classification,cannot handle the challenges brought about by different network scenarios and botnet variants.We noticed that one important but neglected characteristic of P2P bots is that they periodically send requests to update their peer lists or receive commands from botmasters in the command-and-control (C&C) phase.In this paper,we propose a novel detection model named detection by mining regional periodicity (DMRP),including capturing the event time series,mining the hidden periodicity of host behaviors,and evaluating the mined periodic patterns to identify P2P bot traffic.As our detection model is built based on the basic properties of P2P protocols,it is difficult for P2P bots to avoid being detected as long as P2P protocols are employed in their C&C.For hidden periodicity mining,we introduce the so-called regional periodic pattern mining in a time series and present our algorithms to solve the mining problem.The experimental evaluation on public datasets demonstrates that the algorithms are promising for efficient P2P bot detection in the C&C phase. 相似文献
17.
The Clarke & Wright (C&W) algorithm is one of the most widely used classical heuristics in capacitated Vehicle Routing Problems (VRPs) in which a linear function of distance is considered as the objective function. The C&W algorithm is very simple and easy to implement, and produces fairly good solutions very fast. In this study, the C&W algorithm is adopted for the cumulative VRP with limited duration (CumVRP-LD) where load is also considered in the objective function as well as distance. The most common applications of cumulative VRPs are the determination of routing policies that minimize total fuel consumption. A 2-phase constructive heuristic approach including the K-means clustering algorithm is proposed to improve the computational performance of the modified C&W algorithm for CumVRP-LD. The main contribution of this study is the definition of a new extended formulation that captures truck-load and travel distance by considering the unique characteristics of the problem and to develop a fast and easy implemented constructive algorithm for CumVRP-LD. Such approaches are necessary for the development of systems that respond fast, possibly online, to changes in the real problem situations. 相似文献
18.
19.
曹长华 《自动化与仪器仪表》2011,(2):131-133
石化企业是我国经济的命脉,其自动化生产程度的高低直接影响着我国国民经济生产总值,目前我国石化企业自动化程度在世界上处于比较落后的地位,急需更新和改造。本文论述了过程监测系统开发面临的一般性问题,强调了实时数据通信问题的重要性,探讨OPC技术在石化行业集中监测控制系统开发中的应用。 相似文献
20.
Understanding the command-and-control (C&C) protocol used by a botnet is crucial for anticipating its repertoire of nefarious activity. However, the C&C protocols of botnets, similar to many other application layer protocols, are undocumented. Automatic protocol reverse-engineering techniques enable understanding undocumented protocols and are important for many security applications, including the analysis and defense against botnets. For example, they enable active botnet infiltration, where a security analyst rewrites messages sent and received by a bot in order to contain malicious activity and to provide the botmaster with an illusion of successful and unhampered operation.In this work, we propose a novel approach to automatic protocol reverse engineering based on dynamic program binary analysis. Compared to previous work that examines the network traffic, we leverage the availability of a program that implements the protocol. Our approach extracts more accurate and complete protocol information and enables the analysis of encrypted protocols. Our automatic protocol reverse-engineering techniques extract the message format and field semantics of protocol messages sent and received by an application that implements an unknown protocol specification. We implement our techniques into a tool called Dispatcher and use it to analyze the previously undocumented C&C protocol of MegaD, a spam botnet that at its peak produced one third of the spam on the Internet. 相似文献