Novel Fault-Tolerant Decompression Method of Corrupted LZSS Files

Data compression and decompression have been widely applied in modern communication and data transmission fields. But how to decompress corrupted lossless compressed files is still a challenge. This paper presents an effective method to decompress corrupted LZSS files. It is achieved by utilizing source prior information and heuristic method. In this paper, we propose to use compression coding rules and grammar rules as the source prior information. Based on the prior information, we establish a mathematical model to detect error bits and estimate the rough range of the error bits. As for error correction, a heuristic method is developed to determine the accurate positions of error bits and correct the errors. The experimental results demonstrate that the proposed FTD method can achieve a correction rate of 96.45% for corrupted LZSS files when successfully decompressed. More importantly, the proposed method is a general model that can be applied to decompress various types of lossless compressed files of which the original files are natural language texts.     

带时间戳电子签名的技术路径及法律分析

时间戳机构对原始文件信息、签名参数、签名时间等信息进行数字签名产生时间戳,以证明原始文件在签名时间之前已经存在。在书面合同中,文件签署的日期和签名均是十分重要的防止文件被伪造和篡改的关键性内容。在电子商务交易文件中,时间也是十分重要的信息。而且只有可信时间戳才具有法律效力。     

支持动态更新的多副本持有性证明方案

考虑多副本数据安全和数据动态更新的应用需求,提出一个支持数据动态更新的多副本数据持有性证明方案。本方案中原数据文件采用动态认证结构进行动态更新与管理,其他多个副本采用追加日志记录的方式记录数据的动态更新,支持公开聚合验证。若原数据文件或副本数据损坏或丢失,可恢复到最新状态。由此分析了方案的安全性、通信性能、存储性能,结果表明新方案是高效的、安全的。     

Novel Fault-Tolerant Decompression Method of Corrupted Huffman Files

Data compression and decompression have been widely applied in modern communication and data transmission fields. But how to decompress corrupted lossless compressed files is still a challenge. This paper presents a fault-tolerant decompression (FTD) method for corrupted Huffman files. It is achieved by utilizing source prior information and heuristic method. In this paper, we propose to use Huffman coding rules and grammar rules to model the source prior. According to the source prior information, we can roughly estimate the range of error bits. As for error correction, a heuristic algorithm is developed to determine the accurate positions of error bits and correct the errors. The experimental results demonstrate that the proposed FTD method can achieve a correction rate of 96.84% for corrupted Huffman files when the source prior information is accurate. More importantly, the proposed method is a general model that can be applied to decompress various types of lossless compressed files of which the original files are natural language texts.     

基于可信计算的密级标识信息控制模型

借助可信计算的完整性检验、认证及访问控制和密封存储等关键技术,在现有PC体系结构下提出了支持可信计算的密级标识信息控制模型,并提出密级权限域的概念。该模型利用PC机USB接口外接TCM,结合身份认证、基于角色的访问控制和信道加密技术,从不同层次和角度进行涉密文档保护,实现用户细粒度控制和信息流控制。同现有的技术相比较,该模型能够满足国家相关标准的技术要求,实现更灵活、更安全的信息控制,并能够适应新的Cyber Security环境下的安全挑战。     

Hiding information in multispectral spatial images

In this paper, a new method for private geoinformation exchange, entitled access restricted information exchange steganography for spatial information systems (ARS), is presented. ARS hides and recovers a message of substantial length within digital images while maintaining the original image size and dynamic range. Applications for such an information hiding scheme include access restriction to information, authentication, revision tracking of digital signals and covert communication over communication networks. The novel contribution of this paper is to propose a new method of limiting access to the hidden data in image databases (ID) of spatial information systems (SIS).     

Modified quantum superdense coding for distributed communications

The efficiency of medium access control strongly influences the performance of distributed wireless networks. Collisions in the channel and unused timeslots result in poor performance. On the other hand, quantum superdense coding proved that entanglement‐assisted quantum communications can improve the data transmission rates compared with classical systems. It allows sending two classical bits from one party to another in exchange of one quantum bit and a pre‐shared entangled Bell pair. This paper introduces a new protocol, which involves a modified version of superdense coding to medium access control of distributed communication systems. Using a pre‐shared entangled Bell pair and one classical bit, 2.5 classical bits can be transmitted in average between the parties in each timeslot. This means not only valuable increase in capacity, but the two‐way distributed operation opens new fields of investigation. Copyright © 2014 John Wiley & Sons, Ltd.     

基于分存分组的关系数据库数字水印算法

文章结合关系数据库的特殊性,提出了一种基于分存分组的数据库数字水印算法,通过该算法可以在关系数据库中嵌入实际意义的字符串水印信息。首先把水印信息进行加密,让版权所有者和公证方持有加密密钥,然后将加密的水印信息分存,最后将水印分存值分成比特不等组序列进行水印嵌入。在水印提取时,可以通过部分子水印信息恢复原始水印。实验结果表明该算法使嵌入的水印具有较好的鲁棒性和不可见性。     

Pushing Dependent Data in Clients–Providers–Servers Systems

In satellite and wireless networks and in advanced traffic information systems in which the up-link bandwidth is very limited, a server broadcasts data files in a round-robin manner. The data files are provided by different providers and are accessed by many clients. The providers are independent and therefore files may share information. The clients who access these files may have different patterns of access. Some clients may wish to access more than one file at a time in any order, some clients may access one file out of of several files, and some clients may wish to access a second file only after accessing another file. The goal of the server is to order the files in a way that minimizes the access time of the clients given some a-priori knowledge of their access patterns. This paper introduces a clients–providers–servers model that better represents certain environments than the traditional clients–servers model. Then, we show that a random order of the data files performs well, independent of the specific access pattern. Our main technical contribution is de-randomizing the procedure that is based on selecting a random order. The resulting algorithm is a polynomial-time deterministic algorithm that finds an order with the same performance bounds as those of the random order.     

Using object multiplex technique in data broadcast on digital CATV channel

Data broadcast is a new kind of value-add service of DTV broadcasting and some data broadcast protocols have already been established. However, these protocols only describe the method for locating files in data streams, and a method for distribution of a large collection of files in one or more data streams is not provided. Research on this problem mainly focuses on how to decrease the wait time and some methods of allocating files on multiple streams based on access probability are proposed, but how to assign the file with a reasonable bandwidth is ignored. In this paper, we introduced an object multiplex algorithm to optimize the allocation of objects on a DTV channel. This method assigns different bandwidth statistically to a different object according to its size and access probability. In this method, both download time and wait time are considered. It adopts a modified virtual clock (VC) scheduling algorithm to multiplex files accurately and smoothly.     

An overview of multimedia content protection in consumer electronics devices

A digital home network is a cluster of digital audio/visual (A/V) devices including set-top boxes, TVs, VCRs, DVD players, and general-purpose computing devices such as personal computers. The network may receive copyrighted digital multimedia content from a number of sources. This content may be broadcast via satellite or terrestrial systems, transmitted by cable operators, or made available as prepackaged media (e.g., a digital tape or a digital video disc). Before releasing their content for distribution, the content owners may require protection by specifying access conditions. Once the content is delivered to the consumer, it moves across the home network until it reaches its destination where it is stored or displayed. A copy protection system is needed to prevent unauthorized access to bit streams in transmission from one A/V device to another or while it is in storage on magnetic or optical media. Recently, two fundamental groups of technologies, encryption and watermarking, have been identified for protecting copyrighted digital multimedia content. This paper is an overview of the work done for protecting content owners’ investment in intellectual property.     

一种可信网络模型的构建方法

当前孤立、单一和附加的网络安全系统已经不能满足客观需求。在分析已有研究的基础上,提出了通过一种基于集成可信身份识别和访问管理方法的安全可信网络框架。该框架提供了一种灵活建模和描述数字用户身份的机制,支持基于事务的隐私保护和个人数据获取,以及灵活的第三方问责机制与端到端的安全交流,并搭建了基于异构无线网络环境的移动数据服务网络平台,进行效果验证分析,实验结果证明了算法的有效性。     

Authenticity and integrity of digital mammography images

Data security becomes more and more important in telemammography which uses a public high-speed wide area network connecting the examination site with the mammography expert center. Generally, security is characterized in terms of privacy, authenticity and integrity of digital data. Privacy is a network access issue and is not considered in this paper. We present a method, authenticity and integrity of digital mammography, here which can meet the requirements of authenticity and integrity for mammography image (IM) transmission. The authenticity and integrity for mammography (AIDM) consists of the following four modules. 1) Image preprocessing: To segment breast pixels from background and extract patient information from digital imaging and communication in medicine (DICOM) image header. 2) Image hashing: To compute an image hash value of the mammogram using the MD5 hash algorithm. 3) Data encryption: To produce a digital envelope containing the encrypted image hash value (digital signature) and corresponding patient information. 4) Data embedding: To embed the digital envelope into the image. This is done by replacing the least significant bit of a random pixel of the mammogram by one bit of the digital envelope bit stream and repeating for all bits in the bit stream. Experiments with digital IMs demonstrate the following. 1) In the expert center, only the user who knows the private key can open the digital envelope and read the patient information data and the digital signature of the mammogram transmitted from the examination site. 2) Data integrity can be verified by matching the image hash value decrypted from the digital signature with that computed from the transmitted image. 3) No visual quality degradation is detected in the embedded image compared with the original. Our preliminary results demonstrate that AIDM is an effective method for image authenticity and integrity in telemammography application.     

基于IFS的文件访问控制技术研究与应用

信息安全问题随着计算机网络的广泛应用,已经成为一个复杂而严峻的课题。而电子文件的安全是信息安全的核心任务之一,其访问控制在信息安全领域中具有举足轻重的地位。论文在研究IFS（InstallableFileSystem）的基础上,分析比较了NativeAPI拦截技术和文件系统过滤驱动技术,并以示例的形式实现了文件访问控制,为深入研究和应用Windows文件系统过滤驱动技术实施信息安全策略提供了参考。     

Scan test architectures for digital board testers

Boundary scan is a method of implementing test access to the terminals of a component, cluster, or board. Although substituting boundary scan access for direct tester access to these terminals does not alter the concept of digital testing, the replacement of parallel test vectors by serial data streams requires tester support for serial data.This article first considers the problems posed by boundary scan sequences, which are long and contain meaningful vector data, constant data, and irrelevant, or don't care bits, arbitrarily interspersed. We use the model of meaningful data within a frame of constant or irrelevant bits as a means of handling vector data efficiently, and we propose the sequencing and control features of the general-purpose digital tester as an efficient way to implement these frames. Using a specific example, we show that the performance achieved and the data storage resources required compare favorably to approaches based on special-purpose framing hardware.     

基于可信计算和主动防御的等级保护在电厂的应用

针对广州蓄能发电厂相关信息系统的现状,结合信息安全等级保护测评存在问题,依据国家等级保护的有关标准和规范,进行重新规划和合规性整改,提出了基于可信计算和主动防御的等级保护体系模型,在可信计算技术和主动防御技术理念的指引下,利用密码、代码验证、可信接入控制等核心技术,在“一个中心三重防御”的框架下实现对信息系统的全面防护,旨在建立一个完整的安全保障体系,有效保障其系统业务的正常开展,保护敏感数据信息的安全.     

一种基于EAP的可信网络接入机制

入网终端的可信状态对整个网络的安全具有十分重要的影响,可信计算组织TCG的可信网络连接TNC正是为解决可信接入的问题提出,已成为一个研究热点。基于TNC体系和EAP协议设计了可信网络接入机制。该机制利用接入控制协议交换量化的终端可信度、身份等信息,并根据接入策略确定是否允许终端入网。通过对接入控制协议的健壮性分析,表明该机制能有效实现终端的入网控制,从源头保障网络安全。     

可信计算在分级保护建设中的应用研究

国家分等级保护系列标准规范中提到,涉密信息系统的建设需要明确安全域边界,实现不同等级的安全域间通信的安全可控,实现身份鉴别、密级标识等信息安全保密要求.针对这些涉密信息系统建设中的安全需求,文章应用基于可信计算的活性标签、安全隔离和不对等访问控制技术,从硬件底层着手,建立用户、平台与网络三者之间的信任关系,实现不同安全等级终端或网络区域之间的可信互连.     

一种基于非否认协议的电子邮件传输方案

在电子邮件传输中,发信人和收信人的不可否认性是一个重要的安全问题。该问题可以通过采用数据传输中的非否认协议来解决。目前多数非否认协议基于可信第三方,并且对可信第三方的安全性、通信能力要求很高,因而难以在实际中应用。提出了一种基于安全第三方的非否认协议,该协议适合于电子邮件传输的特定应用;同时该协议减少了通信流量,降低了对可信第三方的安全性要求。随后结合安全多用途邮件扩展技术,得出了基于该协议的电子邮件传输实现方案。     

Overlapped discrete multitone modulation for high speed copper wirecommunications

Multicarrier modulation possesses several properties which make it an attractive approach for high speed copper wire communication networks. Among these properties are the ability to efficiently access and distribute multiplexed data streams, and a reduced susceptibility to impulsive, as well as to narrowband channel disturbances. In digital implementations of multicarrier modulation, subcarrier generation and data modulation are accomplished digitally using orthogonal transformations of data blocks. These implementations are particularly efficient with regard to bandwidth utilization and transceiver complexity. In this paper, we present a form of digital multicarrier modulation which we refer to as overlapped discrete multitone, or discrete wavelet multitone (DWMT), modulation. For DWMT modulation, which is based on the application of M-band wavelet filters, the pulses for different data blocks overlap in time, and are designed to achieve a combination of subchannel spectral containment and bandwidth efficiency that is fundamentally better than with other forms of multicarrier modulation. We show that, as a result of the spectral containment feature, DWMT gives a high level of robustness with regard to noise environments and channel variations that are encountered in practice