适用于车载网的匿名异构聚合签密方案

异构聚合签密既能够实现不同密码系统之间信息传输的机密性和不可伪造性,也能够降低通信开销。结合车载网的特点,提出了一个无证书密码系统到基于身份密码系统的异构聚合签密方案,并采用不同的系统参数来增强系统的安全性。方案能够同时为多个消息进行验证,并为发送者实现了身份匿名,有效解决了用户的隐私安全问题。同时,在随机预言模型下证明了该方案满足不可区分性和不可伪造性。数据对比实验表明,该方案相对于同类型方案有效地降低了通信开销,适合用于车载网络。     

An energy-efficient compression scheme for wireless multimedia sensor networks

Multimedia Tools and Applications - In this paper, we propose an energy-efficient compression scheme for wireless multimedia sensor networks. To do this, we analyze the characteristics of...     

适用于P2P网络的分布式认证机制

针对现有认证方案不能适应P2P网络动态性强的特点,对现有的门限签名方案进行了研究,提出了一种分布式认证机制,采用了基于门限签名的动态认证方案,将网络中的节点分成若干个共享组,并在共享组中使用可验证的门限签名算法.当网络中的总节点数改变时,参与认证的节点数也会相应的改变,这种机制具有很强的动态性,更适应不断改变的P2P网络.仿真实验结果表明,该机制在参数选取得当时能够满足P2P网络的安全需求.     

Cooperative caching for multimedia data in mobile P2P networks

Multimedia Tools and Applications - In this paper, we propose a cooperative caching scheme for multimedia data via clusters based on peers connectivity in mobile P2P networks. In the proposed...     

移动Ad hoc网络中身份可追踪的匿名通信方案

提出了一种适用于移动Ad hoc网的身份可追踪的匿名通信方案。方案采用伪身份的技术,基于双线性映射实现了节点间的匿名通信,同时当出现不诚实节点时,通过部分节点协作,可追踪节点的真实身份。并对该方案进行了正确性、匿名性和安全性分析。     

P2P网络的动态门限准入控制方案

准入控制是仲裁加入申请是否被批准的一个过程。提出一种动态门限准入控制方案即通过改变秘密多项式f（z）的阶t-1达到改变门限值t,使门限值随着网络规模大小化,从而解决了不能灵活改变阀值的局限性。该方案不仅能根据安全需求对节点进行资格审核,屏蔽掉一些不符合安全要求的节点,而且能抵抗Kim等人方案中存在的合谋攻击。     

自组网匿名通信中的一个基于伪身份的签名方案

在自组网的匿名通信中，节点通常用伪身份来代替节点的真实身份进行通信并不断变更伪身份，从而达到隐藏节点真实身份的目的。由于一般的基于双线性映射的签名方案在匿名通信中，签名对私钥生成器(PKG)不是匿名的, 因为PKG可以生成任意伪身份对应的私钥。提出一个应用于自组网匿名通信的基于双线性映射和伪身份的签名方案解决上述问题。最后，对该方案进行了正确性、匿名性和安全性分析。     

A multimedia service composition scheme for ubiquitous networks

It is a challenging task to develop a high quality and secure multimedia service for mobile terminals used in the ubiquitous computing environment. One of the issues is the resource limitation of mobile terminals. In this paper, we presented a multimedia service composition scheme for sharing computer and communication resources by using plural terminals to compensate for this resource limitation. The proposed scheme is based on user authentication, service access control, and the multi-agent-based adaptive Quality-of-Service (QoS) control framework that we developed. We also proposed a novel access mode control based on the trustworthiness of users and extension of the multi-agent-based adaptive QoS control framework to plural users. Focusing on the home network as a typical ubiquitous network, we implemented a prototype testbed system and showed experimental results for the multimedia service composition.     

An energy efficient privacy-preserving content sharing scheme in mobile social networks

The rising popularity of mobile social media enables personalization of various content sharing and subscribing services. These two types of services entail serious privacy concerns not only to the confidentiality of shared content, but also to the privacy of end users such as their identities, interests and social relationships. Previous works established on the attribute-based encryption (ABE) can provide fine-grained access control of content. However, practical privacy-preserving content sharing in mobile social networks either incurs great risk of information leaking to unauthorized third parties or suffers from high energy consumption for decrypting privacy-preserving content. Motivated by these issues, this paper proposes a publish–subscribe system with secure proxy decryption (PSSPD) in mobile social networks. First, an effective self-contained privacy-preserving access control method is introduced to protect the confidentiality of the content and the credentials of users. This method is based on ciphertext-policy ABE and public-key encryption with keyword search. After that, a secure proxy decryption mechanism is proposed to reduce the heavy burdens of energy consumption on performing ciphertext decryption at end users. The experimental results demonstrate the efficiency and privacy preservation effectiveness of PSSPD.     

基于纳什议价的P2P社会网络资源共享

针对Peer-to-Peer（P2P）社会网络中存在的自由下载问题,本文提出一种基于纳什议价的节点资源共享博弈。首先,将节点共享资源分为两类:公共品资源和俱乐部资源。将社会网络中的节点关系集合分为：朋友集合 和普通集合 。节点在 集合中共享的资源作为公共品资源,在 集合中作为俱乐部资源。其次,本文采用纳什议价的方法证明存在节点共享能力、保证不同集合中节点共享资源的最小服务质量以及最大化节点共享资源效用函数的条件下,共享资源节点根据纳什议价权力对不同集合进行资源共享,达到最优的资源共享。再次,分析了基于纳什议价节点共享资源的公平性。最后,通过仿真验证表明：节点共享资源的收益和资源共享量与不同集合议价权力都正相关,保证最小服务质量的资源共享其公平性因子高于不存在服务质量保证的资源共享公平性因子。仿真结果验证了理论分析结果。     

密集异构网络中D2D通信的多对多资源共享

为解决高接入量、高数据速率需求下的频谱资源短缺问题,将D2D通信技术引入蜂窝网络,研究密集异构网络中D2D通信的多对多资源分配与功率控制问题.多对多频谱共享将显著提高频谱效率,但在密集场景下会产生干扰累积问题.针对干扰累积问题,提出基于集合划分的多对多资源共享方案,提高D2D用户接入率以及最大化系统吞吐量;设计基于连续...     

一种改进的直接匿名认证方案

介绍可信计算中直接匿名认证(DAA)方案的研究与发展,针对现有解决方案中由于EK密钥泄露而造成的Rudolph攻击,提出了一种改进的直接匿名认证方案。与原方案相比,改进的方案在Join阶段提出了一种新的密钥交换协议,在实现DAA证书发布者和示证者双向身份认证的同时,将EK证书的认证过程和DAA证书的签发过程分离,从而避免了Rudolph攻击的出现。通过利用CK模型对提出的密钥交换协议进行分析,表明改进的方案中的密钥交换协议达到SK安全等级;该方案保证了用户可控的匿名性,并且可信第三方不会成为方案瓶颈。     

P2P网络的准入控制方案

提出了一个P2P网络的准入控制方案。该方案不仅能根据安全需求对节点进行资格审核，屏蔽掉一些不符合安全要求的节点，而且能抵抗Kim等人方案中存在的Sybil攻击和舍谋攻击。此外，该方案还具有当节点进入P2P网络后，如有恶意行为．网络能剔除这些恶意节点等特性。     

P2P网络的准入控制方案

提出了一个P2P网络的准入控制方案。该方案不仅能根据安全需求对节点进行资格审核,屏蔽掉一些不符合安全要求的节点,而且能抵抗Kim等人方案中存在的Sybil攻击和合谋攻击。此外,该方案还具有当节点进入P2P网络后,如有恶意行为,网络能剔除这些恶意节点等特性。     

基于P2P系统信任机制的DRM模型

P2P技术的成熟同时也给数字内容的版权保护带来更大的挑战.传统C/S模式下的DRM已不能满足P2P环境下的数字版权保护.结合现阶段网络技术中P2P技术的实际应用情况和新一代数字版权管理(DRM)技术,提出了基于P2P系统信任机制的版权管理模型.该模型通过秘密共享思想将许可证密钥分发给P2P网络中的可信任节点,为基于P2P技术的数字内容分发提供了必要的安全保障.通过分析与仿真实验表明,该模型较现有数字版权管理模型在传输的容错性、入侵容忍性与安全性方面都有较大的提高.     

结构化对等网络中面向信誉机制的资源共享平台

针对目前因特网上提高空闲网络资源利用率的需求,提出并描述了结构化对等网络中一种面向信誉机制的资源共享平台NRSP。NRSP系统可以把因特网上用户提交的各种作业高效地映射到平台中合适的网络资源上运行,充分共享空闲处理器的周期。该系统具有非集中性、可移植性、统计性与公平性的优点,使用分布式哈希表的Pastry网络来组织节点。同时提出一种新型的分布式信誉机制,支持资源的消费者与提供者之间交换信誉信息,完成信誉信息的统计。最后实现了NRSP的原型系统,通过对各种作业场景下的应用进行测试,性能分析表明NRSP采用公平的信誉机制可以更快、更多地共享其他节点的处理器周期。     

A QoS-aware VoD resource sharing scheme for heterogeneous networks

In network-aware concept, applications are aware of network conditions and are adaptable to the varying environment to achieve acceptable and predictable performance. Two basic aspects of network-aware applications, network-awareness and network adaptation, have been widely addressed in the literature. In this work, a solution for video on demand service that integrates wireless and wired networks by using the network-aware concepts is proposed to reduce the blocking probability and dropping probability of mobile requests. Fuzzy logic inference system is employed to select appropriate cache relay nodes to cache published video streams and distribute them to different peers through service oriented architecture (SOA). SIP-based control protocol and IMS standard are adopted in this work to ensure the possibility of heterogeneous communication and provide a framework for delivering real-time multimedia services over an IP-based network to ensure interoperability, roaming, and end-to-end session management. The experimental results demonstrate that effectiveness and practicability of the proposed work.     

An efficient continuous k-nearest neighbor query processing scheme for multimedia data sharing and transmission in location based services

The continuous k-nearest neighbor query is one of the most important query types to share multimedia data or to continuously identify transportable users in LBS. Various methods have been proposed to efficiently process the continuous k-NN query. However, most of the existing methods suffer from high computation time and larger memory requirement because they unnecessarily access cells to find the nearest cells on a grid index. Furthermore, most methods do not consider the movement of a query. In this paper, we propose a new processing scheme to process the continuous k nearest neighbor query for efficiently support multimedia data sharing and transmission in LBS. The proposed method uses the patterns of the distance relationships among the cells in a grid index. The basic idea is to normalize the distance relationships as certain patterns. Using this approach, the proposed scheme significantly improves the overall performance of the query processing. It is shown through various experiments that our proposed method outperforms the existing methods in terms of query processing time and storage overhead.

     

一种可控路长的P2P匿名通信协议

P2P匿名通信系统带来了良好的可扩展性,然而要兼顾匿名和效率仍然是个难题。匿名技术在使用户获得良好匿名性能的同时,往往增加了通信延时及成员负载,牺牲了效率。在分析现有匿名通信技术的基础上,提出了一种新的可控路长的P2P匿名通信协议LCPACP（Length Controllable Protocol for P2P Anonymous Communication）。LCPACP采用嵌套加密来保证强匿名性,利用转发概率递减的策略来有效控制重路由路径长度,以取得高效率。理论分析与计算结果表明,新的协议能显著缩短路长,保证良好的传输性能,同时能提供良好的匿名保护。     

A node management scheme for stable P2P service in mobile ad-hoc networks

In a mobile ad-hoc network, multiple number of nodes can communicate with one another without the need for an infrastructure network. It is used in many different types of places, including military zones and disaster or hazardous areas. In a mobile ad-hoc network, each node acts both as a main agent of communication and a relay. Furthermore, each gives a weakness to the network or is subjected to vulnerabilities from malicious attacks due to their distinctive qualities, namely mobility and limited power. Accordingly, in order for stable P2P service, it is important to maintain the reliability and connectivity of the network at a high level. With existing schemes, it has often been the case that when defective nodes or malicious nodes are detected, it also causes damage to normal nodes. In scheme suggested in this paper, those nodes that have temporary defects but otherwise normal and can recovered are kept in the network but those that are defective or malicious are eliminated from the network, using trust values. The simulation was carried out to evaluate the performance of the proposed method. As a result, the message transmission rate even if the impact of a malicious node than the conventional method was demonstrated increased keeping the stable network topology.