使能未来工厂的5G能力综述

5G系统将移动通信服务从移动电话、移动宽带和大规模机器通信扩展到新的应用领域，即所谓对通信服务有特殊要求的垂直领域。对使能未来工厂的5G能力进行了全面的分析总结，包括弹性网络架构、灵活频谱、超可靠低时延通信、时间敏感网络、安全和定位，而弹性网络架构又包括对网络切片、非公共网络、5G局域网和边缘计算的支持。希望从广度到深度，对相关的理论及技术应用做透彻、全面的梳理，对其挑战做清晰的总结，从而为相关研究和工程技术人员提供借鉴。     

基于概率法的电力系统安全分析

为应对电力系统安全分析中的停机问题，基于概率法的方式，将常用的确定停机计算与加入了概率法的概率停机进行比较，研究了二者的区别与其在长期投资方向的不同。在进行电力系统停机分析时，通常会分别从确定停机与概率停机的角度出发，对其应急状态下的潮流进行计算。但前者的方法可能导致极低概率的停机事件被忽略，进而影响长期的资金投资。通过加入概率法的计算，使得对单个停机事件的判定由其具体的频率来确定，增加了系统运行的稳定性。     

Understanding the asymmetric perceptions of smartphone security from security feature perspective: A comparative study

Smartphones are being used and relied on by people more than ever before. The open connectivity brings with it great convenience and leads to a variety of risks that cannot be overlooked. Smartphone vendors, security policy designers, and security application providers have put a variety of practical efforts to secure smartphones, and researchers have conducted extensive research on threat sources, security techniques, and user security behaviors. Regrettably, smartphone users do not pay enough attention to mobile security, making many efforts futile. This study identifies this gap between technology affordance and user requirements, and attempts to investigate the asymmetric perceptions toward security features between developers and users, between users and users, as well as between different security features. These asymmetric perceptions include perceptions of quality, perceptions of importance, and perceptions of satisfaction. After scoping the range of smartphone security features, this study conducts an improved Kano-based method and exhaustively analyzes the 245 collected samples using correspondence analysis and importance satisfaction analysis. The 14 security features of the smartphone are divided into four Kano quality types and the perceived quality differences between developers and users are compared. Correspondence analysis is utilized to capture the relationship between the perceived importance of security features across different groups of respondents, and results of importance-satisfaction analysis provide the basis for the developmental path and resource reallocation strategy of security features. This article offers new insights for researchers as well as practitioners of smartphone security.     

Secure lightweight password authenticated key exchange for heterogeneous wireless sensor networks

Several three-party password authenticated key exchange (3-PAKE) protocols have recently been proposed for heterogeneous wireless sensor networks (HWSN). These are efficient and designed to address security concerns in ad-hoc sensor network applications for a global Internet of Things framework, where a user may request access to sensitive information collected by resource-constrained sensors in clusters managed by gateway nodes. In this paper we first analyze three recently proposed 3-PAKE protocols and discuss their vulnerabilities. Then, based on Radio Frequency Identification technologies we propose a novel 3-PAKE protocol for HWSN applications, with two extensions for additional security features, that is provably secure, efficient and flexible.     

基于密钥共享的分层混合认证模型

随着信息时代的迅速发展,云计算数据访问安全已经成为了用户最关心的问题。身份认证技术是确保参与者在开放的网络环境中实现安全通信的一种重要手段,如何利用身份认证技术为云环境安全保驾护航,成为学者研究的热点。文中通过公钥基础设施(Public Key Infrastructure,PKI)颁发CA证书以在不同云服务间建立信任,将多个采用身份密码体制(Identity-Based Encryption,IBE)的云联合起来；采用分层身份加密体系,引入共享密钥技术,通过选取成环结构,提出一种PKI-IBE混合认证模型方案,并对方案的安全性进行分析,从理论上证明了云环境下PKI-IBE(Public Key Infrastructure-Identity-Based Encryption)同层成环模型提供服务的可行性。同时文中设计了一种基于该模型的签密技术,通过公私密钥对实现云内认证以及跨云认证。安全性理论证明与性能分析表明,该方案在计算量稍增加的前提下,保证了足够的安全性,更加满足云环境下的用户分属不同云域的认证以及用户安全访问的需求,有效解决了云环境中数据访问的安全问题。     

Low complexity quantum private queries protocol

Private information retrieval(PIR) is an important privacy protection issue of secure multi-party computation, but the PIR protocols based on classical cryptography are vulnerable because of new technologies,such as quantum computing and cloud computing. The quantum private queries(QPQ) protocols available, however, has a high complexity and is inefficient in the face of large database. This paper, based on the QKD technology which is mature now, proposes a novel QPQ protocol utilizing the key dilution and auxiliary parameter. Only N quits are required to be sent in the quantum channel to generate the raw key, then the straight k bits in the raw key are added bitwise to dilute the raw key, and a final key is consequently obtained to encrypt the database. By flexible adjusting of auxiliary parameters θ and k, privacy is secured and the query success ratio is improved. Feasibility and performance analyses indicate that the protocol has a high success ratio in first-trial query and is easy to implement, and that the communication complexity of O(N) is achieved.     

电信运营商信息安全管控架构及集中策略研究

本文对运营商信息安全集中管控架构演进和信息安全管控策略面临的问题进行了深入分析，提出了信息安全集中管控架构的演进方向建议及对信息安全监控策略工作优化的若干意见。     

碳酸盐岩岩溶储层多井评价方法及地质应用

多井评价是建立在单井精细解释对比分析基础上的预测储层及含油气性平面分布规律的技术方法,而常规测井资料无法区分碳酸盐岩岩溶储层,因而利用多井评价结果确定岩溶发育程度在平面上的分布规律就显得十分重要。为此,在岩心标定成像测井的基础上,对四川盆地高石梯—磨溪地区15口井的成像测井岩溶发育特征进行分析,建立了中二叠统茅口组岩溶发育各分带的标准成像图版,利用交会图及直方图分析各分带的常规测井响应特征,在此基础上形成了电成像测井刻度常规测井识别岩溶发育带的新方法。研究结果表明:①高石梯—磨溪地区茅口组岩溶带自上而下可划分为风化壳残积带、垂直渗流岩溶带、水平潜流岩溶带以及受岩溶作用较弱的基岩;②风化壳残积带在成像测井图像显示为"暗—亮—暗"条带状模式,垂直渗流岩溶带为垂直线状与暗色斑状组合模式,水平潜流岩溶带为水平线状—层状与斑状组合模式,基岩整体显示为亮色块状模式偶见线状或斑状特征;③有效储层主要发育在垂直渗流带和水平潜流带的顶部;④该区茅口组岩溶发育主要受裂缝发育控制,而裂缝发育又与断层关系密切。结论认为,该新方法对碳酸盐岩岩溶储层的多井评价具有普遍适用性,为四川盆地中二叠统风险探井的部署提供了技术支撑。     

新发展阶段中国水资源安全保障战略对策

进入新发展阶段，中国水资源安全保障需要以“节水优先、空间均衡、系统治理、两手发力”治水思路为指导，厘清问题、研判趋势、优化对策，支撑新阶段水利高质量发展。本文在全面分析我国水资源安全保障存在的突出问题与面临形势基础上，阐述了新发展阶段中国水资源安全保障的基本思路与战略路径，从保证资源安全、构建国家水网、强化供水保障、建设美丽河湖、改善水环境质量等方面提出了战略对策和需要进一步回答的重大问题，以期为完善新发展阶段中国水资源安全保障战略，全面提高国家水资源安全保障能力提供有力支撑。     

基于区块链技术的公益时间银行系统

在现有的时间银行系统中，时间币的发行功能和结算功能完全集中到一个中心节点上。这种极度中心化的功能结构，不仅存在容易发生中心节点单点失效、数据容易被篡改等信息安全问题，还存在着时间币的发行和流通缺乏透明度以及时间币的结算依赖中心化的结算机构等问题。针对这些问题，提出了一种基于区块链技术的解决方法。首先，将时间币的发行功能和结算功能从中心节点上分离出来；然后，利用具有分布式去中心化、集体维护和不可篡改等特性的区块链技术，将分离出来的发行功能逐步去中心化，将分离出来的结算功能去中心化，形成公益时间链（PWTB）；最终，PWTB利用区块链技术以去中心化的方式将时间银行系统由单个节点维护账本变成由集体维护一个分布式的共享账本，使时间币的发行和流通公开透明，时间币的结算不依赖某个中心化的节点。安全分析表明所设计的PWTB能够实现安全的信息传输与存储，以及数据的共享。