浅议多级数据容灾系统的设计与实现

要想管理好系统的数据,必须要建立和完善数据的容灾系统。本文主要介绍了数据容灾系统的现状,并提出合理化的建议,以便为数据管理方面提供方便。     

关于作战指挥自动化系统信息安全问题的思考

本文介绍了军队作战指挥自动化系统信息安全存在的问题,结合现有信息安全技术,阐述了加强军队作战指挥自动化系统信息安全的对策.     

建立基于Solr平台的环境污染网络舆情监测系统

本文针对网络上通过微博、论坛等网络平台发布的环境污染相关消息的高效捕获,提出建立基于Solr平台的环境污染网络舆情监测系统,重点描述了基于Solr平台实现环境污染网络舆情监测系统的主要模块,并基于实际舆情数据对系统的功能和性能进行了分析。实验结果表明本文所述系统可有效满足环保部门等对网络舆情监测的需求。     

基于双缓冲文件系统过滤驱动技术研究

针对单缓冲技术在过滤驱动透明加解密中存在的缺陷和不足,本文提出采用双缓冲机制,在内核态创建两个缓冲区,授权程序访问解密缓冲区数据,非授权程序访问非解密缓冲区数据,两者互不影响。首先对文件系统过滤驱动和双缓冲技术进行理论研究,然后提出了系统的设计思想,建立设计方案,进行实现和应用。通过测试结果表明,该系统对透明加解密系统性能和兼容性有很大提升。     

数据库系统课程的教学内容和方法探讨

针对大同大学数据库原理教学中存在的理论和实践脱节的问题,提出了以数据库系统设计为主线的教学方法和内容的改进,引进了以小组课题为主的CDIO教学模式,旨在提高学生分析问题和解决问题的能力,使学生通过本课程的学习,能够设计出规范的数据库。     

对中小商业银行等级保护咨询服务探讨与研究

本文力求全面剖析中小商业银行的等级保护咨询服务项目,帮助将要开展信息安全等级保护的咨询方和银行信息安全管理者明确等级保护的咨询服务所涵盖的内容及所能达到的目标。     

校园信息化建设中E卡通系统的安全配置

苏州全市中小学已经普遍使用教育E卡通,它不仅满足于校园信息化的建设,而且充当了公交卡、借书卡、园林卡等其他第三方功能的应用,随之接口应用应运而生。它让两者不能通用的系统,有机地结合到一起,达到共赢的目的。     

Distributed load-balancing algorithm for fast tag reading

The radio frequency identification (RFID) technology has gained a lot of recent interests because it has been widely recognised as a foundation technology for the ‘Internet of things’. In current multi-reader RFID systems, readers work with fairly less cooperation and are responsible to retrieve data from different number of tags individually, which results in large reading time of obtaining all tag data. In this paper, a fast tag reading problem in multi-reader RFID systems with the goal of obtaining all tag data by using minimum reading time is studied. A distributed load-balancing algorithm based on diffusion method is proposed to solve the problem by migrating tags from highly loaded reader to lightly loaded reader. The simulation results demonstrate the effectiveness and efficiency of proposed algorithm.     

Code Analysis for Software and System Security Using Open Source Tools

ABSTRACT

Software security helps in identifying and managing risks. One of the effective ways to identify software vulnerabilities is to analyze its code. Code analysis (Chess & West, 2007 Chess, B. and West, J. 2007. Secure programming with static analysis, Boston, MA: Addison-Wesley.  [Google Scholar]) helps in catching common coding mistakes such as buffer overflow, unused variables, memory leaks, and various race conditions, which in turn optimizes computer programs, both in storage and computation aspects. Software developers use either open source tools or commercial tools for verification and validation of software. Without proper validation of a software/system using some standard guidelines, potential attackers can find ways to exploit vulnerabilities and bugs and then can gain control over a system, if they are successful. In this paper, we discuss some of the open source static code analysis and dynamic analysis tools, their merits, and limitations with respect to some target codes that contain possible threats. We consider C/C++ and Java programming languages for our experiments. For static code analyzers, we consider Flawfinder, Splint, and Cppcheck; PMD, Findbugs, and Valgrind for dynamic code analysis, and its plug-in, Memcheck, to perform dynamic analysis on executables. We provide our observations in a comparison table, highlighting these tools strengths and weaknesses.     

Managing Your Security Future

ABSTRACT

Information technology organizations within most corporations are spending significant time and resources securing IT infrastructure. This increased need for security is driven by a number of factors. These factors include increased dependency on the Internet, financial and legal liability, protection of personal identity information and sensitive corporate data, increased numbers and age of legacy systems with limited vendor support, deploying complex systems, and new regulations governing corporate transactions. There a number of technologies on the market today that can mitigate most of these security factors. However, managers in IT organizations need to identify potential future threats and security technologies to assess and potentially mitigate risk through the deployment of those technologies. This article investigates three areas critical to the successful deployment and securing of information technology.