基于块稀疏快速重构的MISO活跃用户集与信道联合估计

针对多用户多输入单输出（Multiple input single output, MISO)系统的用户选择与信道估计问题,引入基于用户分布式自选择的信道接入策略,设计一种新的结合该策略的时分双分复用（Time division duplex, TDD)模式数据传输帧结构。利用用户活跃模式自然稀疏性和信道冲激响应时延域稀疏性,将基站接收上行随机导频序列建模为块稀疏线性模型。基于凸松弛的l2/l1模型提出一种快速的块稀疏重构算法求解问题模型。算法首先对目标函数进行变量分裂,然后利用交替方向法对各变量进行交替更新,直至满足收敛条件。交替更新中,对于无法获得闭式解的信号变量项,采取块坐标下降法求解。计算机仿真表明,与块正交匹配追踪和块压缩采样匹配追踪比较,新算法能够在保持高重构精度的前提下获得更快的计算速度。     

用VPN集成加密设备强化基层电子政务信息安全

当前,电子政务信息系统已经成为转变政府职能、提高行政效率的有效手段。基层政府部门电子政务系统具有建设资金有限、用户数量少且分散的特点,常依托互联网运行,重要和敏感信息面临巨大安全风险。本文针对该安全需求,提出研制与VPN系统集成的加密设备,实现基于互联网电子政务系统安全、高速加密传输和用户身份鉴别,解决该类系统面临的主要信息安全问题,并最大程度降低传输专线、电子CA认证等系统建设的高昂成本。     

Anatomy of a Data Breach

ABSTRACT

In the wake of undiscovered data breaches and subsequent public exposure, regulatory compliance and security audit standards are becoming more important to protecting critical assets. Despite the increase in the number of data breaches via illicit means, internal controls seem to fail when it comes to the assurance that critical assets remain uncompromised. According to the Identity Theft Resource Center, 336 breaches have been reported in 2008 alone, 69%?greater than this time last year ¹ 1. Identity Theft Resource Center. (2008, July 15). IRTC 2008 Breach List. . This is a concern for security teams, especially since a lack of dedicated resources exists to combat and revert this trend.

This is significantly important to take into consideration when going through the formal audit process to certify adherence to Sarbanes-Oxley (SOX), Graham Leach Bliley (GLBA), Payment Card Industry (PCI), or the Health Insurance and Portability and Accountability Act (HIPAA). With the significant increase in data exposure corporations cannot afford to take shortcuts when it comes to information assurance. Otherwise it is almost certain that one will become a victim of a serious exposure of sensitive information. This paper will explore the several disconnects between established and accepted security audit framework and the variable of hidden infections.     

SSH-Based Device Identity and Trust Initialization

ABSTRACT

Managing devices in distributed network environments is always challenging. There are two fundamental problems that constantly puzzle network administrators. First, how are devices securely identified? Second, how can devices initialize trust between each other? This paper introduces a Secure Shell (SSH) public key-based device identification and trust initialization mechanism. By utilizing the widely deployed SSH protocol stacks, a device's SSH public keys, together with the attributes that describe the name, location, version, capabilities, etc., of a device, are registered as secure device identities. By exchanging the public key using SSH protocol itself, a circle of mutual trust can be initialized between managed devices and a central administration console. The mutual trust allows configuration data to be pushed from the administration console to all the trusted devices. It can also be used as the trust anchor to further initialize other type of trust.     

Analyzing settings for social identity management on Social Networking Sites: Classification,current state,and proposed developments

The rising prevalence of Social Networking Sites (SNS) and their usage in multiple contexts poses new privacy challenges and increasingly prompts users to manage their online identity. To address privacy threats stemming from interacting with other users on SNS, effective Social Identity Management (SIdM) is a key requirement. It refers to the deliberate and targeted disclosure of personal attribute values to a subset of one's contacts or other users on the SNS. Protection against other entities such as the site operator itself or advertisers and application programmers is not covered by SIdM, but could be incorporated in further refinement steps. Features and settings to perform SIdM have been proposed and subsequently implemented partly by some SNS. Yet, these are often isolated solutions that lack integration into a reference framework that states the requirements for successfully managing one's identity. In this article, such a reference framework of existing and desired SIdM settings is derived from identity theory, literature analysis, and existing SNS. Based thereupon, we examine the SIdM capabilities of prevalent SNS and highlight possible improvements. Lastly, we reason about developing a metric to objectively compare the capability of SNS in regards to their support for SIdM.     

基于Gabor滤波的指纹图像识别研究与实现

采用基于Gabor滤波指纹识别算法进行指纹图像中心点计算、扇形化、归一化、Gabor滤波、特征提取以及比对,并利用Matlab仿真实现该算法.在仿真实验中建立一定数量的指纹库,对该算法进行比对分析.     

基于动态联盟的一种身份信任计算模型

在动态联盟中,身份管理是确保信息安全的一种手段,但是随着联盟成员数日益增多,传统的身份管理难以妥善应对当前较为复杂的环境,尤其当成员之间无交互历史时,数据交换的可靠性无法保障。文中研究了不同计算环境中的多种信任管理方法,并把P2P的推荐评价机制应用到动态联盟的身份管理中,提出了一种基于推荐的身份信任管理的算法。在这种算法中,身份的信任值由多因素加权综合而成,其中推荐信任值在算法中起到关键的作用。该算法试图为解决复杂的动态联盟环境下的身份管理问题提供一种途径。     

B/S模式下油指纹数据库动态更新机制研究

油指纹库和溢油鉴别系统的构建对溢油鉴别具有重要意义,而数据库更新对保持数据库的现实性又有着重要的作用。本文首先阐述地理信息系统（GIS）数据库更新的含义,然后介绍数据库增量更新和完全更新两种机制。在对油指纹数字化鉴别系统的数据内容以及对数据更新具体需求分析的基础上,讨论系统B/S（Browse/Server）部分的数据更新机制,并详细论述更新机制的实现过程。     

一一对应人脸自动识别身份验证的方法与应用

为实现人脸自动识别科技成果的广泛应用,本文规避现有的人脸自动识别的缺陷与不足,借鉴其成熟技术,提出在固定背景和光照的条件下,采用一对一比对,在＂合作用户＂领域中将人脸自动识别应用于身份验证的新方法。通过对人脸自动识别现有成熟技术、发展趋势和发展前景的论证,得出一一对应人脸自动识别身份验证的方法的技术路线完全可行,值得推广应用的结论。     

基于混沌系统和极化恒等式的数字图像加密算法

混沌系统具有初值敏感性,参数敏感性和类随机性等特性。将图像分成大小为8 8的图像子块,利用经典的Logistic方程产生的混沌序列并对其排序生成匹配模板来改变图像子块的位置,然后利用极化恒等式内积分解加密算法改变图像像素的值。因此,基于混沌系统和极化恒等式的数字图像加密算法使图像的像素的位置和值都发生了变化,实现了图像的混淆和扩散。仿真实验表明该方法进行图像加密具有可行性和安全性。