PKI技术的发展综述

随着网络技术的发展，网络安全越来越受到大家的关注，公开密钥基础设施（PKI）技术是目前唯一能够全面解决网络安全问题的可行方案。各国政府，如美国、加拿大等先后提出了自己的PKI体系结构及其工作原理。介绍了国内外PKI技术的发展情况。     

正确把握电信发展规律

二十世纪末，全球网络经济过热和电信业陷入之际，正是中国电信业深化体制改革、破除垄断、全面引入竞争之时。面对复杂的国际国内形势，中国电信业在一系列关系发展全局的重大问题上，坚持理性与务实，保持了行业积极稳健的发展。我国电信业目前正处于新的发展时期，面对新的机遇和挑战，在总结国内外实践的基础上，要进一步加深对电信发展基本问题的认识，要正确处理好一系列带有全球性、战略性、方向性的重大关系问题。     

基于数字签名方案的口令鉴别方案

本文在广义ＥｌＧａｍａｌ型签名方案上建立了许多口令鉴别方案，并且提出了文［１］的三个改进方案。利用这些方案，计算机系统不仅能监测和控制口令的使用，而且可以抗击许多对口令的伪造攻击。     

信息高速公路上的安全问题

首先介绍了信息高速公路的概貌,并指出了信息高速公路将面临的威胁和攻击,接着说明了信息高速公路应当具备的基本安全特性以及实现这些特性可以采取的措施,最后介绍了信息高速公路安全技术的开发动态。     

IC卡在电信领域的应用模式

本文列举了ＩＣ卡在电信领域及一些国家和地区的应用之后，给出了国际ＩＣ卡的应用发展模式，以供有关部门参考。     

局域网通讯安全的实现

尽管当前有许多维护网络安全的策略，但是局域网内部通讯安全却往往被忽略，文章首先分析当前一些安全策略在维护局域网内部通讯安全的不足，然后提出一种具有加密功能的以太网网卡，用以解决局域网内部通讯的安全问题。     

A Survey of E-Commerce Security

E-commerce is a very active field of Internet research. A very important aspect of e-commerce is its security. Because of the variety of e-commerce applications, many security policies, protocols and techniques are involved in the deployment of the security. The related standards and protocols of e-commerce are studied in this paper. The general model of e-commerce security is set forth. In this model, two most important e-commerce protocols including secure sockets layer (SSL) and secure electronic transaction (SET) are analyzed. The open problems and new trends of e-commerce security are presented.     

一种适合协同工作系统的安全认证方案

针对网络化协同工作系统的安全认证需求，综合应用Kerberos协议、X．509证书和口令认证技术，借鉴PKI的思想，设计了一种适合网络化协同工作系统的灵活而易于扩展的安全认证方案。这个方案能够保证证书的安全分发，满足网络化协同工作系统对分散、动态的用户安全身份认证的要求。     

计算机网络安全体系的研究

首先,结合国内外同行的最新研究成果,我们将对网络系统中的不安全因素加以分析,并形式化地给出一个安全计算机网络系统的定义;然后将从理论上阐述一个基于OSI-RM体系的网络安全保护体系的模型,并讨论该安全保护体系在现有系统中的作用。     

Wavelet based Denial-of-Service detection

Network Denial-of-Service (DoS) attacks that disable network services by flooding them with spurious packets are on the rise. Criminals with large networks (botnets) of compromised nodes (zombies) use the threat of DoS attacks to extort legitimate companies. To fight these threats and ensure network reliability, early detection of these attacks is critical. Many methods have been developed with limited success to date. This paper presents an approach that identifies change points in the time series of network packet arrival rates. The proposed process has two stages: (i) statistical analysis that finds the rate of increase of network traffic, and (ii) wavelet analysis of the network statistics that quickly detects the sudden increases in packet arrival rates characteristic of botnet attacks.Most intrusion detections are tested using data sets from special security testing configurations, which leads to unacceptable false positive rates being found when they are used in the real world. We test our approach using data from both network simulations and a large operational network. The true and false positive detection rates are determined for both data sets, and receiver operating curves use these rates to find optimal parameters for our approach. Evaluation using operational data proves the effectiveness of our approach.