一种基于移动代理的网络安全联合风险评估系统模型

本文建立了一种基于移动代理的网络安全联合风险评估系统模型(MAURA),分析了系统体系结构、各部分功能,并将合同网的协同方法应用到风险评估中,提出了联合风险评估的机制,研究了评估的具体过程,从构造上克服了Agent间分析经验难于共享借鉴的问题。通过自适应的算法调节策略,提高了系统的分析性能,增强了对于外界负载变换的适应能力。仿真实验结果验证了MAURA是一种具有较高分析性能、可自主适应环境变化的网络安全风险评估系统。     

EDALoCo: Enhancing the accessibility of blockchains through a low-code approach to the development of event-driven applications for smart contract management

Blockchain is a cutting-edge technology based on a distributed, secure and immutable ledger that facilitates the registration of transactions and the traceability of tangible and intangible assets without requiring central governance. The agreements between the nodes participating in a blockchain network are defined through smart contracts. However, the compilation, deployment, interaction and monitoring of these smart contracts is a barrier compromising the accessibility of blockchains by non-expert developers. To address this challenge, in this paper, we propose a low-code approach, called EDALoCo, that facilitates the development of event-driven applications for smart contract management. These applications make blockchain more accessible for software developers who are non-experts in this technology as these can be modeled through graphical flows, which specify the communications between data producers, data processors and data consumers. Specifically, we have enhanced the open-source Node-RED low-code platform with blockchain technology, giving support for the creation of user-friendly and lightweight event-driven applications that can compile and deploy smart contracts in a particular blockchain. Additionally, this platform extension allows users to interact with and monitor the smart contracts already deployed in a blockchain network, hiding the implementation details from non-experts in blockchain. This approach was successfully applied to a case study of COVID-19 vaccines to monitor and obtain the temperatures to which these vaccines are continuously exposed, to process them and then to store them in a blockchain network with the aim of making them immutable and traceable to any user. As a conclusion, our approach enables the integration of blockchain with the low-code paradigm, simplifying the development of lightweight event-driven applications for smart contract management. The approach comprises a novel open-source solution that makes data security, immutability and traceability more accessible to software developers who are non-blockchain experts.     

结合简短可链接环签名的智能合约选举方案

目前一些电子选举协议利用可链接环签名或一次性环签名来保护投票者的隐私,并防止重复投票的情况发生,但签名大小随投票人数的增大而增大,而简短可链接环签名大小始终固定不变,但已有简短可链接环签名算法效率较低。针对这些问题,利用累加器和基于知识证明的签名,构造新的高效的简短可链接环签名,结合匿名地址及星际文件系统,提出一种新的智能合约选举方案,分别设计了选举的创建、投票、计票等阶段的操作。对方案的不可伪造性、可链接性、匿名性、隐私性、公开验证性以及运行效率进行了证明和分析。最后进行了实验仿真评估,结果显示,随着投票者人数的增大,该方案选票的签名大小及Gas消耗保持不变且较少,生成时间及验证时间增长缓慢且较少。     

区块链资产窃取攻击与防御技术综述

自中本聪提出比特币以来,区块链技术得到了跨越式发展,特别是在数字资产转移及电子货币支付方面。以太坊引入智能合约代码,使其具备了同步及保存智能合约程序执行状态,自动执行交易条件并消除对中介机构需求,Web3.0 开发者可利用以太坊提供的通用可编程区块链平台构建更加强大的去中心化应用。公链系统具备的特点,如无须中央节点控制、通过智能合约保障交互数据公开透明、用户数据由用户个人控制等,使得它在区块链技术发展的过程中吸引了更多的用户关注。然而,随着区块链技术的普及和应用,越来越多的用户将自己的数字资产存储在区块链上。由于缺少权威机构的监管及治理,以太坊等公链系统正逐步成为黑客窃取数字资产的媒介。黑客利用区块链实施诈骗及钓鱼攻击,盗取用户所持有的数字资产来获取利益。帮助读者建立区块链资产安全的概念,从源头防范利用区块链实施的资产窃取攻击。通过整理总结黑客利用区块链环境实施的资产窃取攻击方案,抽象并归纳威胁模型的研究方法,有效研究了各类攻击的特征及实施场景。通过深入分析典型攻击方法,比较不同攻击的优缺点,回答了攻击能够成功实施的根本原因。在防御技术方面,针对性结合攻击案例及攻击实施场景介绍了钓鱼检测、代币授权检测、代币锁定、去中心化代币所属权仲裁、智能合约漏洞检测、资产隔离、供应链攻击检测、签名数据合法性检测等防御方案。对于每一类防御方案,给出其实施的基本流程及方案,明确了各防护方案能够在哪类攻击场景下为用户资产安全提供防护。     

基于区块链的电力交易模型及博弈定价方法

为解决传统能源中心化交易模式缺少灵活性、透明性和可监督性等问题,满足新型电力系统中电网各主体间电力交易市场化、定价灵活化等新要求,提出一种基于区块链的电力交易模型及博弈定价方法。该电力交易模型具有分布式、去中心化、不可篡改和加密安全等优势。首先,建立基于区块链的电力交易模型,协调发、供、用等主体间的生产和消费行为,形成统一的市场机制;其次,提出了基于博弈的多时间尺度电力交易竞价机制,利用蚁群优化(ACO)算法求解可得每小时的最佳竞拍价格。最后,通过仿真验证了交易模型及博弈定价方法,在激励政策下各交易方收益最优化。结果表明,交易模型及定价方法在新能源参与交易背景下能有效地平衡市场各主体的效益;基于区块链的智能合约可实现电力交易过程的智能化、透明化和可追溯性。     

The price of anarchy in closed-loop supply chains

This paper measures the worst-case efficiency of price-only contracts in closed-loop supply chains (CLSCs) with the price of anarchy (PoA). We model a single-period Stackelberg game in which a manufacturer sells new products to a retailer and collects used products with exogenous retail price and collection price via three alternative reverse channels: (a) the manufacturer collects directly from customers, (b) the retailer collects for the manufacturer, and (c) a third party is awarded a collection subcontract from the manufacturer. We carry out a comprehensive investigation under push–pull configurations to observe how reverse channel structures with different gaming sequences of CLSC members influence the worst-case performance when the demand distribution is over the set of increasing generalized failure rate distributions. From our PoA analysis, we find that the pull system does not always outperform the push system, especially when the retailer is the leader, in contrast to the results for forward supply chains. While the PoA of the push system is dramatically sensitive to the quality condition of used products, the pull system has a constant efficiency loss that is independent of the quality condition. Instead, the PoA of the pull system solely changes with the gaming sequence of the manufacturer. We also find that manufacturer's direct collection is a better reverse channel choice compared to retailer's collection. Additional managerial insights are summarized for discussion.     

Myopic vs. far-sighted behaviours in a revenue-sharing supply chain with reference quality effects

In this paper, we consider a dynamic supply chain where a manufacturer produces and distributes a featured product through an exclusive retailer to end consumers. The manufacturer decides the product quality and wholesale price, while the retailer sets the retail price in the presence of a revenue-sharing contract and consumers’ reference quality effects. The objective of this study is to investigate the impacts of myopic behaviour regarding the reference quality on the product quality and pricing strategies and profits of both members. Our results suggest that the manufacturer’s myopia leads to a higher quality, higher price strategy and a higher quality–price ratio which benefits consumers. Meanwhile, relative to the far-sighted behaviour, myopia results in a more quality-sensitive but less price-sensitive market demand. What’s more, we find that the manufacturer is apt to act in a far-sighted way, but the retailer isn’t always willing to cooperate with a far-sighted manufacturer. Taking myopic strategies for both members is likely to gain a high profit of the whole supply chain for a relatively high marginal contribution of product quality on demand and a relatively low revenue-sharing proportion.     

Incentives for quality improvement efforts coordination in supply chains with partial cost allocation contract

In this paper, we consider quality improvement efforts coordination in a two-stage decentralised supply chain with a partial cost allocation contract. The supply chain consists of one supplier and one manufacturer, both of which produce defective products. Two kinds of failure cost occur within the supply chain: internal and external. The supplier and the manufacturer determine their individual quality levels to maximise their own profits. We propose a partial cost allocation contract, under which the external failure cost is allocated between the manufacturer and the supplier at different rates based on information derived from failure root cause analysis. If the quality levels of the supplier and the manufacturer are observable, we show that the partial cost allocation contract coordinates the supply chain, provided that the failure root cause analysis does not erroneously identify the manufacturer’s fault as the supplier’s, and the supplier does not take responsibility for the manufacture’s fault. In the single moral hazard model, where only the quality level of the supplier is unobservable, the optimal share rates require the supplier to take some responsibility for the manufacture’s fault. However, in the double moral hazard model, where quality levels of the supplier and the manufacturer are unobservable to each other, the optimal share rates require the supplier not to take responsibility for the manufacturer’s fault. It is noted that the root cause analysis conducted by the manufacturer may have its disadvantage in attributing the fault to the supplier when both sides are at fault. We also propose a contract based on the dual root cause analysis to reduce the supplier’s penalty cost. Numerical results illustrate that the partial cost allocation contract satisfies the fairness criterion compared with the traditional cost allocation contract.     

考虑通关水平的跨境物流服务供应链契约协调机制研究

为实现跨境物流服务供应链完全协调,运用Stackelberg博弈理论,构建由一个跨境物流服务供应商与一个物流服务集成商组成的二级供应链。采用因子分析法测度通关水平,分析通关水平对跨境物流服务供应链最优决策及协调运作的影响,设计可供跨境物流服务供应链完美协调的契约机制。研究表明,考虑通关水平使跨境物流服务供应链成员及供应链整体利润均得到提升;集中决策下跨境物流服务供应链整体利润总是高于分散决策;收益共享契约可实现跨境物流服务供应商及供应链整体决策的帕累托优化,但不能达到供应链的完全协调,而Nash协商改进的二部定价契约模型可实现供应链的完全协调。     

A DLT-based framework for secure IoT infrastructure in smart communities

In the field of smart communities, significant progress has been made in recent years. The objective of constructing smart communities is to improve the quality of life of their inhabitants. To accomplish this objective, technologies such as Internet of Things (IoT) and Artificial Intelligence (AI) were deployed. The data gathered and processed by IoT devices, particularly those with centralized control, are however susceptible to availability, integrity, and privacy risks. Due to its inherent properties of transparency, immutability, and underlying secure-by-design architecture, Distributed Ledger Technology (DLT) and Smart Contracts enable distributed, decentralized, automated workflows that can be incorporated to automate the management of the next generation of IoT networks. Using a potential use case, a conceptual architecture for securing smart communities with DLT is developed and explained. In this paper, a framework for IoT eco-systems is proposed that provides seamless integration between IoT and DLT to create a decentralized trusted architecture that ensures the trustworthiness of IoT eco-systems at design time and a trust reputation model based on the architecture to protect it at run-time. In addition, the initial implementation steps are described for this framework.