后工业时代米兰单功能城区更新

在物化的形式上,解释米兰城市发展历史上的单功能城区的改造意义,并由此分析单功能城区更新的经验:单功能城区向混合居住模式的更新是发展方向;城区的功能重新定义对城区发展有重要意义;以新的建设为基础,发展城区自身的特色,做到城市在更新和特色之间的协调。     

The Tenet experience and the design of protocols for integrated-services internetworks

The research done by the Tenet Group in multimedia networking has reached a point where it may be useful to reflect on the significance of its results for the current debate on how integrated-services internetworks should be designed. Such reflections constitute the main subject of this paper. The principles of the work and the conclusions reached so far by the Tenet researchers are discussed in the light of the conflict between the two major technologies being proposed to build future information infrastructures: namely, the Internet and the ATM technologies. The Tenet approach suggests one feasible way for resolving the conflict to the advantage of all the users of those infrastructures. This paper discusses various fundamental aspects of integrated-services network design: the choice of the service model, the type of charging policy to be adopted, and the selection of a suitable architecture.     

小世界网络中的删边扩容效应

不同于无标度网络,小世界网络中体现负载特性的介数分布和体现连接特征的度分布这两种结构差异很大,依据这个差异,我们提出了有效的删边扩容方法并进行了仿真实验,并进一步从容量与最大介数的关系理论分析确证了实验结果.接着,我们分析了小世界网络中介数分布的差异性与删边扩容效果的相关性,把基于介数的基尼系数变化用于度量删边扩容的效果,指出了结构差异是导致删边扩容效应的必要条件.还指出了无论从容量与介数的定义、仿真结果、结构差异与删边扩容效果的关系来看,都应该从介数入手来实现删边扩容方法,这种方法反直觉,有很多变种,并且实现方便、节省成本,作为一类新的路由策略可以广泛地应用于各类通信网络和交通网络等领域.     

Achieving fair service with a hybrid scheduling scheme for CICQ switches

Providing performance guarantees for arriving traffic flows has become an important measure for today’s routing and switching systems. However, none of current scheduling algorithms built on CICQ (combined input and cross-point buffered) switches can provide flow level performance guarantees. Aiming at meeting this requirement, the feasibility of implementing flow level scheduling is discussed thoroughly. Then, based on the discussion, it comes up with a hybrid and stratified fair scheduling (HSFS) scheme, which is hierarchical and hybrid, for CICQ switches. With HSFS, each input port and output port can schedule variable length packets independently with a complexity of O(1). Theoretical analysis show that HSFS can provide delay bound, service rate and fair performance guarantees without speedup. Finally, we implement HSFS in SPES (switch performance evaluation system) to verify the analytical results.     

A novel logic-based automatic approach to constructing compliant security policies

It is significant to automatically detect and resolve the incompliance in security policy.Most existing works in this field focus on compliance verification,and few of them provide approaches to automatically correct the incompliant security policies.This paper proposes a novel approach to automatically transform a given security policy into a compliant one.Given security policy Π and delegation policy M declared by logic programs,the approach automatically rewrites Π into a new one ΠM which is compliant with M and is readable by the humans.We prove that the algorithm is sound and complete under noninterference assumption.Formally,we show that the security policy query evaluation algorithm with conflict and unsettlement resolution still works very well on ΠM.The approach is automatic,so it doesn’t require a administrator with excess abilities.In this sense,our proposal can help us to save much manpower resource in security management and improves the security assurance abilities.     

使用矩阵实现LRU的页面置换算法

操作系统的内存管理一直是计算机领域研究的一个重要方向。文中分析了几种常用内存管理中的页面置换算法及其存在的问题,提出了LUR页面置换算法的操作系统内存管理中比较接近理想算法的一种页面置换算法,并阐述了使用矩阵方法实现该页面置换算法的原理。     

数据交换传输安全模型设计及实现

在WebServices应用中,保证数据交换传输的安全性和完整性非常重要,而当前技术下的WebServices却在安全性方面存在着一些不足。为了保护在WebServices中消息交换的安全传递,文中通过X．509证书实现了WebServices消息签名和加密,阐述了利用WSE3．0构建安全WebServices的方法,设计并实现了一种基于策略的可扩展系统安全架构,其中采用了证书管理、数据同步以及用户校验三种机制。在实现架构的过程中,将安全通信主体分为Web服务端和服务应用端,并通过对系统安全性的分析验证,证明此架构具有良好的安全性。随着信息化技术的发展,安全架构中安全策略的应用会越来越广泛和深入。     

基于横纵向联合控制的多目标优化车辆跟驰研究

为解决车辆在拥堵环境中因车速波动较大所带来的跟驰平稳性较差、跟踪无效或不安全等问题,提出了基于车辆模型和深度强化学习的多目标优化跟驰方案。首先基于车辆横纵向动力学建立车辆跟驰模型,然后根据车间距误差、速度误差、横向偏差及相对偏航角等,利用深度确定性策略梯度算法得到跟驰车的加速度和转向角,以更平稳安全地控制跟驰车辆。经NGSIM公开驾驶数据集进行测试与验证,该方案可有效地提升跟驰车辆的稳定、舒适与安全性,对保证交通安全和提升道路通行能力具有重要意义。     

自动信任协商中一种最小信任披露策略

自动信任协商是通过逐渐请求和披露数字证书在两个陌生实体间建立相互信任的方法。当前对自动信任协商协商策略的研究,往往存在很多问题。文章提出了一种基于期望因子的自动信任协商模型,该模型采用MCD策略,通过分析各信任证书的期望因子,当可能的协商存在时,它能披露和请求最小的信任证找到一条成功的协商路径,当协商不可能成功时,尽快的发现并终止它。它能保证在协商的过程中没有不相关的信任证被披露并且不需要暴露双方的访问控制策略,同时通过实验证了明MCD策略是完备的。     

访问控制策略描述语言与策略冲突研究

访问控制技术是网络安全防范和保护的主要方法,能保证信息的完整性和机密性。随着计算机、互联网和无线通信技术的高速发展,网络安全问题日益严重,访问控制策略的研究已成为计算机学科的一个热点课题。本文首先介绍了五种主要的访问控制策略描述语言,分析了各自的特点及适用环境;然后总结了访问控制策略冲突产生的原因、类型、冲突检测以及冲突消解方法;最后给出了访问控制策略研究的发展趋势。