两个基于身份的数字签名方案的安全性改进

分析了文献[1]提出的两个基于用户身份的数字签名方案，发现其一般签名方案存在安全性缺陷，在此基础上建立了多重签名方案，但此方案也是不安全的。本文给出了改进的签名和多重签名方案。     

一种适合协同工作系统的安全认证方案

针对网络化协同工作系统的安全认证需求，综合应用Kerberos协议、X．509证书和口令认证技术，借鉴PKI的思想，设计了一种适合网络化协同工作系统的灵活而易于扩展的安全认证方案。这个方案能够保证证书的安全分发，满足网络化协同工作系统对分散、动态的用户安全身份认证的要求。     

针对钓鱼攻击的防范技术研究

论文从网络攻击的角度,提炼出了三种钓鱼攻击的模型,并对其实现机理、关键技术进行了比较详细的剖析。然后,针对钓鱼攻击本身的特点,提出了一种同时具备双因素认证和双向认证优点的认证模型来防御钓鱼攻击。     

ID-based non-interactive zero-knowledge proof system based on one-out-of-two non-interactive oblivious transfer

In this paper, we propose an ID-based non-interactive zero-knowledge proof system based on the 1-out-of-2 noninteractive oblivious transfer protocol. This zero-knowledge proof system is secure against a newly discovered cheating attack.     

增值税发票抵扣联移动认证系统的研究

无线通信技术和无线通信终端设备的发展为增值税发票抵扣联移动认证系统的研发提供了技术支持。文章从企业的实际需求为设计出发点,选择Visual Studio2005之C#作为本系统开发环境,综合利用微软移动通信技术(Microsoft Windows Mobile)和汉字设别技术,研发了增值税发票抵扣联移动认证系统。该系统通过"取得增值税专用发票→文字识别→无线认证→认证结果接收"等流程实现了增值税发票抵扣联的移动认证。     

A multipurpose audio watermarking algorithm with synchronization and encryption

We propose a new multipurpose audio watermarking scheme in which two complementary watermarks are used.For audio copyright protection,the watermark data with copyright information or signature are first encrypted by Arnold transformation.Then the watermark data are inserted in the low frequency largest significant discrete cosine transform(DCT) coefficients to obtain robustness performance.For audio authentication,a chaotic signal is inserted in the high frequency insignificant DCT coefficients to detect tampered regions.Furthermore,the synchronization code is embedded in the audio statistical characteristics to resist desynchronization attacks.Experimental results show that our proposed method can not only obtain satisfactory detection and tampered location,but also achieve imperceptibility and robustness to common signal processing attacks,such as cropping,shifting,and time scale modification(TSM).Comparison results show that our method outperforms some existing methods.     

基于指纹识别的虚拟硬盘研究

为防止机密数据不被窃取或篡改,本文提出一种基于指纹身份识别的虚拟硬盘文件加密存储方法。该方法是在Windows设备驱动程序的基础上,利用指纹识别技术和虚拟硬盘驱动程序,实现用户身份的唯一认证和文件的安全性管理。实验证明,该方法是一种安全、高效、实用的加密存储方法。     

基于桌面云的统一身份认证架构研究

桌面云是云计算的一种典型应用,能够有效提高资源利用率和维护效率,使人们应用桌面系统的方式发生了深刻变革。但是随着桌面云的广泛应用,如何集中管理和统一认证用户身份成为了桌面云面临的挑战。文章通过分析传统单点登录和桌面云认证技术,提出了一种基于桌面云的统一身份认证模式．并对该架构的优势进行了分析。     

Secure authentication scheme for passive C1G2 RFID tags

Privacy and security concerns inhibit the fast adaption of RFID technology for many applications. A number of authentication protocols that address these concerns have been proposed but real-world solutions that are secure, maintain low communication cost and can be integrated into the ubiquitous EPCglobal Class 1 Generation 2 tag protocol (C1G2) are still needed and being investigated. We present a novel authentication protocol, which offers a high level of security through the combination of a random key scheme with a strong cryptography. The protocol is applicable to resource, power and computationally constraint platforms such as RFID tags. Our investigation shows that it can provide mutual authentication, untraceability, forward and backward security as well as resistance to replay, denial-ofth-service and man-in-the-middle attacks, while retaining a competitive communication cost. The protocol has been integrated into the EPCglobal C1G2 tag protocol, which assures low implementation cost. We also present a successful implementation of our protocol on real-world components such as the INTEL WISP UHF RFID tag and a C1G2 compliant reader.     

浅析Cookies认证机制及其安全性

Web服务器生成Cookies并作为文本存贮于用户计算机硬盘或内存中,是实现Web应用认证的主要手段。本文分析了Cookie认证机制的实现过程与特点,并且论述了该认证机制易遭受的安全威胁以及安全需求,并给出实现安全Cookie认证的方法与措施。