Trustworthy assurance of service interoperation in cloud environment

Cloud computing can be realized by service interoperation and its essence is to provide cloud services through network. The development of effective methods to assure the trustworthiness of service interoperation in cloud environment is a very important problem. The essence of cloud security is trust and trust management. Combining quality of service (QoS) with trust model, this paper constructs a QoS-aware and quantitative trust-model that consists of initial trust value, direct trust value, and recommendatory trust value of service, making the provision, discovery, and aggregation of cloud services trustworthy. Hence, it can assure trustworthiness of service interoperation between users and services or among services in cloud environment. At the same time, based on this model, service discovery method based on QoS-aware and quantitative trust-model (TQoS-WSD) is proposed, which makes a solid trust relationship among service requestor, service provider and service recommender, and users can find trustworthy service whose total evaluation value is higher. Compared to QoS-based service discovery (QoS-WSD) method, it is proved by the experiment for TQoS-WSD method that more accurate result of service discovery will be achieved by service requestor, while reasonable time cost is increased. Meanwhile, TQoS-WSD method strongly resists the effect of service discovery by untrustworthy QoS values and improves service invocation success-rate and thus assures trustworthiness of services interoperation.     

一种基于主观逻辑理论的P2P网络信任模型

由于P2P系统的开放、匿名等特点,使得P2P系统对节点缺乏约束机制,节点间缺乏信任。针对以上问题本文提出了一种基于主观逻辑理论的P2P网络信任模型,并在信任的计算中引入风险的机制,有效防止协同作弊和诋毁的安全隐患。实验和分析结果表明,这种信任模型能更加精确地评估节点的信任度,从而能更加有效地解决P2P网络环境中存在的安全问题。     

OntoRBAC：基于本体的RBAC策略描述与集成

随着分布式安全系统研究的不断深入和发展，基于策略的体系结构已经逐步成为了访问控制系统中的一种主流方法。然而这些策略的定义均建立在特定的语言基础上。如何在异构的系统间进行集成尚缺乏有效的机制。本文提出了一种基于本体的访问控制策略定义机制——OntoRBAC——它完全支持了RBAC96模型，利用本体这个工具，能够为访问控制策略的制定提供更精确、更强大的描述能力，并且可以实现从语义层次上对不同策略的集成。而借助于SWRL（Semantic Web Rule Language），我们定义了多条适用于OntoRBAC的规则来进行对访问控制决策的推理。最后，介绍了这个系统的实现框架。     

基于MTPM和DPM的多无人机协同广域目标搜索滚动时域决策

传统的协同搜索决策方法在目标引导和机间协同方面存在不足. 研究建立了基于分布概率预测的目标概率图（Target probability map,TPM）初始化方法和基于贝叶斯准则的目标概率图动态更新方法,形成了修正目标概率图（Modified TPM,MTPM）及其运算机理.考虑对任务子区域进行可控回访,定义了数字信息素图（Digital pheromone map,DPM）,建立了数字信息素图使用方法及更新机理.设计了基于MTPM和DPM的寻优指标,建立了基于滚动时域控制的协同搜索决策方法（MTPM-DPM-RHC method,MDR）.仿真表明： 1） MTPM能有效降低对目标的虚警率和漏检率;2） DPM能有效实现对任务区域可控回访;3） MDR方法的遍历能力、重访能力和目标搜索效率均优于已有方法.     

信息系统安全专题前言

随着信息系统的快速发展,信息系统的复杂程度越来越高,所管理的数据规模越来越大,这给信息系统的安全带来了更为严峻的挑战。随着技术的进步和人们安全意识的提高,信息系统安全已受到学术界、产业界和政府主管部门的高度关注和重视。对信息系统安全问题的研究具有重要的现实意义和学术价值. 为及时反映我国在信息系统安全方面的最新研究进展,《软件学报》针对信息系统安全专题组织专刊,围绕信息系统安全领域的最新热点及难题,征集高水平原创性成果,重点反映我国学者在信息系统的安全与隐私方面的最新研究成果。征集的主题包括访问控制系统、系统安全建模与安全协议设计、系统安全相关密码学、数字版权保护与管理、系统攻击检测与防御、恶意代码检测与损坏恢复、硬件系统安全、操作系统安全、Web与应用系统安全、安全服务和系统可靠性、隐私保护与隐私增强技术、云计算系统安全、大数据处理系统安全、移动互联网系统安全、物联网系统安全、工业控制系统安全.     

Large-size-mismatch co-dopants for colossal permittivity rutile TiO2 ceramics with temperature stability

Colossal permittivity (CP) in donor-accepter co-doped rutile TiO₂ has attracted significant interest. Here, the CP behavior of (Ta?+?La) co-doped rutile TiO₂ ceramics were studied, where the ionic radii of Ta⁵⁺ and La³⁺ are much larger than that of Ti⁴⁺. The ceramics with an extremely low doping exhibit colossal dielectric permittivity (～2.6?×?10⁴) with an acceptable low dielectric loss (<0.07) in the frequency range from 40 to 10⁶?Hz. The CP properties obtained in (Ta?+?La) co-doped TiO₂ ceramics show excellent temperature stability over a wide temperature range of 20–400?°C. The X-ray diffraction analysis and the density functional theory calculation illustrates that the La₂³⁺${\text{V}}_{\text{o}}^{??}$Ti₂³⁺ and Ta₂⁵⁺Ti³⁺Ti⁴⁺ defect complexes with the lowest energy are responsible for the enhanced dielectric properties. Moreover, the defect complex formed by large-size trivalent substitutions and oxygen vacancy is very stable, and assists in improving temperature stability of the dielectric properties of co-doped rutile TiO₂ ceramics.     

机器学习中的隐私攻击与防御

大数据时代丰富的信息来源促进了机器学习技术的蓬勃发展,然而机器学习模型的训练集在数据采集、模型训练等各个环节中存在的隐私泄露风险,为人工智能环境下的数据管理提出了重大挑战.传统数据管理中的隐私保护方法无法满足机器学习中多个环节、多种场景下的隐私保护要求.分析并展望了机器学习技术中隐私攻击与防御的研究进展和趋势.首先介绍了机器学习中隐私泄露的场景和隐私攻击的敌手模型,并根据攻击者策略分类梳理了机器学习中隐私攻击的最新研究;介绍了当前机器学习隐私保护的主流基础技术,进一步分析了各技术在保护机器学习训练集隐私时面临的关键问题,重点分类总结了5种防御策略以及具体防御机制;最后展望了机器学习技术中隐私防御机制的未来方向和挑战.     

P-Promise：一个基于承诺的P2P公平资源共享协议

P-Promise借鉴人类社会个体间相互承诺并通过兑现承诺来实现公平交往的机制，通过定义承诺证书和一套协议原语，在P2P实体间建立公平的资源共享环以实现P2P公平资源共享.公平的资源共享环的建立过程就是对等实体承诺并不断兑现承诺的过程，不需要可信第三方、认证的身份、货币支付、对称存储关系等条件.承诺证书能够描述不同的资源，所以P-Promise可用于各种资源的共享.P-Promise不但可以用于各种普通计算机，而且适用于资源和计算能力都十分有限的移动设备.分析和实验证明，P-Promise具有良好的稳定性和抗攻击能力。     

The cellular responses and antibacterial activities of silver nanoparticles stabilized by different polymers

Silver nanoparticles (AgNPs) are known for their excellent antibacterial activities. The possible toxicity, however, is a major concern for their applications. Three types of AgNPs were prepared in this study by chemical processes. Each was stabilized by a polymer surfactant, which was expected to reduce the exposure of cells to AgNPs and therefore their cytotoxicity. The polymer stabilizers included poly(oxyethylene)-segmented imide (POEM), poly(styrene-co-maleic anhydride)-grafting poly(oxyalkylene) (SMA) and poly(vinyl alcohol) (PVA). The cytotoxicity of these chemically produced AgNPs to mouse skin fibroblasts (L929), human hepatocarcinoma cells (HepG2), and mouse monocyte macrophages (J774A1) was compared to that of physically produced AgNPs and gold nanoparticles (AuNPs) as well as the standard reference material RM8011 AuNPs. Results showed that SMA-AgNPs were the least cytotoxic among all materials, but cytotoxicity was still observed at higher silver concentrations (>30 ppm). Macrophages demonstrated the inflammatory response with cell size increase and viability decrease upon exposure to 10 ppm of the chemically produced AgNPs. SMA-AgNPs did not induce hemolysis at a silver concentration below 1.5 ppm. Regarding the antibacterial activity, POEM-AgNPs and SMA-AgNPs at 1 ppm silver content showed 99.9% and 99.3% growth inhibition against E. coli, while PVA-AgNPs at the same silver concentration displayed 79.1% inhibition. Overall, SMA-AgNPs demonstrated better safety in vitro and greater antibacterial effects than POEM-AgNPs and PVA-AgNPs. This study suggested that polymer stabilizers may play an important role in determining the toxicity of AgNPs.     

基于2型模糊描述逻辑的知识描述与推理及其在信任管理系统中的应用

描述逻辑由于其强大的描述能力与成熟的推理算法而被广泛应用。然而,经典描述逻辑局限于处理确定的概念和关系,从而导致描述逻辑很难处理类似语义网等大型本体系统中的模糊知识。虽然1型模糊集可以一定程度上减轻不确定性带来的影响,但是其采用确定的隶属度值来决定模糊度的方法是不够精准的。与之相比,基于2型模糊集的系统能够利用隶属度区间更加精确地描述模糊信息。本文给出描述逻辑ALC的2型模糊扩展形式,并且给出并分析了2型模糊ALC的描述和推理方法。最后使用2型模糊ALC建立了一个基于模糊本体的信任管理系统FOntoTM。