使能未来工厂的5G能力综述

5G系统将移动通信服务从移动电话、移动宽带和大规模机器通信扩展到新的应用领域，即所谓对通信服务有特殊要求的垂直领域。对使能未来工厂的5G能力进行了全面的分析总结，包括弹性网络架构、灵活频谱、超可靠低时延通信、时间敏感网络、安全和定位，而弹性网络架构又包括对网络切片、非公共网络、5G局域网和边缘计算的支持。希望从广度到深度，对相关的理论及技术应用做透彻、全面的梳理，对其挑战做清晰的总结，从而为相关研究和工程技术人员提供借鉴。     

基于概率法的电力系统安全分析

为应对电力系统安全分析中的停机问题，基于概率法的方式，将常用的确定停机计算与加入了概率法的概率停机进行比较，研究了二者的区别与其在长期投资方向的不同。在进行电力系统停机分析时，通常会分别从确定停机与概率停机的角度出发，对其应急状态下的潮流进行计算。但前者的方法可能导致极低概率的停机事件被忽略，进而影响长期的资金投资。通过加入概率法的计算，使得对单个停机事件的判定由其具体的频率来确定，增加了系统运行的稳定性。     

Understanding the asymmetric perceptions of smartphone security from security feature perspective: A comparative study

Smartphones are being used and relied on by people more than ever before. The open connectivity brings with it great convenience and leads to a variety of risks that cannot be overlooked. Smartphone vendors, security policy designers, and security application providers have put a variety of practical efforts to secure smartphones, and researchers have conducted extensive research on threat sources, security techniques, and user security behaviors. Regrettably, smartphone users do not pay enough attention to mobile security, making many efforts futile. This study identifies this gap between technology affordance and user requirements, and attempts to investigate the asymmetric perceptions toward security features between developers and users, between users and users, as well as between different security features. These asymmetric perceptions include perceptions of quality, perceptions of importance, and perceptions of satisfaction. After scoping the range of smartphone security features, this study conducts an improved Kano-based method and exhaustively analyzes the 245 collected samples using correspondence analysis and importance satisfaction analysis. The 14 security features of the smartphone are divided into four Kano quality types and the perceived quality differences between developers and users are compared. Correspondence analysis is utilized to capture the relationship between the perceived importance of security features across different groups of respondents, and results of importance-satisfaction analysis provide the basis for the developmental path and resource reallocation strategy of security features. This article offers new insights for researchers as well as practitioners of smartphone security.     

Secure lightweight password authenticated key exchange for heterogeneous wireless sensor networks

Several three-party password authenticated key exchange (3-PAKE) protocols have recently been proposed for heterogeneous wireless sensor networks (HWSN). These are efficient and designed to address security concerns in ad-hoc sensor network applications for a global Internet of Things framework, where a user may request access to sensitive information collected by resource-constrained sensors in clusters managed by gateway nodes. In this paper we first analyze three recently proposed 3-PAKE protocols and discuss their vulnerabilities. Then, based on Radio Frequency Identification technologies we propose a novel 3-PAKE protocol for HWSN applications, with two extensions for additional security features, that is provably secure, efficient and flexible.     

Low complexity quantum private queries protocol

Private information retrieval(PIR) is an important privacy protection issue of secure multi-party computation, but the PIR protocols based on classical cryptography are vulnerable because of new technologies,such as quantum computing and cloud computing. The quantum private queries(QPQ) protocols available, however, has a high complexity and is inefficient in the face of large database. This paper, based on the QKD technology which is mature now, proposes a novel QPQ protocol utilizing the key dilution and auxiliary parameter. Only N quits are required to be sent in the quantum channel to generate the raw key, then the straight k bits in the raw key are added bitwise to dilute the raw key, and a final key is consequently obtained to encrypt the database. By flexible adjusting of auxiliary parameters θ and k, privacy is secured and the query success ratio is improved. Feasibility and performance analyses indicate that the protocol has a high success ratio in first-trial query and is easy to implement, and that the communication complexity of O(N) is achieved.     

结合公钥加密和关键字可搜索加密的加密方案

带关键字搜索的公钥加密(PEKS)是一种有用的加密原语，它允许用户将在加密数据上搜索的功能委托给不可信的第三方服务器，而不影响原始数据的安全性和隐私性。但是，由于缺乏对于数据的加密以及解密能力，PEKS方案不能单独进行使用，必须与标准的公钥加密方案(PKE)相结合。因此，Baek等人在2006年引入了一种新的加密原语，称为结合PKE和PEKS的加密方案(PKE+PEKS)，它同时提供了PKE和PEKS的功能。目前，已有文献提出了几种PKE+PEKS方案。然而，他们都没有考虑关键字猜测攻击的问题。本文提出一个新的高效且能够抵抗关键字猜测攻击的PKE+PEKS方案，与已有方案相比，该方案在性能上有很大的提升，并且在生成关键字和数据密文时，不需要使用双线性对，极大地降低了计算和存储成本。安全性分析表明，本文中所提出的方案能够满足密文隐私安全性、陷门不可区分性和抗关键字猜测攻击的安全性。效率分析表明，本分提出的方案更加高效。     

电信运营商信息安全管控架构及集中策略研究

本文对运营商信息安全集中管控架构演进和信息安全管控策略面临的问题进行了深入分析，提出了信息安全集中管控架构的演进方向建议及对信息安全监控策略工作优化的若干意见。     

Developing social impact assessment guidelines in a pre-existing policy context

Few jurisdictions have translated internationally agreed social impact assessment (SIA) principles into statutory provisions. Governments and regulatory bodies tend to provide developers with high-level frameworks, or require that social impacts be ‘considered’, without specifying how this is to be done. In Australia, this lack of clarity leaves all parties uncertain about requirements for SIA. The New South Wales (NSW) Government’s 2017 release of the SIA guideline for State-significant mining, petroleum and extractive industry development represents an attempt to clarify requirements and provide guidance. In this paper, we describe the process of bringing this guideline to fruition from the perspective of being directly involved in its development, and highlight the challenges involved in integrating leading-practice principles into the state’s pre-existing policy framework. While the guideline represents a significant advance in policy-based SIA guidance, some aspects leave room for improvement. The real test of the guideline’s impact will lie in its influence on SIA practice in NSW, and ultimately in social outcomes for communities affected by resources projects.     

新发展阶段中国水资源安全保障战略对策

进入新发展阶段，中国水资源安全保障需要以“节水优先、空间均衡、系统治理、两手发力”治水思路为指导，厘清问题、研判趋势、优化对策，支撑新阶段水利高质量发展。本文在全面分析我国水资源安全保障存在的突出问题与面临形势基础上，阐述了新发展阶段中国水资源安全保障的基本思路与战略路径，从保证资源安全、构建国家水网、强化供水保障、建设美丽河湖、改善水环境质量等方面提出了战略对策和需要进一步回答的重大问题，以期为完善新发展阶段中国水资源安全保障战略，全面提高国家水资源安全保障能力提供有力支撑。     

基于区块链技术的公益时间银行系统

在现有的时间银行系统中，时间币的发行功能和结算功能完全集中到一个中心节点上。这种极度中心化的功能结构，不仅存在容易发生中心节点单点失效、数据容易被篡改等信息安全问题，还存在着时间币的发行和流通缺乏透明度以及时间币的结算依赖中心化的结算机构等问题。针对这些问题，提出了一种基于区块链技术的解决方法。首先，将时间币的发行功能和结算功能从中心节点上分离出来；然后，利用具有分布式去中心化、集体维护和不可篡改等特性的区块链技术，将分离出来的发行功能逐步去中心化，将分离出来的结算功能去中心化，形成公益时间链（PWTB）；最终，PWTB利用区块链技术以去中心化的方式将时间银行系统由单个节点维护账本变成由集体维护一个分布式的共享账本，使时间币的发行和流通公开透明，时间币的结算不依赖某个中心化的节点。安全分析表明所设计的PWTB能够实现安全的信息传输与存储，以及数据的共享。