Modern battlefield doctrine is based on mobility, flexibility, and rapid response to changing situations. As is well known, mobile ad hoc network systems are among the best utilities for battlefield activity. Although...Modern battlefield doctrine is based on mobility, flexibility, and rapid response to changing situations. As is well known, mobile ad hoc network systems are among the best utilities for battlefield activity. Although much research has been done on secure routing, security issues have largely been ignored in applying mobile ad hoc network theory to computer technology. An ad hoc network is usually assumed to be homogeneous, which is an irrational assumption for armies. It is clear that soldiers, commanders, and commanders-in-chief should have different security levels and computation powers as they have access to asymmetric resources. Imitating basic military rank levels in battlefield situations, how multilevel security can be introduced into ad hoc networks is indicated, thereby controlling restricted classified information flows among nodes that have different security levels.展开更多
Integrating and sharing data from different data sources is one of the trends to make better use of data. However, data integration hampers data confidentiality where each data source has its own access control policy...Integrating and sharing data from different data sources is one of the trends to make better use of data. However, data integration hampers data confidentiality where each data source has its own access control policy. This paper includes a discussion on the issue about access control across multiple data sources when they arc combined together in the scenario of searching over these data. A method based on multilevel security for data integration is proposed. The proposed method allows the merging of policies and also tackles the issue of policy conflicts between different data sources.展开更多
The exponential advancement in telecommunication embeds the Internet in every aspect of communication.Interconnections of networks all over the world impose monumental risks on the Internet.A Flooding Attack(FA)is one...The exponential advancement in telecommunication embeds the Internet in every aspect of communication.Interconnections of networks all over the world impose monumental risks on the Internet.A Flooding Attack(FA)is one of the major intimidating risks on the Internet where legitimate users are prevented from accessing network services.Irrespective of the protective measures incorporated in the communication infrastructure,FA still persists due to the lack of global cooperation.Most of the existing mitigation is set up either at the traffic starting point or at the traffic ending point.Providing mitigation at one or the other end may not be a complete solution.To insist on better protection againstflooding attacks,this work proposes a cooperative multilevel defense mechanism.The proposed cooperative multilevel defense mechanism consists of two-level of mitigation.In thefirst level,it is proposed to design a Threshold-based rate-limiting with a Spoofing Resistant Tag(TSRT),as a source end countermeasure for High-Rate Flooding Attacks(HRFA)and spoofing attacks.In the second level,the accent is to discriminate normal traffic after Distributed Denial of Service(DDoS)traffic and drop the DDoS traffic at the destination end.Flow Congruence-based Selective Pushback(FCSP),as a destination-initiated countermeasure for the Low Rate Flooding Attack(LRFA).The source and the destination cooperate to identify and block the attack.A key advantage of this cooperative mechanism is that it can distinguish and channel down the attack traffic nearer to the starting point of the attack.The presentation of the agreeable cooperative multilevel safeguard mechanism is approved through broad recreation in NS-2.The investigation and the exploratory outcomes show that the proposed plan can effectively identify and shield from the attack.展开更多
XML's increasing popularity highlights the security demand for XML documents. A mandatory access control model for XML document is presented on the basis of investigation of the function dependency of XML documents a...XML's increasing popularity highlights the security demand for XML documents. A mandatory access control model for XML document is presented on the basis of investigation of the function dependency of XML documents and discussion of the integrity properties of multilevel XML document. Then, the algorithms for decomposition/recovery multilevel XML document into/from single level document are given, and the manipulation rules for typical operations of XQuery and XUpdate: QUERY, INSERT, UPDATE, and REMOVE, are elaborated. The multilevel XML document access model can meet the requirement of sensitive information processing application.展开更多
The conception of multilevel security (MLS) is commonly used in the study of data model for secure database. But there are some limitations in the basic MLS model, such as inference channels. The availability and data...The conception of multilevel security (MLS) is commonly used in the study of data model for secure database. But there are some limitations in the basic MLS model, such as inference channels. The availability and data integrity of the system are seriously constrained by it′s 'No Read Up, No Write Down' property in the basic MLS model. In order to eliminate the covert channels, the polyinstantiation and the cover story are used in the new data model. The read and write rules have been redefined for improving the agility and usability of the system based on the MLS model. All the methods in the improved data model make the system more secure, agile and usable.展开更多
A new concept, the security level difference of a covert channel, is presented, which means the security level span from the sender to the receiver of the covert channel. Based on this, the integrated criteria for cov...A new concept, the security level difference of a covert channel, is presented, which means the security level span from the sender to the receiver of the covert channel. Based on this, the integrated criteria for covert channel auditing are given. Whereas TCSEC (Trusted Computer System Evaluation Criteria) or CC (Common Criteria for Information Technology Security Evaluation) only use the bandwidth to evaluate the threat of covert channels, our new criteria integrate the security level difference, the bandwidth sensitive parameter, bandwidth, duration and instantaneous time of covert channels, so as to give a comprehensive evaluation of the threat of covert channels in a multilevel security system.展开更多
A model of the hierarchical key assignment scheme is approached in this paper, which can be used with any cryptography algorithm. Besides, the optimal dynamic control property of a hierarchical key assignment scheme w...A model of the hierarchical key assignment scheme is approached in this paper, which can be used with any cryptography algorithm. Besides, the optimal dynamic control property of a hierarchical key assignment scheme will be defined in this paper. Also, our scheme model will meet this property.展开更多
Secrecy has received tremendous attention in modern information society. Innovative polymer-based fluorescent materials with multiple mode emission are quite desirable to achieve multistage data security. Herein, a se...Secrecy has received tremendous attention in modern information society. Innovative polymer-based fluorescent materials with multiple mode emission are quite desirable to achieve multistage data security. Herein, a series of soluble and thermally stable hyperbranched poly(formyl-1,2,3-triazole)s(hb-PFTAs) with high molecular weights were facilely prepared by catalyst-free polycycloaddition of aldehyde-activated internal triyne and diazides. Functional moieties of triphenylamine and binaphthyl could be incorporated into the polymers to offer them with unique fluorescence and circular dichroism properties, respectively.By taking advantage of activated ethynyl and aldehyde groups on their peripheries and in the internal branch chains, the hbPFTAs can undergo efficient single-and double-stage post-functionalization. More importantly, based on the remarkable fluorescence responses to hydrazine and hydrochloric acid, the hyperbranched polymers are featured with triple-mode fluorescent patterns and have been applied in quadruple-modal information encryption and storage with enhanced security and density. Collectively, this work not only enriches the structural diversity of the existing triazole-based material library, but also provides new polymeric materials for data and information security application.展开更多
基金the National Natural Science Foundation of China (60773049)the Natural Science Foundationof Jiangsu Province (BK2007086)the Fundamental Research Project of Natural Science in Colleges of Jiangsu Province(07KJB520016).
文摘Modern battlefield doctrine is based on mobility, flexibility, and rapid response to changing situations. As is well known, mobile ad hoc network systems are among the best utilities for battlefield activity. Although much research has been done on secure routing, security issues have largely been ignored in applying mobile ad hoc network theory to computer technology. An ad hoc network is usually assumed to be homogeneous, which is an irrational assumption for armies. It is clear that soldiers, commanders, and commanders-in-chief should have different security levels and computation powers as they have access to asymmetric resources. Imitating basic military rank levels in battlefield situations, how multilevel security can be introduced into ad hoc networks is indicated, thereby controlling restricted classified information flows among nodes that have different security levels.
基金Supported by the China MOE-China Mobile Research Fund(MCM20121051,MCM20130651)China MOE Doctoral Research Fund(20134407120017)+2 种基金Natural Science Foundation of Guangdong Province(S2012030006242)Guangdong Industry Development Fund(S2014-007)Guangzhou Industry Cooperation Fund(2014Y2-00004,2014Y2-00006)
文摘Integrating and sharing data from different data sources is one of the trends to make better use of data. However, data integration hampers data confidentiality where each data source has its own access control policy. This paper includes a discussion on the issue about access control across multiple data sources when they arc combined together in the scenario of searching over these data. A method based on multilevel security for data integration is proposed. The proposed method allows the merging of policies and also tackles the issue of policy conflicts between different data sources.
文摘The exponential advancement in telecommunication embeds the Internet in every aspect of communication.Interconnections of networks all over the world impose monumental risks on the Internet.A Flooding Attack(FA)is one of the major intimidating risks on the Internet where legitimate users are prevented from accessing network services.Irrespective of the protective measures incorporated in the communication infrastructure,FA still persists due to the lack of global cooperation.Most of the existing mitigation is set up either at the traffic starting point or at the traffic ending point.Providing mitigation at one or the other end may not be a complete solution.To insist on better protection againstflooding attacks,this work proposes a cooperative multilevel defense mechanism.The proposed cooperative multilevel defense mechanism consists of two-level of mitigation.In thefirst level,it is proposed to design a Threshold-based rate-limiting with a Spoofing Resistant Tag(TSRT),as a source end countermeasure for High-Rate Flooding Attacks(HRFA)and spoofing attacks.In the second level,the accent is to discriminate normal traffic after Distributed Denial of Service(DDoS)traffic and drop the DDoS traffic at the destination end.Flow Congruence-based Selective Pushback(FCSP),as a destination-initiated countermeasure for the Low Rate Flooding Attack(LRFA).The source and the destination cooperate to identify and block the attack.A key advantage of this cooperative mechanism is that it can distinguish and channel down the attack traffic nearer to the starting point of the attack.The presentation of the agreeable cooperative multilevel safeguard mechanism is approved through broad recreation in NS-2.The investigation and the exploratory outcomes show that the proposed plan can effectively identify and shield from the attack.
基金The National Natural Science Foundationof China (No.60703048)Hubei Municipal Natural Science Foundation (No.2007ABA313)
文摘XML's increasing popularity highlights the security demand for XML documents. A mandatory access control model for XML document is presented on the basis of investigation of the function dependency of XML documents and discussion of the integrity properties of multilevel XML document. Then, the algorithms for decomposition/recovery multilevel XML document into/from single level document are given, and the manipulation rules for typical operations of XQuery and XUpdate: QUERY, INSERT, UPDATE, and REMOVE, are elaborated. The multilevel XML document access model can meet the requirement of sensitive information processing application.
文摘The conception of multilevel security (MLS) is commonly used in the study of data model for secure database. But there are some limitations in the basic MLS model, such as inference channels. The availability and data integrity of the system are seriously constrained by it′s 'No Read Up, No Write Down' property in the basic MLS model. In order to eliminate the covert channels, the polyinstantiation and the cover story are used in the new data model. The read and write rules have been redefined for improving the agility and usability of the system based on the MLS model. All the methods in the improved data model make the system more secure, agile and usable.
基金the National Natural Science Foundation of China (No. 60773049)the Natural Science Foundation of Jiangsu Province (No. BK2007086)+1 种基金the Fundamental Research Project of the Natural Science in Colleges of Jiangsu Province (No. 07KJB520016)the Person with Ability Project of Jiangsu University (No. 07JDG053), China
文摘A new concept, the security level difference of a covert channel, is presented, which means the security level span from the sender to the receiver of the covert channel. Based on this, the integrated criteria for covert channel auditing are given. Whereas TCSEC (Trusted Computer System Evaluation Criteria) or CC (Common Criteria for Information Technology Security Evaluation) only use the bandwidth to evaluate the threat of covert channels, our new criteria integrate the security level difference, the bandwidth sensitive parameter, bandwidth, duration and instantaneous time of covert channels, so as to give a comprehensive evaluation of the threat of covert channels in a multilevel security system.
基金Supported by the National Natural Science Foun-dation of China (70271068)
文摘A model of the hierarchical key assignment scheme is approached in this paper, which can be used with any cryptography algorithm. Besides, the optimal dynamic control property of a hierarchical key assignment scheme will be defined in this paper. Also, our scheme model will meet this property.
基金supported by the National Natural Science Foundation of China(21788102,21901075)the Natural Science Foundation of Guangdong Province(2016A030312002,2019B030301003)+1 种基金the Innovation and Technology Commission of Hong Kong(ITCCNERC14S01)support from the China Postdoctoral Science Foundation(2019M662889)。
文摘Secrecy has received tremendous attention in modern information society. Innovative polymer-based fluorescent materials with multiple mode emission are quite desirable to achieve multistage data security. Herein, a series of soluble and thermally stable hyperbranched poly(formyl-1,2,3-triazole)s(hb-PFTAs) with high molecular weights were facilely prepared by catalyst-free polycycloaddition of aldehyde-activated internal triyne and diazides. Functional moieties of triphenylamine and binaphthyl could be incorporated into the polymers to offer them with unique fluorescence and circular dichroism properties, respectively.By taking advantage of activated ethynyl and aldehyde groups on their peripheries and in the internal branch chains, the hbPFTAs can undergo efficient single-and double-stage post-functionalization. More importantly, based on the remarkable fluorescence responses to hydrazine and hydrochloric acid, the hyperbranched polymers are featured with triple-mode fluorescent patterns and have been applied in quadruple-modal information encryption and storage with enhanced security and density. Collectively, this work not only enriches the structural diversity of the existing triazole-based material library, but also provides new polymeric materials for data and information security application.
