This paper presents a Dietary Analysis and Advice System (DAAS), a web based system for providing, within the public healthcare domain, user specific diet advice based on a preliminary analysis of current diet or eati...This paper presents a Dietary Analysis and Advice System (DAAS), a web based system for providing, within the public healthcare domain, user specific diet advice based on a preliminary analysis of current diet or eating habits and lifestyle, using knowledge from domain expertise and experts’ interpretation of national dietary guidelines.展开更多
由于在数据库服务(Database as a Service,DaaS)模式下,数据库服务提供者是半可信的(Honest-But-Curious),因此,为了保证外包数据的机密性和安全可查询,数据拥有者通常采用特定的加密技术加密外包数据,如采用可搜索加密技术、同态加密...由于在数据库服务(Database as a Service,DaaS)模式下,数据库服务提供者是半可信的(Honest-But-Curious),因此,为了保证外包数据的机密性和安全可查询,数据拥有者通常采用特定的加密技术加密外包数据,如采用可搜索加密技术、同态加密技术等实现外包加密数据上的安全查询.然而,且当前提出的大多数方法都基于关键字精确匹配查询,即使存在少量针对加密数据上的模糊查询,也在查询效率、存储开销和安全性方面存在一定的局限性,不适用于DaaS数据库服务模式.文中首次提出了融合具有高编码效率的Huffman编码和具有数据存储优势的布鲁姆过滤器,并结合现有的安全加密方法,实现了DaaS模式下保护隐私的模糊关键字查询处理.一方面,基于Huffman编码的树型索引提供了较高的查找效率;另一方面,基于布鲁姆过滤器的模糊关键字集合实现了较小的存储开销.安全分析、性能分析以及真实论文集上的实验结果进一步验证了文中查询算法的安全性、存储开销和查询效率.展开更多
在“碳达峰•碳中和”国家能源战略变革背景下,大规模可再生能源的加速并网加剧了电力系统对于快速调频资源需求的迫切性,如何充分发挥以电池储能系统(battery energy storage systems,BESS)为代表的新型快速资源在电网调频中的作用是解...在“碳达峰•碳中和”国家能源战略变革背景下,大规模可再生能源的加速并网加剧了电力系统对于快速调频资源需求的迫切性,如何充分发挥以电池储能系统(battery energy storage systems,BESS)为代表的新型快速资源在电网调频中的作用是解决该问题的关键。首先,为满足电网各类型调频资源在自动发电控制(automatic generation control,AGC)系统中的接入监视与分类决策需求,提出“域-群-机”三级控制模型架构;然后,从BESS的荷电状态(state of charge,SOC)主动管理出发,提出基于改进的动态调频容量(dynamic available AGC,DAA)的多元集群协同控制策略,以及引入SOC影响因子的多点BESS功率分配策略;最后,结合实际电网的持续扰动工况及模拟跳机扰动工况进行仿真分析,验证了文中所提控制策略的有效性。文中所提策略不但可以显著改善各单点BESS的SOC一致性,而且能够提升电网调频品质。展开更多
In a database-as-a-service(DaaS)model,a data owner stores data in a database server of a service provider,and the DaaS adopts the encryption for data privacy and indexing for data query.However,an attacker can obtain ...In a database-as-a-service(DaaS)model,a data owner stores data in a database server of a service provider,and the DaaS adopts the encryption for data privacy and indexing for data query.However,an attacker can obtain original data’s statistical information and distribution via the indexing distribution from the database of the service provider.In this work,a novel indexing schema is proposed to satisfy privacy-preserved data management requirements,in which an attacker cannot obtain data source distribution or statistic information from the index.The approach includes 2 parts:the Hash-based indexing for encrypted data and correctness verification for range queries.The evaluation results demonstrate that the approach can hide statistical information of encrypted data distribution while can also obtain correct answers for range queries.Meanwhile,the approach can achieve nearly 10 times and 35 times improvement on encrypted data publishing and indexing respectively,compared with the start-of-the-art method order-preserving Hash-based function(OPHF).展开更多
How to build a secure architecture for network function virtualization(NFV)is an important issue.Trusted computing has the ability to provide security for NFV and it is called trusted NFV system.In this paper,we propo...How to build a secure architecture for network function virtualization(NFV)is an important issue.Trusted computing has the ability to provide security for NFV and it is called trusted NFV system.In this paper,we propose a new NFV direct anonymous attestation(NFV-DAA)scheme based on trusted NFV architecture.It is based on the Elliptic curve cryptography and transfers the computation of variable D from the trusted platform module(TPM)to the issuer.With the mutual authentication mechanism that those existing DAA schemes do not have and an efficient batch proof and verification scheme,the performance of trusted NFV system is optimized.The proposed NFV-DAA scheme was proved to have a higher security level and higher efficiency than those existing DAA schemes.We have reduced the computation load in Join protocol from 3G_1to 2G_1 exponential operation,while the time of NFV-DAA scheme's Sign protocol is reduced up to 49%.展开更多
文摘This paper presents a Dietary Analysis and Advice System (DAAS), a web based system for providing, within the public healthcare domain, user specific diet advice based on a preliminary analysis of current diet or eating habits and lifestyle, using knowledge from domain expertise and experts’ interpretation of national dietary guidelines.
文摘由于在数据库服务(Database as a Service,DaaS)模式下,数据库服务提供者是半可信的(Honest-But-Curious),因此,为了保证外包数据的机密性和安全可查询,数据拥有者通常采用特定的加密技术加密外包数据,如采用可搜索加密技术、同态加密技术等实现外包加密数据上的安全查询.然而,且当前提出的大多数方法都基于关键字精确匹配查询,即使存在少量针对加密数据上的模糊查询,也在查询效率、存储开销和安全性方面存在一定的局限性,不适用于DaaS数据库服务模式.文中首次提出了融合具有高编码效率的Huffman编码和具有数据存储优势的布鲁姆过滤器,并结合现有的安全加密方法,实现了DaaS模式下保护隐私的模糊关键字查询处理.一方面,基于Huffman编码的树型索引提供了较高的查找效率;另一方面,基于布鲁姆过滤器的模糊关键字集合实现了较小的存储开销.安全分析、性能分析以及真实论文集上的实验结果进一步验证了文中查询算法的安全性、存储开销和查询效率.
文摘在“碳达峰•碳中和”国家能源战略变革背景下,大规模可再生能源的加速并网加剧了电力系统对于快速调频资源需求的迫切性,如何充分发挥以电池储能系统(battery energy storage systems,BESS)为代表的新型快速资源在电网调频中的作用是解决该问题的关键。首先,为满足电网各类型调频资源在自动发电控制(automatic generation control,AGC)系统中的接入监视与分类决策需求,提出“域-群-机”三级控制模型架构;然后,从BESS的荷电状态(state of charge,SOC)主动管理出发,提出基于改进的动态调频容量(dynamic available AGC,DAA)的多元集群协同控制策略,以及引入SOC影响因子的多点BESS功率分配策略;最后,结合实际电网的持续扰动工况及模拟跳机扰动工况进行仿真分析,验证了文中所提控制策略的有效性。文中所提策略不但可以显著改善各单点BESS的SOC一致性,而且能够提升电网调频品质。
基金the National Natural Science Foundation of China(No.61931019).
文摘In a database-as-a-service(DaaS)model,a data owner stores data in a database server of a service provider,and the DaaS adopts the encryption for data privacy and indexing for data query.However,an attacker can obtain original data’s statistical information and distribution via the indexing distribution from the database of the service provider.In this work,a novel indexing schema is proposed to satisfy privacy-preserved data management requirements,in which an attacker cannot obtain data source distribution or statistic information from the index.The approach includes 2 parts:the Hash-based indexing for encrypted data and correctness verification for range queries.The evaluation results demonstrate that the approach can hide statistical information of encrypted data distribution while can also obtain correct answers for range queries.Meanwhile,the approach can achieve nearly 10 times and 35 times improvement on encrypted data publishing and indexing respectively,compared with the start-of-the-art method order-preserving Hash-based function(OPHF).
基金Natural Science Foundation of China(NSFC)under grant No.61372103the ZTE Industry-Academia-Research Cooperation Funds.
文摘How to build a secure architecture for network function virtualization(NFV)is an important issue.Trusted computing has the ability to provide security for NFV and it is called trusted NFV system.In this paper,we propose a new NFV direct anonymous attestation(NFV-DAA)scheme based on trusted NFV architecture.It is based on the Elliptic curve cryptography and transfers the computation of variable D from the trusted platform module(TPM)to the issuer.With the mutual authentication mechanism that those existing DAA schemes do not have and an efficient batch proof and verification scheme,the performance of trusted NFV system is optimized.The proposed NFV-DAA scheme was proved to have a higher security level and higher efficiency than those existing DAA schemes.We have reduced the computation load in Join protocol from 3G_1to 2G_1 exponential operation,while the time of NFV-DAA scheme's Sign protocol is reduced up to 49%.