BDSec:Security Authentication Protocol for BeiDou-Ⅱ Civil Navigation Message

Due to the lack of authentication mechanism in BeiDou navigation satellite system(BDS),BD-Ⅱ civil navigation message(BDⅡ-CNAV) are vulnerable to spoofing attack and replay attack.To solve this problem,we present a security authentication protocol,called as BDSec,which is designed by using China’s cryptography Shangyong Mima(SM) series algorithms,such as SM2/4/9 and Zu Chongzhi(ZUC)algorithm.In BDSec protocol,both of BDⅡ-CNAV and signature information are encrypted using the SM4 algorithm(Symmetric encryption mechanism).The encrypted result is used as the subject authentication information.BDSec protocol applies SM9 algorithm(Identity-based cryptography mechanism) to protect the integrity of the BDⅡ-CNAV,adopts the SM2 algorithm(Public key cryptosystem) to guarantee the confidentiality of the important session information,and uses the ZUC algorithm(Encryption and integrity algorithm) to verify the integrity of the message authentication serial number and initial information and the information in authentication initialization sub-protocol respectively.The results of the SVO logic reasoning and performance analysis show that BDSec protocol meets security requirements for the dual user identity authentication in BDS and can realize the security authentication of BDⅡ-CNAV.

文明1(civilized)、文明2(civilization)、文明3(civitas)——论“文明”一词的三种不同含义

学术界对于“什么是文明”存有争议的原因,是把文明(civilized)、文明社会(civilization)和国家(civitas)三个不同的概念混为一谈造成的。“文明1”大致相当于英语civilized(文明的)。文化是人群的生活方式,但是不仅彬彬有礼、琴棋书画、轻歌曼舞、美味佳肴是文化,愚昧粗鲁、恶俗陋习、野风蛮舞、吃糠咽菜也是生活方式,所以文明1不完全等同于文化,而只有被认可与受推崇的文化才被称为文明。无论古今中外,作为文化的文明1都是褒义的,文明1即“文明”的本义,也是对文化的价值判断。“文明2”相当于英语civilization(文明社会),摩尔根用以指称继蒙昧社会与野蛮社会之后出现的、高于蒙昧与野蛮状态的社会阶段。作为社会形态的文明2当然比蒙昧与野蛮社会要进步,但是文明社会并非一切都是文明的,其中充斥着种种不文明的蒙昧与野蛮,所以不能说文明2就是“文明的”社会。“文明3”相当于英语civitas(国家),是中国学者根据恩格斯的“国家是文明社会的概括”得出的概念,系指继部落联盟或酋邦之后出现的社会组织形态。因为不同国家的国体与政体各不相同,有了国家之后并非一切都变得比野蛮社会更文明了,所以作为国家的文明3也不都是“文明的”国家。

Study on the Construction of Eco-security System in China under the Ecological Civilization Concept——Based on the Ecological Civilization Construction in Qingzhen City of Guizhou Province

The construction of eco-security system was a complicated systematic project, included the comprehensive construction and collaborative propulsion of eco-environment system, eco-economy system, eco-culture system, eco-society system and eco-law system. The comprehensive, coordinated and sustainable development of ecology, economy and society only could be achieved under the guidance of ecological civilization concept by the integrated consideration, comprehensive planning and multi-coordination.

Civil3d技术在河道治理中的应用分析

为了切实加强水环境保护及水资源管理与利用,近年来我国一直在加快和加大力度落实河道治理,要想保证河道治理达到预期效果,并最大程度提高河道治理工程生态效益,首先要确保河道治理设计与施工方案的科学合理性,可见借助现代化技术手段,优化和改进河道治理设计与规划是很有必要的。基于此本文首先进行Civil3d技术的梳理与说明,继而详细分析Civil3D软件在某河道治理项目的具体应用,旨在与相关工作人员相互交流、共同探讨。

基于Civil3D的渠道工程参数化设计研究

针对渠道工程设计前期勘探时间长、二维计算过程繁琐、设计变更工作量巨大、现有渠道建模未考虑与地形数据联动等问题,提出一种基于Civil3D的渠道工程参数化设计方法,即以Civil3D为核心的渠道参数化设计关键技术,采用91位图助手获取勘察后的平面坐标,使用GlobalMapper对栅格文件中高程数据进行纠偏,通过ArcGIS整合、提取地形三维空间数据,并结合WPF窗体技术,以MVVM编程框架,开发面向对象的渠道参数化设计数据管理平台,拓展Civil3D参数计算及工程数据科学管理功能,为渠道参数化模型与三维地形模型的建立奠定基础。利用Atuodesk Subassembly Composer定制渠道横断面部件,通过建立目标参数及部件元素中的逻辑关系,实现渠道模型的参数化操作和与地形模型动态链接。实例应用结果表明,该技术可使渠道工程由二维设计过渡到三维参数化设计,优化了渠道设计阶段数据采集方面时间成本,降低了Civil3D使用难度,减少了设计变更产生的工作量,提高了设计效率,为水利线状工程参数化设计提供了参考。

Repositioning fertilizer manufacturing subsidies for improving food security and reducing greenhouse gas emissions in China

China removed fertilizer manufacturing subsidies from 2015 to 2018 to bolster market-oriented reforms and foster environmentally sustainable practices.However,the impact of this policy reform on food security and the environment remains inadequately evaluated.Moreover,although green and low-carbon technologies offer environmental advantages,their widespread adoption is hindered by prohibitively high costs.This study analyzes the impact of removing fertilizer manufacturing subsidies and explores the potential feasibility of redirecting fertilizer manufacturing subsidies to invest in the diffusion of these technologies.Utilizing the China Agricultural University Agri-food Systems model,we analyzed the potential for achieving mutually beneficial outcomes regarding food security and environmental sustainability.The findings indicate that removing fertilizer manufacturing subsidies has reduced greenhouse gas(GHG)emissions from agricultural activities by 3.88 million metric tons,with minimal impact on food production.Redirecting fertilizer manufacturing subsidies to invest in green and low-carbon technologies,including slow and controlled-release fertilizer,organic-inorganic compound fertilizers,and machine deep placement of fertilizer,emerges as a strategy to concurrently curtail GHG emissions,ensure food security,and secure robust economic returns.Finally,we propose a comprehensive set of government interventions,including subsidies,field guidance,and improved extension systems,to promote the widespread adoption of these technologies.

An Analysis of the Current State of Civil Society Participation in Ensuring the National Security of Mongolia

In this article, the researchers tried to evaluate the contribution of civil society to Mongolian democracy and the problems faced by civil society. In addition, the article aimed to determine the unique national criteria of Mongolian democracy and the need to create an organization to monitor the process of democracy. The process of identifying important documents and ideals for the development of Mongolian civil society today is still in its early stages. It can be said that the approval of the democratic constitution and the first free and fair parliamentary elections as a country that has newly and restored democracy became another impetus for the creation of a new type of citizen organization. It is characterized by trying to study the changes that have occurred since this historical period at the intersection of political science and security studies. One of the most important issues today is to find out how many non-governmental and civil society organizations exist in Mongolia today, which are Western-oriented, focused on specific issues, have their own position and opinion, are specialized, and are capable of influencing government policy. On the other hand, in this article, we emphasize whether non-governmental and civil society organizations, which aim to hold the government accountable, and carry out influence and control activities, are fully developed.

Security Implications of Edge Computing in Cloud Networks

Security issues in cloud networks and edge computing have become very common. This research focuses on analyzing such issues and developing the best solutions. A detailed literature review has been conducted in this regard. The findings have shown that many challenges are linked to edge computing, such as privacy concerns, security breaches, high costs, low efficiency, etc. Therefore, there is a need to implement proper security measures to overcome these issues. Using emerging trends, like machine learning, encryption, artificial intelligence, real-time monitoring, etc., can help mitigate security issues. They can also develop a secure and safe future in cloud computing. It was concluded that the security implications of edge computing can easily be covered with the help of new technologies and techniques.

An Investigation on Open-RAN Specifications:Use Cases,Security Threats,Requirements,Discussions

The emergence of various technologies such as terahertz communications,Reconfigurable Intelligent Surfaces(RIS),and AI-powered communication services will burden network operators with rising infrastructure costs.Recently,the Open Radio Access Network(O-RAN)has been introduced as a solution for growing financial and operational burdens in Beyond 5G(B5G)and 6G networks.O-RAN promotes openness and intelligence to overcome the limitations of traditional RANs.By disaggregating conventional Base Band Units(BBUs)into O-RAN Distributed Units(O-DU)and O-RAN Centralized Units(O-CU),O-RAN offers greater flexibility for upgrades and network automation.However,this openness introduces new security challenges compared to traditional RANs.Many existing studies overlook these security requirements of the O-RAN networks.To gain deeper insights into the O-RAN system and security,this paper first provides an overview of the general O-RAN architecture and its diverse use cases relevant to B5G and 6G applications.We then delve into specifications of O-RAN security threats and requirements,aiming to mitigate security vulnerabilities effectively.By providing a comprehensive understanding of O-RAN architecture,use cases,and security considerations,thisworkserves as a valuable resource for future research in O-RAN and its security.

Survey on Video Security:Examining Threats,Challenges,and Future Trends

Videos represent the most prevailing form of digital media for communication,information dissemination,and monitoring.However,theirwidespread use has increased the risks of unauthorised access andmanipulation,posing significant challenges.In response,various protection approaches have been developed to secure,authenticate,and ensure the integrity of digital videos.This study provides a comprehensive survey of the challenges associated with maintaining the confidentiality,integrity,and availability of video content,and examining how it can be manipulated.It then investigates current developments in the field of video security by exploring two critical research questions.First,it examine the techniques used by adversaries to compromise video data and evaluate their impact.Understanding these attack methodologies is crucial for developing effective defense mechanisms.Second,it explores the various security approaches that can be employed to protect video data,enhancing its transparency,integrity,and trustworthiness.It compares the effectiveness of these approaches across different use cases,including surveillance,video on demand(VoD),and medical videos related to disease diagnostics.Finally,it identifies potential research opportunities to enhance video data protection in response to the evolving threat landscape.Through this investigation,this study aims to contribute to the ongoing efforts in securing video data,providing insights that are vital for researchers,practitioners,and policymakers dedicated to enhancing the safety and reliability of video content in our digital world.

Enhancing Cybersecurity Competency in the Kingdom of Saudi Arabia:A Fuzzy Decision-Making Approach

The Kingdom of Saudi Arabia(KSA)has achieved significant milestones in cybersecurity.KSA has maintained solid regulatorymechanisms to prevent,trace,and punish offenders to protect the interests of both individual users and organizations from the online threats of data poaching and pilferage.The widespread usage of Information Technology(IT)and IT Enable Services(ITES)reinforces securitymeasures.The constantly evolving cyber threats are a topic that is generating a lot of discussion.In this league,the present article enlists a broad perspective on how cybercrime is developing in KSA at present and also takes a look at some of the most significant attacks that have taken place in the region.The existing legislative framework and measures in the KSA are geared toward deterring criminal activity online.Different competency models have been devised to address the necessary cybercrime competencies in this context.The research specialists in this domain can benefit more by developing a master competency level for achieving optimum security.To address this research query,the present assessment uses the Fuzzy Decision-Making Trial and Evaluation Laboratory(Fuzzy-DMTAEL),Fuzzy Analytic Hierarchy Process(F.AHP),and Fuzzy TOPSIS methodology to achieve segment-wise competency development in cyber security policy.The similarities and differences between the three methods are also discussed.This cybersecurity analysis determined that the National Cyber Security Centre got the highest priority.The study concludes by perusing the challenges that still need to be examined and resolved in effectuating more credible and efficacious online security mechanisms to offer amoreempowered ITES-driven economy for SaudiArabia.Moreover,cybersecurity specialists and policymakers need to collate their efforts to protect the country’s digital assets in the era of overt and covert cyber warfare.

A Practical Regular LDPC Coded Scheme for Physical-Layer Information Security

In this paper,we aim to design a practical low complexity low-density parity-check(LDPC)coded scheme to build a secure open channel and protect information from eavesdropping.To this end,we first propose a punctured LDPC coded scheme,where the information bits in a codeword are punctured and only the parity check bits are transmitted to the receiver.We further propose a notion of check node type distribution and derive multi-edge type extrinsic information transfer functions to estimate the security performance,instead of the well-known weak metric bit error rate.We optimize the check node type distribution in terms of the signal-to-noise ratio(SNR)gap and modify the progressive edge growth algorithm to design finite-length codes.Numerical results show that our proposed scheme can achieve a lower computational complexity and a smaller security gap,compared to the existing scrambling and puncturing schemes.

Information Security in the Cloud: Emerging Trends and Challenges

This article explores the evolution of cloud computing, its advantages over traditional on-premises infrastructure, and its impact on information security. The study presents a comprehensive literature review covering various cloud infrastructure offerings and security models. Additionally, it deeply analyzes real-life case studies illustrating successful cloud migrations and highlights common information security threats in current cloud computing. The article concludes by offering recommendations to businesses to protect themselves from cloud data breaches and providing insights into selecting a suitable cloud services provider from an information security perspective.

The Role of Plantain in Promoting Food Security: A Review

Plantain is a food security crop of significant nutritional value in the global south. Yet there are significant post-harvest losses, especially at the senescent stage. This review seeks to give a general overview of the crop, its nutritional significance and the technologies that can be adopted to enhance its utilisation at its senescent stage. In West Africa, plantains are eaten at all ripening stages, yet processing is limited to the unripe and semi-ripe. Adoptable technologies such as foam-mat drying will enhance its utilisation in indigenous meals and other food applications. This review provides useful insight to optimize the use of plantain to prevent food waste.

Enhancing Security in QR Code Technology Using AI: Exploration and Mitigation Strategies

The widespread adoption of QR codes has revolutionized various industries, streamlined transactions and improved inventory management. However, this increased reliance on QR code technology also exposes it to potential security risks that malicious actors can exploit. QR code Phishing, or “Quishing”, is a type of phishing attack that leverages QR codes to deceive individuals into visiting malicious websites or downloading harmful software. These attacks can be particularly effective due to the growing popularity and trust in QR codes. This paper examines the importance of enhancing the security of QR codes through the utilization of artificial intelligence (AI). The abstract investigates the integration of AI methods for identifying and mitigating security threats associated with QR code usage. By assessing the current state of QR code security and evaluating the effectiveness of AI-driven solutions, this research aims to propose comprehensive strategies for strengthening QR code technology’s resilience. The study contributes to discussions on secure data encoding and retrieval, providing valuable insights into the evolving synergy between QR codes and AI for the advancement of secure digital communication.

A Holistic Secure Communication Mechanism Using a Multilayered Cryptographic Protocol to Enhanced Security

In an era characterized by digital pervasiveness and rapidly expanding datasets,ensuring the integrity and reliability of information is paramount.As cyber threats evolve in complexity,traditional cryptographic methods face increasingly sophisticated challenges.This article initiates an exploration into these challenges,focusing on key exchanges(encompassing their variety and subtleties),scalability,and the time metrics associated with various cryptographic processes.We propose a novel cryptographic approach underpinned by theoretical frameworks and practical engineering.Central to this approach is a thorough analysis of the interplay between Confidentiality and Integrity,foundational pillars of information security.Our method employs a phased strategy,beginning with a detailed examination of traditional cryptographic processes,including Elliptic Curve Diffie-Hellman(ECDH)key exchanges.We also delve into encrypt/decrypt paradigms,signature generation modes,and the hashes used for Message Authentication Codes(MACs).Each process is rigorously evaluated for performance and reliability.To gain a comprehensive understanding,a meticulously designed simulation was conducted,revealing the strengths and potential improvement areas of various techniques.Notably,our cryptographic protocol achieved a confidentiality metric of 9.13 in comprehensive simulation runs,marking a significant advancement over existing methods.Furthermore,with integrity metrics at 9.35,the protocol’s resilience is further affirmed.These metrics,derived from stringent testing,underscore the protocol’s efficacy in enhancing data security.

Systematic Security Guideline Framework through Intelligently Automated Vulnerability Analysis

This research aims to propose a practical framework designed for the automatic analysis of a product’s comprehensive functionality and security vulnerabilities,generating applicable guidelines based on real-world software.The existing analysis of software security vulnerabilities often focuses on specific features or modules.This partial and arbitrary analysis of the security vulnerabilities makes it challenging to comprehend the overall security vulnerabilities of the software.The key novelty lies in overcoming the constraints of partial approaches.The proposed framework utilizes data from various sources to create a comprehensive functionality profile,facilitating the derivation of real-world security guidelines.Security guidelines are dynamically generated by associating functional security vulnerabilities with the latest Common Vulnerabilities and Exposure(CVE)and Common Vulnerability Scoring System(CVSS)scores,resulting in automated guidelines tailored to each product.These guidelines are not only practical but also applicable in real-world software,allowing for prioritized security responses.The proposed framework is applied to virtual private network(VPN)software,wherein a validated Level 2 data flow diagram is generated using the Spoofing,Tampering,Repudiation,Information Disclosure,Denial of Service,and Elevation of privilege(STRIDE)technique with references to various papers and examples from related software.The analysis resulted in the identification of a total of 121 vulnerabilities.The successful implementation and validation demonstrate the framework’s efficacy in generating customized guidelines for entire systems,subsystems,and selected modules.

Security and Privacy in Solar Insecticidal Lamps Internet of Things:Requirements and Challenges

Solar insecticidal lamps(SIL) can effectively control pests and reduce the use of pesticides. Combining SIL and Internet of Things(IoT) has formed a new type of agricultural IoT,known as SIL-IoT, which can improve the effectiveness of migratory phototropic pest control. However, since the SIL is connected to the Internet, it is vulnerable to various security issues.These issues can lead to serious consequences, such as tampering with the parameters of SIL, illegally starting and stopping SIL,etc. In this paper, we describe the overall security requirements of SIL-IoT and present an extensive survey of security and privacy solutions for SIL-IoT. We investigate the background and logical architecture of SIL-IoT, discuss SIL-IoT security scenarios, and analyze potential attacks. Starting from the security requirements of SIL-IoT we divide them into six categories, namely privacy, authentication, confidentiality, access control, availability,and integrity. Next, we describe the SIL-IoT privacy and security solutions, as well as the blockchain-based solutions. Based on the current survey, we finally discuss the challenges and future research directions of SIL-IoT.

Dietary Diversity and Food Security Status among Cameroonian Adults Living in Semi-Urban Areas: A Cross-Sectional Study

Introduction: Food security is one of the greatest challenges that most African countries face. It is a concept that considers not only food quantity but also food quality. The objective of this study was to describe dietary diversity and food security status at the individual level in Cameroonian populations. Methods: A total of 1180 men and women aged 20 and over and living in the West, North West, and Littoral regions of Cameroon were recruited. Data on dietary habits were collected through the frequency of consumption of various food groups. Dietary diversity was assessed using a 24-hour dietary recall. Food security status was determined by combining two indicators (food consumption score and individual food diversity score). Results: The mean dietary diversity score of the population was 3.53 ± 1.44, p Conclusion: The diet diversity of adults living in the West, North West, and Littoral regions of Cameroon is medium. Although half of the study population was food secure, there is a need to implement food security policies further to reduce food insecurity among the Cameroonian population.

A Review on the Security of the Ethereum-Based DeFi Ecosystem

Decentralized finance(DeFi)is a general term for a series of financial products and services.It is based on blockchain technology and has attracted people’s attention because of its open,transparent,and intermediary free.Among them,the DeFi ecosystem based on Ethereum-based blockchains attracts the most attention.However,the current decentralized financial system built on the Ethereum architecture has been exposed to many smart contract vulnerabilities during the last few years.Herein,we believe it is time to improve the understanding of the prevailing Ethereum-based DeFi ecosystem security issues.To that end,we investigate the Ethereum-based DeFi security issues:1)inherited from the real-world financial system,which can be solved by macro-control;2)induced by the problems of blockchain architecture,which require a better blockchain platform;3)caused by DeFi invented applications,which should be focused on during the project development.Based on that,we further discuss the current solutions and potential directions ofDeFi security.According to our research,we could provide a comprehensive vision to the research community for the improvement of Ethereum-basedDeFi ecosystem security.