Current SDN controllers suffer from a series of potential attacks. For example, malicious flow rules may lead to system disorder by introducing unexpected flow entries. In this paper, we propose Mcad-SA, an aware deci...Current SDN controllers suffer from a series of potential attacks. For example, malicious flow rules may lead to system disorder by introducing unexpected flow entries. In this paper, we propose Mcad-SA, an aware decision-making security architecture with multiple controllers, which could coordinate heterogeneous controllers internally as a "big" controller. This architecture includes an additional plane, the scheduling plane, which consists of transponder, sensor, decider and scheduler. Meanwhile it achieves the functions of communicating, supervising and scheduling between data and control plane. In this framework, we adopt the vote results from the majority of controllers to determine valid flow rules distributed to switches. Besides, an aware dynamic scheduling(ADS) mechanism is devised in scheduler to intensify security of Mcad-SA further. Combined with perception, ADS takes advantage of heterogeneity and redundancy of controllers to enable the control plane operate in a dynamic, reliable and unsteady state, which results in significant difficulty of probing systems and executing attacks. Simulation results demonstrate the proposed methods indicate better security resilience over traditional architectures as they have lower failure probability when facing attacks.展开更多
Traditional ERP software system cannot efficiently su pport new management ideas such as BPR, DEM and virtual enterprise which emphasi zes that enterprise should be adjusted to market changes and business process ch a...Traditional ERP software system cannot efficiently su pport new management ideas such as BPR, DEM and virtual enterprise which emphasi zes that enterprise should be adjusted to market changes and business process ch ain and value chain should be integrated tightly. To solve these problems, this paper proposed the conception of Flexible ERP system. F-ERP is a self- adapti ve software system based on multi-agent technology. It developed the followin g kind of agents which are useful for F-ERP: business process agent, interf ace agent, data agent and decision and analysis agent. The F-ERP software syste m is an hierarchy system which is composed of data layer, system tools layer, bu siness application layer and business decision layer. It used component based de velopment mythology and complied with CORBA to development F-ERP. The F-ERP sy stem can support the new management ideas such as BPR, DEM and virtual enterpris e etc. By implementation of it, enterprise can improve its management and promot e its competence.展开更多
To solve the problem of the information share and services integration in population information system, we propose a multi-layer tree hierarchical architecture. The command (Web Service Call) is recursively muhicas...To solve the problem of the information share and services integration in population information system, we propose a multi-layer tree hierarchical architecture. The command (Web Service Call) is recursively muhicast from top layer of tree to bottom layer of tree and statistical data are gatbered from bottom layer to top layer. We implemented the architecture by using Web Services technology. In our implementation, client program is the requestor of Web Services, and all leaf nodes of the last layer are only the provider of Web Services. For those nodes of intermediate layers, every node is not only the provider of Web Services, but also the dispatcher of Web Services. We take population census as an cxample to describe the working flow of the architecture.展开更多
In a dynamic environment, it is vital for enterpris e to have flexible information system architecture to integrate ERP, Supply Chain Management (SCM) and E-Commerce (EC). The traditional systems are established o n t...In a dynamic environment, it is vital for enterpris e to have flexible information system architecture to integrate ERP, Supply Chain Management (SCM) and E-Commerce (EC). The traditional systems are established o n the ERP-centered flat architecture. This architecture has some disadvantages in supporting the dynamics of enterprises. Firstly, ERP is already a very expens ive and complex system; the extension based on it can only increase the complexi ty and make the implementation more expensive and risky. Secondly, under the arc hitecture, the flexibility is reduced sharply although the execution efficiency is maintained. In a rapid changing environment, flexibility is also an equally i mportant factor besides execution efficiency. Thirdly, it cannot support the dyn amic collaboration efficiently. The prevailing of the flat architecture is not d ue to its advantage but to the big software providers. From the system viewpoint , a hierarchical architecture is proposed. Difference from the current architect ure, in the hierarchical paradigm, ERP is put in the bottom level rather centere d. SCM is the center system, which adopts a multi-agent structure. EC is regard ed as its foreground interface, while ERP and other information system of the pa rtner or internal units are the background executors. EC is the extension of mar ket agent and purchase agent. It fulfills the function of trade on Internet by s ending orders to be executed to SCM and receiving the progress information of th e orders from SCM. After receiving orders from EC, the agent in charge of schedu le in SCM makes preliminary plan in form of instructions (which may be infeasibl e) based on the information of source. Trough the coordination of multi agent, the plan is adjusted to be feasible. Compared with current ERP-centered flat ar chitecture, the hierarchical structure pays more attention to dynamic collaborat ion rather the optimization within the enterprise. At last, two engineering case s, Beijing Shang Pu Electric Ltd and Qingtao Tianyue International Building Mate rial Free Trade City, are presented to illustrate the idea.展开更多
The objective of the architecture is to make agent promptly and adaptively accomplish tasks in the real-time and dynamic environment. The architecture is composed of elementary level behavior layer and high level be-h...The objective of the architecture is to make agent promptly and adaptively accomplish tasks in the real-time and dynamic environment. The architecture is composed of elementary level behavior layer and high level be-havior layer. In the elementary level behavior layer, the reactive architecture is introduced to make agent promptlyreact to events; in the high level behavior layer, the deliberation architecture is used to enhance the intelligence ofthe agent. A confidence degree concept is proposed to combine the two layers of the architecture. An agent decisionmaking process is also presented, which is based on the architecture. The results of experiment in RoboSoccer simu-lation team show that the proposed architecture and the decision process are successful.展开更多
Most of the password based authentication protocols make use of the single authentication server for user's authentication. User's verifier information stored on the single server is a main point of susceptibi...Most of the password based authentication protocols make use of the single authentication server for user's authentication. User's verifier information stored on the single server is a main point of susceptibility and remains an attractive target for the attacker. On the other hand, multi-server architecture based authentication protocols make it difficult for the attacker to find out any significant authentication information related to the legitimate users. In 2009, Liao and Wang proposed a dynamic identity based remote user authentication protocol for multi-server environment. However, we found that Liao and Wang's protocol is susceptible to malicious server attack and malicious user attack. This paper presents a novel dynamic identity based authentication protocol for multi-server architecture using smart cards that resolves the aforementioned flaws, while keeping the merits of Liao and Wang's protocol. It uses two-server paradigm by imposing different levels of trust upon the two servers and the user's verifier information is distributed between these two servers known as the service provider server and the control server. The proposed protocol is practical and computational efficient because only nonce, one-way hash function and XOR operations are used in its implementation. It provides a secure method to change the user's password without the server's help. In e-commerce, the number of servers providing the services to the user is usually more than one and hence secure authentication protocols for multi-server environment are required.展开更多
基金supported by the Foundation for Innovative Research Groups of the National Natural Science Foundation of China (No.61521003)the National Key R&D Program of China (No.2016YFB0800100,No.2016YFB0800101)the National Natural Science Foundation of China (No.61602509)
文摘Current SDN controllers suffer from a series of potential attacks. For example, malicious flow rules may lead to system disorder by introducing unexpected flow entries. In this paper, we propose Mcad-SA, an aware decision-making security architecture with multiple controllers, which could coordinate heterogeneous controllers internally as a "big" controller. This architecture includes an additional plane, the scheduling plane, which consists of transponder, sensor, decider and scheduler. Meanwhile it achieves the functions of communicating, supervising and scheduling between data and control plane. In this framework, we adopt the vote results from the majority of controllers to determine valid flow rules distributed to switches. Besides, an aware dynamic scheduling(ADS) mechanism is devised in scheduler to intensify security of Mcad-SA further. Combined with perception, ADS takes advantage of heterogeneity and redundancy of controllers to enable the control plane operate in a dynamic, reliable and unsteady state, which results in significant difficulty of probing systems and executing attacks. Simulation results demonstrate the proposed methods indicate better security resilience over traditional architectures as they have lower failure probability when facing attacks.
基金supported by National Natural Science Foundation of China(61305134)Specialized Research Fund for the Doctoral Program of Higher Education(20133219120035)
文摘Traditional ERP software system cannot efficiently su pport new management ideas such as BPR, DEM and virtual enterprise which emphasi zes that enterprise should be adjusted to market changes and business process ch ain and value chain should be integrated tightly. To solve these problems, this paper proposed the conception of Flexible ERP system. F-ERP is a self- adapti ve software system based on multi-agent technology. It developed the followin g kind of agents which are useful for F-ERP: business process agent, interf ace agent, data agent and decision and analysis agent. The F-ERP software syste m is an hierarchy system which is composed of data layer, system tools layer, bu siness application layer and business decision layer. It used component based de velopment mythology and complied with CORBA to development F-ERP. The F-ERP sy stem can support the new management ideas such as BPR, DEM and virtual enterpris e etc. By implementation of it, enterprise can improve its management and promot e its competence.
基金Supported by the National High-Tech Researchand Development Plan of China (863 Plan 2003AA132080) theResearch Foundationfor Outstanding Young Teachers ,China Univer-sity of Geosciences (CUGQNL0506)
文摘To solve the problem of the information share and services integration in population information system, we propose a multi-layer tree hierarchical architecture. The command (Web Service Call) is recursively muhicast from top layer of tree to bottom layer of tree and statistical data are gatbered from bottom layer to top layer. We implemented the architecture by using Web Services technology. In our implementation, client program is the requestor of Web Services, and all leaf nodes of the last layer are only the provider of Web Services. For those nodes of intermediate layers, every node is not only the provider of Web Services, but also the dispatcher of Web Services. We take population census as an cxample to describe the working flow of the architecture.
文摘In a dynamic environment, it is vital for enterpris e to have flexible information system architecture to integrate ERP, Supply Chain Management (SCM) and E-Commerce (EC). The traditional systems are established o n the ERP-centered flat architecture. This architecture has some disadvantages in supporting the dynamics of enterprises. Firstly, ERP is already a very expens ive and complex system; the extension based on it can only increase the complexi ty and make the implementation more expensive and risky. Secondly, under the arc hitecture, the flexibility is reduced sharply although the execution efficiency is maintained. In a rapid changing environment, flexibility is also an equally i mportant factor besides execution efficiency. Thirdly, it cannot support the dyn amic collaboration efficiently. The prevailing of the flat architecture is not d ue to its advantage but to the big software providers. From the system viewpoint , a hierarchical architecture is proposed. Difference from the current architect ure, in the hierarchical paradigm, ERP is put in the bottom level rather centere d. SCM is the center system, which adopts a multi-agent structure. EC is regard ed as its foreground interface, while ERP and other information system of the pa rtner or internal units are the background executors. EC is the extension of mar ket agent and purchase agent. It fulfills the function of trade on Internet by s ending orders to be executed to SCM and receiving the progress information of th e orders from SCM. After receiving orders from EC, the agent in charge of schedu le in SCM makes preliminary plan in form of instructions (which may be infeasibl e) based on the information of source. Trough the coordination of multi agent, the plan is adjusted to be feasible. Compared with current ERP-centered flat ar chitecture, the hierarchical structure pays more attention to dynamic collaborat ion rather the optimization within the enterprise. At last, two engineering case s, Beijing Shang Pu Electric Ltd and Qingtao Tianyue International Building Mate rial Free Trade City, are presented to illustrate the idea.
基金Project(2001AA4422200) supported by the Hi-Tech Research and Development Program of China
文摘The objective of the architecture is to make agent promptly and adaptively accomplish tasks in the real-time and dynamic environment. The architecture is composed of elementary level behavior layer and high level be-havior layer. In the elementary level behavior layer, the reactive architecture is introduced to make agent promptlyreact to events; in the high level behavior layer, the deliberation architecture is used to enhance the intelligence ofthe agent. A confidence degree concept is proposed to combine the two layers of the architecture. An agent decisionmaking process is also presented, which is based on the architecture. The results of experiment in RoboSoccer simu-lation team show that the proposed architecture and the decision process are successful.
文摘Most of the password based authentication protocols make use of the single authentication server for user's authentication. User's verifier information stored on the single server is a main point of susceptibility and remains an attractive target for the attacker. On the other hand, multi-server architecture based authentication protocols make it difficult for the attacker to find out any significant authentication information related to the legitimate users. In 2009, Liao and Wang proposed a dynamic identity based remote user authentication protocol for multi-server environment. However, we found that Liao and Wang's protocol is susceptible to malicious server attack and malicious user attack. This paper presents a novel dynamic identity based authentication protocol for multi-server architecture using smart cards that resolves the aforementioned flaws, while keeping the merits of Liao and Wang's protocol. It uses two-server paradigm by imposing different levels of trust upon the two servers and the user's verifier information is distributed between these two servers known as the service provider server and the control server. The proposed protocol is practical and computational efficient because only nonce, one-way hash function and XOR operations are used in its implementation. It provides a secure method to change the user's password without the server's help. In e-commerce, the number of servers providing the services to the user is usually more than one and hence secure authentication protocols for multi-server environment are required.
