The drawback of the first asynchronous proactive RSA scheme presented by Zhou in 2001, is that the security definition and security proof do not follow the approach of provable security. This paper presented a provabl...The drawback of the first asynchronous proactive RSA scheme presented by Zhou in 2001, is that the security definition and security proof do not follow the approach of provable security. This paper presented a provably secure asynchronous proactive RSA scheme, which includes three protocols: initial key distribution protocol, signature generation protocol and share refreshing protocol. Taken these protocols together, a complete provably secure proactive RSA scheme was obtained. And the efficiency of the scheme is approximate to that of the scheme of Zhou.展开更多
The NPP (nuclear power plant) being vital objects of an energy infrastructure must be protected against malicious actions affecting their safety, and cyber security plays a key part in attaining this goal. The paper...The NPP (nuclear power plant) being vital objects of an energy infrastructure must be protected against malicious actions affecting their safety, and cyber security plays a key part in attaining this goal. The paper considers, implemented by the authors within the project of advanced digital control system for NPP with the reactor VVER-1000, a system of unauthorized access protection, partially built up on the technology of AA (active audit) and expert system. The AA technology is based on response of the system on deviation of current signature of the automated process control system from stable state rather than on a certain signature of attack and relies on the estimation of the behavioral models of the particular digital control system. The advent of active audit reflects the current situation in the digital control systems where complex distributed platforms are used to construct automated process control system. The active audit allows one to make the digital control system functionally closed, provided that it is determinate. The methodology of the active audit does not give u external (barrier) and traditional (password, antivirus) methods of unauthorized access protection. These methods can be used when it is appropriate to achieve a required protection level.展开更多
文摘The drawback of the first asynchronous proactive RSA scheme presented by Zhou in 2001, is that the security definition and security proof do not follow the approach of provable security. This paper presented a provably secure asynchronous proactive RSA scheme, which includes three protocols: initial key distribution protocol, signature generation protocol and share refreshing protocol. Taken these protocols together, a complete provably secure proactive RSA scheme was obtained. And the efficiency of the scheme is approximate to that of the scheme of Zhou.
文摘The NPP (nuclear power plant) being vital objects of an energy infrastructure must be protected against malicious actions affecting their safety, and cyber security plays a key part in attaining this goal. The paper considers, implemented by the authors within the project of advanced digital control system for NPP with the reactor VVER-1000, a system of unauthorized access protection, partially built up on the technology of AA (active audit) and expert system. The AA technology is based on response of the system on deviation of current signature of the automated process control system from stable state rather than on a certain signature of attack and relies on the estimation of the behavioral models of the particular digital control system. The advent of active audit reflects the current situation in the digital control systems where complex distributed platforms are used to construct automated process control system. The active audit allows one to make the digital control system functionally closed, provided that it is determinate. The methodology of the active audit does not give u external (barrier) and traditional (password, antivirus) methods of unauthorized access protection. These methods can be used when it is appropriate to achieve a required protection level.
