A multi-homed VPN architecture based on extended SOCKSv5 and TLS was proposed. The architecture employs a dynamic connection mechanism for multiple proxies in the end system,i n which the security-demanded transmissio...A multi-homed VPN architecture based on extended SOCKSv5 and TLS was proposed. The architecture employs a dynamic connection mechanism for multiple proxies in the end system,i n which the security-demanded transmission connections can switch smoothly among the multiple proxies by maint aining a coherent connection context.The mechanism is transparent to application programs and can support th e building of VPN.With the cooperation of some other security components,the mechanism guarantees the reso urce availability and reliability of the end system against some attacks to the specific ports or hosts.展开更多
In today' s 21st century of IT, e-commerce began to develop rapidly. Among them, in the process of e-commerce implementation, it is mainly to ensure system security issues. Based primarily on this issue, we discussed...In today' s 21st century of IT, e-commerce began to develop rapidly. Among them, in the process of e-commerce implementation, it is mainly to ensure system security issues. Based primarily on this issue, we discussed issues related to certification systems, SSL protocol as well as SET protocol. In addition, the article also describes the business several other safety-related technology.展开更多
Traditional control does not pay much attention to information security problems in system identification enough, which are important in practical applications. This paper focuses on the security problem of input info...Traditional control does not pay much attention to information security problems in system identification enough, which are important in practical applications. This paper focuses on the security problem of input information in a class of system identification problems with noise and binary-valued observations, presents a cryptography based security protocol, and improves it in the range of allowed errors. During solving the identification problem, the improved security protocol can ensure that the input information is not leaked, and thus, can deal with passive attacks effectively. Besides, a quantitative relationship among the input information, the public key in encryption and the number of partieipailts in the improved protocol is shown. Finally, the simulation results show that, the identification algorithm can still achieve the estimation accuracy by adding the improved security protocol. However, compared with the original identification algorithm, the time complexity of the algorithm with the improved security protocol increases.展开更多
Privacy is a critical requirement in distributed data mining. Cryptography-based secure multiparty computation is a main approach for privacy preserving. However, it shows poor performance in large scale distributed s...Privacy is a critical requirement in distributed data mining. Cryptography-based secure multiparty computation is a main approach for privacy preserving. However, it shows poor performance in large scale distributed systems. Meanwhile, data perturbation techniques are comparatively efficient but are mainly used in centralized privacy-preserving data mining (PPDM). In this paper, we propose a light-weight anonymous data perturbation method for efficient privacy preserving in distributed data mining. We first define the privacy constraints for data perturbation based PPDM in a semi-honest distributed environment. Two protocols are proposed to address these constraints and protect data statistics and the randomization process against collusion attacks: the adaptive privacy-preserving summary protocol and the anonymous exchange protocol. Finally, a distributed data perturbation framework based on these protocols is proposed to realize distributed PPDM. Experiment results show that our approach achieves a high security level and is very efficient in a large scale distributed environment.展开更多
基金National Natural Science Foundation ofChina (No.90104029)
文摘A multi-homed VPN architecture based on extended SOCKSv5 and TLS was proposed. The architecture employs a dynamic connection mechanism for multiple proxies in the end system,i n which the security-demanded transmission connections can switch smoothly among the multiple proxies by maint aining a coherent connection context.The mechanism is transparent to application programs and can support th e building of VPN.With the cooperation of some other security components,the mechanism guarantees the reso urce availability and reliability of the end system against some attacks to the specific ports or hosts.
文摘In today' s 21st century of IT, e-commerce began to develop rapidly. Among them, in the process of e-commerce implementation, it is mainly to ensure system security issues. Based primarily on this issue, we discussed issues related to certification systems, SSL protocol as well as SET protocol. In addition, the article also describes the business several other safety-related technology.
基金supported by the National Key Basic Research Program of China(973 Program)under Grant No.2014CB845301the National Natural Science Foundation of China under Grant No.61227902
文摘Traditional control does not pay much attention to information security problems in system identification enough, which are important in practical applications. This paper focuses on the security problem of input information in a class of system identification problems with noise and binary-valued observations, presents a cryptography based security protocol, and improves it in the range of allowed errors. During solving the identification problem, the improved security protocol can ensure that the input information is not leaked, and thus, can deal with passive attacks effectively. Besides, a quantitative relationship among the input information, the public key in encryption and the number of partieipailts in the improved protocol is shown. Finally, the simulation results show that, the identification algorithm can still achieve the estimation accuracy by adding the improved security protocol. However, compared with the original identification algorithm, the time complexity of the algorithm with the improved security protocol increases.
基金Project supported by the National Natural Science Foundation of China (Nos. 60772098 and 60672068)the New Century Excel-lent Talents in University of China (No. NCET-06-0393)
文摘Privacy is a critical requirement in distributed data mining. Cryptography-based secure multiparty computation is a main approach for privacy preserving. However, it shows poor performance in large scale distributed systems. Meanwhile, data perturbation techniques are comparatively efficient but are mainly used in centralized privacy-preserving data mining (PPDM). In this paper, we propose a light-weight anonymous data perturbation method for efficient privacy preserving in distributed data mining. We first define the privacy constraints for data perturbation based PPDM in a semi-honest distributed environment. Two protocols are proposed to address these constraints and protect data statistics and the randomization process against collusion attacks: the adaptive privacy-preserving summary protocol and the anonymous exchange protocol. Finally, a distributed data perturbation framework based on these protocols is proposed to realize distributed PPDM. Experiment results show that our approach achieves a high security level and is very efficient in a large scale distributed environment.
