The differences among the extended Canetti & Krawezyk 2007 model (ECK2007) and other four models, i.e., the Bellare & Rogaway (1993, 1995)models (BR93,BR95), the Bellare, Pointcheval & Rogaway (2000) model ...The differences among the extended Canetti & Krawezyk 2007 model (ECK2007) and other four models, i.e., the Bellare & Rogaway (1993, 1995)models (BR93,BR95), the Bellare, Pointcheval & Rogaway (2000) model (BPR2000) and the Canetti & Krawczyk (2001) model (CK2001) are given. The relative strength of security among these models is analyzed. To support the implication or non-implication relation among these models, the formal proof or the counter-example is provided.展开更多
Today companies and organizations are using the Web as the main informationdissemination means both at internal and external level. Information dissemination often takes theform of XML documents that are made availabl...Today companies and organizations are using the Web as the main informationdissemination means both at internal and external level. Information dissemination often takes theform of XML documents that are made available at Web servers, or that are actively broadcasted byWeb servers to interested clients. These documents often contain information at different degrees ofsensitivity, therefore a strong XML security platform and mechanism is needed. In this paper wedeveloped CIT/XML security platform and take a close look to syntax and processing of CIT/digitalsignature model, CIT/encryption model, CIT/smart card crypto and SPKI interface security models.Security services such as authentication, integrity and confidentiality to XML documents and non-XMLdocuments, which exchanged among various servers, are provided.展开更多
The Cloud is increasingly being used to store and process big data for its tenants and classical security mechanisms using encryption are neither sufficiently efficient nor suited to the task of protecting big data in...The Cloud is increasingly being used to store and process big data for its tenants and classical security mechanisms using encryption are neither sufficiently efficient nor suited to the task of protecting big data in the Cloud.In this paper,we present an alternative approach which divides big data into sequenced parts and stores them among multiple Cloud storage service providers.Instead of protecting the big data itself,the proposed scheme protects the mapping of the various data elements to each provider using a trapdoor function.Analysis,comparison and simulation prove that the proposed scheme is efficient and secure for the big data of Cloud tenants.展开更多
Privilege user is needed to manage the commercial transactions, but a super-administrator may have monopolize power and cause serious security problem. Relied on trusted computing technology, a privilege separation me...Privilege user is needed to manage the commercial transactions, but a super-administrator may have monopolize power and cause serious security problem. Relied on trusted computing technology, a privilege separation method is proposed to satisfy the security management requirement for information systems. It authorizes the system privilege to three different managers, and none of it can be interfered by others. Process algebra Communication Sequential Processes is used to model the three powers mechanism, and safety effect is analyzed and compared.展开更多
Atomicity and anonymity are desirable properties for reliable and security e-Cash transaction and the guarantee of the participants’ interests. But there are conflicts between these two properties. In this paper, an ...Atomicity and anonymity are desirable properties for reliable and security e-Cash transaction and the guarantee of the participants’ interests. But there are conflicts between these two properties. In this paper, an atomic and anonymous e-Cash transaction protocol with off-line TTP (Trust Third Party) based on the extended CEMBS is presented. The novel protocol is analyzed for its atomicity and anonymity. The results of the analysis show that it not only provides atomicity and anonymity under unreliable communication and dishonest participants, but also features high efficiency and practicability. The new protocol also avoids transaction from an ambiguous state. Furthermore, it will be referenced often for the application of the atomic e-Cash transaction protocol.展开更多
With the economic development and the popularity of application of electronic computer, electronic commerce has rapid development. More and more commerce and key business has been carried on the lnternet because Inter...With the economic development and the popularity of application of electronic computer, electronic commerce has rapid development. More and more commerce and key business has been carried on the lnternet because Internet has the features of interaction, openness, sharing and so on. However, during the daily commerce, people worry about the security of the network system. So a new technology which can detect the unusual behavior in time has been invented in order to protect the security of network system. The system of intrusion detection needs a lot of new technology to protect the data of the network system. The application of data mining technology in the system of intrusion detection can provide a better assistant to the users to analyze the data and improve the accuracy of the checking system.展开更多
Web-based e-commerce applications need a trusted channel,which provides confidential communication,identity authentication and integrity assurance of endpoints,to guarantee the security of electronic transactions.A us...Web-based e-commerce applications need a trusted channel,which provides confidential communication,identity authentication and integrity assurance of endpoints,to guarantee the security of electronic transactions.A user-oriented trusted computing system based on Portable Trusted Module(PTM)is presented.Remote attestation is incorporated into Transport Layer Security(TLS)handshake protocol based on PTM so as to establish a trusted channel between two endpoints in network.This protocol can resist masquerading,trusted path and runtime attacks and propagate the trust in the computing system to the end user effectively.The test results of our proof-of-concept prototype show that our protocol for trusted channel is feasible for deployment in e-commerce applications on the Internet.展开更多
In distributed systems independent agents need to interact with each other to accomplish their task. Modern peer-to-peer computing technologies always concern with enabling interaction among agents and help them coope...In distributed systems independent agents need to interact with each other to accomplish their task. Modern peer-to-peer computing technologies always concern with enabling interaction among agents and help them cooperate with each other. But in fact, access control should also be considered to limit interaction to make it harmless. This paper proposed a proxy based rule regulated interaction (PBRRI) model. Role based access control is introduced for security concerns. Regulation rules are enforced in a distributed manner so that PBRRI can be applied to the open distributed systems such as Internet.展开更多
Recently, international movement measures that may be causing tension between the of cargo had been the subject of increasing border control needs for security and the needs for trade facilitations. On the one hand cu...Recently, international movement measures that may be causing tension between the of cargo had been the subject of increasing border control needs for security and the needs for trade facilitations. On the one hand customs authorities are charged with the responsibility for policing a country's borders, and consequently they need to have in place measures to ensure that only legitimate trade takes place and that this trade does not present security concerns. On the other hand we have the requirements of traders, who benefit from an environment of trade facilitation with speedy and efficient movement of cargo across international borders, with minimal bureaucratic intervention. This paper focuses on and provides early discussion and comments on the possible ramifications of the introduction of the 24-hour rule in China, effective for all exports and imports of sea freight container traffic since January 1, 2009. The new rules will have significant impact on the logistics flows of exporters and importers alike. Specifically, the reporting requirements timelines are likely to result in increased costs in cargo processing at wharves that traders will have to bear; place added pressure on storage facilities at wharves, or at container depots; and may additionally increase the amount of inventory buffer because of the timing of the data reporting requirements. The paper concludes that security needs have prevailed over trade facilitation considerations and that traders should urgently implement a review of existing practices to ensure they comply with the China Customs requirements, whilst simultaneously minimizing cost increases.展开更多
The rise of electronic commerce has broken the traditional trading mode, changed people' s production and life, has gradually become an important factor of regional economic development. The paper comprehensively dis...The rise of electronic commerce has broken the traditional trading mode, changed people' s production and life, has gradually become an important factor of regional economic development. The paper comprehensively discuss on present situation and characteristics of electronic commerce development in our country, on basis of it, the paper analyze electronic commerce major impact on regional economic development, and put forward to strengthen the development of e-commerce related strategies to promote regional economic development role.展开更多
Cloud computing is currently an embryonic domain in the area of information technology that possesses the power of transforming the way information technology (IT) services are delivered and maintained in the busine...Cloud computing is currently an embryonic domain in the area of information technology that possesses the power of transforming the way information technology (IT) services are delivered and maintained in the business world. Pay as per the usage kind of cost structure coupled with delivery of computing services through internet makes cloud computing an exciting and potential growth oriented information technology model compared with conventional computing services delivery models. Various additional features like scalability, flexibility and easy deployment process creates a window for the organizations even relatively smaller in size to get benefitted by the highly advanced & modern technologies without incurring substantial cost. In spite of so many benefits of this new delivery model, concerns are beginning to grow about how safe an environment it is. Despite of all the hype surrounding the cloud, enterprise customers are still reluctant to deploy their business in the cloud. Security is one of the major issues which reduces the growth of cloud computing and complications with data privacy and data protection continue to plague the market. Other related concerns associated with the adoption of cloud computing include trust on service providers, loss of control and compliance issues. This paper is an attempt to explore security & trust issues linked with cloud computing adoption in the Small and Medium Enterprises (SME) sector.展开更多
China's outward FDI has been increasing recently, as the country's policies over industrialization and national security change. Using financial data of 244 Chinese enterprises, this study empirically investigates t...China's outward FDI has been increasing recently, as the country's policies over industrialization and national security change. Using financial data of 244 Chinese enterprises, this study empirically investigates the patterns and determinants of China's outward FDI from 2001 to 2008 for its seven major destinations. Tobit and multiple regression analyses indicate that early Chinese FDI in 2001 and 2002 is concentrated in the labor-intensive industries in Asia, like those of early Japanese FDI in the early 1970s as well as those of Korean FDI in 1990s. The results also indicate that non-production oriented manufacturers invested in North America, in order to seek for market cultivation, technological advance, R&D skills, and name brands. We also found that the central state-owned enterprises are the key FDI players in the continents with locational disadvantages展开更多
In today' s 21st century of IT, e-commerce began to develop rapidly. Among them, in the process of e-commerce implementation, it is mainly to ensure system security issues. Based primarily on this issue, we discussed...In today' s 21st century of IT, e-commerce began to develop rapidly. Among them, in the process of e-commerce implementation, it is mainly to ensure system security issues. Based primarily on this issue, we discussed issues related to certification systems, SSL protocol as well as SET protocol. In addition, the article also describes the business several other safety-related technology.展开更多
Shopping malls are accessed by people from all walks of life and, therefore, provision of adequate fire safety measures is equally important. In Dares Salaam, Tanzania, at large construction, use of shopping malls is ...Shopping malls are accessed by people from all walks of life and, therefore, provision of adequate fire safety measures is equally important. In Dares Salaam, Tanzania, at large construction, use of shopping malls is a relatively new experience, and risks associated with use of shopping malls, such as fire outbreak, are not evident to frequent users. The main purpose of the study is to assess awareness of fire safety measures for users and staff of two shopping malls located in Dares Salaam. The research adopted a case study strategy, and 100 respondents were involved in the study. Both random and purposive sampling methods were used to select respondents for the study. Multiple sources of evidence were used in data collection, namely literature review, observations, questionnaires and interviews. Findings indicate that both shopping malls have in place fairly fire prevention measures with varying degrees. Majority of staff and users indicated that they know fire safety measures but their poor knowledge was reflected in assessing them on diferent equipment and installations, such as foam, hose reel, sprinklers and drenchers. The paper concludes that awarenes of fire safety measure of users and staff of the two shopping malls is relatively low. It is, therefore, recommended that provision of fire safety training and instructions, such as posters for users and seminars for staff of shopping malls, shall be a main focus of shopping malls owners and responsible authorities.展开更多
In recent years, researchers tended to bring new alternative to biological protective systems used in conservation of food and production of safe food. Use of bacteriophage against to pathogen bacteria in food was the...In recent years, researchers tended to bring new alternative to biological protective systems used in conservation of food and production of safe food. Use of bacteriophage against to pathogen bacteria in food was the most hopeful system in these methods about bio-control. Controls of bacteriophage for each pathogen species and subspecies and determination of phage-host originality are important because efficient bio-control was achieved. Researches concentrated on some food-borne pathogen bacteria such as E. coli O157:H7, Campylobacter, Salmonella and Listeria. In a consequence of these studies made as in vitro and in vivo, first commercial production of phage which will be used in foods was made in Netherlands. Also, it has been informed that use of phage is cost-efficient alternative as compared with other preservatives. This review, discussed application of bacteriophages as bio-control agents in food and advantages and disadvantages about uses of bacteriophages by taking into account antimicrobial characteristics of them.展开更多
In this paper, an efficient fair e-cash system is presented. Based on the improved Brands’ e-cash scheme, it is expanded by adding two roles, government and judges. The user can keep unconditionally anonymous in norm...In this paper, an efficient fair e-cash system is presented. Based on the improved Brands’ e-cash scheme, it is expanded by adding two roles, government and judges. The user can keep unconditionally anonymous in normal transactions. Authorized by the judges, the government can remove the identity of an illegal user with the help of the bank. So such misuse as blackmailing or money laundering can be prevented. Therefore, this scheme is more efficient, more suitable for adopting pre-processing and post-processing and more practical. In the paper, the details of the scheme are described, its security is proved, and its efficiency is analyzed.展开更多
In this paper the authors show how software component design can affect security properties through different composition operators. The authors define software composition as the result of aggregating and/or associat...In this paper the authors show how software component design can affect security properties through different composition operators. The authors define software composition as the result of aggregating and/or associating a component to a software system. The component itself may be informational or functional and carry a certain level of security attribute. The authors first show that the security attributes or properties form a lattice structure when combined with the appropriate least upper bound and greatest lower bound type of operators. Three composition operators, named C l, C2 and C3 are developed. The system's security properties resulting from these compositions are then studied. The authors discuss how different composition operators maintain, relax and restrict the security properties. Finally, the authors show that C1 and C2 composition operators are order-sensitive and that C3 is order-insensitive.展开更多
文摘The differences among the extended Canetti & Krawezyk 2007 model (ECK2007) and other four models, i.e., the Bellare & Rogaway (1993, 1995)models (BR93,BR95), the Bellare, Pointcheval & Rogaway (2000) model (BPR2000) and the Canetti & Krawczyk (2001) model (CK2001) are given. The relative strength of security among these models is analyzed. To support the implication or non-implication relation among these models, the formal proof or the counter-example is provided.
文摘Today companies and organizations are using the Web as the main informationdissemination means both at internal and external level. Information dissemination often takes theform of XML documents that are made available at Web servers, or that are actively broadcasted byWeb servers to interested clients. These documents often contain information at different degrees ofsensitivity, therefore a strong XML security platform and mechanism is needed. In this paper wedeveloped CIT/XML security platform and take a close look to syntax and processing of CIT/digitalsignature model, CIT/encryption model, CIT/smart card crypto and SPKI interface security models.Security services such as authentication, integrity and confidentiality to XML documents and non-XMLdocuments, which exchanged among various servers, are provided.
基金supported in part by the National Nature Science Foundation of China under Grant No.61402413 and 61340058 the "Six Kinds Peak Talents Plan" project of Jiangsu Province under Grant No.ll-JY-009+2 种基金the Nature Science Foundation of Zhejiang Province under Grant No.LY14F020019, Z14F020006 and Y1101183the China Postdoctoral Science Foundation funded project under Grant No.2012M511732Jiangsu Province Postdoctoral Science Foundation funded project Grant No.1102014C
文摘The Cloud is increasingly being used to store and process big data for its tenants and classical security mechanisms using encryption are neither sufficiently efficient nor suited to the task of protecting big data in the Cloud.In this paper,we present an alternative approach which divides big data into sequenced parts and stores them among multiple Cloud storage service providers.Instead of protecting the big data itself,the proposed scheme protects the mapping of the various data elements to each provider using a trapdoor function.Analysis,comparison and simulation prove that the proposed scheme is efficient and secure for the big data of Cloud tenants.
文摘Privilege user is needed to manage the commercial transactions, but a super-administrator may have monopolize power and cause serious security problem. Relied on trusted computing technology, a privilege separation method is proposed to satisfy the security management requirement for information systems. It authorizes the system privilege to three different managers, and none of it can be interfered by others. Process algebra Communication Sequential Processes is used to model the three powers mechanism, and safety effect is analyzed and compared.
文摘Atomicity and anonymity are desirable properties for reliable and security e-Cash transaction and the guarantee of the participants’ interests. But there are conflicts between these two properties. In this paper, an atomic and anonymous e-Cash transaction protocol with off-line TTP (Trust Third Party) based on the extended CEMBS is presented. The novel protocol is analyzed for its atomicity and anonymity. The results of the analysis show that it not only provides atomicity and anonymity under unreliable communication and dishonest participants, but also features high efficiency and practicability. The new protocol also avoids transaction from an ambiguous state. Furthermore, it will be referenced often for the application of the atomic e-Cash transaction protocol.
文摘With the economic development and the popularity of application of electronic computer, electronic commerce has rapid development. More and more commerce and key business has been carried on the lnternet because Internet has the features of interaction, openness, sharing and so on. However, during the daily commerce, people worry about the security of the network system. So a new technology which can detect the unusual behavior in time has been invented in order to protect the security of network system. The system of intrusion detection needs a lot of new technology to protect the data of the network system. The application of data mining technology in the system of intrusion detection can provide a better assistant to the users to analyze the data and improve the accuracy of the checking system.
基金partially supported by the Fundamental Research Funds for the Central Universities under Grant No.2011JBM228the Ministry of Education Innovation Research Team under Grant No.IRT201206+1 种基金the Program for New Century Excellent Talents in University under Grant No.NCET-11-0565the Research Fund for the Doctoral Program of Higher Education of China under Grant No.2012000911007
文摘Web-based e-commerce applications need a trusted channel,which provides confidential communication,identity authentication and integrity assurance of endpoints,to guarantee the security of electronic transactions.A user-oriented trusted computing system based on Portable Trusted Module(PTM)is presented.Remote attestation is incorporated into Transport Layer Security(TLS)handshake protocol based on PTM so as to establish a trusted channel between two endpoints in network.This protocol can resist masquerading,trusted path and runtime attacks and propagate the trust in the computing system to the end user effectively.The test results of our proof-of-concept prototype show that our protocol for trusted channel is feasible for deployment in e-commerce applications on the Internet.
文摘In distributed systems independent agents need to interact with each other to accomplish their task. Modern peer-to-peer computing technologies always concern with enabling interaction among agents and help them cooperate with each other. But in fact, access control should also be considered to limit interaction to make it harmless. This paper proposed a proxy based rule regulated interaction (PBRRI) model. Role based access control is introduced for security concerns. Regulation rules are enforced in a distributed manner so that PBRRI can be applied to the open distributed systems such as Internet.
文摘Recently, international movement measures that may be causing tension between the of cargo had been the subject of increasing border control needs for security and the needs for trade facilitations. On the one hand customs authorities are charged with the responsibility for policing a country's borders, and consequently they need to have in place measures to ensure that only legitimate trade takes place and that this trade does not present security concerns. On the other hand we have the requirements of traders, who benefit from an environment of trade facilitation with speedy and efficient movement of cargo across international borders, with minimal bureaucratic intervention. This paper focuses on and provides early discussion and comments on the possible ramifications of the introduction of the 24-hour rule in China, effective for all exports and imports of sea freight container traffic since January 1, 2009. The new rules will have significant impact on the logistics flows of exporters and importers alike. Specifically, the reporting requirements timelines are likely to result in increased costs in cargo processing at wharves that traders will have to bear; place added pressure on storage facilities at wharves, or at container depots; and may additionally increase the amount of inventory buffer because of the timing of the data reporting requirements. The paper concludes that security needs have prevailed over trade facilitation considerations and that traders should urgently implement a review of existing practices to ensure they comply with the China Customs requirements, whilst simultaneously minimizing cost increases.
文摘The rise of electronic commerce has broken the traditional trading mode, changed people' s production and life, has gradually become an important factor of regional economic development. The paper comprehensively discuss on present situation and characteristics of electronic commerce development in our country, on basis of it, the paper analyze electronic commerce major impact on regional economic development, and put forward to strengthen the development of e-commerce related strategies to promote regional economic development role.
文摘Cloud computing is currently an embryonic domain in the area of information technology that possesses the power of transforming the way information technology (IT) services are delivered and maintained in the business world. Pay as per the usage kind of cost structure coupled with delivery of computing services through internet makes cloud computing an exciting and potential growth oriented information technology model compared with conventional computing services delivery models. Various additional features like scalability, flexibility and easy deployment process creates a window for the organizations even relatively smaller in size to get benefitted by the highly advanced & modern technologies without incurring substantial cost. In spite of so many benefits of this new delivery model, concerns are beginning to grow about how safe an environment it is. Despite of all the hype surrounding the cloud, enterprise customers are still reluctant to deploy their business in the cloud. Security is one of the major issues which reduces the growth of cloud computing and complications with data privacy and data protection continue to plague the market. Other related concerns associated with the adoption of cloud computing include trust on service providers, loss of control and compliance issues. This paper is an attempt to explore security & trust issues linked with cloud computing adoption in the Small and Medium Enterprises (SME) sector.
文摘China's outward FDI has been increasing recently, as the country's policies over industrialization and national security change. Using financial data of 244 Chinese enterprises, this study empirically investigates the patterns and determinants of China's outward FDI from 2001 to 2008 for its seven major destinations. Tobit and multiple regression analyses indicate that early Chinese FDI in 2001 and 2002 is concentrated in the labor-intensive industries in Asia, like those of early Japanese FDI in the early 1970s as well as those of Korean FDI in 1990s. The results also indicate that non-production oriented manufacturers invested in North America, in order to seek for market cultivation, technological advance, R&D skills, and name brands. We also found that the central state-owned enterprises are the key FDI players in the continents with locational disadvantages
文摘In today' s 21st century of IT, e-commerce began to develop rapidly. Among them, in the process of e-commerce implementation, it is mainly to ensure system security issues. Based primarily on this issue, we discussed issues related to certification systems, SSL protocol as well as SET protocol. In addition, the article also describes the business several other safety-related technology.
文摘Shopping malls are accessed by people from all walks of life and, therefore, provision of adequate fire safety measures is equally important. In Dares Salaam, Tanzania, at large construction, use of shopping malls is a relatively new experience, and risks associated with use of shopping malls, such as fire outbreak, are not evident to frequent users. The main purpose of the study is to assess awareness of fire safety measures for users and staff of two shopping malls located in Dares Salaam. The research adopted a case study strategy, and 100 respondents were involved in the study. Both random and purposive sampling methods were used to select respondents for the study. Multiple sources of evidence were used in data collection, namely literature review, observations, questionnaires and interviews. Findings indicate that both shopping malls have in place fairly fire prevention measures with varying degrees. Majority of staff and users indicated that they know fire safety measures but their poor knowledge was reflected in assessing them on diferent equipment and installations, such as foam, hose reel, sprinklers and drenchers. The paper concludes that awarenes of fire safety measure of users and staff of the two shopping malls is relatively low. It is, therefore, recommended that provision of fire safety training and instructions, such as posters for users and seminars for staff of shopping malls, shall be a main focus of shopping malls owners and responsible authorities.
文摘In recent years, researchers tended to bring new alternative to biological protective systems used in conservation of food and production of safe food. Use of bacteriophage against to pathogen bacteria in food was the most hopeful system in these methods about bio-control. Controls of bacteriophage for each pathogen species and subspecies and determination of phage-host originality are important because efficient bio-control was achieved. Researches concentrated on some food-borne pathogen bacteria such as E. coli O157:H7, Campylobacter, Salmonella and Listeria. In a consequence of these studies made as in vitro and in vivo, first commercial production of phage which will be used in foods was made in Netherlands. Also, it has been informed that use of phage is cost-efficient alternative as compared with other preservatives. This review, discussed application of bacteriophages as bio-control agents in food and advantages and disadvantages about uses of bacteriophages by taking into account antimicrobial characteristics of them.
文摘In this paper, an efficient fair e-cash system is presented. Based on the improved Brands’ e-cash scheme, it is expanded by adding two roles, government and judges. The user can keep unconditionally anonymous in normal transactions. Authorized by the judges, the government can remove the identity of an illegal user with the help of the bank. So such misuse as blackmailing or money laundering can be prevented. Therefore, this scheme is more efficient, more suitable for adopting pre-processing and post-processing and more practical. In the paper, the details of the scheme are described, its security is proved, and its efficiency is analyzed.
文摘In this paper the authors show how software component design can affect security properties through different composition operators. The authors define software composition as the result of aggregating and/or associating a component to a software system. The component itself may be informational or functional and carry a certain level of security attribute. The authors first show that the security attributes or properties form a lattice structure when combined with the appropriate least upper bound and greatest lower bound type of operators. Three composition operators, named C l, C2 and C3 are developed. The system's security properties resulting from these compositions are then studied. The authors discuss how different composition operators maintain, relax and restrict the security properties. Finally, the authors show that C1 and C2 composition operators are order-sensitive and that C3 is order-insensitive.
