The expansibility of PKI is expected to have the features that when the amount of user exceeds the system capacity, the users’ requirement can still be met by simply expanding the number of PKI entities and managemen...The expansibility of PKI is expected to have the features that when the amount of user exceeds the system capacity, the users’ requirement can still be met by simply expanding the number of PKI entities and management levels, and this expansion should be achieved smoothly from the original system. The upward, downward, and horizontal expansions of PKI are discussed in this paper. A path discovery method is suggested to reduce the effect of PKI expansion to the end entities, so as to enhance the availbility of PKI services.展开更多
with rapid achievement of current information technology and computing ability and applications,much more digital content such as films,cartoons,design drawings,office documents and software source codes are produced ...with rapid achievement of current information technology and computing ability and applications,much more digital content such as films,cartoons,design drawings,office documents and software source codes are produced in daily work,however to protect the content being copying,shared or deliberately stolen by inside or outside,digital rights management(DRM) became more and more important for digital content protection.In this paper,we studied various DRM model,technology and application,and first proposed DRM Security Infrastructure(DSI),in which we defined encryption,hash,signature algorithm,watermarking algorithms,authentication,usage control,trusted counter,conditional trace,secure payment,and based on the DSI we then proposed a whole classification approach and architecture of all kinds of DRMs,in which we proposed 6 typical classes of copyrights and content protection DRMs architecture:(1) Software-oriented DRM,(2) e Book-oriented DRM,(3) Video-oriented DRM,(4) Image-Oriented DRM(5) Unstructured data oriented DRM,(6) Text-oriented DRM.Based on the above DSI,we then proposed a dynamic DRM model selection method for various DRM application,which can be adapted dynamically for different technology of different applications,which can provide awhole solution for variant DRM development in a rapid and customized mode.The proposed DRM method,technology and application in this paper provided a common,flexible and extendable solution for variant DRM scenes,and can support rapid and customized development.Moreover,we proposed an opinion that the future life will enter into a new era that the content usage and consumption will not again adopt DRM technology rather than with law,liberty and morality.展开更多
Network intrusion forensics is an important extension to present security infrastructure,and is becoming the focus of forensics research field.However,comparison with sophisticated multi-stage attacks and volume of se...Network intrusion forensics is an important extension to present security infrastructure,and is becoming the focus of forensics research field.However,comparison with sophisticated multi-stage attacks and volume of sensor data,current practices in network forensic analysis are to manually examine,an error prone,labor-intensive and time consuming process.To solve these problems,in this paper we propose a digital evidence fusion method for network forensics with Dempster-Shafer theory that can detect efficiently computer crime in networked environments,and fuse digital evidence from different sources such as hosts and sub-networks automatically.In the end,we evaluate the method on well-known KDD Cup1999 dataset.The results prove our method is very effective for real-time network forensics,and can provide comprehensible messages for a forensic investigators.展开更多
Vehicle ad-hoc networks have developed rapidly these years,whose security and privacy issues are always concerned widely.In spite of a remarkable research on their security solutions,but in which there still lacks con...Vehicle ad-hoc networks have developed rapidly these years,whose security and privacy issues are always concerned widely.In spite of a remarkable research on their security solutions,but in which there still lacks considerations on how to secure vehicleto-vehicle communications,particularly when infrastructure is unavailable.In this paper,we propose a lightweight certificateless and oneround key agreement scheme without pairing,and further prove the security of the proposed scheme in the random oracle model.The proposed scheme is expected to not only resist known attacks with less computation cost,but also as an efficient way to relieve the workload of vehicle-to-vehicle authentication,especially in no available infrastructure circumstance.A comprehensive evaluation,including security analysis,efficiency analysis and simulation evaluation,is presented to confirm the security and feasibility of the proposed scheme.展开更多
Goafs are threats to safe mining.Their imaging effects or those of other complex geological bodies are often poor in conventional reflected wave images.Hence,accurate detection of goafs has become an important problem...Goafs are threats to safe mining.Their imaging effects or those of other complex geological bodies are often poor in conventional reflected wave images.Hence,accurate detection of goafs has become an important problem,to be solved with a sense of urgency.Based on scattering theory,we used an equivalent offset method to extract Common Scattering Point gathers,in order to analyze different scattering wave characteristics between Common Scattering Point and Common Mid Point gathers and to compare stack and migration imaging effects.Our research results show that the scattering wave imaging method is more efficient than the conventional imaging method and is therefore a more effective imaging method for detecting goafs and other complex geological bodies.It has important implications for safe mining procedures and infrastructures.展开更多
This paper presents the argument that the security of strategic industries is more important than financial security and lies at the heart of economic security. It further identifies the following industries as strate...This paper presents the argument that the security of strategic industries is more important than financial security and lies at the heart of economic security. It further identifies the following industries as strategic industries: sustenance industry, infrastructure industry, equipment industry, environmental industry and information industry. For the health and security of the national economy, this paper proposes that a priority must be placed on researching the security of strategic industries.展开更多
Advanced intelligent or "smart" meters are being deployed in Asia. A result of deployment of smart meters, with associated equipment, is the electric power industry faced with new and changing threats, vulnerabiliti...Advanced intelligent or "smart" meters are being deployed in Asia. A result of deployment of smart meters, with associated equipment, is the electric power industry faced with new and changing threats, vulnerabilities and re-evaluate traditional approaches to cyber security. Protection against emerging cyber-security threats targeting smart meter infrastructures will increase risk to both the utility and customer if not addressed within initial rollouts. This paper will discuss the issues in SMI (smart meter infrastructures) deployments that pertain to cyber security. It will cover topics such as the threats to operations, infrastructure, network and people and organization and their associated risks. SMI deployments include not only the smart meter, but also the interfaces for home energy management systems as well as communication interfaces back to the utility. Utilities must recognize and anticipate the new threat landscape that can attack and compromise the meter and the associated field network collectors. They must also include threats to the WAN (wide-area-network) backhaul networks, smart meter headends, MDMS (meter data management systems) and their interfaces to CIS (customer information systems) and billing and OMS (outage management systems). Lessons learned from SMI implementations from North America, Europe and recently, Japan, will be discussed. How white-box and black-box testing techniques are applied to determine the threat impact to the SMI. Finally, organizational change risk will be discussed and how utilities have responded to re-organizing and developing a security governance structure for the SMI and other smart grid applications.展开更多
There is tremendous growth in the use of Geographic Information Systems(GIS), Global Positioning Systems (GPS), Remote Sensing, Satellite Communication, andModeling & Simulation techniques.These tools and techniqu...There is tremendous growth in the use of Geographic Information Systems(GIS), Global Positioning Systems (GPS), Remote Sensing, Satellite Communication, andModeling & Simulation techniques.These tools and techniques helps significantly in characterizinginfrastructure, risk area and disaster zones, planning and implementation ofhazards reduction measures etc.Communication satellites becomes vital for providingemergency communication and timely relief measures.Integration of space technologyinputs into natural disaster monitoring and mitigation mechanisms is critical for hazard reduction.This paper mainly focused on all the issues described above.Major emphasis hadbeen given to the recent developments in information & communication technology enabledtools and their applications in mining industries for safe mining operations with increasedproductivity.展开更多
The problem of perfectly secure communication has enjoyed considerable theoretical treatment over the last decades. Results in this area include the identification of multipath transmission as a necessary ingredient, ...The problem of perfectly secure communication has enjoyed considerable theoretical treatment over the last decades. Results in this area include the identification of multipath transmission as a necessary ingredient, as well as quantum key distribution (QKD), which can perfectly protect direct lines, Combining the advantages of the quantum and multipath transmission paradigm, as well as rigorously analyzing the security of such combined techniques, is possible by virtue of game-theory. Based on a game-theoretic measure of channel vulnerability, the authors prove the problem of setting up infrastructures for QKD-based multipath transmission to be NP-complete. The authors consider the problem in two flavors, both being computationally hard. Remarkably, the authors' results indicate that the P-vs-NP-question is only of minor effect for confidentiality, because either nowadays public-key cryptosystems remain secure (in case that P, NP) or infrastructures facilitating perfectly confidential communication can be constructed efficiently (in case that P = NP).展开更多
Separation issue is one of the most important problems about cloud computing security. Tenants should be separated from each other based on cloud infrastructure and different users from one tenant should be separated ...Separation issue is one of the most important problems about cloud computing security. Tenants should be separated from each other based on cloud infrastructure and different users from one tenant should be separated from each other with the constraint of security policies. Learning from the notion of trusted cloud computing and trustworthiness in cloud, in this paper, a multi-level authorization separation model is formally described, and a series of rules are proposed to summarize the separation property of this model. The correctness of the rules is proved. Furthermore, based on this model, a tenant separation mechanism is deployed in a real world mixed-critical information system. Performance benchmarks have shown the availability and efficiency of this mechanism.展开更多
The paper introduces automotive safety cost formula, which defines the concept of private costs, technology costs and social costs and analyzes the impact of economic externalities in individual purchase decisions on ...The paper introduces automotive safety cost formula, which defines the concept of private costs, technology costs and social costs and analyzes the impact of economic externalities in individual purchase decisions on urban traffic safety in the private costs and discusses the concept of hard and soft technology and its function to improve vehicle safety. Take people, vehicles and the environment as the main line and points out the promoting role of the relevant state departments, policy, research institutions and transportation infrastructure in the social cost for the entire transportation system security. Finally, about the security of car crash in low speed on urban roads, the paper gives some recommendations as for private costs, technology costs and social costs factor.展开更多
Complex cyber-physical network refers to a new generatio~ of complex networks whose normal functioning significantly relies on tight interactions between its physical and cyber compo- nents. Many modern critical infra...Complex cyber-physical network refers to a new generatio~ of complex networks whose normal functioning significantly relies on tight interactions between its physical and cyber compo- nents. Many modern critical infrastructures can be appropriately modelled as complex cyber-physical networks. Typical examples of such infrastructures are electrical power grids, WWW, public trans- portation systems, state financial networks, and the Interact. These critical facilities play important roles in ensuring the stability of society as well as the development of economy. Advances in informa- tion and communication technology open opportunities for malicious attackers to launch coordinated attacks on cyber-physical critical facilities in networked infrastructures from any Interact-accessible place. Cybersecurity of complex cyber-physical networks has emerged as a hot topic within this con- text. In practice, it is also very crucial to understand the interplay between the evolution of underlying network structures and the collective dynamics on these complex networks and consequently to design efficient security control strategies to protect the evolution of these networks. In this paper, cybersecu- rity of complex cyber-physical networks is first outlined and then some security enhancing techniques, with particular emphasis on safety communications, attack detection and fault-tolerant control, are suggested. Furthermore, a new class of efficient secure the achievement of desirable pinning synchronization control strategies are proposed for guaranteeing behaviors in complex cyber-physical networks against malicious attacks on nodes. The authors hope that this paper motivates to design enhanced security strategies for complex cyber-physical network systems, to realize resilient and secure critical infrastructures.展开更多
文摘The expansibility of PKI is expected to have the features that when the amount of user exceeds the system capacity, the users’ requirement can still be met by simply expanding the number of PKI entities and management levels, and this expansion should be achieved smoothly from the original system. The upward, downward, and horizontal expansions of PKI are discussed in this paper. A path discovery method is suggested to reduce the effect of PKI expansion to the end entities, so as to enhance the availbility of PKI services.
文摘with rapid achievement of current information technology and computing ability and applications,much more digital content such as films,cartoons,design drawings,office documents and software source codes are produced in daily work,however to protect the content being copying,shared or deliberately stolen by inside or outside,digital rights management(DRM) became more and more important for digital content protection.In this paper,we studied various DRM model,technology and application,and first proposed DRM Security Infrastructure(DSI),in which we defined encryption,hash,signature algorithm,watermarking algorithms,authentication,usage control,trusted counter,conditional trace,secure payment,and based on the DSI we then proposed a whole classification approach and architecture of all kinds of DRMs,in which we proposed 6 typical classes of copyrights and content protection DRMs architecture:(1) Software-oriented DRM,(2) e Book-oriented DRM,(3) Video-oriented DRM,(4) Image-Oriented DRM(5) Unstructured data oriented DRM,(6) Text-oriented DRM.Based on the above DSI,we then proposed a dynamic DRM model selection method for various DRM application,which can be adapted dynamically for different technology of different applications,which can provide awhole solution for variant DRM development in a rapid and customized mode.The proposed DRM method,technology and application in this paper provided a common,flexible and extendable solution for variant DRM scenes,and can support rapid and customized development.Moreover,we proposed an opinion that the future life will enter into a new era that the content usage and consumption will not again adopt DRM technology rather than with law,liberty and morality.
基金supported by the National Natural Science Foundation of China under Grant No.60903166 the National High Technology Research and Development Program of China(863 Program) under Grants No.2012AA012506,No.2012AA012901,No.2012AA012903+9 种基金 Specialized Research Fund for the Doctoral Program of Higher Education of China under Grant No.20121103120032 the Humanity and Social Science Youth Foundation of Ministry of Education of China under Grant No.13YJCZH065 the Opening Project of Key Lab of Information Network Security of Ministry of Public Security(The Third Research Institute of Ministry of Public Security) under Grant No.C13613 the China Postdoctoral Science Foundation General Program of Science and Technology Development Project of Beijing Municipal Education Commission of China under Grant No.km201410005012 the Research on Education and Teaching of Beijing University of Technology under Grant No.ER2013C24 the Beijing Municipal Natural Science Foundation Sponsored by Hunan Postdoctoral Scientific Program Open Research Fund of Beijing Key Laboratory of Trusted Computing Funds for the Central Universities, Contract No.2012JBM030
文摘Network intrusion forensics is an important extension to present security infrastructure,and is becoming the focus of forensics research field.However,comparison with sophisticated multi-stage attacks and volume of sensor data,current practices in network forensic analysis are to manually examine,an error prone,labor-intensive and time consuming process.To solve these problems,in this paper we propose a digital evidence fusion method for network forensics with Dempster-Shafer theory that can detect efficiently computer crime in networked environments,and fuse digital evidence from different sources such as hosts and sub-networks automatically.In the end,we evaluate the method on well-known KDD Cup1999 dataset.The results prove our method is very effective for real-time network forensics,and can provide comprehensible messages for a forensic investigators.
基金This work was supported in part by the National Natural Science Foundation of China under Grant No.61170217,61272469,61303212,61332019,and Grant No.U1135004,and by the Fundamental Research Founds for National University,China University of Geosciences
文摘Vehicle ad-hoc networks have developed rapidly these years,whose security and privacy issues are always concerned widely.In spite of a remarkable research on their security solutions,but in which there still lacks considerations on how to secure vehicleto-vehicle communications,particularly when infrastructure is unavailable.In this paper,we propose a lightweight certificateless and oneround key agreement scheme without pairing,and further prove the security of the proposed scheme in the random oracle model.The proposed scheme is expected to not only resist known attacks with less computation cost,but also as an efficient way to relieve the workload of vehicle-to-vehicle authentication,especially in no available infrastructure circumstance.A comprehensive evaluation,including security analysis,efficiency analysis and simulation evaluation,is presented to confirm the security and feasibility of the proposed scheme.
基金Financial support for this work,provided by the Key National Project(No.2008ZX05035)the State Science and Technology Support Program,the National Natural Science Foundation of China (Nos.40574057,40874054,40804026)the State Basic Research and Development Program of China(No.2007CB209406)
文摘Goafs are threats to safe mining.Their imaging effects or those of other complex geological bodies are often poor in conventional reflected wave images.Hence,accurate detection of goafs has become an important problem,to be solved with a sense of urgency.Based on scattering theory,we used an equivalent offset method to extract Common Scattering Point gathers,in order to analyze different scattering wave characteristics between Common Scattering Point and Common Mid Point gathers and to compare stack and migration imaging effects.Our research results show that the scattering wave imaging method is more efficient than the conventional imaging method and is therefore a more effective imaging method for detecting goafs and other complex geological bodies.It has important implications for safe mining procedures and infrastructures.
文摘This paper presents the argument that the security of strategic industries is more important than financial security and lies at the heart of economic security. It further identifies the following industries as strategic industries: sustenance industry, infrastructure industry, equipment industry, environmental industry and information industry. For the health and security of the national economy, this paper proposes that a priority must be placed on researching the security of strategic industries.
文摘Advanced intelligent or "smart" meters are being deployed in Asia. A result of deployment of smart meters, with associated equipment, is the electric power industry faced with new and changing threats, vulnerabilities and re-evaluate traditional approaches to cyber security. Protection against emerging cyber-security threats targeting smart meter infrastructures will increase risk to both the utility and customer if not addressed within initial rollouts. This paper will discuss the issues in SMI (smart meter infrastructures) deployments that pertain to cyber security. It will cover topics such as the threats to operations, infrastructure, network and people and organization and their associated risks. SMI deployments include not only the smart meter, but also the interfaces for home energy management systems as well as communication interfaces back to the utility. Utilities must recognize and anticipate the new threat landscape that can attack and compromise the meter and the associated field network collectors. They must also include threats to the WAN (wide-area-network) backhaul networks, smart meter headends, MDMS (meter data management systems) and their interfaces to CIS (customer information systems) and billing and OMS (outage management systems). Lessons learned from SMI implementations from North America, Europe and recently, Japan, will be discussed. How white-box and black-box testing techniques are applied to determine the threat impact to the SMI. Finally, organizational change risk will be discussed and how utilities have responded to re-organizing and developing a security governance structure for the SMI and other smart grid applications.
文摘There is tremendous growth in the use of Geographic Information Systems(GIS), Global Positioning Systems (GPS), Remote Sensing, Satellite Communication, andModeling & Simulation techniques.These tools and techniques helps significantly in characterizinginfrastructure, risk area and disaster zones, planning and implementation ofhazards reduction measures etc.Communication satellites becomes vital for providingemergency communication and timely relief measures.Integration of space technologyinputs into natural disaster monitoring and mitigation mechanisms is critical for hazard reduction.This paper mainly focused on all the issues described above.Major emphasis hadbeen given to the recent developments in information & communication technology enabledtools and their applications in mining industries for safe mining operations with increasedproductivity.
文摘The problem of perfectly secure communication has enjoyed considerable theoretical treatment over the last decades. Results in this area include the identification of multipath transmission as a necessary ingredient, as well as quantum key distribution (QKD), which can perfectly protect direct lines, Combining the advantages of the quantum and multipath transmission paradigm, as well as rigorously analyzing the security of such combined techniques, is possible by virtue of game-theory. Based on a game-theoretic measure of channel vulnerability, the authors prove the problem of setting up infrastructures for QKD-based multipath transmission to be NP-complete. The authors consider the problem in two flavors, both being computationally hard. Remarkably, the authors' results indicate that the P-vs-NP-question is only of minor effect for confidentiality, because either nowadays public-key cryptosystems remain secure (in case that P, NP) or infrastructures facilitating perfectly confidential communication can be constructed efficiently (in case that P = NP).
基金supported by the Fundamental Research funds for the central Universities of China (No. K15JB00190)the Ph.D. Programs Foundation of Ministry of Education of China (No. 20120009120010)the Program for Innovative Research Team in University of Ministry of Education of China (IRT201206)
文摘Separation issue is one of the most important problems about cloud computing security. Tenants should be separated from each other based on cloud infrastructure and different users from one tenant should be separated from each other with the constraint of security policies. Learning from the notion of trusted cloud computing and trustworthiness in cloud, in this paper, a multi-level authorization separation model is formally described, and a series of rules are proposed to summarize the separation property of this model. The correctness of the rules is proved. Furthermore, based on this model, a tenant separation mechanism is deployed in a real world mixed-critical information system. Performance benchmarks have shown the availability and efficiency of this mechanism.
文摘The paper introduces automotive safety cost formula, which defines the concept of private costs, technology costs and social costs and analyzes the impact of economic externalities in individual purchase decisions on urban traffic safety in the private costs and discusses the concept of hard and soft technology and its function to improve vehicle safety. Take people, vehicles and the environment as the main line and points out the promoting role of the relevant state departments, policy, research institutions and transportation infrastructure in the social cost for the entire transportation system security. Finally, about the security of car crash in low speed on urban roads, the paper gives some recommendations as for private costs, technology costs and social costs factor.
基金supported by the National Key Research and Development Program of China under Grant No.2016YFB0800401the National Nature Science Foundation of China under Grant Nos.61304168,61673104,and 61322302+3 种基金the Natural Science Foundation of Jiangsu Province of China under Grant No.BK20130595the National Ten Thousand Talent Program for Young Top-Notch Talents,the Six Talent Peaks of Jiangsu Province of China under Grant No.2014-DZXX-004the Doctoral Program of Higher Education of China under Grant No.20130092120030the Fundamental Research Funds for the Central Universities of China under Grant No.2242016K41030
文摘Complex cyber-physical network refers to a new generatio~ of complex networks whose normal functioning significantly relies on tight interactions between its physical and cyber compo- nents. Many modern critical infrastructures can be appropriately modelled as complex cyber-physical networks. Typical examples of such infrastructures are electrical power grids, WWW, public trans- portation systems, state financial networks, and the Interact. These critical facilities play important roles in ensuring the stability of society as well as the development of economy. Advances in informa- tion and communication technology open opportunities for malicious attackers to launch coordinated attacks on cyber-physical critical facilities in networked infrastructures from any Interact-accessible place. Cybersecurity of complex cyber-physical networks has emerged as a hot topic within this con- text. In practice, it is also very crucial to understand the interplay between the evolution of underlying network structures and the collective dynamics on these complex networks and consequently to design efficient security control strategies to protect the evolution of these networks. In this paper, cybersecu- rity of complex cyber-physical networks is first outlined and then some security enhancing techniques, with particular emphasis on safety communications, attack detection and fault-tolerant control, are suggested. Furthermore, a new class of efficient secure the achievement of desirable pinning synchronization control strategies are proposed for guaranteeing behaviors in complex cyber-physical networks against malicious attacks on nodes. The authors hope that this paper motivates to design enhanced security strategies for complex cyber-physical network systems, to realize resilient and secure critical infrastructures.
