Private clouds and public clouds are turning mutually into the open integrated cloud computing environment,which can aggregate and utilize WAN and LAN networks computing,storage,information and other hardware and soft...Private clouds and public clouds are turning mutually into the open integrated cloud computing environment,which can aggregate and utilize WAN and LAN networks computing,storage,information and other hardware and software resources sufficiently,but also bring a series of security,reliability and credibility problems.To solve these problems,a novel secure-agent-based trustworthy virtual private cloud model named SATVPC was proposed for the integrated and open cloud computing environment.Through the introduction of secure-agent technology,SATVPC provides an independent,safe and trustworthy computing virtual private platform for multi-tenant systems.In order to meet the needs of the credibility of SATVPC and mandate the trust relationship between each task execution agent and task executor node suitable for their security policies,a new dynamic composite credibility evaluation mechanism was presented,including the credit index computing algorithm and the credibility differentiation strategy.The experimental system shows that SATVPC and the credibility evaluation mechanism can ensure the security of open computing environments with feasibility.Experimental results and performance analysis also show that the credit indexes computing algorithm can evaluate the credibilities of task execution agents and task executor nodes quantitatively,correctly and operationally.展开更多
New attacks are emerging rapidly in Information Security; hence the tools and technologies available for securing the information needs substantial upgradation as well as skills for operationalization to mitigate thes...New attacks are emerging rapidly in Information Security; hence the tools and technologies available for securing the information needs substantial upgradation as well as skills for operationalization to mitigate these attacks. It requires creation of practical training environment with tools and technologies available for Information Security. The design of Information Security courses involves scenario based hands-on-labs with real time security incidents and problems with global reach which could be customized quickly as per the scenario and user's requirement. In order to understand the underlying concepts as well as to learn the practical aspects of network and system security environment, an initiative has been taken and a Virtual Test Bed has been developed to meet the above objectives. It is an essential component in Information Security training concept which could be used to perform actual security attacks and remedial measures as well as to test the effectiveness of protection mechanisms and help in handling the security incidents effectively. This paper discusses the development of this Test Bed for Information Security skill development with virtual training environment using which Information Security concepts, attacks on networks/systems and practical scenarios are simulated for imparting hands on training to participants.展开更多
Recently,virtualization technologies have been widely used in industry.In order to monitor the security of target systems in virtualization environments,conventional methods usually put the security monitoring mechani...Recently,virtualization technologies have been widely used in industry.In order to monitor the security of target systems in virtualization environments,conventional methods usually put the security monitoring mechanism into the normal functionality of the target systems.However,these methods are either prone to be tempered by attackers or introduce considerable performance overhead for target systems.To address these problems,in this paper,we present a concurrent security monitoring method which decouples traditional serial mechanisms,including security event collector and analyzer,into two concurrent components.On one hand,we utilize the SIM framework to deploy the event collector into the target virtual machine.On the other hand,we combine the virtualization technology and multi-core technology to put the event analyzer into a trusted execution environment.To address the synchronization problem between these two concurrent components,we make use of Lamport's ring buffer algorithm.Based on the Xen hypervisor,we have implemented a prototype system named COMO.The experimental results show that COMO can monitor the security of the target virtual machine concurrently within a little performance overhead.展开更多
The market for shallow geothermal solutions has been continuously growing in Sweden and is recognized as a cost effective and environmental sound way for space heating. In later years, UTES (underground thermal energ...The market for shallow geothermal solutions has been continuously growing in Sweden and is recognized as a cost effective and environmental sound way for space heating. In later years, UTES (underground thermal energy storage) systems have become fTequently installed for combined heating and cooling of commercial and institutional buildings. After 20 years, operational experiences of these systems are proved to be energy efficient, technically safe and profitable. In this paper, the current statistics of UTES applications are given as well as market trends and technical development. The goal is to encourage designers and installers in other counties to use this promising technology.展开更多
基金Projects(61202004,61272084)supported by the National Natural Science Foundation of ChinaProjects(2011M500095,2012T50514)supported by the China Postdoctoral Science Foundation+2 种基金Projects(BK2011754,BK2009426)supported by the Natural Science Foundation of Jiangsu Province,ChinaProject(12KJB520007)supported by the Natural Science Fund of Higher Education of Jiangsu Province,ChinaProject(yx002001)supported by the Priority Academic Program Development of Jiangsu Higher Education Institutions,China
文摘Private clouds and public clouds are turning mutually into the open integrated cloud computing environment,which can aggregate and utilize WAN and LAN networks computing,storage,information and other hardware and software resources sufficiently,but also bring a series of security,reliability and credibility problems.To solve these problems,a novel secure-agent-based trustworthy virtual private cloud model named SATVPC was proposed for the integrated and open cloud computing environment.Through the introduction of secure-agent technology,SATVPC provides an independent,safe and trustworthy computing virtual private platform for multi-tenant systems.In order to meet the needs of the credibility of SATVPC and mandate the trust relationship between each task execution agent and task executor node suitable for their security policies,a new dynamic composite credibility evaluation mechanism was presented,including the credit index computing algorithm and the credibility differentiation strategy.The experimental system shows that SATVPC and the credibility evaluation mechanism can ensure the security of open computing environments with feasibility.Experimental results and performance analysis also show that the credit indexes computing algorithm can evaluate the credibilities of task execution agents and task executor nodes quantitatively,correctly and operationally.
文摘New attacks are emerging rapidly in Information Security; hence the tools and technologies available for securing the information needs substantial upgradation as well as skills for operationalization to mitigate these attacks. It requires creation of practical training environment with tools and technologies available for Information Security. The design of Information Security courses involves scenario based hands-on-labs with real time security incidents and problems with global reach which could be customized quickly as per the scenario and user's requirement. In order to understand the underlying concepts as well as to learn the practical aspects of network and system security environment, an initiative has been taken and a Virtual Test Bed has been developed to meet the above objectives. It is an essential component in Information Security training concept which could be used to perform actual security attacks and remedial measures as well as to test the effectiveness of protection mechanisms and help in handling the security incidents effectively. This paper discusses the development of this Test Bed for Information Security skill development with virtual training environment using which Information Security concepts, attacks on networks/systems and practical scenarios are simulated for imparting hands on training to participants.
基金supported in part by National Natural Science Foundation of China(NSFC)under Grant No.61100228 and 61202479the National High-tech R&D Program of China under Grant No.2012AA013101+1 种基金the Strategic Priority Research Program of the Chinese Academy of Sciences under Grant No.XDA06030601 and XDA06010701Open Found of Key Laboratory of IOT Application Technology of Universities in Yunnan Province Grant No.2015IOT03
文摘Recently,virtualization technologies have been widely used in industry.In order to monitor the security of target systems in virtualization environments,conventional methods usually put the security monitoring mechanism into the normal functionality of the target systems.However,these methods are either prone to be tempered by attackers or introduce considerable performance overhead for target systems.To address these problems,in this paper,we present a concurrent security monitoring method which decouples traditional serial mechanisms,including security event collector and analyzer,into two concurrent components.On one hand,we utilize the SIM framework to deploy the event collector into the target virtual machine.On the other hand,we combine the virtualization technology and multi-core technology to put the event analyzer into a trusted execution environment.To address the synchronization problem between these two concurrent components,we make use of Lamport's ring buffer algorithm.Based on the Xen hypervisor,we have implemented a prototype system named COMO.The experimental results show that COMO can monitor the security of the target virtual machine concurrently within a little performance overhead.
文摘The market for shallow geothermal solutions has been continuously growing in Sweden and is recognized as a cost effective and environmental sound way for space heating. In later years, UTES (underground thermal energy storage) systems have become fTequently installed for combined heating and cooling of commercial and institutional buildings. After 20 years, operational experiences of these systems are proved to be energy efficient, technically safe and profitable. In this paper, the current statistics of UTES applications are given as well as market trends and technical development. The goal is to encourage designers and installers in other counties to use this promising technology.
