随着企业向电子商务转移,单靠企业的 IT 部门已不能满足对系统管理和维护的繁重要求,于是,由第三方完成的新型服务——应用托管(Application Hosting)和应用服务提供商(ASP)应运而生。先是美国,接着是日本,逐渐势微的 Internet 接入服...随着企业向电子商务转移,单靠企业的 IT 部门已不能满足对系统管理和维护的繁重要求,于是,由第三方完成的新型服务——应用托管(Application Hosting)和应用服务提供商(ASP)应运而生。先是美国,接着是日本,逐渐势微的 Internet 接入服务市场又现出了生机。1999年初,在国外的 IT 市场上,应用服务提供商和应用托管的逐渐成长预示着其发展的必然性。其实,ASP 最早出现于1998年,其创始者是Quest Communication 公司和 PSInet 等通信公司,他们通过在数据中心开设应用服务,从服务器进行分发 E-mail、会计处理等软件应用。1999年下半年,IBM 面向中小企业的实施“应用托管”。展开更多
指出了安全体系架构问题是安全开发和安全应用所面临的最关键问题,In te l的安全体系架构(CDSA)就是一种典型的集中式安全体系架构设计.对In te l的安全体系架构CDSA的技术原理、安全功能作了介绍,重点分析了该安全体系的优势与不足等,...指出了安全体系架构问题是安全开发和安全应用所面临的最关键问题,In te l的安全体系架构(CDSA)就是一种典型的集中式安全体系架构设计.对In te l的安全体系架构CDSA的技术原理、安全功能作了介绍,重点分析了该安全体系的优势与不足等,为开展由此安全体系开发设计出来的密码硬软件的分析解剖打下基础.展开更多
The three surgical patient safety events, wrong site surgery, retained surgical items (RSI) and surgical fires are rare occurrences and thus their effects on the complex modern operating room (OR) are difficult to stu...The three surgical patient safety events, wrong site surgery, retained surgical items (RSI) and surgical fires are rare occurrences and thus their effects on the complex modern operating room (OR) are difficult to study. The likelihood of occurrence and the magnitude of risk for each of these surgical safety events are undefined. Many providers may never have a personal experience with one of these events and training and education on these topics are sparse. These circumstances lead to faulty thinking that a provider won't ever have an event or if one does occur the provider will intuitively know what to do. Surgeons are not preoccupied with failure and tend to usually consider good outcomes, which leads them to ignore or diminish the importance of implementing and following simple safety practices. These circumstances contribute to the persistent low level occurrence of these three events and to the difficulty in generating sufficient interest to resource solutions. Individual facilities rarely have the time or talent to understand these events and develop lasting solutions. More often than not, even the most well meaning internal review results in a new line to a policy and some rigorous enforcement mandate. This approach routinely fails and is another reason why these problems are so persistent. Vigilance actions alone havebeen unsuccessful so hospitals now have to take a systematic approach to implementing safer processes and providing the resources for surgeons and other stake-holders to optimize the OR environment. This article discusses standardized processes of care for mitigation of injury or outright prevention of wrong site surgery, RSI and surgical fires in an action-oriented framework illustrating the strategic elements important in each event and focusing on the responsibilities for each of the three major OR agents-anesthesiologists, surgeons and nurses. A Surgical Patient Safety Checklist is discussed that incorporates the necessary elements to bring these team members together and influence the emergence of a safer OR.展开更多
Despite that existing data sharing systems in online social networks (OSNs) propose to encrypt data before sharing, the multiparty access control of encrypted data has become a challenging issue. In this paper, we p...Despite that existing data sharing systems in online social networks (OSNs) propose to encrypt data before sharing, the multiparty access control of encrypted data has become a challenging issue. In this paper, we propose a secure data sharing scheme in 0SNs based on ciphertext-policy attribute- based proxy re-encryption and secret sharing. In order to protect users' sensitive data, our scheme allows users to customize access policies of their data and then outsource encrypted data to the OSNs service provider. Our scheme presents a multiparty access control model, which enables the disseminator to update the access policy of ciphertext if their attributes satisfy the existing access policy. Further, we present a partial decryption construction in which the computation overhead of user is largely reduced by delegating most of the decryption operations to the OSNs service provider. We also provide checkability on the results returned from the OSNs service provider to guarantee the correctness of partial decrypted ciphertext. Moreover, our scheme presents an efficient attribute revocation method that achieves both forward and backward secrecy. The security and performance analysis results indicate that the proposed scheme is secure and efficient in OSNs.展开更多
Cloud computing and storage services allow clients to move their data center and applications to centralized large data centers and thus avoid the burden of local data storage and maintenance.However,this poses new ch...Cloud computing and storage services allow clients to move their data center and applications to centralized large data centers and thus avoid the burden of local data storage and maintenance.However,this poses new challenges related to creating secure and reliable data storage over unreliable service providers.In this study,we address the problem of ensuring the integrity of data storage in cloud computing.In particular,we consider methods for reducing the burden of generating a constant amount of metadata at the client side.By exploiting some good attributes of the bilinear group,we can devise a simple and efficient audit service for public verification of untrusted and outsourced storage,which can be important for achieving widespread deployment of cloud computing.Whereas many prior studies on ensuring remote data integrity did not consider the burden of generating verification metadata at the client side,the objective of this study is to resolve this issue.Moreover,our scheme also supports data dynamics and public verifiability.Extensive security and performance analysis shows that the proposed scheme is highly efficient and provably secure.展开更多
This paper proposes a new access architecture onmobile cloud,which introduces a middle layer sitting between mobile devices and their cloud infrastructure.This middle layer is composed of cloudlets which are deployed ...This paper proposes a new access architecture onmobile cloud,which introduces a middle layer sitting between mobile devices and their cloud infrastructure.This middle layer is composed of cloudlets which are deployed by cloud services providers,such as wireless network access points(APs),to improve the performance of mobile cloud servicesand be different from traditional mobile operator mode.Then based on this new architecture.we improve our previous(Attribute-basedencryption) ABE access control scheme on cloud for mobile cloud,which is proposed to offload the main amount of computations to the cloudlet as the function of cloud.Simulationresults demonstratethe new access control scheme takes into consideration response time constraints and network statusof access task execution,while satisfying certain network security for mobile cloud.展开更多
文摘随着企业向电子商务转移,单靠企业的 IT 部门已不能满足对系统管理和维护的繁重要求,于是,由第三方完成的新型服务——应用托管(Application Hosting)和应用服务提供商(ASP)应运而生。先是美国,接着是日本,逐渐势微的 Internet 接入服务市场又现出了生机。1999年初,在国外的 IT 市场上,应用服务提供商和应用托管的逐渐成长预示着其发展的必然性。其实,ASP 最早出现于1998年,其创始者是Quest Communication 公司和 PSInet 等通信公司,他们通过在数据中心开设应用服务,从服务器进行分发 E-mail、会计处理等软件应用。1999年下半年,IBM 面向中小企业的实施“应用托管”。
文摘指出了安全体系架构问题是安全开发和安全应用所面临的最关键问题,In te l的安全体系架构(CDSA)就是一种典型的集中式安全体系架构设计.对In te l的安全体系架构CDSA的技术原理、安全功能作了介绍,重点分析了该安全体系的优势与不足等,为开展由此安全体系开发设计出来的密码硬软件的分析解剖打下基础.
文摘The three surgical patient safety events, wrong site surgery, retained surgical items (RSI) and surgical fires are rare occurrences and thus their effects on the complex modern operating room (OR) are difficult to study. The likelihood of occurrence and the magnitude of risk for each of these surgical safety events are undefined. Many providers may never have a personal experience with one of these events and training and education on these topics are sparse. These circumstances lead to faulty thinking that a provider won't ever have an event or if one does occur the provider will intuitively know what to do. Surgeons are not preoccupied with failure and tend to usually consider good outcomes, which leads them to ignore or diminish the importance of implementing and following simple safety practices. These circumstances contribute to the persistent low level occurrence of these three events and to the difficulty in generating sufficient interest to resource solutions. Individual facilities rarely have the time or talent to understand these events and develop lasting solutions. More often than not, even the most well meaning internal review results in a new line to a policy and some rigorous enforcement mandate. This approach routinely fails and is another reason why these problems are so persistent. Vigilance actions alone havebeen unsuccessful so hospitals now have to take a systematic approach to implementing safer processes and providing the resources for surgeons and other stake-holders to optimize the OR environment. This article discusses standardized processes of care for mitigation of injury or outright prevention of wrong site surgery, RSI and surgical fires in an action-oriented framework illustrating the strategic elements important in each event and focusing on the responsibilities for each of the three major OR agents-anesthesiologists, surgeons and nurses. A Surgical Patient Safety Checklist is discussed that incorporates the necessary elements to bring these team members together and influence the emergence of a safer OR.
基金This work has been supported by the National Natural Science Foundation of China under Grant No.61272519,the Specialized Research Fund for the Doctoral Program of Higher Education under Grant No.20120005110017,and the National Key Technology R&D Program under Grant No.2012BAH06B02
文摘Despite that existing data sharing systems in online social networks (OSNs) propose to encrypt data before sharing, the multiparty access control of encrypted data has become a challenging issue. In this paper, we propose a secure data sharing scheme in 0SNs based on ciphertext-policy attribute- based proxy re-encryption and secret sharing. In order to protect users' sensitive data, our scheme allows users to customize access policies of their data and then outsource encrypted data to the OSNs service provider. Our scheme presents a multiparty access control model, which enables the disseminator to update the access policy of ciphertext if their attributes satisfy the existing access policy. Further, we present a partial decryption construction in which the computation overhead of user is largely reduced by delegating most of the decryption operations to the OSNs service provider. We also provide checkability on the results returned from the OSNs service provider to guarantee the correctness of partial decrypted ciphertext. Moreover, our scheme presents an efficient attribute revocation method that achieves both forward and backward secrecy. The security and performance analysis results indicate that the proposed scheme is secure and efficient in OSNs.
基金the National Natural Science Foundation of China,the National Basic Research Program of China ("973" Program) the National High Technology Research and Development Program of China ("863" Program)
文摘Cloud computing and storage services allow clients to move their data center and applications to centralized large data centers and thus avoid the burden of local data storage and maintenance.However,this poses new challenges related to creating secure and reliable data storage over unreliable service providers.In this study,we address the problem of ensuring the integrity of data storage in cloud computing.In particular,we consider methods for reducing the burden of generating a constant amount of metadata at the client side.By exploiting some good attributes of the bilinear group,we can devise a simple and efficient audit service for public verification of untrusted and outsourced storage,which can be important for achieving widespread deployment of cloud computing.Whereas many prior studies on ensuring remote data integrity did not consider the burden of generating verification metadata at the client side,the objective of this study is to resolve this issue.Moreover,our scheme also supports data dynamics and public verifiability.Extensive security and performance analysis shows that the proposed scheme is highly efficient and provably secure.
基金supported by National Natural Science Foundation of China(No.U 1405254, 61472092)China Postdoctoral Science Foundation(No.2015M581101)National Science and Technology SupportingFoundation of China(No.2014BAH41B00)
文摘This paper proposes a new access architecture onmobile cloud,which introduces a middle layer sitting between mobile devices and their cloud infrastructure.This middle layer is composed of cloudlets which are deployed by cloud services providers,such as wireless network access points(APs),to improve the performance of mobile cloud servicesand be different from traditional mobile operator mode.Then based on this new architecture.we improve our previous(Attribute-basedencryption) ABE access control scheme on cloud for mobile cloud,which is proposed to offload the main amount of computations to the cloudlet as the function of cloud.Simulationresults demonstratethe new access control scheme takes into consideration response time constraints and network statusof access task execution,while satisfying certain network security for mobile cloud.
