Addressing transportation planning, operation and investment challenges requires increasingly sophisticated data and information management strategies. ITS (intelligent transportation systems) and CV (connected veh...Addressing transportation planning, operation and investment challenges requires increasingly sophisticated data and information management strategies. ITS (intelligent transportation systems) and CV (connected vehicle) technologies represent a new approach to capturing and using needed transportation data in real time or near real time. In the case of Michigan, several ITS programs have been launched successfully, but independently of each other. The objective of this research is to evaluate and assess all important factors that will influence the collection, management and use of ITS data, and recommend strategies to develop integrated, dynamic and adaptive data management systems for state transportation agencies.展开更多
Recently,virtualization technologies have been widely used in industry.In order to monitor the security of target systems in virtualization environments,conventional methods usually put the security monitoring mechani...Recently,virtualization technologies have been widely used in industry.In order to monitor the security of target systems in virtualization environments,conventional methods usually put the security monitoring mechanism into the normal functionality of the target systems.However,these methods are either prone to be tempered by attackers or introduce considerable performance overhead for target systems.To address these problems,in this paper,we present a concurrent security monitoring method which decouples traditional serial mechanisms,including security event collector and analyzer,into two concurrent components.On one hand,we utilize the SIM framework to deploy the event collector into the target virtual machine.On the other hand,we combine the virtualization technology and multi-core technology to put the event analyzer into a trusted execution environment.To address the synchronization problem between these two concurrent components,we make use of Lamport's ring buffer algorithm.Based on the Xen hypervisor,we have implemented a prototype system named COMO.The experimental results show that COMO can monitor the security of the target virtual machine concurrently within a little performance overhead.展开更多
In the era of Web2.0, AJAX as one of the core technology to provide asynchronous communication with the server's ability to solve most of the Web site to force the user to enter the "submit, wait for redisplay proce...In the era of Web2.0, AJAX as one of the core technology to provide asynchronous communication with the server's ability to solve most of the Web site to force the user to enter the "submit, wait for redisplay process, so that user from requestfreed response cycle, ultimately allows developers and designers to use standard HTML / CSS / JavaScript to create a "desktop style Web applications. According AJAX principles and characteristics, and the combination of educational administration and educational management system based on AJAX technology solutions.展开更多
This paper describes control system network design and implementation of communication methods for automate warehouse management based on MFC, and the main features of VC6. 0 network communications programming and the...This paper describes control system network design and implementation of communication methods for automate warehouse management based on MFC, and the main features of VC6. 0 network communications programming and the method of implementation are discussed. Article described in detail the specific steps to achieve network communication for monitoring system, and gives the network communication process that combined with tile actual situation. Test results show that the system is stable and reliable.展开更多
In traditional framework,mandatory access control(MAC) system and malicious software are run in kernel mode. Malicious software can stop MAC systems to be started and make it do invalid. This problem cannot be solved ...In traditional framework,mandatory access control(MAC) system and malicious software are run in kernel mode. Malicious software can stop MAC systems to be started and make it do invalid. This problem cannot be solved under the traditional framework if the operating system(OS) is comprised since malwares are running in ring 0 level. In this paper,we propose a novel way to use hypervisors to protect kernel integrity and the access control system in commodity operating systems. We separate the access control system into three parts: policy management(PM),security server(SS) and policy enforcement(PE). Policy management and the security server reside in the security domain to protect them against malware and the isolation feather of the hypervisor can protect them from attacks. We add an access vector cache(AVC) between SS and PE in the guest OS,in order to speed up communication between the guest OS and the security domain. The policy enforcement module is retained in the guest OS for performance. The security of AVC and PE can be ensured by using a memory protection mechanism. The goal of protecting the OS kernel is to ensure the security of the execution path. We implementthe system by a modified Xen hypervisor. The result shows that we can secure the security of the access control system in the guest OS with no overhead compared with modules in the latter. Our system offers a centralized security policy for virtual domains in virtual machine environments.Keywords: hypervisor; virtualization; memo-展开更多
文摘Addressing transportation planning, operation and investment challenges requires increasingly sophisticated data and information management strategies. ITS (intelligent transportation systems) and CV (connected vehicle) technologies represent a new approach to capturing and using needed transportation data in real time or near real time. In the case of Michigan, several ITS programs have been launched successfully, but independently of each other. The objective of this research is to evaluate and assess all important factors that will influence the collection, management and use of ITS data, and recommend strategies to develop integrated, dynamic and adaptive data management systems for state transportation agencies.
基金supported in part by National Natural Science Foundation of China(NSFC)under Grant No.61100228 and 61202479the National High-tech R&D Program of China under Grant No.2012AA013101+1 种基金the Strategic Priority Research Program of the Chinese Academy of Sciences under Grant No.XDA06030601 and XDA06010701Open Found of Key Laboratory of IOT Application Technology of Universities in Yunnan Province Grant No.2015IOT03
文摘Recently,virtualization technologies have been widely used in industry.In order to monitor the security of target systems in virtualization environments,conventional methods usually put the security monitoring mechanism into the normal functionality of the target systems.However,these methods are either prone to be tempered by attackers or introduce considerable performance overhead for target systems.To address these problems,in this paper,we present a concurrent security monitoring method which decouples traditional serial mechanisms,including security event collector and analyzer,into two concurrent components.On one hand,we utilize the SIM framework to deploy the event collector into the target virtual machine.On the other hand,we combine the virtualization technology and multi-core technology to put the event analyzer into a trusted execution environment.To address the synchronization problem between these two concurrent components,we make use of Lamport's ring buffer algorithm.Based on the Xen hypervisor,we have implemented a prototype system named COMO.The experimental results show that COMO can monitor the security of the target virtual machine concurrently within a little performance overhead.
文摘In the era of Web2.0, AJAX as one of the core technology to provide asynchronous communication with the server's ability to solve most of the Web site to force the user to enter the "submit, wait for redisplay process, so that user from requestfreed response cycle, ultimately allows developers and designers to use standard HTML / CSS / JavaScript to create a "desktop style Web applications. According AJAX principles and characteristics, and the combination of educational administration and educational management system based on AJAX technology solutions.
文摘This paper describes control system network design and implementation of communication methods for automate warehouse management based on MFC, and the main features of VC6. 0 network communications programming and the method of implementation are discussed. Article described in detail the specific steps to achieve network communication for monitoring system, and gives the network communication process that combined with tile actual situation. Test results show that the system is stable and reliable.
基金supported by the National 973 Basic Research Program of China under grant No.2014CB340600the National Natural Science Foundation of China under grant No.61370230 and No.61662022+1 种基金Program for New Century Excellent Talents in University Under grant NCET-13-0241Natural Science Foundation of Huhei Province under Grant No.2016CFB371
文摘In traditional framework,mandatory access control(MAC) system and malicious software are run in kernel mode. Malicious software can stop MAC systems to be started and make it do invalid. This problem cannot be solved under the traditional framework if the operating system(OS) is comprised since malwares are running in ring 0 level. In this paper,we propose a novel way to use hypervisors to protect kernel integrity and the access control system in commodity operating systems. We separate the access control system into three parts: policy management(PM),security server(SS) and policy enforcement(PE). Policy management and the security server reside in the security domain to protect them against malware and the isolation feather of the hypervisor can protect them from attacks. We add an access vector cache(AVC) between SS and PE in the guest OS,in order to speed up communication between the guest OS and the security domain. The policy enforcement module is retained in the guest OS for performance. The security of AVC and PE can be ensured by using a memory protection mechanism. The goal of protecting the OS kernel is to ensure the security of the execution path. We implementthe system by a modified Xen hypervisor. The result shows that we can secure the security of the access control system in the guest OS with no overhead compared with modules in the latter. Our system offers a centralized security policy for virtual domains in virtual machine environments.Keywords: hypervisor; virtualization; memo-
